Microsoft Teams Cookbook

  • Buy Link or Shortcode: {j2store}408|cart{/j2store}
  • member rating overall impact (scale of 10): 8.8/10 Overall Impact
  • member rating average dollars saved: $6,299 Average $ Saved
  • member rating average days saved: 27 Average Days Saved
  • Parent Category Name: DR and Business Continuity
  • Parent Category Link: /business-continuity

Remote work calls for leveraging your Office 365 license to use Microsoft Teams – but IT is unsure about best practices for governance and permissions. Moreover, IT has few resources to help train end users with Teams best practices.

Our Advice

Critical Insight

Microsoft Teams is not a standalone app. Successful utilization of Teams occurs when conceived in the broader context of how it integrates with Office 365. Understanding how information flows between Teams, SharePoint Online, and OneDrive for Business, for instance, will aid governance with permissions, information storage, and file sharing.

Impact and Result

Use Info-Tech’s Microsoft Teams Cookbook to successfully implement and use Teams. This cookbook includes recipes for:

  • IT best practices concerning governance of the creation process and Teams rollout.
  • End-user best practices for Teams functionality and common use cases.

Microsoft Teams Cookbook Research & Tools

Start here – read the Executive Brief

Learn critical insights for an effective Teams rollout.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

  • Microsoft Teams Cookbook – Sections 1-2

1. Teams for IT

Understand best practices for governance of the Teams creation process and Teams rollout.

  • Microsoft Teams Cookbook – Section 1: Teams for IT

2. Teams for end users

Get end users on board with this series of how-tos and common use cases for Teams.

  • Microsoft Teams Cookbook – Section 2: Teams for End Users

[infographic]

 

Further reading

Microsoft Teams Cookbook

Recipes for best practices and use cases for Microsoft Teams.

Table of contents

Executive Brief

Section 1: Teams for IT

Section 2: Teams for End Users

Executive Summary

Situation

Remote work calls for leveraging your Office 365 license to utilize Teams – but IT is unsure about best practices for governance and permissions.

Without a framework or plan for governing the rollout of Teams, IT risks overlooking secure use of Teams, the phenomenon of “teams sprawl,” and not realizing how Teams integrates with Office 365 more broadly.

Complication

Teams needs to be rolled out quickly, but IT has few resources to help train end users with Teams best practices.

With teams, channels, chats, meetings, and live events to choose from, end users may get frustrated with lack of guidance on how to use Teams’ many capabilities.

Resolution

Use Info-Tech’s Microsoft Teams Cookbook to successfully implement and utilize Teams. This cookbook includes recipes for:

  • IT best practices concerning governance of the creation process and Teams rollout.
  • End-user best practices for Teams functionality and common use cases.

Key Insights

Teams is not a standalone app

Successful utilization of Teams occurs when conceived in the broader context of how it integrates with Office 365. Understanding how information flows between Teams, SharePoint Online, and OneDrive for Business, for instance, will aid governance with permissions, information storage, and file sharing.

IT should paint the first picture for team creation

No initial governance for team creation can lead to “teams sprawl.” While Teams was built to allow end users’ creativity to flow in creating teams and channels, this can create problems with a cluttered interface and keeping track of information. To prevent end-user dissatisfaction here, IT’s initial Teams rollout should offer a basic structure for end users to work with first, limiting early teams sprawl.

The Teams admin center can only take you so far with permissions

Knowing how Teams integrates with other Office 365 apps will help with rolling out sensitivity labels to protect important information being accidentally shared in Teams. Of course, technology only does so much – proper processes to train and hold people accountable for their actions with data sharing must be implemented, too.

Related Info-Tech Research

Establish a Communication and Collaboration System Strategy

Don’t waste your time deploying yet another collaboration tool that won’t get used.

Modernize Communication and Collaboration Infrastructure

Your legacy telephony infrastructure is dragging you down – modern communications and collaboration technology will dramatically improve productivity.

Migrate to Office 365 Now

One small step to cloud, one big leap to Office 365. The key is to look before you leap.

Section 1: Teams for IT

Governance best practices and use cases for IT

Section 1

Teams for IT

Section 2

Teams for end users

From determining prerequisites to engaging end users.

IT fundamentals
  • Creation process
  • Teams rollout
Use cases
  • Retain and search for legal/regulatory compliance
  • Add an external user to a team
  • Delete/archive a team

Overview: Creation process

IT needs to be prepared to manage other dependent services when rolling out Teams. See the figure below for how Teams integrates with these other Office 365 applications.

A flow chart outlining how Teams integrates with other Office 365 applications. Along the side are different applications, from the top: 'Teams client', 'OneDrive for Business', 'Sharepoint Online', 'Planner (Tasks for Teams)', 'Exchange Online', and 'Stream'. Along the top are services of 'Teams client', 'Files', 'Teams', 'Chat', 'Meeting', and 'Calls'.

Which Microsoft 365 license do I need to access Teams?

  • Microsoft 365 Business Essentials
  • Microsoft 365 Business Premium
  • Office 365 Enterprise, E1, E3, or E5
  • Office 365 Enterprise E4 (if purchased prior to its retirement)

Please note: To appeal to the majority of Info-Tech’s members, this blueprint refers to Teams in the context of Office 365 Enterprise licenses.

Assign admin roles

You will already have at least one global administrator from setting up Office 365.

Global administrators have almost unlimited access to settings and most of the data within the software, so Microsoft recommends having only two to four IT and business owners responsible for data and security.

Info-Tech Best Practice

Configure multifactor authentication for your dedicated Office 365 global administrator accounts and set up two-step verification.

Once you have organized your global administrators, you can designate your other administrators with “just-enough” access for managing Teams. There are four administrator roles:

Teams Service Administrator Manage the Teams service; manage and create Microsoft 365 groups.
Teams Communications Administrator Manage calling and meetings features with Teams.
Teams Communications Support Engineer Troubleshoot communications issues within Teams using the advanced troubleshooting toolset.
Teams Communications Support Specialist Troubleshoot communications issues using Call Analytics.

Prepare the network

There are three prerequisites before Teams can be rolled out:

  • UDP ports 3478 through 3481 are opened.
  • You have a verified domain for Office 365.
  • Office 365 has been rolled out, including Exchange Online and SharePoint Online.

Microsoft then recommends the following checklist to optimize your Teams utilization:

  • Optimize calls and performance using the Call Quality Dashboard.
  • Assess network requirements in the Network Planner in the Teams admin center.
  • Ensure all computers running Teams client can resolve external DNS queries.
  • Check adequate public IP addresses are assigned to the NAT pools to prevent port exhaustion.
  • Route to local or regional Microsoft data centers.
  • Whitelist all Office 365 URLs to move through security layers, especially IDS/IPS.
  • Split tunnel Teams traffic so it bypasses your organization’s VPN.

Info-Tech Best Practice

For online support and walkthroughs, utilize Advisor for Teams. This assistant can be found in the Teams admin center.

Team Creation

You can create and manage Teams through the Teams PowerShell module and the Teams admin center. Only the global administrator and Teams service administrator have full administrative capabilities in this center.

Governance over team creation intends to prevent “teams sprawl” – the phenomenon whereby end users create team upon team without guidance. This creates a disorganized interface, with issues over finding the correct team and sharing the right information.

Prevent teams sprawl by painting the first picture for end users:

  1. Decide what kind of team grouping would best fit your organization: by department or by project.
  2. Start with a small number of teams before letting end users’ creativity take over. This will prevent initial death by notifications and support adoption.
  3. Add people or groups to these teams. Assign multiple owners for each team in case people move around at the start of rollout or someone leaves the organization.
  4. Each team has a general channel that cannot be removed. Use it for sharing an overview of the team’s goals, onboarding, and announcements.

Info-Tech Best Practice

For smaller organizations that are project-driven, organize teams by projects. For larger organizations with established, siloed departments, organize by department; projects within departments can become channels.

Integrations with SharePoint Online

Teams does not integrate with SharePoint Server.

Governance of Teams is important because of how tightly it integrates with other Office 365 apps, including SharePoint Online.

A poor rollout of Teams will have ramifications in SharePoint. A good rollout will optimize these apps for the organization.

Teams and SharePoint integrate in the following ways:

  • Each team created in Teams automatically generates a SharePoint team site behind it. All documents and chat shared through a team are stored in that team’s SharePoint document library.
  • As such, all files shared through Teams are subject to SharePoint permissions.
  • Existing SharePoint folders can be tied to a team without needing to create a new one.
  • If governance over resource sharing in Teams is poor, information can get lost, duplicated, or cluttered throughout both Teams and SharePoint.

Info-Tech Best Practice

End users should be encouraged to integrate their teams and channels with existing SharePoint folders and, where no folder exists, to create one in SharePoint first before then attaching a team to it.

Permissions

Within the Teams admin center, the global or Teams service administrator can manage Teams policies.

Typical Teams policies requiring governance include:

  • The extent end users can discover or create private teams or channels
  • Messaging policies
  • Third-party app use

Chosen policies can be either applied globally or assigned to specific users.

Info-Tech Best Practice

If organizations need to share sensitive information within the bounds of a certain group, private channels help protect this data. However, inviting users into that channel will enable them to see all shared history.

External and guest access

Within the security and compliance center, the global or Teams service administrator can set external and guest access.

External access (federation) – turned on by default.

  • Lets you find, call, and chat with users in other domains. External users will have no access to the organization’s teams or team resources.

Guest access – turned off by default.

  • Lets you add individual users with their own email address. You do this when you want external users to access teams and team resources. Approved guests will be added to the organization’s active directory.

If guest access is enabled, it is subject to Azure AD and Office 365 licensing and service limits. Guests will have no access to the following, which cannot be changed:

  • OneDrive for Business
  • An organization’s calendar/meetings
  • PSTN
  • Organization’s hierarchical chart
  • The ability to create, revise, or browse a team
  • Upload files to one-on-one chat

Info-Tech Best Practice

Within the security and compliance center, you can allow users to add sensitivity labels to their teams that can prevent external and guest access.

Expiration and archiving

To reduce the number of unused teams and channels, or delete information permanently, the global or Teams service administrator can implement an Office 365 group expiration and archiving policy through the Teams admin center.

If a team has an expiration policy applied to it, the team owner will receive a notification for team renewal 30 days, 15 days, and 1 day before the expiry date. They can renew their team at any point within this time.

  • To prevent accidental deletion, auto-renewal is enabled for a team. If the team owner is unable to manually respond, any team that has one channel visit from a team member before expiry is automatically renewed.
  • A deleted Office 365 group is retained for 30 days and can be restored at any point within this time.

Alternatively, teams and their channels (including private) can be archived. This will mean that all activity for the team ceases. However, you can still add, remove, and update roles of the members.

Retention and data loss prevention

Retention policies can be created and managed in the Microsoft 365 Compliance Center or the security and compliance center PowerShell cmdlets. This can be applied globally or to specific users.

By default, information shared through Teams is retained forever.

However, setting up retention policies ensures data is retained for a specified time regardless of what happens to that data within Teams (e.g. user deletes).

Info-Tech Best Practice

To prevent external or guest users accessing and deleting sensitive data, Teams is able to block this content when shared by internal users. Ensure this is configured appropriately in your organization:

  • For guest access in teams and channels
  • For external access in meetings and chat

Please note the following limitations of Teams’ retention and data loss prevention:

  • Organization-wide retention policies will need to be manually inputted into Teams. This is because Teams requires a retention policy that is independent of other workloads.
  • As of May 2020, retention policies apply to all information in Teams except private channel messages. Files shared in private channels, though, are subject to retention policies.
  • Teams does not support advanced retention settings, such as a policy that pertains to specific keywords or sensitive information.
  • It will take three to seven days to permanently delete expired messages.

Teams telephony

Teams has built-in functionality to call any team member within the organization through VoIP.

However, Teams does not automatically connect to the PSTN, meaning that calling or receiving calls from external users is not immediately possible.

Bridging VoIP calls with the PSTN through Teams is available as an add-on that can be attached to an E3 license or as part of an E5 license.

There are two options to enable this capability:

  • Enable Phone System. This allows for call control and PBX capabilities in Office 365.
  • Use direct routing. You can use an existing PSTN connection via a Session Border Controller that links with Teams (Amaxra).

Steps to implement Teams telephony:

  1. Ensure Phone System and required (non-Microsoft-related) services are available in your country or region.
  2. Purchase and assign Phone System and Calling Plan licenses. If Calling Plans are not available in your country or region, Microsoft recommends using Direct Routing.
  3. Get phone numbers and/or service numbers. There are three ways to do this:
    • Get new numbers through the Teams admin center.
    • If you cannot get new numbers through the Teams admin center, you can request new numbers from Microsoft directly.
    • Port or transfer existing numbers. To do this, you need to send Microsoft a letter of authorization, giving them permission to request and transfer existing numbers on your behalf.
  4. To enable service numbers, including toll-free numbers, Microsoft recommends setting up Communications Credits for your Calling Plans and Audio Conferencing.

Overview: Teams rollout

  1. From Skype (and Slack) to Teams
  2. Gain stakeholder purchase
  3. Employ a phased deployment
  4. Engage end users

Skype for Business is being retired; Microsoft offers a range of transitions to Teams.

Combine the best transition mode with Info-Tech’s adoption best practices to successfully onboard and socialize Teams.

From Skype to Teams

Skype for Business Online will be retired on July 31, 2021. Choose from the options below to see which transition mode is right for your organization.

Skype for Business On-Premises will be retired in 2024. To upgrade to Teams, first configure hybrid connectivity to Skype for Business Online.

Islands mode (default)

  • Skype for Business and Teams coexist while Teams is rolled out.
  • Recommended for phased rollouts or when Teams is ready to use for chat, calling, and meetings.
  • Interoperability is limited. Teams and Skype for Business only transfer information if an internal Teams user sends communications to an external Skype for Business user.

Teams only mode (final)

  • All capabilities are enabled in Teams and Skype for Business is disabled.
  • Recommended when end users are ready to switch fully to Teams.
  • End users may retain Skype for Business to join meetings with non-upgraded or external parties. However, this communication is only initiated from the Skype for Business external user.

Collaboration first mode

  • Skype for Business and Teams coexist, but only Teams’ collaboration capabilities are enabled. Teams communications capabilities are turned off.
  • Recommended to leverage Skype for Business communications yet utilize Teams for collaboration.

Meetings first mode

  • Skype for Business and Teams coexist, but only Teams’ meetings capabilities are enabled.
  • Recommended for organizations that want to leverage their Skype for Business On-Premises’ Enterprise Voice capability but want to benefit from Teams’ meetings through VoIP.

From Slack to Teams

The more that’s left behind in Slack, the easier the transition. As a prerequisite, pull together the following information:

  • Usage statistics of Slack workspaces and channels
  • What apps end users utilize in Slack
  • What message history you want to export
  • A list of users whose Slack accounts can map on to required Microsoft accounts
Test content migration

Your Slack service plan will determine what you can and can’t migrate. By default, public channels content can be exported. However, private channels may not be exportable, and a third-party app is needed to migrate Direct Messages.

Files migration

Once you have set up your teams and channels in Teams, you can programmatically copy files from Slack into the target Teams channel.

Apps migration

Once you have a list of apps and their configurations used in Slack’s workspaces, you can search in Teams’ app store to see if they’re available for Teams.

User identity migration

Slack user identities may not map onto a Microsoft account. This will cause migration issues, such as problems with exporting text content posted by that user.

Follow the migration steps to the right.

Importantly, determine which Slack workspaces and channels should become teams and channels within Teams.

Usage statistics from Slack can help pinpoint which workspaces and channels are redundant.

This will help IT paint an ordered first picture for new Teams end users.

  1. Create teams and channels in Teams
  2. Copy files into Teams
  3. Install apps, configure Office 365 Connecters
  4. Import Slack history
  5. Disable Slack user accounts

Info-Tech Best Practice

Avoid data-handling violations. Determine what privacy and compliance regulations (if any) apply to the handling, storage, and processing of data during this migration.

Gain stakeholder purchase

Change management is a challenging aspect of implementing a new collaboration tool. Creating a communication and adoption plan is crucial to achieving universal buy-in for Teams.

To start, define SMART objectives and create a goals cascade.

Specific Measurable Actionable Realistic Time Bound
Make sure the objective is clear and detailed. Objectives are `measurable` if there are specific metrics assigned to measure success. Metrics should be objective. Objectives become actionable when specific initiatives designed to achieve the objective are identified. Objectives must be achievable given your current resources or known available resources. An objective without a timeline can be put off indefinitely. Furthermore, measuring success is challenging without a timeline.
Who, what, where, why? How will you measure the extent to which the goal is met? What is the action-oriented verb? Is this within my capabilities? By when: deadline, frequency?

Sample list of stakeholder-specific benefits from improving collaboration

Stakeholder Driver Benefits
Senior Leadership Resource optimization Increased transparency into IT operational costs.
Better ability to forecast hardware, resourcing costs.
All employees Increasing productivity Apps deployed faster.
Issues fixed faster.
Easier access to files.
Able to work more easily offsite.
LBU-HR, legal, finance Mitigating risk Better able to verify compliance with external regulations.
Better understanding of IT risks.
Service desk Resource optimization Able to resolve issues faster.
Fewer issues stemming from updates.
Tier 2 Increasing productivity Less time spent on routine maintenance.

Use these activities to define what pain points stakeholders face and how Teams can directly mitigate those pain points.

(Source: Rationalize Your Collaboration Tools (coming soon), Activities: 3.1C – 3.1D)

Employ a phased deployment

Info-Tech Best Practice

Deploy Teams over a series of phases. As such, if you are already using Skype for Business, choose one of the coexistence phases to start.

    1. Identify and pilot Teams with early adopters that will become your champions. These champions should be formally trained, be encouraged to help and train their colleagues, and be positively reinforced for their efforts.
    2. Iron out bugs identified with the pilot group and train middle management. Enterprise collaboration tool adoption is strongly correlated with leadership adoption.
      1. Top-level management
        Control and direct overall organization.
      2. Middle management
        Execute top-level management’s plans in accordance with organization’s norms.
      3. First-level management
        Execute day-to-day activities.
    3. Use Info-Tech’s one-pager marketing template to advertise the new tool to stakeholders. Highlight how the new tool addresses specific pain points. Address questions stemming from fear and uncertainty to avoid employees’ embarrassment or their rejection of the tool.
A screenshot of Info-Tech's one-pager marketing template.
  1. Extend the pilot to other departments and continue this process for the whole organization.

(Source: Rationalize Your Collaboration Tools (coming soon), Tools:GANTT Chart and Marketing Materials, Activities: 3.2A – 3.2B)

Info-Tech Insight

Be in control of setting and maintaining expectations. Aligning expectations with reality and the needs of employees will lower onboarding resistance.

Engage end users

Short-term best practices

Launch day:
  • Hold a “lunch and learn” targeted training session to walk end users through common use cases.
  • Open a booth or virtual session (through Teams!) and have tool representatives available to answer questions.
  • Create a game to get users exploring the new tool – from scavenger hunts to bingo.
Launch week:
  • Offer incentives for using the tool and helping others, including small gift cards.
  • Publicize achievements if departments hit adoption milestones.

Long-term best practices

  • Make available additional training past launch week. End users should keep learning new features to improve familiarity.
  • Distribute frequent training clips, slowly exposing end users to more complex ways of utilizing Teams.
  • Continue to positively reinforce and recognize those who use Teams well. This could be celebrating those that help others use the tool, how active certain users are, and attendance at learning events.

Info-Tech Best Practice

Microsoft has a range of training support that can be utilized. From instructor-led training to “Coffee in the Cloud” sessions, leverage all the support you can.

Use case #1: Retain and search data for legal/regulatory compliance

Scenario:

Your organization requires you to retain data and documents for a certain period of time; however, after this period, your organization wishes to delete or archive the data instead of maintaining it indefinitely. Within the timeframe of the retention policy, the admin may be asked to retrieve information that has been requested through a legal channel.

Purpose:
  • Maintain compliance with the legal and regulatory standards to which the organization is subject.
Jobs:
  • Ensure the data is retained for the approved time period.
  • Ensure the policy applies to all relevant data and users.
Solution: Retention Policies
  • Ensure that your organization has an Office 365 E3 or higher license.
  • Set the desired retention policy through the Security & Compliance Center or PowerShell by deciding which teams, channels, chats, and users the policies will apply to and what will happen once the retention period ends.
  • Ensure that matching retention policies are applied to SharePoint and OneDrive, since this is where files shared in Teams are stored.
  • Be aware that Teams retention policies cannot be applied to messages in private channels.
Solution: e-Discovery
  • If legally necessary, place users or Teams on legal hold in order to retain data that would be otherwise deleted by your organization’s retention policies.
  • Perform e-discovery on Teams messages, files, and summaries of meetings and calls through the Security & Compliance Center.
  • See Microsoft’s chart on the next slide for what is e-discoverable.

Content subject to e-discovery

Content type eDiscoverable Notes
Teams chat messages Yes Chat messages from chats where guest users are the only participants in a 1:1 or 1:N chat are not e-discoverable.
Audio recordings No  
Private channel messages Yes  
Emojis, GIFs, stickers Yes  
Code snippets No  
Chat links Yes  
Reactions (likes, hearts, etc) No  
Edited messages Yes If the user is on hold, previous versions of edited messages are preserved.
Inline images Yes  
Tables Yes  
Subject Yes  
Quotes Yes Quoted content is searchable. However, search results don’t indicate that the content was quoted.
Name of channel No  

E-discovery does not capture audio messages and read receipts in MS Teams.

Since files shared in private channels are stored separately from the rest of a team, follow Microsoft’s directions for how to include private channels in e-discovery. (Source: “Conduct an eDiscovery investigation of content in Microsoft Teams,” Microsoft, 2020.)

Use case #2: Add external person to a team

Scenario:

A team in your organization needs to work in an ongoing way with someone external to the company. This user needs access to the relevant team’s work environment, but they should not be privy to the goings-on in the other parts of the organization.

Jobs:

This external person needs to be able to:

  • Attend meetings
  • Join calls
  • Chat with individual team members
  • View and collaborate on the team’s files
Solution:
  • If necessary, set a data loss prevention policy to prevent your users from sharing certain types of information or files with external users present in your organization’s Teams chats and public channels.
  • Ensure that your Microsoft license includes DLP protection. However:
    • DLP cannot be applied to private channel messages.
    • DLP cannot block messages from external Skype for Business users nor external users who are not in “Teams only” mode.
  • Ensure that you have a team set up for the project that you wish the external user to join. The external user will be able to see all the channels in this team, unless you create a private channel they are restricted from.
  • Complete Microsoft’s “Guest Access Checklist” to enable guest access in Teams, if it isn’t already enabled.
  • As admin, give the external user guest access through the Teams admin center or Azure AD B2B collaboration. (If given permission, team owners can also add guests through the Teams client).
  • Decide whether to set a policy to monitor and audit external user activity.

Use case #3: Delete/archive a team

Scenario:

In order to avoid teams sprawl, organizations may want IT to periodically delete or archive unused teams within the Teams client in order to improve the user interface.

Alternately, if you are using a project-based approach to organizing Teams, you may wish to formalize a process to archive a team once the project is complete.

Delete:
  • Determine if the team owner anticipates the team will need to be restored one day.
  • Ensure that deletion does not contradict the organization’s retention policy.
  • If not, proceed with deletion. Find the team in the Teams admin center and delete.
  • Restore a deleted team within 30 days of its initial deletion through PowerShell.
Archive:
  • Determine if the team owner anticipates the team will need to be restored one day.
  • Find the relevant team in the Teams admin center and change its status to “Archived.”
  • Restore the archived team if the workspace becomes relevant once again.

Info-Tech Best Practice

Remind end users that they can hide teams or channels they do not wish to see in their Teams interface. Knowing a team can be hidden may impact a team owner’s decision to delete it.

Section 2: Teams for End Users

Best practices for utilizing teams, channels, chat, meetings, and live events

Section 1

Teams for IT

Section 2

Teams for end users

From Teams how-tos to common use cases for end users.

End user basics
  • Teams, channels, and chat
  • Meetings and live events
Common use cases: Workspaces
  • WS#1: Departments
  • WS#2: A cross-functional committee
  • WS#3: An innovation day event
  • WS#4: A non-work-related social event
  • WS#5: A project team with a defined end time
Common use cases: Meetings
  • M#1: Job interview with an external candidate
  • M#2: Quarterly board meeting
  • M#3: Weekly recurring team meeting
  • M#4: Morning stand-up/scrum
  • M#5: Phone call between two people

Overview: Teams, channels, and chat

Teams

  • Team: A workspace for a group of collaborative individuals.
    • Public channel: A focused area where all members of a team can meet, communicate, and share ideas and content.
    • Private channel: Like a public channel but restricted to a subset of team members, defined by channel owner.

Chat

  • Chat: Two or more users collected into a common conversation thread.
(Source: “Overview of teams and channels in Microsoft Teams,” Microsoft, 2020.)

For any Microsoft Teams newcomer, the differences between teams, channels, and chat can be confusing.

Use Microsoft’s figure (left) to see how these three mediums differ in their role and function.

Best practices: Workspaces 1/2

  Team
A workspace for a group of collaborative individuals.
Public Channel
A focused area where all members of a team can meet, communicate, and share ideas and content.
Private Channel
Like a public channel but restricted to a subset of team members, defined by channel owner.
Group Chat
Two or more users collected into a common conversation thread.
Limits and Administrative Control
Who can create? Default setting: All users in an organization can create a team

Maximum 500,000 teams per tenant

Any member of a team can create a public channel within the team

Maximum 200 public channels per team

Any member of a team can create a private channel and define its members

Maximum 30 private channels per team

Anyone
Who can add members? Team owner(s); max 5,000 members per team N/A Channel owner(s) can add up to 250 members Anyone can bring new members into the chat (and decide if they can see the previous history) up to 100 members
Who can delete? Team owner/admin can delete Any team member Channel owner(s) Anyone can leave a chat but cannot delete chat, but they are never effectively deleted
Social Context
Who can see it? Public teams are indexed and searchable

Private teams are not indexed and are visible only to joined members

All members of the team can see all public channels. Channels may be hidden from view for the purposes of cleaning up the UI. Individuals will only see private channels for which they have membership Only participants in the group chat can see the group chat
Who can see the content? Team members can see any content that is not otherwise part of a private channel All team members All members of the private channel Only members of the group chat

When does a Group Chat become a Channel?

  • When it’s appropriate for the conversation to have a gallery – an audience of members who may not be actively participating in the discussion.
  • When control over who joins the conversation needs to be centrally governed and not left up to anyone in the discussion.
  • When the discussion will persist over a longer time period.
  • When the number of participants approaches 100.

When does a Channel become a Team?

  • When a team approaches 30 private channels, many of those private channels are likely candidates to become their own team.
  • When the channel membership needs to extend beyond the boundary of the team membership.

Best practices: Workspaces 2/2

  Team
A workspace for a group of collaborative individuals.
Public Channel
A focused area where all members of a team can meet, communicate, and share ideas and content.
Private Channel
Like a public channel but restricted to a subset of team members, defined by channel owner.
Group Chat
Two or more users collected into a common conversation thread.
Data and Applications
Where does the content live? SharePoint: Every team resides in its own SharePoint site SharePoint: Each team (public and private) has its own folder off the root of the SharePoint site’s repository SharePoint: Each team (public and private) has its own folder off the root of the SharePoint site’s repository OneDrive: Files that are shared in a chat are stored in the OneDrive folder of the original poster and shared to the other members
How does the data persist or be retained? If a team expires/is deleted, its corresponding SharePoint site and those artifacts are also deleted Available for 21 days after deletion. Any member of the team can delete a public channel. The team owner and private channel owner can delete/restore a private channel Chats are never effectively deleted. They can be hidden to clean up the user interface.
Video N/A Yes, select “Meet now” in channel below text entry box Yes, select “Meet now” in channel below text entry box Yes
Phone calls N/A Yes, select “Meet now” in channel below text entry box Yes, select “Meet now” in channel below text entry box Yes
Shared computer audio/screen N/A Yes, select “Meet now” in channel below text entry box Yes, select “Meet now” in channel below text entry box Yes
File-sharing Within channels Yes. Frequently used/collaborated files can be turned into discrete tab. Yes. Frequently used/collaborated files can be turned into discrete tab. Yes
Wikis Within channels Yes Yes No
Whiteboarding No No No No

When does a Team become a Channel?

  • When a team’s purpose for existing can logically be subsumed by another team that has a larger scope.

When does a Channel become a Group Chat?

  • When a conversation within a channel between select users does not pertain to that channel’s scope (or any other existing channel), they should move the conversation to a group chat.
  • However, this is until that group chat desires to form a channel of its own.

Create a new team

Team owner: The person who creates the team. It is possible for the team owner to then invite other members of the team to become co-owners to distribute administrative responsibilities.

Team members: People who have accepted their invitation to be a part of the team.

NB: Your organization can control who has permission to set up a team. If you can’t set a up a team, contact your IT department.

Screenshots detailing how to create a new team in Microsoft Teams, steps 1 to 3. Step 1: 'Click the <Teams data-verified= tab on the left-hand side of the app'. Step 2: 'At the bottom of the app, click '. Step 3: 'Under the banner , click '.">

Create a new team

Screenshot detailing how to create a new team in Microsoft Teams, the step 4 starting point with an arrow pointing to the 'Build a team from scratch' button.

Decide from these two options:

  • Building a team from scratch, which will create a new group with no prior history imported (steps 4.1–4.3).
  • Creating a team from an existing group in Office 365, including an already existing team (steps 4.4–4.6).

NB: You cannot create a team from an existing group if:

  • That group has 5,000 members or more.
  • That group is in Yammer.

Screenshot detailing how to create a new team in Microsoft Teams, step 4.1. There are buttons for 'Private' and 'Public'.

Decide if you want you new team from scratch to be private or public. If you set up a private team, any internal or external user you invite into the team will have access to all team history and files shared.

Screenshot detailing how to create a new team in Microsoft Teams, step 4.2 and 4.3. 4.2 has a space to give your team a name and another for a description. 4.3 says 'Then click <Create data-verified='.">

Create a new team

Screenshot detailing how to create a new team in Microsoft Teams, the step 4 starting point with an arrow pointing to the 'Create from...' button.

Decide from these two options:

  • Building a team from scratch, which will create a new group with no prior history imported (steps 4.1–4.3).
  • Creating a team from an existing group in Office 365, including an already existing team (steps 4.4–4.6).

NB: You cannot create a team from an existing group if:

  • That group has 5,000 members or more.
  • That group is in Yammer.

Screenshot detailing how to create a new team in Microsoft Teams, step 4.4. It reads 'Create a new team from something you already own' with a button for 'Team'.

Configure your new team settings, including privacy, apps, tabs, and members.

Screenshot detailing how to create a new team in Microsoft Teams, step 4.5 and 4.6. 4.5 has a space to give your team a name, a description, choose privacy settings, and what you'd like to include from the original team. 4.6 says 'Then click <Create data-verified='.">

Add team members

Remove team members

Screenshot detailing how to add team members in Microsoft Teams, step 1.

To add a team member, on the right-hand side of the team name, click “More options.”

Then, from the drop-down menu, click “Add member.”

Screenshot detailing how to remove team members in Microsoft Teams, step 1.

Only team owners can remove a team member. To do so, on the right-hand side of the team name, click “More options.”

Then, from the drop-down menu, click “Manage team.”

Screenshot detailing how to add team members in Microsoft Teams, step 2.

If you’re a team owner, you can then type a name or an email address to add another member to the team.

If you’re a team member, typing a name or an email address will send a request to the team owner to consider adding the member.

Screenshot detailing how to remove team members in Microsoft Teams, step 2.

Under the “Members” tab, you’ll see a list of the members in the team. Click the “X” at the far right of the member’s name to remove them.

Team owners can only be removed if they change their role to team member first.

Create a new channel

Screenshot detailing how to create a new channel in Microsoft Teams, step 1.

On the right-hand side of the team name, click “More options.”

Then, from the drop-down menu, click “Add channel.”

Screenshot detailing how to create a new channel in Microsoft Teams, step 2.

Name your channel, give a description, and set your channel’s privacy.

Screenshot detailing how to create a new channel in Microsoft Teams, step 3.

To manage subsequent permissions, on the right-hand side of the channel name, click “More options.”

Then, from the drop-down menu, click “Manage channel.”

Adding and removing members from channels:

Only members in a team can see that team’s channels. Setting channel privacy as “standard” means that the channel can be accessed by anyone in a team. Unless privacy settings for a channel are set as “private” (from which the channel creator can choose who can be in that channel), there is no current way to remove members from channels.

It will be up to the end user to decide which channels they want to hide.

Link team/channel to SharePoint folder

Screenshot detailing how to link a team or channel to a SharePoint folder in Microsoft Teams, steps 1, 2, and 3. Step 1: 'Along the top of the team/channel tab bar, click the “+” symbol'. Step 2: 'Select “Document Library” to link the team/channel to a SharePoint folder'. Step 3: 'Copy and paste the SharePoint URL for the desired folder, or search in “Relevant sites” if the folder can be found there'.

Need to find the SharePoint URL?

Screenshot detailing how to find the SharePoint URL in Microsoft Teams. 'Locate the folder in SharePoint and click <Show actions data-verified=', 'Click to access the folder's SharePoint URL.'">

Hide/unhide teams

Hide/unhide channels

Screenshot detailing how to hide and unhide teams in Microsoft Teams, step 1.

To hide a team, on the right-hand side of the team name, click “More options.”

Then, from the drop-down menu, click “Hide.” Hidden teams are moved to the “hidden teams” menu at the bottom of your team list.

Screenshot detailing how to hide and unhide channels in Microsoft Teams, step 1.

To hide a channel, on the right-hand side of the channel name, click “More options.”

Then, from the drop-down menu, click “Hide.” Hidden channels are moved to the “hidden channels” menu at the bottom of your channel list in that team.

Screenshot detailing how to hide and unhide teams in Microsoft Teams, step 2. Screenshot of a button that says 'Hidden teams'.

To unhide a team, click on the “hidden teams” menu. On the right-hand side of the team name, click “More options.”

Then, from the drop-down menu, click “Show.”

Screenshot detailing how to hide and unhide channels in Microsoft Teams, step 2.

To unhide a channel, click on the “hidden channels” menu at the bottom of the team. This will produce a drop-down menu of all hidden channels in that team.

Hover over the channel you want to unhide and click “Show.”

Find/join teams

Leave teams

Screenshot detailing how to find and join teams in Microsoft Teams, step 1. Click the “Teams” tab on the left-hand side of the app. Screenshot detailing how to find and join teams in Microsoft Teams, step 2.

At the bottom of the app, click “Join or create a team.” Teams will then suggest a range of teams that you might be looking for. You can join public teams immediately. You will have to request approval to join a private team.

Screenshot detailing how to leave teams in Microsoft Teams.

To leave a team, on the right-hand side of the team name, click “More options.”

Then, from the drop-down menu, click “Leave the team.”

NB: If the owner of a private team has switched off discoverability, you will have to contact that owner to join that team. Screenshot detailing how to find and join teams in Microsoft Teams, step 3. If you can’t immediately see the team, you have two options: either search for the team or enter that team’s code under the banner “Join a team with a code.” Can I find a channel?

No. To join a channel, you need to first join the team that channel belongs to.

Can I leave a channel?

No. The most you can do is hide the channel. By default, if you join a team you will have access to all the channels within that team (unless a channel is private, in which case you’ll have to request access to that channel).

Create a chat

Screenshots detailing how to create a chat in Microsoft Teams, steps 1 to 5. Step 1:'Click the “Chat” tab on the left hand side of the app (or keyboard shortcut Ctrl+N)'. Step 2: 'Search the name of the person you want to chat with'. Step 3: 'You’re now ready to start the chat! You can also send a chat message while working in a separate channel by typing/chat into the search bar and entering the recipient’s name'. Step 4: 'For group chat, click the “Add people” button in the top right hand corner of the app to add other persons into the existing chat'. Step 5: 'You can then rename the group chat (if there are 3+ people) by clicking the “Name group chat” option to the right of the group chat members’ names'.

Hide a chat

Unhide a chat

Screenshots detailing how to hide a chat in Microsoft Teams, steps 1 to 3. Step 1:'Click the “Chat” tab on the left-hand side of the app'. Step 2: 'Search the name of the chat or group chat that you want to hide'. Step 3: In either 'Single person chat options' or 'Group chat options' Click “More options.” Then click “Hide.”' To unhide a chat, search for the hidden person or name of the group chat in the search bar. Click “More options.” Then click “Unhide.” Screenshot detailing how to unhide a chat in Microsoft Teams.

Leave a chat

You can only leave group chats. To do so, click “More options.” Then click “Leave.” Screenshot detailing how to leave a chat in Microsoft Teams.

Overview: Meetings and live events

Teams Meetings: Real-time communication and collaboration between a group, limited to 250 people.

Teams Live Events: designed for presentations and webinars to a large audience of up to 10,000 people, in which attendees watch rather than interact.

 

Office 365 and Microsoft 365 Licenses

I want to: F1 F3 E1 E3 E5 Audio conferencing add-on
Join a Teams meeting No license required. Any email address can participate in a Teams meeting.
Attend a Teams meeting with a dial-in phone number No license required. Any phone number can dial into a Teams meeting. (Meeting organizers need to have an Audio Conferencing add-on license to send an invite that includes dial-in conferencing.)
Attend a Teams live event No license required. Any phone number can dial into a Teams live event.
Create a Teams meeting for up to 250 attendees   One of these licensing plans
Create a Teams meeting for up to 250 attendees with a dial-in phone number   One of these licensing plans + Audio Conferencing (Meeting organizers need to have an Audio Conferencing add-on license to send an invite that includes dial-in conferencing.)
Create a Teams live event for up to 10,000 attendees     One of these licensing plans
Dial out from a Teams meeting to add someone at their Call me at number   One of these licensing plans + Audio Conferencing (Meeting dial out to a Call me at number requires organizers to have an E5 or Audio Conference add-in license. A dial plan may also be needed.)

Depending on the use case, end users will have to determine whether they need to hold a meeting or a live event.

Use Microsoft’s table (left) to see what license your organization needs to perform meetings and live events.

(Source: “Admin quick start – Meetings and live events in Microsoft Teams,” Microsoft, 2020.)

Best practices: Meetings

  Ad Hoc Call
Direct audio/video call
Scheduled Meeting Live Event
Limits and Administrative Control
Who can create? Anyone Anyone Anyone, unless altered by admin (permission to create MS Stream events also required if external production tools are used).
Who can add members? Anyone in the session. The meeting organizer can add new attendees to the meeting. The event creator (the “organizer”) sets attendee permissions and assigns event group roles (“producer” and “presenter”).
Can external stakeholders attend? Yes, through email invite. However, collaboration tools are restricted. Yes, through email invite. However, collaboration tools are restricted. Public events: yes, through shared invite link.
Org-wide event: yes, if guest/external access granted.
Who can delete? Anyone can leave the session. There is no artifact to delete. The meeting organizer Any attendee can leave the session.
The organizer can cancel the event.
Maximum attendees 100 250 10,000 attendees and 10 active presenters/producers (250 presenters and producers can be present at the event).
Social Context
How does the request come in? Unscheduled.
Notification of an incoming audio or video call.
Scheduled.
Meeting invite, populated in the calendar, at a scheduled time.
Meeting only auto-populated in event group’s calendars. Organizer must circulate event invite link to attendees – for instance, by pasting link into an Outlook meeting invite.
Available Functionality
Screen-sharing Yes Yes Producers and Presenters (through Teams, no third-party app).
Whiteboard No Yes Yes
OneNote (for minutes) Yes (from a member’s OneDrive) Yes, part of the meeting construct. No. A Meeting Notes tab is available instead.
Dedicated chat space Yes. Derived from a group chat. Meeting has its own chat room. The organizer can set up a moderated Q&A (not chat) when creating the event. Only Presenters and Producers can chat.
Recording Yes Yes Yes. Event can last up to 4 hours.

When should an Ad Hoc Call become a Scheduled Meeting?

  • When the participants need time to prepare content for the call.
  • When an answer is not required immediately.
  • When bringing a group of people together requires logistical organizing.

When should a Scheduled Meeting become an Ad Hoc Call?

  • When the participants can meet on short notice.
  • When a topic under discussion requires creating alignment quickly.

When should a Live Event be created?

  • When the expected attendance exceeds 250 people.
  • If the event does not require collaboration and is mostly a presenter conveying information.

Create a scheduled meeting

Screenshots detailing how to create a scheduled meeting in Microsoft Teams, steps 1 to 4. Step 1:'Click the “Calendar” tab on the left-hand side of the app'. Step 2: 'On the top-right of the app, click the drop-down menu for “+ New meeting” and then “Schedule meeting.”' Step 3: 'Fill in the meeting details. When inputting internal attendees, their names will drop down without needing their email. You will need to input email addresses for external attendees'. Step 4: 'To determine internal attendees’ availability, click “Scheduling assistant” on the top left. Then click “Save” to create the meeting'.

Create an ad hoc meeting

Screenshots detailing how to create an ad hoc meeting in Microsoft Teams, steps 1 to 4. Step 1:'Click the “Calendar” tab on the left-hand side of the app'. Step 2: 'Along the top-right, click “Meet now.”' Step 3: 'Name your meeting, choose your audio and video settings, and click “Join now.”'. Step 4: 'To determine internal attendees’ availability, click “Scheduling assistant” on the top left. Then click “Save” to create the meeting. You’ll then be prompted to fill in the meeting details. When inputting internal attendees, their names will drop down without needing their email. You will need to input email addresses for external attendees'.

Tip: Use existing channels to host the chatrooms for your online meetings

When you host a meeting online with Microsoft Teams, there will always be a chatroom associated with the meeting. While this is a great place for meeting participants to interact, there is one particular downside.

Problem: The never-ending chat. Often the activity in these chatrooms can persist long after the meeting. The chatroom itself becomes, unofficially, a channel. When end users can’t keep up with the deluge of communication, the tools have failed them.

Solution: Adding an existing channel to the meeting. This ensures that discussion activity is already hosted in the appropriate venue for the group, during and after the meeting. Furthermore, it provides non-attendees with a means to catch up on the discussion they have missed.

In section two of this cookbook, we will often refer to this tactic.

A screenshot detailing how to add an existing channel to a meeting in Microsoft Teams. 'Break the habit of online booking meetings in Outlook – use the Teams Calendar View instead! In order to make use of this function, the meeting must be setup in Microsoft Teams, not Microsoft Outlook. The option to assign a channel to the meeting will then be available to the meeting organizer.'

Don’t have a channel for the chat session of your online meeting? Perhaps you should!

If your meeting is with a group of individuals that will be collaborating frequently, they may need a workspace that persists beyond the meeting.

Guests can still attend the meeting, but they can’t chat!

If there are attendees in your meeting that do not have access to the channel you select to host the chat, they will not see the chat discussion nor have any ability to use this function.

This may be appropriate in some cases – for example, a vendor providing a briefing as part of a regular team meeting.

However, if there are attendees outside the channel membership that need to see the meeting chat, consider another channel or simply default to not assigning one.

Meeting settings explained

Show device settings. For settings concerning audio, video, and whether viewing is private.

Show meeting notes. Use to take notes throughout the meeting. The notes will stay attached to this event.

Show meeting details. Find meeting information for: a dial-in number, conference ID, and link to join.

Enter full screen.

Show background effects. Choose from a range of video backgrounds to hide/blur your location.

Turn on the captions (preview). Turn on live speech-to-text captions.

Keypad. For dialing a number within the meeting (when enabled as an add-on with E3 or as part of E5).

Start recording. Recorded and saved using Microsoft Stream.

End meeting.

Turn off incoming video. To save network bandwidth, you can decline receiving attendee’s video.

Click “More options” to access the meetings settings.

Screen share. In the tool tray, select “Share” to share your screen. Select particular applications if you only want to share certain information; otherwise, you can share your whole desktop.

System audio share. To share your device’s audio while screen sharing, checkbox the “Include system audio” option upon clicking “Share.”

If you didn’t click that option at the start but now want to share audio during screen share, click the “Include systems audio” option in the tool tray along the top of the screen.

Give/take control of screen share. To give control, click “Give control” in the tool tray along the top of the screen when sharing content. Choose from the drop-down who you would like to give control to. In the same spot, click “Take back control” when required.

To request control, click “Request control” in the same space when viewing someone sharing their content. Click “Release control” once finished.

Start whiteboarding

  1. You’ll first need to enable Microsoft Whiteboard in the Microsoft 365 admin center. Ask your relevant admin to do so if Whiteboard is not already enabled.
  2. Once enabled, click “Share” in a meeting. This feature only appears if you have 3+ participants in the meeting.
  3. Under the “Whiteboard” section in the bottom right, click “Microsoft Whiteboard.”
  4. Click the pen icons to the right of the screen to begin sketching.

NB: Anonymous, federated, or guest users are currently not supported to start, view, or ink a whiteboard in a Teams meeting.

Will the whiteboard session be recorded if the meeting is being recorded?

No. However, the final whiteboard will be available to all meeting attendees after the meeting, under “Board Gallery” in the Microsoft Whiteboard app. Attendees can then continue to work on the whiteboard after the meeting has ended.

Create a live event

Screenshots detailing how to create a live event in Microsoft Teams, steps 1 to 3. Step 1: 'Click the “Calendar” tab on the left-hand side of the app'. Step 2: 'On the top right of the app, click the drop-down menu for “+ New meeting” and then “Live event.”' Step 3: 'You will be labeled the “Event organizer.” First, fill in the live event details on the left'. Screenshot detailing how to create a live event in Microsoft Teams, step 4.

As the organizer, you can invite other people to the event who will be the “producers” or “presenters.”

Producers: Control the live event stream, including being able to start and stop the event, share their own and others’ video, share desktop or window, and select layout.

Presenters: Present audio, video, or a screen.

Screenshot detailing how to create a live event in Microsoft Teams, step 5.

Select who your audience will be for your live event from three options: specified people and groups, the organization, or the public with no sign-in required.

Edit the setting for whether you want recording to be available for attendees.

Then click “Schedule” to finish.

Live event settings explained

When you join the live event as a producer/presenter, nothing will be immediately broadcast. You’ll be in a pre-live state. Decide what content to share and in what order. Along the bottom of the screen, you can share your video and audio, share your screen, and mute incoming attendees.

Once your content is ready to share along the bottom of the screen, add it to the screen on the left, in order of viewing. This is your queue – your “Pre-live” state. Then, click “Send now.”

This content will now move to the right-hand screen, ready for broadcasting. Once you’re ready to broadcast, click “Start.” Your state will change from “Pre-live” to “Live.”

Along the top right of the app will be a tools bar.

Screenshot listing live events settings icons in Microsoft Teams. Beside the heart monitor icon is 'Monitor health and performance of network, devices, and media sharing'. Beside the notepad icon is 'Take meeting notes'. Beside the chatbox icon is 'Chat function'. Beside the two little people with a plus sign icon is 'Invite and show participants'. Beside the gear icon is 'Device settings'. Beside the small 'i' in a circle is 'Meeting details, including schedule, meeting link, and dial-in number'.

Workspace #1: Departments

Scenario: Most of your organization’s communication and collaboration occurs within its pre-existing departmental divisions.

Conventional communication channels:

  • Oral communication: Employees work in proximity to each other and communicate in person, by phone, in department meetings
  • Email: Department-wide announcements
  • Memos: Typically posted/circulated in mailboxes

Solution: Determine the best way to organize your organization’s departments in Teams based on its size and your requirements to keep information private between departments.

Option A:

  • Create a team for the organization/division.
  • Create channels for each department. Remember that all members of a team can view all public channels created in that team and the default General channel.
  • Create private channels if you wish to have a channel that only select members of that team can see. Remember that private channels have some limitations in functionality.

Option B:

  • Create a new team for each department.
  • Create channels within this team for projects or topics that are recurring workflows for the department members. Only department members can view the content of these channels.

Option C:

  • Post departmental memos and announcements in the General channel.
  • Use “Meet now” in channels for ad hoc meetings. For regular department meetings, create a recurring Teams calendar event for the specific department channel (Option A) or the General channel (Option B). Remember that all members of a team can join a public channel meeting.

Workspace #2: A cross-functional committee

Scenario: Your organization has struck a committee composed of members from different departments. The rest of the organization should not have access to the work done in the committee.

Purpose: To analyze a particular organizational challenge and produce a plan or report; to confidentially develop or carry out a series of processes that affect the whole organization.

Jobs: Committee members must be able to:

  • Attend private meetings.
  • Share files confidentially.

Solution:

Ingredients:

  • Private team

Construction:

  • Create a new private team for the cross-functional committee.
  • Add only committee members to the team.
  • Create channels based on the topics likely to be the focal point of the committee work.
  • Decide how you will use the mandatory General channel. If the committee is small and the work limited in scope, this channel may be the main communication space. If the committee is larger or the work more complex, use the General channel for announcements and move discussions to new topic-related channels.
  • Schedule recurring committee meetings in the Teams calendar. Add the relevant channel to the meeting invite to keep the meeting chat attached to this team and channel (as meeting organizer, put your name in the meeting invite notes, as the channel will show as the organizer in the Outlook invite).
  • Remember that all members of this team will have access to these meetings and be able to view that they are occurring.

Workspace #3: An innovation day event

Scenario: The organization holds a yearly innovation day event in which employees form small groups and work on a defined, short-term problem or project.

Purpose: To develop innovative solutions and ideas.

Jobs:

  • Convene small groups.
  • Work toward time-sensitive goals.
  • Communicate synchronously.
  • Share files.

Solution:

Ingredients:

  • Public team
  • Channel tabs
  • Whiteboard
  • Planner

Construction:

  • Create a team for the innovation day event.
  • Add channels for each project working group.
  • Communicate to participants the schedule for the day and their assigned channel.
  • Use the General channel for announcements and instructions throughout the day. Ensure someone moderates the General channel for participants’ questions.
  • Pre-populate the channel tabs with files the participants need to work with. To add a scrum board, refer to M#4 (Morning stand-up/Scrum) in this slide deck.
  • For breakouts, instruct participants to use the “meet now” feature in their channel and how to use the Whiteboard during these meetings.
  • Arrange to have your IT admin archive the team after a certain point so the material is still viewable but not editable.

Workspace #4: A non-work-related social event

Scenario: Employees within the organization wish to organize social events around shared interests: board game clubs, book clubs, TV show discussion groups, trivia nights, etc.

Purpose: To encourage cohesion among coworkers and boost morale.

Jobs:

  • Schedule the event.
  • Invite participants.
  • Prepare the activity.
  • Host and moderate the discussion.

Solution:

Ingredients:

  • Public team
  • Private channels
  • Screen-sharing

Construction:

  • Create a public team for the social event so that interested people can find and join it.
  • Example: Trivia Night
    • Schedule the event in the Teams calendar.
    • Publish the link to the Trivia Night team where other employees will see it.
    • Create private channels for each trivia team so they cannot see the other competitors’ discussions. Add yourself to each private channel so you can see their answers.
    • As the host, begin a meeting in the General channel. Pose the trivia questions live or present the questions on PowerPoint via screen-sharing.
    • Ask each team to post its answers to its private channel.
  • To avoid teams sprawl, ask your IT admin to set a deletion policy for the team, as long as this request does not contradict your organization’s policies on data retention. If the team becomes moribund, it can be set to auto-delete after a certain period of time.

Workspace #5: A project team with a defined end time

Scenario: Within a department/workplace team, employees are assigned to projects with defined end times, after which they will be assigned to a new project.

Purpose: To complete project-based work that fulfills business needs.

Jobs:

  • Oral communication with team members.
  • Synchronous and asynchronous work on project files.
  • The ability to attend scheduled meetings and ad hoc meetings.
  • The ability to access shared resources related to the project.

Solution:

If your working group already has its own team within Teams:

  • Create a new public or private channel for the project. Remember that some functionality is not available in private channels (such as Microsoft Planner).
  • Use the channel for the project team’s meetings (scheduled in Teams calendar or through Meet Now).
  • Add a tab that links to the team’s project folder in SharePoint.

If your workplace team does not already have its own team in Teams:

  • Determine if there is a natural fit for this project as a new channel in an existing team. Remember that all team members will be able to see the channel if it is public and that all relevant project members need to belong to the Team to participate in the channel.
  • If necessary, create a new team for the project. Add the project members.
  • Create channels based on the type of work that comprises the project.
  • Use the channel for the project team’s meetings (scheduled in Teams calendar or through Meet Now)
  • Add a tab to link to the team’s project folder in SharePoint.

Info-tech Best Practice

Hide the channel after the project concludes to de-clutter your Teams user interface.

Meeting #1: Job interview with external candidate

Scenario: The organization must interview a slate of candidates to fill an open position.

Purpose:

  • Select the most qualified candidate for the job.

Jobs:

  • Create a meeting, ensuring the candidate and other attendees know when and where the meeting will happen.
  • Ensure the meeting is secure to protect confidential information.
  • Ensure the meeting is accessible, allowing the candidate to present themselves through audio and/or visual means.
  • Create a professional environment for the meeting to take place.
  • Engender a space for the candidate to share their CV, research, or other relevant file.
  • The interview must be transcribed and recorded.

Solution:

Ingredients:

  • Private Teams meeting
  • Screen-sharing
  • Microsoft Stream

Construction:

  • Create a Teams meeting, inviting the candidate with their email, alongside other internal attendees. The Teams meeting invite will auto-generate a link to the meeting itself.
  • The host can control who joins the meeting through settings for the “lobby.”
  • Through the Teams meeting, the attendees will be able to use the voice and video chat functionality.
  • All attendees can opt to blur their backgrounds to maintain a professional online presence.
  • The candidate can share their screen, either specific applications or their whole desktop, during the Teams meeting.
  • A Teams meeting can be recorded and transcribed through Stream. After the meeting, the transcript can be searched, edited, and shared

NB: The external candidate does not need the Teams application. Through the meeting invite, the external candidate will join via a web browser.

Meeting #2: Quarterly board meeting

Scenario: Every quarter, the organization holds its regular board meeting.

Purpose: To discuss agenda items and determine the company’s future direction.

Jobs:

During meeting:
    • Attendance and minutes must be taken.
    • Votes must be recorded.
    • In-camera sessions must occur.
    • External experts must be included.
After meeting:
  • Follow-up items must be assigned.
  • Reports must be submitted.

Solution:

Ingredients:

  • Teams calendar invite
  • Planner; Forms
  • Private channel
  • Microsoft Stream

Construction:

  • Guest Invite: Invites can be sent to any non-domain-joined email address to join a private, invitation-only channel within the team controlled by the board chair.
  • SharePoint & Flow: Documents are emailed to the Team addresses, which kicks off an MS Flow routine to collect review notes.
  • Planner: Any board member can assign tasks to any employee.
  • Forms/Add-On: Chair puts down the form of the question and individual votes are tracked.
  • Teams cloud meeting recording: Recording available through Stream. Manual edits can be made to VTT caption file. Greater than acceptable transcription error rate.
  • Meeting Log: Real-time attendance is viewable but a point-in-time record needs admin access.

NB: The external guests do not need the Teams application. Through the meeting invite, the guests will join via a web browser.

Meeting #3: Weekly team meeting

Scenario: A team meets for a weekly recurring meeting. The meeting is facilitated by the team lead (or manager) who addresses through agenda items and invites participation from the attendees.

Purpose: The purpose of the meeting is to:

  • Share information verbally
  • Present content visually
  • Achieve consensus
  • Build team morale

Jobs: The facilitator must:

  • Determine participants
  • Book room
  • Book meeting in calendar

Solution:

Ingredients:

  • Meeting Place: A channel in Microsoft Teams (must be public) where all members of the meeting make up the entirety of the audience.
  • Calendar Recurrence: A meeting is booked through Teams and appears in all participants’ Outlook calendar.
  • Collaboration Space: Participants join the meeting through video or audio and can share screens and contribute text, images, and links to the meeting chat.

Construction:

  • Ensure your team already has a channel created for it. If not, create one in the appropriate team.
  • Create the meeting using the calendar view within Microsoft Teams:
    • Set the meeting’s name, attendees, time, and recurrence.
    • Add the team channel that serves as the most appropriate workplace for the meeting. (Any discussion in the meeting chat will be posted to this channel.)

NB: Create the meeting in the Teams calendar, not Outlook, or you will not be able to add the Teams channel. As meeting organizer, put your name in the meeting invite notes, as the channel will show as the organizer in the Outlook invite.

Meeting #4: Morning stand-up/scrum

Scenario: Each morning, at 9am, members of the team meet online.

Purpose: After some pleasantries, the team discusses what tasks they each plan to complete in the day.

Jobs: The team leader (or scrum master) must:

  • Place all tasks on a scrum board, each represented by a sticky note denoting the task name and owner.
  • Move the sticky notes through the columns, adjusting assignments as needed.
  • Sort tasks into the following columns: “Not Started,” “In Progress,” and “Done.”

Solution:

Ingredients:

  • Meeting Place: A channel in Microsoft Teams (must be public) where all members of the meeting make up the entirety of the audience.
  • Scrum Board: A tab within that channel where a persistent scrum board has been created and is visible to all team members.

Meeting Place Construction:

  • Create the meeting using the calendar view in Teams.
  • Set the meeting’s name, attendees, time, and work-week daily recurrence (see left).
  • Add the channel that is the most appropriate workplace for the meeting. Any meeting chat will be posted to this channel rather than a separate chat.

Scrum Board Construction:

  • Add a tab to the channel using Microsoft Planner as the app. (You can use other task management apps such as Trello, but the identity integration of first-party Office 365 tools may be less hassle.)
  • Create a new (or import an existing) Plan to the channel. This will be used as the focal point.

Meeting #5: Weekly team meeting

Scenario: An audio-only conversation that could be a regularly scheduled event but is more often conducted on an ad-hoc basis.

Purpose: To quickly share information, achieve consensus, or clarify misunderstandings.

Jobs:

  • Dial recipient
  • See missed calls
  • Leave/check voicemail
  • Create speed-dial list
  • Conference call

Solution:

Ingredients:

  • Audio call begun through Teams chat.

Construction:

  • Voice over IP calls between users in the same MS Teams tenant can begin in multiple ways:
    • A call can be initiated through any appearance of a user’s profile picture: hover over user’s profile photo in the Chat list and select the phone icon.
    • Enter your last chat with a user and click phone icon in upper-right corner.
    • Go to the Calls section and type the name in the “Make a call” text entry form.
  • Voicemail: Voicemail, missed calls, and call history are available in the Calls section.
  • Speed dial: Speed dial lists can be created in the Calls section.
  • Conference call: Other users can be added to an ongoing call.

NB: Microsoft Teams can be configured to provide an organization’s telephony for external calls, but this requires an E5 license. Additional audio-conferencing licenses are required to call in to a Teams meeting over a phone.

Bibliography 1/4

Section 1: Teams for IT › Creation Process

Overview: Creation process
Assign admin roles
Prepare the network
Team creation
Integrations with SharePoint Online
Permissions

Bibliography 2/4

Section 1: Teams for IT › Creation Process (cont'd.)

External and guest access
Expiration and archiving
Retention and data loss prevention
Teams telephony

Bibliography 3/4

Section 1: Teams for IT › Teams Rollout

From Skype to Teams
From Slack to Teams
Teams adoption

Section 1: Teams for IT › Use Cases

Bibliography 4/4

Section 2: Teams for End Users › Teams, Channels, Chat

Section 2: Teams for End Users › Meetings and Live Events

Section 2: Teams for End Users › Use Cases

Dive Into Five Years of Security Strategies

  • Buy Link or Shortcode: {j2store}247|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Security Strategy & Budgeting
  • Parent Category Link: /security-strategy-and-budgeting
  • As organizations build their security programs, there is often the question of what are other companies doing.
  • Part of this is a desire to know whether challenges are unique to certain companies, but also to understand how people are tackling some of their security gaps.

Our Advice

Critical Insight

Don’t just wonder what others are doing – use this report to see how companies are faring in their current state, where they want to target in their future state, and the ways they’re planning to raise their security posture.

Impact and Result

  • Whether you’re building out your security program for the first time or are just interested in how others are faring, review insights from 66 security strategies in this report.
  • This research complements the blueprint, Build an Information Security Program, and can be used as a guide while completing that project.

Dive Into Five Years of Security Strategies Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Start here – read the Executive Brief

Read our concise Executive Brief to find out what this report contains.

[infographic]

Build a Zero Trust Roadmap

  • Buy Link or Shortcode: {j2store}253|cart{/j2store}
  • member rating overall impact (scale of 10): 9.3/10 Overall Impact
  • member rating average dollars saved: $48,932 Average $ Saved
  • member rating average days saved: 42 Average Days Saved
  • Parent Category Name: Security Strategy & Budgeting
  • Parent Category Link: /security-strategy-and-budgeting
  • Many IT and security leaders struggle to understand zero trust and how best to deploy it with their existing IT resources.
  • The need to move from a perimeter-based approach to security toward an “Always Verify” approach is clear. The path to getting there is complex and expensive.
  • Zero trust as a principle is a moving target due to competing definitions and standards. A strategy that adapts evolving best practices must be supported by business stakeholders.
  • Full zero trust includes many components. Performing an accurate assessment of readiness and benefits to adopt zero trust can be extremely difficult when you don’t know where to start.

Our Advice

Critical Insight

Apply zero trust to key protect surfaces. A successful zero trust strategy should evolve through an iterative and repeatable process by assessing the full spectrum of available technologies to apply zero trust principles to the most relevant protect surfaces.

Impact and Result

Every organization should have a zero trust strategy and the roadmap to deploy it must always be tested and refined. Our unique approach:

  • Assess resources and determine zero trust readiness.
  • Prioritize initiatives and build out roadmap.
  • Deploy zero trust and monitor with zero trust progress metrics.

Build a Zero Trust Roadmap Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Build a Zero Trust Roadmap Deck – The purpose of the storyboard is to provide a detailed description of the steps involving in building a roadmap for implementing zero trust.

The storyboard contains five easy-to-follow steps on building a roadmap for implementing zero trust, from aligning initiatives to business goals to establishing metrics for measuring the progress and effectiveness of a zero trust implementation.

  • Build a Zero Trust Roadmap – Phases 1-5

2. Zero Trust Protect Surface Mapping Tool – A tool to identify key protect surfaces and map them to business goals.

Use this tool to develop your zero trust strategy by having it focus on key protect surfaces that are aligned to the goals of the business.

  • Zero Trust Protect Surface Mapping Tool

3. Zero Trust Program Gap Analysis Tool – A tool to perform a gap analysis between the organization's current implementation of zero trust controls and its desired target state and to build a roadmap to achieve the target state.

Use this tool to develop your zero trust strategy by creating a roadmap that is aligned with the current state of the organization when it comes to zero trust and its desired target state.

  • Zero Trust Program Gap Analysis Tool

4. Zero Trust Candidate Solutions Selection Tool – A tool to identify and evaluate solutions for identified zero trust initiatives.

Use this tool to develop your zero trust strategy by identifying the best solutions for zero trust initiatives.

  • Zero Trust Candidate Solutions Selection Tool

5. Zero Trust Progress Monitoring Tool – A tool to identify metrics to measure the progress and efficiency of the zero trust implementation.

Use this tool to develop your zero trust strategy by identifying metrics that will allow the organization to monitor how the zero trust implementation is progressing, and whether it is proving to be effective.

  • Zero Trust Progress Monitoring Tool

6. Zero Trust Communication Deck – A template to present the zero trust template to key stakeholders.

Use this template to present the zero trust strategy and roadmap to ensure all key elements are captured.

  • Zero Trust Communication Deck

Infographic

Workshop: Build a Zero Trust Roadmap

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Define Business Goals and Protect Surfaces

The Purpose

Align business goals to protect surfaces.

Key Benefits Achieved

A better understanding of how business goals can map to key protect surfaces and their associated DAAS elements.

Activities

1.1 Understand business and IT strategy and plans.

1.2 Define business goals.

1.3 Identify five critical protect surfaces and their associated DAAS elements.

1.4 Map business goals and protect surfaces.

Outputs

Mapping of business goals to key protect surfaces and their associated DAAS elements.

2 Begin Gap Analysis

The Purpose

Identify and define zero trust initiatives.

Key Benefits Achieved

A list of zero trust initiatives to be prioritized and set into a roadmap.

Activities

2.1 Assess current security capabilities and define the zero trust target state for a set of controls.

2.2 Identify tasks to close maturity gaps.

2.3 Assign tasks to zero trust initiatives.

Outputs

Security capabilities current state assessment

Zero trust target state

Tasks to address maturity gaps

3 Complete Gap Analysis

The Purpose

Complete the zero trust gap analysis and prioritize zero trust initiatives.

Key Benefits Achieved

A prioritized list of zero trust initiatives aligned to business goals and key protect surfaces.

Activities

3.1 Align initiatives to business goals and key protect surfaces.

3.2 Conduct cost/benefit analysis on zero trust initiatives.

3.3 Prioritize initiatives.

Outputs

Zero trust initiative list mapped to business goals and key protect surfaces

Prioritization of zero trust initiatives

4 Finalize Roadmap and Formulate Policies

The Purpose

Finalize the zero trust roadmap and begin to formulate zero trust policies for roadmap initiatives.

Key Benefits Achieved

A zero trust roadmap of prioritized initiatives.

Activities

4.1 Define solution criteria.

4.2 Identify candidate solutions.

4.3 Evaluate candidate solutions.

4.4 Finalize roadmap.

4.5 Formulate policies for critical DAAS elements.

4.6 Establish metrics for high-priority initiatives.

Outputs

Zero trust roadmap

Zero trust policies for critical protect surfaces

Method for defining zero trust policies for candidate solutions

Metrics for high-priority initiatives

Further reading

Build a Zero Trust Roadmap

Leverage an iterative and repeatable process to apply zero trust to your organization.

EXECUTIVE BRIEF

Analyst Perspective

Internet is the new corporate network.

For the longest time we have focused on reducing the attack surface to deter malicious actors from attacking organizations, but I dare say that has made these actors scream “challenge accepted.” With sophisticated tools, time, and money in their hands, they have embarrassed even the finest of organizations. A popular hybrid workforce and rapid cloud adoption have introduced more challenges for organizations, as the security and network perimeter have shifted and the internet is now the corporate network. Suffice it to say that a new mindset needs to be adopted to stay on top of the game.

The success of most attacks is tied to denial of service, data exfiltration, and ransom. A shift from focusing on the attack surface to the protect surface will help organizations implement an inside-out architecture that protects critical infrastructure, prevents the success of any attack, makes it difficult to gain access, and links directly to business goals.

Zero trust principles aid that shift across several pillars (Identity, Device, Application, Network, and Data) that make up a typical infrastructure; hence, the need for a zero trust roadmap to accomplish that which we desire for our organization.

Victor Okorie
Senior Research Analyst, Security and Privacy
Info-Tech Research Group

Executive Summary

Your Challenge

  • Many IT and security leaders struggle to understand zero trust and how best to deploy it with their existing IT resources.
  • The need to move from a perimeter-based approach to security toward an “Always Verify” approach is clear. The path to getting there is complex and expensive.

Common Obstacles

  • Zero trust as a principle is a moving target due to competing definitions and standards. A strategy that adapts evolving best practices must be supported by business stakeholders.
  • Full zero trust includes many components. Performing an accurate assessment of readiness and benefits to adopt zero trust can be extremely difficult when you don’t know where to start.

Info-Tech’s Approach

  • Every organization should have a zero trust strategy and the roadmap to deploy it must always be tested and refined.
  • Our unique approach:
    • Assess resources and determine zero trust readiness.
    • Address barriers and identify enablers.
    • Prioritize initiatives and build out roadmap.
    • Identify most appropriate vendors via vendor selection framework.
    • Deploy zero trust and monitor with zero trust progress metrics.

Info-Tech Insight

A successful zero trust strategy should evolve through an iterative and repeatable process by assessing the full spectrum of available technologies to apply zero trust principles to the most relevant protect surfaces.

Your challenge

This research is designed to help organizations:

  • Understand what zero trust is and decide how best to deploy it with their existing IT resources. Zero trust is a set of principles that defaults to the highest level of security; a failed implementation can easily disrupt the business. A pragmatic zero trust implementation must be flexible and adaptable yet maintain a consistent level of protection.
  • Move from a perimeter-based approach to security toward an “Always Verify” approach. The path to getting there is complex without a clear understanding of desired outcomes. Focusing efforts on key protection gaps and leveraging capable controls in existing architecture allows for a repeatable process that carries IT, security, and the business along on the journey.

On this zero trust journey, identify your valuable assets and zero trust controls to protect them.

Top three reasons for building a zero trust strategy

44%

Reduce attacker’s ability to move laterally

44%

Enforce least privilege access to critical resources

41%

Reduce enterprise attack surface

Common obstacles

These barriers make this challenge difficult to address for many organizations:

  • Due to zero trust’s many components, performing an accurate assessment of readiness and benefits to adopt zero trust can be extremely difficult when you don’t know where to start.
    • To feel ready to implement and to understand the benefits of zero trust, IT must first understand what zero trust means to the organization.
  • Zero trust as a set of principles is a moving target, with many developing standards and competing technology definitions. A strategy built around evolving best practices must be supported by related business stakeholders.
    • To ensure support, IT must be able to “sell” zero trust to business stakeholders by illustrating the value zero trust can bring to business objectives.

43%

Organizations with a full implementation of zero trust saved 43% on the costs of data breaches.
(Source: Teramind, 2021)

96%

Zero trust is considered key to the success of 96% of organizations in a survey conducted by Microsoft.
(Source: Microsoft, 2021)

What is zero trust?

It depends on who you ask…

  • Vendors use zero trust as a marketing buzzword.
  • Organizations try to comprehend zero trust in their own limited views.
  • Zero trust regulations/standards are still developing.

“A cybersecurity paradigm focused on resource protection and the premise that trust is never granted implicitly but must be continually evaluated.”

Source: NIST, SP 800-207: Zero Trust Architecture, 2020

“An evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources.”

Source: DOD, Zero Trust Reference Architecture, 2021

“A security model, a set of system design principles, and a coordinated cybersecurity and system management strategy based on an acknowledgement that threats exist both inside and outside traditional network boundaries.”

Source: NSA, Embracing a Zero Trust Security Model, 2021

“Zero trust provides a collection of concepts and ideas designed to minimize uncertainty in enforcing accurate, least privilege per-request access decisions in information systems and services in the face of a network viewed as compromised.”

Source: CISA, Zero Trust Maturity Model, 2021

“The foundational tenet of the zero trust model is that no actor, system, network, or service operating outside or within the security perimeter is trusted.”

Source: OMB, Moving the U.S. Government Toward Zero Trust Cybersecurity Principles, 2022

What is zero trust?

From Theoretical to Practical

Zero trust is an ideal in the literal sense of the word, because it is a standard defined by its perfection. Just as nothing in life is perfect, there is no measure that determines an organization is absolutely zero trust. The best organizations can do is improve their security iteratively and get as close to ideal as possible.

In the most current application of zero trust in the enterprise, a zero trust strategy applies a set of principles, including least-privilege access and per-request access enforcement, to minimize compromise to critical assets. A zero trust roadmap is a plan that leverages zero trust concepts, considers relationships between technical elements as well as security solutions, and applies consistent access policies to minimize areas of exposure.

Zero Trust; Identity; Workloads & Applications; Network; Devices; Data

Info-Tech Insight

Solutions offering zero trust often align with one of five pillars. A successful zero trust implementation may involve a combination of solutions, each protecting the various data, application, assets, and/or services elements in the protect surface.

Zero trust business benefits

Reduce business and organizational risk

Reduced business risks as continuous verification of identity, devices, network, applications, and data is embedded in the organizations practice.

36% of data breaches involved internal actors.
Source: Verizon, 2021

Reduce CapEx and OpEx

Reduced CapEx and OpEx due to the scalability, low staffing requirement, and improved time-to-respond to threats.
Source: SecurityBrief - Australia, 2020.

Reduce scope and cost of compliance

Helps achieve compliance with several privacy standards and regulations, improves maturity for cyber insurance premium, and fewer gaps during audits.

Scope of compliance reduced due to segmentation.

Reduce risk of data breach

Reduced risk of data breach in any instance of a malicious attack as there’s no lateral movement, secure segment, and improved visibility.

10% Increase in data breach costs; costs went from $3.86 million to $4.24 million.
Source: IBM, 2021

This is an image of a thought map detailing Info-Tech's Build A Zero Trust Roadmap.  The main headings are: Define; Design; Develop; Monitor

Info-Tech’s methodology for Building a Zero Trust Roadmap

1. Define Business Goals and Protect Surfaces

2. Assess Key Capabilities and Identify Zero Trust Initiatives

3. Evaluate Candidate Solutions and Finalize Roadmap

4. Formulate Policies for Roadmap Initiatives

5. Monitor the Zero Trust Roadmap Deployment

Phase Steps

Define business goals

Identify critical DAAS elements

Map business goals to critical DAAS elements

  1. Review the Info-Tech framework
  2. Assess current capabilities and define the zero trust target state
  3. Identify tasks to close gaps
  4. Define tasks and initiatives
  5. Align initiatives to business goals and protect surfaces
  1. Define solution criteria
  2. Identify candidate solutions
  3. Evaluate candidate solutions
  4. Perform cost/benefit analysis
  5. Prioritize initiatives
  6. Finalize roadmap
  1. Formulate policies for critical DAAS elements
  2. Formulate policies to secure a path to access critical DAAS elements
  1. Establish metrics for roadmap tasks
  2. Track and report metrics
  3. Build a communication deck

Phase Outcomes

Mapping of business goals to protect surfaces

Gap analysis of security capabilities

Evaluation of candidate solutions and a roadmap to close gaps

Method for defining zero trust policies for candidate solutions

Metrics for measuring the progress and efficiency of the zero trust implementation

Protect what is relevant

Apply zero trust to key protect surfaces

A successful zero trust strategy should evolve through an iterative and repeatable process by assessing the full spectrum of available technologies to apply zero trust principles to the most relevant protect surfaces.

Align protect surfaces to business objectives

Developing a zero trust roadmap collaboratively with business stakeholders enables alignment with upcoming business priorities and industry trends.

Identify zero trust capabilities

Deriving protect surface elements from business goals reframes how security controls are applied. Assess control effectiveness in this context and identify zero trust capabilities to close any gaps.

Roadmap first, not solution first

Don’t let your solution dictate your roadmap. Define your zero trust solution criteria before engaging in vendor selection.

Create enforceable policies

The success of a zero trust implementation relies on consistent enforcement. Applying the Kipling methodology to each protect surface is the best way to design zero trust policies.

Success should benefit the organization

To measure the efficacy of a zero trust implementation, ensure you know what a successful zero trust implementation means for your organization, and define metrics that demonstrate whether that success is being realized.

Blueprint deliverables

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

Key deliverable:

Zero Trust Communication Deck

Present your zero trust strategy in a prepopulated document that summarizes the work you have completed as a part of this blueprint.

Zero Trust Protect Surface Mapping Tool

Identify critical and vulnerable DAAS elements to protect and align them to business goals.

Zero Trust Program Gap Analysis Tool

Perform a gap analysis between current and target states to build a zero trust roadmap.

Zero Trust Candidate Solutions Selection Tool

Determine and evaluate candidate solutions based on defined criteria.

Zero Trust Progress Monitoring Tool

Develop metrics to track the progress and efficiency of the organization’s zero trust implementation.

Blueprint benefits

IT Benefits

  • A mapped transaction flow of critical and vulnerable assets and visibility of where to implement security controls that aligns with the principle of zero trust.
  • Improved security posture across the digital attack surface while focusing on the protect surface.
  • An inside-out architecture that leverages current existing architecture to tighten security controls, is automated, and gives granular visibility.

Business Benefits

  • Reduced business risks as continuous verification of identity, devices, network, applications, and data is embedded in the organization’s practice.
  • Reduced CapEx and OpEx due to the scalability, low staffing requirement, and improved time-to-respond to threats.
  • Helps achieve compliance with several privacy standards and regulations, improves maturity for cyber insurance premium, and fewer gaps during audits.
  • Reduced risk of data breach in any instance of a malicious attack.

Measure the value of this blueprint

Save an average of $1.76 million dollars in the event of a data breach

  • This research set seeks to help organizations develop a mature zero trust implementation which, according to IBM’s “Cost of a Data Breach 2021 Report,” saves organizations an average of $1.76 million in the event of a data breach.
  • Leverage phase 5 of this research to develop metrics to track the implementation progress and efficacy of zero trust tasks.

43%

Organizations with a mature implementation of zero trust saved 43%, or $1.76 million, on the costs of data breaches.
Source: IBM, 2021

In phase 2 of this blueprint, we will help you establish zero trust implementation tasks for your organization.

In phase 3, we will help you develop a game plan and a roadmap for implementing those tasks.

This image contains a screenshot info-tech's methodology for building a zero-trust roadmap, discussed earlier in this blueprint

Executive Brief Case Study

National Aeronautics and Space Administration (NASA)

INDUSTRY: Government

SOURCE: Zero Trust Architecture Technical Exchange Meeting

NASA recognized the potential benefits of both adopting a zero trust architecture (including aligning with OMB FISMA and DHS CDM DEFEND) and improving NASA systems, especially those related to user experience with dynamic access, application security with sole access from proxy, and risk-based asset management with trust score. The trust score is continually evaluated from a combination of static factors, such as credential and biometrics, and dynamic factors, such as location and behavior analytics, to determine the level of access. The enhanced access mechanism is projected on use-case flows of users and external partners to analyze the required initiatives.

The lessons learned in adapting zero trust were:

  • Focus on access to data, assets, applications, and services; and don’t select solutions or vendors too early.
  • Provide support for mobile and external partners.
  • Complete zero trust infrastructure and services design with holistic risk-based management, including network access control with software-defined networking and an identity management program.
  • Develop a zero trust strategy that aligns with mission objectives.

Results

NASA implemented zero trust architecture by leveraging the agency existing components on a roadmap with phases related to maturity. The initial development includes privileged access management, security user behavior analytics, and a proof-of-concept lab for evaluating the technologies.
Case Study Source: NASA, “Planning for a Zero Trust Architecture Target State,” 2019

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

Guided Implementation

“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

Workshop

“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

Consulting

“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

Diagnostics and consistent frameworks used throughout all four options

Guided Implementation

What does a typical GI on this topic look like?

Phase 1 Phase 2 Phase 3 Phase 4 Phase 5
Call #1:
Scope requirements, objectives, and your specific challenges.

Call #3:
Define current security capabilities and zero trust target state.

Call #5:

Identify and evaluate solution criteria.

Call #7:
Create a process for formulating zero trust policies.

Call #8:
Establish metrics for assessing the implementation and effectiveness of zero trust.

Call #2:
Identify business goals and protect surfaces.

Call #4:
Identify gap-closing tasks and assign to zero trust initiatives.

Call #6:
Prioritize zero trust initiatives.

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.
A typical GI is between 8 to 12 calls over the course of 2 to 4 months.

Workshop Overview

Contact your account representative for more information.workshops@infotech.com 1-888-670-8889

Day 1 Day 2 Day 3 Day 4 Day 5

Define Business Goals and Protect Surfaces

Begin Gap Analysis

Complete Gap Analysis

Finalize Roadmap and Formulate Policies

Next Steps and
Wrap-Up (offsite)

Activities

1.1 Understand business and IT strategy and plans.

1.2 Define business goals.

1.3 Identify five critical protect surfaces and their associated DAAS elements.

1.4 Map business goals and protect surfaces.

2.1 Assess current security capabilities and define the zero Trust target state for a set of controls.

2.2 Identify tasks to close maturity gaps.

2.3 Assign tasks to zero trust initiatives.

3.1 Align initiatives to business goals and key protect surfaces.

3.2 Conduct cost/benefit analysis on zero trust initiatives.

3.3 Prioritize initiatives.

4.1 Define solution criteria.

4.2 Identify candidate solutions.

4.3 Evaluate candidate solutions.

4.4 Finalize roadmap.

4.5 Formulate policies for critical DAAS elements.

4.6 Establish metrics for high-priority initiatives.

5.1 Complete in-progress deliverables from previous four days.

5.2 Set up review time for workshop deliverables and to discuss next steps.

Deliverables
  1. 1.Mapping of business goals to key protect surfaces and their associated DAAS elements
  1. Security capabilities current state assessment
  2. Zero trust target state
  3. Tasks to address maturity gaps
  1. Zero trust initiative list mapped to business goals and key protect surfaces
  2. Prioritization of zero trust initiatives
  1. Zero trust roadmap
  2. Zero trust policies for critical protect surfaces
  3. Method for defining zero trust policies for candidate solutions
  4. Metrics for high-priority initiatives
  1. Zero trust roadmap documentation
  2. Mapping of Info-Tech resources against individual initiatives

Phase 1

Define Business Objectives and Protect Surfaces

Build a Zero Trust Roadmap

This phase will walk you through the following activities:

  • Identify and define the business goals.
  • Identify the critical DAAS elements and protect surface.
  • Align the business goals to the protect surface and critical DAAS elements.

This phase involves the following participants:

  • Security Team
  • Business Executives
  • Subject Matter Experts From IT, Finance, HR, Legal, Facilities, Compliance, Audit, Risk Management

Analyze your business goals

Identifying business goals is the first step in aligning your zero trust roadmap with your business’ vision.

  • Security leaders need to understand the direction the business is headed in.
  • Wise security investments depend on aligning your security initiatives to business objectives.
  • Zero trust, and information security at large, should contribute to your organization’s business objectives by supporting operational performance, ensuring brand protection and shareholder value.
    • For example, if the organization is working on a new business initiative that requires the handling of credit card payments, the security organization needs to know as soon as possible to ensure the zero trust architecture will be extended to protect the PCI data and enable the organization to be PCI compliant.

    Info-Tech Insight

    Security and the business need to be in alignment when implementing zero trust. Defining the business goal helps rationalize the need for a zero trust implementation.

1.1 Define your organization’s business goals

Estimated time 1-3 hours

  1. As a group, brainstorm the business goals of the organization.
  2. Review relevant business and IT strategies.
  3. Review the business goal definitions in tab “2. Business Objectives” of the Zero Trust Protect Surface Mapping Tool, including the key goal indicator metrics.
  4. Record the most important business goals in the Business Goal column on tab “3. Protect Surfaces” of the Zero Trust Protect Surface Mapping Tool. Try to limit the number of business goals to no more than five primary goals. This limitation will be critical to help map the protect surface and the zero trust roadmap later.

Input

  • Business and IT strategies

Output

  • Prioritized list of business objectives

Materials

  • Whiteboard/Flip Charts
  • Zero Trust Protect Surface Mapping Tool

Participants

  • Security Team
  • IT Leadership
  • Business Stakeholders
  • Risk Management
  • Compliance
  • Legal

Download the Zero Trust Protect Surface Mapping Tool

Info-Tech Insight

Developing a zero trust roadmap collaboratively with business stakeholders enables alignment with upcoming business priorities and industry trends.

What does zero trust mean for you?

For a successful implementation, focus on your zero trust outcome.

This image describes the Who, What, When, Where, Why, and How for Zero Trust.

Regardless of whether the user is accessing resources internally or externally, zero trust is posed to authenticate, authorize, and continuously verify the security policies and posture before access is granted or denied. Many network architecture can be local, cloud based, or hybrid and with users working from any location, there is no network perimeter as we knew it and the internet is now the corporate network.

Zero trust framework seeks to extend the perimeter-less security to the present digital transformation.

Understand protect surface

Data, Application, Asset, and Services

A protect surface can be described as what’s critical, most vulnerable, or most valuable to your organization. This protect surface could include at least one of the following – data, assets, applications, and services (DAAS) – that requires protection. This is also the area that zero trust policy is aimed to protect. Understanding what your protect surface is can help channel the required energy into protecting that which is crucial to the business, and this aligns with the shift from focusing on the attack surface to narrowing it down to a smaller and achievable area of protection.

Anything and everything that connects to the internet is a potential attack surface and pursuing every loophole will leave us one step behind due to lack of resources. Since a protect surface contains one or more DAAS element, the micro-perimeter is created around it and the appropriate protection is applied around it. As a team, we can ask ourselves this question when thinking of our protect surface: to what degree does my organization want me to secure things? The knowledge of the answer to this question can be tied to the risk tolerance level of the organization and it is only fair for us to engage the business in identifying what the protect surface should be.

Components of a protect surface

  • Data
  • Application
  • Asset
  • Services

Info-Tech Insight

The protect surface is a shift from focusing on the attack surface. DAAS elements show where the initiatives and controls associated with the zero trust pillars (Identity, Devices, Network, Application, and Data) need to be applied.

Sample Scenario

INDUSTRY: Healthcare

SOURCE: Info-Tech Research Group

Illustration

A healthcare provider would consider personal health information a critical resource worthy of being protected against data exfiltration due to a host of reasons including but not limited to privacy regulations, loss of revenue, legal, and reputational loss; hence, this would be considered a protect surface.

  • What is the data that can’t be risked exfiltrated?
  • What application(s) is used to access this data?
  • What assets are used to generate and store the data?
  • What are the services we rely on to be able to access the data?

DAAS Element

  • The data here is the patient information.
  • The application used to access the personal health information would be EPIC, OR list, and any other application used in that organization.
  • The assets used to store the data and generate the PHI would include physical workstations, medical scanners, etc.
  • The services that can be exploited to disrupt the operation or used to access the data would include active directory, single sign-on, etc.

DAAS and Zero Trust Pillar

This granular identification provides an opportunity to not only see what the protect surface and DAAS elements are but also understand where to apply security controls that align with the principle of zero trust as well as how the transaction flows. The application pillar initiatives will provide protection to the EPIC application and the device pillar initiatives will provide protection to the workstations and physical scanners. The identity pillar initiatives will apply protection to the active directory, and single sign-on services. The zero trust pillar initiatives align with the protection of the DAAS elements.

Shift from attack surface to protect surface

This image contains a screenshot of the thought map: Shift from attack surface to protect surface.  Go from complex to a micro perimeter approach.

Info-Tech Insight

The protect surface is a shift from focusing on the attack surface as it creates a micro-perimeter for the application of zero trust policies on the system. This drastically reduces the success of an attack whether internally or externally, reduces the attack surface, and is also repeatable.

1.2 Identify critical DAAS elements

Estimated time 1-3 hours

  1. As a group, brainstorm and identify critical, valuable, sensitive assets or resources requiring high availability in the organization. Each DAAS element is part of a protect surface, or sometimes, the DAAS element itself is a protect surface.
  • Data – The sensitive data that poses the greatest risk if exfiltrated or misused. What data needs to be protected?
  • Applications – The applications that use sensitive data or control critical assets. Which applications are critical for your business functions?
  • Assets – Physical or virtual assets, including an organization’s information technology (IT), operational technology (OT), or Internet of Things devices.
  • Services – The services an organization most depends on. Services that can be exploited to disrupt normal IT or business operations.
  • Record the critical DAAS elements and protect surface in their respective columns of the Zero Trust Protect Surface Mapping Tool. Try to limit the number of business goals to no more than five primary protect surfaces to match with the business goals.
  • Download the Zero Trust Protect Surface Mapping Tool

    Input

    • Critical resources to protect
    • Understanding of how they interoperate or connect

    Output

    • Protect surfaces

    Materials

    • Whiteboard/Flip Charts
    • Zero Trust Protect Surface Mapping Tool

    Participants

    • Security Team
    • IT Leadership
    • Business Stakeholders

    1.3 Map business goals to critical DAAS elements

    Estimated time 1-2 hours

    1. The protect surface will be generated from the critical DAAS elements as a standalone protect surface or a group of interconnected DAAS elements merged into one.
    • Each protect surface can be tied back to a business objective.
  • Select from the drop-down list of business objectives the option that fits the identified protect surface as it relates to the organization.
    • Type in your business objectives if the drop-down list does not apply.

    Download the Zero Trust Protect Surface Mapping Tool

    This image contains a screenshot from the Zero Trust Protect Surface Mapping Tool, with the following columns highlighted: Business Goal Name; Protect Surface Name

    Phase 2

    Assess Key Capabilities and Identify Zero Trust Initiatives

    Build a Zero Trust Roadmap

    This phase will walk you through the following activities:

    • Assess the organization’s current capabilities.
    • Define the zero trust target state.
    • Identify tasks to close gaps
    • Define zero trust initiatives and align zero trust initiatives to business goals and protect surfaces.

    This phase involves the following participants:

    • Security Team
    • Subject Matter Experts From IT, Finance, HR, Legal, Facilities, Compliance, Audit, Risk Management
    • Project Management Office

    The Info-Tech Zero Trust Framework

    Info-Tech’s Zero Trust Framework aligns with zero trust references, including:

    • ACT Zero Trust Cybersecurity Current Trends. 2019
    • NIST SP 800-207: Zero Trust Architecture. 2020
    • DOD Zero Trust Reference Architecture. 2021
    • NSA Embracing a Zero Trust Security Model. 2021
    • CISA Zero Trust Maturity Model. 2021
    • Executive Order (EO) 14028: Improving the Nation’s Cybersecurity, The White House. 2021
    • OMB Moving the U.S. Government Toward Zero Trust Cybersecurity Principles. 2022
    • NSTAC Zero Trust and Trusted Identity Management. 2022
    • NIST SP 800-53 r5: Security and Privacy Controls for Information Systems and Organizations

    Identity

    • Authentication
    • Authorization
    • Privileged Access Management

    Applications

    • Software Defined Compute
    • DevSecOps
    • Software Supply Chain

    Devices

    • Authentication
    • Authorization
    • Compliance

    Networks

    • Software Defined Networking
    • Macro Segmentations
    • Micro Segmentation

    Data

    • Software Defined Storage
    • Data Loss Prevention
    • Data Rights Management

    Info-Tech Insight

    A best-of-breed approach ensures holistic coverage of your zero trust program while refraining from locking you into a specific reference.

    2.1 Review the Info-Tech framework

    Estimated time 30-60 minutes

    1. As a group, have the team review the framework within the Zero Trust Program Gap Analysis Tool.
    2. Customize the tool as required using the instructions in tab “2. Setup”:
    • Define costing criteria
    • Define benefits criteria
    • Configure full-time equivalent hours and start year
    • Input business goals as mapped to protect surfaces (see next slide)

    Download the Zero Trust Program Gap Analysis Tool

    Input

    • Protect surfaces mapped to business objectives

    Output

    • Customized framework

    Materials

    • Zero Trust Program Gap Analysis Tool

    Participants

    • Security Team
    • Subject Matter Experts From IT

    2.1.1 Input business goals as mapped to protect surfaces

    Refer to the Protect Surface Mapping Tool, copy the following elements from the Protect Surface tab.

    1. Enter Business Goals.
    2. Enter Protect Surfaces.
    3. Enter Data.
    4. Enter Application.
    5. Enter Assets.
    6. Enter Services.

    This image contains a screenshot from Info-Tech's Zero Trust Program Gap Analysis Tool.  The Column headings are labeled as follows: 1: Business Goal Name; 2: Protect Surface; 3: DATA; 4: APPLICATION; 5: ASSETS; 6: SERVICES

    Info-Tech Insight

    Deriving protect surface elements from business goals reframes how security controls are applied. Assess control effectiveness in this context and identify zero trust capabilities to close any gaps.

    2.2 Assess current capabilities and define zero trust target state

    Estimated time 6-12 hours

    1. Using the Zero Trust Program Gap Analysis Tool, review each of the controls in the Gap Analysis tab.
    2. Follow the instructions on the next slides to complete your current-state and target-state assessment.
    3. For most organizations, multiple internal subject matter experts will need to be consulted to complete the assessment.

    Download the Zero Trust Program Gap Analysis Tool

    Input

    • Protect surfaces mapped to business objectives
    • Information on current state of controls, including sources such as audit findings, vulnerability and penetration test results, and risk registers

    Output

    • Current-state and target-state assessment for gap analysis

    Materials

    • Zero Trust Program Gap Analysis Tool

    Participants

    • Security Team
    • Subject Matter Experts From IT, Facilities, Audit, Risk Management

    Understanding security target states

    Maturity models are very effective for determining target states. This table provides general descriptions for each maturity level. As a group, consider which description most accurately reflects the ideal target state in your organization.

    AD HOC 01

    Initial/ad hoc security programs are reactive. Lacking strategic vision, these programs are less effective and less responsive to the needs of the business.

    DEVELOPING 02

    Developing security programs can be effective at what they do but are not holistic. Governance is largely absent. These programs tend to rely on the talents of individuals rather than a cohesive plan.

    DEFINED 03

    A defined security program is holistic, documented, and proactive. At least some governance is in place; however, metrics are often rudimentary and operational in nature. These programs still often rely on best practices rather than strong risk management.

    MANAGED 04

    Managed security programs have robust governance and metrics processes. Management and board-level metrics for the overall program are produced. These are reviewed by business leaders and drive security decisions. More mature risk management practices take the place of best practices.

    OPTIMIZED 05

    An optimized security program is based on strong risk management practices, including the production of key risk indicators (KRIs). Individual security services are optimized using key performance indicators (KPIs) that continually measure service effectiveness and efficiency.

    2.2.1 Conduct current-state assessment

    1. Carefully review each of the controls in the Gap Analysis tab that are needed for the protect surfaces. For each control, indicate the current maturity level of the organization. The tool uses the maturity levels of the CMMI model to score maturity.
    • Only use “N/A” if you are confident that the control is not required in your protect surfaces. For example, if the protect surfaces do not require or use software-defined computing, select “N/A” for any controls related to software-defined computing.
  • Provide comments to describe your current state. This step is optional but recommended as it may be important to record this information for future reference.
  • Select the target maturity for the control.
  • This image contains a screenshot from Info-Tech's Zero Trust Program Gap Analysis Tool, with the following column headings highlighted and numbered: 1: Current Maturity; 2: Current State Comments (optional); Target Maturity

    Make sure that the gap between target state and current state is achievable for the current zero trust roadmap. For instance, if you set your current maturity to 1 – Ad Hoc, then having a target maturity of 4 – Managed or 5 – Optimized is not recommended due to the big jump.

    2.2.2 Review the Gap Analysis Dashboard

    1. Use the Dashboard to map your progress on assessing current- and future-state maturities. As you fill out the Zero Trust Program Gap Analysis Tool, check with the Dashboard to see the difference between your current and target state.
    2. Use the color-coded legend to see the size of the gap between your current and target state.
    3. Zero trust processes that appear white have not yet been assessed or are rated as “N/A.”
    this image contains a screenshot of Info-tech's Zero-Trust framework discussed earlier in this blueprint, with the addition of a legend demonstrating how to use the gap analysis tool to identify the size of the gap between current and target states

    2.3 Identify tasks to close gaps

    Estimated time 5 hours

    1. Using the Zero Trust Program Gap Analysis Tool, review each of the controls in the Gap Analysis tab.
    2. Follow the instructions on the next slides to identify gap closure tasks for each control that requires improvement.
    3. For most organizations, multiple internal subject matter experts will need to be consulted to complete the assessment.

    Download the Zero Trust Program Gap Analysis Tool

    Input

    • Zero trust controls gap information

    Output

    • Gap closure task list

    Materials

    • Zero Trust Program Gap Analysis Tool

    Participants

    • Security Team
    • Subject Matter Experts From IT, Facilities, Audit, Risk Management

    2.3 Identify tasks to close gaps (cont.)

    1. For each of the controls where there is a gap between the current and target state, a gap closure task should be identified:
    • Review the example tasks and copy one or more of them if appropriate. Otherwise, enter your own gap closure task.
  • Considerations for identifying gap closure tasks:
    • In small groups, have participants ask, “what would we have to do to achieve the target state?” Document these in the Gap Closure Tasks column.
    • The example gap closure tasks may be appropriate for your organization, but do not simply copy them without considering whether they are right for you.
    • Not all gaps require their own task. You can enter one task that may address multiple gaps.
    • Be aware that tasks that are along the lines of “investigate and make recommendations” may not fully close maturity gaps.
    this image contains a screenshot from Info-Tech's Zero Trust Program Gap Analysis Tool, with the following column heading highlighted and numbered: 1: Gap Closure Tasks

    Make sure that the Gap Closure Tasks are SMART (Specific, Measurable, Achievable, Realistic, Timebound).

    2.4 Define tasks and initiatives

    Estimated time 2-4 hours

    1. As a group, review the gap tasks identified in the Gap Analysis tab.
    2. Using the instructions on the following slides, finalize your tab “5. Task List.”
    3. Using the instructions on the following slides, review and consolidate your tab “6. Initiative List.”

    Download the Zero Trust Program Gap Analysis Tool

    Input

    • Gap analysis

    Output

    • Refined list of tasks
    • List of zero trust initiatives

    Materials

    • Zero Trust Program Gap Analysis Tool

    Participants

    • Security Team
    • Subject Matter Experts From IT, Facilities, Audit, Risk Management
    • Project Management Office

    2.4.1 Finalize your task list

    1. Define the gap closure task list in tab “5. Task List”:
      1. Obtain a list of all your tasks from Gap Closure Tasks column in tab “3. Gap Analysis.”
      2. Paste the list into the table in tab “5. Task List,” Task column.
    • Use Paste Values to retain the table formatting.
  • Consolidate tasks into initiatives when:
      • They have costs associated with them.
      • They require initial effort to implement and ongoing effort to maintain.
      • They must be accomplished dependently of other tasks.
    1. For each new initiative, create the initiative name on Initiative Name column in the tab “6. Initiative List.”
  • For tasks which are not incorporated into initiatives, enter a task owner and due date for each task.
  • this image contains a screenshot from Info-Tech's Zero Trust Gap analysis Tool with the following column headings highlighted and numbered: 1: Task; 2: Initiative Name; 3: (Task Owner; Due Date)

    Example: Initiative consolidation

    In the example below, we see three gap closure tasks within the Authentication process for the Identity pillar being consolidated into a single initiative “IAM modernization.”

    We can also see three gap closure tasks within the Micro Segmentation process for the Network pillar being grouped into another initiative “Network segmentation.”

    This image contains an example of Initiative Consolidation

    Info-Tech Insight

    As you go through this exercise, you may find that some tasks that you previously defined could be consolidated into an initiative.

    2.4.2 Finalize your initiative list

    1. As you go through this exercise, you may find that some tasks that you previously defined could be consolidated into an initiative.
    2. Review your final list of initiatives in tab “6. Initiative List” and make any required updates.
      1. Optionally, add a description or paste in a list of the individual gap closure actions that are associated with the initiative. This will make it easier to perform the cost and benefit analysis.
    3. Obtain a list of all gap closure tasks associated with an initiative by filtering the Initiative Name column in the Task List tab.
    4. Indicate the most appropriate pillar alignment for each initiative using the drop-down list.
      1. Refer to tab “5. Task List” for the pillar associated with an initiative under the Initiative Name column.

    This image contains a screenshot from Info-Tech's Zero Trust Program Gap Analysis Tool, the following column headings are numbered and highlighted: 1: Initiative Name; 2: Description; 3: Pillar

    If the list of tasks is too long for the Description column, then you can also shorten the name of the tasks or group several tasks to a more general task.

    2.5 Align initiatives to business goals and protect surfaces

    Estimated time 30-60 minutes

    1. Using the instructions on the following slides, align initiatives to business goals in tab “6. Initiative List.”
    2. Using the instructions on the following slides, align initiatives to protect surfaces in tab “6. Initiative List.”

    Download the Zero Trust Program Gap Analysis Tool

    Input

    • List of zero trust initiatives
    • Protect surfaces mapped to business objectives

    Output

    • List of zero trust initiatives aligned to business goals and protect surfaces

    Materials

    • Zero Trust Program Gap Analysis Tool

    Participants

    • Security Team
    • Subject Matter Experts From IT, Facilities, Audit, Risk Management
    • Project Management Office

    2.5.1 Align initiatives to business goals

    1. Indicate the most appropriate business goal(s) alignment for each initiative using the drop-down list in “Selection for Business Goal(s)” column.
      1. Use the legend to determine the most appropriate business goal(s).
    2. After that copy the selected business goal(s) to Business Goal(s) Alignment column.
    3. Then reset the selection using the blank cell in Selection for Business Goal(s) column.
    This image contains a screenshot from the Zero Trust Program Gap Analysis Tool, with the following column headings numbered: 1: Selection for Business Goal(s); Business Goals Alignment; 3: Selection for Business Goals

    2.5.2 Align initiatives to protect surfaces

    1. Indicate the most appropriate protect surface(s) for each initiative using the drop-down list in Selection for Protect Surface(s) column.
      1. Use the legend to determine the most appropriate protect surface(s).
    2. After that copy the selected protect surface(s) to Protect Surface(s) Coverage column.
    3. Reset the selection using the blank cell in Selection for Protect Surface(s) column.
    This image contains a screenshot from the Zero Trust Program Gap Analysis Tool, with the following column headings numbered: 1: Description; 2: Protect Surfaces Covered; 3: Selection for Protect Surfaces

    Phase 3

    Evaluate Candidate Solutions and Finalize Roadmap

    Build a Zero Trust Roadmap

    This phase will walk you through the following activities:

    • Define solution criteria.
    • Identify candidate solutions.
    • Evaluate candidate solutions.
    • Perform cost/benefit analysis.
    • Prioritize initiatives and build roadmap.

    This phase involves the following participants:

    • Security Team
    • Subject Matter Experts From IT, Finance, HR, Legal, Facilities, Compliance, Audit, Risk Management
    • Project Management Office

    3.1 Define solution criteria

    Estimated time 30-60 minutes

    1. As a group, review the scoring system within the Zero Trust Candidate Solutions Selection Tool.
    2. Customize the tool as required using the instructions on the following slides.

    Info-Tech Insight

    Don’t let your solution dictate your roadmap. Define your zero trust solution criteria before engaging in vendor selection.

    Download the Zero Trust Candidate Solutions Selection Tool

    Input

    • Zero trust initiative list

    Output

    • Zero trust candidate solutions

    Materials

    • Zero Trust Program Gap Analysis Tool
    • Zero Trust Candidate Solutions Selection Tool

    Participants

    • Security Team
    • Subject Matter Experts From IT

    3.1.1 Define compliance and solution evaluation criteria

    On the Setup tab, provide a weight for each evaluation criterion to evaluate the candidate solutions. You can use “0%” weight if that criterion is not required in your solution selection.

    1. Verify that the Description for each criterion is accurate.
    2. Provide weights for the compliance score and the solution score, which are the overall evaluation:
    • Compliance score consists of tenets score, pillar score, threat protection score, and trust algorithm score.
    • Solution score consists of features score, usability score, affordability score, and architecture score.
    This image contains a screenshot from the Zero Trust Candidate Solutions Selection Tool, which demonstrates how to define compliance and solution evaluation criteria.

    3.1.2 Define remaining evaluation criteria

    On the Setup tab, provide a weight for each evaluation criterion to evaluate the candidate solutions. You can use “0%” weight if that criterion is not required in your solution selection.

    1. Verify that the Description for each criterion is accurate.
    2. Provide weights for the remaining evaluation criteria:
    • Tenets: Considers how well each initiative aligns with zero trust principles.
    • Pillars: Considers how well each initiative aligns with zero trust pillars.
    • Threats: Considers what zero trust threats are relevant with the candidate solution.
    • Trust Algorithm: Considers trust evaluation factors, trust evaluation process score, and input coverage.
    • Cost Estimation: Considers initial costs, which are one-time, upfront capital investments (e.g. hardware and software costs), and ongoing cost, which is any annually recurring operating expenses that are new budgetary costs (e.g. licensing, maintenance, subscription fees).
    • Deployment Architecture: Considers the solutions deployment architecture capabilities.

    This image contains a screenshot from the Zero Trust Candidate Solutions Selection Tool, and demonstrates where to define additional evaluation data

    Review available candidate solutions

    this image contains a list of available candidate Solutions.  This list includes: Zero Trust Identity; Zero-Trust Application & Workloads; Zero-Trust Networks; Zero-Trust Devices; and Zero-Trust Data

    The Rapid Application Selection Framework is a comprehensive yet fast-moving approach to help you select the right software for your organization

    Five key phases sequentially add rigor to your selection efforts while giving you a clear, swift-flowing methodology to follow.

    Awareness Education & Discovery Evaluation Selection Negotiation & Configuration
    1.1 Proactively Lead Technology Optimization & Prioritization 2.1 Understand Marketplace Capabilities & Trends 3.1 Gather & Prioritize Requirements & Establish Key Success Metrics 4.1 Create a Weighted Vendor Selection Decision Model 5.1 Initiate Price Negotiation With Top
    1.2 Scope & Define the Selection Process for Each Selection Request Action 2.2 Discover Alternative Solutions & Conduct Market Education 3.2 Conduct a Data-Driven Comparison of Vendor Features & Capabilities 4.2 Conduct Investigative Interviews Focused on Mission Critical Priorities With Top 2-4 Vendors 5.2 Negotiate Contract Terms & Product Configuration Two Vendors Selected
    1.3 Conduct an Accelerated Business Needs Assessment 2.3 Evaluate Enterprise Architecture & Application Portfolio 3.3 Narrow the Field to Four Top Contenders 4.3 Validate Key Issues With Deep Technical Assessments, Trial Configuration & Reference Checks 5.3 Finalize Budget Approval & Project Implementation Timeline
    1.4 Align Stakeholder Calendars to Reduce Elapsed Time & Asynchronous Evaluation 2.4 Validate the Business Case 5.4 Invest in Training & Onboarding Assistance

    Download the Rapid Application Selection Framework research

    Evaluate software category leaders through vendor rankings and awards

    SoftwareReviews

    The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.

    The Data Quadrant Report

    Vendors are ranked by their Composite Score, based on individual feature evaluations, user satisfaction rankings, vendor capability comparisons, and likeliness to recommend the platform.

    Vendors ranked by their Composite Score

    The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.

    Emotional Footprint

    Vendors are ranked by their Customer Experience (CX) Score, which combines the overall Emotional Footprint rating with a measure of the value delivered by the solution.

    Vendors ranked by their Customer Experience (CX) Score

    Sample whiteboard activity

    • Place sticky notes on the zero trust tenet that matches with the identified candidate solution to produce “solution requirements” that can be used to develop an RFP.
    • A sample sticky note is provided below for privileged access management.

    This image contains a screenshot of a sample whiteboard activity which can be done using sticky notes.

    • The PAM solution should support MFA
    • Live session monitoring, audit, and reporting
    • Should have password vaulting to prevent privileged users from knowing the passwords to critical systems and resources

    3.2 Identify candidate solutions

    Estimated time 2 hours

    1. As a group, have the team review the candidate solutions within the Zero Trust Program Gap Analysis Tool.
    2. On tab 3 in the Zero Trust Candidate Solutions Selection Tool:
    • Review the candidate solutions within the Zero Trust Program Gap Analysis Tool. For example, the candidate solutions with multifactor authentication (MFA) options are authenticators with SMS, mobile application, smartcard, or token.

    Input

    • Candidate solutions for zero trust tasks and initiatives

    Output

    • Suitability evaluation of candidate solutions

    Materials

    • Zero Trust Program Gap Analysis Tool
    • Zero Trust Candidate Solutions Selection Tool

    Participants

    • Security Team
    • Subject Matter Experts From IT

    Info-Tech Insight

    Add a description associated with the candidate solution, e.g. reference link to vendors or manufacturers. This will make it easier to perform the evaluation.

    Download the Zero Trust Candidate Solutions Selection Tool

    3.2.1 Review candidate solutions

    1. Review the candidate solutions within the Zero Trust Program Gap Analysis Tool. For example, the candidate solutions with multifactor authentication (MFA) options are authenticators with SMS, mobile application, smartcard, or token.
    2. Enter candidate solutions to the Compliance Data Entry tab on the Solution column within the Zero Trust Candidate Solutions Selection Tool.
    3. Optionally, add a description associated with the candidate solution, e.g. reference link to vendors or manufacturers. This will make it easier to perform the evaluation.
    this image contains a screenshot of a sample candidate solution, which can be done using Info-Tech's Zero Trust Program Gap Analysis Tool

    3.3 Evaluate candidate solutions

    Estimated time 3 hours

    On the Scoring tab, evaluate solution features, usability, affordability, and architecture using the instructions on the following slides. This activity will produce a solution score that can be used to identify the suitability of a solution.

    Input

    • Candidate solutions

    Output

    • Candidate solutions scored

    Materials

    • Zero Trust Program Gap Analysis Tool
    • Zero Trust Candidate Solutions Selection Tool

    Participants

    • Security Team
    • Subject Matter Experts From IT

    Download the Zero Trust Candidate Solutions Selection Tool

    3.3.3 Evaluate solution scores

    After all candidate solutions are evaluated, the Solution Score column can be sorted to rank the candidate solutions. After sorting, the top solutions can be used on prioritization of initiatives on Zero Trust Program Gap Analysis Tool.

    1. On Features
      1. Enter Coverage.
      2. Enter Quality.
    2. Enter Usability.
    3. On Affordability
      1. Enter Initial Cost.
      2. Enter Ongoing Cost (annual).
    4. Enter Architecture.
    this image contains a screenshot of how you can sort the solution score column in Info-Tech's Zero Trust Program Gap Analysis Tool

    3.4 Perform cost/benefit analysis

    Estimated time 1-2 hours

    1. Assign costing and benefits information for each initiative, following the instructions on the next slide.
    2. Define dependencies or business impacts if they will help with prioritization.

    Input

    • Ranked candidate solutions
    • Gap analysis
    • Initiative list

    Output

    • Completed cost/benefit analysis for initiative list

    Materials

    • Zero Trust Program Gap Analysis Tool
    • Zero Trust Candidate Solutions Selection Tool

    Participants

    • Security Team
    • Subject Matter Experts From IT, Facilities, Audit, Risk Management
    • Project Management Office

    Download the Zero Trust Program Gap Analysis Tool

    3.4.1 Complete the cost/benefit analysis

    Use Zero Trust Program Gap Analysis Tool.

    1. On the Prioritization tab, use the drop-down lists to enter the estimated costs and efforts for each initiative, using the criteria defined earlier.
    • Use the result from candidate selection to define the estimated costs.
    • If you have actual costs available, you can optionally enter them under the Detailed Cost Estimates columns.
  • Enter the estimated benefits, also using the criteria defined earlier.
  • This image contains a screenshot of a cost/benefit analysis table which can be found in the Zero Trust Program Gap Analysis Tool

    The Cost / Effort Rating is calculated based on the weight defined on step 2.1.1. The Benefit Rating is calculated based on the weight defined on step 2.1.2.

    3.4.2 Optionally enter detailed cost estimates

    Use Zero Trust Program Gap Analysis Tool.

    1. For each initiative, the tool will automatically populate the Detailed Cost Estimates and Detailed Staffing Estimates columns using the averages that you provided in step 2.1.1. However, if you have more detailed data about the costs and effort requirements for an initiative, you can override the calculated data by manually entering it into these columns. For example:
    • You are planning to subscribe to a security awareness vendor, and you have a quote from them specifying that the initial cost will be $75,000.
    • You have defined your “Medium” cost range as being “$10-100K,” so you select medium as your initial cost for this initiative in step 3.4.1. As you defined the average for medium costs as being $50,000, this is what the tool will put into the detailed cost estimate.
    • You can override this average by entering $75,000 as the initial cost in the detailed cost estimate column.

    This image contains a screenshot of a sample cost/benefit table found in the Zero Trust Program Gap Analysis Tool.

    The Benefits-Cost column will give results after comparing the cost and the benefit. Negative value means that the cost outweighs the benefit. Positive value means that the benefit outweighs the cost. Zero value means that the cost equals the benefit.

    3.5 Prioritize initiatives

    Estimated time 2-3 hours

    1. As a group, review the results of the cost/benefit analysis. Optionally, complete the Other Considerations columns in the Prioritization tab:
    • Dependencies can refer to other initiatives on the list or any other dependency that relates to activities or projects within the organization.
    • Business impacts can be helpful to document as they may require additional planning and communication that could impact initiative timelines.
  • Follow step 3.5.1 to create a visual effort map for your organization.
  • Follow step 3.5.2 and 3.5.3 to refine the effort map’s visual output.
  • Input

    • Gap analysis
    • Initiative list
    • Cost/benefit analysis

    Output

    • Prioritized list of initiatives

    Materials

    • Zero Trust Program Gap Analysis Tool

    Participants

    • Security Team
    • IT Leadership
    • Project Management Office

    Download the Zero Trust Program Gap Analysis Tool

    3.5.1 Create a visual effort map for your organization

    1 hour

    An effort map is a tool used for the visualization of a cost and benefit analysis. It is a quadrant output that visually shows how your gap initiatives were prioritized based on tab 7 in the Zero Trust Program Gap Analysis Tool.

    1. Establish the axes and colors for your effort map:
      1. X-axis represents the Benefit value from column J
      2. Y-axis represents the Cost/Effort value from column H
      3. Sticky note color is determined using the Alignment to Business value from column I
    2. Create sticky notes for each initiative and place them on the effort map or whiteboard based on the axes you have created with the help of your team.
    3. As you place initiatives on the visual effort map, discuss and modify rankings based on team member input.

    this image contains a sample visual effort map which can be found in the Zero Trust Program Gap Analysis Tool.

    Input

    • Outputs from activities 3.4.1 and 3.4.2

    Output

    • High-level prioritization for each of the gap-closing initiatives
    • Visual representation of quantitative values

    Materials

    • Zero Trust Program Gap Analysis Tool (tab 7)
    • Sticky notes
    • Markers
    • Whiteboard

    Participants

    • Security Team
    • IT Leadership
    • Project Management Office

    3.5.2 Refine the effort map’s visual output

    1 hour

    Once the effort map is complete, work to further simplify the visual output by categorizing initiatives based on the quadrant in which they have been placed.

    1. Before moving forward with the initiative wave prioritization (activity 3.7), identify any initiatives listed across all quadrants that are required as a part of compliance and mark with a sticky dot.
    2. Document these initiatives as Execution Wave 1.

    this image contains a screenshot of a refined visual effort map, which can be done by following the instructions in this section.

    Input

    • Outputs from activity 3.5.1

    Output

    • Prioritization for each of the gap-closing initiatives
    • First execution wave of gap-closing initiatives

    Materials

    • Zero Trust Program Gap Analysis Tool (tab 7)
    • Sticky notes
    • Sticky dots
    • Markers
    • Whiteboard

    Participants

    • Security Team
    • IT Leadership
    • Project Management Office

    3.5.3 Refine the effort map’s visual output

    30 minutes

    1. Use a separate area of the whiteboard to draw out four to five Execution Wave columns.
    2. Group initiatives into each Execution Wave column based on their placement within the quadrant from activities 3.5.1 and 3.5.2.
      1. Ensure that all identified mandatory activities as per governing privacy law fall within the first wave.
      2. Leverage the following 0-4 Execution Wave scale:
        1. Underway –Initiatives that are already underway
        2. Must Do – Initiatives that must happen right away
        3. Should Do – Initiatives that should happen but need more time/support
        4. Could Do – Initiatives that are not a priority
        5. Won’t Do – Initiatives that likely won’t be carried out
    3. Indicate the granular level for each execution wave using the a-z scale.
    • Use the lettering to track dependencies between initiatives.
      • If one must take place before another, ensure that its letter comes first alphabetically.
      • If multiple initiatives must take place at the same time, use the same letter to show they will take place in tandem.

    This image depicts the sample output for a refined visual effort map

    Input

    • Outputs from activity 3.5.2

    Output

    • Prioritization for each of the gap-closing initiatives
    • First execution wave of gap-closing initiatives

    Materials

    • Zero Trust Program Gap Analysis Tool (tab 7)
    • Sticky notes
    • Sticky dots
    • Markers
    • Whiteboard

    Participants

    • Security Team
    • IT Leadership
    • Project Management Office

    Wave assignment example

    In the example below, we see “IAM modernization” was assessed as 9 on cost/effort rating and 5 on benefit rating and its Benefits-Cost has a positive value of 1. We can label this as SHOULD DO (wave 2).

    We can also see “Network segmentation” was assessed as 6 on cost/effort rating and 4 on benefit rating and its Benefits-Cost has a positive value of 2. We can label this as MUST DO (wave 1).

    We can also see “Unified Endpoints Management” was assessed as 8 on cost/effort rating and 2 on benefit rating and its Benefits-Cost has a negative value of -4. We can label this as WON’T DO (no wave).

    We can also see “Data Protection” was assessed as 4 on cost/effort rating and 2 on benefit rating and its Benefits-Cost has a zero value. We can label this as COULD DO (wave 3).

    This image depicts a sample wave assignment output, discussed in this section.

    It is recommended to define the threshold of each wave based on the value of Benefits-Cost before assigning waves.

    3.6 Build roadmap

    Estimated time 2-3 hours

    1. As a group, follow step 3.6.1 to create your roadmap by scheduling initiatives into the Gantt chart within the Zero Trust Program Gap Analysis Tool.
    2. Review the roadmap for resourcing conflicts and adjust as required.
    3. Review the final cost and effort estimates for the roadmap.

    Input

    • Gap analysis
    • Cost/benefit analysis
    • Prioritized initiative list

    Output

    • Zero trust roadmap

    Materials

    • Zero Trust Program Gap Analysis Tool

    Participants

    • Security Team
    • IT Leadership
    • Project Management Office

    Download the Zero Trust Program Gap Analysis Tool

    3.6.1 Schedule initiatives using the Gantt chart

    1. On the Gantt Chart tab for each initiative, enter an owner (the role who will be primarily responsible for execution).
    2. Additionally, enter a start month and year for the initiative and the expected duration in months.
    • You can filter the Wave column to only see specific waves at any one time to assist with the scheduling.
    • You do not need to schedule Wave 4 initiatives as the expectation is that these initiatives will not be done.
    • This Image contains a screenshot of the Gantt Chart, with the following column headings highlighted and numbered: 1: Owner; 2: Expected Duration

    3.6.2 Review your roadmap

    1. When you have completed the Gantt chart, as a group review the overall roadmap to ensure that it is reasonable for your organization. Consider the following:
    • Do you have other IT or business projects planned during this time frame that may impact your resourcing or scheduling?
    • Does your organization have regular change freezes throughout the year that will impact the schedule?
    • Do you have over-subscribed resources? You can filter the list on the Owner column to identify potential over-subscription of resources.
    • Have you considered any long vacations, sabbaticals, parental leaves, or other planned longer-term absences?
    • Are your initiatives adequately aligned to your budget cycle? For instance, if you have an initiative that is expected to make recommendations for capital expenditure, it must be completed prior to budget planning.

    This image depicts an example roadmap which can be created following the use of the Gantt Chart

    3.6.3 Review your cost/effort estimates table

    1. Once you have completed your roadmap, review the total cost/effort estimates. This can be found in a table on the Results tab. This table will provide initial and ongoing costs and staffing requirements for each wave. This also includes the total three-year investment. In your review consider:
    • Is this investment realistic? Will completion of your roadmap require adding more staff or funding than you otherwise expected?
    • If the investment seems unrealistic, you may need to revisit some of your assumptions, potentially reducing target levels or increasing the amount of time to complete the strategy.

    This table provides you with the information to have important conversations with management and stakeholders.

    This image contains an example of the Zero Trust Roadmap Cost/Effort Estimates.  The column headings are as follows: Wave; Number of Initiatives; Initial Implementation - Cost; Initial Implementation - Effort; Ongoing Maintenance - Cost; Ongoing Maintenance - Effort.  A separate table is shown with the column heading: Estimated Total Three Year Investment

    Phase 4

    Formulate Policies for Roadmap Initiatives

    Build a Zero Trust Roadmap

    This phase will walk you through the following activities:

    • Formulate zero trust policies for critical DAAS elements.
    • Formulate zero trust policies to secure a path to access critical DAAS elements.

    This phase involves the following participants:

    • CIO
    • CISO
    • Business Executives
    • IT Manager
    • Security Team

    Understand the zero trust policy

    Use the Kipling methodology as a vendor agnostic approach to identify appropriate allow list elements when deploying multiple zero trust solutions.
    The policies help to prevent lateral movement.

    Who Who should access a resource? Here, the user ID that identifies the users through the principle of least privilege is allowed access to a particular resource. The authentication policy will be used to verify identity of a user when access request to a resource is made. Who requires MFA?
    What What application is used to access the resource? Application ID to identify applications that are only allowed on the network. Port control policies can be used for the application service.
    When When do users access the resource? Policy that identifies and enforces time schedule when an application accessed by users is used.
    Where Where is the resource located? The location of the destination resource should be added to the policy and, where possible, restrict the source of the traffic either by zone and/or IP address.
    Why Why is the data accessed? Data classification should be done to know why the data needs protection and the type of protection (data filtering).
    How How should you allow access to the resource? This covers the protection of the application traffic. Principle of least privilege access, log all traffic, configure security profiles, NGFW, decryption and encryption, consistent application of policy and threat prevention across all locations for all local and remote users on managed and unmanaged endpoints are ways to apply content-ID.

    Info-Tech Insight

    The success of a zero trust implementation relies on enforcing policies consistently. Applying the Kipling methodology to the protect surface is the best way to design zero trust policies.

    4.1.1 Formulate policy

    Estimated time 1-2 hours

    1. As a group, review the protect surface(s) identified in phase one, and using the Kipling methodology from the previous slide, formulate a policy. Each policy can be reviewed repeatedly until we are sure it satisfies the goal.
    2. The policy created should be consistent for both cloud and on-prem environments.
    3. As an example, let's use the healthcare scenario found in tab 3 of the Zero Trust Protect Surface Mapping Tool. The protect surface used is "Automated Medication Dispensing." Another example will be "Salesforce" accessed via the cloud.
    Who What When Where Why How
    Method User-ID App-ID Time limit System Object Classification Content-ID
    On-Prem Pyxis_Users Pyxis Any Pyxis_server Severe (high value data) Decrypt, Inspect, log traffic
    Cloud Sales Salesforce Working hours Canada Severe (high value data) Decrypt, Inspect, log traffic

    Input

    • Kipling methodology
    • Protect surface

    Output

    • Zero trust policy

    Materials

    • Whiteboard/Flip Charts
    • Zero Trust Protect Surface Mapping Tool

    Participants

    • CIO
    • CISO
    • Business Executives
    • IT Manager
    • Security Team

    4.1.2 Apply policy

    1-2 hours

    1. Place each protect surface in its own microperimeter. Each microperimeter should be segmented by a next-generation firewall or authentication broker that will serve as a segmentation gateway.
    2. Name the microperimeter and place it on a firewall.

    Input

    • Kipling methodology
    • Protect surface

    Output

    • Zero trust policy

    Materials

    • Whiteboard/Flip Charts
    • Sticky Notes
    • Zero Trust Protect Surface Mapping Tool

    Participants

    • CIO
    • CISO
    • Business Executives
    • IT Manager
    • Security Team

    Microperimeter A
    Protect Surface:
    DAAS Elements:

    Who What When Where Why How
    Method User-ID App-ID Time limit System Object Classification Content-ID

    Microperimeter B
    Protect Surface:
    DAAS Elements:

    Who What When Where Why How
    Method User-ID App-ID Time limit System Object Classification Content-ID

    Microperimeter C
    Protect Surface:
    DAAS Elements:

    Who What When Where Why How
    Method User-ID App-ID Time limit System Object Classification Content-ID

    4.2 Secure a path to access critical DAAS elements

    How should you allow access to the resource?

    This component makes up the final piece of formulating the policies as it applies the protection of the application traffic.

    The principle of least privilege is applied to the security policy to only allow access requests and restrict the access to the purpose it serves. This access request is then logged as well as the traffic (both internal and external). Most firewalls (NGFW) have policy rules that, by default, enable logging.

    Segmentation gateways (NGFW, VM-series firewalls, agent-based and clientless VPN solutions), are used to apply zero trust policy (Kipling methodology) in the network, cloud, and endpoint (managed and unmanaged) for all local and remote users.

    These policies need to be applied to security profiles on all allowed traffic. Some of these profiles include but are not limited to the following: URL filtering profile for web access and protect against phishing attacks, vulnerability protection profile intrusion prevention systems, anti spyware profiles to protect against command-and-control threats, malware and antivirus profile to protect against malware, and a file blocking profile to block and/or alert suspicious file types.

    Good visibility on your network can also be tied to decryption as you can inspect traffic and data to the lowest level possible that is generally accepted by your organization and in compliance with regulation.

    Conceptualized flow

    With users working from anywhere on managed and unmanaged devices, access to the internet, SAAS, public cloud, and the data center will have consistent policies applied regardless of their location.

    The policy is validating that the user is who they say they are based on the role profile, what they are trying to access to make sure their role or attribute profile has the appropriate permission to the application, and within the stipulated time limit. Where the data or application is located is also verified and the why needs to be satisfied before the requested access is granted. Based on the mentioned policies, the how element is then applied throughout the lifecycle of the access.

    Who

    (Internet)

    What

    (SAAS)

    When

    Where

    (Public Cloud)

    Why

    How

    (Data Center)

    Method User-ID App-ID Time limit System Object Classification Content-ID
    On-Prem Pyxis_Users Pyxis Any Pyxis_server Severe (high value data) Decrypt, Inspect, log traffic
    Cloud Sales Salesforce Working hours Canada Severe (high value data) Decrypt, Inspect, log traffic

    Phase 5

    Monitor Zero Trust Roadmap Deployment

    Build a Zero Trust Roadmap

    This phase will walk you through the following activities:

    • Establish metrics for roadmap tasks.
    • Track metrics for roadmap tasks.

    This phase involves the following participants:

    • Security Team
    • Subject Matter Experts From IT, HR, Legal, Facilities, Compliance, Audit, Risk Management
    • Project Management Office

    5.1 Establish metrics for roadmap tasks

    Estimated time 2 hours

    1. On tab “2. Task & Metric Register” of the Zero Trust Progress Monitoring Tool, identify metrics to measure implementation and efficacy of tasks
    2. On tab “2. Task & Metric Register” of the Zero Trust Progress Monitoring Tool, document metric metadata.
    3. On the Prioritization tab, use the drop-down lists to enter the estimated costs and efforts for each initiative, using the criteria defined earlier.
    • If you have actual costs available, you can optionally enter them under the Detailed Cost Estimates columns.
  • Enter the estimated benefits, also using the criteria defined earlier.
  • Input

    • Zero trust roadmap task list

    Output

    • Metrics for measuring zero trust task implementation and efficacy

    Materials

    • Zero Trust Progress Monitoring Tool

    Participants

    • Security Team
    • Subject Matter Experts From IT, HR, Legal, Facilities, Compliance, Audit, Risk Management
    • Project Management Office

    Download the Zero Trust Progress Monitoring Tool

    5.1.1 Identify metrics to measure implementation and efficacy of tasks

    Estimated time 3-4 hours

    1. On tab “2. Task & Metric Register” of the Zero Trust Progress Monitoring Tool, for each section defined in columns C and D, enter zero trust implementation tasks into column E. If you completed the Zero Trust Program Gap Analysis Tool, use the tasks identified there to populate column E.
    2. For each task, identify in column F any metrics that will communicate implementation progress and/or implementation efficacy.
    • If multiple metrics are needed for a single task, we recommend expanding the size of the row and adding additional metrics onto a new line in the same row. A sample is provided in the tool.

    this image contains a screenshot of tab 2 in the Zero Trust Progress Monitoring Tool

    Info-Tech Insight

    To measure the efficacy of a zero trust implementation, ensure you know what a successful zero trust implementation means for your organization, and define metrics that demonstrate whether that success is being realized.

    5.1.2 Document metric metadata

    Estimated time 1-2 hours

    For each metric defined in step 4.1.1:

    1. Identify in column G whether the metric can be measured now (Phase 1), measured in a few months’ time (Phase 2), or measured in a few years’ time (Phase 3).
    2. Identify in columns H through M who is responsible for collecting the metric (Person Source), who/what is consulted to collect the metric (Technology Source), who compiles the collected metric into dashboards and presentations (Compiler), and who is informed of the measurement of the metric (Audience).
    • Add more columns under the Audience category if needed.
    • Use “X” to identify if an audience group will be informed of the measurement of the metric.
  • Identify in columns N through P the target for the metric (Metric Target), the effort it takes to collect the metric (Effort to Collect), the frequency with which the organizations plans to collect the metric (Frequency of Collection), and any comments that people should know when collecting, compiling, or presenting metrics.
  • This image contains a screenshot from the Zero Trust Progress Monitoring Tool, with the following column headings numbered: 1: Priority; 2: Roles and Responsibilities; 3: effort to collect; frequency of collection; Metric Target; Comments

    5.2 Track and report metrics

    Estimated time 2 hours

    1. In the Zero Trust Progress Monitoring Tool, copy and paste metrics you plan to track in the tool from column F on tab 2 to column B on tab 3.
    2. Use tab 3 to identify collection frequency, metric target, and measurements collected for each metric. Add notes or comments to each metric or measurement to track contextual elements that could affect metric measurements.
    3. Leverage the graphs on tab 4 to communicate metrics to the appropriated audience groups, as defined in tab 2.

    Input

    • Metrics for measuring zero trust task implementation and efficacy

    Output

    • Metric data and graphs for presenting zero trust implementation metrics to audience groups

    Materials

    • Zero Trust Progress Monitoring Tool

    Participants

    • Security Team
    • Subject Matter Experts From IT, HR, Legal, Facilities, Compliance, Audit, Risk Management
    • Project Management Office

    Download the Zero Trust Progress Monitoring Tool

    5.2.1 Record baseline measurements for metrics

    Estimated time 1-2 hours

    On tab “3. Track Metrics” of the Zero Trust Progress Monitoring Tool:

    1. Copy and paste the metrics from Column F on tab “2. Task & Metric Register” that you want to track into Column B of this tab.
    2. For each metric, record the frequency of collection (Collection Frequency) and the metric target (Target) by referencing columns O and P on tab “2. Task & Metric Register.”
    3. Begin to record baseline/initial values for each metric in column E. Rename columns to match your highest frequency of collection.
      (e.g. if any metric is being measured monthly, there should be one column per month)
    4. Over time, conduct measurements of your metrics and store them in the table below.
    5. Add notes, as necessary.

    this image contains a screenshot of tab 3 of the Zero Trust Progress Monitoring Tool, with the following column headings numbered: 1: Your Metrics; 2: Collection Frequency; Target; 3: Jan; 4: Metric Measurements; 5: Notes

    5.2.2 Report metric health to audience groups

    Estimated time 1-2 hours

    On tab “4. Graphs” of the Zero Trust Progress Monitoring Tool:

    1. The Overall Metric Health gauge at the top of this tab presents the average percentage away from meeting metric targets for all metrics being tracked. To calculate this value, the differences between the most recent measurements and target values for each metric are averaged.
    2. Below the Overall Metric Health gauge, use the drop-down list in cell D9 to select one of the metrics from tab “3. Track Metrics.”
    3. Six different graphic representations of the tracked data for the selected metric will populate.

    Copy and paste desired graphs into presentations for audience members identified in step 5.1.2.

    This image contains a screenshot from tab “4. Graphs” of the Zero Trust Progress Monitoring Tool:

    5.3 Build a communication deck

    Estimated time 2 hours

    Leverage the Zero Trust Communication Deck to showcase the work that you have done in the tools and activities associated with this research.

    In this communication deck template, you will find the following sections:

    • Introduction
    • Protect Surfaces
    • Zero Trust Gap Analysis
    • Zero Trust Initiatives & Tasks

    Input

    • Protect surfaces mapped to business goals
    • Zero trust program gap analysis
    • Zero trust roadmap initiatives and tasks
    • Zero trust metrics

    Output

    • Communication deck for zero trust strategy

    Materials

    • Zero Trust Communication Deck

    Participants

    • Security Team
    • Subject Matter Experts From IT, HR, Legal, Facilities, Compliance, Audit, Risk Management
    • Project Management Office

    Download the Zero Trust Communication Deck

    Summary of Accomplishment

    Knowledge Gained

    • Knowledge of protect surfaces and the business goals protecting them supports
    • Comprehensive knowledge of zero trust current state and summary initiatives required to achieve zero trust objectives
    • Assessment of which solutions for zero trust tasks and initiatives are the most appropriate for the organization
    • A defined set of security metrics assessing zero trust implementation progress and efficacy

    Deliverables Completed

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information

    workshops@infotech.com

    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

    Contact your account representative for more information.

    This is a picture of an Info-Tech Account Representative
    workshops@infotech.com 1-888-670-8889

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Zero Trust Program Gap Analysis Tool

    This is a screenshot from the Zero Trust Program Gap Analysis Tool

    Assess current security capabilities and build a roadmap of tasks and initiatives that close maturity gaps.

    Zero Trust Progress Monitoring Tool

    This is a screenshot from the Zero Trust Progress Monitoring Tool

    Identify and track metrics for zero trust tasks and initiatives.

    Research Contributors

    • Aaron Benson, CME Group, Director of IAM Governance
    • Brad Mateski, Zones, Solutions Architect for CyberSecurity
    • Bob Smock, Info-Tech Research Group, Vice President of Consulting
    • Dr. Chase Cunningham, Ericom Software, Chief Strategy Officer
    • John Kindervag, ON2IT Cybersecurity, Senior Vice President, Cybersecurity Strategy and ON2IT Group Fellow
    • John Zhao, Fonterra, Enterprise Security Architect
    • Rongxing Lu, University of New Brunswick, Associate Professor
    • Sumanta Sarkar, University of Warwick, Assistant Professor
    • Tim Malone, J.B. Hunt Transport, Senior Director Information Security
    • Vana Matte, J.B. Hunt Transport, Senior Vice President of Technology Services

    Related Info-Tech Research

    This is a screenshot from Info-Tech's Build an Information Security Strategy

    Build an Information Security Strategy

    Info-Tech has developed a highly effective approach to building an information security strategy – an approach that has been successfully tested and refined for over seven years with hundreds of organizations. This unique approach includes tools for ensuring alignment with business objectives, assessing organizational risk and stakeholder expectations, enabling a comprehensive current-state assessment, prioritizing initiatives, and building out a security roadmap.

    This is a screenshot from Info-Tech's Determine Your Zero Trust Readiness.

    Determine Your Zero Trust Readiness

    IT security was typified by perimeter security. However, the way the world does business has mandated a change to IT security. In response, zero trust is a set of principles that can add flexibility to planning your IT security strategy.

    Use this blueprint to determine your zero trust readiness and understand how zero trust can benefit both security and the business.

    This is a screenshot from Info-Tech's Mature Your Identity and Access Management Program

    Mature Your Identity and Access Management Program

    Many organizations are looking to improve their identity and access management (IAM) practices but struggle with where to start and whether all areas of IAM have been considered. This blueprint will help you improve the organization's identity and access management practices by following our three-phase methodology:

    • Assess identity and access requirements
    • Identify initiatives using the identity lifecycle
    • Prioritize initiatives and build a roadmap

    Bibliography

    • “2021 Data Breach Investigations Report.” Verizon, 2021. Web.
    • “A Zero-Trust Strategy Has 3 Needs - Identify, Authenticate, and Monitor Users and Devices On and Off The Network.” Fortinet, 15 July 2021. Web.
    • “Applying Zero Trust Principles to Enterprise Mobility.” CISA, March 2022. Web.
    • Biden Jr., Joseph R. “Executive Order on Improving the Nation’s Cybersecurity.” The White House, 12 May 2021. Web.
    • “CISA Zero Trust Maturity Model.” CISA - Cybersecurity Division, June 2021. Web.
    • “Continuous Diagnostics and Mitigation Program Overview.” CISA, Jan. 2022. Web.
    • Contributor. “The Five Business Benefits of a Zero Trust Approach to Security.” Security Brief - Australia, 19 Aug. 2020. Web.
    • “Cost of a Data Breach Report 2021.” IBM, July 2021. Web.
    • English, Melanie. “5 Stats That Show The Cost Saving Effect of Zero Trust.” Teramind, 29 Sept. 2021. Web.
    • “Improve Application Access and Security With Fortinet Zero Trust Network Access.” Fortinet, 2 March 2021. Web.
    • “Incorporating Zero-trust Strategies for Secure Network and Application Access.” Fortinet, 21 July 2021. Web.
    • Jakkal, Vasu. “Zero Trust Adoption Report: How Does Your Organization Compare?” Microsoft, 28 July 2021. Web.
    • “Jericho Forum™ Commandments.” The Open Group, Jericho Forum, May 2007. Web.
    • Johnson, Derrick. “Zero Trust vs. SASE - Here's What You Need to Know.” Security Magazine, 23 July 2021. Web.
    • Joint Defense Information Systems Agency (DISA) and National Security Agency (NSA) Zero Trust Engineering Team. “Department of Defense (DOD) Zero Trust Reference Architecture.” DoD CIO, Feb. 2021. Web.
    • Kay, Dennis. “Planning for a Zero Trust Architecture Target State.” NASA, NIST, 13 Nov. 2019. Web.
    • National Security Agency. “Embracing a Zero Trust Security Model.” U.S. Department of Defense, Feb. 2021. Web.
    • NSTAC. “Draft Report to the President - Zero Trust and Trusted Identity Management.” CISA, NSTAC, n.d. Web.
    • Rose, Scott W., et al. “Zero Trust Architecture.” NIST, 10 Aug. 2020. Web.
    • “Securing Digital Innovation Demands Zero-Trust Access.” Fortinet, 15 July 2021. Web.
    • Shackleford, Dave. “How to Create a Comprehensive Zero Trust Strategy.” SANS, Cisco, 2 Sept. 2020. Web.
    • “The CISO’s Guide to Effective Zero-Trust Access.” Fortinet, 28 April 2021. Web.
    • “The State of Zero Trust Security 2021.” Okta, June 2021. Web.
    • Kerman, Alper, et al. “Implementing a Zero Trust Architecture.” NIST - National Cybersecurity Center of Excellence, March 2020. Web.
    • Kindervag, John. “Keynote - John KINDERVAG - 021622.” Vimeo, VIRTUAL Eastern | CyberSecurity Conference, 16 Feb. 2022. Web.
    • Lodewijkx, Koos. “IBM CISO Perspective: Zero Trust Changes Security From Something You Do to Something You Have.” SecurityIntelligence, IBM, 19 Nov. 2020. Web.
    • VB Staff. “Report: Only 21% of Enterprises Use Zero Trust Architecture.” VentureBeat, 15 Feb. 2022. Web.
    • Young, Shalanda D. “Moving the U.S. Government Toward Zero Trust Cybersecurity Principles.” The White House, EXECUTIVE OFFICE OF THE PRESIDENT - OFFICE OF MANAGEMENT AND BUDGET, 26 Jan. 2022. Web.
    • “Zero Trust Access.” Fortinet, n.d. Web.
    • “Zero Trust Architecture Technical Exchange Meeting.” NIST - National Cybersecurity Center of Excellence, 12 Nov. 2019. Web.
    • “Zero Trust Cybersecurity Current Trends.” ACT-IAC, 18 April 2019. Web.
    • “Zero-Trust Access for Comprehensive Visibility and Control.” Fortinet, 24 Sep. 2020. Web.

    Excel Through COVID-19 With a Focused Business Architecture

    • Buy Link or Shortcode: {j2store}604|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Strategy & Operating Model
    • Parent Category Link: /strategy-and-operating-model
    • Business architecture, including value stream and business capability models, is the tool you need to reposition your organization for post-COVID-19 success.
    • Your business architecture model represents your strategic business components. It guides the development of all other architectures to enable new and improved business function.
    • Evaluating your current business architecture, or indeed rebuilding it, creates a foundation for facilitated discussions and target state alignment between IT and the senior C-suite.
    • New projects and initiatives during COVID-19 must evolve business architecture so that your front-line workers and your customers are supported through the resolution of the pandemic. Specifically, your projects and initiatives must be directly traced to evolving your architecture.
    • Business architecture anchors downstream architectural iterations and initiatives. Measure business capability enablement results directly from projects and initiatives using a business architecture model.

    Our Advice

    Critical Insight

    • Focus on your most disruptive, game-changing innovations that have been on the backburner for some time. Here you will find the ingredients for post-pandemic success.

    Impact and Result

    • Craft your business architecture model, aligned to the current climate, to refocus on your highest priority goals and increase your chances of post-COVID-19 excellence.

    Excel Through COVID-19 With a Focused Business Architecture Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Create minimum viable business architecture

    Create your minimum viable business architecture.

    • Excel Through COVID-19 With a Focused Business Architecture Storyboard
    • Excel Through COVID-19 With a Focused Business Architecture – Healthcare
    • Excel Through COVID-19 With a Focused Business Architecture – Higher Education
    • Excel Through COVID-19 With a Focused Business Architecture – Manufacturing
    • Business Capability Modeling

    2. Identify COVID-19 critical capabilities for your industry

    If there are a handful of capabilities that your business needs to focus on right now, what are they?

    3. Brainstorm COVID-19 business opportunities

    Identify business opportunities.

    4. Enrich capability model with COVID-19 opportunities

    Enrich your capability model.

    [infographic]

    Build Your Enterprise Application Implementation Playbook

    • Buy Link or Shortcode: {j2store}605|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Selection & Implementation
    • Parent Category Link: /selection-and-implementation
    • Given the increasing complexity of software implementations, you are continually challenged with staying above water with your current team.
    • In addition, rapid changes in the business make maintaining project sponsors’ engagement challenging.
    • Project sprawl across the organization has created a situation where each project lead tracks progress in their own way. This makes it difficult for leadership to identify what was successful – and what wasn’t.

    Our Advice

    Critical Insight

    An effective enterprise application implementation playbook is not just a list of steps, but a comprehensive view of what is necessary to support your implementation. This starts with a people-first approach. Start by asking about sponsors, stakeholders, and goals. Without asking these questions first, the implementation will be set up for failure, regardless of the technology, processes, and tools available.

    Impact and Result

    Follow these steps to build your enterprise application playbook:

    • Define your sponsor, map out your stakeholders, and lay out the vision, goals and objectives for your project.
    • Detail the scope, metrics, and the team that will make it happen.
    • Outline the steps and processes that will carry you through the implementation.

    Build Your Enterprise Application Implementation Playbook Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build Your Enterprise Application Implementation Playbook Deck - Your implementation doesn’t start with technology, but with an effective plan that the team can align on.

    This blueprint provides the steps necessary to build your own enterprise application implementation playbook that can be deployed and leveraged by your implementation teams.

    • Build Your Enterprise Application Implementation Playbook – Phases 1-3

    2. Your Enterprise Application Implementation Playbook – The key output from leveraging this research is a completed implementation playbook.

    This is the main playbook that you build through the exercises defined in the blueprint.

    • Your Enterprise Application Implementation Playbook

    3. Your Enterprise Application Implementation Playbook - Timeline Tool – Supporting tool that captures the project timeline information, issue log, and follow-up dashboard.

    This tool provides input into the playbook around project timelines and planning.

    • Your Enterprise Application Implementation Playbook - Timeline Tool

    4. Light Project Change Request Form Template – This tool will help you record the requested change, allow assess the impact of the change and proceed the approval process.

    This provides input into the playbook around managing change requests

    • Light Project Change Request Form Template

    Infographic

    Workshop: Build Your Enterprise Application Implementation Playbook

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand the Project

    The Purpose

    Lay out the overall objectives, stakeholders, and governance structure for the project.

    Key Benefits Achieved

    Align everyone on the sponsor, key stakeholders, vision, and goals for your project

    Activities

    1.1 Select the project sponsor.

    1.2 Identify your stakeholders.

    1.3 Align on a project vision.

    1.4 List your guiding principles.

    1.5 Confirm your goals and objectives for the implementation project.

    1.6 Define the project governance structure.

    Outputs

    Project sponsor has been selected.

    Project stakeholders have been identified and mapped with their roles and responsibilities.

    Vision has been defined.

    Guiding principles have been defined.

    Articulated goals and objectives.

    Detailed governance structure.

    2 Set up for Success

    The Purpose

    Define the elements of the playbook that provide scope and boundaries for the implementation.

    Key Benefits Achieved

    Align the implementation team on the scope for the project and how the team should operate during the implementation.

    Activities

    2.1 Gather and review requirements, with an agreed to scope.

    2.2 Define metrics for your project.

    2.3 Define and document the risks that can impact the project.

    2.4 Establish team composition and identify the team.

    2.5 Detail your OCM structure, resources, roles, and responsibilities.

    2.6 Define requirements for training.

    2.7 Create a communications plan for stakeholder groups and delivery teams.

    Outputs

    Requirements for enterprise application implementation with an agreed-to scope.

    Metrics to help measure what success looks like for the implementation.

    Articulated list of possible risks during the implementation.

    The team responsible and accountable for implementation is identified.

    Details of your organization’s change management process.

    Outline of training required.

    An agreed-to plan for communication of project status.

    3 Document Your Plan

    The Purpose

    With the structure and boundaries in place, we can now lay out the details on the implementation plan.

    Key Benefits Achieved

    A high-level plan is in place, including next steps and a process on running retrospectives.

    Activities

    3.1 Define your implementation steps.

    3.2 Create templates to enable follow-up throughout the project.

    3.3 Decide on the tracking tools to help during your implementation.

    3.4 Define the follow-up processes.

    3.5 Define project progress communication.

    3.6 Create a Change request process.

    3.7 Define your retrospective process for continuous improvement.

    3.8 Prepare a closure document for sign-off.

    Outputs

    An agreed to high-level implementation plan.

    Follow-up templates to enable more effective follow-ups.

    Shortlist of tracking tools to leverage during the implementation.

    Defined processes to enable follow-up.

    Defined project progress communication.

    A process for managing change requests.

    A process and template for running retrospectives.

    A technique and template for closure and sign-off.

    Further reading

    Build Your Enterprise Application Implementation Playbook

    Your implementation doesn’t start with technology, but with an effective plan that the team can align on.

    Analyst Perspective

    Your implementation is not just about technology, but about careful planning, collaboration, and control.

    Recardo de Oliveira

    A successful enterprise application implementation requires more than great software; it requires a clear line of sight to the people, processes, metrics, and tools that can help make this happen.

    Additionally, every implementation is unique with its own set of challenges. Working through these challenges requires a tailored approach taking many factors into account. Building out your playbook for your implementation is an important initial step before diving head-first into technology.

    Regardless of whether you use an implementation partner, a playbook ensures that you don’t lose your enterprise application investment before you even get started!

    Ricardo de Oliveira

    Research Director,
    Application Delivery and Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • Given the increasing complexity of software implementations, you are continually challenged with staying above water with your current team.
    • Rapid changes in the business make maintaining project sponsors’ engagement challenging.
    • Project sprawl across the organization has created a situation where project leads track progress in their own way. This makes it difficult for leadership to identify what was successful (and what wasn’t).

    Common Obstacles

    • Your best process experts are the same people you need to keep the business running. The business cannot afford to have its best people pulled into the implementation for long periods of time.
    • Enterprise application implementations generate huge organizational changes and the adoption of the new systems and processes resulting from these projects are quite difficult.
    • People are generally resistant to change, especially large, transformational changes that will impact the day-to-day way of doing things.

    Info-Tech's Approach

    • Build your enterprise application implementation playbook. Follow these steps to build your enterprise application playbook:
      • Define your sponsor, map out your stakeholders, and lay out the vision, goals, and objectives for your project.
      • Detail the scope, metrics, and the team that will make it happen.
      • Detail the steps and processes that will carry you through the implementation

    Info-Tech Insight

    An effective enterprise application implementation playbook is not just a list of steps; it is a comprehensive view of what is necessary to support your implementation. This starts with a people-first approach. Start by asking about sponsors, stakeholders, and goals. Without asking these questions first, the implementation will be set up for failure, regardless of the technology, processes, and tools available.

    Enterprise Applications Lifescycle Advisory Services. Strategy, selection, implementation, optimization and operations.

    Insight summary

    Building an effective playbook starts with asking the right questions, not jumping straight into the technical details.

    • This blueprint provides the steps required to lay out an implementation playbook to align the team on what is necessary to support the implementation.
    • Build your Enterprise Application Implementation Playbook by:
      • Aligning and confirming project’s goals, stakeholders, governance and team.
      • Clearly defining what is in and out of scope for the project and the risks involved.
      • Building up a strong change management process.
      • Providing the tools and processes to keep track of the project.
      • Pulling it all together into an actionable playbook.

    Grapsh showing 39%

    Lack of planning is the reason that 39% of projects fail. Poor project planning can be disastrous: The consequences are usually high costs and time overruns.

    Graph showing 20%

    Almost 20% of IT projects can fail so badly that they can become a threat to a company’s existence. Lack of proper planning, poor communication, and poorly defined goals all contribute to the failure of projects.

    Graph showig 2.5%

    A PwC study of over 10,640 projects found that a tiny portion of companies – 2.5% – completed 100% of their projects successfully. These failures extract a heavy cost – failed IT projects alone cost the United States $50-$150B in lost revenue and productivity.

    Source: Forbes, 2020

    Planning and control are key to enterprise project success

    An estimated 70% of large-scale corporate projects fail largely due to a lack of change management infrastructure, proper oversight, and regular performance check-ins to track progress (McKinsey, 2015).

    Table showing that 88% of projects completed on time, 90% completed within budget and 92% meet original goals. 68% of projects have scope creep, 24% deemed failures and 46% experience budget lose when project fails

    “A survey published in HBR found that the average IT project overran its budget by 27%. Moreover, at least one in six IT projects turns into a ‘black swan’ with a cost overrun of 200% and a schedule overrun of 70%. Kmart’s massive $1.2B failed IT modernization project, for instance, was a big contributor to its bankruptcy.”

    Source: Forbes, 2020

    Sponsor commitment directly improves project success.

    Having the right sponsor significantly improves your chances of success across many different dimensions:

    1. On-time delivery
    2. Delivering within budget
    3. Delivered within an agreed-to scope
    4. Delivered with sufficient quality.
    Graph that shows Project success scores versus sponsor involvement in change communication. Shows increase for projects on time, projects on budget, within scope and overall quality.

    Source: Info-Tech, PPM Current State Scorecard Diagnostic

    Executive Brief Case Study

    Chocolate manufacturer implementing a new ERP

    INDUSTRY

    Consumer Products

    SOURCE

    Carlton, 2021

    Challenge

    Not every ERP ends in success. This case study reviews the failure of Hershey, a 147-year-old confectioner, headquartered in Hershey Pennsylvania. The enterprise saw the implementation of an ERP platform as being central to its future growth.

    Solution

    Consequently, rather than approaching its business challenge on the basis of an iterative approach, it decided to execute a holistic plan, involving every operating center in the company. Subsequently, SAP was engaged to implement a $10 million systems upgrade; however, management problems emerged immediately.

    Results

    The impact of this decision was significant, and the company was unable to conduct business because virtually every process, policy, and operating mechanism was in flux simultaneously. The consequence was the loss of $150 million in revenue, a 19% reduction in share price, and the loss of 12% in international market share.

    Remember: Poor management can scupper implementation, even when you have selected the perfect system.

    A successful software implementation provides more than simply immediate business value…

    It can build competitive advantage.

    • When software projects fail, it can jeopardize an organization’s financial standing and reputation, and in some severe cases, it can bring the company down altogether.
    • Rarely do projects fail for a single reason, but by understanding the pitfalls, developing a risk mitigation plan, closely monitoring risks, and self-evaluating during critical milestones, you can increase the probability of delivering on time, on budget, and with the intended benefits.

    Benefits are not limited to just delivering on time. Some others include:

    • Building organizational delivery competence and overall agility.
    • The opportunity to start an inventory of best practices, eventually building them into a center of excellence.
    • Developing a competitive advantage by maximizing software value and continuously transforming the business.
    • An opportunity to develop a competent pool of staff capable of executing on projects and managing organizational change.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Your Enterprise Application Implementation Playbook – Timeline Tool

    Supporting template that captures the project timeline information, issue log, and follow-up dashboard.

    Info-Tech: Project Planning and Monitoring Tool.
    Light Project Change Request Form Template

    This tool will help you record the requested change, and allow you to assess the impact of the change and proceed with the approval process.

    Info-Tech: Light change request form template.

    Key deliverable:

    Your Enterprise Application Implementation Playbook

    Record the results from the exercises to define the steps for a successful implementation.

    Build your enterprise application implementation playbook.

    Info-Tech’s methodology for Your Enterprise Application Implementation Playbook

    Phase Steps

    1. Understand the Project

    1. Identify the project sponsor
    2. Define project stakeholders
    3. Review project vision and guiding principles
    4. Review project objectives
    5. Establish project governance

    2. Set up for success

    1. Review project scope
    2. Define project metrics
    3. Prepare for project risks
    4. Identify the project team
    5. Define your change management process

    3. Document your plan

    1. Develop a master project plan
    2. Define a follow-up plan
    3. Define the follow-up process
    4. Understand what’s next
    Phase Outcomes
    • Project sponsor has been selected
    • Project stakeholders have been identified and mapped with their roles and responsibilities.
    • Vision, guiding principles, goals objectives, and governance have been defined
    • Project scope has been confirmed
    • Project metrics to identify successful implementation has been defined
    • Risks have been assessed and articulated.
    • Identified project team
    • An agreed-to change management process
    • Project plan covering the overall implementation is in place, including next steps and retrospectives

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostic and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    The three phases of guided implementation.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization. A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

    Workshop Overview

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889 Activities and deliverables for each module of the workshop. Module 1: understanding the project, Module 2: Set up for success, Modeule 3: Document your plan, and Post Workshop: Next steps and Wrap-up(offsite).

    Phase 1

    Understand the project

    3 phases, phase 1 is highlighted.

    This phase will walk you through the following activities:

    1.1 Identify the project sponsor

    1.2 Identify project stakeholders

    1.3 Review project vision and guiding principles

    1.4 Review project objectives

    1.5 Establish project governance

    This phase involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Step 1.1

    Identify the project sponsor

    Activities

    1.1.1 Define the project sponsor's responsibilities

    1.1.2 Shortlist potential sponsors

    1.1.3 Select the project sponsor

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Selected sponsor.

    Sponsor commitment directly improves project success.

    Having the right sponsor significantly improves your chances of success across many different dimensions:

    1. On-time delivery
    2. Delivering within budget
    3. Delivered within an agreed-to scope
    4. Delivered with sufficient quality.

    Graph that shows Project success scores versus sponsor involvement in change communication. Shows increase for projects on time, projects on budget, within scope and overall quality.

    Source: Info-Tech, PPM Current State Scorecard Diagnostic

    Typical project sponsor responsibilities

    • Help define the business goals of their projects before they start.
    • Provide guidance and support to the project manager and the project team throughout the project management lifecycle.
    • Ensure that sufficient financial resources are available for their projects.
    • Resolve problems and issues that require authority beyond that of the project manager.
    • Ensure that the business objectives of their projects are achieved and communicated.

    For further discussion on sponsor responsibilities, use Info-Tech’s blueprint, Drive Business Value With a Right-Sized Project Gating Process

    Portrait of head with multiple layers representing the responsibilities of a sponsor. From top down: Define business goals, provide guidance, ensure human ad financial resources, resolve problems and issues.

    1.1.1 Define the project sponsor’s responsibilities

    0.5-1 hour

    1. Discuss the minimum requirements for a sponsor at your organization.
    2. As a group, brainstorm the criteria necessary for an individual to be a project sponsor:
      1. Is there a limit to the number of projects they can sponsor at one time?
      2. Is there a minimum number of hours they must be available to the project team?
      3. Do they have to be at a certain seniority level in the organization?
      4. What is their role at each stage of the project lifecycle?
    3. Document these criteria on a whiteboard.
    4. Record the sponsor’s responsibilities in section 1.1 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Requirements for a sponsor
    • Your responsibilities as a sponsor

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.1.1 Define the project sponsor’s responsibilities (Continued)

    Example

    Project sponsor responsibilities.

    1.1.2 Shortlist potential sponsors

    0.5-1 hour

    1. Based on the responsibilities defined in Exercise 1.1.1, produce a list of the potential sponsors.
    2. Record the sponsor’s shortlist in section 1.2 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Characteristics of a sponsor
    • Your list of candidates

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.1.2 Shortlist potential sponsors (Continued)

    Example

    Shortlist of potential sponsors. 6 names listed with checkmarks on criteria ranking.

    Don’t forget, the project team is there to support the sponsor

    Given the burden of the sponsor role, the project team is committed to doing their best to facilitate a successful outcome.

    Project Success: Follow best practices, escalate issues, stay focused, communicate, adapt to change.

    • Follow the framework set out by the governance group at the organization to drive efficiency on the project.
    • Ensure stakeholders with proper authority are notified of issues that occur during the project.
    • Stay focused on the project tasks to drive quality on the deliverables and avoid rework after the project.
    • Communicate within the project team to drive coordination of tasks, complete deliverables, and avoid resource waste.
    • Changes are more common than not; the team must be prepared to adjust plans and stay agile to adapt to changes for the project.

    Seek the key characteristics of a sponsor

    Man walking up stairs denoting characteristics of a good sponsor. First step: Leader, second step: Strong Communicator, third step: knowledgeable, fourth step: problem solver, fifth step: delegator, final step: dedicated.

    1.1.3 Select the project sponsor

    0.5-1 hour

    1. Review the characteristics and the list of potential candidates.
    2. Assess availability, suitability, and desire of the selected sponsor.
    3. Record the selected sponsor in section 1.3 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • List of candidates
    • Characteristics of a sponsor
    • Your selected sponsor

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.1.3 Select the project sponsor (Continued)

    Example

    Name of example sponsor with their key traits listed.

    Step 1.2

    Identify the project stakeholders

    Activities

    1.2.1 Identify your stakeholders

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Stakeholders’ management plan

    How to find the right stakeholders

    Start with the obvious candidates, but keep an open mind.

    How to find stakeholders

    • Talk to your stakeholders and ask who else you should be talking to, to discover additional stakeholders and ensure you don’t miss anyone.
    • Less obvious stakeholders can be found by conducting various types of trace analysis, i.e. following various paths flowing from your initiative through to the path’s logical conclusion.

    Create a stakeholder network map for your application implementation

    Follow the trail of breadcrumbs from your direct stakeholders to their influencers to uncover hidden stakeholders.

    Stakeholder network map showing direction of professional influence as well as bidirectional, informal influence relationships.

    Info-Tech Insight

    Your stakeholder map defines the influence landscape your enterprise application operates in. It is every bit as important as the teams who enhance, support, and operate your applications directly.

    Use connectors to determine who may be influencing your direct stakeholders. They may not have any formal authority within the organization, but they may have substantial informal relationships with your stakeholders.

    Understand how to navigate the complex web of stakeholders

    Identify which stakeholders to include and what their level of involvement should be during requirements elicitation based on relevant topic expertise.

    Graph showing influence vs. interest, divided into 4 quadrants. Low influence and intersest is labeled: Monitor, low influence and high interest is labeled: Keep informed, High influence and low interest is labeled: Keep satisfied, and high influence and high interest is labeled: Involve closely

    Large-scale projects require the involvement of many stakeholders from all corners and levels of the organization, including project sponsors, IT, end users, and business stakeholders. Consider the influence and interest of stakeholders in contributing to the requirements elicitation process and involve them accordingly.

    Map the organization’s stakeholders

    List of various stakeholder titles. As well as a graph showing the influence vs involvement of each stakeholder title. Influence and interest is divided into 4 quadrants: Monitor, Keep informed, keep satisfied, and involve closely.

    1.2.1 Identify your stakeholders

    1-2 hours

    1. As a group, identify all the project stakeholders. A stakeholder may be an individual such as the CEO or CFO, or it may be a group such as front-line employees.
    2. Map each stakeholder on the quadrant based on their expected influence and involvement in the project
    3. Identify stakeholders and add them to the list.
    4. Record the stakeholders list in section 1.4 of Info-Tech’s Your Enterprise Application Implementation Playbook.
    5. Download Your Enterprise Application Implementation Playbook

      Input

      Output

      • Types of stakeholders
      • Your stakeholders initial list

      Materials

      Participants

      • Whiteboard/flip charts
      • Your Enterprise Application Implementation Playbook
      • Project team
      • Operations
      • SMEs
      • Team lead and facilitators
      • IT leaders

    1.2.1 Identify your stakeholders(Continued)

    Example

    Table with rows of stakeholders: Customer, End Users, IT, Vendor and other listed. Columns provide: description, examples, value and involvement level of each stakeholder.

    Step 1.3

    Review project vision and guiding principles

    Activities

    1.3.1 Align on a project vision

    1.3.2 List your guiding principles

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Project vision and guiding principles

    Vision and guiding principles

    GUIDING PRINCIPLES

    Guiding principles are high-level rules of engagement that help to align stakeholders from the outset. Determine guiding principles to shape the scope and ensure stakeholders have the same vision.

    Creating Guiding Principles

    Guiding principles should be constructed as full sentences. These statements should be able to guide decisions.

    EXAMPLES
    • [Organization] is implementing an ERP system to streamline processes and reduce redundancies, saving time and money.
    • [Organization] is implementing an ERP to integrate disparate systems and rationalize the application portfolio.
    • [Organization] is aiming at taking advantage of industry best practices and strives to minimize the level of customization required in solution.

    Questions to Ask

    1. What is a strong statement that will help guide decision making throughout the life of the ERP project?
    2. What are your overarching requirements for business processes?
    3. What do you ultimately want to achieve?
    4. What is a statement that will ensure all stakeholders are on the same page for the project?

    1.3.1 Align on a project vision

    1-2 hours

    1. As a group, discuss whether you want to create a separate project vision statement or restate your corporate vision and/or goals.
      1. A project vision statement will provide project-guiding principles, encompass the project objectives, and give a rationale for the project.
      2. Using the corporate vision/goals will remind the business and IT that the project is to implement an enterprise application that supports and enhances the organizational objectives.
    2. Record the project vision in section 1.5 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Project vision statement defined during strategy building
    • Your project vision

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.3.1 Align on a project vision (Continued)

    Example

    Project Vision

    We, [Organization], will select and implement an integrated software suite that enhances the growth and profitability of the organization through streamlined global business processes, real-time data-driven decisions, increased employee productivity, and IT investment protection.

    Guiding principles examples

    The guiding principles will help guide your decision-making process. These can be adjusted to align with your internal language.

    • Support business agility: A flexible and adaptable integrated business system providing a seamless user experience.
    • Use best practices: Do not recreate or replicate what we have today; focus on modernization. Exercise customization governance by focusing on those customizations that are strategically differentiating.
    • Automate: Take manual work out where we can, empowering staff and improving productivity through automation and process efficiencies.
    • Stay focused: Focus on scope around core business capabilities. Maintain scope control. Prioritize demand in line with the strategy.
    • Strive for "one source of truth": Unify data model and integrate processes where possible. Assess integration needs carefully.

    1.3.2 List your guiding principles

    1-2 hours

    1. Start with the guiding principles defined during the strategy building.
    2. Review each of the sample guiding principles provided and ask the following questions:
      1. Do we agree with the statement?
      2. Is this statement framed in the language we use internally? Does everyone agree on the meaning of the statement?
      3. Will this statement help guide our decision-making process?
    3. Record the guiding principles in section 1.6 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Guiding principles defined during strategy building
    • Your guiding principles

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.3.2 List your guiding principles (Continued)

    Example

    Guiding principals: Support business agility, use best practices, automate, stay focused, strive for `one source truth`.

    Step 1.4

    Review project objectives

    Activities

    1.4.1 Confirm your goals and objectives for the implementation project

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    The objectives of the implementation project

    Review the elements of the project charter

    Leverage completed deliverables to get project managers started down the path of success.

    Deliverables of project chaters for PMs. Project purpose, scope, logistics and sign-off.

    1.4.1 List your guiding principles

    1-2 hours

    1. Articulate the high-level objectives of the project. (What are the goals of the project?)
    2. Elicit the business benefits the sponsor is committed to achieving. (What are the business benefits of the project?)
    3. Record Project goals and objectives in section 1.7 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Your BizDevOps objectives and metrics
    • Understanding of various collaboration methods, such as Scrum, Kanban, and Scrumban
    • Your chosen collaboration method

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.4.1 Confirm your goals and objectives for the implementation project (Continued)

    Example:

    Project Objectives: End-user visibility, New business development, employee experience. Business Benefits for each objective listed.

    Step 1.5

    Establish project governance

    Activities

    1.5.1 Define the project governance structure

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Approach to build an effective project governance

    1.5.1 List your guiding principles

    0.5-1 hour

    1. Identify the IT governance structure in place today and document the high-level function of each body (councils, steering committees, review boards, centers of excellence, etc.).
    2. Identify and document the existing enterprise applications governance structure, roles, and responsibilities (if any exist).
    3. Identify gaps and document the desired enterprise applications governance structure, roles, and responsibilities.
    4. Record the project governance structure in section 1.8 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • IT governance structure
    • Your project governance structure

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Governance is NOT management

    Three levels of governance: Team Level, Steering Committee Level, and Executive Governance Level.

    Info-Tech Insight

    You won’t get engagement unless there is a sense of accountability. Do not leave this vague. Accountability needs to be assigned to specific individuals in your organization to ensure the system development achieves what was intended by your organization and not what your system integrator (SI) intended.

    Who is accountable?

    Too many assumptions are made that the SI is accountable for all implementation activities and deliverables – this is simply untrue. All activities can be better planned for, and misunderstandings can be avoided, with a clear line of sight on roles and responsibilities and the documentation that will support these assumptions.

    Discuss, define, and document roles and responsibilities:
    • For each role (e.g. executive sponsor, delivery manager, test lead, conversion lead), clearly articulate the responsibilities of the role, who is accountable for fulfillment, and whether it’s a client role, SI role, or both.
    • Articulate the purpose of each deliverable clearly, define which individual or team has responsibility for it, and document who is expected to contribute.
    • Empower the team by granting them the authority to make decisions. Ease their reluctance to think outside the box for fear of stakeholder or user backlash.
    • The implementation cannot and will not be transformative if the wrong people are involved or if the right people have not been given the tools required to succeed in their role.

    1.5.2 List your guiding principles

    0.5-1 hour

    1. Assess the skills necessary for an enterprise implementation. Inventory the competencies required for an enterprise implementation team. Map your internal resources to each competency as applicable.
    2. Select your internal implementation team. Determine who needs to be involved closely with the implementation. Key stakeholders should also be considered as members of your implementation team.
    3. Identify the number of external consultants/support required for implementation. Consider your in-house skills, timeline, integration environment complexity, and cost constraints as you make your resourcing plan.
    4. Record governance team roles and responsibilities in 1.9 section of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Available resources (internal, external, contract)
    • Your governance structure roles and responsibilities

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.5.2 Define governance team roles and responsibilities (Continued)

    Example

    Governance team roles and their responsibilities.

    Phase 2

    Set up for success

    3 phases, phase 2 is highlighted.

    This phase will walk you through the following activities:

    2.1. Review project scope

    2.2. Define project metrics

    2.3. Prepare for project risks

    2.4. Identify the project team

    2.5. Define your change management process

    This phase involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Step 2.1

    Review project scope

    Activities

    2.1.1 Gather and review requirements

    2.1.2 Confirm your scope for implementation

    2.1.3 Formulate a scope statement

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    The project scope

    Requirements are key to defining scope

    Project scope management includes the processes required to ensure that the project includes all and only the work required to complete the project successfully. Therefore, managing project scope is about defining and controlling what is and is not included in the project.

    PMBOK defines requirements as “conditions or capabilities that are to be met by the project or present in the product, service, or result to satisfy an agreement or other formally imposed specification.” Detailed requirements should be gathered and elicited in order to provide the basis for defining the project scope.

    70% of projects fail due to poor requirements, organizations using poor practices spent 62% more, 4th highest correlation to high IT performance is requirements gathering.

    Well-executed requirements gathering results in:

    • Consistent approach from project to project, resulting in more predictable outcomes.
    • Solutions that meet the business need on the surface and under the hood.
    • Reduce risk for fast-tracked projects by establishing a right-sized approach.
    • Requirements team that can drive process improvement and improved execution.
    • Confidence when exploring solution alternatives.

    Poorly executed requirements gathering results in:

    • IT receiving the blame for any project shortcomings or failures.
    • Business needs getting lost in the translation between the initial request and final output.
    • Inadequate solutions or cost overruns and dissatisfaction with IT.
    • IT losing its credibility as stakeholders do not see the value and work around the process.
    • Late projects that tie up IT resources longer than planned, and cost overruns that come out of the IT budget.
    • Inconsistent project execution, leading to inconsistent outcomes.

    Strong stakeholder satisfaction with requirements results in higher satisfaction in other areas

    High stakeholder satisfaction with requirements results in higher satisfaction in other areas.

    Note: “High satisfaction” was classified as a score greater or equal to eight, and “low satisfaction” was every organization that scored below eight on the same questions.

    2.1.1 Gather and review requirements

    1-2 hours

    1. Once existing documentation has been gathered, evaluate the effectiveness of the documentation and decide whether you need additional information to proceed to current-state mapping.
    2. The initiative team should avoid spending too much time on the discovery phase, as the goal of discovery is to obtain enough information to produce a level-one current-state map.
    3. Consider reviewing capabilities, business processes, current applications, integration, and data migration.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Your requirements, capabilities, business processes, current applications, integration, and/or data migration
    • Your requirements, capabilities, business processes, current applications, integration, and/or data migration revisited

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.1.1 Requirements list

    Example

    Requirements with description, category and priority.

    2.1.2 Confirm your scope for implementation

    1-2 hours

    1. Based on the requirements, write down features of the product or services, as well as dependencies with other interfaces.
    2. Write down exclusions to guard against scope creep.
    3. Validate the scope by asking these questions:
      1. Will this scope provide a common understanding for all stakeholders, including those outside of IT, as to what the project will accomplish and what it excludes?
      2. Should any detail be added to prevent scope creep later?
    4. Record the project scope in section 2.1 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • What’s in scope
    • What’s out of scope
    • What needs to integrate
    • Your scope areas

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.1.2 Scope detail

    Example

    Example of scope detail. Table with scope levels: In scope, out of scope and existing scope. Each scope level has details about it listed.

    Distill your requirements into a scope statement

    Requirements are about the what and the how.
    Scope specifies the features of the product or service – what is in and what is out
    Table showing Requirement document vs. Scope statement. It lists the audience, content, inputs and outputs for each.

    The Build Your Enterprise Application Implementation Playbook 2.2 Project Scope Statement includes:

    • Scope description (features, how it interfaces with other solution components, dependencies).
    • Exclusions (what is not part of scope).
    • Deliverables (product outputs, documentation).
    • Acceptance criteria (what metrics must be satisfied for the deliverable to be accepted).
    • Final sign-off (owner).
    • Project exclusions (scope item, details).

    The scope statement should communicate the breadth of the project

    To assist in forming your scope statement, answer the following questions:
    • What are the major coverage points?
    • Who will be using the systems?
    • How will different users interact with the systems?
    • What are the objectives that need to be addressed?
    • Where do we start?
    • Where do we draw the line?

    2.1.3 Formulate a scope statement

    1-2 hours

    1. Lay out the scope description (features, how it interfaces with other solution components, dependencies).
    2. Record the exclusions (what is not part of scope).
    3. Fill out the scope statement.
    4. Record the scope statement in section 2.2 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your scope areas
    • Your scope statement

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Scope statement template
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.1.3 Scope statement

    Example

    Examples of scope statements showing the following: Product or service in scope, project deliverables and acceptance criteria, and project exclusions.

    Step 2.2

    Review project scope

    Activities

    2.2.1 Define metrics for your project

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    The project metrics

    Building leading indicators

    Lagging KPIs are relatively simple to identify, whereas leading KPIs can be more elusive.

    For example, take the lagging KPI “Customer Satisfaction.” How do you turn that into a leading KPI? One method is to look at sources of customer complaints. In a retail sales system, backordered items will negatively impact customer satisfaction. As a leading indicator, track the number of orders with backordered lines and the percentage of the total order that was backordered.

    Performance Metrics

    Use leading and lagging metrics, as well as benchmarks, to track the progress of your system.

    Leading KPIs: Input-oriented measures:

    • Number of active users in the system.
    • Time-to-completion for processes that previously experienced efficiency pain points.

    Lagging KPIs: Output-oriented measures:

    • Faster production times.
    • Increased customer satisfaction scores

    Benchmarks: A standard to measure performance against:

    • Number of days to ramp up new users.

    Info-Tech Insight

    Leading indicators make the news; lagging indicators report on the news. Focusing on leading indicators allows you to address challenges before they become large problems with only expensive solutions.

    2.2.1 Define metrics for your project

    1-2 hours

    1. Examine outputs from any feedback mechanisms you have (satisfaction surveys, emails, existing SLAs, burndown charts, resourcing costs, licensing costs per sprint, etc.).
    2. Look at historical trends and figures when available. However, be careful of frequent anomalies, as these may indicate a root cause that needs to be addressed.
    3. Explore the definition of specific metrics across different functional teams to ensure consistency of measurement and reporting.
    4. Record the Project Metrics in section 2.3 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Outputs of any feedback mechanism
    • Historical trends
    • Your project tracking metrics

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.2.1 Metrics

    In addition to delivery metrics and system performance metrics, equip the business with process-based metrics to continuously prove the value of the enterprise software. Review the examples below as a starting point.

    Table showing metrics and desciption. Metrics listed are: Percent of requirements complete, issues found, issues resolved, and percent of processess complete.

    Step 2.3

    Prepare for project risks

    Activities

    2.3.1 Build a risk event menu

    2.3.2 Determine contextual risks

    2.3.3 Determine process risks

    2.3.4 Determine business risks

    2.3.5 Determine change risks

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Steps to create your product canvas and product vision statement

    All risks are not created equal

    Project Risk consists of: Contextual risk, process risk, change risk and business risk.

    For more information on Info-Tech’s Four-Pillar Risk Framework, please see Right-Size Your Project Risk Investment.

    Info-Tech’s Four-Pillar Risk Framework

    Unusual risks should be detected by finding out how each project is different from the norm. Use this framework to start this process by confronting the risks that are more easily anticipated.

    2.3.1 Build a risk event menu

    0.5-1 hour

    1. Build and maintain an active menu of potential risk events across the four risk categories.
    2. Record the risk event menu in section 2.4 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Risk events
    • Your risk events menu

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.3.1 Risk event menu

    Example

    Risk event menu example. A table with: Contextual Risk, process risk, business risk, change risk events with examples for each.

    2.3.2 Determine contextual risks

    0.5-1 hour

    1. Contextual risk factors are those that operate within the context of your department, organization, and/or community.
    2. Fill out contextual risks.
    3. Record the contextual risks in section 2.5 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your risk events menu
    • Your list of people involved in risk management
    • Your contextual risks

    Materials

    Participants

    • Project Risk Management Workbook
    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.3.2 Contextual risks

    Example

    two tables for Contextual risks. Table 1: Risk identification with event name, risk cause, impact and risk owner. Table 2: shows probability of risk, impact, rating, recommended action, and any mitigations.

    2.3.3 Determine process risks

    0.5-1 hour

    1. Process risks are those that involve project sponsorship, project management, business and functional requirements, work assignment, communication, and/or visibility.
    2. Fill out process risks.
    3. Record the process risks in section 2.6 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your risk events menu
    • Your list of people involved in risk management
    • Your process risks

    Materials

    Participants

    • Project Risk Management Workbook
    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.3.3 Process risks

    Example

    two tables for Process risks. Table 1: Risk identification with event name, risk cause, impact and risk owner. Table 2: shows probability of risk, impact, rating, recommended action, and any mitigations.

    2.3.4 Determine business risks

    0.5-1 hour

    1. Business risks are those that affect the bottom line of the organization. They usually have implications on revenue, costs, and/or image.
    2. Fill out business risks.
    3. Record the business risks in section 2.7 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your risk events menu
    • Your list of people involved in risk management
    • Your business risks

    Materials

    Participants

    • Project Risk Management Workbook
    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.3.4 Business risks

    Example

    two tables for Business risks. Table 1: Risk identification with event name, risk cause, impact and risk owner. Table 2: shows probability of risk, impact, rating, recommended action, and any mitigations.

    2.3.5 Determine change risks

    0.5-1 hour

    1. Change risks are those that result from imposing changes on the people and customers of the organization and their daily routines.
    2. Fill change risks.
    3. Record the change risks in section 2.7 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your risk events menu
    • Your list of people involved in risk management
    • Your business risks

    Materials

    Participants

    • Project Risk Management Workbook
    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.3.5 Change risks

    Example

    two tables for Change risks. Table 1: Risk identification with event name, risk cause, impact and risk owner. Table 2: shows probability of risk, impact, rating, recommended action, and any mitigations.

    Step 2.4

    Identify the project team

    Activities

    2.4.1 Establish team composition

    2.4.2 Identify the team

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Steps to get your project team ready

    Understand the unique external resource considerations for the implementation

    Organizations rarely have sufficient internal staffing to resource an enterprise software implementation project entirely on their own. Consider the options for closing the gap in internal resource availability.

    The most common project resourcing structures for enterprise projects are:

    1. Management consultant
    2. Vendor consultant
    3. System integrator

    When contemplating a resourcing structure, consider:

    • Availability of in-house implementation competencies and resources.
    • Timeline and cost constraints.
    • Integration environment complexity.

    CONSIDER THE FOLLOWING

    Internal Vs. External Roles and Responsibilities

    Clearly delineate between internal and external team responsibilities and accountabilities and communicate this to your technology partner upfront.

    Internal Vs. External Accountabilities

    Accountability is different than responsibility. Your vendor or SI partner may be responsible for completing certain tasks, but be careful not to outsource accountability for the implementation – ultimately, the internal team will be accountable.

    Partner Implementation Methodologies

    Often vendors and/or SIs will have their own preferred implementation methodology. Consider the use of your partner’s implementation methodology; however, you know what will work for your organization.

    Info-Tech Insight

    Selecting a partner is not just about capabilities, it’s about compatibility! Ensure you select a partner that has a culture compatible with your own.

    2.4.1 Establish team composition

    0.5-1 hour

    1. Assess the skills necessary for an enterprise implementation.
    2. Select your internal implementation team.
    3. Identify the number of external consultants/support required for implementation.
    4. Document the roles and responsibilities, accountabilities, and other expectations as they relate to each step of the implementation.
    5. Record the team composition in section 2.9 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • List of project team skills
    • Your team composition
    • Your business risks

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.4.1 Team composition

    Example

    Team composition: Role of each team member, and their skills.

    2.4.2 Identify the team

    0.5-1 hour

    1. Identify a candidate for each role and determine their responsibility in the project and their expected time commitment.
    2. The project will require a cross-functional team within IT and business units. Make sure the responsibilities are clearly communicated to the selected project sponsor.
    3. Create a RACI matrix for the project.
    4. Record the team list in section 2.10 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your team composition
    • Your team with responsibilities and commitment

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.4.2 Team list

    Example

    Team list: Role of each team member, candidate, responsibilities, and their commitment in hours per week.

    RACI example

    RACI example. Responsibilities and team member roles that are tasked with each responsibility.

    Step 2.5

    Define your change management process

    Activities

    2.5.1 Define OCM structure and resources

    2.5.2 Define OCM team’s roles and responsibilities

    2.5.3 Define requirements for training

    2.5.4 Create a communications plan for stakeholder groups, and delivery teams

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    A structure and procedures for an effective organizational change management

    Define your change management process to improve quality and adoption

    Organizational change management is the practice through which the PMO can improve user adoption rates and maximize project benefits.

    Correlation of change management effectiveness with meeting results.

    “It’s one thing to provide a new technology tool to your end users.

    It’s quite another to get them to use the tool, and still different for them to use the new tool proficiently.

    When your end users fully use a new technology and make it part of their daily work habits, they have ‘adopted’ the new tool.”

    – “End-User Adoption and Change Management Process” (2022)

    Large projects require organizational change management

    Organizational change management (OCM) governs the introduction of new business processes and technologies to ensure stakeholder adoption. The purpose of OCM is to prepare the business to accept the change.

    OCM is a separate body of knowledge. However, as a practice, it is inseparable from project management.

    In IT, project planning tends to fixate on technology, and it underestimates the behavioral and cultural factors that inhibit user adoption. Whether change is project-specific or continuous, it’s more important to instill the desire to change than to apply specific tools and techniques.

    Accountability for instilling this desire should start with the project sponsor. The project manager should support this with effective stakeholder and communication management plans.

    16% of projects with poor change management met or exceeded objectives. 71% of projects with excellent change management finish on or ahead of schedule. 67% of organizations include project change management in their initiatives.

    For further discussion on organizational change, use Info-Tech’s blueprint, Master Organizational Change Management Practices

    Your application implementation will be best served by centralizing OCM

    A centralized approach to OCM is most effective, and the PMO is already a centralized project office and is already accountable for project outcomes.

    What’s more, in organizations where accountabilities for OCM are not explicitly defined, the PMO will likely already be assumed to be the default change leader by the wider organization.

    It makes sense for the PMO to accept this accountability – in the short term at least – and claim the benefits that will come from coordinating and consistently driving successful project outcomes.

    In the long term, OCM leadership will help the PMO become a strategic partner with the executive layer and the business side.

    Short-term gains made by the PMO can be used to spark dialogues with those who authorize project spending and have the implicit fiduciary obligation to drive project benefits.

    Ultimately, it’s their job to explicitly transfer that obligation along with the commensurate resourcing and authority for OCM activities.

    Organizational resistance to change is cited as the #1 challenge to project success that PMOs face. Companies with mature PMOs that effectively manage change meet expectations 90% of the time.

    For further discussion on organizational change, use Info-Tech’s blueprint, Master Organizational Change Management Practices

    2.5.1 Define OCM structure and resources

    0.5-1 hour

    1. Assess the roles and resources that might be needed to help support these OCM efforts.
    2. Record the OCM structure in section 2.11 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project objectives
    • Your OCM structure and resources

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.5.1 OCM structure and resources

    Example

    OCM structure example. Table showing OCM activity and resources available to support.

    2.5.2 Define OCM team’s roles and responsibilities

    0.5-1 hour

    1. Assess the tasks required for the team.
    2. Determine roles and responsibilities.
    3. Record the results in the RACI matrix in section 2.13 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your communications timeline
    • Your OCM structure and resources
    • Your OCM plan and RACI matrix

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    OCM team’s roles and responsibilities

    Example

    Responsibilities for OCM team members.

    2.5.3 Define requirements for training

    0.5-1 hour

    1. Analyze HR requirements to ensure efficient use of HR and project stakeholder time.
    2. Outline appropriate HR and training activities.
    3. Define training content and make key logistical decisions concerning training delivery for staff and users.
    4. Record training requirements in section 2.14 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your OCM Plan and RACI matrix
    • Your HR training needs

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.5.3 Training requirements

    Example

    Training requirements example: Project milestones, milestone time frame, hr/training activities, activity timing, and notes.

    Project communication plans must address creation, flow, deposition, and security of project information

    A good communication management plan is like the oil that keeps moving parts going. Ensuring smooth information flow is a fundamental aspect of project management.

    Project communication management is more than keeping track of stakeholder requirements. A communication management plan must address timely and appropriate creation, flow, and deposition of information about the project – as well as the security of the information.

    Create:

    • In addition to standardized status reporting elements discussed for level 1 projects, level 2 and 3 projects may require additional information to be disseminated among key stakeholders and the PMO.

    Flow:

    • The plan must address the methods of communication. Distributed project teams require more careful planning, as they pose additional communication challenges.

    Deposit:

    • As the volume of information continues to grow exponentially, retrieving information becomes a challenge. The plan for depositing project information must be consistent with your organization’s content management policies.

    Security:

    • Preventing unauthorized access and information leaks is important for projectsthat are intended to provide the organization with a competitive edge or for projects that deal with confidential data.
    45% of organizations had established mature communications and engagement processes.

    2.5.4 Create a communications timeline

    0.5-1 hour

    1. Base your change communications on your organization’s cultural appetite for change in general.
    2. Document communications plan requirements.
    3. Create a high-level communications timeline.
    4. Tailor a communications strategy for each stakeholder group.
    5. Record the communications timeline in section 2.12 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your OCM structure and resources
    • Your project objectives
    • Your project scope
    • Your stakeholders’ management plan
    • Your communications timeline

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Example of communications timeline

    Project sponsors are the most compelling storytellers to communicate the change

    Example of project communications timeline. Planning, requirements, design, development, QA, deployment, warranty, and benefits/closure.

    Info-Tech Insight

    Communication with stakeholders and sponsors is not a single event, but a continual process throughout the lifecycle of the project implementation – and beyond!

    Phase 3

    Document your plan

    3 phases, phase 3 is highlighted.

    This phase will walk you through the following activities:

    3.1 Develop a master project plan

    3.2. Define a follow-up plan

    3.3. Define the follow-up process

    3.4. Understand what’s next

    This phase involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Step 3.1

    Develop a master project plan

    Activities

    3.1.1 Define your implementation steps

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Steps to create your resourcing and master plans

    Resources Vs. Demand

    Organizations rarely have sufficient internal staffing to resource an enterprise software implementation project entirely on their own. Consider the options for closing the gap in internal resource availability.

    Project demand: Data classification, cloud strategy, application rationalization, recovery planning etc. must be weighted against the organizations internal staffing resources.

    Competing priorities

    Example

    Table for competing priorities: List of projects, their timeline, priority notes, and their implications.

    3.1.1 Define your implementation steps

    0.5-1 hour

    1. Write each phase of the project on a separate sticky note and add it to the whiteboard. Determine what steps make up each phase. Write each step of the phase on a separate sticky note and add it to the whiteboard.
    2. Determine what tasks make up each step. Write each task of the step on a separate sticky note and add it to the whiteboard.
    3. Record the tasks in the Your Enterprise Application Implementation Playbook – Timeline tool. This tool has an example of a typical list of tasks, to help you start your master plan. Use the timeline for project planning and progress tracking.
    4. Record your project’s basic data and work schedule.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Project's work breakdown structure
    • Your project master plan

    Materials

    Participants

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Implementation plan – basic data

    Record your project name, project manager, and stakeholders from previous exercises.

    Example project information form: Project name, estimated start date, estimated end date, project manager, stakeholders, and time off of project.

    Implementation plan – work schedule

    Use this template to keep track of all project tasks, dates, owners, dependencies, etc.

    Use this template to keep track of all project tasks, dates, owners, dependencies, etc.

    “Actual Start Date” and “Actual Completion Date” columns must be updated to be reflected in the Gantt chart.

    This information will also be captured as the source for session 3.2.1 dashboards.

    Step 3.2

    Define a follow up plan

    Activities

    3.2.1 Create templates to enable follow-up throughout the project

    3.2.2 Decide on the tracking tools to help during your implementation

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Steps to create the processes and define the tools to track progress

    Leveraging dashboards

    Build a dashboard that reflects the leading metrics you have identified. Call out requirements that represent key milestones in the implementation.

    For further information on monitoring the project, use Info-Tech’s blueprint, Governance and Management of Enterprise Software Implementation

    Build a dashboard that reflects the leading metrics you have identified. Call out requirements that represent key milestones in the implementation.

    3.2.1 Create templates to enable follow-up throughout the project

    0.5-1 hour

    1. Create status report, dashboards/charts, budget control, risk/issues/gaps templates, and change request forms.
    2. Build a dashboard that reflects the leading metrics you have identified.
    3. Call out requirements that represent key milestones in the implementation.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your projects master plan
    • Your project follow-up kit

    Materials

    Participants

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Dashboards

    Based on the inputs in session 3.1.1 Define Your Implementation Steps, once the “Actual Start Date” and “Actual Completion Date” columns have been updated, this dashboard will present the project status and progress

    Based on the inputs in session 3.1.1 Define Your Implementation Steps, once the “Actual Start Date” and “Actual Completion Date” columns have been updated, this dashboard will present the project status and progress.

    This executive overview of the project's progress is meant to be used during the status meeting.

    Select the right tools

    Use SoftwareReviews to explore product features, vendor experience, and capability satisfaction.

    SoftwareReviews, Requirements Management, 2023

    SoftwareReviews, Project Management, 2023

    SoftwareReviews, Business Intelligence & Analytics, 2023

    3.2.2 Decide on the tracking tools to help during your implementation

    0.5-1 hour

    1. Based on the standards within your organization, select the appropriate project tracking tools to help you track the implementation project.
    2. If you do not have any tools or wish to change them, please see leverage Info-Tech’s SoftwareReviews to help you in making your decision.
    3. Consider tooling across a number of different categories:
      1. Requirements Management
      2. Project Management
      3. Reporting and Analytics
    4. Record the project tracking tools in section 3.3 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project follow-up kit
    • Your project follow-up kit tools

    Materials

    Participants

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Example: project tools

    Table listing project tools by type, use, and products available.

    Step 3.3

    Define a follow-up process

    Activities

    3.3.1 Define project progress communication

    3.3.2 Create a change request process

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Steps to create your follow-up process

    Project status updates should occur throughout the implementation

    Project status updates can be both formal and informal. Formal status updates provide a standardized means of disseminating information on project progress. It is the lifeblood of project management: Accurate and up-to-date status reporting enables your project manager to ensure that your project can continue to use the resources needed.

    Informal status updates are done over coffee with key stakeholders to address their concerns and discuss key outcomes they want to see. Informal status updates help to build a more personal relationship.

    Ask for feedback during the status update meetings. Use the meeting as an opportunity to align values, goals, and incentives.

    Codify the following considerations:

    • Minimum requirement for a formal status update:
      • Frequency of reporting, as required by the project portfolio
      • Parties to be consulted and informed
      • Recording, producing, and archiving meeting minutes, both formal and informal
    • Procedure for follow-up on feedback generated from status updates:
      • Filing change requests
      • Keeping the change requester/relevant stakeholders in the loop

    3.3.1 Define project progress communication

    0.5-1 hour

    1. Provide a standardized means of disseminating information on project progress.
    2. Create an accurate and up-to-date status report to help keep team engaged and leadership supporting the project.
    3. Record the project progress communication in section 3.5 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project follow-up process
    • Your project progress communication

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Project progress communication

    Example

    Example table of project progress communication. Audience, purpose, delivery/format, communicator, delivery date, and status/notes.

    Manage project scope changes

    1. Change in project scope is unpredictable and almost inevitable regardless of project size. If changes are not properly managed, the project runs the risk of scope creep and loss of progress. Therefore, changes need to be monitored and controlled.
    2. Scope change can be initiated voluntarily by the project sponsor or other stakeholders, or it could be a mandatory reaction to changing project process.
    3. Scope change may also take place due to internal factors such as a stakeholder requiring more extensive insights or external factors such as changing market conditions.
    4. Scope changes have the potential to affect project outcomes either positively or negatively, depending on how the change is managed and implemented. The project manager should take care to maintain focus on the project’s ultimate objectives; consideration needs to be given as to what to do and what to give up.
    5. If changes arise, project managers should ensure that adequate resources and actions are provided so the project can be completed on time and on budget.
    • The project manager needs to use both hard and soft skills: analytical skills for evaluating and quantifying the impact of potential changes and communication skills for communicating and negotiating with stakeholders.
    • Build trust and credibility by taking an evidence-based approach when presenting changes. This gives you room to respectfully push back on certain changes.
    • Assess changes before crossing them off the list, but don’t be afraid to say no. Greater care must be taken when there is very limited budgetary freedom or when scope changes will interfere with the critical path.
    • All change requests must be received by the project manager first so they can make sure that IT project resources are not approached with multiple ad hoc change requests.

    Document your process to manage project change requests

    1 Initial assessment

    Using the scope statement as the reference point:

    • Why do we need the change?
    • Is the change necessary?
    • What is the business value that the change brings to the project?

    Recommend alternative solutions that are easier to implement while consulting the requester.

    2 Minor change

    If the change has been classified as minor, the project manager and the project team can tackle it directly, since it doesn’t affect project budget or schedule in a significant way. Ensure that the change is documented.

    3 conduct an in-depth assessment

    The project manager should bring major changes to the attention of the project sponsor and carry out a detailed assessment of the change and its impact.

    Additional time and resources are required to do the in-depth assessment because the impact on the project can be complex and affect requirements, resources, budget, and schedule.

    4 Obtain approval from the governing body

    Present the results to the governing body. Since a major change significantly affects the project baseline beyond the authorized contingency, it is the responsibility of the governing body to either approve the change with allocation of additional resources or reject the change and maintain course.

    Flow chart to document your process to manage project change requests.

    For further discussion on change requests, use Info-Tech’s blueprint, Begin Your Projects With the End in Mind

    3.3.2 Create a change request process

    0.5-1 hour

    1. Identify any existing processes that you have for addressing changes for projects.
    2. Discuss whether or not the current change request process will suit the project at hand.
    3. Define the agreed-to change request process that fits your organization’s culture.
    4. For a change request template, you can leverage, refer to section 3.6 of Info-Tech’s Your Enterprise Application Implementation Playbook.
    5. Make any changes to the template as necessary.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project scope
    • Your change request

    Materials

    Participants

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    3.3.2 Create a change request process (Continued)

    Example of a change request process form.

    Step 3.4

    Understand what's next

    Activities

    3.4.1 Run a “lessons learned” session for continuous improvement

    3.4.2 Prepare a closure document for sign-off

    3.4.3 Document optimization and future release opportunities

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Lessons learned throughout the project-guiding

    Good project planning is key to smooth project closing

    Begin with the end in mind. Without a clear scope statement and criteria for acceptance, it’s anyone’s guess when or how a project will end.

    During the closing process, the project manager should use planning and execution documents, such as the project charter and the scope statement, to assess project completeness and obtain sign-off based on the acceptance criteria.

    Project completion criteria should be clearly defined. For example, the project is defined as finished when costs are in, vendor receipts are received, financials are reviewed and approved, etc.

    However, there are other steps to be taken after completing the project deliverables. These activities include:

    • Transferring project knowledge and operations to support
    • Completing user training
    • Obtaining business sign-off and acceptance
    • Releasing resources
    • Conducting post-mortem meeting
    • Archiving project assets

    The project manager needs to complete all project management processes, including:

    • Risk management (close out risk assessment and action plan)
    • Quality management (test the final deliverables against acceptance criteria)
    • Stakeholder management (decision log, close out issues, plan and assign owners for resolutions of open issues)
    • Project team management (performance evaluation for team members as well as the project manager)

    3.4.1 Define the process for lessons learned

    0.5-1 hour

    1. Determine the reporting frequency for lessons learned.
    2. Consider attributing lessons learned to project phases.
    3. Coordinate lessons learned check-ins with project milestones to review and reflect.
    4. At each reporting session, the project team should identify challenges and successes informally.
    5. The PM and the PMO should transform the reports from each team member into formalized lessons.
    6. Record lessons learned for each project in section 3.7 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project's lessons learned

    Materials

    Participants

    • Project Lessons Learned Template
    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Lessons learned

    Example

    Form: Project successes, notes, areas of imporvement, impact, solution.

    Watch for these potential problems with project closure

    Don’t leave the door open for stakeholder dissatisfaction. Properly close out your projects.

    Potential problems with project closure.

    For further information on project closure issues, use Info-Tech’s blueprint, Get Started With Project Management Excellence.

    3.4.2 Prepare a closure document for sign-off

    0.5-1 hour

    1. Create a realistic closure and transition process that gains sign-off from the sponsor.
    2. Prepare a project closure checklist.
    3. Transfer accountability to operations, release project resources, and avoid disrupting other projects that are trying to get started.
    4. Record the project closure document in section 3.8 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project objectives
    • Your project scope
    • Your project's closure checklist

    Materials

    Participants

    • Project closure checklist Template
    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Closure checklist

    Project closure checklist. project management checklist, deliverables, goals, benefits, outstanding action items and issues, handover of technical documents, knowledge transfer, sign-off.

    For further information on closure procedures, use Info-Tech’s blueprint, Begin Your Projects With the End in Mind.

    3.4.3 Document optimization and future release opportunities

    0.5-1 hour

    Consider the future opportunities for improvement post-release:

    1. Product and vendor satisfaction opportunities
    2. Capability and feature optimization opportunities
    3. Process optimization opportunities
    4. Integration optimization opportunities
    5. Data optimization opportunities
    6. Cost-saving opportunities
    7. Record optimization and future release opportunities in section 3.9 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project objectives
    • Your project scope
    • Your optimization opportunities list

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Optimization opportunities

    Example

    Optimization types and opportunities.

    Related Info-Tech Research

    Build upon your foundations

    Build an ERP Strategy and Roadmap

    • A business-led, top-management-supported initiative partnered with IT has the greatest chance of success. This blueprint provides business and IT the methodology for getting the right level of detail for the business processes that the ERP supports thus avoiding getting lost in the details.

    Governance and Management of Enterprise Software Implementation

    • Implementing enterprise software is hard. You need a framework that will greatly improve your chance of success. Traditional Waterfall project implementations have a demonstrated a low success rate for on-time, on-budget delivery.

    Select and Implement a Human Resource Information System

    • Your organization is in the midst of a selection and implementation process for a human resource information system (HRIS), and there is a need to disambiguate the market and arrive at a shortlist of vendors.

    Select and Implement an ERP Solution

    • Selecting and implementing an ERP is one of the most expensive and time-consuming technology transformations an organization can undertake. ERP projects are notorious for time and budget overruns, with only a margin of the anticipated benefits being realized.

    Right-Size Your Project Risk Investment

    • Avoid the all-or-nothing mindset; even modest investments in risk will provide a return. Learn from and record current and historical risk events so lessons learned can easily be embedded into future projects. Assign someone to own the risk topic and make it their job to keep a relevant menu of risks.

    Related Info-Tech Research

    Build upon your foundations

    Drive Business Value With a Right-Sized Project Gating Process

    • Many organizations have implemented gating as part of their project management process. So, what separates those who are successful from those who are not? For starters, successful gating requires that each gate is treated as an essential audit. That means there need to be clear roles and responsibilities in the framework.

    Master Organizational Change Management Practices

    • Organizational change management (OCM) is often an Achilles’ heel for IT departments and business units, putting projects and programs at risk – especially large, complex, transformational projects.

    Get Started With Project Management Excellence

    • Lack of proper scoping at the beginning of the project leads to constant rescoping, rescheduling, and budget overruns.

    ERP Requirements Picklist Tool

    • Use this tool to collect ERP requirements in alignment with the major functional areas of ERP. Review the existing set of ERP requirements as a starting point to compiling your organization's requirements.

    Begin Your Projects With the End in Mind

    • Stakeholders are dissatisfied with IT’s inability to meet or even provide consistent, accurate estimates. The business’ trust in IT erodes every time a project is late, lost, or unable to start.

    Get Started With IT Project Portfolio Management

    • Most companies are struggling to get their project work done. This is due in part to the fact that many prescribed remedies are confusing, disruptive, costly, or ineffective.

    Bibliography

    7 Shocking Project Management Statistics and Lessons We Should Learn.” TeamGantt, Jan. 2017.

    Akrong, Godwin Banafo, et al. "Overcoming the Challenges of Enterprise Resource Planning (ERP): A Systematic Review Approach." IJEIS vol.18, no.1 2022: pp.1-41.

    Andriole, S. “Why No One Can Manage Projects, Especially Technology Projects.” Forbes, 1 Dec. 2020.

    Andriole, Steve. “Why No One Can Manage Projects, Especially Technology Projects.” Forbes, 1 Dec. 2020.

    Beeson, K. “ERP Implementation Plan (ERP Implementation Process Guide).” ERP Focus, 8 Aug. 2022.

    Biel, Justin. “60 Critical ERP Statistics: 2022 Market Trends, Data and Analysis.” Oracle Netsuite, 12 July 2022.

    Bloch, Michael, et al. “Delivering Large-Scale IT Projects on Time, on Budget, and on Value.” McKinsey & Company, 2012.

    Buverud, Heidi. ERP System Implementation: How Top Managers' Involvement in a Change Project Matters. 2019. Norwegian School of Economics, Ph.D. thesis.

    Carlton, R. “Four ERP Implementation Case Studies You Can Learn From.” ERP Focus, 15 July 2015.

    Gopinath, S. Project Management in the Emerging World of Disruption. PMI India Research and Academic Conference 2019. Kozhikode Publishers.

    Grabis, J. “On-Premise or Cloud Enterprise Application Deployment: Fit-Gap Perspective.” Enterprise Information Systems. Edited by Filipe, J., Śmiałek, M., Brodsky, A., Hammoudi, S. ICEIS, 2019.

    Harrin, E. The Definitive Guide to Project Sponsors. RGPM, 13 Dec. 2022.

    Jacobs-Long, Ann. “EPMO’s Can Make A Difference In Your Organization.” 9 May 2012.

    Kotadia, C. “Challenges Involved in Adapting and Implementing an Enterprise Resource Planning (ERP) Systems.” International Journal of Research and Review vol. 7 no. 12 December 2020: 538-548.

    Panorama Consulting Group. "2018 ERP Report." Panorama Consulting Group, 2018. Accessed 12 Oct. 2021.

    Panorama Consulting Group. "2021 ERP Report." Panorama Consulting Group, 2021. Accessed 12 Oct. 2021.

    PM Solutions. (2014). The State of the PMO 2014.

    PMI. Pulse of the Profession. 2017.

    Podeswa, H. “The Business Case for Agile Business Analysis.” Requirements Engineering Magazine, 21 Feb. 2017.

    Project Delivery Performance in Australia. AIPM and KPMG, 2020.

    Prosci. (2020). Prosci 2020 Benchmarking Data from 2007, 2009, 2011, 2013, 2015, 2017, 2019.

    Swartz, M. “End User Adoption and Change Management Process.” Swartz Consulting LLC, 11 July 2022.

    Trammell, H. “28 Important Project Management KPIs (& How To Track Them).” ClearPoint Strategy, 2022.

    “What are Business Requirements?" Requirements.com, 18 Oct. 2018.

    “What Is the Role of a Project Sponsor?” Six Sigma Daily, 18 May 2022.

    “When Will You Think Differently About Programme Delivery?” 4th Global Portfolio and Programme Management Survey. PricewaterhouseCoopers, Sept. 2014.

    Review Your Application Strategy

    • Buy Link or Shortcode: {j2store}82|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $12,599 Average $ Saved
    • member rating average days saved: 2 Average Days Saved
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • Over 80% of CXOs experience frustration with IT’s failure to deliver business value.
    • Sixty percent of CEOs believe that improvement is required around IT’s understanding of business goals.
    • Sixty percent of IT professionals know there is an opportunity to run applications more efficiently, eliminating wasteful or low-value activities.

    Our Advice

    Critical Insight

    • Organizations need to better align their application strategy with their business strategy as they proceed through tactical initiatives.
    • Application strategies provide guidance on how they will help the organization survive and thrive.

    Impact and Result

    Aligning your business with applications through your strategy will not only increase business satisfaction but also help to ensure you’re delivering applications that enable the organization’s goals.

    Review Your Application Strategy Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should have an application strategy and why you should use Info-Tech’s approach to review it. Learn how we can support you in completing this strategy and review.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Review your strategy

    This review guide provides organizations with a detailed assessment of their application strategy, ensuring that the applications enable the business strategy so that the organization can be more effective.The assessment provides criteria and exercises to provide actionable outcomes.

    • Application Strategy Assessment Tool
    • Application Strategy Action Plan Report Template
    • Application Strategy Sample Action Plan Report
    [infographic]

    Build an Application Department Strategy

    • Buy Link or Shortcode: {j2store}180|cart{/j2store}
    • member rating overall impact (scale of 10): 9.2/10 Overall Impact
    • member rating average dollars saved: $220,866 Average $ Saved
    • member rating average days saved: 34 Average Days Saved
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • Application delivery has modernized. There are increasing expectations on departments to deliver on organizational and product objectives with increasing velocity.
    • Application departments produce many diverse, divergent products, applications, and services with expectations of frequent updates and changes based on rapidly changing landscapes

    Our Advice

    Critical Insight

    • There is no such thing as a universal “applications department.” Unlike other domains of IT, there are no widely accepted frameworks that clearly outline universal best practices of application delivery and management.
    • Different software needs and delivery orientations demand a tailored structure and set of processes, especially when managing a mixed portfolio or multiple delivery methods.

    Impact and Result

    Understand what your department’s purpose is through articulating its strategy in three steps:

    • Determining your application department’s values, principles, and orientation.
    • Laying out the goals, objectives, metrics, and priorities of the department.
    • Building a communication plan to communicate your overall department strategy.

    Build an Application Department Strategy Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build an application department strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Take stock of who you are

    Consider and record your department’s values, principles, orientation, and capabilities.

    • Build an Application Department Strategy – Phase 1: Take Stock of Who You Are
    • Application Department Strategy Supporting Workbook

    2. Articulate your strategy

    Define your department’s strategy through your understanding of your department combined with everything that you do and are working to do.

    • Build an Application Department Strategy – Phase 2: Articulate Your Strategy
    • Application Department Strategy Template

    3. Communicate your strategy

    Communicate your department’s strategy to your key stakeholders.

    • Build an Application Department Strategy – Phase 3: Communicate Your Strategy

    Infographic

    Workshop: Build an Application Department Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Take Stock of Who You Are

    The Purpose

    Understand what makes up your application department beyond the applications and services provided.

    Key Benefits Achieved

    Articulating your guiding principles, values, capabilities, and orientation provides a foundation for expressing your department strategy.

    Activities

    1.1 Identify your team’s values and guiding principles.

    1.2 Define your department’s orientation.

    Outputs

    A summary of your department’s values and guiding principles

    A clear view of your department’s orientation and supporting capabilities

    2 Articulate Your Strategy

    The Purpose

    Lay out all the details that make up your application department strategy.

    Key Benefits Achieved

    A completed application department strategy canvas containing everything you need to communicate your strategy.

    Activities

    2.1 Write your application department vision statement.

    2.2 Define your application department goals and metrics.

    2.3 Specify your department capabilities and orientation.

    2.4 Prioritize what is most important to your department.

    Outputs

    Your department vision

    Your department’s goals and metrics that contribute to achieving your department’s vision

    Your department’s capabilities and orientation

    A prioritized roadmap for your department

    3 Communicate Your Strategy

    The Purpose

    Lay out your strategy’s communication plan.

    Key Benefits Achieved

    Your application department strategy presentation ready to be presented to your stakeholders.

    Activities

    3.1 Identify your stakeholders.

    3.2 Develop a communication plan.

    3.3 Wrap-up and next steps

    Outputs

    List of prioritized stakeholders you want to communicate with

    A plan for what to communicate to each stakeholder

    Communication is only the first step – what comes next?

    Ransomware Cyber Attack. The real Disaster Recovery Scenario

    Cyber-ransomware criminals need to make sure that you cannot simply recover your encrypted data via your backups. They must make it look like paying is your only option. And if you do not have a strategy that takes this into account, unfortunately, you may be up the creek without a paddle. because how do they make their case? Bylooking for ways to infect your backups, way before you find out you have been compromised. 

    That means your standard disaster recovery scenarios provide insufficient protection against this type of event. You need to think beyond DRP and give consideration to what John Beattie and Michael Shandrowski call "Cyber Incident Recovery Risk management" (CIR-RM).  

    incident, incident management, cybersecurity, cyber, disaster recovery, drp, business continuity, bcm, recovery

    Register to read more …

    Build an ERP Strategy and Roadmap

    • Buy Link or Shortcode: {j2store}585|cart{/j2store}
    • member rating overall impact (scale of 10): 9.4/10 Overall Impact
    • member rating average dollars saved: $76,462 Average $ Saved
    • member rating average days saved: 22 Average Days Saved
    • Parent Category Name: Enterprise Resource Planning
    • Parent Category Link: /enterprise-resource-planning
    • Organizations often do not know where to start with an ERP project.
    • They focus on tactically selecting and implementing the technology.
    • ERP projects are routinely reported as going over budget, over schedule, and they fail to realize any benefits.

    Our Advice

    Critical Insight

    • An ERP strategy is an ongoing communication tool for the business.
    • Accountability for ERP success is shared between IT and the business.
    • An actionable roadmap provides a clear path to benefits realization.

    Impact and Result

    • Align the ERP strategy and roadmap with business priorities, securing buy-in from the business for the program.
    • Identification of gaps, needs, and opportunities in relation to business processes; ensuring the most critical areas are addressed.
    • Assess alternatives for the critical path(s) most relevant to your organization’s direction.

    Build an ERP Strategy and Roadmap Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build an ERP Strategy and Roadmap – A comprehensive guide to align business and IT on what the organization needs from their ERP.

    A business-led, top-management-supported initiative partnered with IT has the greatest chance of success.

  • Aligning and prioritizing key business and technology drivers.
  • Clearly defining what is in and out of scope for the project.
  • Getting a clear picture of how the business process and underlying applications support the business strategic priorities.
  • Pulling it all together into an actionable roadmap.
    • Build an ERP Strategy and Roadmap – Phases 1-4
    • ERP Strategy Report Template
    [infographic]

    Workshop: Build an ERP Strategy and Roadmap

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Introduction to ERP

    The Purpose

    To build understanding and alignment between business and IT on what an ERP is and the goals for the project

    Key Benefits Achieved

    Clear understanding of how the ERP supports the organizational goals

    What business processes the ERP will be supporting

    An initial understanding of the effort involved

    Activities

    1.1 Introduction to ERP

    1.2 Background

    1.3 Expectations and goals

    1.4 Align business strategy

    1.5 ERP vision and guiding principles

    1.6 ERP strategy model

    1.7 ERP operating model

    Outputs

    ERP strategy model

    ERP Operating model

    2 Build the ERP operation model

    The Purpose

    Generate an understanding of the business processes, challenges, and application portfolio currently supporting the organization.

    Key Benefits Achieved

    An understanding of the application portfolio supporting the business

    Detailed understanding of the business operating processes and pain points

    Activities

    2.1 Build application portfolio

    2.2 Map the level 1 ERP processes including identifying stakeholders, pain points, and key success indicators

    2.3 Discuss process and technology maturity for each level 1 process

    Outputs

    Application portfolio

    Mega-processes with level 1 process lists

    3 Project set up

    The Purpose

    A project of this size has multiple stakeholders and may have competing priorities. This section maps those stakeholders and identifies their possible conflicting priorities.

    Key Benefits Achieved

    A prioritized list of ERP mega-processes based on process rigor and strategic importance

    An understanding of stakeholders and competing priorities

    Initial compilation of the risks the organization will face with the project to begin early mitigation

    Activities

    3.1 ERP process prioritization

    3.2 Stakeholder mapping

    3.3 Competing priorities review

    3.4 Initial risk register compilation

    Outputs

    Prioritized ERP operating model

    Stakeholder map.

    Competing priorities list.

    Initial risk register.

    4 Roadmap and presentation review

    The Purpose

    Select a future state and build the initial roadmap to set expectations and accountabilities.

    Key Benefits Achieved

    Identification of the future state

    Initial roadmap with expectations on accountability and timelines

    Activities

    4.1 Discuss future state options

    4.2 Build initial roadmap

    4.3 Review of final deliverable

    Outputs

    Future state options

    Initiative roadmap

    Draft final deliverable

    Further reading

    Build an ERP Strategy and Roadmap

    Align business and IT to successfully deliver on your ERP initiative

    Table of Contents

    Analyst Perspective

    Phase 3: Plan Your Project

    Executive Summary

    Step 3.1: Stakeholders, risk, and value

    Phase 1: Build Alignment and Scope

    Step 3.2: Project set up

    Step 1.1: Aligning Business and IT

    Phase 4: Next Steps

    Step 1.2: Scope and Priorities

    Step 4.1: Build your roadmap

    Phase 2: Define Your ERP

    Step 4.2: Wrap up and present

    Step 2.1: ERP business model

    Summary of Accomplishment

    Step 2.2: ERP processes and supporting applications

    Research Contributors

    Step 2.3: Process pains, opportunities, and maturity

    Related Info-Tech Research

    Bibliography

    Build an ERP Strategy and Roadmap

    Align business and IT to successfully deliver on your ERP initiative

    EXECUTIVE BRIEF

    Analyst Perspective

    A foundational ERP strategy is critical to decision making.

    Photo of Robert Fayle, Research Director, Enterprise Applications, Info-Tech Research Group.

    Enterprise resource planning (ERP) is a core tool that the business leverages to accomplish its goals. An ERP that is doing its job well is invisible to the business. The challenges come when the tool is no longer invisible. It has become a source of friction in the functioning of the business

    ERP systems are expensive, their benefits are difficult to quantify, and they often suffer from poor user satisfaction. Post-implementation, technology evolves, organizational goals change, and the health of the system is not monitored. This is complicated in today’s digital landscape with multiple integration points, siloed data, and competing priorities.

    Too often organizations jump into selecting replacement systems without understanding the needs of the organization. Alignment between business and IT is just one part of the overall strategy. Identifying key pain points and opportunities, assessed in the light of organizational strategy, will provide a strong foundation to the transformation of the ERP system.

    Robert Fayle
    Research Director, Enterprise Applications
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Organizations often do not know where to start with an ERP project. They focus on tactically selecting and implementing the technology but ignore the strategic foundation that sets the ERP system up for success. ERP projects are routinely reported as going over budget, over schedule, and they fail to realize any benefits.

    Common Obstacles

    ERP projects impact the entire organization – they are not limited to just financial and operating metrics. The disruption is felt during both implementation and in the production environment.

    Missteps early on can cost time, financial resources, and careers. Roughly 55% of ERP projects reported being over budget, and two-thirds of organizations implementing ERP realized less than half of their anticipated benefits.

    Info-Tech’s Approach

    Obtain organizational buy-in and secure top management support. Set clear expectations, guiding principles, and critical success factors.

    Build an ERP operating model/business model that identifies process boundaries, scope, and prioritizes requirements. Assess stakeholder involvement, change impact, risks, and opportunities.

    Understand the alternatives your organization can choose for the future state of ERP. Develop an actionable roadmap and meaningful KPIs that directly align with your strategic goals.

    Info-Tech Insight

    Accountability for ERP success is shared between IT and the business. There is no single owner of an ERP. A unified approach to building your strategy promotes an integrated roadmap so all stakeholders have clear direction on the future state.

    Insight summary

    Enterprise resource planning (ERP) systems facilitate the flow of information across business units. It allows for the seamless integration of systems and creates a holistic view of the enterprise to support decision making.

    In many organizations, the ERP system is considered the lifeblood of the enterprise. Problems with this key operational system will have a dramatic impact on the ability of the enterprise to survive and grow.

    A measured and strategic approach to change will help mitigate many of the risks associated with ERP projects, which will avoid the chances of these changes becoming the dreaded “career killers.”

    A business led, top management supported initiative partnered with IT has the greatest chance of success.

    • A properly scoped ERP project reduces churn and provides all parts of the business with clarity.
    • This blueprint provides the business and IT the methodology to get the right level of detail for the business processes that the ERP supports so you can avoid getting lost in the details.
    • Build a successful ERP Strategy and roadmap by:
      • Aligning and prioritizing key business and technology drivers.
      • Clearly defining what is in and out of scope for the project.
      • Providing a clear picture of how the business process and underlying applications support the business strategic priorities.
      • Pulling it all together into an actionable roadmap.

    Enterprise Resource Planning (ERP)

    What is ERP?

    Enterprise resource planning (ERP) systems facilitate the flow of information across business units. They allow for the seamless integration of systems and create a holistic view of the enterprise to support decision making.

    In many organizations, the ERP system is considered the lifeblood of the enterprise. Problems with this key operational system will have a dramatic impact on the ability of the enterprise to survive and grow.

    An ERP system:

    • Automates processes, reducing the amount of manual, routine work.
    • Integrates with core modules, eliminating the fragmentation of systems.
    • Centralizes information for reporting from multiple parts of the value chain to a single point.

    A diagram visualizing the many aspects of ERP and the categories they fall under. Highlighted as 'Supply Chain Management' are 'Supply Chain: Procure to Pay' and 'Distribution: Forecast to Delivery'. Highlighted as 'Customer Relationship Management' are 'Sales: Quote to Cash', 'CRM: Market to Order', and 'Customer Service: Issue to Resolution'.

    ERP use cases:

    • Product-Centric
      Suitable for organizations that manufacture, assemble, distribute, or manage material goods.
    • Service-Centric
      Suitable for organizations that provide and manage field services and/or professional services.

    ERP by the numbers

    50-70%
    Statistical analysis of ERP projects indicates rates of failure vary from 50 to 70%. Taking the low end of those analyst reports, one in two ERP projects is considered a failure. (Source: Saxena and Mcdonagh)

    85%
    Companies that apply the principles of behavioral economics outperform their peers by 85% in sales growth and more than 25% in gross margin. (Source: Gallup)

    40%
    Nearly 40% of companies said functionality was the key driver for the adoption of a new ERP. (Source: Gheorghiu)

    ERP dissatisfaction

    Drivers of Dissatisfaction
    Business
    • Misaligned objectives
    • Product fit
    • Changing priorities
    • Lack of metrics
    Data
    • Access to data
    • Data hygiene
    • Data literacy
    • One view of the customer
    People and teams
    • User adoption
    • Lack of IT support
    • Training (use of data and system)
    • Vendor relations
    Technology
    • Systems integration
    • Multi-channel complexity
    • Capability shortfall
    • Lack of product support

    Finance, IT, Sales, and other users of the ERP system can only optimize ERP with the full support of each other. The cooperation of the departments is crucial when trying to improve ERP technology capabilities and customer interaction.

    Info-Tech Insight

    While technology is the key enabler of building strong customer experiences, there are many other drivers of dissatisfaction. IT must stand shoulder-to-shoulder with the business to develop a technology framework for ERP.

    Info-Tech’s methodology for developing a foundational ERP strategy and roadmap

    1. Build alignment and scope 2. Define your ERP 3. Plan your project 4. Next Steps
    Phase Steps
    1. Aligning business and IT
    2. Scope and priorities
    1. ERP Business Model
    2. ERP processes and supporting applications
    3. Process pains, opportunities & maturity
    1. Stakeholders, risk & value
    2. Project set up
    1. Build your roadmap
    2. Wrap up and present
    Phase Outcomes Discuss organizational goals and how to advance those using the ERP system. Establish the scope of the project and ensure that business and IT are aligned on project priorities. Build the ERP business model then move on to the top level (mega) processes and an initial list of the sub-processes. Generate a list of applications that support the identified processes. Conclude with a complete view of the mega-processes and their sub-processes. Map out your stakeholders to evaluate their impact on the project, build an initial risk register and discuss group alignment. Conclude the phase by setting the initial core project team and their accountabilities to the project. Review the different options to solve the identified pain points then build out a roadmap of how to get to that solution. Build a communication plan as part of organizational change management, which includes the stakeholder presentation.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Sample of the Key Deliverable 'ERP Strategy Report'.

    ERP Strategy Report

    Complete an assessment of processes, prioritization, and pain points, and create an initiative roadmap.

    Samples of blueprint deliverables related to 'ERP Strategy Report'.

    ERP Business Model
    Align your business and technology goals and objectives in the current environment.
    Sample of the 'ERP Business Model' blueprint deliverable.
    ERP Operating Model
    Identify and prioritize your ERP top-level processes.
    Sample of the 'ERP Operating Model' blueprint deliverable.
    ERP Process Prioritization
    Assess ERP processes against the axes of rigor and strategic importance.
    Sample of the 'ERP Process Prioritization' blueprint deliverable.
    ERP Strategy Roadmap
    A data-driven roadmap of how to address the ERP pain points and opportunities.
    Sample of the 'ERP Strategy Roadmap' blueprint deliverable.

    Executive Brief Case Study

    INDUSTRY: Aerospace
    SOURCE: Panorama, 2021

    Aerospace organization assesses ERP future state from opportunities, needs, and pain points

    Challenge

    Several issues plagued the aerospace and defense organization. Many of the processes were ad hoc and did not use the system in place, often relying on Excel. The organization had a very large pain point stemming from its lack of business process standardization and oversight. The biggest gap, however, was from the under-utilization of the ERP software.

    Solution

    By assessing the usage of the system by employees and identifying key workarounds, the gaps quickly became apparent. After assessing the organization’s current state and generating recommendations from the gaps, it realized the steps needed to achieve its desired future state. The analysis of the pain points generated various needs and opportunities that allowed the organization to present and discuss its key findings with executive leadership to set milestones for the project.

    Results

    The overall assessment led the organization to the conclusion that in order to achieve its desired future state and maximize ROI from its ERP, the organization must address the internal issues prior to implementing the upgraded software.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between eight to twelve calls over the course of four to six months.

    Phase 1

    • Call #1: Scoping call to understand the current situation.
    • Call #2: Establish business & IT alignment and project scope.

    Phase 2

    • Call #3: Discuss the ERP Strategy business model and mega-processes.
    • Call #4: Begin the drill down on the level 1 processes.

    Phase 3

    • Call #5: Establish the stakeholder map and project risks.
    • Call #6: Discuss project setup including stakeholder commitment and accountability.

    Phase 4

    • Call #7: Discuss resolution paths and build initial roadmap.
    • Call #8: Summarize results and plan next steps.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Day 5
    Activities
    Introduction to ERP

    1.1 Introduction to ERP

    1.2 Background

    1.3 Expectations and goals

    1.4 Align business strategy

    1.5 ERP vision and guiding principles

    1.6 ERP strategy model

    1.7 ERP operating model

    Build the ERP operating model

    2.1 Build application portfolio

    2.2 Map the level 1 ERP processes including identifying stakeholders, pain points, and key success indicators

    2.3 Discuss process and technology maturity for each level 1 process

    Project set up

    3.1 ERP process prioritization

    3.2 Stakeholder mapping

    3.3 Competing priorities review

    3.4 Initial risk register compilation

    3.5 Workshop retrospective

    Roadmap and presentation review

    4.1 Discuss future state options

    4.2 Build initial roadmap

    4.3 Review of final deliverable

    Next Steps and wrap-up (offsite)

    5.1 Complete in-progress deliverables from previous four days

    5.2 Set up review time for workshop deliverables and to discuss next steps

    Deliverables
    1. ERP strategy model
    2. ERP operating model
    1. Application portfolio
    2. Mega-processes with level 1 process lists
    1. Prioritized ERP operating model
    2. Stakeholder map
    3. Competing priorities list
    4. Initial risk register
    1. Future state options
    2. Initiative roadmap
    3. Draft final deliverable
    1. Completed ERP strategy template
    2. ERP strategy roadmap

    Build an ERP Strategy and Roadmap

    Phase 1

    Build alignment and scope

    Phase 1

    • 1.1 Aligning business and IT
    • 1.2 Scope and priorities

    Phase 2

    • 2.1 ERP Business Model
    • 2.2 ERP processes and supporting applications
    • 2.3 Process pains, opportunities & maturity

    Phase 3

    • 3.1 Stakeholders, risk & value
    • 3.2 Project set up

    Phase 4

    • 4.1 Build your roadmap
    • 4.2 Wrap up and present

    This phase will walk you through the following activities:

    Build a common language to ensure clear understanding of the organizational needs. Define a vision and guiding principles to aid in decision making and enumerate how the ERP supports achievement of the organizational goals. Define the initial scope of the ERP project. This includes the discussion of what is not in scope.

    This phase involves the following participants:

    • Primary stakeholders in each value stream supported by the ERP
    • ERP Applications support team

    Create a compelling case that addresses strategic business objectives

    When someone at the organization asks you WHY, you need to deliver a compelling case. The ERP project will receive pushback, doubt, and resistance; if you can’t answer the question WHY, you will be left back-peddling.

    When faced with a challenge, prepare for the WHY.

    • Why do we need this?
    • Why are we spending all this money?
    • Why are we bothering?
    • Why is this important?
    • Why did we do it this way?
    • Why did we choose this vendor?

    Most organizations can answer “What?”
    Some organizations can answer “How?”
    Very few organizations have an answer for “Why?”

    Each stage of the project will be difficult and present its own unique challenges and failure points. Re-evaluate if you lose sight of WHY at any stage in the project.

    Step 1.1

    Aligning business and IT

    Activities
    • 1.1.1 Build a glossary
    • 1.1.2 ERP Vision and guiding principles
    • 1.1.3 Corporate goals and ERP benefits

    This step will walk you through the following activities:

    • Building a common language to ensure a clear understanding of the organization’s needs.
    • Creating a definition of your vision and identifying the guiding principles to aid in decision making.
    • Defining how the ERP supports achievement of the organizational goals.

    This step involves the following participants:

    • Primary stakeholders in each value stream supported by the ERP
    • ERP Applications support team

    Outcomes of this step

    Business and IT have a shared understanding of how the ERP supports the organizational goals.

    Are we all talking about the same thing?

    Every group has their own understanding of the ERP system, and they may use the same words to describe different things. For example, is there a difference between procurement of office supplies and procurement of parts to assemble an item for sale? And if they are different, do your terms differ (e.g., procurement versus purchasing)?

    Term(s) Definition
    HRMS, HRIS, HCM Human Resource Management System, Human Resource Information System, Human Capital Management. These represent four capabilities of HR: core HR, talent management, workforce management, and strategic HR.
    Finance Finance includes the core functionalities of GL, AR, and AP. It also covers such items as treasury, financial planning and analysis (FP&A), tax management, expenses, and asset management.
    Supply Chain The processes and networks required to produce and distribute a product or service. This encompasses both the organization and the suppliers.
    Procurement Procurement is about getting the right products from the right suppliers in a timely fashion. Related to procurement is vendor contract management.
    Distribution The process of getting the things we create to our customers.
    CRM Customer Relationship Management, the software used to maintain records of our sales and non-sales contact with our customers.
    Sales The process of identifying customers, providing quotes, and converting those quotes to sales orders to be invoiced.
    Customer Service This is the process of supporting customers with challenges and non-sales questions related to the delivery of our products/services.
    Field Service The group that provides maintenance services to our customers.

    Activity 1.1.1 Build a glossary

    1 hour
    1. As a group, discuss the organization’s functional areas, business capabilities, value streams, and business processes.
    2. Ask each of the participants if there are terms or “jargon” that they hear used that they may be unclear on or know that others may not be aware of. Record these items in the table along with a description.
      • Acronyms are particularly important to document. These are often bandied about without explanation. For example, people outside of finance may not understand that FP&A is short for Financial Planning and Analysis.

    Record this information in the ERP Strategy Report Template.

    Sample of the 'ERP Strategy Report Template: Glossary'.

    Download the ERP Strategy Report Template

    Activity 1.1.1 Working slide

    Example/working slide for your glossary. Consider this a living document and keep it up to date.

    Term(s) Definition
    HRMS, HRIS, HCM Human Resource Management System, Human Resource Information System, Human Capital Management. These represent four capabilities of HR: core HR, talent management, workforce management, and strategic HR.
    Finance Finance includes the core functionalities of GL, AR, and AP. It also covers such items as treasury, financial planning and analysis (FP&A), tax management, expenses, and asset management.
    Supply Chain The processes and networks required to produce and distribute a product or service. This encompasses both the organization and the suppliers.
    Procurement Procurement is about getting the right products from the right suppliers in a timely fashion. Related to procurement is vendor contract management.
    Distribution The process of getting the things we create to our customers.
    CRM Customer Relationship Management, the software used to maintain records of our sales and non-sales contact with our customers.
    Sales The process of identifying customers, providing quotes, and converting those quotes to sales orders to be invoiced.
    Customer Service This is the process of supporting customers with challenges and non-sales questions related to the delivery of our products/services.
    Field Service The group that provides maintenance services to our customers.

    Vision and Guiding Principles

    GUIDING PRINCIPLES

    Guiding principles are high-level rules of engagement that help to align stakeholders from the outset. Determine guiding principles to shape the scope and ensure stakeholders have the same vision.

    Creating Guiding Principles

    Guiding principles should be constructed as full sentences. These statements should be able to guide decisions.

    EXAMPLES

    • [Organization] is implementing an ERP system to streamline processes and reduce redundancies, saving time and money.
    • [Organization] is implementing an ERP to integrate disparate systems and rationalize the application portfolio.
    • [Organization] is aiming at taking advantage of best industry practices and strives to minimize the level of customization required in solution.

    Questions to Ask

    1. What is a strong statement that will help guide decision making throughout the life of the ERP project?
    2. What are your overarching requirements for business processes?
    3. What do you ultimately want to achieve?
    4. What is a statement that will ensure all stakeholders are on the same page for the project?

    Activity 1.1.2 – ERP Vision and Project Guiding Principles

    1 hour

    1. As a group, discuss whether you want to create a separate ERP vision statement or re-state your corporate vision and/or goals.
      • An ERP vision statement will provide project-guiding principles, encompass the ERP objectives, and give a rationale for the project.
      • Using the corporate vision/goals will remind the business and IT that the project is to find an ERP solution that supports and enhances the organizational objectives.
    2. Review each of the sample guiding principles provided and ask the following questions:
      1. Do we agree with the statement?
      2. Is this statement framed in the language we used internally? Does everyone agree on the meaning of the statement?
      3. Will this statement help guide our decision-making process?

    Record this information in the ERP Strategy Report Template.

    Sample of the 'ERP Strategy Report Template: Guiding Principles.

    Download the ERP Strategy Report Template

    Activity 1.1.2 – ERP Vision and Project Guiding Principles

    We, [Organization], will select and implement an integrated software suite that enhances the growth and profitability of the organization through streamlined global business processes, real time data-driven decisions, increased employee productivity, and IT investment protection.

    • Support Business Agility: A flexible and adaptable integrated business system providing a seamless user experience.
    • Utilize ERP best practices: Do not recreate or replicate what we have today, focus on modernization. Exercise customization governance by focusing on those customizations that are strategically differentiating.
    • Automate: Take manual work out where we can, empowering staff and improving productivity through automation and process efficiencies.
    • Stay focused: Focus on scope around core business capabilities. Maintain scope control. Prioritize demand in line with the strategy.
    • Strive for “One Source of Truth”: Unify data model and integrate processes where possible. Assess integration needs carefully.

    Align the ERP strategy with the corporate strategy

    Corporate Strategy Unified Strategy ERP Strategy
    • Conveys the current state of the organization and the path it wants to take.
    • Identifies future goals and business aspirations.
    • Communicates the initiatives that are critical for getting the organization from its current state to the future state.
    • ERP optimization can be and should be linked, with metrics, to the corporate strategy and ultimate business objectives.
    • Communicates the organization’s budget and spending on ERP.
    • Identifies IT initiatives that will support the business and key ERP objectives.
    • Outlines staffing and resourcing for ERP initiatives.

    Info-Tech Insight

    ERP projects are more successful when the management team understands the strategic importance and the criticality of alignment. Time needs to be spent upfront aligning business strategies with ERP capabilities. Effective alignment between IT and the business should happen daily. Alignment doesn’t just to occur at the executive level alone, but at each level of the organization.

    1.1.3 – Corporate goals and ERP benefits

    1-2 hours

    1. Discuss the business objectives. Identify two or three objectives that are a priority for this year.
    2. Produce several ways a new ERP system will meet each objective.
    3. Think about the modules and ERP functions that will help you realize these benefits.

    Cost Reduction

    • Decrease Total Cost: Reduce total costs by five percent by January 2022.
    • Decrease Specific Costs: Reduce costs of “x” business unit by ten percent by Jan. next year.

    ERP Benefits

    • Reduce headcount
    • Reallocate workers
    • Reduce overtime
    • Increased compliance
    • Streamlined audit process
    • Less rework due to decrease in errors

    Download the ERP Strategy Report Template

    Activity 1.1.3 – Corporate goals and ERP benefits

    Corporate Strategy ERP Benefits
    End customer visibility (consumer experience)
    • Help OEM’s target customers
    • Keep customer information up-to-date, including contact choices
    • [Product A] process support improvements
    • Ability to survey and track responses
    • Track and improve renewals
    • Service support – improve cycle times for claims, payment processing, and submission quality
    Social responsibility
    • Reduce paper internally and externally
    • Facilitating tracking and reporting of EFT
    • One location for all documents
    New business development
    • Track all contacts
    • Measure where in process the contact is
    • Measure impact of promotions
    Employee experience
    • Improve integration of systems reducing manual processes through automation
    • Better tracking of sales for employee comp
    • Ability to survey employees

    Step 1.2

    Scope and priorities

    Activities
    • 1.2.1 Project scope
    • 1.2.2 Competing priorities

    This step will walk you through the following activities:

    • Define the initial scope of the ERP project. This includes the discussion of what is not in scope. For example, a stand-alone warehouse management system may be out of scope while an existing HRMS could be in scope.

    This step involves the following participants:

    • Primary stakeholders in each value stream supported by the ERP
    • ERP Applications support team

    Outcomes of this step

    A project scope statement and a prioritized list of projects that may compete for organizational resources.

    Understand the importance of setting expectations with a scope statement

    Be sure to understand what is in scope for an ERP strategy project. Prevent too wide of a scope to avoid scope creep – for example, we aren’t tackling MMS or BI under ERP.

    A diamond shape with three layers. Inside is 'In Scope', middle is 'Scope Creep', and outside is 'Out of Scope'.

    Establishing the parameters of the project in a scope statement helps define expectations and provides a baseline for resource allocation and planning. Future decisions about the strategic direction of ERP will be based on the scope statement.

    Well-executed requirements gathering will help you avoid expanding project parameters, drawing on your resources, and contributing to cost overruns and project delays. Avoid scope creep by gathering high-level requirements that lead to the selection of category-level application solutions (e.g. HRIS, CRM, PLM etc.) rather than granular requirements that would lead to vendor application selection (e.g. SAP, Microsoft, Oracle, etc.).

    Out-of-scope items should also be defined to alleviate ambiguity, reduce assumptions, and further clarify expectations for stakeholders. Out-of-scope items can be placed in a backlog for later consideration.

    In Scope Out of Scope
    Strategy High-level ERP requirements, strategic direction
    Software selection Vendor application selection, Granular system requirements

    Activity 1.2.1 – Define scope

    1 hour

    1. Formulate a scope statement. Decide which people, processes, and functions the ERP strategy will address. Generally, the aim of this project is to develop strategic requirements for the ERP application portfolio – not to select individual vendors.
    2. To assist in forming your scope statement, answer the following questions:
      • What are the major coverage points?
      • Who will be using the systems?
      • How will different users interact with the systems?
      • What are the objectives that need to be addressed?
      • Where do we start?
      • Where do we draw the line?

    Record this information in the ERP Strategy Report Template.

    Sample of the 'ERP Strategy Report Template: Scope Statements'.

    Download the ERP Strategy Report Template

    Activity 1.2.1 – Define scope

    Scope statements

    The following systems are considered in scope for this project:

    • Finance
    • HRMS
    • CRM
    • Supply chain

    The following systems are out of scope for this project:

    • PLM – product lifecycle management
    • Project management
    • Contract management

    The following systems are in scope, in that they must integrate into the new system. They will not change.

    • Payroll processing
    • Bank accounts
    • EDI software

    Know your competing priorities

    Organizations typically have multiple projects on the table or in flight. Each of those projects requires resources and attention from business and/or the IT organization.

    Don’t let poor prioritization hurt your ERP implementation.
    BNP Paribas Fortis had multiple projects that were poorly prioritized resulting in the time to bring products to market to double over a three-year period. (Source: Neito-Rodriguez, 2016)

    Project Timeline Priority notes Implications
    Warehouse management system upgrade project Early 2022 implementation High Taking IT staff and warehouse team, testing by finance
    Microsoft 365 October 2021-March 2022 High IT Staff, org impacted by change management
    Electronic Records Management April 2022 – Feb 2023 High Legislative requirement, org impact due to record keeping
    Web site upgrade Early fiscal 2023

    Activity 1.2.2 – Competing priorities

    1 hour

    1. As a group, discuss the projects that are currently in flight as well as any known projects including such things as territory expansion or new regulation compliance.
    2. For each project discuss and record the following items:
      • The project timeline. When does it start and how long is it expected to run?
      • How important is this project to the organization? A lot of high priority projects are going to require more attention from the staff involved.
      • What are the implications of this project?
        • What staff will be impacted? What business users will be impacted, and what is the IT involvement?
        • To what extent will the overall organization be impacted? Is it localized to a location or is it organization wide?
        • Can the project be deferred?

    Record this information in the ERP Strategy Report Template.

    Sample of the 'ERP Strategy Report Template: Priorities'.

    Download the ERP Strategy Report Template

    Activity 1.2.2 – Competing priorities

    List all your known projects both current and proposed. Discuss the prioritization of those projects, whether they are more or less important than your ERP project.

    Project Timeline Priority notes Implications
    Warehouse management system upgrade project Early 2022 implementation High Taking IT staff and warehouse team, testing by finance
    Microsoft 365 October 2021-March 2022 High IT Staff, org impacted by change management
    Electronic Records Management April 2022 – Feb 2023 High Legislative requirement, org impact due to record keeping
    Web site upgrade Early fiscal 2023 Medium
    Point of Sale replacement Oct 2021– Mar 2022 Medium
    ERP utilization and training on unused systems Friday, Sept 17 Medium Could impact multiple staff
    Managed Security Service RFP This calendar year Medium
    Mental Health Dashboard In research phase Low

    Build an ERP Strategy and Roadmap

    Phase 2

    Define your ERP

    Phase 1

    • 1.1 Aligning business and IT
    • 1.2 Scope and priorities

    Phase 2

    • 2.1 ERP Business Model
    • 2.2 ERP processes and supporting applications
    • 2.3 Process pains, opportunities & maturity

    Phase 3

    • 3.1 Stakeholders, risk & value
    • 3.2 Project set up

    Phase 4

    • 4.1 Build your roadmap
    • 4.2 Wrap up and present

    This phase will walk you through the following activities:

    • Build the ERP business model then move on to the top level (mega) processes and an initial list of the sub-processes
    • Generate a list of applications that support the identified processes
    • Assign stakeholders, discuss pain points, opportunities, and key success indicators
    • Assign process and technology maturity to each stakeholder

    This phase involves the following participants:

    • Primary stakeholders in each value stream supported by the ERP
    • ERP applications support team

    Step 2.1

    ERP business model

    Activities
    • 2.1.1 Environmental factors, technology drivers, and business needs
    • 2.1.2 Challenges, pain points, enablers, and organizational goals

    This step will walk you through the following activities:

    • Identify ERP drivers and objectives
    • Explore ERP challenges and pain points
    • Discuss the ERP benefits and opportunities

    This step involves the following participants:

    • ERP implementation team
    • Business stakeholders

    Outcomes of this step

    • ERP business model

    Explore environmental factors and technology drivers

    1. Identify business drivers that are contributing to the organization’s need for ERP.
    2. Understand how the company is running today and what the organization’s future will look like. Try to identify the purpose for becoming an integrated organization.
    3. Consider external considerations, organizational drivers, technology drivers, and key functional requirements
    The ERP Business Model with 'Business Needs', 'Environmental Factors', and 'Technology Drivers' highlighted. At the center is 'ERP Strategy' with 'Barriers' above and 'Enablers' below. Surrounding and feeding into the center group are 'Business Needs', 'Environmental Factors', 'Technology Drivers', and 'Organizational Goals'.
    External Considerations
    • Regulations
    • Elections
    • Availability of resources
    • Staff licensing and certifications
    Organizational Drivers
    • Compliance
    • Scalability
    • Operational efficiency
    • Union agreements
    • Self service
    • Role appropriate dashboards and reports
    • Real time data access
      • Use of data in the system (no exports)
    Technology Considerations
    • Data accuracy
    • Data quality
    • Better reporting
    Functional Requirements
    • Information availability
    • Integration between systems
    • Secure data

    Activity 2.1.1 – Explore environmental factors and technology drivers

    1 hour

    1. Identify business drivers that are contributing to the organization’s need for ERP.
    2. Understand how the company is running today and what the organization’s future will look like. Try to identify the purpose for becoming an integrated organization. Use a whiteboard or flip charts and markers to capture key findings.
    3. Consider External Considerations, Organizational Drivers, Technology Drivers, and Key Functional Requirements.

    Record this information in the ERP Strategy Report Template.

    Sample of the next slide, 'ERP Business Model', with an iconized ERP Business Model and a table highlighting 'Environmental Factors', 'Technology Drivers', and 'Business Needs'.

    Download the ERP Strategy Report Template

    ERP Business Model A iconized version of the ERP Business Model.

    Environmental FactorsTechnology DriversBusiness Needs
    • Regulations
    • Elections
    • Availability of resources
    • Staff licensing and certifications
    • Document storage
    • Cloud security standards
    • Functionality based on deployment
    • Cloud-first based on above
    • Integration with external data suppliers
    • Integration with internal systems (Elite?)
    • Compliance
    • Scalability
    • Operational efficiency
    • Union agreements
    • Self service
    • Role appropriate dashboards and reports
    • Real time data access
    • Use of data in the system (no exports)
    • CapEx vs. OpEx

    Discuss challenges, pain points, enablers and organizational goals

    1. Identify challenges with current systems and processes.
    2. Brainstorm potential barriers to successful ERP selection and implementation. Use a whiteboard and marker to capture key findings.
    3. Consider organizational goals along with barriers and enablers to ERP success.
    The ERP Business Model with 'Organizational Goals', 'Enablers', and 'Barriers' highlighted. At the center is 'ERP Strategy' with 'Barriers' above and 'Enablers' below. Surrounding and feeding into the center group are 'Business Needs', 'Environmental Factors', 'Technology Drivers', and 'Organizational Goals'.
    Functional Gaps
    • No online purchase order requisition
    Technical Gaps
    • Inconsistent reporting – data quality concerns
    Process Gaps
    • Duplication of data
    • Lack of system integration
    Barriers to Success
    • Cultural mindset
    • Resistance to change
    Business Benefits
    • Business-IT alignment
    IT Benefits
    • Compliance
    • Scalability
    Organizational Benefits
    • Data accuracy
    • Data quality
    Enablers of Success
    • Change management
    • Alignment to strategic objectives

    Activity 2.1.2 – Discuss challenges, pain points, enablers, and organizational goals

    1 hour

    1. Identify challenges with the current systems and processes.
    2. Brainstorm potential barriers to successful ERP selection and implementation. Use a whiteboard or flip chart and markers to capture key findings.
    3. Consider functional gaps, technical gaps, process gaps, and barriers to ERP success.
    4. Identify the opportunities and benefits from an integrated system.
    5. Brainstorm potential enablers for successful ERP selection and implementation. Use a whiteboard and markers to capture key findings.
    6. Consider business benefits, IT benefits, organizational benefits, and enablers of success.

    Record this information in the ERP Strategy Report Template.

    Sample of the next slide, 'ERP Business Model', with an iconized ERP Business Model and a table highlighting 'Organizational Goals', 'Enablers', and 'Barriers'.

    Download the ERP Strategy Report Template

    ERP Business Model A iconized version of the ERP Business Model.

    Organizational Goals Enablers Barriers
    • Efficiency
    • Effectiveness
    • Integrity
    • One source of truth for data
    • One team
    • Customer service, external and internal
    • Cross-trained employees
    • Desire to focus on value-add activities
    • Collaborative
    • Top level executive support
    • Effective change management process
    • Organizational silos
    • Lack of formal process documentation
    • Funding availability
    • What goes first? Organizational priorities

    Step 2.2

    ERP processes and supporting applications

    Activities
    • 2.2.1 ERP process inventory
    • 2.2.2 Application portfolio

    This step will walk you through the following activities:

    • Identify the top-level (mega) processes and create an initial list of the sub-processes
    • Generate a list of applications that support the identified processes

    This step involves the following participants:

    • Primary stakeholders in each value stream supported by the ERP
    • ERP applications support team

    Outcomes of this step

    • A list of in scope business processes
    • A list of current applications and services supporting the business processes

    Process Inventory

    In business architecture, the primary view of an organization is known as a business capability map.

    A business capability defines what a business does to enable value creation rather than how.

    Business capabilities:

    • Represent stable business functions
    • Are unique and independent of each other
    • Will typically have a defined business outcome

    A business capability map provides details that help the business architecture practitioner direct attention to a specific area of the business for further assessment.

    A process map titled 'Business capability map (Level 0)' with many processes sectioned off into sections and subsections. The top-left section is 'Products and Services Development' with subsections 'Design'(6 processes) and 'Manufacturing'(3 processes). The top-middle section is 'Revenue Generation'(3 processes) and below that is 'Sourcing'(2 processes). The top-right section is 'Demand Fulfillment'(9 processes). Along the bottom is the section 'Enterprise Management and Planning' with subsections 'Human Resources'(4 processes), 'Business Direction'(4 processes), and 'Finance'(4 processes).

    If you do not have a documented process model, you can use the APQC Framework to help define your inventory of business processes.

    APQC’s Process Classification Framework is a taxonomy of cross-functional business processes intended to allow the objective comparison of organizational performance within and among organizations.

    APQC’s Process Classification Framework

    Activity 2.2.1 – Process inventory

    2-4 hours

    1. As a group, discuss the business capabilities, value streams, and business processes.
    2. For each capability determine the following:
      • Is this capability applicable to our organization?
      • What application, if any, supports this capability?
    3. Are there any missing capabilities to add?

    Record this information in the ERP Strategy Report Template.

    Sample of the 'Process Inventory' table on the next slide.

    Download the ERP Strategy Report Template

    Activity 2.2.1 – Process inventory

    Core Finance Core HR Workforce Management Talent Management Warehouse Management Enterprise Asset Management
    Process Technology Process Technology Process Technology Process Technology Process Technology Process Technology
    • General ledger
    • Accounts payable
    • Accounts receivable
    • GL consolidation
    • Cash management
    • Billing and invoicing
    • Expenses
    • Payroll accounting
    • Tax management
    • Reporting
    • Payroll administration
    • Benefits administration
    • Position management
    • Organizational structure
    • Core HR records
    • Time and attendance
    • Leave management
    • Scheduling
    • Performance management
    • Talent acquisition
    • Offboarding & onboarding
    • Plan layout
    • Manage inventory
    • Manage loading docks
    • Pick, pack, ship
    • Plan and manage workforce
    • Manage returns
    • Transfer product cross-dock
    • Asset lifecycle management
    • Supply chain management
    • Maintenance planning & scheduling
    Planning & Budgeting Strategic HR Procurement Customer Relationship Management Facilities Management Project Management
    Process Technology Process Technology Process Technology Process Technology Process Technology Process Technology
    • Budget reporting
    • Variance analysis
    • Multi-year operating plan
    • Monthly forecasting
    • Annual operating plan
    • Compensation planning
    • Workforce planning
    • Succession planning
    • Supplier management
    • Purchase order management
    • Workflow approvals
    • Contract / tender management
    • Contact management
    • Activity management
    • Analytics
    • Plan and acquire
    • Asset maintenance
    • Disposal
    • Project management
    • Project costing
    • Budget control
    • Document management

    Complete an inventory collection of your application portfolio

    MANAGED vs. UNMANAGED APPLICATION ENVIRONMENTS

    • Managed environments make way for easier inventory collection since there is significant control as to what applications can be installed on a company asset. Organizations will most likely have a comprehensive list of supported and approved applications.
    • Unmanaged environments are challenging to control because users are free to install any applications on company assets, which may or may not be supported by IT.
    • Most organizations fall somewhere in between – there is usually a central repository of applications and several applications that are exceptions to the company policies. Ensure that all applications are accounted for.

    Determine your inventory collection method:

    MANUAL INVENTORY COLLECTION
    • In its simplest form, a spreadsheet is used to document your application inventory.
    • For large organizations, reps interview all business domains to create a list of installed applications.
    • Conducting an end-user survey within your business domains is one way to gather your application inventory and assess quality.
    • This manual approach is most appropriate for smaller organizations with small application portfolios across domains.
    AUTOMATED INVENTORY COLLECTION
    • Using inventory collection compatibility tools, discover all of the supported applications within your organization.
    • This approach may not capture all applications, depending on the parameters of your automated tool.
    • This approach works well in a managed environment.

    Activity 2.2.2 – Understand the current application portfolio

    1-2 hours

    1. Brainstorm a list of the applications that support the ERP business processes inventoried in Activity 2.2.1. If an application has multiple instances, list each instance as a separate line item.
    2. Indicate the following for each application:
      1. User satisfaction. This may be more than one entry as different groups – e.g., IT vs. business – may differ.
      2. Processes supported. Refer to processes defined in Activity 2.2.1. Update 2.2.1 if additional processes are identified during this exercise.
      3. Define a future disposition: Keep, Update, Replace. It is possible to have more than one disposition, e.g., Update or Replace is a valid disposition.
    3. [Optional] Collect the following information about each application. This information can be used to calculate the cost per application and total cost per user:
      1. Number of users or user groups
      2. Estimated maintenance costs
      3. Estimated capital costs
      4. Estimated licensing costs
      5. Estimated support costs

    Record this information in the ERP Strategy Report Template.

    Sample of the 'Application Portfolio' table on the next slide.

    Download the ERP Strategy Report Template

    2.2.2 - Application portfolio

    Inventory your applications and assess usage, satisfaction, and disposition

    Application Name Satisfaction Processes Supported Future Disposition
    PeopleSoft Financials Medium and declining ERP – shares one support person with HR Update or Replace
    Time Entry (custom) Low Time and Attendance Replace
    PeopleSoft HR Medium Core HR Update or Replace
    ServiceNow High ITSM
    CSM: Med-Low
    ITSM and CSM
    CSM – complexity and process changes
    Update
    Data Warehouse High IT
    Business: Med-Low
    BI portal – Tibco SaaS datamart Keep
    Regulatory Compliance Medium Regulatory software – users need training Keep
    ACL Analytics Low Audit Replace
    Elite Medium Supply chain for wholesale Update (in progress)
    Visual Importer Med-High Customs and taxes Keep
    Custom Reporting application Med-High Reporting solution for wholesale (custom for old system, patched for Elite) Replace

    2.3.1 – Visual application portfolio [optional]

    A diagram of applications and how they connect to each other. There are 'External Systems' and 'Internal Systems' split into three divisions, 'Retail Division', 'Wholesale Division', and 'Corporate Services'. Example external systems are 'Moneris', 'Freight Carriers', and 'Banks'. Example internal systems are 'Retail ERP/POS', 'Elite', and 'Excel'.

    Step 2.3

    Process pains, opportunities, and maturity

    Activities
    • 2.3.1 Level one process inventory with stakeholders
    • 2.3.2 Process pain points and opportunities
    • 2.3.3 Process key success indicators
    • 2.3.4 Process and technology maturity
    • 2.3.5 Mega-process prioritization

    This step will walk you through the following activities:

    • Assign stakeholders, discuss pain points, opportunities, and key success indicators for the mega-processes identified in Step 2.1
    • Assign process and technology maturity to each prioritizing the mega-processes

    This step involves the following participants:

    • Primary stakeholders in each value stream supported by the ERP
    • ERP applications support team

    Outcomes of this step

    For each mega-process:

    • Level 1 processes with process and technology maturity assigned
    • Stakeholders identified
    • Process pain points, opportunities, and key success indicators identified
    • Prioritize the mega-processes

    Building out the mega-processes

    Congratulations, you have made it to the “big lift” portion of the blueprint. For each of the processes that were identified in exercise 2.2.1, you will fill out the following six details:

    1. Primary stakeholder(s)
    2. A description of the process
    3. hat level 1 processes/capabilities the mega-process is composed of
    4. Problems the new system must solve
    5. What success will look like when the new system is implemented
    6. The process and technological maturity of each level 1 process.

    Sample of the 'Core Finance' slide in the ERP Strategy Report, as shown on the next slide, with numbers corresponding to the ordered list above. 1 is on a list of 'Stakeholders', 2 is by the 'Description' box, 3 is on the 'Capability' table column, 4 is on the 'Current Pain Points' box, 5 is on the 'Key Success Factors' box, and 6 is on the 'Maturity' ratings column.

    It will take one to three hours per mega-process to complete the six different sections.

    Note:
    For each mega-process identified you will create a separate slide in the ERP Strategy Report. Default slides have been provided. Add or delete as necessary.

    Sample of the 'Core Finance' slide in the ERP Strategy Report. Note on the list of stakeholders reads 'Primary Stakeholders'. Note on the title, Core Finance, reads 'Mega-process name'. Note on the description box reads 'Description of the process'. Note on the 'Key Success Factors' box reads 'What success looks like'. Note on the 'Current Pain Points' box reads 'Problems the new system must solve'. Below is a capability table with columns 'Capability', 'Maturity', and a blank on for notes. Note on the 'Capability' table column reads 'Level 1 process'. Note on the 'Maturity' ratings column reads 'Level 1 process maturity of process and technology'. Note on the notes column reads 'Level 1 process notes'.

    An ERP project is most effective when you follow a structured approach to define, select, implement, and optimize

    Top-down approach

    ERP Strategy
    • Operating Model – Define process strategy, objectives, and operational implications.
    • Level 1 Processes –Define process boundaries, scope at the organization level; the highest level of mega-process.

    • Level 2 Processes – Define processes by function/group which represent the next level of process interaction in the organization.
    • Level 3 Processes – Decompose process by activity and role and identify suppliers, inputs, outputs, customers, metrics, and controls.
    • Functional Specifications; Blueprint and Technical Framework – Refine how the system will support and enable processes; includes functional and technical elements.
    • Org Structure and Change Management – Align org structure and develop change mgmt. strategy to support your target operating model.
    • Implementation and Transition to Operations – Execute new methods, systems, processes, procedures, and organizational structure.
    • ERP Optimization and Continuous Improvement – Establish a program to monitor, govern, and improve ERP systems and processes.

    *A “stage gate” approach should be used: the next level begins after consensus is achieved for the previous level.

    Activity 2.3.1 – Level 1 process inventory with stakeholders

    1 hour per mega-process

    1. Identify the primary stakeholder for the mega-process. The primary stakeholder is usually the process owner. For example, for core finance the CFO is the process owner/primary stakeholder. Name a maximum of three stakeholders.
    2. In the lower section, detail all the capabilities/processes associated with the mega-process. Be careful to remain at the level 1 process level as it is easy to start identifying the “How” of a process. The “How” is too deep.

    Record this information in the ERP Strategy Report Template.

    Sample of the 'Core Finance' slide in the ERP Strategy Report with the 'Stakeholders' list and 'Capability' table column highlighted.

    Download the ERP Strategy Report Template

    Activity 2.3.2 – Process pain points and opportunities

    30+ minutes per mega-process

    1. As a group, write a clear description of the mega-process. This helps establish alignment on the scope of the mega-process.
    2. Start with the discussion of current pain points with the various capabilities. These pain points will be items that the new solution will have to resolve.

    Record this information in the ERP Strategy Report Template.

    Sample of the 'Core Finance' slide in the ERP Strategy Report with the 'Description', 'Key Success Factors', and 'Current Pain Points' boxes highlighted.

    Download the ERP Strategy Report Template

    Activity 2.3.3 – Key success indicators

    30 minutes per mega-process

    1. Document key success factors that should be base-lined in the existing system to show the overall improvement once the new system is implemented. For example, if month-end close takes 12 days in the current system, target three days for month-end close in the new system.

    Record this information in the ERP Strategy Report Template.

    Sample of the 'Core Finance' slide in the ERP Strategy Report with the 'Description', 'Key Success Factors', and 'Current Pain Points' boxes highlighted.

    Download the ERP Strategy Report Template

    Activity 2.3.4 – Process and technology maturity

    1 hour

    1. For each capability/level 1 process identified determine you level of process maturity:
      • Weak – Ad hoc processes without documentation
      • Moderate – Documented processes that are often executed consistently
      • Strong – Documented processes that include exception handling that are rigorously followed
      • Payroll is an example of a strong process, even if every step is manual. The process is executed the same every time to ensure staff are paid properly and on time.
    2. For each capability/level 1 process identified determine you level of technology maturity:
      • Weak – manual execution and often paper-based
      • Moderate – Some technology support with little automation
      • Strong – The process executed entirely within the technology stack with no manual processes

    Record this information in the ERP Strategy Report Template.

    Sample of the 'Core Finance' slide in the ERP Strategy Report with the 'Maturity' and notes columns highlighted.

    Download the ERP Strategy Report Template

    Activity 2.3.5 – Mega-process prioritization

    1 hour

    1. For the mega-processes identified, map each process’s current state in terms of process rigor versus organizational importance.
      • For process rigor, refer to your process maturity in the previous exercises.
    2. Now, as a group discuss how you want to “move the needle” on each of the processes. Remember that you have a limited capacity so focus on the processes that are, or will be, of strategic importance to the organization. The processes that are placed in the top right quadrant are the ones that are likely the strategic differentiators.

    Record this information in the ERP Strategy Report Template.

    A smaller version of the process prioritization map on the next slide.

    Download the ERP Strategy Report Template.

    ERP Process Prioritization

    Establishing an order of importance can impact vendor selection and implementation roadmap; high priority areas are critical for ERP success.

    A prioritization map placing processes by 'Rigor' and 'Organizational Importance' They are numbered 1-9, 0, A, and B and are split into two colour-coded sets for 'Future (green)' and 'Current(red)'. On the x-axis 'Organizational Importance' ranges from 'Operational' to 'Strategic' and on the y-axis 'Process Rigor' ranges from 'Get the Job Done' to 'Best Practice'. Comparing 'Current' to 'Future', they have all moved up from 'Get the Job Done' into 'Best Practice' territory and a few have migrated over from 'Operational' to 'Strategic'. Processes are 1. Core Finance, 2. Core HR, 3. Workforce Management, 4.Talent Management, 5. Employee Health and Safety, 6. Enterprise Asset Management, 7.Planning & Budgeting, 8. Strategic HR, 9. Procurement Mgmt., 0. CRM, A. Facilities, and B. Project Management.

    Build an ERP Strategy and Roadmap

    Phase 3

    Plan your project

    Phase 1

    • 1.1 Aligning business and IT
    • 1.2 Scope and priorities

    Phase 2

    • 2.1 ERP Business Model
    • 2.2 ERP processes and supporting applications
    • 2.3 Process pains, opportunities & maturity

    Phase 3

    • 3.1 Stakeholders, risk & value
    • 3.2 Project set up

    Phase 4

    • 4.1 Build your roadmap
    • 4.2 Wrap up and present

    This phase will walk you through the following activities:

    • Map out your stakeholders to evaluate their impact on the project
    • Build an initial risk register and ensure the group is aligned
    • Set the initial core project team and their accountabilities and get them started on the project

    This phase involves the following participants:

    • Primary stakeholders in each value stream supported by the ERP
    • ERP Applications support team

    Step 3.1

    Stakeholders, risk, and value

    Activities
    • 3.1.1 Stakeholder analysis
    • 3.1.2 Potential pitfalls and mitigation strategies
    • 3.1.3 Project value [optional]

    This step will walk you through the following activities:

    • Map out your stakeholders to evaluate their impact on the project
    • Build an initial risk register and ensure the group is aligned

    This step involves the following participants:

    • Primary stakeholders in each value stream supported by the ERP
    • ERP Applications support team

    Outcomes of this step

    • An understanding of the stakeholders and their project influence
    • An initial risk register
    • A consensus on readiness to proceed

    Understand how to navigate the complex web of stakeholders in ERP

    Identify which stakeholders to include and what their level of involvement should be during requirements elicitation based on relevant topic expertise.

    Sponsor End User IT Business
    Description An internal stakeholder who has final sign-off on the ERP project. Front-line users of the ERP technology. Back-end support staff who are tasked with project planning, execution, and eventual system maintenance. Additional stakeholders that will be impacted by any ERP technology changes.
    Examples
    • CEO
    • CIO/CTO
    • COO
    • CFO
    • Warehouse personnel
    • Sales teams
    • HR admins
    • Applications manager
    • Vendor relationship manager(s)
    • Director, Procurement
    • VP, Marketing
    • Manager, HR
    Value Executive buy-in and support is essential to the success of the project. Often, the sponsor controls funding and resource allocation. End users determine the success of the system through user adoption. If the end user does not adopt the system, the system is deemed useless and benefits realization is poor. IT is likely to be responsible for more in-depth requirements gathering. IT possesses critical knowledge around system compatibility, integration, and data. Involving business stakeholders in the requirements gathering will ensure alignment between HR and organizational objectives.

    Large-scale ERP projects require the involvement of many stakeholders from all corners and levels of the organization, including project sponsors, IT, end users, and business stakeholders. Consider the influence and interest of stakeholders in contributing to the requirements elicitation process and involve them accordingly.

    An example stakeholder map, categorizing stakeholders by amount of influence and interest.

    Activity 3.1.1 – Map your stakeholders

    1 hour

    1. As a group, identify all the ERP stakeholders. A stakeholder may be an individual such as the CEO or CFO, or it may be a group such as front-line employees.
    2. Map each stakeholder on the quadrant based on their expected Influence and Involvement in the project
    3. [Optional] Color code the users using the scale below to quickly identify the group that the stakeholder belongs to.
      • Sponsor – An internal stakeholder who has final sign-off on the ERP project.
      • End User – Front-line users of the ERP technology.
      • IT – Back-end support staff who are tasked with project planning, execution, and eventual system maintenance.
      • Business – Additional stakeholders that will be impacted by any ERP technology changes.

    Record this information in the ERP Strategy Report Template.

    Preview of the next slide.

    Download the ERP Strategy Report Template

    Slide titled 'Map the organization's stakeholders with a more in-depth example of a stakeholder map and long 'List of Stakeholders'. The quadrants that stakeholders are sorted into by influence and involvement are labelled 'Keep Satisfied (1)', 'Involve Closely (2)', 'Monitor (3)', and 'Keep Informed (4)'.

    Prepare contingency plans to minimize time spent handling unexpected risks

    Understanding the technical and strategic risks of a project can help you establish contingencies to reduce the likelihood of risk occurrence and devise mitigation strategies to help offset their impact if contingencies are insufficient.

    Risk Impact Likelihood Mitigation Effort
    Inadequate budget for additional staffing resources. 2 1 Use internal transfers and role-sharing rather than external hiring.
    Push-back on an ERP solution. 2 2 Use formal communication plans, an ERP steering committee, and change management to overcome organizational readiness.
    Overworked resources. 1 1 Create a detailed project plan that outlines resources and timelines in advance.
    Rating Scale:
    Impact: 1- High Risk 2- Moderate Risk 3- Minimal Risk
    Likelihood: 1- High/Needs Focus 2- Can Be Mitigated 3- Remote Likelihood

    Remember

    The biggest sources of risk in an ERP strategy are lack of planning, poorly defined requirements, and lack of governance.

    Apply the following mitigation tips to avoid pitfalls and delays.

    Risk Mitigation Tips

    • Upfront planning
    • Realistic timelines
    • Resource support
    • Managing change
    • Executive sponsorship
    • Sufficient funding
    • Setting the right expectations

    Activity 3.1.2 – Identify potential project pitfalls and mitigation strategies

    1-2 hours

    1. Discuss what “Impact” and “Likelihood” mean to your organization. For example, define Impact by what is important to your organization – financial loss, reputational impact, employee loss, and process impairment are all possible factors.
    2. Identify potential risks that may impede the successful completion of each work initiative. Risks may include predictable factors such as low resource capability, or unpredictable factors such as a change in priorities leading to withdrawn buy-in.
    3. For each risk, identify mitigation tactics. In some cases, mitigation tactics might take the form of standalone work initiative. For example, if a risk is lack of end-user buy-in, a work initiative to mitigate that risk might be to build an end-user communication plan.

    Record this information in the ERP Strategy Report Template.

    Preview of the next slide.

    Download the ERP Strategy Report Template

    Risks

    Risk Impact Likelihood Mitigation Effort
    Inadequate budget for additional staffing resources. 2 1 Use internal transfers and role-sharing rather than external hiring.
    Push-back on an ERP solution. 2 2 Use formal communication plans, an ERP steering committee, and change management to overcome organizational readiness.
    Overworked resources. 1 1 Create a detailed project plan that outlines resources and timelines in advance.
    Project approval 1 1 Build a strong business case for project approval and allow adequate time for the approval process
    Software does not work as advertised resulting in custom functionality with associated costs to create/ maintain 1 2 Work with staff to change processes to match the software instead of customizing the system thorough needs analysis prior to RFP creation
    Under estimation of staffing levels required, i.e. staff utilized at 25% for project when they are still 100% on their day job 1 2 Build a proper business case around staffing (be somewhat pessimistic)
    EHS system does not integrate with new HRMS/ERP system 2 2
    Selection of an ERP/HRMS that does not integrate with existing systems 2 3 Be very clear in RFP on existing systems that MUST be integrated to
    Rating Scale:
    Impact: 1- High Risk 2- Moderate Risk 3- Minimal Risk
    Likelihood: 1- High/Needs Focus 2- Can Be Mitigated 3- Remote Likelihood

    Is the organization committed to the ERP project?

    A recent study of critical success factors to an ERP implementation identified top management support and interdepartmental communication and cooperation as the top two success factors.

    By answering the seven questions the key stakeholders are indicating their commitment. While this doesn’t guarantee that the top two critical success factors have been met, it does create the conversation to guide the organization into alignment on whether to proceed.

    A table of example stakeholder questions with options 1-5 for how strongly they agree or disagree. 'Strongly disagree - 1', 'Somewhat disagree - 2', 'Neither agree or disagree - 3', 'Somewhat agree - 4', 'Strongly agree - 5'.

    Activity 3.1.3 – Project value (optional)

    30 minutes

    1. As a group, discuss the seven questions in the table. Ensure everyone agrees on what the questions are asking. If necessary, modify the language so that the meaning is clear to everyone.
    2. Have each stakeholder answer the seven questions on their own. Have someone compile the answers looking for:
      1. Any disagrees, strongly, somewhat, or neither as this indicates a lack of clarity. Endeavour to discover what additional information is required.
      2. [Optional] Have the most positive and most negative respondents present their points of view for the group to discuss. Is someone being overly optimistic, or pessimistic? Did the group miss something?

    There are no wrong answers. It should be okay to disagree with any of these statements. The goal of the exercise is to generate conversation that leads to support of the project and collaboration on the part of the participants.

    Record this information in the ERP Strategy Report Template.

    A preview of the next slide.

    Download the ERP Strategy Report Template

    Ask the right questions now to determine the value of the project to the organization

    Please indicate how much you agree or disagree with each of the following statements.

    Question # Question Strongly disagree Somewhat disagree Neither agree nor disagree Somewhat agree Strongly agree
    1. I have everything I need to succeed. 1 2 3 4 5
    2. The right people are involved in the project. 1 2 3 4 5
    3. I understand the process of ERP selection. 1 2 3 4 5
    4. My role in the project is clear to me. 1 2 3 4 5
    5. I am clear about the vision for this project. 1 2 3 4 5
    6. I am nervous about this project. 1 2 3 4 5
    7. There is leadership support for the project. 1 2 3 4 5

    Step 3.2

    Project set up

    Activities
    • 3.2.1 Create the project team
    • 3.2.2 Set the project RACI

    This step will walk you through the following activities:

    • Set the initial core project team and their accountabilities to the project.

    This step involves the following participants:

    • Primary stakeholders in each value stream supported by the ERP
    • ERP Applications support team

    Outcomes of this step

    • Identify the core team members and their time commitments.
    • Assign responsibility, accountability or communication needs.

    Identify the right stakeholders for your project team

    Consider the core team functions when composing the project team. It is essential to ensure that all relevant perspectives (business, IT, etc.) are evaluated to create a well-aligned and holistic ERP strategy.

    PROJECT TEAM ROLES

    • Project champion
    • Project advisor
    • Steering committee
    • Project manager
    • Project team
    • Subject matter experts
    • Change management specialist

    PROJECT TEAM FUNCTIONS

    • Collecting all relevant inputs from the business.
    • Gathering high-level requirements.
    • Creating a roadmap.

    Info-Tech Insight

    There may be an inclination towards a large project team when trying to include all relevant stakeholders. Carefully limiting the size of the project team will enable effective decision making while still including functional business units like HR and Finance, as well as IT.

    Activity 3.2.1 – Project team

    1 hour

    1. Considering your ERP project scope, discuss the resources and capabilities necessary, and generate a complete list of key stakeholders considering each of the roles indicated on the chart to the right.
    2. Using the list previously generated, identify a candidate(s) for each role and determine their responsibility in the ERP strategy and their expected time commitment.

    Record this information in the ERP Strategy Report Template.

    Preview of the table on the next slide.

    Download the ERP Strategy Report Template

    Project team

    Of particular importance for this table is the commitment column. It is important that the organization understands the level of involvement for all roles. Failure to properly account for the necessary involvement is a major risk factor.

    Role Candidate Responsibility Commitment
    Project champion John Smith
    • Provide executive sponsorship.
    20 hours/week
    Steering committee
    • Establish goals and priorities.
    • Define scope and approve changes.
    • Provide adequate resources and resolve conflict.
    • Monitor project milestones.
    10 hours/week
    Project manager
    • Prepare and manage project plan.
    • Monitor project team progress.
    • Conduct project team meetings.
    40 hours/week
    Project team
    • Drive day-to-day project activities.
    • Coordinate department communication.
    • Make process and design decisions.
    40 hours/week
    Subject matter experts by area
    • Attend meetings as needed.
    • Respond to questions and inquiries.
    5 hours/week

    Define project roles and responsibilities to improve progress tracking

    Build a list of the core ERP strategy team members and then structure a RACI chart with the relevant categories and roles for the overall project.

    • Responsible – Conducts work to achieve the task
    • Accountable – Answerable for completeness of task
    • Consulted – Provides input for the task
    • Informed – Receives updates on the task

    Benefits of assigning RACI early:

    • Improve project quality by assigning the right people to the right tasks.
    • Improve chances of project task completion by assigning clear accountabilities.
    • Improve project buy-in by ensuring stakeholders are kept informed of project progress, risks, and successes.

    Activity 3.2.2 – Project RACI

    1 hour

    1. The ERP strategy will require a cross-functional team within IT and business units. Make sure the responsibilities are clearly communicated to the selected project sponsor.
    2. Modify the left-hand column to match the activities expected in your project.

    Record this information in the ERP Strategy Report Template.

    Preview of the RACI chart on the next slide.

    Download the ERP Strategy Report Template

    3.2.2 – Project RACI

    Project champion Project advisor Project steering committee Project manager Project team Subject matter experts
    Determine project scope & vision I C A R C C
    Document business goals I I A R I C
    Inventory ERP processes I I A C R R
    Map current state I I A R I R
    Assess gaps and opportunities I C A R I I
    Explore alternatives R R A I I R
    Build a roadmap R A R I I R
    Create a communication plan R A R I I R
    Present findings R A R I I R

    Build an ERP Strategy and Roadmap

    Phase 4

    Next steps

    Phase 1

    • 1.1 Aligning business and IT
    • 1.2 Scope and priorities

    Phase 2

    • 2.1 ERP Business Model
    • 2.2 ERP processes and supporting applications
    • 2.3 Process pains, opportunities & maturity

    Phase 3

    • 3.1 Stakeholders, risk & value
    • 3.2 Project set up

    Phase 4

    • 4.1 Build your roadmap
    • 4.2 Wrap up and present

    This phase will walk you through the following activities:

    • Review the different options to solve the identified pain points
    • Build out a roadmap showing how you will get to those solutions
    • Build a communication plan that includes the stakeholder presentation

    This phase involves the following participants:

    • Primary stakeholders in each value stream supported by the ERP
    • ERP Applications support team

    Step 4.1

    Build your roadmap

    Activities
    • 4.1.1 Pick your path
    • 4.1.2 Build your roadmap
    • 4.1.3 Visualize your roadmap (optional)

    This step will walk you through the following activities:

    • Review the different options to solve the identified pain points then build out a roadmap of how to get to that solution.

    This step involves the following participants:

    • Primary stakeholders in each value stream supported by the ERP
    • ERP Applications support team

    Outcomes of this step

    • A strategic direction is set
    • An initial roadmap is laid out

    Choose the right path for your organization

    There are several different paths you can take to achieve your ideal future state. Make sure to pick the one that suits your needs as defined by your current state.

    A diagram of strategies. At the top is 'Current State', at the bottom is 'Future State', and listed strategies are 'Maintain Current System', 'Augment Current System', 'Optimize', and 'Transform'.

    Explore the options for achieving your ideal future state

    CURRENT STATE STRATEGY
    Your existing application satisfies both functionality and integration requirements. The processes surrounding it likely need attention, but the system should be considered for retention. MAINTAIN CURRENT SYSTEM
    Your existing application is, for the most part, functionally rich, but may need some tweaking. Spend time and effort building and enhancing additional functionalities or consolidating and integrating interfaces. AUGMENT CURRENT SYSTEM
    Your ERP application portfolio consists of multiple apps serving the same functions. Consolidating applications with duplicate functionality is more cost efficient and makes integration and data sharing simpler. OPTIMIZE: CONSOLIDATE AND INTEGRATE SYSTEMS
    Your existing system offers poor functionality and poor integration. It would likely be more cost and time efficient to replace the application and its surrounding processes altogether. TRANSFORM: REPLACE CURRENT SYSTEM

    Option: Maintain your current system

    Resolve your existing process and people pain points

    MAINTAIN CURRENT SYSTEM

    Keep the system, change the process.

    Your existing application satisfies both functionality and integration requirements. The processes surrounding it likely need attention, but the system should be considered for retention.

    Maintaining your current system entails adjusting current processes and/or adding new ones, and involves minimal cost, time, and effort.

    INDICATORS POTENTIAL SOLUTIONS
    People Pain Points
    • Lack of training
    • Low user adoption
    • Lack of change management
    • Contact vendor to inquire about employee training opportunities
    • Build a change management strategy
    Process Pain Points
    • Legacy processes
    • Workarounds and shortcuts
    • Highly specialized processes
    • Inconsistent processes
    • Explore process reengineering and process improvement opportunities
    • Evaluate and standardize processes

    Option: Augment your current system

    Use augmentation to resolve your existing technology and data pain points

    AUGMENT CURRENT SYSTEM

    Add to the system.

    Your existing application is for the most part functionally rich but may need some tweaking. Spend time and effort enhancing your current system.

    You will be able to add functions by leveraging existing system features. Augmentation requires limited investment and less time and effort than a full system replacement.

    INDICATORS POTENTIAL SOLUTIONS
    Technology Pain Points
    • Lack of reporting functions.
    • Lacking functional depth in key process areas.
    • Add point solutions or enable modules to address missing functionality.
    Data Pain Points
    • Poor data quality
    • Lack of data for processing and reporting
    • Single-source data entry
    • Add modules or augment processes to capture data

    Option: Consolidate and integrate

    Consolidate and integrate your current systems to address your technology and data pain points

    CONSOLIDATE AND INTEGRATE SYSTEMS

    Get rid of one system, combine two, or connect many.

    Your ERP application portfolio consists of multiple apps serving the same functions.

    Consolidating your systems eliminates the need to manage multiple pieces of software that provide duplicate functionality. Reducing the number of ERP applications makes integration and data sharing simpler.

    INDICATORS POTENTIAL SOLUTIONS
    Technology Pain Points
    • Disparate and disjointed systems
    • Multiple systems supporting the same function
    • Unused software licenses
    • System consolidation
    • System and module integration
    • Assess usage and consolidate licensing
    Data Pain Points
    • Multiple versions of same data
    • Duplication of data entry in different modules or systems
    • Poor data quality
    • Centralize core records
    • Assign data ownership
    • Single-source data entry

    Option: Replace your current system

    Replace your system to address gaps in your existing processes and various pain points

    REPLACE CURRENT SYSTEM

    Start from scratch.

    You’re transitioning from an end-of-life legacy system. Your existing system offers poor functionality and poor integration. It would likely be more cost and time efficient to replace the application and its surrounding processes all together.

    INDICATORS POTENTIAL SOLUTIONS
    Technology Pain Points
    • Lack of functionality and poor integration.
    • Obsolete technology.
    • Not aligned with technology direction or enterprise architecture plans.
    • Evaluate the ERP technology landscape.
    • Determine if you need to replace the current system with a point solution or an all-in-one solution.
    • Align ERP technologies with enterprise architecture.
    Data Pain Points
    • Limited capability to store and retrieve data.
    • Understand your data requirements.
    Process Pains
    • Insufficient tools to manage workflow.
    • Review end-to-end processes.
    • Assess user satisfaction.

    Activity 4.1.1 – Path to future state

    1+ hour
    1. Discuss the four options and the implications for your organization.
    2. Come to an agreement on your chosen path.

    The same diagram of strategies. At the top is 'Current State', at the bottom is 'Future State', and listed strategies are 'Maintain Current System', 'Augment Current System', 'Optimize', and 'Transform'.

    Activity 4.1.2 – Build a roadmap

    1-2 hours

    1. Start your roadmap with the stakeholder presentation. This is your mark in the sand to launch the project.
    2. For each item on your roadmap assign an owner who will be accountable to the completion of the roadmap item.
    3. Wherever possible, assign a start date, month, or quarter. The more specific you can be the better.
    4. Identify completion dates to create a sense of urgency. If you are struggling with start dates, it can help to start with a finish date and “back in” to a start date based on estimated efforts.

    Record this information in the ERP Strategy Report Template.

    Note:
    Your roadmap should be treated as a living document that is updated and shared with the stakeholders on a regular schedule.

    Preview of the strategy roadmap table on the next slide.

    Download the ERP Strategy Report Template

    ERP Strategy roadmap

    Initiative Owner Start Date Completion Date
    Create final workshop deliverable Info-Tech 16 September, 2021
    Review final deliverable Workshop sponsor
    Present to executive team Oct 2021
    Build business case CFO, CIO, Directors 3 weeks to build
    3-4 weeks process time
    Build an RFI for initial costings 1-2 weeks
    Stage 1 approval for requirements gathering Executive committee Milestone
    Determine and acquire BA support for next step 1 week
    Requirements gathering – level 2 processes Project team 5-6 weeks effort
    Build RFP (based on informal approval) CFO, CIO, Directors 4th calendar quarter 2022 Possible completion January 2023
    2-4 weeks

    Activity 4.1.3 – Build a visual roadmap [optional]

    1 hour

    1. For some, a visual representation of a roadmap is easier to comprehend. Consider taking the roadmap built in 4.1.2 and creating a visual.

    Record this information in the ERP Strategy Report Template.

    Preview of the visual strategy roadmap chart on the next slide.

    Download the ERP Strategy Report Template

    ERP Strategy Roadmap

    A table set up similarly to the previous one, but instead of 'Start Date' and 'Completion Date' columns there are multiple small columns broken up by fiscal quarters (i.e.. FY2022: Q1, Q2, Q3, Q4). There is a key with a light blue diamond shape representing a 'Milestone' and a blue arrow representing a 'Work in progress'; they are placed the Quarters columns according to when each row item reached a milestone or began its progress.

    Step 4.2

    Wrap up and present

    Activities
    • 4.2.1 Communication plan
    • 4.2.2 Stakeholder presentation

    This step will walk you through the following activities:

    • Build a communication plan as part of organizational change management, which includes the stakeholder presentation

    This step involves the following participants:

    • Primary stakeholders in each value stream supported by the ERP
    • ERP Applications support team

    Outcomes of this step

    • An initial communication plan for organizational change management
    • A stakeholder presentation

    Effectively communicate the changes an ERP foundation strategy will impose

    A communication plan is necessary because not everyone will react positively to change. Therefore, you must be prepared to explain the rationale behind any initiatives that are being rolled out.

    Steps:

    1. Start by building a sound communication plan.
    2. The communication plan should address all stakeholders that will be subject to change, including executives and end users.
    3. Communicate how a specific initiative will impact the way employees work and the work they do.
    4. Clearly convey the benefits of the strategy to avoid resistance.

    “The most important thing in project management is communication, communication, communication. You have to be able to put a message into business terms rather than technical terms.” (Lance Foust, I.S. Manager, Plymouth Tube Company)

    Project Goals Communication Goals Required Resources Communication Channels
    Why is your organization embarking on an ERP project? What do you want employees to know about the project? What resources are going to be utilized throughout the ERP strategy? How will your project team communicate project updates to the employees?
    Streamline processes and achieve operational efficiency. We will focus on mapping and gathering requirements for (X) mega-processes. We will be hiring process owners for each mega-process. You will be kept up to date about the project progress via email and intranet. Please feel free to contact the project owner if you have any questions.

    Activity 4.2.1 – Communication plan

    1 hour

    1. List the types of communication events and documents you will need to produce and distribute.
    2. Indicate the purpose of the event or document, who the audience is, and who is responsible for the communication.
    3. Identify who will be responsible for the development and delivery of the communication plan.

    Record this information in the ERP Strategy Report Template.

    Preview of the Communication Plan table on the next slide.

    Download the ERP Strategy Report Template

    Communication plan

    Use the communication planning template to track communication methods needed to convey information regarding ERP initiatives.

    This is designed to help your organization make ERP initiatives visible and create stakeholder awareness.

    Audience Purpose Delivery/ Format Communicator Delivery Date Status/Notes
    Front-line employees Highlight successes Bi-weekly email CEO Mondays
    Entire organization Highlight successes
    Plans for next iteration
    Monthly townhall Senior leadership Last Thursday of every month Recognize top contributors from different parts of the business. Consider giving out prizes such as coffee mugs
    Iteration demos Show completed functionality to key stakeholders Iteration completion web conference Delivery lead Every other Wednesday Record and share the demonstrations to all employees

    Conduct a presentation of the final deliverable for stakeholders

    After completing the activities and exercises within this blueprint, the final step of the process is to present the deliverable to senior management and stakeholders.

    Know Your Audience

    • Decide what needs to be presented and to whom. The purpose and format for communicating initiatives varies based on the audience. Identify the audience first to ensure initiatives are communicated appropriately.
    • IT and the business speak different languages. The business may not have the patience to try to understand IT, so it is up to IT to learn and use the language of business. Failing to put messages into language that resonates with the business will create disengagement and resistance.
    • Effective communication takes preparation to get the right content and tone to convey your real message.

    Learn From Other Organizations

    “When delivering the strategy and next steps, break the project down into consumable pieces. Make sure you deliver quick wins to retain enthusiasm and engagement.

    By making it look like a different project you keep momentum and avoid making it seem unattainable.” (Scott Clark, Innovation Credit Union)

    “To successfully sell the value of ERP, determine what the high-level business problem is and explain how ERP can be the resolution. Explicitly state which business areas ERP is going to touch. The business often has a very narrow view of ERP and perceives it as just a financial system. The key part of the strategy is that the organization sees the broader view of ERP.” (Scott Clark, Innovation Credit Union)

    Activity 4.2.2 – Stakeholder presentation

    1 hour

    1. The following sections of the ERP Strategy Report Template are designed to function as the stakeholder presentation:
      1. Workshop Overview
      2. ERP Models
      3. Roadmap
    2. You can use the Template as your presentation deck or extract the above sections to create a stand-alone stakeholder presentation.
    3. Remember to take your audience into account and anticipate the questions they may have.

    Samples of the ERP Strategy Report Template.

    Download the ERP Strategy Report Template

    Summary of Accomplishment

    Get the Most Out of Your ERP

    ERP technology is critical to facilitating an organization’s flow of information across business units. It allows for seamless integration of systems and creates a holistic view of the enterprise to support decision making. ERP implementation should not be a one-and-done exercise. There needs to be an ongoing optimization to enable business processes and optimal organizational results.

    Build an ERP Strategy and Roadmap allows organizations to proactively implement continuous assessment and optimization of their enterprise resource planning system, including:

    • Alignment and prioritization of key business and technology drivers.
    • Identification of ERP processes, including classification and gap analysis.
    • Measurement of user satisfaction across key departments.
    • Improved vendor relations.
    • Data quality initiatives.

    This formal ERP optimization initiative will drive business-IT alignment, identify IT automation priorities, and dig deep into continuous process improvement.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Research Contributors

    Name Title Organization
    Anonymous Anonymous Software industry
    Anonymous Anonymous Pharmaceutical industry
    Boris Znebel VP of Sales Second Foundation
    Brian Kudeba Director, Administrative Systems Fidelis Care
    David Lawrence Director, ERP Allegheny Technologies Inc.
    Ken Zima CIO Aquarion Water Company
    Lance Foust I.S. Manager Plymouth Tube Company
    Pooja Bagga Head of ERP Strategy & Change Transport for London
    Rob Schneider Project Director, ERP Strathcona County
    Scott Clark Innovation Credit Union
    Tarek Raafat Manager, Application Solutions IDRC
    Tom Walker VP, Information Technology StarTech.com

    Related Info-Tech Research

    Bibliography

    Gheorghiu, Gabriel. "The ERP Buyer’s Profile for Growing Companies." Selecthub. 2018. Accessed 21 Feb. 2021.

    "Maximizing the Emotional Economy: Behavioral Economics." Gallup. n.d. Accessed 21 Feb. 2021.

    Neito-Rodriguez, Antonio. Project Management | How to Prioritize Your Company's Projects. 13 Dec. 2016. Accessed 29 Nov 2021. Web.

    "A&D organization resolves organizational.“ Case Study. Panorama Consulting Group. 2021. PDF. 09 Nov. 2021. Web.

    "Process Frameworks." APQC. n.d. Accessed 21 Feb. 2021.

    Saxena, Deepak and Joe Mcdonagh. "Evaluating ERP Implementations: The Case for a Lifecycle-based Interpretive Approach." The Electronic Journal of Information Systems Evaluation, 29-37. 22 Feb. 2019. Accessed 21 Feb. 2021.

    Master Organizational Change Management Practices

    • Buy Link or Shortcode: {j2store}188|cart{/j2store}
    • member rating overall impact (scale of 10): 9.1/10 Overall Impact
    • member rating average dollars saved: $69,330 Average $ Saved
    • member rating average days saved: 24 Average Days Saved
    • Parent Category Name: Program & Project Management
    • Parent Category Link: /program-and-project-management
    • Organizational change management (OCM) is often an Achilles’ heel for IT departments and business units, putting projects and programs at risk – especially large, complex, transformational projects.
    • When projects that depend heavily on users and stakeholders adopting new tools, or learning new processes or skills, get executed without an effective OCM plan, the likelihood that they will fail to achieve their intended outcomes increases exponentially.
    • The root of the problem often comes down to a question of accountability: who in the organization is accountable for change management success? In the absence of any other clearly identifiable OCM leader, the PMO – as the organizational entity that is responsible for facilitating successful project outcomes – needs to step up and embrace this accountability.
    • As PMO leader, you need to hone an OCM strategy and toolkit that will help ensure not only that projects are completed but also that benefits are realized.

    Our Advice

    Critical Insight

    • The root of poor stakeholder adoption on change initiatives is twofold:
      • Project planning tends to fixate on technology and neglects the behavioral and cultural factors that inhibit user adoption;
      • Accountabilities for managing change and helping to realize the intended business outcomes post-project are not properly defined in advance.
    • Persuading people to change requires a “soft,” empathetic approach to keep them motivated and engaged. But don’t mistake “soft” for easy. Managing the people part of change is amongst the toughest work there is, and it requires a comfort and competency with uncertainty, ambiguity, and conflict.
    • Transformation and change are increasingly becoming the new normal. While this normality may help make people more open to change in general, specific changes still need to be planned, communicated, and managed. Agility and continuous improvement are good, but can degenerate into volatility if change isn’t managed properly.

    Impact and Result

    • Plan for human nature. To ensure project success and maximize benefits, plan and facilitate the non-technical aspects of organizational change by addressing the emotional, behavioral, and cultural factors that foster stakeholder resistance and inhibit user adoption.
    • Make change management as ubiquitous as change itself. Foster a project culture that is proactive about OCM. Create a process where OCM considerations are factored in as early as project ideation and where change is actively managed throughout the project lifecycle, including after the project has closed.
    • Equip project leaders with the right tools to foster adoption. Effective OCM requires an actionable toolkit that will help plant the seeds for organizational change. With the right tools and templates, the PMO can function as the hub for change, helping the business units and project teams to consistently achieve project and post-project success.

    Master Organizational Change Management Practices Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how implementing an OCM strategy through the PMO can improve project outcomes and increase benefits realization.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Prepare the PMO for change leadership

    Assess the organization’s readiness for change and evaluate the PMO’s OCM capabilities.

    • Drive Organizational Change from the PMO – Phase 1: Prepare the PMO for Change Leadership
    • Organizational Change Management Capabilities Assessment
    • Project Level Assessment Tool

    2. Plant the seeds for change during project planning and initiation

    Build an organic desire for change throughout the organization by developing a sponsorship action plan through the PMO and taking a proactive approach to change impacts.

    • Drive Organizational Change from the PMO – Phase 2: Plant the Seeds for Change During Project Planning and Initiation
    • Organizational Change Management Impact Analysis Tool

    3. Facilitate change adoption throughout the organization

    Ensure stakeholders are engaged and ready for change by developing effective communication, transition, and training plans.

    • Drive Organizational Change from the PMO – Phase 3: Facilitate Change Adoption Throughout the Organization
    • Stakeholder Engagement Workbook
    • Transition Plan Template
    • Transition Team Communications Template

    4. Establish a post-project benefits attainment process

    Determine accountabilities and establish a process for tracking business outcomes after the project team has packed up and moved onto the next project.

    • Drive Organizational Change from the PMO – Phase 4: Establish a Post-Project Benefits Attainment Process
    • Portfolio Benefits Tracking Tool

    5. Solidify the PMO’s role as change leader

    Institute an Organizational Change Management Playbook through the PMO that covers tools, processes, and tactics that will scale all of the organization’s project efforts.

    • Drive Organizational Change from the PMO – Phase 5: Solidify the PMO's Role as Change Leader
    • Organizational Change Management Playbook
    [infographic]

    Workshop: Master Organizational Change Management Practices

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess OCM Capabilities

    The Purpose

    Assess the organization’s readiness for change and evaluate the PMO’s OCM capabilities.

    Estimate the relative difficulty and effort required for managing organizational change through a specific project.

    Create a rough but concrete timeline that aligns organizational change management activities with project scope.

    Key Benefits Achieved

    A better understanding of the cultural appetite for change and of where the PMO needs to focus its efforts to improve OCM capabilities.

    A project plan that includes disciplined organizational change management from start to finish.

    Activities

    1.1 Assess the organization’s current readiness for change.

    1.2 Perform a change management SWOT analysis to assess the PMO’s capabilities.

    1.3 Define OCM success metrics.

    1.4 Establish and map out a core OCM project to pilot through the workshop.

    Outputs

    Organizational Change Management Capabilities Assessment

    A diagnosis of the PMO’s strengths and weaknesses around change management, as well as the opportunities and threats associated with driving an OCM strategy through the PMO

    Criteria for implementation success

    Project Level Assessment

    2 Analyze Change Impacts

    The Purpose

    Analyze the impact of the change across various dimensions of the business.

    Develop a strategy to manage change impacts to best ensure stakeholder adoption.

    Key Benefits Achieved

    Improved planning for both your project management and organizational change management efforts.

    A more empathetic understanding of how the change will be received in order to rightsize the PMO’s OCM effort and maximize adoption.

    Activities

    2.1 Develop a sponsorship action plan through the PMO.

    2.2 Determine the relevant considerations for analyzing the change impacts of a project.

    2.3 Analyze the depth of each impact for each stakeholder group.

    2.4 Establish a game plan to manage individual change impacts.

    2.5 Document the risk assumptions and opportunities stemming from the impact analysis.

    Outputs

    Sponsorship Action Plan

    Organizational Change Management Capabilities Assessment

    Risk and Opportunity Assessment

    3 Establish Collaborative Roles and Develop an Engagement Plan

    The Purpose

    Define a clear and compelling vision for change.

    Define roles and responsibilities of the core project team for OCM.

    Identify potential types and sources of resistance and enthusiasm.

    Create a stakeholder map that visualizes relative influence and interest of stakeholders.

    Develop an engagement plan for cultivating support for change while eliciting requirements.

    Key Benefits Achieved

    Begin to communicate a compelling vision for change.

    Delegate and divide work on elements of the transition plan among the project team and support staff.

    Begin developing a communications plan that appeals to unique needs and attitudes of different stakeholders.

    Cultivate support for change while eliciting requirements.

    Activities

    3.1 Involve the right people to drive and facilitate change.

    3.2 Solidify the vision of change to reinforce and sustain leadership and commitment.

    3.3 Proactively identify potential skeptics in order to engage them early and address their concerns.

    3.4 Stay one step ahead of potential saboteurs to prevent them from spreading dissent.

    3.5 Find opportunities to empower enthusiasts to stay motivated and promote change by encouraging others.

    3.6 Formalize the stakeholder analysis to identify change champions and blockers.

    3.7 Formalize the engagement plan to begin cultivating support while eliciting requirements.

    Outputs

    RACI table

    Stakeholder Analysis

    Engagement Plan

    Communications plan requirements

    4 Develop and Execute the Transition Plan

    The Purpose

    Develop a realistic, effective, and adaptable transition plan, including:Clarity around leadership and vision.Well-defined plans for targeting unique groups with specific messages.Resistance and contingency plans.Templates for gathering feedback and evaluating success.

    Clarity around leadership and vision.

    Well-defined plans for targeting unique groups with specific messages.

    Resistance and contingency plans.

    Templates for gathering feedback and evaluating success.

    Key Benefits Achieved

    Execute the transition in coordination with the timeline and structure of the core project.

    Communicate the action plan and vision for change.

    Target specific stakeholder and user groups with unique messages.

    Deal with risks, resistance, and contingencies.

    Evaluate success through feedback and metrics.

    Activities

    4.1 Sustain changes by adapting people, processes, and technologies to accept the transition.

    4.2 Decide which action to take on enablers and blockers.

    4.3 Start developing the training plan early to ensure training is properly timed and communicated.

    4.4 Sketch a communications timeline based on a classic change curve to accommodate natural resistance.

    4.5 Define plans to deal with resistance to change, objections, and fatigue.

    4.6 Consolidate and refine communication plan requirements for each stakeholder and group.

    4.7 Build the communications delivery plan.

    4.8 Define the feedback and evaluation process to ensure the project achieves its objectives.

    4.9 Formalize the transition plan.

    Outputs

    Training Plan

    Resistance Plan

    Communications Plan

    Transition Plan

    5 Institute an OCM Playbook through the PMO

    The Purpose

    Establish post-project benefits tracking timeline and commitment plans.

    Institute a playbook for managing organizational change, including:

    Key Benefits Achieved

    A process for ensuring the intended business outcomes are tracked and monitored after the project is completed.

    Repeat and scale best practices around organizational change to future PMO projects.

    Continue to build your capabilities around managing organizational change.

    Increase the effectiveness and value of organizational change management.

    Activities

    5.1 Review lessons learned to improve organizational change management as a core PM discipline.

    5.2 Monitor capacity for change.

    5.3 Define roles and responsibilities.

    5.4 Formalize and communicate the organizational change management playbook.

    5.5 Regularly reassess the value and success of organizational change management.

    Outputs

    Lessons learned

    Organizational Change Capability Assessment

    Organizational Change Management Playbook

    Further reading

    Master Organizational Change Management Practices

    PMOs, if you don't know who is responsible for org change, it's you.

    Analyst Perspective

    Don’t leave change up to chance.

    "Organizational change management has been a huge weakness for IT departments and business units, putting projects and programs at risk – especially large, complex, transformational projects.

    During workshops with clients, I find that the root of this problem is twofold: project planning tends to fixate on technology and neglects the behavioral and cultural factors that inhibit user adoption; further, accountabilities for managing change and helping to realize the intended business outcomes post-project are not properly defined.

    It makes sense for the PMO to be the org-change leader. In project ecosystems where no one seems willing to seize this opportunity, the PMO can take action and realize the benefits and accolades that will come from coordinating and consistently driving successful project outcomes."

    Matt Burton,

    Senior Manager, Project Portfolio Management

    Info-Tech Research Group

    Our understanding of the problem

    This Research is Designed For:

    • PMO Directors who need to improve user adoption rates and maximize benefits on project and program activity.
    • CIOs who are accountable for IT’s project spend and need to ensure an appropriate ROI on project investments.

    This Research Will Help You:

    • Define change management roles and accountabilities among project stakeholders.
    • Prepare end users for change impacts in order to improve adoption rates.
    • Ensure that the intended business outcomes of projects are more effectively realized.
    • Develop an organizational change management toolkit and best practices playbook.

    This Research Will Also Assist:

    • Project managers and change managers who need to plan and execute changes affecting people and processes.
    • Project sponsors who want to improve benefits attainment.
    • Business analysts who need to analyze the impact of change.

    This Research Will Help Them:

    • Develop communications and training plans tailored to specific audiences.
      • Identify strategies to manage cultural and behavioral change.
    • Maximize project benefits by ensuring changes are adopted.
    • Capitalize upon opportunities and mitigate risks.

    Drive organizational change from the PMO

    Situation

    • As project management office (PMO) leader, you oversee a portfolio of projects that depend heavily on users and stakeholders adopting new tools, complying with new policies, following new processes, and learning new skills.
    • You need to facilitate the organizational change resulting from these projects, ensuring that the intended business outcomes are realized.

    Complication

    • While IT takes accountability to deliver the change, accountability for the business outcomes is opaque with little or no allocated resourcing.
    • Project management practices focus more on the timely implementation of projects than on the achievement of the desired outcomes thereafter or on the behavioral and cultural factors that inhibit change from taking hold in the long term.

    Resolution

    • Plan for human nature. To ensure project success and maximize benefits, plan and facilitate the non-technical aspects of organizational change by addressing the emotional, behavioral, and cultural factors that foster stakeholder resistance and inhibit user adoption.
    • Make change management as ubiquitous as change itself. Foster a project culture that is proactive about OCM. Create a process where OCM considerations are factored in as early as project ideation and change is actively managed throughout the project lifecycle, including after the project has closed.
    • Equip project leaders with the right tools to foster adoption. Effective OCM requires an actionable toolkit that will help plant the seeds for organizational change. With the right tools and templates, the PMO can function as a hub for change, helping business units and project teams to consistently achieve project and post-project success.
    Info-Tech Insight

    Make your PMO the change leader it’s already expected to be. Unless accountabilities for organizational change management (OCM) have been otherwise explicitly defined, you should accept that, to the rest of the organization – including its chief officers – the PMO is already assumed to be the change leader.

    Don’t shy away from or neglect this role. It’s not just the business outcomes of the organization’s projects that will benefit; the long-term sustainability of the PMO itself will be significantly strengthened by making OCM a core competency.

    Completed projects aren’t necessarily successful projects

    The constraints that drive project management (time, scope, and budget) are insufficient for driving the overall success of project efforts.

    For instance, a project may come in on time, on budget, and in scope, but

    • …if users and stakeholders fail to adopt…
    • …and the intended benefits are not achieved…

    …then that “successful project” represents a massive waste of the organization’s time and resources.

    A supplement to project management is needed to ensure that the intended value is realized.

    Mission (Not) Accomplished

    50% Fifty percent of respondents in a KPMG survey indicated that projects fail to achieve what they originally intended. (Source: NZ Project management survey)

    56% Only fifty-six percent of strategic projects meet their original business goals. (Source: PMI)

    70% Lack of user adoption is the main cause for seventy percent of failed projects. (Source: Collins, 2013)

    Improve project outcomes with organizational change management

    Make “completed” synonymous with “successfully completed” by implementing an organizational change management strategy through the PMO.

    Organizational change management is the practice through which the PMO can improve user adoption rates and maximize project benefits.

    Why OCM effectiveness correlates to project success:

    • IT projects are justified because they will make money, save money, or make people happier.
    • Project benefits can only be realized when changes are successfully adopted or accommodated by the organization.

    Without OCM, IT might finish the project but fail to realize the intended outcomes.

    In the long term, a lack of OCM could erode IT’s ability to work with the business.

    The image shows a bar graph, titled Effective change management correlates with project success, with the X-axis labelled Project Success (Percent of respondents that met or exceeded project objectives), and the Y-axis labelled OCM-Effectiveness, with an arrow pointing upwards. The graph shows that with higher OCM-Effectiveness, Project Success is also higher. The source is given as Prosci’s 2014 Best Practices in Change Management benchmarking report.

    What is organizational change management?

    OCM is a framework for managing the introduction of new business processes and technologies to ensure stakeholder adoption.

    OCM involves tools, templates, and processes that are intended to help project leaders analyze the impacts of a change during the planning phase, engage stakeholders throughout the project lifecycle, as well as train and transition users towards the new technologies and processes being implemented.

    OCM is a separate body of knowledge, but as a practice it is inseparable from both project management or business analysis.

    WHEN IS OCM NEEDED?

    Anytime you are starting a project or program that will depend on users and stakeholders to give up their old way of doing things, change will force people to become novices again, leading to lost productivity and added stress.

    CM can help improve project outcomes on any project where you need people to adopt new tools and procedures, comply with new policies, learn new skills and behaviors, or understand and support new processes.

    "What is the goal of change management? Getting people to adopt a new way of doing business." – BA, Natural Resources Company

    The benefits of OCM range from more effective project execution to improved benefits attainment

    82% of CEOs identify organizational change management as a priority. (D&B Consulting) But Only 18% of organizations characterize themselves as “Highly Effective” at OCM. (PMI)

    On average, 95% percent of projects with excellent OCM meet or exceed their objectives. (Prosci) VS For projects with poor OCM, the number of projects that meet objectives drops to 15%. (Prosci)

    82% of projects with excellent OCM practices are completed on budget. (Prosci) VS For projects with poor OCM, the number of projects that stay on budget drops to 51%. (Prosci)

    71% of projects with excellent OCM practices stay on schedule. (Prosci) VS For projects with poor OCM practices, only 16% stay on schedule. (Prosci)

    While critical to project success, OCM remains one of IT’s biggest weaknesses and process improvement gaps

    IT Processes Ranked by Effectiveness:

    1. Risk Management
    2. Knowledge Management
    3. Release Management
    4. Innovation
    5. IT Governance
    6. Enterprise Architecture
    7. Quality Management
    8. Data Architecture
    9. Application Development Quality
    10. Data Quality
    11. Portfolio Management
    12. Configuration Management
    13. Application Portfolio Management
    14. Business Process Controls Internal Audit
    15. Organizational Change Management
    16. Application Development Throughput
    17. Business Intelligence Reporting
    18. Performance Measurement
    19. Manage Service Catalog

    IT Processes Ranked by Importance:

    1. Enterprise Application Selection & Implementation
    2. Organizational Change Management
    3. Data Architecture
    4. Quality Management
    5. Enterprise Architecture
    6. Business Intelligence Reporting
    7. Release Management
    8. Portfolio Management
    9. Application Maintenance
    10. Asset Management
    11. Vendor Management
    12. Application Portfolio Management
    13. Innovation
    14. Business Process Controls Internal Audit
    15. Configuration Management
    16. Performance Measurement
    17. Application Development Quality
    18. Application Development Throughput
    19. Manage Service Catalog

    Based on 3,884 responses to Info-Tech’s Management and Governance Diagnostic, June 2016

    There’s no getting around it: change is hard

    While the importance of change management is widely recognized across organizations, the statistics around change remain dismal.

    Indeed, it’s an understatement to say that change is difficult.

    People are generally – in the near-term at least – resistant to change, especially large, transformational changes that will impact the day-to-day way of doing things, or that involve changing personal values, social norms, and other deep-seated assumptions.

    "There is nothing more difficult to take in hand, more perilous to conduct, or more uncertain in its success, than to take the lead in the introduction of a new order of things." – Niccolo Machiavelli

    70% - Change failure rates are extremely high. It is estimated that up to seventy percent of all change initiatives fail – a figure that has held steady since the 1990s. (McKinsey & Company)

    25% - In a recent survey of 276 large and midsize organizations, only twenty-five percent of respondents felt that the gains from projects were sustained over time. (Towers Watson)

    22% - While eighty-seven percent of survey respondents trained their managers to “manage change,” only 22% felt the training was truly effective. (Towers Watson)

    While change is inherently difficult, the biggest obstacle to OCM success is a lack of accountability

    Who is accountable for change success? …anyone?...

    To its peril, OCM commonly falls into a grey area, somewhere in between project management and portfolio management, and somewhere in between being a concern of IT and a concern of the business.

    While OCM is a separate discipline from project management, it is commonly thought that OCM is something that project managers and project teams do. While in some cases this might be true, it is far from a universal truth.

    The end result: without a centralized approach, accountabilities for key OCM tasks are opaque at best – and the ball for these tasks is, more often than not, dropped altogether.

    29% - Twenty-nine percent of change initiatives are launched without any formal OCM plan whatsoever.

    "That’s 29 percent of leaders with blind faith in the power of prayer to Saint Jude, the patron saint of desperate cases and lost causes." – Torben Rick

    Bring accountability to org-change by facilitating the winds of change through the PMO

    Lasting organizational change requires a leader. Make it the PMO.

    #1 Organizational resistance to change is cited as the #1 challenge to project success that PMOs face. (Source: PM Solutions)

    90% Companies with mature PMOs that effectively manage change meet expectations 90% of the time. (Source: Jacobs-Long)

    Why the PMO?

    A centralized approach to OCM is most effective, and the PMO is already a centralized project office and is already accountable for project outcomes.

    What’s more, in organizations where accountabilities for OCM are not explicitly defined, the PMO will likely already be assumed to be the default change leader by the wider organization.

    It makes sense for the PMO to accept this accountability – in the short term at least – and claim the benefits that will come from coordinating and consistently driving successful project outcomes.

    In the long term, OCM leadership will help the PMO to become a strategic partner with the executive layer and the business side.

    Short-term gains made by the PMO can be used to spark dialogues with those who authorize project spending and have the implicit fiduciary obligation to drive project benefits.

    Ultimately, it’s their job to explicitly transfer that obligation, along with the commensurate resourcing and authority for OCM activities.

    More than a value-added service, OCM competencies will soon determine the success of the PMO itself

    Given the increasingly dynamic nature of market conditions, the need for PMOs to provide change leadership on projects large and small is becoming a necessity.

    "With organizations demanding increasing value, PMOs will need to focus more and more on strategy, innovation, agility, and stakeholder engagement. And, in particular, developing expertise in organizational change management will be essential to their success." – PM Solutions, 2014

    28% PMOs that are highly agile and able to respond quickly to changing conditions are 28% more likely to successfully complete strategic initiatives (69% vs. 41%). (PMI)

    In other words, without heightened competencies around org-change, the PMO of tomorrow will surely sink like a stone in the face of increasingly unstable external factors and accelerated project demands.

    Use Info-Tech’s road-tested OCM toolkit to transform your PMO into a hub of change management leadership

    With the advice and tools in Info-Tech’s Drive Organizational Change from the PMO blueprint, the PMO can provide the right OCM expertise at each phase of a project.

    The graphic has an image of a windmill at centre, with PMO written directly below it. Several areas of expertise are listed in boxes emerging out of the PMO, which line up with project phases as follows (project phase listed first, then area of expertise): Initiation - Impact Assessment; Planning - Stakeholder Engagement; Execution - Transition Planning; Monitoring & Controlling - Communications Execution; Closing - Evaluation & Monitoring.

    Info-Tech’s approach to OCM is a practical/tactical adaptation of several successful models

    Business strategy-oriented OCM models such as John Kotter’s 8-Step model assume the change agent is in a position of senior leadership, able to shape corporate vision, culture, and values.

    • PMO leaders can work with business leaders, but ultimately can’t decide where to take the organization.
    • Work with business leaders to ensure IT-enabled change helps reinforce the organization’s target vision and culture.

    General-purpose OCM frameworks such as ACMP’s Standard for Change Management, CMI’s CMBoK, and Prosci’s ADKAR model are very comprehensive and need to be configured to PMO-specific initiatives.

    • Tailoring a comprehensive, general-purpose framework to PMO-enabled change requires familiarity and experience.

    References and Further Reading

    Info-Tech’s organizational change management model adapts the best practices from a wide range of proven models and distills it into a step-by-step process that can be applied to any IT-enabled project.

    Info-Tech’s OCM research is COBIT aligned and a cornerstone in our IT Management & Governance Framework

    COBIT Section COBIT Management Practice Related Blueprint Steps
    BAI05.01 Establish the desire to change. 1.1 / 2.1 / 2.2
    BAI05.02 Form an effective implementation team. 1.2
    BAI05.03 Communicate the desired vision. 2.1 / 3.2
    BAI05.03 Empower role players and identify short-term wins. 3.2 / 3.3
    BAI05.05 Enable operation and use. 3.1
    BAI05.06 Embed new approaches. 4.1 / 5.1
    BAI05.07 Sustain changes. 5.1

    COBIT 5 is the leading framework for the governance and management of enterprise IT.

    Screenshot of Info-Tech’s IT Management & Governance Framework.

    The image is a screenshot of Info-Tech's IT Management & Governance Framework (linked above). There is an arrow emerging from the screenshot, which offers a zoomed-in view of one of the sections of the framework, which reads BAI05 Organizational Change Management.

    Consider Info-Tech’s additional key observations

    Human behavior is largely a blind spot during the planning phase.

    In IT especially, project planning tends to fixate on technology and underestimate the behavioral and cultural factors that inhibit user adoption. Whether change is project-specific or continuous, it’s more important to instill the desire to change than to apply specific tools and techniques. Accountability for instilling this desire should start with the project sponsor, with direct support from the PMO.

    Don’t mistake change management for a “soft” skill.

    Persuading people to change requires a “soft,” empathetic approach to keep them motivated and engaged. But don’t mistake “soft” for easy. Managing the people part of change is amongst the toughest work there is, and it requires a comfort and competency with uncertainty, ambiguity, and conflict. If a change initiative is going to be successful (especially a large, transformational change), this tough work needs to be done – and the more impactful the change, the earlier it is done, the better.

    In “continuous change” environments, change still needs to be managed.

    Transformation and change are increasingly becoming the new normal. While this normality may help make people more open to change in general, specific changes still need to be planned, communicated, and managed. Agility and continuous improvement are good, but can degenerate into volatility if change isn’t managed properly. People will perceive change to be volatile and undesirable if their expectations aren’t managed through communications and engagement planning.

    Info-Tech’s centralized approach to OCM is cost effective, with a palpable impact on project ROI

    Info-Tech’s Drive Organizational Change from the PMO blueprint can be implemented quickly and can usually be done with the PMO’s own authority, without the need for additional or dedicated change resources.

    Implementation Timeline

    • Info-Tech’s easy-to-navigate OCM tools can be employed right away, when your project is already in progress.
    • A full-scale implementation of a PMO-driven OCM program can be accomplished in 3–4 weeks.

    Implementation Personnel

    • Primary: the PMO director (should budget 10%–15% of her/his project capacity for OCM activities).
    • Secondary: other PMO staff (e.g. project managers, business analysts, etc.).

    OCM Implementation Costs

    15% - The average costs for effective OCM are 10%–15% of the overall project budget. (AMR Research)

    Average OCM Return-on-Investment

    200% - Small projects with excellent OCM practices report a 200% return-on-investment. (Change First)

    650% - Large projects with excellent OCM practices report a 650% return-on-investment. (Change First)

    Company saves 2–4 weeks of time and $10,000 in ERP implementation through responsible OCM

    CASE STUDY

    Industry Manufacturing

    Source Info-Tech Client

    Situation

    A medium-sized manufacturing company with offices all over the world was going through a consolidation of processes and data by implementing a corporate-wide ERP system to replace the fragmented systems that were previously in place. The goal was to have consistency in process, expectations, and quality, as well as improve efficiency in interdepartmental processes.

    Up to this point, every subsidiary was using their own system to track data and sharing information was complicated and slow. It was causing key business opportunities to be compromised or even lost.

    Complication

    The organization was not very good in closing out projects. Initiatives went on for too long, and the original business benefits were usually not realized.

    The primary culprit was recognized as mismanaged organizational change. People weren’t aware early enough, and were often left out of the feedback process.

    Employees often felt like changes were being dictated to them, and they didn’t understand the wider benefits of the changes. This led to an unnecessary number of resistors, adding to the complexity of successfully completing a project.

    Resolution

    Implementing an ERP worldwide was something that the company couldn’t gamble on, so proper organizational change management was a focus.

    A thorough stakeholder analysis was done, and champions were identified for each stakeholder group throughout the organization.

    Involving these champions early gave them the time to work within their groups and to manage expectations. The result was savings of 2–4 weeks of implementation time and $10,000.

    Follow Info-Tech’s blueprint to transform your PMO into a hub for organizational change management

    Prepare the PMO for Change Leadership

    • Assess the organization’s readiness for change.
      • Perform an OCM capabilities assessment.
      • Chart an OCM roadmap for the PMO.
      • Undergo a change management SWOT analysis.
      • Define success criteria.
      • Org. Change Capabilities Assessment
    • Define the structure and scope of the PMO’s pilot OCM initiative.
      • Determine pilot OCM project.
      • Estimate OCM effort.
      • Document high-level project details.
      • Establish a timeline for org-change activities.
      • Assess available resources to support the PMO’s OCM initiative.
      • Project Level Assessment

    Plant the Seeds for Change During Project Planning and Initiation

    • Foster OCM considerations during the ideation phase.
      • Assess leadership support for change
      • Highlight the goals and benefits of the change
      • Refine your change story
      • Define success criteria
      • Develop a sponsorship action plan
      • Transition Team Communications Template
    • Perform an organizational change impact assessment.
      • Perform change impact survey.
      • Assess the depth of impact for the stakeholder group.
      • Determine overall adoptability of the OCM effort.
      • Review risks and opportunities.
      • Org. Change Management Impact Analysis Tool

    Facilitate Change Adoption Throughout the Organization

    • Ensure stakeholders are engaged and ready for change.
      • Involve the right people in change and define roles.
      • Define methods for obtaining stakeholder input.
      • Perform a stakeholder analysis.
      • Stakeholder Engagement Workbook
    • Develop and execute the transition plan.
      • Establish a communications strategy for stakeholder groups.
      • Define the feedback and evaluation process.
      • Assess the full range of support and resistance to change.
      • Develop an objections handling process.
      • Transition Plan Template
    • Establish HR and training plans.
      • Assess training needs. Develop training plan.
      • Training Plan

    Establish a Post-Project Benefits Attainment Process

    • Determine accountabilities for benefits attainment.
      • Conduct a post-implementation review of the pilot OCM project.
      • Assign ownership for realizing benefits after the project is closed.
      • Define a post-project benefits tracking process.
      • Implement a tool to help monitor and track benefits over the long term.
      • Project Benefits Tracking Tool

    Solidify the PMO’s Role as Change Leader

    • Institute an OCM playbook.
      • Review lessons learned to improve OCM as a core discipline of the PMO.
      • Monitor organizational capacity for change.
      • Define roles and responsibilities for OCM oversight.
      • Formalize the Organizational Change Management Playbook.
      • Assess the value and success of your practices relative to OCM effort and project outcomes.
      • Organizational Change Management Playbook

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Drive Organizational Change from the PMO

    Phase 1 Phase 2 Phase 3 Phase 4 Phase 5
    Best-Practice Toolkit

    1.1 Assess the organization’s readiness for change.

    1.2 Define the structure and scope of the PMO’s pilot OCM initiative.

    2.1 Foster OCM considerations during the ideation phase.

    2.2 Perform an organizational change impact assessment.

    3.1 Ensure stakeholders are engaged and ready for change.

    3.2 Develop and execute the transition plan.

    3.3 Establish HR and training plans.

    4.1 Determine accountabilities for benefits attainment. 5.1 Institute an OCM playbook.
    Guided Implementations
    • Scoping Call.
    • Review the PMO’s and the organization’s change capabilities.
    • Determine an OCM pilot initiative.
    • Define a sponsorship action plan for change initiatives.
    • Undergo a change impact assessment.
    • Perform a stakeholder analysis.
    • Prepare a communications strategy based on stakeholder types.
    • Develop training plans.
    • Establish a post-project benefits tracking process.
    • Implement a tracking tool.
    • Evaluate the effectiveness of OCM practices.
    • Formalize an OCM playbook for the organization’s projects.
    Onsite Workshop

    Module 1:

    Prepare the PMO for change leadership.

    Module 2:

    Plant the seeds for change during planning and initiation.

    Module 3:

    Facilitate change adoption throughout the organization.

    Module 4:

    Establish a post-project benefits attainment process.

    Module 5:

    Solidify the PMO’s role as change leader.

    Phase 1 Results:

    OCM Capabilities Assessment

    Phase 2 Results:

    Change Impact Analysis

    Phase 3 Results:

    Communications and Transition Plans

    Phase 4 Results:

    A benefits tracking process for sponsors

    Phase 5 Results:

    OCM Playbook

    Workshop overview

    Contact your account representative or email Workshops@InfoTech.com for more information.

    Preparation Workshop Day 1 Workshop Day 2 Workshop Day 3 Workshop Day 4
    Activities

    Organize and Plan Workshop

    • Finalize workshop itinerary and scope.
    • Identify workshop participants.
    • Gather strategic documentation.
    • Engage necessary stakeholders.
    • Book interviews.

    Assess OCM Capabilities

    • Assess current organizational change management capabilities.
    • Conduct change management SWOT analysis.
    • Define change management success metrics.
    • Define core pilot OCM project.

    Analyze Impact of the Change

    • Analyse the impact of the change across multiple dimensions and stakeholder groups.
    • Create an impact management plan.
    • Analyze impacts to product with risk and opportunity assessments.

    Develop Engagement & Transition Plans

    • Perform stakeholder analysis to identify change champions and blockers.
    • Document comm./training requirements and delivery plan.
    • Define plans to deal with resistance.
    • Validate and test the transition plan.

    Institute an OCM Playbook

    • Define feedback and evaluation process.
    • Finalize communications, transition, and training plans.
    • Establish benefits tracking timeline and commitment plans.
    • Define roles and responsibilities for ongoing organizational change management.
    Deliverables
    • Workshop Itinerary
    • Workshop Participant List
    • Defined Org Change Mandate
    • Organizational Change Capabilities Assessment
    • SWOT Assessment
    • Value Metrics
    • Project Level Assessment/Project Definition
    • Project Sponsor Action Plan
    • Organizational Change Impact Analysis Tool
    • Risk Assessment
    • Opportunity Assessment
    • Stakeholder Engagement Workbook
    • Communications Plan
    • Training Plan
    • Resistance Plan
    • Transition Team
    • Communications Template
    • Evaluation Plan
    • Post-Project Benefits Tracking Timelines and Accountabilities
    • OCM Playbook

    Phase 1

    Prepare the PMO for Change Leadership

    Phase 1 outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 1: Prepare the PMO for Change Leadership

    Proposed Time to Completion (in weeks): 1 week

    Step 1.1: Assess the organization’s readiness for change

    Start with an analyst kick off call:

    • Scoping call to discuss organizational change challenges and the PMO’s role in managing change.

    Then complete these activities…

    • Perform an assessment survey to define capability levels and chart an OCM roadmap.

    With these tools & templates:

    • Organizational Change Management Capabilities Assessment
    Step 1.2: Define the structure and scope of the PMO’s pilot OCM initiative

    Work with an analyst to:

    • Determine the appropriate OCM initiative to pilot over this series of Guided Implementations from the PMO’s project list.

    Then complete these activities…

    • Rightsize your OCM planning efforts based on project size, timeline, and resource availability.

    With these tools & templates:

    • Project Level Assessment Tool

    Step 1.1: Assess the organization’s readiness for change

    Phase 1 - 1.1

    This step will walk you through the following activities:
    • Perform an OCM capabilities assessment.
    • Chart an OCM roadmap for the PMO.
    • Undergo a change management SWOT analysis.
    • Define success criteria.
    This step involves the following participants:
    • Required: PMO Director
    • Recommended: PMO staff, project management staff, and other project stakeholders
    Outcomes of this step
    • An OCM roadmap for the PMO with specific recommendations.
    • An assessment of strengths, weakness, challenges, and threats in terms of the PMO’s role as organizational change leader.
    • Success metrics for the PMO’s OCM implementation.

    Project leaders who successfully facilitate change are strategic assets in a world of increasing agility and uncertainty

    As transformation and change become the new normal, it’s up to PMOs to provide stability and direction during times of transition and turbulence.

    Continuous change and transition are increasingly common in organizations in 2016.

    A state of constant change can make managing change more difficult in some ways, but easier in others.

    • Inundation with communications and diversity of channels means the traditional “broadcast” approach to communicating change doesn’t work (i.e. you can’t expect every email to get everyone’s attention).
    • People might be more open to change in general, but specific changes still need to be properly planned, communicated, and managed.

    By managing organizational change more effectively, the PMO can build credibility to manage both business and IT projects.

    "The greatest danger in times of turbulence is not the turbulence; it is to act with yesterday’s logic." – Peter Drucker

    In this phase, we will gauge your PMO’s abilities to effectively facilitate change based upon your change management capability levels and your wider organization’s responsiveness to change.

    Evaluate your current capabilities for managing organizational change

    Start off by ensuring that the PMO is sensitive to the particularities of the organization and that it manages change accordingly.

    There are many moving parts involved in successfully realizing an organizational change.

    For instance, even with an effective change toolkit and strong leadership support, you may still fail to achieve project benefits due to such factors as a staff environment resistant to change or poor process discipline.

    Use Info-Tech’s Organizational Change Management Capabilities Assessment to assess your readiness for change across 7 categories:

    • Cultural Readiness
    • Leadership & Sponsorship
    • Organizational Knowledge
    • Change Management Skills
    • Toolkit & Templates
    • Process Discipline
    • KPIs & Metrics

    Download Info-Tech’s Organizational Change Management Capabilities Assessment.

    • The survey can be completed quickly in 5 to 10 minutes; or, if being done as a group activity, it can take up to 60 minutes or more.
    • Based upon your answers, you will get a report of your current change capabilities to help you prioritize your next steps.
    • The tool also provides a customized list of Info-Tech recommendations across the seven categories.

    Perform Info-Tech’s OCM capabilities questionnaire

    1.1.1 Anywhere from 10 to 60 minutes (depending on number of participants)

    • The questionnaire on Tab 2 of the Assessment consists of 21 questions across 7 categories.
    • The survey can be completed individually, by the PMO director or manager, or – even more ideally – by a group of project and business stakeholders.
    • While the questionnaire only takes a few minutes to complete, you may wish to survey a wider swath of business units, especially on such categories as “Cultural Readiness” and “Leadership Support.”

    The image is a screen capture of tab 2 of the Organizational Change Management Capabilities Assessment.

    Use the drop downs to indicate the degree to which you agree or disagree with each of the statements in the survey.

    Info-Tech Insight

    Every organization has some change management capability.

    Even if you find yourself in a fledgling or nascent PMO, with no formal change management tools or processes, you can still leverage other categories of change management effectiveness.

    If you can, build upon people-related assets like “Organizational Knowledge” and “Cultural Readiness” as you start to hone your OCM toolkit and process.

    Review your capability levels and chart an OCM roadmap for your PMO

    Tab 3 of the Assessment tool shows your capabilities graph.

    • The chart visualizes your capability levels across the seven categories of organization change covered in the questionnaire in order to show the areas that your organization is already strong in and the areas where you need to focus your efforts.

    The image is a screen capture of tab 3 of the Organizational Change Management Capabilities Assessment.

    Focus on improving the first capability dimension (from left/front to right/back) that rates below 10.

    Tab 4 of the Assessment tool reveals Info-Tech’s recommendations based upon your survey responses.

    • Use these recommendations to structure your roadmap and bring concrete definitions to your next steps.

    The image is a screen capture of tab 4 of the Organizational Change Management Capabilities Assessment.

    Use the red/yellow/green boxes to focus your efforts.

    The content in the recommendations boxes is based around these categories and the advice therein is designed to help you to, in the near term, bring your capabilities up to the next level.

    Use the steps in this blueprint to help build your capabilities

    Each of Info-Tech’s seven OCM capabilities match up with different steps and phases in this blueprint.

    We recommend that you consume this blueprint in a linear fashion, as each phase matches up to a different set of OCM activities to be executed at each phase of a project. However, you can use the legend below to locate how and where this blueprint will address each capability.

    Cultural Readiness 2.1 / 2.2 / 3.1 / 3.2 / 3.3
    Leadership Support 2.1 / 4.1 / 5.1
    Organizational Knowledge 2.1 / 3.1 / 3.2
    Change Management Skills 2.1 / 2.2 / 3.1 / 3.2 / 3.3
    Toolkit & Templates 2.1 / 2.2 / 3.1 / 3.2 / 3.3 / 4.1 / 5.1
    Process Discipline 2.1 / 2.2 / 3.1 / 3.2 / 3.3 / 4.1 / 5.1
    KPIs & Metrics 3.2 / 5.1

    Info-Tech Insight

    Organizational change must be planned in advance and managed through all phases of a project.

    Organizational change management must be embedded as a key aspect throughout the project, not merely a set of tactics added to execution phases.

    Perform a change management SWOT exercise

    1.1.2 30 to 60 minutes

    Now that you have a sense of your change management strengths and weaknesses, you can begin to formalize the organizational specifics of these.

    Gather PMO and IT staff, as well as other key project and business stakeholders, and perform a SWOT analysis based on your Capabilities Assessment.

    Follow these steps to complete the SWOT analysis:

    1. Have participants discuss and identify Strengths, Weaknesses, Opportunities, and Threats.
    2. Spend roughly 60 minutes on this. Use a whiteboard, flip chart, or PowerPoint slide to document results of the discussion as points are made.
    3. Make sure results are recorded and saved either using the template provided on the next slide or by taking a picture of the whiteboard or flip chart.

    Use the SWOT Analysis Template on the next slide to document results.

    Use the examples provided in the SWOT analysis to kick-start the discussion.

    The purpose of the SWOT is to begin to define the goals of this implementation by assessing your change management capabilities and cultivating executive level, business unit, PMO, and IT alignment around the most critical opportunities and challenges.

    Sample SWOT Analysis

    Strengths

    • Knowledge, skills, and talent of project staff.
    • Good working relationship between IT and business units.
    • Other PMO processes are strong and well adhered to by project staff.
    • Motivation to get things done when priorities, goals, and action plans are clear.

    Weaknesses

    • Project leads lack formal training in change management.
    • IT tried to introduce org change processes in the past, but we failed. Staff were unsure of which templates to use and how/when/why to use them.
    • We can’t designate individuals as change agents. We lack sufficient resources.
    • We’ve had some fairly significant change failures in the past and some skepticism and pessimism has taken root in the business units.

    Opportunities

    • The PMO is strong and well established in the organization, with a history of facilitating successful process discipline.
    • The new incoming CEO has already paid lip service to change and transformation. We should be able to leverage their support as we formalize these processes.
    • We have good lines of project communication already in place via our bi-weekly project reporting meetings. We can add change management matters to the agenda of these meetings.

    Threats

    • Additional processes and documentation around change management could be viewed as burdensome overhead. Adoption is uncertain.
    • OCM success depends on multiple stakeholders and business units coming together; with so many moving parts, we can’t be assured that an OCM program will survive long term.

    Define the “how” and the “what” of change management success for your PMO

    1.1.3 30 to 60 minutes

    Before you move on to develop and implement your OCM processes, spend some time documenting how change management success will be defined for your organization and what conditions will be necessary for success to be achieved.

    With the same group of individuals who participated in the SWOT exercise, discuss the below criteria. You can make this a sticky note or a whiteboard activity to help document discussion points.

    OCM Measured Value Metrics Include:
    • Estimate % of expected business benefits realized on the past 3–5 significant projects/programs.
      • Track business benefits (costs reduced, productivity increased, etc.).
    • Estimate costs avoided/reduced (extensions, cancellations, delays, roll-backs, etc.).
      • Establish baseline by estimating average costs of projects extended to deal with change-related issues.
    What conditions are necessary for OCM to succeed? How will success be defined?
    • e.g. The PMO will need the support of senior leaders and business units.
    • e.g. 20% improvement in benefits realization numbers within the next 12 months.
    • e.g. The PMO will need to establish a portal to help with organization-wide communications.
    • e.g. 30% increase in adoption rates on new software and technology projects within the next 12 months.

    Document additional items that could impact an OCM implementation for your PMO

    1.1.4 15 to 45 minutes

    Use the table below to document any additional factors or uncertainties that could impact implementation success.

    These could be external factors that may impact the PMO, or they could be logistical considerations pertaining to staffing or infrastructure that may be required to support additional change management processes and procedures.

    "[A]ll bets are off when it comes to change. People scatter in all directions. Your past experiences may help in some way, but what you do today and how you do it are the new measures people will use to evaluate you." – Tres Roeder

    Consideration Description of Need Potential Resource Implications Potential Next Steps Timeline
    e.g. The PMO will need to train PMs concerning new processes. We will not only need to train PM staff in the new processes and documentation requirements, but we will also have to provide ongoing training, be it monthly, quarterly, or yearly. Members of PMO staff will be required to support this training. Analyze impact of redeploying existing resources vs. outsourcing. Q3 2016
    e.g. We will need to communicate new OCM requirements to the business and wider organization. The PMO will be taking on added communication requirements, needing to advertise to a wider audience than it has before. None Work with business side to expand the PMO’s communications network and look into leveraging existing communication portals. Next month

    Step 1.2: Define the structure and scope of the PMO’s pilot OCM initiative

    Phase 1 - 1.2

    This step will walk you through the following activities:
    • Determine pilot OCM project.
    • Estimate OCM effort.
    • Document high-level project details.
    • Establish a timeline for org change activities.
    • Assess available resources to support the PMO’s OCM initiative.
    This step involves the following participants:
    • Required: PMO Director
    • Recommended: PMO staff, project management staff, and other project stakeholders
    Outcomes of this step
    • Project definition for the PMO’s pilot OCM initiative.
    • A timeline that aligns the project schedule for key OCM activities.
    • Definition of resource availability to support OCM activities through the PMO.

    Organizational change discipline should align with project structure

    Change management success is contingent on doing the right things at the right time.

    In subsequent phases of this blueprint, we will help the PMO develop an OCM strategy that aligns with your organization’s project timelines.

    In this step (1.2), we will do some pre-work for you by determining a change initiative to pilot during this process and defining some of the roles and responsibilities for the OCM activities that we’ll develop in this blueprint.

    The image shows a sample project timeline with corresponding OCM requirements.

    Get ready to develop and pilot your OCM competencies on a specific project

    In keeping with the need to align organizational change management activities with the actual timeline of the project, the next three phases of this blueprint will move from discussing OCM in general to applying OCM considerations to a single project.

    As you narrow your focus to the organizational change stemming from a specific initiative, review the below considerations to help inform the decisions that you make during the activities in this step.

    Choose a pilot project that:

    • Has an identifiable sponsor who will be willing and able to participate in the bulk of the activities during the workshop.
    • Has an appropriate level of change associated with it in order to adequately develop a range of OCM capabilities.
    • Has a reasonably well-defined scope and timeline – you don’t want the pilot initiative being dragged out unexpectedly.
    • Has PMO/IT staff who will be assisting with OCM efforts and will be relatively familiar and comfortable with them in terms of technical requirements.

    Select a specific project that involves significant organizational change

    1.2.1 5 to 15 minutes

    The need for OCM rigor will vary depending on project size and complexity.

    While we recommend that every project has some aspect of change management to it, you can adjust OCM requirements accordingly, depending on the type of change being introduced.

    Incremental Change Transformational Change

    Organizational change management is highly recommended and beneficial for projects that require people to:

    • Adopt new tools and workflows.
    • Learn new skills.
    • Comply with new policies and procedures.
    • Stop using old tools and workflows.

    Organizational change management is required for projects that require people to:

    • Move into different roles, reporting structures, and career paths.
    • Embrace new responsibilities, goals, reward systems, and values
    • Grow out of old habits, ideas, and behaviors.
    • Lose stature in the organization.

    Phases 2, 3, and 4 of this blueprint will guide you through the process of managing organizational change around a specific project. Select one now that is currently in your request or planning stages to pilot through the activities in this blueprint. We recommend choosing one that involves a large, transformational change.

    Estimate the overall difficulty and effort required to manage organizational change

    1.2.2 5 minutes

    Use Info-Tech’s project levels to define the complexity of the project that you’ve chosen to pilot.

    Defining your project level will help determine how much effort and detail is required to complete steps in this blueprint – and, beyond this, these levels can help you determine how much OCM rigor to apply across each of the projects in your portfolio.

    Incremental Change Transformational Change
    Level 1 Level 2 Level 3
    • Low risk and complexity.
    • Routine projects with limited exposure to the business and low risk of negative impact.
    • Examples: infrastructure upgrades, application refreshes, etc.
    • Medium risk and complexity.
    • Projects with broader exposure that present a moderate level of risk to business operations.
    • Examples: Move or renovate locations, cloud migration, BYOD strategy, etc.
    • High risk and complexity.
    • Projects that affect multiple lines of business and have significant costs and/or risks.
    • Examples: ERP implementation, corporate merger, business model innovation, etc.

    For a more comprehensive assessment of project levels and degrees of risk, see Info-Tech’s Create Project Management Success blueprint – and in particular, our Project Level Assessment Tool.

    Record the goals and scope of the pilot OCM initiative

    1.2.3 15 to 30 minutes

    Description

    What is the project changing?

    How will it work?

    What are the implications of doing nothing?

    What are the phases in execution?

    Expected Benefits

    What is the desired outcome?

    What can be measured? How?

    When should it be measured?

    Goals

    List the goals.

    Align with business and IT goals.

    Expected Costs

    List the costs:

    Software costs

    Hardware costs

    Implementation costs

    Expected Risks

    List the risks:

    Business risks

    Technology risks

    Implementation risks

    Planned Project Activities & Milestones Timeline Owner(s) Status
    1. Example: Vendor Evaluation Finish by Q4-17 Jessie Villar In progress
    2. Example: Define Administrative Policies Finish by Q4-17 Gerry Anantha Starting Q2

    Know the “what” and “when” of org change activities

    The key to change management success is ensuring that the right OCM activities are carried out at the right time. The below graphic serves as a quick view of what OCM activities entail and when they should be done.

    The image is the sample project timeline previously shown, but with additional notes for each segment of the Gantt chart. The notes are as follows: Impact Assessment - Start assessing the impact of change during planning and requirements gathering stages; Stakeholder Engagement - Use requirements gathering and design activities as opportunities to engage stakeholders and users; Transition Planning - The development period provides time for the change manager to develop and refine the transition plan (including communications and training). Change managers need to collaborate with development teams to ensure scope and schedule stay aligned, especially in Agile environments); Communications Execution - Communications should occur early and often, beginning well before change affects people and continuing long enough to reinforce change by celebrating success; Training - Training needs to be well timed to coincide with implementation; Quick Wins - Celebrate early successes to show that change is working; Evaluation & Monitoring - Adoption of change is a key to benefits realization. Don’t declare the project over until adoption of change is proven.

    Rough out a timeline for the org change activities associated with your pilot project’s timeline

    1.2.4 20-30 minutes

    With reference to the graphic on the previous slide, map out a high-level timeline for your pilot project’s milestones and the corresponding OCM activities.
    • This is essentially a first draft of a timeline and will be refined as we develop your OCM discipline in the next phase of this blueprint.
    • The purpose of roughing something out at this time is to help determine the scope of the implementation, the effort involved, and to help with resource planning.
    Project Phase or Milestone Estimated Start Date Estimated End Date Associated OCM Requirement(s)
    e.g. Planning e.g. Already in progress e.g. July e.g. Impact Assessment
    e.g. Requirements & Design e.g. August e.g. October e.g. Stakeholder Engagement & Transition Planning

    Info-Tech Insight

    Proactive change management is easier to execute and infinitely more effective than managing change reactively. A reactive approach to OCM is bound to fail. The better equipped the PMO is to plan OCM activities in advance of projects, the more effective those OCM efforts will be.

    Assess the roles and resources that might be needed to help support these OCM efforts

    1.2.5 30 minutes

    The PMO leader will need to delegate responsibility for many to all of these OCM activities throughout the project lifecycle.

    Compile a list of PMO staff, project workers, and other stakeholders who will likely be required to support these processes at each step, keeping in mind that we will be doing a more thorough consideration of the resources required to support an OCM program in Phase 3.

    OCM Activity Resources Available to Support
    Impact Assessment
    Stakeholder Engagement
    Transition Planning
    Training
    Communications
    Evaluation and Monitoring

    Info-Tech Insight

    OCM processes require a diverse network to support them.

    While we advocate an approach to org change that is centralized through the PMO, this doesn’t change the fact that the PMO’s OCM processes will need to engage the entirety of the project eco-system.

    In addition to IT/PMO directors, org change processes will engage a group as varied as project sponsors, project managers, business analysts, communications leads, and HR/training leads.

    Ensure that you are considering resources and infrastructure beyond IT as you plan your OCM processes – and engage these stakeholders early in this planning process.

    Establish core transition team roles and a reporting structure

    1.2.6 30 minutes

    Once you’ve identified OCM resources and assessed their availability, start to sketch the structure of the core transition team.

    In many cases, the core team only has one or two people responsible for impact analysis and plan development in addition to you, the sponsor, who is accountable for leadership and benefits realization.

    For larger initiatives, the core team might include several co-sponsors or advisors from different departments or lines of business, along with a handful of staff working together on analysis and planning.

    Some team structure templates/examples:

    Small (e.g. Office 365)

    • Sponsor
    • PM/BA

    Medium-Large (e.g. business process initiative)

    • Sponsor
    • PM
    • BA
    • OCM Consultant

    Complex Transformational (e.g. business model initiative, company reorg)

    • Exec. Sponsor (CxO)
    • Steering Committee
    • Project Lead/Champion (VP)
    • Business Lead(s)
    • IT Lead
    • HR/Training Lead
    • OCM Consultant

    Ultimately, organizational change is a collaborative effort

    Effective organizational change involves overlapping responsibilities.

    In keeping with the eclectic network of stakeholders that is required to support OCM processes, Phase 2 is broken up into sections that will, by turn, engage project sponsors, project managers, business analysts, communications leads, and HR/training leads.

    At each step, our intention is to arm the PMO with a toolkit and a set of processes that will help foster a project culture that is proactive about change.

    "It is amazing what you can accomplish if you do not care who gets the credit." – Harry Truman

    Project Step PMO Sponsor Project Manager Business Analyst Blueprint Reference
    Make a high-level case for change.

    A

    R R/C C 1.1
    Initiate project/change planning. A C R C 1.2
    Analyze full breadth and depth of impact. A C R R 1.3
    Assess communications and training requirements. A C R R 2.1
    Develop communications, training, and other transition plans. A R C R 2.2-3
    Approve and communicate transition plans. A C R C 2.4
    Analyze impact and progress. A C R R 3.1
    Revise project/change planning. A C R C 3.2
    Highlight and leverage successes. A R C C 3.3

    Update the Transition Team Communications Template

    1.2.7 10 minutes

    Participants
    • PMO leader
    • PMO staff
    Input
    • The outcomes of various activities in this step
    Output
    • Key sections of the Transition Team Communications Template completed

    Use Info-Tech’s Transition Team Communications Template to help communicate the outcomes of this step.

    • Use the template to document the goals, benefits, and milestones established in 1.2.3, to record the project timeline and schedule for OCM activities from 1.2.4, to document resources available for OCM activities (1.2.5), and to record the membership and reporting structure of the core transition team (1.2.6).

    Download Info-Tech’s Transition Team Communications Template.

    "Managers and user communities need to feel like they are a part of a project instead of feeling like the project is happening to them. It isn't just a matter of sending a few emails or putting up a page on a project website." Ross Latham

    Build organizational change management capabilities by bringing in required skills

    Case Study

    Industry Natural Resources

    Source Interview

    Challenge
    • Like many organizations, the company is undergoing increasing IT-enabled change.
    • Project managers tended to react to effects of change rather than proactively planning for change.

    "The hard systems – they’re easy. It’s the soft systems that are challenging... Be hard on the process. Be easy on the people." – Business Analyst, natural resources company

    Solution
    • Change management was especially challenging when projects were led by the business.
    • IT was often brought in late in business-led projects.
    • As a result, the organization incurred avoidable costs to deal with integration, retraining, etc.
    • The cost of managing change grows later in the project as more effort needs to be spent undoing (or “unfreezing”) the old state or remediating poorly executed change.
    Results
    • The company hired a business analyst with a background in organizational change to bring in the necessary skills.
    • The business analyst brought knowledge, experience, and templates based on best practices and is sharing these with the rest of the project management team.
    • As a result, organizational change management is starting earlier in projects when its effectiveness and value are maximized.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    1.1.1 Evaluate your current capabilities for managing organizational change

    Take Info-Tech’s OCM capabilities questionnaire and receive custom analyst recommendations concerning next steps.

    1.1.2 Perform a change management SWOT exercise

    Work with a seasoned analyst to assess your PMO’s strengths, weaknesses, opportunities, and threats to becoming an org change leader.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    1.1.3 Define success metrics for your PMO’s efforts to become an org change leader

    Work with an analyst to clarify how the success of this initiative will be measured and what conditions are necessary for success.

    1.2.2 Determine the appropriate OCM initiative to pilot at your organization

    Receive custom analyst insights on rightsizing your OCM planning efforts based on project size, timeline, and resource availability.

    1.2.4 Develop an OCM timeline that aligns with key project milestones

    Harness analyst experience to develop a project-specific timeline for the PMO’s change management activities to better plan your efforts and resources.

    Phase 2

    Plant the Seeds for Change During Project Planning and Initiation

    Phase 2 outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 2: Plant the seeds for change during project planning and initiation

    Proposed Time to Completion (in weeks): 1 week

    Step 2.1: Foster OCM considerations during the ideation phase

    Discuss these issues with an analyst:

    • Disengaged or absent sponsors on change initiatives.
    • Lack of organizational desire for change.
    • How to customize an OCM strategy to suit the personality of the organization.

    Then complete these activities…

    • Develop a sponsorship action plan to help facilitate more engaged change sponsorship.
    • Build a process for making the case for change throughout the organization.

    With these tools & templates:

    • Activity 2.1.3: “Refine your change story”
    • Activity 2.1.4: “Develop a sponsorship action plan”
    • Transition Team Communications Template
    Step 2.2: Perform an organizational change impact analysis

    Work with an analyst to:

    • Perform an impact analysis to make your change planning more complete.
    • Assess the depth of change impacts across various stakeholder groups.

    Then complete these activities…

    • Assign accountability for managing change impacts.
    • Update the business case with risks and opportunities identified during the impact analysis.

    With these tools & templates:

    • Organizational Change Management Impact Analysis Tool

    Step 2.1: Foster OCM considerations during the ideation phase

    Phase 2 - 2.1

    This step will walk you through the following activities:
    • Assess leadership support for change.
    • Highlight the goals and benefits of the change.
    • Refine your change story.
    • Define success criteria.
    • Develop a sponsorship action plan.
    This step involves the following participants:
    • PMO Director
    • Project sponsor for the pilot OCM project
    • Additional project staff: project managers, business analysts, etc.
    Outcomes of this step
    • Strategy to shore up executive alignment around the need for change.
    • Increased definition around the need for change.
    • Increased engagement from project sponsors around change management and project outcomes.

    Accountability for change management begins in advance of the project itself

    As early as the request phase, project sponsors and requestors have a responsibility to communicate the need for the changes that they are proposing.

    Org Change Step #1: Make the case for change during the request phase

    Initiation→Planning→Execution→Monitoring & Controlling→Closing

    Even before project planning and initiation begin, sponsors and requestors have org change responsibilities around communicating the need for a change and demonstrating their commitment to that change.

    In this step, we will look at the OCM considerations that need to be factored in during project ideation.

    The slides ahead will cover what the PMO can do to help foster these considerations among project sponsors and requestors.

    While this project may already be in the planning phase, the activities in the slides ahead will help lay a solid OCM foundation as you move ahead into the impact assessment and stakeholder engagement steps in this phase.

    Strongly recommended: include the sponsor for your pilot OCM project in many of the following activities (see individual activity slides for direction).

    Info-Tech Insight

    Make active sponsorship a criteria when scoring new requests.

    Projects with active sponsors are far more likely to succeed than those where the sponsor cannot be identified or where she/he is unable or unwilling to champion the initiative throughout the organization.

    Consider the engagement level of sponsors when prioritizing new requests. Without this support, the likelihood of a change initiative succeeding is far diminished.

    What does effective sponsorship look like?

    Somewhere along the way a stereotype arose of the project sponsor as a disengaged executive who dreams up a project idea and – regardless of that idea’s feasibility or merit – secures funding, pats themselves on the back, and does not materialize again until the project is over to pat themselves on the back again.

    Indeed, it’s exaggerated, based partly on the fact that sponsors are almost always extremely busy individuals, with very demanding day jobs on top of their responsibilities as sponsors. The stereotype doesn’t capture the very real day-to-day project-level responsibilities of project sponsors.

    Leading change management institute, Prosci, has developed a checklist of 10 identifiable traits and responsibilities that PMO leaders and project managers should help to foster among project sponsors. As Prosci states, the checklist “can be used as an audit tool to see if you are utilizing best practices in how you engage senior leaders on your change initiatives.”

    Prosci’s Change Management Sponsor Checklist:

    Are your sponsors:

    • Aware of the importance they play in making changes successful?
    • Aware of their roles in supporting org change?
    • Active and visible throughout the project?
    • Building necessary coalitions for change success?
    • Communicating directly and effectively with employees?
    • Aware that the biggest mistake is failing to personally engage as the sponsor?
    • Prepared to help manage resistance?
    • Prepared to celebrate successes?
    • Setting clear priorities to help employees manage project and day-to-day work?
    • Avoiding trends and backing change that will be meaningful for the long term?

    (Source: Prosci’s Change Management Sponsor Checklist)

    Assess leadership support for change

    2.1.1 30 minutes

    Participants
    • PMO leader
    • Other PMO/PM staff
    Output
    • Leadership support strategy

    Many change initiatives require significant investments of political capital to garner approval, funding, and involvement from key executives. This process can take months or even years before the project is staffed and implementation begins.

    • In cases where leadership opposition or ambivalence to change is a critical success inhibitor, project sponsors or change leaders need a deliberate strategy for engaging and converting potential supporters.
    • You might need to recruit someone with more influence or authority to become sponsor or co-sponsor to convert supporters you otherwise could not.
    • Use the table below as an example to begin developing your executive engagement strategy (but keep it private).
    Executive/Stakeholder Degree of Support Ability to Influence Potential Contribution/Engagement Strategy
    Board of Directors Med High
    CEO
    CFO
    CIO
    CxO

    “The stakes of having poorly engaged executive sponsors are high, as are the consequences and costs. PMI research into executive sponsorship shows that one in three unsuccessful projects fail to meet goals due to poorly engaged executive sponsors.”

    PMI, 2014

    Highlight the goals and benefits of the change

    2.1.2 30-60 minutes

    Participants
    • PMO leader
    • PMO staff
    • Project sponsor

    Build desire for change.

    The project sponsor is accountable for defining the high-level scope and benefits of the project. The PMO needs to work with the sponsor during the ideation phase to help establish the need for the proposed change.

    Use the table below to begin developing a compelling vision and story of change. If you have not already defined high-level goals and deliverables for your project, download Info-Tech’s Light Project Request Form (a Detailed Project Request Form is also available).

    Why is there a need to change?
    How will change benefit the organization?
    How did we determine this is the right change?
    What would happen if we didn’t change?
    How will we measure success?

    See Info-Tech’s Optimize Project Intake, Approval, and Prioritization blueprint for more detailed advice on working with requestors to define requirements and business value of new requests.

    Stories are more compelling than logic and facts alone

    Crucial facts, data, and figures are made more digestible, memorable, and actionable when they are conveyed through a compelling storyline.

    While you certainly need high-level scope elements and a rigorous cost-benefit analysis in your business case, projects that require organizational change also need a compelling story or vision to influence groups of stakeholders.

    As the PMO works with sponsors to identify and document the goals and benefits of change, begin to sketch a narrative that will be compelling to the organization’s varied audiences.

    Structuring an effective project narrative:

    Research shows (Research and impacts cited in Torben Rick’s “Change Management Require[s] a Compelling Story,” 2014) that when managers and employees are asked about what most inspires them in their work, their responses are evenly split across five forms of impact:

    1. Impact on society – e.g. the organization’s role in the community.
    2. Impact on the customer – e.g. providing effective service.
    3. Impact on the company – e.g. contributing positively to the growth of the organization.
    4. Impact on the working team – e.g. creating an inclusive work environment.
    5. Impact on the individual – e.g. personal development and compensation.

    "Storytelling enables the individuals in an organization to see themselves and the organization in a different light, and accordingly take decisions and change their behavior in accordance with these new perceptions, insights, and identities." – Steve Denning

    Info-Tech Insight

    A micro-to-macro change narrative. A compelling org change story needs to address all five of these impacts in order to optimally engage employees in change. In crafting a narrative that covers both the micro and macro levels, you will be laying a solid foundation for adoption throughout the organization.

    Refine your change story

    2.1.3 45 to 60 minutes

    Participants
    • PMO leader
    • PMO staff
    • Project sponsor
    Input
    • 5 levels of change impact
    • Stakeholder groups
    Output
    • Improved change justification to help inform the request phase and the development of the business case.
    Materials
    • Whiteboard and markers

    Using a whiteboard to capture the discussion, address the 5 levels of change impact covered on the previous slide.

    1. Develop a list of the stakeholder groups impacted by this project.
      • The impacts will be felt differently by different groups, so develop a high-level list of those stakeholder groups that will be directly affected by the change.
      • Keep in mind, this activity is not an impact assessment. This activity is meant to elicit how the change will be perceived by the different stakeholder groups, not how it will actually impact them – i.e. this activity is about making the case for change, not actually managing the change.
    2. Brainstorm how the five impact levels will be perceived from the point of view of each stakeholder group.
      • Spend about 5 to 10 minutes per impact per stakeholder group.
      • The goal here isn’t to create a detailed plotline; your change story may evolve as the project evolves. A point or two per impact per group will suffice.
    3. As a group, prioritize the most prescient points and capture the results of your whiteboarding to help inform future artifacts.
      • The points developed during this activity should inform both the ad hoc conversations that PMO staff and the sponsor have with stakeholders, as well as formal project artifacts, such as the request, business case, charter, etc.

    When it comes to communicating the narrative, project sponsors make the most compelling storytellers

    Whatever story you develop to communicate the goals and the benefits of the change, ultimately it should be the sponsor who communicates this message to the organization at large.

    Given the competing demands that senior leaders face, the PMO still has a pivotal role to play in helping to plan and facilitate these communications.

    The PMO should help sponsors by providing insights to shape change messaging (refer to the characteristics outlined in the table below for assistance) and by developing a sponsorship action plan (Activity 2.1.4).

    Tips for communicating a change story effectively:
    Identify and appeal to the audience’s unique frames of reference. e.g. “Most of you remember when we…”
    Include concrete, vivid details to help visualize change. e.g. “In the future, when a sales rep visits a customer in Wisconsin, they’ll be able to process a $100,000 order in seconds instead of hours.”
    Connect the past, present, and future with at least one continuous theme. e.g. “These new capabilities reaffirm our long-standing commitment to customers, as well as our philosophy of continuously finding ways to be more responsive to their needs.”

    “[T]he sponsor is the preferred sender of messages related to the business reasons and organizational implications for a particular initiative; therefore, effective sponsorship is crucial in building an awareness of the need for change.

    Sponsorship is also critical in building the desire to participate and support the change with each employee and in reinforcing the change.”

    Prosci

    Base the style of your communications on the organization’s receptiveness to change

    Not all organizations embrace or resist change in the same ways. Base your change communications on your organization’s cultural appetite for change in general.

    Use the below dimensions to gauge your organization’s appetite for change. Analyzing this will help determine the form and force of communications.

    In the next slide, we will base aspects of your sponsorship action plan on whether an organization’s indicator is “high” or “low” across these three dimensions.

    • Organizations with low appetite for change will require more direct, assertive communications.
    • Organizations with a high appetite for change are more suited to more open, participatory approaches.

    Three key dimensions determine the appetite for cultural change (Dimensions taken from Joanna Malgorzata Michalak’s “Cultural Catalysts and Barriers of Organizational Change Management: a Preliminary Overview,” 2010):

    Power Distance Refers to the acceptance that power is distributed unequally throughout the organization. Organizations with a high power distance indicator show that the unequal power distribution is accepted by the less powerful employees.
    Individualism Organizations that score high in individualism have employees who are more independent; those who score low in individualism fall into the collectivism side where employees are strongly tied to one another or their groups.
    Uncertainty Avoidance Describes the level of acceptance that an organization has towards uncertainty. Those who score high in this area find that their employees do not favor “uncertain” situations, while those that score low in this area find that their employees are comfortable with change and uncertainty.

    "Societies with a high indicator of power distance, individualism, and uncertainty avoidance create vital inertial forces against transformation." – Michalak

    Develop a sponsorship action plan

    2.1.4 45 to 60 minutes

    Participants
    • PMO leader
    • PMO staff
    • Project sponsor
    Use the table below to define key tasks and responsibilities for the project sponsor.
    1. Populate the first column with the stakeholder groups from Activity 2.1.3.
    2. With reference to the Sponsor Checklist, brainstorm key sponsorship responsibilities for this project across each of the groups.
    3. When gauging the frequency of each activity and the “Estimated Weekly Effort” required by the sponsor to complete them, consider the organization’s appetite for change.
      • Where indicators across the three dimensions are low, the sponsor’s involvement can be less hands-on and more collaborative in nature.
      • Where indicators across the three dimensions are high, the sponsor’s involvement should be hands-on and direct in her/his communications.
    Group Activity Est. Weekly Effort Comments/Frequency
    Project Team Ad hoc check-in on progress 30 mins Try to be visible at least once a week
    Attend status meetings 30 mins Every second Tuesday, 9 am
    Senior Managers Touch base informally 45 mins Aim for bi-weekly, one-on-one touchpoints
    Lead steering committee meetings 60 mins First Thursday of the month, 3 pm
    End Users Organization-wide emails Ad hoc, 20 mins As required, with PMO assistance

    "To manage change is to tell people what to do... but to lead change is to show people how to be." – Weick & Quinn

    Update the Transition Team Communications Template

    2.1.5 10 minutes

    Participants
    • PMO leader
    • PMO staff
    Input
    • The outcomes of various activities in this step
    Output
    • Key sections of the Transition Team Communications Template completed

    Use Info-Tech’s Transition Team Communications Template to help communicate the outcomes of this step.

    The following activities should be recorded in the template:

    Activity 2.1.2

    In addition, the outcome of Activity 2.1.4, the “Sponsorship Action Plan,” should be converted to a format such as Word and provided to the project sponsor.

    Download Info-Tech’s Transition Team Communications Template.

    "In most work situations, the meaning of a change is likely to be as important, if not more so, than the change itself."

    – Roethlisberger (cited in Burke)

    Step 2.2: Perform an organizational change impact assessment

    Phase 2 - 2.2

    This step will walk you through the following activities:
    • Perform change impact survey.
    • Assess the depth of impacts for different stakeholders and stakeholder groups.
    • Determine overall adoptability of the OCM effort.
    • Establish a game plan for managing individual impacts.
    • Review risks and opportunities.
    • Determine how the value of the change will be measured.
    This step involves the following participants:
    • PMO Director
    • Project sponsor for the pilot OCM project
    • Additional project staff: project managers, business analysts, members of the transition team, etc.
    Outcomes of this step:
    • A change impact analysis.
    • An adoptability rating for the change initiative to help the PMO plan its OCM efforts.
    • A better understanding of the risks and opportunities associated with the change to inform the business case.

    Analyze change impacts across multiple dimensions to ensure that nothing is overlooked

    Ensure that no stone is left unturned as you prepare for a comprehensive transition plan.

    In the previous step, we established a process and some accountabilities to help the PMO and project sponsors make the case for change during the ideation and initiation phase of a project.

    In this step, we will help with the project planning phase by establishing a process for analyzing how the change will impact various dimensions of the business and how to manage these impacts to best ensure stakeholder adoption.

    Brace for Impact…

    A thorough analysis of change impacts will help the PMO:

    • Bypass avoidable problems.
    • Remove non-fixed barriers to success.
    • Acknowledge and minimize the impact of unavoidable barriers.
    • Identify and leverage potential benefits.
    • Measure the success of the change.

    Assign the appropriate accountabilities for impact analysis

    In the absence of an assigned change manager, organizational change impact assessments are typically performed by a business analyst or the project manager assigned to the change initiative.

    • Indeed, as with all change management activities, making an individual accountable for performing this activity and communicating its outcomes is key to the success of your org change initiative.
    • At this stage, the PMO needs to assign or facilitate accountability for the impact analysis on the pilot OCM initiative or it needs to take this accountability on itself.

    Sample RACI for this activity. Define these accountabilities for your organization before proceeding with this step.

    Project Sponsor PMO PM or BA
    Survey impact dimensions I A R
    Analyze impacts across multiple stakeholder groups I A R
    Assess required OCM rigor I A/R C
    Manage individual impacts I A R

    Info-Tech Insight

    Bring perspective to an imperfect view.

    No individual has a comprehensive view of the potential impact of change.

    Impact assessment and analysis is most effective when multiple viewpoints are coordinated using a well-defined list of considerations that cover a wide breadth of dimensions.

    Revisit and refine the impact analysis throughout planning and execution, as challenges to adoption become more clear.

    Perform a change impact analysis to make your planning more complete

    Use Info-Tech’s Organizational Change Management Impact Analysis Tool to weigh all of the factors involved in a change and to formalize discipline around impact analysis.

    Info-Tech’s Organizational Change Management Impact Analysis Tool helps to document the change impact across multiple dimensions, enabling the PMO to review the analysis with others to ensure that the most important impacts are captured. The tool also helps to effectively monitor each impact throughout project execution.

    • Change impact considerations can include: products, services, states, provinces, cultures, time zones, legal jurisdictions, languages, colors, brands, subsidiaries, competitors, departments, jobs, stores, locations, etc.
    • Each of these dimensions is an MECE (Mutually Exclusive, Collectively Exhaustive) list of considerations that could be impacted by the change. For example, a North American retail chain might consider “Time Zones” as a key dimension, which could break down as Newfoundland, Atlantic, Eastern, Central, Mountain, and Pacific.

    Download Info-Tech’s Organizational Change Impact Analysis Tool.

    • Required Participants for this Step: PMO Leader; project manager or business analyst
    • Recommended Participants for this Step: Project Sponsor; IT/PMO staff

    Info-Tech Insight

    Anticipate the unexpected. Impact analysis is the cornerstone of any OCM strategy. By shining a light on considerations that might have otherwise escaped project planners and decision makers, an impact analysis is an essential component to change management and project success.

    Enter high-level project information on the “Set Up” tab

    2.2.1 15 minutes

    The “2. Set Up” tab of the Impact Tool is where you enter project-specific data pertaining to the change initiative.

    The inputs on this tab are used to auto-populate fields and drop-downs on subsequent tabs of the analysis.

    Document the stakeholders (by individual or group) associated with the project who will be subject to the impacts.

    You are allowed up to 15 entries. Try to make this list comprehensive. Missing any key stakeholders will threaten the value of this activity as a whole.

    If you find that you have more than 15 individual stakeholders, you can group individuals into stakeholder groups.

    Keep in mind...

    An impact analysis is not a stakeholder management exercise.

    Impact assessments cover:

    • How the change will affect the organization.
    • How individual impacts might influence the likelihood of adoption.

    Stakeholder management covers:

    • Resistance/objections handling.
    • Engagement strategies to promote adoption.

    We will cover the latter in the next step.

    “As a general principle, project teams should always treat every stakeholder initially as a recipient of change. Every stakeholder management plan should have, as an end goal, to change recipients’ habits or behaviors.”

    PMI, 2015

    Determine the relevant considerations for analyzing the change impacts of a project

    2.2.2 15 to 30 minutes

    Use the survey on tab 3 of the Impact Analysis Tool to determine the dimensions of change that are relevant.

    The impact analysis is fueled by the thirteen-question survey on tab 3 of the tool.

    This survey addresses a comprehensive assortment of change dimensions, ranging from customer-facing considerations, to employee concerns, to resourcing, logistical, and technological questions.

    Once you have determined the dimensions that are impacted by the change, you can go on to assess how individual stakeholders and stakeholder groups are affected by the change.

    This image is a screenshot of tab 3, Impact Survey, of the Impact Analysis Tool.

    Screenshot of tab “3. Impact Survey,” showing the 13-question survey that drives the impact analysis.

    Ideally, the survey should be performed by a group of project stakeholders together. Use the drop-downs in column K to record your responses.

    "A new system will impact roles, responsibilities, and how business is conducted within an organization. A clear understanding of the impact of change allows the business to design a plan and address the different levels of changes accordingly. This approach creates user acceptance and buy-in."

    – January Paulk, Panorama Consulting

    Impacts will be felt differently by different stakeholders and stakeholder groups

    As you assess change impacts, keep in mind that no impact will be felt the same across the organization. Depth of impact can vary depending on the frequency (will the impact be felt daily, weekly, monthly?), the actions necessitated by it (e.g. will it change the way the job is done or is it simply a minor process tweak?), and the anticipated response of the stakeholder (support, resistance, indifference?).

    Use the Organizational Change Depth Scale below to help visualize various depths of impact. The deeper the impact, the tougher the job of managing change will be.

    Procedural Behavioral Interpersonal Vocational Cultural
    Procedural change involves changes to explicit procedures, rules, policies, processes, etc. Behavioral change is similar to procedural change, but goes deeper to involve the changing tacit or unconscious habits. Interpersonal change goes beyond behavioral change to involve changing relationships, teams, locations, reporting structures, and other social interactions. Vocational change requires acquiring new knowledge and skills, and accepting the loss or decline in the value or relevance of previously acquired knowledge and skills. Cultural change goes beyond interpersonal and vocational change to involve changing personal values, social norms, and assumptions about the meaning of good vs. bad or right vs. wrong.
    Example: providing sales reps with mobile access to the CRM application to let them update records from the field. Example: requiring sales reps to use tablets equipped with a custom mobile application for placing orders from the field. Example: migrating sales reps to work 100% remotely. Example: migrating technical support staff to field service and sales support roles. Example: changing the operating model to a more service-based value proposition or focus.

    Determine the depth of each impact for each stakeholder group

    2.2.3 1 to 3 hours

    Tab “4. Impact Analysis” of the Analysis Tool contains the meat of the impact analysis activity.
    1. The “Impact Analysis” tab is made up of thirteen change impact tables (see next slide for a screenshot of one of these tables).
    • You may not need to use all thirteen tables. The number of tables you use coincides with the number of “yes” responses you gave in the previous tab.
    • If you no not need all thirteen impact tables (i.e. if you do not answer “yes” to all thirteen questions in tab 2, the unused/unnecessary tables will not auto-populate.)
  • Use one table per change impact. Each of your “yes” responses from tab 3 will auto-populate at the top of each change impact table. You should go through each of your “yes” responses in turn.
  • Analyze how each impact will affect each stakeholder or stakeholder group touched by the project.
    • Column B in each table will auto-populate with the stakeholder groups from the Set Up tab.
  • Use the drop-downs in columns C, D, and E to rate the frequency of each impact, the actions necessitated by each impact, and the anticipated response of each stakeholder group.
    • Each of the options in these drop-downs is tied to a ranking table that informs the ratings on the two subsequent tabs.
  • If warranted, you can use the “Comments” cells in column F to note the specifics of each impact for each stakeholder/group.
  • See the next slide for an accompanying screenshot of a change impact table from tab 4 of the Analysis Tool.

    Screenshot of “Impact Analysis” tab

    The image is a screenshot of the Impact Analysis tab.

    The stakeholder groups entered on the Set Up will auto-populate in column B of each table.

    Your “yes” responses from the survey tab will auto-populate in the cells to the right of the “Change Impact” cells.

    Use the drop-downs in this column to select how often the impact will be felt for each group (e.g. daily, weekly, periodically, one time, or never).

    “Actions” include “change to core job duties,” “change to how time is spent,” “confirm awareness of change,” etc.

    Use the drop-downs to hypothesize what the stakeholder response might be. For now, for the purpose of the impact analysis, a guess is fine. We will come back to build a communications plan based on actual responses in Phase 3 of this blueprint.

    Review your overall impact rating to help assess the likelihood of change adoption

    Use the “Overall Impact Rating” on tab 5 to help right-size your OCM efforts.

    Based upon your assessment of each individual impact, the Analysis Tool will provide you with an “Overall Impact Rating” in tab 5.

    • This rating is an aggregate of each of the individual change impact tables used during the analysis, and the rankings assigned to each stakeholder group across the frequency, required actions, and anticipated response columns.

    The image is a screenshot of tab 5, the Overall Process Adoption Rating. The image shows a semi-circle, where the left-most section is red, the centre yellow, and the right-most section green, with a dial positioned at the right edge of the yellow section.

    Projects in the red should have maximum change governance, applying a full suite of OCM tools and templates, as well as revisiting the impact analysis exercise regularly to help monitor progress.

    Increased communication and training efforts, as well as cross-functional partnerships, will also be key for success.

    Projects in the yellow also require a high level of change governance. Follow the steps and activities in this blueprint closely, paying close attention to the stakeholder engagement activities in the next step to help sway resistors and leverage change champions.

    In order to free up resources for those OCM initiatives that require more discipline, projects in green can ease up in their OCM efforts somewhat. With a high likelihood of adoption as is, stakeholder engagement and communication efforts can be minimized somewhat for these projects, so long as the PMO is in regular contact with key stakeholders.

    "All change is personal. Each person typically asks: 'What’s in it for me?'" – William T. Craddock

    Use the other outputs on tab 5 to help structure your OCM efforts

    In addition to the overall impact rating, tab 5 has other outputs that will help you assess specific impacts and how the overall change will be received by stakeholders.

    The image is a screenshot of tab 5.

    Top-Five Highest Risk Impacts table: This table displays the highest risk impacts based on frequency and action inputs on Tab 4.

    Top-Five Most Impacted Stakeholders table: Here you’ll find the stakeholders, ranked again based on frequency and action, who will be most impacted by the proposed changes.

    Top Five Supporters table: These are the 5 stakeholders most likely to support changes, based on the Anticipated Response column on Tab 4.

    The stakeholder groups entered on the Set Up Tab will auto-populate in column B of each table.

    In addition to these outputs, this tab also lists top five change resistors, and has an impact register and list of potential impacts to watch out for (i.e. your “maybe” responses from tab 3).

    Establish a game plan to manage individual change impacts

    2.2.4 60 to 90 minutes

    The final tab of the Analysis Tool can be used to help track and monitor individual change impacts.
    • Use the “Communications Plan” on tab 7 to come up with a high-level game plan for tracking communications about each change with the corresponding stakeholders.
    • Update and manage this tab as the communication events occur to help keep your implementation on track.

    The image is a screenshot of the Communications Plan, located on tab 7 of the Analysis Tool. There are notes emerging from each of the table headings, as follows: Communication Topic - Select from a list of topics identified on Tab 6 that are central to successful change, then answer the following; Audience/Format/Delivery - Which stakeholders need to be involved in this change? How are we going to meet with them?; Creator - Who is responsible for creating the change?; Communicator - Who is responsible for communicating the change to the stakeholder?; Intended Outcome - Why do you need to communicate with this stakeholder?; Level of Risk - What is the likelihood that you can achieve your attended outcome? And what happens if you don’t?

    Document the risk assumptions stemming from your impact analysis

    2.2.5 30 to 60 minutes

    Use the Analysis Tool to produce a set of key risks that need to be identified, communicated, mitigated, and tracked.

    A proper risk analysis often reveals risks and mitigations that are more important to other people in the organization than those managing the change. Failure to do a risk analysis on other people’s behalf can be viewed as negligence.

    In the table below, document the risks related to the assumptions being made about the upcoming change. What are the risks that your assumptions are wrong? Can steps be taken to avoid these risks?

    Risk Assumption Magnitude if Assumption Wrong Likelihood That Assumption Is Wrong Mitigation Strategy Assessment
    e.g. Customers will accept shipping fees for overweight items > 10 pounds Low High It's a percentage of our business, and usually accompanies a sharply discounted product. We need to extend discretionary discounting on shipping to supervisory staff to mitigate the risk of lost business. Re-assess after each quarter.

    "One strategy to minimize the impact is to determine the right implementation pace, which will vary depending on the size of the company and the complexity of the project" – Chirantan Basu

    Record any opportunities pertaining to the upcoming change

    2.2.6 30 to 60 minutes

    Use the change impacts to identify opportunities to improve the outcome of the change.

    Use the table below to brainstorm the business opportunities arising from your change initiative. Consider if the PMO can take steps to help improve the outcomes either through supporting the project execution or through providing support to the business.

    Opportunity Assumption Potential Value Likelihood That Assumption Is Wrong Leverage Strategy Assessment
    e.g. Customer satisfaction can increase as delivery time frames for the remaining custom products radically shrink and services extend greatly. High Medium Reset the expectations of this market segment so that they go from being surprised by good service to expecting it. Our competitors will not be able to react to this.

    Info-Tech Insight

    The bigger the change, the bigger the opportunity. Project and change management has traditionally focused on a defensive posture because organizations so often fail to mitigate risk. Good change managers also watch for opportunities to improve and exploit the outcomes of the change.

    Determine how to measure the value of the change

    2.2.7 15 to 30 minutes

    Describe the metrics that will be used to assess the management of this change.

    Now that you’ve assessed the impacts of the change, and the accompanying risks and opportunities, use the table below to document metrics that can be used to help assess the management of the change.

    • Don’t rely on the underlying project to determine the value of the change itself: It’s important to recognize the difference between change management and project management, and the establishment of value metrics is an obvious source of this differentiation.
    • For example, consider a project that is introducing a new method of remitting travel expenses for reimbursement.
      • The project itself would be justified on the efficiency of the new process.
      • The value of the change itself could be measured by the number of help desk calls looking for the new form, documentation, etc.
    Metric Calculation How to Collect Who to Report to Frequency
    Price overrides for new shipping costs It is entered as a line item on invoices, so it can be calculated as % of shipping fees discounted. Custom report from CRM (already developed). Project Steering Committee Project Steering Committee

    Document risks and other impact analysis considerations in the business case

    2.2.8 10 minutes

    Participants
    • PMO leader
    • Project Manager
    Input
    • The risks and issues identified through the impact analysis.
    Output
    • Comprehensive list of risks documented in the business case.
    Use the outcomes of the activities in this step to help inform your business case as well as any other risk management artifacts that your project managers may use.
    • Because long-term project success depends upon stakeholder adoption, high-risk impacts should be documented as considerations in the risk section of your business case.
    • In addition, the “Overall Impact Rating” graph and the “Impact Management Worksheet” could be used to help improve business cases as well as charters on some projects.

    If your organization doesn’t have a standard business case document, use one of Info-Tech’s templates. We have two templates to choose from, depending on the size of the project and the amount of rigor required:

    Download Info-Tech’s Comprehensive Business Case Template for large, complex projects or our Fast Track Business Case Template for smaller ones.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    2.1.3 Create a convincing sponsor-driven story to help build the case for change

    Work with an analyst to exercise your storytelling muscles, building out a process to help make the case for change throughout the organization.

    2.1.4 Develop a sponsorship action plan

    Utilize analyst experience to help develop a sponsorship action plan to help facilitate more engaged change project sponsors.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    2.2.3 Assess different change impacts across various stakeholder groups

    Get an analyst perspective on how each impact may affect different stakeholders in order to assist with the project and OCM planning process.

    2.2.4 Develop a proactive change impact management plan

    Rightsize your response to change impacts by developing a game plan to mitigate each one according to adoption likelihood.

    2.2.5 Use the results of the impact analysis to inform and improve the business case for the project

    Work with the analyst to translate the risks and opportunities identified during the impact analysis into points of consideration to help inform and improve the business case for the project.

    Phase 3

    Facilitate Change Adoption Throughout the Organization

    Phase 3 outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 3: Facilitate Change Adoption Throughout the Organization

    Proposed Time to Completion (in weeks): 4 to 6 weeks

    Step 3.1: Ensure stakeholders are engaged and ready for change

    Discuss these issues with analyst:

    • Lack of alignment between IT and the business.
    • Organizational resistance to a command-and-control approach to change.

    Then complete these activities…

    • Develop a stakeholder engagement plan.

    With these tools & templates:

    • Stakeholder Engagement Workbook
    Step 3.2: Develop and execute the transition plan

    Discuss these issues with analyst:

    • Org change initiatives often fail due to the influence of resistors.
    • Failure to elicit feedback contributes to the feeling of a change being imposed.

    Then complete these activities…

    • Develop a communications strategy to address a variety of stakeholder reactions to change.

    With these tools & templates:

    • Transition Plan Template
    • Activity 3.2.7: “Objections Handling Template”
    Step 3.3: Establish HR and training plans

    Discuss these issues with analyst:

    • Training is often viewed as ineffective, contributing to change resistance rather than fostering adoption.

    Then complete these activities…

    • Rightsize training content based on project requirements and stakeholder sentiment.

    With these tools & templates:

    • “Training Requirements” tab in the Stakeholder Engagement Workbook
    • “Training Plan” section of the Transition Plan Template

    Step 3.1: Ensure stakeholders are engaged and ready for change

    Phase 3 - 3.1

    This step will walk you through the following activities:
    • Involve the right stakeholders in the change.
    • Define project roles and responsibilities.
    • Define elicitation methods for obtaining stakeholder input.
    • Perform a stakeholder analysis to assess influence, interest, and potential contribution.
    • Assess communications plan requirements.
    This step involves the following participants:
    • Required: PMO Director; project manager or business analyst
    • Recommended: Project Sponsor; the Transition Team; other IT/PMO staff
    Outcomes of this step
    • A stakeholder analysis.
    • Requirements for the communications plan.

    The nature of change is changing

    The challenge of managing change is complicated by forces that are changing change.

    Empowerment: Increased worker mobility, effect of millennials in the workforce, and lower average tenure means that people are less tolerant of a hierarchical, command-and-control approach to change.

    • Additionally, lower average tenure means you can’t assume everyone has the same context or background for change (e.g. they might not have been with the organization for earlier phases when project justification/rationale was established).

    Noise: Inundation with communications and diversity of channels means the traditional “broadcast” approach to communicating change doesn’t work (i.e. you can’t expect every email to get everyone’s attention).

    As a result, disciplines around organizational change tend to be less linear and deliberate than they were in the past.

    "People don’t resist change. They resist being changed."

    Peter Senge

    How to manage change in organizations of today and the future:

    • New realities require a more collaborative, engaging, open, and agile approach to change.
    • Communication is increasingly more of a two-way, ongoing, iterative engagement process.
    • Project leaders on change initiatives need to engage diverse audiences early and often.
    • Information about change needs to reach people and be easily findable where and when stakeholders need it.
    Info-Tech Insight

    Accountabilities for change management are still required. While change management needs to adopt more collaborative and organic approaches, org change success still depends on assigning appropriate accountabilities. What’s changed in the move to matrix structure is that accountabilities need to be facilitated more collaboratively.

    Leading change requires collaboration to ensure people, process, and technology factors are aligned

    In the absence of otherwise defined change leadership, the PMO needs to help navigate every technology-enabled change, even if it isn’t in the “driver’s seat.”

    PMO leaders and IT experts often find themselves asked to help implement or troubleshoot technology-related business projects that are already in flight.

    The PMO will end up with perceived or de facto responsibility for inadequate planning, communications, and training around technology-enabled change.

    IT-Led Projects

    Projects led by the IT PMO tend to be more vulnerable to underestimating the impact on people and processes on the business side.

    Make sure you engage stakeholders and representatives (e.g. “power users”) from user populations early enough to refine and validate your impact assessments.

    Business-Led Projects

    Projects led by people on the business side tend to be more vulnerable to underestimating the implications of technology changes.

    Make sure IT is involved early enough to identify and prepare for challenges and opportunities involving integration, user training, etc.

    "A major impediment to more successful software development projects is a corporate culture that results in a lack of collaboration because business executives view the IT departments as "order takers," a view disputed by IT leaders."

    – David Ramel (cited by Ben Linders)

    Foster change collaboration by initiating a stakeholder engagement plan through the PMO

    If project stakeholders aren’t on board, the organization’s change initiatives will be in serious trouble.

    Stakeholders will not only be highly involved in the process improvement initiative, but they also may be participants, so it’s essential that you get their buy-in for the initiative upfront.

    Use Info-Tech’s Stakeholder Engagement Workbook to help plan how stakeholders rate in terms of engagement with the project.

    Once you have identified where different stakeholders fall in terms of interests, influence, and support for/engagement with the change initiative, you can structure your communication plan (to be developed in step 3.2) based on where individuals and stakeholder groups fall.

    • Required participants for the activities in this step: PMO Leader; project manager or business analyst
    • Recommended participants for the activities in this step: Project Sponsor; IT/PMO staff

    Download Info-Tech’s Stakeholder Engagement Workbook.

    The engagement plan is a structured and documented approach for:

    • Gathering requirements by eliciting input and validating plans for change.
    • Cultivating sponsorship and support from key stakeholders early in the project lifecycle.

    Download Info-Tech’s Stakeholder Engagement Workbook.

    Involve the right people to drive and facilitate change

    Refer to your project level assessment from 1.2.2:

    • Level 1 projects tend to only require involvement from the project team, sponsors, and people affected.
    • Level 2 projects often benefit from broad support and capabilities in order to take advantage of opportunities.
    • Level 3 projects require broad support and capabilities in order to deal with risks and barriers.

    Info-Tech Insight

    The more transformational the change, the more it will affect the org chart – not just after the implementation, but also through the transition.

    Take time early in the project to define the reporting structure for the project/transition team, as well as any teams and roles supporting the transition.

    • Project manager: Has primary accountability for project success.
    • Senior executive project sponsor: Needed to “open doors” and signal organization’s commitment to the change.
    • Technology SMEs and architects: Responsible for determining and communicating requirements and risks of the technology being implemented or changed.
    • Business unit leads: Responsible for identifying and communicating impact on business functions, approving changes, and helping champion change.
    • Product/process owners: Responsible for identifying and communicating impact on business functions, approving changes, and helping champion change.
    • HR specialists: Most valuable when roles and organizational design are affected, i.e. change requires staff redeployment, substantial training (not just using a new system or tool but acquiring new skills and responsibilities), or termination.
    • Training specialists: If you have full-time training staff in the organization, you will eventually need them to develop training courses and material. Consulting them early will help with scoping, scheduling, and identifying the best resources and channels to deliver the training.
    • Communications specialists (internal): Valuable in crafting communications plan; required if communications function owns internal communications.

    Use the RACI table on the next slide to clarify who will be accountable, responsible, consulted, and informed for key tasks and activities around this change initiative.

    Define roles and responsibilities for facilitating change on your pilot OCM initiative

    3.1.1 60 minutes

    Perform a RACI exercise pertaining to your pilot change initiative to clarify who to include in the stakeholder engagement activity.

    Don’t reinvent the wheel: revisit the list of stakeholders and stakeholder groups from your impact assessment. The purpose of the RACI is to bring some clarity to project-specific responsibilities.

    Tasks PMO Project Manager Sr. Executives Technology SME Business Lead Process Owner HR Trainers Communications
    Meeting project objectives A R A R R
    Identifying risks and opportunities A R A C C C C I I
    Building the action plan A R C R R R R R R
    Planning and delivering communications A R C C C C C R A
    Planning and delivering training A R C C C C R A C
    Gathering and analyzing feedback and KPIs A R C C C C C R R

    Copy the results of this RACI exercise into tab 1 of the Stakeholder Engagement Workbook. In addition, it can be used to inform the designated RACI section in the Transition Plan Template. Revise the RACI Table there as needed.

    Formalize the stakeholder analysis to identify change champions and blockers

    Define key stakeholders (or stakeholder groups) who are affected by the project or are in positions to enable or block change.

    • Remember to consider customers, partners, and other external stakeholders.
    • People best positioned to provide insight and influence change positively are also best positioned to create resistance.
    • These people should be engaged early and often in the transition process – not just to make them feel included or part of the change, but because their insight could very likely identify risks, barriers, and opportunities that need to be addressed.

    The image is a screenshot of tab 3 of the Stakeholder Engagement Workbook.

    In tab three of the Stakeholder Engagement Workbook, compile the list of stakeholders who are touched by the change and whose adoption of the change will be key to project success.

    To save time, you can copy and paste your stakeholder list from the Set Up tab of the Organizational Change Management Impact Analysis Tool into the table below and edit the list as needed.

    Formal stakeholder analysis should be:

    • Required for Level 3 projects
    • Recommended for Level 2 projects
    • Optional for Level 1 projects

    Info-Tech Insight

    Resistance is, in many cases, avoidable. Resistance is commonly provided by people who are upset about not being involved in the communication. Missed opportunities are the same: they usually could have been avoided easily had somebody known in time. Use the steps ahead as an opportunity to ensure no one has been missed.

    Perform a stakeholder analysis to begin cultivating support while eliciting requirements

    3.1.2 60 minutes

    Use tab 4 of the Stakeholder Engagement Workbook to systematically assess each stakeholder's influence, interest, and potential contribution to the project as well as to develop plans for engaging each stakeholder or stakeholder group.

    The image is a screencapture of tab 4 of the Stakeholder Engagement Workbook.

    Use the drop-downs to select stakeholders and stakeholder groups. These will automatically populate based on your inputs in tab 3.

    Rate each stakeholder on a scale of 1 to 10 in terms of her/his influence in the organization. Not only do these rankings feed the stakeholder map that gets generated on the next slide, but they will help you identify change champions and resistors with influence.

    Similar to the ranking under “Influence,” rate the “Interest” and “Potential Contribution” to help identify stakeholder engagement.

    Document how you will engage each stakeholder and stakeholder group and document how soon you should communicate with them concerning the change. See the following slides for advice on eliciting change input.

    Use the elicitation methods on the following slides to engage stakeholders and gather change requirements.

    Elicitation methods – Observation

    Method Description Assessment and Best Practices Stakeholder Effort BA/PMO Effort
    Casual Observation The process of observing stakeholders performing tasks where the stakeholders are unaware they are being observed. Capture true behavior through observation of stakeholders performing tasks without informing them that they are being observed. This information can be valuable for mapping business process; however, it is difficult to isolate the core business activities from unnecessary actions. Low Medium
    Formal Observation The process of observing stakeholders performing tasks where the stakeholders are aware they are being observed. Formal observation allows business analysts to isolate and study the core activities in a business process because the stakeholder is aware they are being observed. Stakeholders may become distrusting of the business analyst and modify their behavior if they feel their job responsibilities or job security are at risk. Low Medium

    Info-Tech Insight

    Observing stakeholders does not uncover any information about the target state. Be sure to use contextual observation in conjunction with other techniques to discover the target state.

    Elicitation methods – Surveys

    Method Description Assessment and Best Practices Stakeholder Effort BA/PMO Effort
    Closed-Response Survey A survey that has fixed responses for each answer. A Likert-scale (or similar measures) can be used to have respondents evaluate and prioritize possible requirements. Closed-response surveys can be sent to large groups and used to quickly gauge user interest in different functional areas. They are easy for users to fill out and don’t require a high investment of time. However, their main deficit is that they are likely to miss novel requirements that are not listed. As such, closed-response surveys are best used after initial elicitation or brainstorming to validate feature groups. Low Medium
    Open-Response Survey A survey that has open-ended response fields. Questions are fixed, but respondents are free to populate the field in their own words. Open-response surveys take longer to fill out than closed, but can garner deeper insights. Open-response surveys are a useful supplement (and occasionally a replacement) for group elicitation techniques, like focus groups, when you need to receive an initial list of requirements from a broad cross-section of stakeholders. Their primary shortcoming is the analyst can’t immediately follow up on interesting points. However, they are particularly useful for reaching stakeholders who are unavailable for individual one-on-ones or group meetings. Medium Medium

    Info-Tech Insight

    Surveys can be useful mechanisms for initial drafting of raw requirements (open response) and gauging user interest in proposed requirements or feature sets (closed response). However, they should not be the sole focus of your elicitation program due to lack of interactivity and two-way dialogue with the business analyst.

    Elicitation methods – Interviews

    Method Description Assessment and Best Practices Stakeholder Effort BA/PMO Effort

    Structured One-on-One Interview

    In a structured one-on-one interview, the business analyst has a fixed list of questions to ask the stakeholder and follows up where necessary. Structured interviews provide the opportunity to quickly hone in on areas of concern that were identified during process mapping or group elicitation techniques. They should be employed with purpose – to receive specific stakeholder feedback on proposed requirements or help identify systemic constraints. Generally speaking, they should take 30 minutes or less to complete. Low Medium

    Unstructured One-on-One Interview

    In an unstructured one-on-one interview, the business analyst allows the conversation to flow freely. The BA may have broad themes to touch on, but does not run down a specific question list. Unstructured interviews are most useful for initial elicitation when brainstorming a draft list of potential requirements is paramount. Unstructured interviews work best with senior stakeholders (sponsors or power users), since they can be time consuming if they’re applied to a large sample size. It’s important for BAs not to stifle open dialogue and allow the participants to speak openly. They should take 60 minutes or less to complete. Medium Low

    Info-Tech Insight

    Interviews should be used with “high-value targets.” Those who receive one-on-one face time can help generate good requirements, as well as allow effective communication around requirements at a later point (i.e. during the analysis and validation phases).

    Elicitation methods – Focus Groups

    Method Description Assessment and Best Practices Stakeholder Effort BA/PMO Effort
    Focus Group Focus groups are sessions held between a small group (typically ten individuals or less) and an experienced facilitator who leads the conversation in a productive direction. Focus groups are highly effective for initial requirements brainstorming. The best practice is to structure them in a cross-functional manner to ensure multiple viewpoints are represented and the conversation doesn’t become dominated by one particular individual. Facilitators must be wary of “groupthink” in these meetings (the tendency to converge on a single POV). Medium Medium

    Info-Tech Insight

    Group elicitation techniques are most useful for gathering a wide spectrum of requirements from a broad group of stakeholders. Individual or observational techniques are typically needed for further follow-up and in-depth analysis with critical power users or sponsors.

    "Each person has a learning curve. Take the time to assess staff individually as some don’t adjust to change as well as others. Some never will." – CEO, Manufacturing Firm

    Refine your stakeholder analysis through the input elicitation process

    3.1.3 30 minutes

    Review all of these elicitation methods as you go through the workbook as a group. Be sure to document and discuss any other elicitation methods that might be specific to your organization.

    1. Schedule dates and a specific agenda for performing stakeholder elicitation activities.
    • If scheduling more formal methods such as a structured interview or survey, take the time to develop some talking points and questions (see the questionnaire and survey templates in the next step for examples).
  • Assign accountabilities for performing the elicitation exercises and set dates for updating the PMO on the results of these stakeholder elicitations.
  • As curator of the workbook, the PMO will need to refine the stakeholder data in tab 4 of the tool to get a more accurate stakeholder map on the next tab of the workbook.
  • Elicitation method Target stakeholder group(s) PMO staff responsible for eliciting input Next update to PMO
    One-on-one structured interview HR and Sales Karla Molina August 1

    Info-Tech Insight

    Engagement paves the way for smoother communications. The “engagement” approach (rather than simply “communication”) turns stakeholders and users into advocates who help boost your message, sustain change, and realize benefits without constant, direct intervention.

    Develop a stakeholder engagement strategy based on the output of your analysis

    Use the stakeholder map on tab 5 of the Workbook to inform your communications strategy and transition plan.

    Tab 5 of the Workbook provides an output – a stakeholder map – based on your inputs in the previous tab. Use the stakeholder map to inform your communications requirements considerations in the next tab of the workbook as well as your transition plan in the next step.

    The image is a screencapture of tab 5 of the Stakeholder Engagement Workbook.

    This is a screenshot of the “Stakeholder Analysis” from tab 5 of the Workbook. The four quadrants of the map are:

    • Engage (High Interest/High Influence)
    • Communicate – High Level (High Interest/Low Influence)
    • Passive (Low Interest/Low Influence)
    • Communicate – Low Level (Low Interest/High Influence)
    How to interpret each quadrant on the map:

    Top Quadrants: Supporters

    1. Engage: Capitalize on champions to drive the project/change.
    2. Communicate (high level): Leverage this group where possible to help socialize the program and to help encourage dissenters to support.

    Bottom Quadrant: Blockers

    1. Passive: Focus on increasing these stakeholders’ level of support.
    2. Communicate (low level): Pick your battles – focus on your noise makers first and then move on to your blockers.

    Document communications plan requirements based on results of engagement and elicitation

    3.1.4 60 minutes

    The image is a screencapture of the Communications Requirements tab in the Stakeholder Engagement Workbook

    Use the Communications Requirements tab in the Stakeholder Engagement Workbook.

    Do this as a 1–2 hour project team planning session.

    The table will automatically generate a list of stakeholders based on your stakeholder analysis.

    Update the assumptions that you made about the impact of the change in the Impact Analysis with results of stakeholder engagement and elicitation activities.

    Use the table on this tab to refine these assumptions as needed before solidifying your communications plan.

    Define the action required from each stakeholder or stakeholder group (if any) for change to be successful.

    Continually refine messages and methods for communicating with each stakeholder and stakeholder group.

    Note words that work well and words that don’t. For example, some buzzwords might have negative connotations from previous failed initiatives.

    Designate who is responsible for developing and honing the communications plan (see details in the following section on developing the transition plan).

    Step 3.2: Develop and execute the transition plan

    Phase 3 - 3.2

    This step will walk you through the following activities:
    • Create a communications timeline.
    • Establish communications strategy for stakeholder groups.
    • Determine communication delivery methods.
    • Define the feedback and evaluation process.
    • Assess the full range of support and resistance to change.
    • Prepare objections handling process.
    This step involves the following participants:
    • PMO Director
    • Transition Team
    • Project managers
    • Business analyst
    • Project Sponsor
    • Additional IT/PMO staff
    Outcomes of this step
    • A communications strategy
    • A stakeholder feedback process
    • An objections handling strategy
    • A transition plan

    Effective change requires strategic communications and rightsized training plans

    Develop and execute a transition plan through the PMO to ensure long-term adoption.

    In this step we will develop and introduce a plan to manage change around your project.

    After completing this section you will have a realistic, effective, and adaptable transition plan that includes:

    • Clarity around leadership and vision.
    • Well-defined plans for targeting unique groups with specific messages.
    • Resistance and contingency plans.
    • Templates for gathering feedback and evaluating success.

    These activities will enable you to:

    • Execute the transition in coordination with the timeline and structure of the core project.
    • Communicate the action plan and vision for change.
    • Target specific stakeholder and user groups with unique messages.
    • Deal with risks, resistance, and contingencies.
    • Evaluate success through feedback and metrics.

    "Everyone loves change: take what you know and replace it with a promise. Then overlay that promise with the memory of accumulated missed efforts, half-baked attempts, and roads of abandoned promises."

    Toby Elwin

    Assemble the core transition team to help execute this step

    Once the stakeholder engagement step has been completed, the PMO needs to facilitate the involvement of the transition team to help carry out transition planning and communications strategies.

    You should have already sketched out a core transition team in step 1.2.6 of this blueprint. As with all org change activities, ensuring that individuals are made accountable for the execution of the following activities will be key for the long-term success of your change initiative.

    • At this stage, the PMO needs to ensure the involvement of the transition team to participate in the following activities – or the PMO will need to take on the transition planning and communication responsibilities itself.

    Refer to the team structure examples from Activity 1.2.6 of this blueprint if you are still finalizing your transition team.

    Download Info-Tech’s Transition Plan Template to help capture and record the outcomes of the activities in this step.

    Create a high-level communications timeline

    3.2.1 30 minutes

    By now the project sponsor, project manager, and business analysts (or equivalent) should have defined project timelines, requirements, and other key details. Use these to start your communications planning process.

    If your members of the transition team are also part of the core project team, meet with them to elicit the project timeline and requirements.

    Project Milestone Milestone Time Frame Communications Activities Activity Timing Notes
    Business Case Approval
    • Key stakeholder communications
    Pilot Go-Live
    • Pilot launch activity communications
    • Org-wide status communications
    Full Rollout Approval
    • Key stakeholder communications
    Full Rollout
    • Full rollout activity communications
    • Org-wide status communications
    Benefits Assessment
    • Key stakeholder communications
    • Org-wide status communications

    Info-Tech Insight

    Communicate, communicate, communicate.

    Staff are 34% more likely to adapt to change quickly during the implementation and adoption phases when they are provided with a timeline of impending changes specific to their department. (Source: McLean & Company)

    Schedule time to climb out of the “Valley of Despair”

    Many change initiatives fail when leaders give up at the first sign of resistance.

    OCM experts use terms like “Valley of Despair” to describe temporary drops in support and morale that inevitably occur with any significant change. Don’t let these temporary drops derail your change efforts.

    Anticipate setbacks and make sure the project plan accommodates the time and energy required to sustain and reinforce the initiative as people move through stages of resistance.

    The image is a line graph. Segments of the line are labelled with numbers. The beginning of the line is labelled with 1; the descending segment of the line labelled 2; the lowest point is labelled 3; the ascending section is labelled 4; and the end of the graph is labelled 5.

    Based on Don Kelley and Daryl Conner’s Emotional Cycle of Change.

    Identify critical points in the change curve:

    1. Honeymoon of “Uninformed Optimism”: There is usually tentative support and even enthusiasm for change before people have really felt or understood what it involves.
    2. Backlash of “Informed Pessimism” (leading to “Valley of Despair”): As change approaches or begins, people realize they’ve overestimated the benefits (or the speed at which benefits will be achieved) and underestimated the difficulty of change.
    3. Valley of Despair and beginning of “Hopeful Realism”: Eventually, sentiment bottoms out and people begin to accept the difficulty (or inevitability) of change.
    4. Bounce of “Informed Optimism”: People become more optimistic and supportive when they begin to see bright spots and early successes.
    5. Contentment of “Completion”: Change has been successfully adopted and benefits are being realized.

    Tailor a communications strategy for each stakeholder group

    Leveraging the stakeholder analyses you’ve already performed in steps 2.2 and 3.1, customize your communications strategy for the individual stakeholder groups.

    Think about where each of the groups falls within the Organizational Change Depth Scale (below) to determine the type of communications approach required. Don’t forget: the deeper the change, the tougher the job of managing change will be.

    Procedural Behavioral Interpersonal Vocational Cultural

    Position

    • Changing procedures requires clear explanation of what has changed and what people must do differently.
    • Avoid making people think wherever possible. Provide procedural instructions when and where people need them to ensure they remember.

    Incentivize

    • Changing behaviors requires breaking old habits and establishing new ones by adjusting the contexts in which people work.
    • Consider a range of both formal and informal incentives and disincentives, including objective rewards, contextual nudges, cues, and informal recognition

    Empathize

    • Changing people’s relationships (without damaging morale) requires showing empathy for disrupting what is often a significant source of their well-being.
    • Show that efforts have been made to mitigate disruption, and sacrifice is shared by leadership.

    Educate

    • Changing people’s roles requires providing ways to acquire knowledge and skills they need to learn and succeed.
    • Consider a range of learning options that includes both formal training (external or internal) and ongoing self-directed learning.

    Inspire

    • Changing values and norms in the organization (i.e. what type of things are seen as “good” or “normal”) requires deep disruption and persistence.
    • Think beyond incentives; change the vocabularies in which incentives are presented.

    Base your communications approaches on our Organizational Change Depth Scale

    Use the below “change chakras” as a quick guide for structuring your change messages.

    The image is a human, with specific areas of the body highlighted, with notes emerging from them. Above the head is a cloud, labelled Cultural Change/Inspire-Shape ideas and aspirations. The head is the next highlighted element, with notes reading Vocational Change/Educate-Develop their knowledge and skills. The heart is the next area, labelled with Interpersonal Change/Empathize-Appeal to their hearts. The stomach is pictured, with the notes Behavioral Change/Incentivize-Appeal to their appetites and instincts. The final section are the legs, with notes reading Procedural Change/Position-Provide clear direction and let people know where and when they’re needed.

    Categorize stakeholder groups in terms of communications requirements

    3.2.2 30 minutes

    Use the table below to document where your various stakeholder groups fall within the depth scale.
    Depth Levels Stakeholder Groups Tactics
    Procedural Position: Provide explanation of what exactly has changed and specific procedural instructions of what exactly people must do differently to ensure they remember to make adjustments as effortlessly as possible.
    Behavioral Incentivize: Break old habits and establish new ones by adjusting the context of formal and informal incentives (including objective rewards, contextual nudges, cues, and informal recognition).
    Interpersonal Empathize: Offer genuine recognition and support for disruptions of personal networks (a significant source of personal well-being) that may result from changing work relationships. Show how leadership shares the burden of such sacrifices.
    Vocational Educate: Provide a range of learning options (formal and self-directed) to provide the knowledge and skills people need to learn and succeed in changed roles.
    Cultural Inspire: Frame incentives in a vocabulary that reflects any shift in what types of things are seen as “good” or “normal” in the organization.

    The deeper the impact, the more complex the communication strategy

    Interposal, vocational, and cultural changes each require more nuanced approaches when communicating with stakeholders.

    Straightforward → Complex

    When managing interpersonal, vocational, or cultural changes, you will be required to incorporate more inspirational messaging and gestures of empathy than you typically might in a business communication.

    Communications that require an appeal to people’s emotions can be, of course, very powerful, but they are difficult to craft. As a result, oftentimes messages that are meant to inspire do the exact opposite, coming across as farfetched or meaningless platitudes, rather than evocative and actionable calls to change.

    Refer to the tactics below for assistance when crafting more complex change communications that require an appeal to people’s emotions and imaginations.

    • Tell a story. Describe a journey with a beginning (who we are and how we got here) and a destination (our goals and expected success in the future).
    • Convey an intuitive sense of direction. This helps people act appropriately without being explicitly told what to do.
    • Appeal to both emotion and reason. Make people want to be part of the change.
    • Balance abstract ideas with concrete facts. Writers call this “moving up and down the ladder of abstraction.” Without concrete images and facts, the vision will be meaninglessly vague. Without abstract ideas and principles, the vision will lack power to unite people and inspire broad support.
    • Be concise. Make your messages easy to communicate and remember in any situation.

    "Instead of resisting any emotion, the best way to dispel it is to enter it fully, embrace it and see through your resistance."

    Deepak Chopra

    Fine-tune change communications for each stakeholder or audience

    3.2.3 60 to 90 minutes

    Use Info-Tech’s “Message Canvas” (see next slide) to help rationalize and elaborate the change vision for each group.

    Build upon the more high-level change story that you developed in step 1.1 by giving more specificity to the change for specific stakeholder groups.

    Questions to address in your communication strategy include: How will the change benefit the organization and its people? How have we confirmed there is a need for change? What would happen if we didn’t change? How will the change leverage existing strengths – what will stay the same? How will we know when we get to the desired state?

    Remember these guidelines to help your messages resonate:

    • People are busy and easily distracted. Tell people what they really need to know first, before you lose their attention.
    • Repetition is good. Remember the Aristotelian triptych: “Tell them what you’re going to tell them, then tell them, then tell them what you told them.”
    • Don’t use technical terms, jargon, or acronyms. Different groups in organizations tend to develop specialized vocabularies. Everybody grows so accustomed to using acronyms and jargon every day that it becomes difficult to notice how strange it sounds to outsiders. This is especially important when IT communicates with non-technical audiences. Don’t alienate your audience by talking at them in a strange language.
    • Test your message. Run focus groups or deliver communications to a test audience (which could be as simple as asking 2–3 people to read a draft) before delivering messages more broadly.

    Info-Tech Insight

    Change thy language, change thyself.

    Jargon, acronyms, and technical terms represent deeply entrenched cultural habits and assumptions.

    Continuing to use jargon or acronyms after a transition tends to drag people back to old ways of thinking and working.

    You don’t need to invent a new batch of buzzwords for every change (nor should you), but every change is an opportunity to listen for words and phrases that have lost their meaning through overuse and abuse.

    3.2.3 continued - Example “Message Canvas”

    The image is a screencapture of tab 6 of the Organizational Change Impact Analysis Tool, which is a message canvas

    If there are multiple messages or impacts that need to be communicated to a single group or audience, you may need to do multiple Message Canvases per group. Refer back to your Stakeholder Engagement Workbook to help inform the stakeholder groups and messages that this activity should address.

    Go to tab 6 of the Organizational Change Impact Analysis Toolfor multiple message canvas template boxes that you can use. These messages can then help inform your communication plan on tab 7 of that tool.

    Determine methods for communications delivery

    Review your options for communicating your change. This slide covers traditional methods of communication, while the following slides cover some options for multimedia mass-communications.

    Method Best Practices
    Email Email announcements are necessary for every organizational change initiative but are never sufficient. Treat email as a formalizing medium, not a medium of effective communication when organizational change is concerned. Use email to invite people to in-person meetings, make announcements across teams and geographical areas at the same time, and share formal details.
    Team Meeting Team meetings help sell change. Body language and other in-person cues are invaluable when trying to influence people. Team meetings also provide an opportunity to gauge a group’s response to an announcement and gives the audience an opportunity to ask questions and get clarification.
    One-on-One One-on-ones are more effective than team meetings in their power to influence and gauge individual responses, but aren’t feasible for large numbers of stakeholders. Use one-on-ones selectively: identify key stakeholders and influencers who are most able to either advocate change on your behalf or provide feedback (or both).
    Internal Site / Repository Internal sites and repositories help sustain change by making knowledge available after the implementation. People don’t retain information very well when it isn’t relevant to them. Much of their training will be forgotten if they don’t apply that knowledge for several weeks or months. Use internal sites and repositories for how-to guides and standard operating procedures.

    Review multimedia communication methods for reaching wider audiences in the organization

    Method Best Practices
    User Interfaces User interface (UI) design is overlooked as a communication method. Often a simple UI refinement with the clearer prompts or warnings is more effective and efficient than additional training and repeated email reminders.
    Social Media Social media is widely and deeply embraced by people publicly, and is increasingly useful within organizations. Look for ways to leverage existing internal social tools. Avoid trying to introduce new social channels to communicate change unless social transformation is within the scope of the core project’s goals; the social tool itself might become as much of an organizational change management challenge as the original project.
    Posters & Marketing Collateral Posters and other marketing collateral are common communication tools in retail and hospitality industries that change managers in other industries often don’t think of. Making key messages a vivid, visual part of people’s everyday environment is a very effective way to communicate. On the down side, marketing collateral requires professional design skills and can be costly to create. Professional copywriting is also advisable to ensure your message resonates.
    Video Videos are well worth the cost to produce when the change is transformational in nature, as in cultural changes. Videos are useful for both communicating the vision and as part of the training plan.

    Document communication methods and build the Communications Delivery Plan

    3.2.4 30 minutes

    1. Determine when communications need to be delivered for each stakeholder group.
    2. Select the most appropriate delivery methods for each group and for each message.
    • Meetings and presentations
    • Email/broadcast
    • Intranet and other internal channels (e.g. internal social network)
    • Open houses and workshops
  • Designate who will deliver the messages.
  • Develop plans to follow up for feedback and evaluation (Step 3.2.5).
  • The image is a screenshot of the Stakeholder/Audience section of the Transition Plan Template.

    This is a screenshot from the “Stakeholder/Audience” section of Info-Tech’s Transition Plan Template. Use the template to document your communication strategy for each audience and your delivery plan.

    "The role of project communication is to inspire, instigate, inform or educate and ultimately lead to a desired action. Project communication is not a well presented collection of words; rather it is something that propels a series of actions."

    Sidharth Thakur

    Info-Tech Insight

    Repetition is crucial. People need to be exposed to a message 7 times before it sticks. Using a variety of delivery formats helps ensure people will notice and remember key messages. Mix things up to keep employees engaged and looking forward to the next update.

    Define the feedback and evaluation process to ensure an agile response to resistance

    3.2.5 46 to 60 minutes

    1. Designate where/when on the roadmap the project team will proactively evaluate progress/success and elicit feedback in order to identify emerging challenges and opportunities.
    2. Create checklists to review at key milestones to ensure plans are being executed. Review…
    • Key project implementation milestones (i.e. confirm successful deployment/installation).
    • Quick wins identified in the impact analysis and determined in the transition plan (see the following slides for advice in leveraging quick wins).
  • Ensure there is immediate follow-up on communications and training:
    • Confirm understanding and acceptance of vision and action plan – utilize surveys and questionnaires to elicit feedback.
    • Validate people’s acquisition of required knowledge and skills.
    • Identify emerging/unforeseen challenges and opportunities.
  • "While creating and administering a survey represent(s) additional time and cost to the project, there are a number of benefits to be considered: 1) Collecting this information forces regular and systematic review of the project as it is perceived by the impacted organizations, 2) As the survey is used from project to project it can be improved and reused, 3) The survey can quickly collect feedback from a large part of the organization, increasing the visibility of the project and reducing unanticipated or unwelcome reactions."

    – Claire Schwartz

    Use the survey and questionnaire templates on the following two slides for assistance in eliciting feedback. Record the evaluation and feedback gathering process in the Transition Plan Template.

    Sample stakeholder questionnaire

    Use email to distribute a questionnaire (such as the example below) to project stakeholders to elicit feedback.

    In addition to receiving invaluable opinions from key stakeholders and the frontline workers, utilizing questionnaires will also help involve employees in the change, making them feel more engaged and part of the change process.

    Interviewee Date
    Stakeholder Group Interviewer
    Question Response Notes
    How do you think this change will affect you?
    How do you think this change will affect the organization?
    How long do you expect the change to take?
    What do you think might cause the project/change to fail?
    What do you think are the most critical success factors?

    Sample survey template

    Similar to a questionnaire, a survey is a great way to assess the lay of the land in terms of your org change efforts and the likelihood of adoption.

    Using a free online survey tool like Survey Monkey, Typeform, or Google Forms, surveys are quick and easy to generate and deploy. Use the below example as a template to build from.

    Use survey and questionnaire feedback as an occasion to revisit the Impact Analysis Tool and reassess the impacts and roadblocks based on hard feedback.

    To what degree do you agree or disagree with each of the following statements?

    1=Strongly Disagree, 2=Disagree, 3=Somewhat Disagree, 4=Somewhat Agree, 5=Agree, 6=Strongly Agree

    1. I understand why [this change] is happening.
    2. I agree with the decision to [implement this change].
    3. I have the knowledge and tools needed to successfully go through [this change].
    4. Leadership/management is fully committed to the change.
    5. [This change] will be a success.

    Rate the impact of this change.

    1=Very Negative, 2=Negative, 3=Somewhat Negative, 4=Somewhat Positive, 5=Positive, 6=Very Positive

    1. On you personally.
    2. On your team/department/unit.
    3. On the organization as a whole.
    4. On people leading the change.

    Develop plans to leverage support and deal with resistance, objections, and fatigue

    Assess the “Faces of Change” to review the emotions provoked by the change in order to proactively manage resistors and engage supporters.

    The slides that follow walk you through activities to assess the different “faces of change” around your OCM initiative and to perform an objections handling exercise.

    Assessing people’s emotional responses to the change will enable the PMO and transition team to:

    • Brainstorm possible questions, objections, suggestions, and concerns from each audience.
    • Develop responses to questions, objections, and concerns.
    • Revise the communications messaging and plan to include proactive objections handling.
    • Re-position objections and suggestions as questions to plan for proactively communicating responses and objections to show people that you understand their point of view.
    • Develop a plan with clearly defined responsibility for regularly updating and communicating the objections handling document. Active Subversion Quiet Resistance Vocal Skepticism Neutrality / Uncertainty Vocal Approval Quiet Support Active Leadership
    Hard Work Vs. Tough Work

    Carol Beatty’s distinction between “easy work,” “hard work,” and “tough work” can be revealing in terms of the high failure rate on many change initiatives. (“The Tough Work of Managing Change.” Queen’s University IRC. 2015.)

    • Easy work includes administrative tasks like scheduling meetings and training sessions or delivering progress reports.
    • Hard work includes more abstract efforts like estimating costs/benefit or defining requirements.
    • Tough work involves managing people and emotions, i.e. providing leadership through setbacks, and managing resistance and conflict.

    That is what makes organizational change “tough,” as opposed to merely hard. Managing change requires mental and emotional toughness to deal with uncertainty, ambiguity, and conflict.

    Assess the full range of support and resistance to change

    3.2.6 20 minutes

    Categorize the feedback received from stakeholder groups or individual stakeholders across the “faces of change” spectrum.

    Use the table below to document where different stakeholders and stakeholder groups fall within the spectrum.

    Response Symptoms Examples
    Active Subversion Publicly or privately disparaging the transition (in some cases privately disparaging while pretending to support); encouraging people to continue doing things the old way or to leave the organization altogether. Group/Name
    Quiet Resistance Refusing to adopt change, continuing to do things the old way (including seemingly trivial or symbolic things). Non-participative. Group/Name
    Vocal Skepticism Asking questions; questioning the why, what, and how of change, but continuing to show willingness to participate and try new things. Group/Name
    Neutrality / Uncertainty Non-vocal participation, perhaps with some negative body language, but continuing to show tacit willingness to try new things. Group/Name
    Vocal Approval Publicly and privately signaling buy-in for the change. Group/Name
    Quiet Support Actively helping to enable change to succeed without necessarily being a cheerleader or trying to rally others around the transition. Group/Name
    Active Leadership Visibly championing the change and helping to rally others around the transition. Group/Name

    Review strategies and tactics for engaging different responses

    Use the below tactics across the “faces of change” spectrum to help inform the PMO’s responses to sources of objection and resistance and its tactics for leveraging support.

    Response Engagement Strategies and Tactics
    Active Subversion Firmly communicate the boundaries of acceptable response to change: resistance is a natural response to change, but actively encouraging other people to resist change should not be tolerated. Active subversion often indicates the need to find a new role or depart the organization.
    Quiet Resistance Resistance is a natural response to change. Use the Change Curve to accommodate a moderate degree and period of resistance. Use the OCM Depth Scale to ensure communications strategies address the irrational sources of resistance.
    Vocal Skepticism Skepticism can be a healthy sign. Skeptics tend to be invested in the organization’s success and can be turned into vocal and active supporters if they feel their questions and concerns have been heard and addressed.
    Neutrality / Uncertainty Most fence-sitters will approve and support change when they start to see concrete benefits and successes, but are equally likely to become skeptics and resisters when they see signs of failure or a critical mass of skepticism, resistance, or simply ambivalence.
    Vocal Approval Make sure that espoused approval for change isn’t masking resistance or subversion. Engage vocal supporters to convert them into active enablers or champions of change.
    Quiet Support Engage quiet supporters to participate where their skills or social and political capital might help enable change across the organization. This could either be formal or informal, as too much formal engagement can invite minor disagreements and slow down change.
    Active Leadership Engage some of the active cheerleaders and champions of change to help deliver communications (and in some cases training) to their respective groups or teams.

    Don’t let speed bumps become roadblocks

    What If... Do This: To avoid:
    You aren’t on board with the change? Fake it to your staff, then communicate with your superiors to gather the information you need to buy in to the change. Starting the change process off on the wrong foot. If your staff believe that you don’t buy in to the change, but you are asking them to do so, they are not going to commit to it.
    When you introduce the change, a saboteur throws a tantrum? If the employee storms out, let them. If they raise uninformed objections in the meeting that are interrupting your introduction, ask them to leave and meet with them privately later on. Schedule an ad hoc one-on-one meeting. A debate at the announcement. It’s an introduction to the change and questions are good, but it’s not the time for debate. Leave this for the team meetings, focus groups, and one-on-ones when all staff have digested the information.
    Your staff don’t trust you? Don’t make the announcement. Find an Enthusiast or another manager that you trust to make the announcement. Your staff blocking any information you give them or immediately rejecting anything you ask of them. Even if you are telling the absolute truth, if your staff don’t trust you, they won’t believe anything you say.
    An experienced skeptic has seen this tried before and states it won’t work? Leverage their experience after highlighting how the situation and current environment is different. Ask the employee what went wrong before. Reinventing a process that didn’t work in the past and frustrating a very valuable segment of your staff. Don’t miss out on the wealth of information this Skeptic has to offer.

    Use the Objections Handling Template on the next slide to brainstorm specific objections and forms of resistance and to strategize about the more effective responses and mitigation strategies.

    Copy these objections and responses into the designated section of the Transition Plan Template. Continue to revise objections and responses there if needed.

    Objections Handling Template

    3.2.7 45 to 60 minutes

    Objection Source of Objection PMO Response
    We tried this two years ago. Vocal skepticism Enabling processes and technologies needed time to mature. We now have the right process discipline, technologies, and skills in place to support the system. In addition, a dedicated role has been created to oversee all aspects of the system during and after implementation.
    Why aren’t we using [another solution]? Uncertainty We spent 12 months evaluating, testing, and piloting solutions before selecting [this solution]. A comprehensive report on the selection process is available on the project’s internal site [here].

    Info-Tech Insight

    There is insight in resistance. The individuals best positioned to provide insight and influence change positively are also best positioned to create resistance. These people should be engaged throughout the implementation process. Their insights will very likely identify risks, barriers, and opportunities that need to be addressed.

    Make sure the action plan includes opportunities to highlight successes, quick wins, and bright spots

    Highlighting quick wins or “bright spots” helps you go from communicating change to more persuasively demonstrating change.

    Specifically, quick wins help:

    • Demonstrate that change is possible.
    • Prove that change produces positive results.
    • Recognize and reward people’s efforts.

    Take the time to assess and plan quick wins as early as possible in the planning process. You can revisit the impact assessment for assistance in identifying potential quick wins; more so, work with the project team and other stakeholders to help identify quick wins as they emerge throughout the planning and execution phases.

    Make sure you highlight bright spots as part of the larger story and vision around change. The purpose is to continue to build or sustain momentum and morale through the transition.

    "The quick win does not have to be profound or have a long-term impact on your organization, but needs to be something that many stakeholders agree is a good thing… You can often identify quick wins by simply asking stakeholders if they have any quick-win recommendations that could result in immediate benefits to the organization."

    John Parker

    Tips for identifying quick wins (Source: John Parker, “How Business Analysts can Identify Quick Wins,” 2013):
    • Brainstorm with your core team.
    • Ask technical and business stakeholders for ideas.
    • Observe daily work of users and listen to users for problems and opportunities; quick wins often come from the rank and file, not from the top.
    • Review and analyze user support trouble tickets; this can be a wealth of information.
    • Be open to all suggestions.

    Info-Tech Insight

    Stay positive. Our natural tendency is to look for what’s not working and try to fix it. While it’s important to address negatives, it’s equally important to highlight positives to keep people committed and motivated around change.

    Document the outcomes of this step in the Transition Plan Template

    3.2.8 45 minutes

    Consolidate and refine communication plan requirements for each stakeholder and group affected by change.

    Upon completion of the activities in this step, the PMO Director is responsible for ensuring that outcomes have been documented and recorded in the Transition Plan Template. Activities to be recorded include:

    • Stakeholder Overview
    • Communications Schedule Activity
    • Communications Delivery
    • Objections Handling
    • The Feedback and Evaluation Process

    Going forward, successful change will require that many responsibilities be delegated beyond the PMO and core transition team.

    • Delegate responsibilities to HR, managers, and team members for:
      • Advocating the importance of change.
      • Communicating progress toward project milestones and goals.
      • Developing HR and training plan.
    • Ensure sponsorship stays committed and active during and after the transition.
      • Leadership visibility throughout the execution and follow-up of the project is needed to remind people of the importance of change and the organization’s commitment to project success.

    Download Info-Tech’s Transition Plan Template.

    "Whenever you let up before the job is done, critical momentum can be lost and regression may follow." – John Kotter, Leading Change

    Step 3.3: Establish HR and Training Plans

    Phase 3 - 3.3

    This step will walk you through the following activities:
    • Analyze HR requirements for involvement in training.
    • Outline appropriate HR and training timelines.
    • Develop training plan requirements across different stakeholder groups.
    • Define training content.
    • Assess skills required to support the change and review options for filling HR gaps.
    This step involves the following participants:
    • PMO Director
    • Transition Team
    • HR Personnel
    • Project Sponsor
    Outcomes of this step
    • A training plan
    • Assessment of skill required to support the change

    Make sure skills, roles, and teams are ready for change

    Ensure that the organization has the infrastructure in place and the right skills availability to support long-term adoption of the change.

    The PMO’s OCM approach should leverage organizational design and development capabilities already in place.

    Recommendations in this section are meant to help the PMO and transition team understand HR and training plan activities in the context of the overall transition process.

    Where organizational design and development capabilities are low, the following steps will help you do just enough planning around HR, and training and development to enable the specific change.

    In some cases the need for improved OCM will reveal the need for improved organizational design and development capabilities.

    • Required Participants for this Step: PMO Leader; PMO staff; Project manager.
    • Recommended Participants for this Step: Project Sponsor; HR personnel.

    This section will walk you through the basic steps of developing HR, training, and development plans to support and enable the change.

    For comprehensive guidance and tools on role, job, and team design, see Info-Tech’s Transform IT Through Strategic Organizational Design blueprint.

    Info-Tech Insight

    Don’t make training a hurdle to adoption. Training and other disruptions take time and energy away from work. Ineffective training takes credibility away from change leaders and seems to validate the efforts of saboteurs and skeptics. The PMO needs to ensure that training sessions are as focused and useful as possible.

    Analyze HR requirements to ensure efficient use of HR and project stakeholder time

    3.3.1 30-60 minutes

    Refer back to Activity 3.2.4. Use the placement of each stakeholder group on the Organizational Change Depth Scale (below) to determine the type of HR and training approach required. Don’t impose training rigor where it isn’t required.

    Procedural Behavioral Interpersonal Vocational Cultural
    Simply changing procedures doesn’t generally require HR involvement (unless HR procedures are affected). Changing behaviors requires breaking old habits and establishing new ones, often using incentives and disincentives. Changing teams, roles, and locations means changing people’s relationships, which adds disruption to people’s lives and challenges for any change initiative. Changing people’s roles and responsibilities requires providing ways to acquire knowledge and skills they need to learn and succeed. Changing values and norms in the organization (i.e. what type of things are seen as “good” or “normal”) requires deep disruption and persistence.
    Typically no HR involvement. HR consultation recommended to help change incentives, compensation, and training strategies. HR consultation strongly recommended to help define roles, jobs, and teams. HR responsibility recommended to develop training and development programs. HR involvement recommended.

    22%

    In a recent survey of 276 large and midsize organizations, eighty-seven percent of survey respondents trained their managers to “manage change,” but only 22% felt the training was truly effective. (Towers Watson)

    Outline appropriate HR and training timelines

    3.3.2 15 minutes

    Revisit the high-level project schedule from steps 1.2.4 and 3.4.1 to create a tentative timeline for HR and training activities.

    Revise this timeline throughout the implementation process, and refine the timing and specifics of these activities as you move from the development to the deployment phase.

    Project Milestone Milestone Time Frame HR/Training Activities Activity Timing Notes
    Business Case Approval
    • Consulted to estimate timeline and cost
    Pilot Go-Live
    • Train groups affected by pilot
    Full Rollout Approval
    • Consulted to estimate timeline and cost
    Full Rollout
    • Train the trainers for full-scale rollout
    Benefits Assessment
    • Consulted to provide actual time and costs

    "The reason it’s going to hurt is you’re going from a state where you knew everything to one where you’re starting over again."

    – BA, Natural Resources Company

    Develop the training plan to ensure that the right goals are set, and that training is properly timed and communicated

    3.3.3 60 minutes

    Use the final tab in the Stakeholder Engagement Workbook, “7. Training Requirements,” to begin fleshing out a training plan for project stakeholders.

    The image is a screencapture of the final tab in the Stakeholder Engagement Workbook, titled Training Requirements.

    The table will automatically generate a list of stakeholders based on your stakeholder analysis.

    If your stakeholder list has grown or changed since the stakeholder engagement exercise in step 3.1, update the “Stakeholder List” tab in the tool.

    Estimate when training can begin, when training needs to be completed, and the total hours required.

    Training too early and too late are both common mistakes. Training too late hurts morale and creates risks. Training too early is often wasted and creates the need for retraining as knowledge and skills are lost without immediate relevance to their work.

    Brainstorm or identify potential opportunities to leverage for training (such as using existing resources and combining multiple training programs).

    Review the Change Management Impact Analysis to assess skills and knowledge required for each group in order for the change to succeed.

    Depending on the type of change being introduced, you may need to have more in-depth conversations with technical advisors, project management staff, and project sponsors concerning gaps and required content.

    Define training content and make key logistical decisions concerning training delivery for staff and users

    3.3.4 30-60 minutes

    Ultimately, the training plan will have to be put into action, which will require that the key logistical decisions are made concerning content and training delivery.

    The image is a screencapture of the Training Plan section of the Transition Plan Template.

    1. Use the “Training Plan” section in Info-Tech’s Transition Plan Template to document details of your training plan: schedules, resources, rooms, and materials required, etc.
    2. Designate who is responsible for developing the training content details. Responsibilities will include:
      • Developing content modules.
      • Determining the appropriate delivery model for each audience and content module (e.g. online course, classroom, outsourced, job shadowing, video tutorials, self-learning).
      • Finding and booking resources, locations, equipment, etc.

    “95% of learning leaders from organizations that are very effective at implementing important change initiatives find best practices by partnering with a company or an individual with experience in the type of change, twice as often as ineffective organizations.”

    Source: Implementing and Supporting Training for Important Change Initiatives.

    Training content should be developed and delivered by people with training experience and expertise, working closely with subject matter experts. In the absence of such individuals, partnering with experienced trainers is a cost that should be considered.

    Assess skills required to support the change that are currently absent or in short supply

    3.3.5 15 to 30 minutes

    The long-term success of the change is contingent on having the resources to maintain and support the tool, process, or business change being implemented. Otherwise, resourcing shortfalls could threaten the integrity of the new way of doing things post-change, threatening people’s trust and faith in the validity of the change as a whole.

    Use the table below to assess and record skills requirements. Refer to the tactics on the next slide for assistance in filling gaps.

    Skill Required Description of Need Possible Resources Recommended Next Steps Timeline
    Mobile Dev Users expect mobile access to services. We need knowledge of various mobile platforms, languages or frameworks, and UX/UI requirements for mobile.
    • Train web team
    • Outsource
    • Analyze current and future mobile requirements.
    Probably Q1 2015
    DBAs Currently have only one DBA, which creates a bottleneck. We need some DBA redundancy to mitigate risk of single point of failure.
    • Redeploy and train member of existing technology services team.
    • Hire or contract new resources.
    • Analyze impact of redeploying existing resources.
    Q3 2014

    Review your options for filling HR gaps

    Options: Benefits: Drawbacks:
    Redeploy staff internally
    • Retains firm-specific knowledge.
    • Eliminates substantial costs of recruiting and terminating employees.
    • Mitigates risk; reduces the number of unknowns that come with acquiring talent.
    • Employees could already be fully or over-allocated.
    • Employees might lack the skills needed for the new or enhanced positions.
    Outsource
    • Best for addressing short-term, urgent needs, especially when the skills and knowledge required are too new or unfamiliar to manage internally.
    • Risk of sharing sensitive information with third parties.
    • Opportunity cost of not investing in knowledge and skills internally.
    Contract
    • Best when you are uncertain how long needs for particular skills or budget for extra capacity will last.
    • Diminished loyalty, engagement, and organizational culture.
    • Similar drawbacks as with outsourcing.
    Hire externally
    • Best for addressing long-term needs for strategic or core skills.
    • Builds capacity and expertise to support growing organizations for the long term.
    • High cost of recruiting and onboarding.
    • Uncertainty: risk that new hires might have misrepresented their skills or won’t fit culturally.
    • Commitment to paying for skills that might diminish in demand and value over time.
    • Economic uncertainty: high cost of layoffs and buyouts.

    Report HR and training plan status to the transition team

    3.3.6 10 minutes (and ongoing thereafter)

    Ensure that any changes or developments made to HR and training plans are captured in the Transition Plan Template where applicable.
    1. Upon completion of the activities in this step, ensure that the “Training Plan” section of the template reflects outcomes and decisions made during the preceding activities.
    2. Assign ongoing RACI roles for informing the transition team of HR and training plan changes; similarly define accountabilities for keeping the template itself up to date.
    • Record these roles within the template itself under the “Roles & Responsibilities” section.
  • Be sure to schedule a date for eliciting training feedback in the “Training Schedule” section of the template.
    • A simple survey, such as those discussed in step 3.2, can go a long way in both helping stakeholders feel more involved in the change, and in making sure training mistakes and weaknesses are not repeated again and again on subsequent change initiatives.
  • Info-Tech Insight

    Try more ad hoc training methods to offset uncertain project timelines.

    One of the top challenges organizations face around training is getting it timed right, given the changes to schedule and delays that occur on many projects.

    One tactic is to take a more ad hoc approach to training, such as making IT staff available in centralized locations after implementation to address staff issues as they come up.

    This will not only help eliminate the waste that can come from poorly timed and ineffective training sessions, but it will also help with employee morale, giving individuals a sense that they haven’t been left alone to navigate unfamiliar processes or technologies.

    Adoption can be difficult for some, but the cause is often confusion and misunderstanding

    CASE STUDY

    Industry Manufacturing

    Source Info-Tech Client

    Challenge
    • The strategy team responsible for the implementation of a new operation manual for the subsidiaries of a global firm was monitoring the progress of newly acquired firms as the implementation of the manual began.
    • They noticed that one department in a distant location was not meeting the new targets or fulfilling the reporting requirements on staff progress.
    Solution
    • The strategy team representative for the subsidiary firm went to the manager leading the department that was slow to adopt the changes.
    • When asked, the manager insisted that he did not have the time or resources to implement all of these changes while maintaining the operation of the department.
    • With true business value in mind, the manager said, they chose to keep the plant running.
    Results
    • The representative from the strategy team was surprised to find that the manager was having such trouble fitting the changes into daily operations as the changes were the daily operations.
    • The representative took the time to go through the new operation manual with the manager and explain that the changes replaced daily operations and were not additions to them.

    "The cause of slow adoption is often not anger or denial, but a genuine lack of understanding and need for clarification. Avoid snap decisions about a lack of adoption until staff understand the details." – IT Manager

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    3.1.2 Undergo a stakeholder analysis to ensure positive stakeholder engagement

    Move away from a command-and-control approach to change by working with the analyst to develop a strategy that engages stakeholders in the change, making them feel like they are a part of it.

    3.2.3 Develop a stakeholder sentiment-sensitive communications strategy

    Work with the analyst to fine-tune the stakeholder messaging across various stakeholder responses to change.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    3.2.5 Define a stakeholder feedback and evaluation process

    Utilize analyst experience and perspective in order to develop strategy for effectively evaluating stakeholder feedback early enough that resistance and suggestions can be accommodated with the OCM strategy and project plan.

    3.2.7 Develop a strategy to cut off resistance to change

    Utilize analyst experience and perspective in order to develop an objections handling strategy to deal with resistance, objections, and fatigue.

    3.3.4 Develop the training plan to ensure that the right goals are set, and that training is properly timed and communicated

    Receive custom analyst insights on rightsizing training content and timing your training sessions effectively.

    Phase 4

    Establish a Post-Project Benefits Attainment Process

    Phase 4 outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 4: Establish a Post-Project Benefits Attainment Process

    Proposed Time to Completion (in weeks): 1 to 2 weeks

    Step 4.1: Determine accountabilities for benefits attainment

    Discuss these issues with analyst:

    • Accountability for tracking the business outcomes of the project post-completion is frequently opaque, with little or no allocated resourcing.
    • As a result, projects may get completed, but their ROI to the organization is not tracked or understood.

    Then complete these activities…

    • Perform a post-implementation project review of the pilot OCM initiative.
    • Assign post-project benefits tracking accountabilities.
    • Implement a benefits tracking process and tool.

    With these tools & templates:

    • Portfolio Benefits Tracking Tool
    • Activity 4.1.2: “Assign ownership for realizing benefits after the project is closed”
    • Activity 4.1.3: “Define a post-project benefits tracking process”

    Step 4.1: Determine accountabilities for benefits attainment

    Phase 4 - 4.1

    This step will walk you through the following activities:
    • Conduct a post-implementation review of pilot OCM project.
    • Assign ownership for realizing benefits after the project is closed.
    • Define a post-project benefits tracking process.
    • Implement a tool to help monitor and track benefits over the long term.
    This step involves the following participants:
    • PMO Director
    • Project Sponsor
    • Project managers
    • Business analyst
    • Additional IT/PMO staff
    Outcomes of this step
    • Appropriate assignment of accountabilities for tracking benefits after the project has closed
    • A process for tracking benefits over the long-run
    • A benefits tracking tool

    Project benefits result from change

    A PMO that facilitates change is one that helps drive benefits attainment long after the project team has moved onto the next initiative.

    Organizations rarely close the loop on project benefits once a project has been completed.

    • The primary cause of this is accountability for tracking business outcomes post-project is almost always poorly defined, with little or no allocated resourcing.
    • Even organizations that define benefits well often neglect to manage them once the project is underway. If benefits realization is not monitored, the organization will miss opportunities to close the gap on lagging benefits and deliver expected project value.
    • It is commonly understood that the project manager and sponsor will need to work together to shift focus to benefits as the project progresses, but this rarely happens as effectively as it should.

    With all this in mind, in this step we will round out our PMO-driven org change process by defining how the PMO can help to better facilitate the benefits realization process.

    This section will walk you through the basic steps of developing a benefits attainment process through the PMO.

    For comprehensive guidance and tools, see Info-Tech’s Establish the Benefits Realization Process.

    Info-Tech Insight

    Two of a kind. OCM, like benefits realization, is often treated as “nice to have” rather than “must do.” These two processes are both critical to real project success; define benefits properly during intake and let OCM take the reigns after the project kicks off.

    The benefits realization process spans the project lifecycle

    Benefits realization ensures that the benefits defined in the business case are used to define a project’s expected value, and to facilitate the delivery of this value after the project is closed. The process begins when benefits are first defined in the business case, continues as benefits are managed through project execution, and ends when the loop is closed and the benefits are actually realized after the project is closed.

    Benefits Realization
    Define Manage Realize
    Initial Request Project Kick Off *Solution Is Deployed
    Business Case Approved Project Execution Solution Maintenance
    PM Assigned *Project Close Solution Decommissioned

    *For the purposes of this step, we will limit our focus to the PMO’s responsibilities for benefits attainment at project close-out and in the project’s aftermath to ensure that responsibilities for tracking business outcomes post-project have been properly defined and resourced.

    Ultimate project success hinges on a fellowship of the benefits

    At project close-out, stewardship of the benefits tracking process should pass from the project team to the project sponsor.

    As the project closes, responsibility for benefits tracking passes from the project team to the project sponsor. In many cases, the PMO will need to function as an intermediary here, soliciting the sponsor’s involvement when the time comes.

    The project manager and team will likely move onto another project and the sponsor (in concert with the PMO) will be responsible for measuring and reporting benefits realization.

    As benefits realization is measured, results should be collated by the PMO to validate results and help flag lagging benefits.

    The activities that follow in this step will help define this process.

    The PMO should ensure the participation of the project sponsor, the project manager, and any applicable members of the business side and the project team for this step.

    Ideally, the CIO and steering committee members should be involved as well. At the very least, they should be informed of the decisions made as soon as possible.

    Initiation-Planning-Execution-Monitoring & Controlling-Closing

    Conduct post-implementation review for your pilot OCM project

    4.1.1 60 minutes

    The post-project phase is the most challenging because the project team and sponsor will likely be busy with other projects and work.

    Conducting a post-implementation review for every project will force sponsors and other stakeholders to assess actual benefits realization and identify lagging benefits.

    If the project is not achieving its benefits, a remediation plan should be created to attempt to capture these benefits as soon as possible.

    Agenda Item
    Assess Benefits Realization
    • Compare benefits realized to projected benefits.
    • Compare benefit measurements with benefit targets.
    Assess Quality
    • Performance
    • Availability
    • Reliability
    Discuss Ongoing Issues
    • What has gone wrong?
    • Frequency
    • Cause
    • Resolution
    Discuss Training
    • Was training adequate?
    • Is any additional training required?
    Assess Ongoing Costs
    • If there are ongoing costs, were they accounted for in the project budget?
    Assess Customer Satisfaction
    • Review stakeholder surveys.

    Assign ownership for realizing benefits after the project is closed

    4.1.2 45 to 60 minutes

    The realization stage is the most difficult to execute and oversee. The project team will have moved on, and unless someone takes accountability for measuring benefits, progress will not be measured. Use the sample RACI table below to help define roles and responsibilities for post-project benefits attainment.

    Process Step Responsible Accountable Consulted Informed
    Track project benefits realization and document progress Project sponsor Project sponsor PMO (can provide tracking tools and guidance), and directors or managers in the affected business unit who will help gather necessary metrics for the sponsor (e.g. report an increase in sales 3 months post-project) PMO (can collect data and consolidate benefits realization progress across projects)
    Identify lagging benefits and perform root cause analysis Project sponsor and PMO Project sponsor and PMO Affected business unit CIO, IT steering committee
    Adjust benefits realization plan as needed Project sponsor Project sponsor Project manager, affected business units Any stakeholders impacted by changes to plan
    Report project success PMO PMO Project sponsor IT and project steering committees

    Info-Tech Insight

    A business accountability: Ultimately, the sponsor must help close this loop on benefits realization. The PMO can provide tracking tools and gather and report on results, but the sponsor must hold stakeholders accountable for actually measuring the success of projects.

    Define a post-project benefits tracking process

    4.1.3 45 minutes

    While project sponsors should be accountable for measuring actual benefits realization after the project is closed, the PMO can provide monitoring tools and it should collect measurements and compare results across the portfolio.

    Steps in a benefits tracking process.

    1. Collate the benefits of all the projects in your portfolio. Document each project’s benefits, with the metrics, targets, and realization timelines of each project in a central location.
    2. Collect and document metric measurements. The benefit owner is responsible for tracking actual realization and reporting it to the individual(s) tracking portfolio results.
    3. Create a timeline and milestones for benefits tracking. Establish a high-level timeline for assessing benefits, and put reminders in calendars accordingly, to ensure that commitments do not fall off stakeholders’ radars.
    4. Flag lagging benefits for further investigation. Perform root cause analysis to then find out why a benefit is behind schedule, and what can be done to address the problem.

    "Checking the results of a decision against its expectations shows executives what their strengths are, where they need to improve, and where they lack knowledge or information."
    Peter Drucker

    Implement a tool to help monitor and track benefits over the long term

    4.1.4 Times will vary depending on organizational specifics of the inputs

    Download Info-Tech’s Portfolio Benefits Tracking Tool to help solidify the process from the previous step.

    1. Document each project’s benefits, with the metrics, targets, and realization timelines. Tab 1 of the tool is a data entry sheet to capture key portfolio benefit forecasts throughout the project.
    2. Collect and document metric measurements. Tab 2 is where the PMO, with data from the project sponsors, can track actuals month after month post-implementation.
    3. Flag lagging benefits for further investigation. Tab 3 provides a dashboard that makes it easy to flag lagging benefits. The dashboard produces a variety of meaningful benefit reports including a status indication for each project’s benefits and an assessment of business unit performance.

    Continue to increase accountability for benefits and encourage process participation

    Simply publishing a set of best practices will not have an impact unless accountability is consistently enforced. Increasing accountability should not be complicated. Focus on publicly recognizing benefit success. As the process matures, you should be able to use benefits as a more frequent input to your budgeting process.

    • Create an internal challenge. Publish the dashboard from the Portfolio Benefits Tracking Tool and highlight the top 5 or 10 projects that are on track to achieve benefits. Recognize the sponsors and project team members. Recognizing individuals for benefits success will get people excited and encourage an increased focus on benefits.
    • With executive level involvement, the PMO could help institute a bonus structure based on benefits realization. For instance, project teams could be rewarded with bonuses for achieving benefits. Decide upon a set post-project timeline for determining this bonus. For example, 6 months after every project goes live, measure benefits realization. If the project has realized benefits, or is on track to realize benefits, the PM should be given a bonus to split with the team.
    • Include level of benefits realization in the performance reviews of project team members.
    • As the process matures, start decreasing budgets according to the monetary benefits documented in the business case (if you are not already doing so). If benefits are being used as inputs to the budgeting process, sponsors will need to ensure that they are defined properly.

    Info-Tech Insight

    Don’t forget OCM best practices throughout the benefits tracking process. If benefits are lagging, the PMO should revisit phase 3 of this blueprint to consider how challenges to adoption are negatively impacting benefits attainment.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    4.1.2 Assign appropriate ownership and ensure adequate resourcing for realizing benefits after the project is closed

    Get custom insights into how the benefits tracking process should be carried out post-project at your organization to ensure that intended project outcomes are effectively monitored and, in the long run, achieved.

    4.1.4 Implement a benefits tracking tool

    Let our analysts customize a home-grown benefits tracking tool for your organization to ensure that the PMO and project sponsors are able to easily track benefits over time and effectively pivot on lagging benefits.

    Phase 5

    Solidify the PMO’s Role as Change Leader

    Phase 5 outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 5: Solidify the PMO’s role as change leader

    Proposed Time to Completion (in weeks): 1 to 2 weeks

    Step 5.1: Institute an organizational change management playbook

    Discuss these issues with an analyst:

    • With the pilot OCM initiative complete, the PMO will need to roll out an OCM program to accommodate all of the organization’s projects.
    • The PMO will need to facilitate organization-wide OCM accountabilities – whether it’s the PMO stepping into the role of OCM leader, or other appropriate accountabilities being assigned.

    Then complete these activities…

    • Review the success of the pilot OCM initiative.
    • Define organizational roles and responsibilities for change management.
    • Formalize the Organizational Change Management Playbook.

    With these tools & templates:

    • Organizational Change Management Playbook
    • Activity 5.1.1: “Review lessons learned to improve organizational change management as a core discipline of the PMO”
    • Activity 5.1.3: “Define ongoing organizational roles and responsibilities for change management”

    Step 5.1: Institute an organizational change management playbook

    Phase 5 - 5.1

    This step will walk you through the following activities:
    • Review lessons learned to improve OCM as a core discipline of the PMO.
    • Monitor organizational capacity for change.
    • Define organizational roles and responsibilities for change management.
    • Formalize the Organizational Change Management Playbook.
    • Assess the value and success of the PMO’s OCM efforts.
    This step involves the following participants:
    • Required: PMO Director; PMO staff
    • Strongly recommended: CIO and other members of the executive layer
    Outcomes of this step
    • A well-defined organizational mandate for change management, whether through the PMO or another appropriate stakeholder group
    • Definition of organizational roles and responsibilities for change management
    • An OCM playbook
    • A process and tool for ongoing assessment of the value of the PMO’s OCM activities

    Who, in the end, is accountable for org change success?

    We return to a question that we started with in the Executive Brief of this blueprint: who is accountable for organizational change?

    If nobody has explicit accountability for organizational change on each project, the Officers of the corporation retained it. Find out who is assumed to have this accountability.

    On the left side of the image, there is a pyramid with the following labels in descending order: PMO; Project Sponsors; Officers; Directors; Stakeholders. The top three tiers of the pyramid have upward arrows connecting one section to the next; the bottom three tiers have downward pointing arrows, connecting one section to the next. On the right side of the image is the following text: If accountability for organizational change shifted to the PMO, find out and do it right. PMOs in this situation should proceed with this step. Officers of the corporation have the implicit fiduciary obligation to drive project benefits because they ultimately authorize the project spending. It’s their job to transfer that obligation, along with the commensurate resourcing and authority. If the Officers fail to make someone accountable for results of the change, they are failing as fiduciaries appointed by the Board of Directors. If the Board fails to hold the Officers accountable for the results, they are failing to meet the obligations they made when accepting election by the Shareholders.

    Info-Tech Insight

    Will the sponsor please stand up?

    Project sponsors should be accountable for the results of project changes. Otherwise, people might assume it’s the PMO or project team.

    Keep your approach to change management dynamic while building around the core discipline

    The PMO will need to establish an OCM playbook that can scale to a wide variety of projects. Avoid rigidity of processes and keep things dynamic as you build up your OCM muscles as an organization.

    Continually Develop

    Change Management Capabilities

    Progressively build a stable set of core capabilities.

    The basic science of human behavior underlying change management is unlikely to change. Effective engagement, communication, and management of uncertainty are valuable capabilities regardless of context and project specifics.

    Regularly Update

    Organizational Context

    Regularly update recurring activities and artifacts.

    The organization and the environment in which it exists will constantly evolve. Reusing or recycling key artifacts will save time and improve collaboration (by leveraging shared knowledge), but you should plan to update them on at least a quarterly or annual basis.

    Respond To

    Future Project Requirements

    Approach every project as unique.

    One project might involve more technology risk while another might require more careful communications. Make sure you divide your time and effort appropriately for each particular project to make the most out of your change management playbook.

    Info-Tech Insight

    Continuous Change. Continuous Improvement. Change is an ongoing process. Your approach to managing change should be continually refined to keep up with changes in technology, corporate strategy, and people involved.

    Review lessons learned to improve organizational change management as a core discipline of the PMO

    5.1.1 60 minutes

    1. With your pilot OCM initiative in mind, retrospectively brainstorm lessons learned using the template below. Info-Tech recommends doing this with the transition team. Have people spend 10-15 minutes brainstorming individually or in 2- to 3-person groups, then spend 15-30 minutes presenting and discussing findings collectively.

    What worked? What didn't work? What was missing?

    2. Develop recommendations based on the brainstorming and analysis above.

    Continue... Stop... Start...

    Monitor organizational capacity for change

    5.1.2 20 minutes (to be repeated quarterly or biannually thereafter)

    Perform the Organizational Change Management Capabilities Assessment in the wake of the OCM pilot initiative and lessons learned exercise to assess capabilities’ improvements.

    As your OCM processes start to scale out over a range of projects across the organization, revisit the assessment on a quarterly or bi-annual basis to help focus your improvement efforts across the 7 change management categories that drive the survey.

    • Cultural Readiness
    • Leadership & Sponsorship
    • Organizational Knowledge
    • Change Management Skills
    • Toolkit & Templates
    • Process Discipline
    • KPIs & Metrics

    The image is a bar graph, with the above mentioned change management categories on the Y-axis, and the categories Low, Medium, and High on the X-axis.

    Info-Tech Insight

    Continual OCM improvement is a collaborative effort.

    The most powerful way to drive continual improvement of your organizational change management practices is to continually share progress, wins, challenges, feedback, and other OCM related concerns with stakeholders. At the end of the day, the PMO’s efforts to become a change leader will all come down to stakeholder perceptions based upon employee morale and benefits realized.

    Define ongoing organizational roles and responsibilities for change management

    5.1.3 60 minutes

    1. Decide whether to designate/create permanent roles for managing change.
    • Recommended if the PMO is engaged in at least one project at any given time that generates organizational change.
  • Designate a principle change manager (if you choose to) – it is likely that responsibilities will be given to someone’s existing position (such as PM or BA).
    • Make sure any permanent roles are embedded in the organization (e.g. within the PMO, rather than trying to establish a one-person “Change Management Office”) and have leadership support.
  • Consider whether to build a team of permanent change champions – it is likely that responsibilities will be given to existing positions.
    • This type of role is increasingly common in organizations that are aggressively innovating and keeping up with consumer technology adoption. If your organization already has a program like this for engaging early adopters and innovators, build on what’s already established.
    • Work with HR to make sure this is aligned with any existing training and development programs.
  • Info-Tech Insight

    Avoid creating unnecessary fiefdoms.

    Make sure any permanent roles are embedded in the organization (e.g. within the PMO) and have leadership support.

    Copy the RACI table from Activity 3.1.1. and repurpose it to help define the roles and responsibilities.

    Include this RACI when you formalize your OCM Playbook.

    Formalize and communicate the Organizational Change Management Playbook

    5.1.4 45 to 60 minutes

    1. Formalize the playbook’s scope:
      1. Determine the size and type of projects for which organizational change management is recommended.
      2. Make sure you clearly differentiate organizational change management and enablement from technical change management (i.e. release management and acceptance).
    2. Refine and formalize tools and templates:
      1. Determine how you want to customize the structure of Info-Tech’s blueprint and templates, tailored to your organization in the future.
        1. For example:
          1. Establish a standard framework for analyzing context around organizational change.
      2. Add branding/design elements to the templates to improve their credibility and impact as internal documents.
      3. Determine where/how templates and other resources are to be found and make sure they will be readily available to anyone who needs them (e.g. project managers).
    3. Communicate the playbook to the project management team.

    Download Info-Tech’s Organizational Change Management Playbook.

    Regularly reassess the value and success of your practices relative to OCM effort and project outcomes

    5.1.5 20 minutes per project

    The image is a screencapture of the Value tab of the Organizational Change: Management Capabilities Assessment

    Use the Value tab in the Organizational Change Management Capabilities Assessment to monitor the value and success of OCM.

    Measure past performance and create a baseline for future success:

    • % of expected business benefits realized on previous 3–5 significant projects/programs.
      • Track business benefits (costs reduced, productivity increased, etc.).
    • Costs avoided/reduced (extensions, cancellations, delays, roll-backs, etc.)
      • Establish baseline by estimating average costs of projects extended to deal with change-related issues.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    5.1.3 Define ongoing organizational roles and responsibilities for change management

    As you scale out an OCM program for all of the organization’s projects based on your pilot initiative, work with the analyst to investigate and define the right accountabilities for ongoing, long-term OCM.

    5.1.4 Develop an Organizational Change Management Playbook

    Formalize a programmatic process for organizational change management in Info-Tech’s playbook template.

    Related research

    Develop a Project Portfolio Management Strategy

    Grow Your Own PPM Solution

    Optimize Project Intake, Approval, and Prioritization

    Develop a Resource Management Strategy for the New Reality

    Manage a Minimum-Viable PMO

    Establish the Benefits Realization Process

    Manage an Agile Portfolio

    Project Portfolio Management Diagnostic Program: The Project Portfolio Management Diagnostic Program is a low effort, high impact program designed to help project owners assess and improve their PPM practices. Gather and report on all aspects of your PPM environment in order to understand where you stand and how you can improve.

    Bibliography

    Basu, Chirantan. “Top Organizational Change Risks.” Chiron. Web. June 14, 2016.

    Beatty, Carol. “The Tough Work of Managing Change.” Queens University. 2015. Web. June 14, 2016.

    Brown, Deborah. “Change Management: Some Statistics.” D&B Consulting Inc. May 15, 2014. Web. June 14, 2016.

    Burke, W. Warner. Organizational Change: Theory and Practice. 4th Edition. London: Sage, 2008.

    Buus, Inger. “Rebalancing Leaders in Times of Turbulence.” Mannaz. February 8, 2013. Web. June 14, 2016.

    Change First. “Feedback from our ROI change management survey.” 2010. Web. June 14, 2016.

    Collins, Jeff. “The Connection between User Adoption and Project Management Success.” Innovative Management Solutions. Sept. 21, 2013. Web. June 14, 2016.

    Craddock, William. “Change Management in the Strategic Alignment of Project Portfolios.” PMI. 2015. Web. June 14, 2016.

    Denning, Steve. “The Four Stories you Need to Lead Deep Organizational Change.” Forbes. July 25, 2011. Web. June 14, 2016.

    Drucker, Peter. “What Makes an Effective Executive.” Harvard Business Review. June 2004. Web. June 14, 2016

    Elwin, Toby. “Highlight Change Management – An Introduction to Appreciative Inquiry.” July 6, 2012. Web. June 14, 2016.

    Enstrom, Christopher. “Employee Power: The Bases of Power Used by Front-Line Employees to Effect Organizational Change.” MA Thesis. University of Calgary. April 2003. Web. June 14, 2016.

    Ewenstein, Boris, Wesley Smith, and Ashvin Sologar. “Changing Change Management.” McKinsey & Company. July 2015. Web. June 14, 2016.

    International Project Leadership Academy. “Why Projects Fail: Facts and Figures.” Web. June 14, 2016.

    Jacobs-Long, Ann. “EPMO’s Can Make A Difference In Your Organization.” May 9, 2012. Web. June 14, 2016.

    Kotter, John. Leading Change. Boston: Harvard Business School Press, 1996.

    Latham, Ross. “Information Management Advice 55 Change Management: Preparing for Change.” TAHO. March 2014. Web. June 14, 2016.

    Linders, Ben. “Finding Ways to Improve Business – IT Collaboration.” InfoQ. June 6, 2013. Web. June 14, 2016

    Machiavelli, Niccolo. The Prince, selections from The Discourses and other writings. Ed. John Plamenatz. London: Fontana/Collins, 1972.

    Michalak, Joanna Malgorzata. “Cultural Catalyst and Barriers to Organizational Change Management: a Preliminary Overview.” Journal of Intercultural Management. 2:2. November 2010. Web. June 14, 2016.

    Miller, David, and Mike Oliver. “Engaging Stakeholder for Project Success.” PMI. 2015. Web. June 14, 2016.

    Parker, John. “How Business Analysts Can Identify Quick Wins.” EnFocus Solutions. February 15, 2013. Web. June 14, 2016.

    Paulk, January. “The Fundamental Role a Change Impact Analysis Plays in an ERP Implementation.” Panorma Consulting Solutions. March 24, 2014. Web. June 14, 2016.

    Petouhoff, Natalie, Tamra Chandler, and Beth Montag-Schmaltz. “The Business Impact of Change Management.” Graziadio Business Review. 2006. Web. June 14, 2016.

    PM Solutions. “The State of the PMO 2014.” 2014. Web. June 14, 2016.

    PMI. “Pulse of the Profession: Enabling Organizational Change Throughout Strategic Initiatives.” March 2014. Web. June 14, 2016.

    PMI. “Pulse of the Profession: Executive Sponsor Engagement.” October 2014. Web. June 14, 2016.

    PMI. “Pulse of the Profession: the High Cost of Low Performance.” February 2014. Web. June 14, 2016.

    Powers, Larry, and Ketil Been. “The Value of Organizational Change Management.” Boxley Group. 2014. Web. June 14, 2016.

    Prosci. “Best Practices in Change Management – 2014 Edition: Executive Overview.” Web. June 14, 2016.

    Prosci. “Change Management Sponsor Checklist.” Web. June 14, 2016.

    Prosci. “Cost-benefit analysis for change management.” 2014. Web. June 14, 2016.

    Prosci. “Five Levers of Organizational Change.” 2016. Web. June 14, 2016.

    Rick, Torben. “Change Management Requires a Compelling Story.” Meliorate. October 3, 2014. Web. June 14, 2016.

    Rick, Torben. “The Success Rate of Organizational Change Initiatives.” Meliorate. October 13, 2014. Web. June 14, 2016.

    Schwartz, Claire. “Implementing and Monitoring Organizational Change: Part 3.” Daptiv Blogs. June 24, 2013. Web. June 14, 2016.

    Simcik, Shawna. “Shift Happens! The Art of Change Management.” Innovative Career Consulting, Inc. Web. June 14, 2016.

    Stewart Group. “Emotional Intelligence.” 2014. Web. June 14, 2016.

    Thakur, Sidharth. “Improve your Project’s Communication with These Inspirational Quotes.” Ed. Linda Richter. Bright Hub Project Management. June 9, 2012. Web. June 14, 2016.

    Training Folks. “Implementing and Supporting Training for Important Change Initiatives.” 2012. Web. June 14, 2016.

    Warren, Karen. “Make your Training Count: The Right Training at the Right Time.” Decoded. April 12, 2015. Web. June 14, 2016.

    Willis Towers Watson. “Only One-Quarter of Employers Are Sustaining Gains from Change Management Initiatives, Towers Watson Survey Finds.” August 29, 2013. Web. June 14, 2016.

    Grow Your Own PPM Solution

    • Buy Link or Shortcode: {j2store}436|cart{/j2store}
    • member rating overall impact (scale of 10): 9.6/10 Overall Impact
    • member rating average dollars saved: $47,944 Average $ Saved
    • member rating average days saved: 29 Average Days Saved
    • Parent Category Name: Portfolio Management
    • Parent Category Link: /portfolio-management
    • As portfolio manager, you’re responsible for supporting the intake of new project requests, providing visibility into the portfolio of in-flight projects, and helping to facilitate the right approval and prioritization decisions.
    • You need a project portfolio management (PPM) tool that promotes the maintenance and flow of good data to help you succeed in these tasks. However, while throwing expensive technology at bad process rarely works, many organizations take this approach to solve their PPM problems.
    • Commercial PPM solutions are powerful and compelling, but they are also expensive, complex, and hard to use. When a solution is not properly adopted, the data can be unreliable and inconsistent, defeating the point of purchasing a tool in the first place.

    Our Advice

    Critical Insight

    • Your choice of PPM solution must be in tune with your organizational PPM maturity to ensure that you are prepared to sustain the tool use without having the corresponding PPM processes collapse under its own weight.
    • A spreadsheet-based homegrown PPM solution can provide key capabilities of an optimized PPM solution with a high level of sophistication and complexity without the prohibitive capital and labor costs demanded by commercial PPM solution.
    • Focus on your PPM decision makers that will consume the reports and insights by investigating their specific reporting needs.

    Impact and Result

    • Think outside the commercial box. Develop an affordable, adoptable, and effective PPM solution using widely available tools based on Info-Tech’s ready-to-deploy templates.
    • Make your solution sustainable. When it comes to portfolio management, high level is better. A tool that is accurate and maintainable will provide more value than one that strives for precise data yet is ultimately unmaintainable.
    • Report success. A PPM tool needs to foster portfolio visibility in order to engage and inform the executive layer and support effective decision making.

    Grow Your Own PPM Solution Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should grow your own PPM solution, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Right-size your PPM solution

    Scope an affordable, adoptable, and effective PPM solution with Info-Tech's Portfolio Manager 2017 workbook.

    • Grow Your Own PPM Solution – Phase 1: Right-Size Your PPM Solution
    • Portfolio Manager 2017 Cost-in-Use Estimation Tool
    • None

    2. Get to know Portfolio Manager 2017

    Learn how to use Info-Tech's Portfolio Manager 2017 workbook and create powerful reports.

    • Grow Your Own PPM Solution – Phase 2: Meet Portfolio Manager 2017
    • Portfolio Manager 2017
    • Portfolio Manager 2017 (with Actuals)
    • None
    • None
    • None

    3. Implement your homegrown PPM solution

    Plan and implement an affordable, adoptable, and effective PPM solution with Info-Tech's Portfolio Manager 2017 workbook.

    • Grow Your Own PPM Solution – Phase 3: Implement Your PPM Solution
    • Portfolio Manager 2017 Operating Manual
    • Stakeholder Engagement Workbook
    • Portfolio Manager Debut Presentation for Portfolio Owners
    • Portfolio Manager Debut Presentation for Data Suppliers

    4. Outgrow your own PPM solution

    Develop an exit strategy from your home-grown solution to a commercial PPM toolset. In this video, we show a rapid transition from the Excel dataset shown on this page to a commercial solution from Meisterplan. Christoph Hirnle of Meisterplan is interviewed starting at 9 minutes.

    • None
    [infographic]

    Workshop: Grow Your Own PPM Solution

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Scope a Homegrown PPM Solution for Your Organization

    The Purpose

    Assess the current state of project portfolio management capability at your organization. The activities in this module will inform the next modules by exploring your organization’s current strengths and weaknesses and identifying areas that require improvement.

    Set up the workbook to generate a fully functional project portfolio workbook that will give you a high-level view into your portfolio.

    Key Benefits Achieved

    A high-level review of your current project portfolio capability is used to decide whether a homegrown PPM solution is an appropriate choice

    Cost-benefit analysis is done to build a business case for supporting this choice

    Activities

    1.1 Review existing PPM strategy and processes.

    1.2 Perform a cost-benefit analysis.

    Outputs

    Confirmation of homegrown PPM solution as the right choice

    Expected benefits for the PPM solution

    2 Get to Know Portfolio Manager 2017

    The Purpose

    Define a list of requirements for your PPM solution that meets the needs of all stakeholders.

    Key Benefits Achieved

    A fully customized PPM solution in your chosen platform

    Activities

    2.1 Introduction to Info-Tech's Portfolio Manager 2017: inputs, outputs, and the data model.

    2.2 Gather requirements for enhancements and customizations.

    Outputs

    Trained project/resource managers on the homegrown solution

    A wish list of enhancements and customizations

    3 Implement Your Homegrown PPM Solution

    The Purpose

    Determine an action plan regarding next steps for implementation.

    Implement your homegrown PPM solution. The activities outlined in this step will help to promote adoption of the tool throughout your organization.

    Key Benefits Achieved

    A set of processes to integrate the new homegrown PPM solution into existing PPM activities

    Plans for piloting the new processes, process improvement, and stakeholder communication

    Activities

    3.1 Plan to integrate your new solution into your PPM processes.

    3.2 Plan to pilot the new processes.

    3.3 Manage stakeholder communications.

    Outputs

    Portfolio Manager 2017 operating manual, which documents how Portfolio Manager 2017 is used to augment the PPM processes

    Plan for a pilot run and post-pilot evaluation for a wider rollout

    Communication plan for impacted PPM stakeholders

    Unify a Mixed Methodology Portfolio

    • Buy Link or Shortcode: {j2store}441|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Portfolio Management
    • Parent Category Link: /portfolio-management
    • As portfolio manager, you oversee a portfolio made up of projects using different types of planning and execution methodologies – from traditional Waterfall, to Agile, to hybrid approaches and beyond. The discontinuity between reporting metrics and funding models makes a holistic and perpetually actionable view of the portfolio elusive.
    • Agile’s influence is growing within the organization’s project ecosystem. Even projects that don’t formally use Agile methods often adopt agile tendencies, such as mitigating risk with shorter, more iterative development cycles and increasing collaboration with stakeholders. While this has introduced efficiencies at the project level, it has not translated into business agility, with decision makers still largely playing a passive role in terms of steering the portfolio.
    • Senior management still expects traditional commitments and deadlines, not “sprints” and “velocity.” The reluctance of many Agile purists to adhere to traditional timeline, budget, and scope commitments is not making Agile a particularly popular conversation topic among the organization’s decision-making layer.
    • As portfolio manager, it’s your job to unify these two increasingly fragmented worlds into a unified portfolio.

    Our Advice

    Critical Insight

    • As Agile’s influence grows and project methodologies morph and proliferate, a more engaged executive layer is required than what we see in a traditional portfolio approach. Portfolio owners have to decide what gets worked on at a regular cadence.
    • What’s the difference? In the old paradigm, nobody stopped the portfolio owners from approving too much. Decisions were based on what should be done, rather than what could get done in a given period, with the resources available.
    • The engaged portfolio succeeds by making sure that the right people work on the right things as much as possible. The portfolio owner plays a key, ongoing role in identifying the work that needs to be done, and the portfolio managers optimize the usage of resources.

    Impact and Result

    • Establish universal control points. While the manager of a mixed methodology portfolio doesn’t need to enforce a standardized project methodology, she or he does need to establish universal control points for both intake and reporting at the portfolio level. Use this research to help you define a sustainable process that will work for all types of projects.
    • Scale the approvals process. For a mixed methodology portfolio to work, the organization needs to reconcile different models for approving and starting projects. This blueprint will help you define a right-sized intake process and decision-making paradigm for sprints and project phases alike.
    • Foster ongoing executive engagement. Mixed methodology success is contingent on regular and ongoing executive engagement. Use the tools and templates associated with this blueprint to help get buy-in and commitment upfront, and then to build out portfolio reports and dashboard that will help keep the executive layer informed and engaged long term.

    Unify a Mixed Methodology Portfolio Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should consider an Engaged Agile Portfolio approach, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Get portfolio commitments

    Assess the current state of the portfolio and ensure that portfolio owners and other stakeholders are onboard before you move forward to develop and implement new portfolio processes.

    • Unify a Mixed Methodology Portfolio – Phase 1
    • Mixed Methodology Portfolio Analyzer
    • Mixed Methodology Portfolio Strategy Template
    • Mixed Methodology Portfolio Stakeholder Survey Tool

    2. Define your portfolio processes

    Wireframe standardized portfolio processes for all project methodologies to follow.

    • Unify a Mixed Methodology Portfolio – Phase 2
    • Agile Portfolio Sprint Prioritization Tool
    • Project Methodology Assessment Tool

    3. Implement your processes

    Pilot your new portfolio processes and decision-making paradigm. Then, execute a change impact analysis to inform your communications strategy and implementation plan.

    • Unify a Mixed Methodology Portfolio – Phase 3
    • Process Pilot Plan Template
    • Intake and Prioritization Impact Analysis Tool
    • Resource Management Impact Analysis Tool
    [infographic]

    Workshop: Unify a Mixed Methodology Portfolio

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess Current State of the Portfolio

    The Purpose

    Determine the current state of your project execution and portfolio oversight practices.

    Align different types of projects within a unified portfolio.

    Define the best roles and engagement strategies for individual stakeholders as you transition to an Engaged Agile Portfolio.

    Key Benefits Achieved

    A current state understanding of project and portfolio management challenges.

    Bolster the business case for developing an Engaged Agile Portfolio.

    Increase stakeholder and team buy-in.

    Activities

    1.1 Calculate the size of your portfolio in human resource hours.

    1.2 Estimate your project sizes and current project methodology mix.

    1.3 Document the current known status of your in-flight projects.

    1.4 Perform a project execution portfolio oversight survey.

    Outputs

    Your portfolio’s project capacity in resource hours.

    Better understanding of project demand and portfolio mix.

    Current state visibility.

    An objective assessment of current areas of strengths and weaknesses.

    2 Define Your Portfolio Processes

    The Purpose

    Objectively and transparently approve, reject, and prioritize projects.

    Prioritize work to start and stop on a sprint-by-sprint basis.

    Maintain a high frequency of accurate reporting.

    Assess and report the realization of project benefits.

    Key Benefits Achieved

    Improve timeliness and accuracy of project portfolio reporting.

    Make better, faster decisions about when to start and stop work on different projects.

    Increase stakeholder satisfaction.

    Activities

    2.1 Develop a portfolio intake workflow.

    2.2 Develop a prioritization scorecard and process.

    2.3 Establish a process to estimate sprint demand and resource supply.

    2.4 Develop a process to estimate sprint value and necessity.

    Outputs

    An intake workflow.

    A prioritization scorecard and process.

    A process to estimate sprint demand and resource supply.

    A process to estimate sprint value and necessity.

    3 Implement Your Processes

    The Purpose

    Analyze the potential change impacts of your new portfolio processes and how they will be felt across the organization.

    Develop an implementation plan to ensure strategy buy-in.

    Key Benefits Achieved

    A strategic and well-planned approach to process implementation.

    Activities

    3.1 Analyze change impacts of new portfolio processes.

    3.2 Prepare a communications plan based upon change impacts.

    3.3 Develop an implementation plan.

    3.4 Present new portfolio processes to portfolio owners.

    Outputs

    A change impact analysis.

    A communications plan.

    An implementation plan.

    Portfolio strategy buy-in.

    Enable Omnichannel Commerce That Delights Your Customers

    • Buy Link or Shortcode: {j2store}534|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $17,249 Average $ Saved
    • member rating average days saved: 7 Average Days Saved
    • Parent Category Name: Customer Relationship Management
    • Parent Category Link: /customer-relationship-management
    • Today’s customers expect to be able to transact with you in the channels of their choice. The proliferation of e-commerce, innovations in brick-and-mortar retail, and developments in mobile commerce and social media selling mean that IT organizations are managing added complexity in drafting a strategy for commerce enablement.
    • The right technology stack is critical in order to support world-class e-commerce and brick-and-mortar interactions with customers.

    Our Advice

    Critical Insight

    • Support the right transactional channels for the right customers: there is no “one-size-fits-all” approach to commerce enablement – understand your customers to drive selection of the right transactional channels.
    • Don’t assume that “traditional” commerce channels have stagnated: IoT, customer analytics, and blended retail are reinvigorating brick-and-mortar selling.
    • Don’t buy best-of-breed; buy best-for-you. Base commerce vendor selection on your requirements and use cases, not on the vendor’s overall performance.

    Impact and Result

    • Leverage Info-Tech’s proven, road-tested approach to using personas and scenarios to build strong business drivers for your commerce strategy.
    • Before selecting and deploying technology solutions, create a cohesive channel matrix outlining which channels your organization will support with transactional capabilities.
    • Understand evolving trends in the commerce solution space, such as AI-driven product recommendations and integration with other essential enterprise applications (i.e. CRM and marketing automation platforms).
    • Understand and apply operational best practices such as content optimization and dynamic personalization to improve the conversion rate via your e-commerce channels.

    Enable Omnichannel Commerce That Delights Your Customers Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Enable Omnichannel Commerce Deck – A deck outlining the importance of creating a cohesive omnichannel framework to improve your customer experience.

    E-commerce channels have proliferated, and traditional brick-and-mortar commerce is undergoing reinvention. In order to provide your customers with a strong experience, it's imperative to create a strategy – and to deploy the right enabling technologies – that allow for robust multi-channel commerce. This storyboard provides a concise overview of how to do just that.

    • Enable Omnichannel Commerce That Delights Your Customers – Phases 1-2

    2. Create Personas to Drive Omnichannel Requirements Template – A template to identify key customer personas for e-commerce and other channels.

    Customer personas are archetypal representations of your key audience segments. This template (and populated examples) will help you construct personas for your omnichannel commerce project.

    • Create Personas to Drive Omnichannel Requirements Template
    [infographic]

    Further reading

    Enable Omnichannel Commerce That Delights Your Customers

    Create a cohesive, omnichannel framework that supports the right transactions through the right channels for the right customers.

    Analyst Perspective

    A clearly outlined commerce strategy is a necessary component of a broader customer experience strategy.

    This is a picture of Ben Dickie, Research Lead, Research – Applications at Info-Tech Research Group

    Ben Dickie
    Research Lead, Research – Applications
    Info-Tech Research Group

    “Your commerce strategy is where the rubber hits the road, converting your prospects into paying customers. To maximize revenue (and provide a great customer experience), it’s essential to have a clearly defined commerce strategy in place.

    A strong commerce strategy seeks to understand your target customer personas and commerce journey maps and pair these with the right channels and enabling technologies. There is not a “one-size-fits-all” approach to selecting the right commerce channels: while many organizations are making a heavy push into e-commerce and mobile commerce, others are seeking to differentiate themselves by innovating in traditional brick-and-mortar sales. Hybrid channel design now dominates many commerce strategies – using a blend of e-commerce and other channels to deliver the best-possible customer experience.

    IT leaders must work with the business to create a succinct commerce strategy that defines personas and scenarios, outlines the right channel matrix, and puts in place the right enabling technologies (for example, point-of-sale and e-commerce platforms).”

    Stop! Are you ready for this project?

    This Research Is Designed For:

    • IT leaders and business analysts supporting their commercial and marketing organizations in developing and executing a technology enablement strategy for e-commerce or brick-and-mortar commerce.
    • Any organization looking to develop a persona-based approach to identifying the right channels for their commerce strategy.

    This Research Will Help You:

    • Identify key personas and customer journeys for a brick-and-mortar and/or e-commerce strategy.
    • Select the right channels for your commerce strategy and build a commerce channel matrix to codify the results.
    • Review the “art of the possible” and new developments in brick-and-mortar and e-commerce execution.

    This Research Will Also Assist:

    • Sales managers, brand managers, and any marketing professional looking to build a cohesive commerce strategy.
    • E-commerce or POS project teams or working groups tasked with managing an RFP process for vendor selection.

    This Research Will Help Them:

    • Build a persona-centric commerce strategy.
    • Understand key technology trends in the brick-and-mortar and e-commerce space.

    Executive Summary

    Your Challenge

    Today’s customers expect to be able to transact with you in the channels of their choice.

    The proliferation of e-commerce, innovations in brick-and-mortar retail, and developments in mobile commerce and social media selling mean that IT organizations are managing added complexity in drafting a strategy for commerce enablement.

    The right technology stack is critical to support world-class e-commerce and brick-and-mortar interactions with customers.

    Common Obstacles

    Many organizations do not define strong, customer-centric drivers for dictating which channels they should be investing in for transactional capabilities.

    As many retailers look to move shopping experiences online during the pandemic, the impetus for having a strong e-commerce suite has markedly increased. The proliferation of commerce vendors has made it difficult to identify and shortlist the right solution, while the pandemic has also highlighted the importance of adopting new vendors quickly and efficiently: companies need to understand the top players in different commerce market landscapes.

    IT is receiving a growing number of commerce platform requests and must be prepared to speak intelligently about requirements and the “art of the possible.”

    Info-Tech’s Approach

    • Leverage Info-Tech’s proven, road-tested approach to using personas and scenarios to build strong business drivers for your commerce strategy.
    • Before selecting and deploying technology solutions, create a cohesive channel matrix outlining which channels your organization will support with transactional capabilities.
    • Understand evolving trends in the commerce solution space, such as AI-driven product recommendations and integration with other essential enterprise applications (i.e. customer relationship management [CRM] and marketing automation platforms).
    • Understand and apply operational best practices such as content optimization and dynamic personalization to improve the conversion rate via your e-commerce channels.

    Info-Tech Insight

    • Support the right transactional channels for the right customers: there is no “one-size-fits-all” approach to commerce enablement – understand your customers to drive selection of the right transactional channels.
    • Don’t assume that “traditional” commerce channels have stagnated: IoT, customer analytics, and blended retail are reinvigorating brick-and-mortar selling.
    • Don’t buy best-of-breed; buy best-for-you: base commerce vendor selection on your requirements and use cases, not on the vendor’s overall performance.

    A strong commerce strategy is an essential component of a savvy approach to customer experience management

    A commerce strategy outlines an organization’s approach to selling its products and services. A strong commerce strategy identifies target customers’ personas, commerce journeys that the organization wants to support, and the channels that the organization will use to transact with customers.

    Many commerce strategies encompass two distinct but complementary branches: a commerce strategy for transacting through traditional channels and an e-commerce strategy. While the latter often receives more attention from IT, it still falls on IT leaders to provide the appropriate enabling technologies to support traditional brick-and-mortar channels as well. Traditional channels have also undergone a digital renaissance in recent years, with forward-looking companies capitalizing on new technology to enhance customer experiences in their stores.

    Traditional Channels

    • Physical Stores (Brick and Mortar)
    • Kiosks or Pop-Up Stores
    • Telesales
    • Mail Orders
    • EDI Transactions

    E-Commerce Channels

    • E-Commerce Websites
    • Mobile Commerce Apps
    • Embedded Social Shopping
    • Customer Portals
    • Configure Price Quote Tool Sets (CPQ)
    • Hybrid Retail

    Info-Tech Insight

    To better serve their customers, many companies position themselves as “click-and-mortar” shops – allowing customers to transact at a store or online.

    Customers’ expectations are on the rise: meet them!

    Today’s consumers expect speed, convenience, and tailored experiences at every stage of the customer lifecycle. Successful organizations strive to support these expectations.

    58%
    of retail customers admitted that their expectations now are higher than they were a year ago (FinancesOnline).

    70%
    of consumers between the ages of 18 and 34 have increasing customer expectations year after year (FinancesOnline).

    69%
    of consumers now expect store associates to be armed with a mobile device to deliver value-added services, such as looking up product information and checking inventory (V12).

    73%
    of support leaders agree that customer expectations are increasing, but only…

    42%
    of support leaders are confident that they’re actually meeting those expectations.

    How can you be sure that you are meeting your customers’ expectations?

    1. Offer more personalization throughout the entire customer journey
    2. Practice quality customer service – ensure staff have up-to-date knowledge and offer quick resolution time for complaints
    3. Focus on offering low-effort experiences and easy-to-use platforms (i.e. “one-click buying”)
    4. Ensure your products and services perform well and do what they’re meant to do
    5. Ensure omnichannel availability – 9 in 10 consumers want a seamless omnichannel experience

    Info-Tech Insight

    Customers expect to interact with organizations through the channels of their choice. Now more than ever, you must enable your organization to provide tailored commerce and transactional experiences.

    Omnichannel commerce is the way of the future

    Create a strategy that embraces this reality with the right tools!

    Get ahead of the competition by doing omnichannel right! Devise a strategy that allows you to create and maintain a consistent, seamless commerce experience by optimizing operations with an omnichannel framework. Customers want to interact with you on their own terms, and it falls to IT to ensure that applications are in place to support and manage both traditional and e-commerce channels. There must also be consistency of copy, collateral, offers, and pricing between commerce channels.

    71%
    of consumers want a consistent experience across all channels, but only…

    29%
    say that they actually get it.

    (Source: Business 2 Community, 2020)

    Omnichannel is a “multichannel approach that aims to provide customers with a personalized, integrated, and seamless shopping experience across diverse touchpoints and devices.”
    Source: RingCentral, 2021

    IT is responsible for providing technology enablement of the commerce strategy: e-commerce platforms are a cornerstone

    An e-commerce platform is an enterprise application that provides end-to-end capabilities for allowing customers to purchase products or services from your company via an online channel (e.g. a traditional website, a mobile application, or an embedded link in a social media post). Modern e-commerce platforms are essential for delivering a frictionless customer journey when it comes to purchasing online.

    $6.388
    trillion dollars worth of sales will be conducted online by 2024 (eMarketer, 14 Jan. 2021).

    44%
    of all e-commerce transactions are expected to be completed via a mobile device by 2024 (Insider).

    21.8%
    of all sales will be made from online purchases by 2024 (eMarketer, 14 Jan. 2021).

    Strong E-Commerce Platforms Enable a Wide Range of Functional Areas:

    • Product Catalog Management
    • Web Content Delivery
    • Product Search Engine
    • Inventory Management
    • Shopping Cart Management
    • Discount and Coupon Management
    • Return Management and Reverse Logistics
    • Dynamic Personalization
    • Dynamic Promotions
    • Predictive Re-Targeting
    • Predictive Product Recommendations
    • Transaction Processing
    • Compliance Management
    • Commerce Workflow Management
    • Loyalty Program Management
    • Reporting and Analytics

    An e-commerce solution boosts the effectiveness and efficiency of your operations and drives top-line growth

    Take time to learn the capabilities of modern e-commerce applications. Understanding the “art of the possible” will help you to get the most out of your e-commerce platform.

    An e-commerce platform helps marketers and sales staff in three primary ways:

    1. It allows the organization to effectively and efficiently operate e-commerce operations at scale.
    2. It allows commercial staff to have a single system for managing and monitoring all commercial activity through online channels.
    3. It allows the organization to improve the customer-facing e-commerce experience, boosting conversions and top-line sales.

    A dedicated e-commerce platform improves the efficiency of customer-commerce operations

    • Workflow automation reduces the amount of time spent executing dynamic e-commerce campaigns.
    • The use of internal or third-party data increases conversion effectiveness from customer databases across the organization.

    Info-Tech Insight

    A strong e-commerce provides marketers with the data they need to produce actionable insights about their customers.

    Case Study

    INDUSTRY - Retail
    SOURCE - Salesforce (a)

    PetSmart improves customer experience by leveraging a new commerce platform in the Salesforce ecosystem

    PetSmart

    PetSmart is a leading retailer of pet products, with a heavy footprint across North America. Historically, PetSmart was a brick-and-mortar retailer, but it has placed a heavy emphasis on being a true multi-channel “click-and-mortar” retailer to ensure it maintains relevance against competitors like Amazon.

    E-Commerce Overhaul Initiative

    To improve its e-commerce capabilities, PetSmart recognized that it needed to consolidate to a single, unified e-commerce platform to realize a 360-degree view of its customers. A new platform was also required to power dynamic and engaging experiences, with appropriate product recommendations and tailored content. To pursue this initiative, the company settled on Salesforce.com’s Commerce Cloud product after an exhaustive requirements definition effort and rigorous vendor selection approach.

    Results

    After platform implementation, PetSmart was able to effortlessly handle the massive transaction volumes associated with Black Friday and Cyber Monday and deliver 1:1 experiences that boosted conversion rates.

    PetSmart standardized on the Commerce Cloud from Salesforce to great effect.

    This is an image of the journey from Discover & Engage to Retain & Advocate.

    Case Study

    Icebreaker exceeds customer expectations by using AI to power product recommendations

    INDUSTRY - Retail
    SOURCE - Salesforce (b)

    Icebreaker

    Icebreaker is a leading outerwear and lifestyle clothing company, operating six global websites and owning over 5,000 stores across 50 countries. Icebreaker is focused on providing its shoppers with accurate, real-time product suggestions to ensure it remains relevant in an increasingly competitive online market.

    E-Commerce Overhaul Initiative

    To improve its e-commerce capabilities, Icebreaker recognized that it needed to adopt a predictive recommendation engine that would offer its customers a more personalized shopping experience. This new system would need to leverage relevant data to provide both known and anonymous shoppers with product suggestions that are of interest to them. To pursue this initiative, Icebreaker settled on using Salesforce.com’s Commerce Cloud Einstein, a fully integrated AI.

    Results

    After integrating Commerce Cloud Einstein on all its global sites, Icebreaker was able to cross-sell and up-sell its merchandise more effectively by providing its shoppers with accurate product recommendations, ultimately increasing average order value.

    IT must also provide technology enablement for other channels, such as point-of-sale systems for brick-and-mortar

    Point-of-sale systems are the “real world” complement to e-commerce platforms. They provide functional capabilities for selling products in a physical store, including basic inventory management, cash register management, payment processing, and retail analytics. Many firms struggle with legacy POS environments that inhibit a modern customer experience.

    $27.338
    trillion dollars in retail sales are expected to be made globally in 2022 (eMarketer, 2022).

    84%
    of consumers believe that retailers should be doing more to integrate their online and offline channels (Invoca).

    39%
    of consumers are unlikely or very unlikely to visit a retailer’s store if the online store doesn’t provide physical store inventory information (V12).

    Strong Point-of-Sale Platforms Enable a Wide Range of Functional Areas:

    • Product Catalog Management
    • Discount Management
    • Coupon Management and Administration
    • Cash Management
    • Cash Register Reconciliation
    • Product Identification (Barcode Management)
    • Payment Processing
    • Compliance Management
    • Basic Inventory Management
    • Commerce Workflow Management
    • Exception Reporting and Overrides
    • Loyalty Program Management
    • Reporting and Analytics

    E-commerce and POS don’t live in isolation

    They’re key components of a well-oiled customer experience ecosystem!

    Integrate commerce solutions with other customer experience applications – and with ERP or logistics systems – to handoff transactions for order fulfilment.

    Having a customer master database – the central place where all up-to-the-minute data on a customer profile is stored – is essential for traditional and e-commerce success. Typically, the POS or e-commerce platform is not the system of record for the master customer profile: this information lives in a CRM platform or customer data warehouse. Conceptually, this system is at the center of the customer-experience ecosystem.

    Strong POS and e-commerce solutions orchestrate transactions but typically do not do the heavy lifting in terms of order fulfilment, shipping logistics, economic inventory management, and reverse logistics (returns). In an enterprise-grade environment, these activities are executed by an enterprise resource planning (ERP) solution – integrating your commerce systems with a back-end ERP solution is a crucial step from an application architecture point of view.

    This is an example of a customer experience ecosystem.  Core Apps (CRM, ERP): MMS Suite; E-Commerce; POS; Web CMS; Data Marts/BI Tools; Social Media Platforms

    Case Study

    INDUSTRY - Retail
    SOURCES - Amazon, n.d. CNET, 2020

    Amazon is creating a hybrid omnichannel experience for retail by introducing innovative brick-and-mortar stores

    Amazon

    Amazon began as an online retailer of books in the mid-1990s, and rapidly expanded its product portfolio to nearly every category imaginable. Often hailed as the foremost success story in online commerce, the firm has driven customer loyalty via consistently strong product recommendations and a well-designed site.

    Bringing Physical Retail Into the Digital Age

    Beginning in 2016 (and expanding in 2018), Amazon introduced Amazon Go, a next-generation grocery retailer, to the Seattle market. While most firms that pursue an e-commerce strategy traditionally come from a brick-and-mortar background, Amazon upended the usual narrative: the world’s largest online retailer opening physical stores to become a true omnichannel, “click-and-mortar” vendor. From the get-go, Amazon Go focused on innovating the physical retail experience – using cameras, IoT capabilities, and mobile technologies to offer “checkout-free” virtual shopping carts that automatically know what products customers take off the shelves and bill their Amazon accounts accordingly.

    Results

    Amazon received a variety of industry and press accolades for re-inventing the physical store experience and it now owns and operates seven separate store brands, with more still on the horizon.

    Case Study

    INDUSTRY - Retail
    SOURCES - Glossy, 2020

    Old Navy

    Old Navy is a clothing and accessories retail company that owns and operates over 1,200 stores across North America and China. Typically, Old Navy has relied on using traditional marketing approaches, but recently it has shifted to producing more digitally focused campaigns to drive revenue.

    Bringing Physical Retail Into the Digital Age

    To overcome pandemic-related difficulties, including temporary store closures, Old Navy knew that it had to have strong holiday sales in 2020. With the goal of stimulating retail sales growth and maximizing its pre-existing omnichannel capabilities, Old Navy decided to focus more of its holiday campaign efforts online than in years past. With this campaign centered on connected TV platforms, such as Hulu, and social media channels including Facebook, Instagram, and TikTok, Old Navy was able to take a more unique, fun, and good-humored approach to marketing.

    Results

    Old Navy’s digitally focused campaign was a success. When compared with third quarter sales figures from 2019, third quarter net sales for 2020 increased by 15% and comparable sales increased by 17%.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3 Phase 4 Phase 5

    Call #1: Scope requirements, objectives, and your specific challenges.

    Call #2: Assess current maturity.

    Call #4: Identify relationship between current initiatives and capabilities.

    Call #6: Identify strategy risks.

    Call #8: Identify and prioritize improvements.

    Call #3: Identify target-state capabilities.

    Call #5: Create initiative profiles.

    Call #7: Identify required budget.

    Call #9: Summarize results and plan next steps.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

    Enable Omnichannel Commerce That Delights Your Customers – Project Overview

    1. Identify Critical Drivers for Your Omnichannel Commerce Strategy 2. Map Drivers to the Right Channels and Technologies
    Best Practice Toolkit

    1.1 Assess Personas and Scenarios

    1.2 Create Key Drivers and Metrics

    2.1 Build the Commerce Channel Matrix

    2.2 Review Technology and Trends Primer

    Guided Implementations
    • Validate customer personas.
    • Validate commerce scenarios.
    • Review key drivers and metrics.
    • Build the channel matrix.
    • Discuss technology and trends.
    Onsite Workshop

    Module 1:

    Module 2:

    Identify Critical Drivers for Your Omnichannel Commerce Strategy

    Map Drivers to the Right Channels and Technologies

    Phase 1 Outcome:

    Phase 2 Outcome:

    An initial shortlist of customer-centric drivers for your channel strategy and supporting metrics.

    A completed commerce channel matrix tailored to your organization, and a snapshot of enabling technologies and trends.

    Phase 1

    Identify Critical Drivers for Your Omnichannel Commerce Strategy

    1.1 Assess Personas and Scenarios

    1.2 Create Key Drivers and Metrics

    Enable Omnichannel Commerce That Delights Your Customers

    Step 1.1

    Assess Personas and Scenarios

    This step will walk you through the following activities:

    1.1.1 Build key customer personas for your commerce strategy.

    1.1.2 Create commerce scenarios (journey maps) that you need to enable.

    Identify Critical Drivers for Your Omnichannel Commerce Strategy

    This step involves the following participants:

    • Business stakeholders (Sales, Marketing)
    • IT project team

    Outcomes of this step:

    • Critical customer personas
    • Key traditional and e-commerce scenarios

    Use customer personas to picture who will be using your commerce channels and guide scenario design and key drivers

    What Are Personas?

    Personas are detailed descriptions of the targeted audience of your e-commerce presence. Effective personas:

    • Express and focus on the major needs and expectations of the most important user groups.
    • Give a clear picture of the typical user’s behavior.
    • Aid in uncovering universal features and functionality.
    • Describe real people with backgrounds, goals, and values.

    Source: Usability.gov, n.d.

    Why Are Personas Important?

    Personas help:

    • Focus the development of commerce platform features on the immediate needs of the intended audience.
    • Detail the level of customization needed to ensure content is valuable to the user.
    • Describe how users may behave when certain audio and visual stimulus are triggered from the website.
    • Outline the special design considerations required to meet user accessibility needs.

    Key Elements of a Persona:

    • Persona Group (e.g. executives)
    • Demographics (e.g. nationality, age, language spoken)
    • Purpose of Using Commerce Channels (e.g. product search versus ready to transact)
    • Typical Behaviors and Tendencies (e.g. goes to different websites when cannot find products in 20 seconds)
    • Technological Environment of User (e.g. devices, browsers, network connection)
    • Professional and Technical Skills and Experiences (e.g. knowledge of websites, area of expertise)

    Use Info-Tech’s guidelines to assist in the creation of personas

    How many personas should I create?

    The number of personas that should be created is based on the organizational coverage of your commerce strategy. Here are some questions you should ask:

    • Do the personas cover a majority of your revenues or product lines?
    • Is the number manageable for your project team to map out?

    How do I prioritize which personas to create?

    The identified personas should generate the most revenue – or provide a significant opportunity – for your business. Here are some questions that you should ask:

    • Are the personas prioritized based on the revenue they generate for the business?
    • Is the persona prioritization process considering both the present and future revenues the persona is generating?

    Sample: persona for e-commerce platform

    Example

    Persona quote: “After I call the company about the widget, I would usually go onto the company’s website and look at further details about the product. How am I supposed to do so when it is so hard to find the company’s website on everyday search engines, such as Google, Yahoo, or Bing?”

    Michael is a middle-aged manager working in the financial district. He wants to buy the company’s widgets for use in his home, but since he is distrusting of online shopping, he prefers to call the company’s call center first. Afterwards, if Michael is convinced by the call center representative, he will look at the company’s website for further research before making his purchase.

    Michael does not have a lot of free time on his hands, and tries to make his free time as relaxing as possible. Due to most of his work being client-facing, he is not in front of a computer most of the time during his work. As such, Michael does not consider himself to be skilled with technology. Once he makes the decision to purchase, Michael will conduct online transactions and pay most delivery costs due to his shortage of time.

    Needs:

    • Easy-to-find website and widget information.
    • Online purchasing and delivery services.
    • Answer to his questions about the widget.
    • To maintain contact post-purchase for easy future transactions.

    Info-Tech Tip

    The quote attached to a persona should be from actual quotes that your customers have used when you reviewed your voice of the customer (VoC) surveys or focus groups to drive home the impact of their issues with your company.

    1.1.1 Activity: Build personas for your key customers that you’ll need to support via traditional and e-commerce channels

    1 hour

    1. In two to four groups, list all the major, target customer personas that need to be built. In doing so, consider the people who interact with your e-commerce site (or other channels) most often.
    2. Build a demographic profile for each customer persona. Include information such as age, geographic location, occupation, and annual income.
    3. Augment the persona with a psychographic profile. Consider the goals and objectives of each customer persona and how these might inform buyer behaviors.
    4. Introduce your group’s personas to the entire group, in a round-robin fashion, as if you are introducing your persona at a party.
    5. Summarize the personas in a persona map. Rank your personas according to importance and remove any duplicates.
    6. Use Info-Tech’s Create Personas to Drive Omnichannel Requirements Template to assist.

    Info-Tech Insight

    Persona building is typically used for understanding the external customer; however, if you need to gain a better understanding of the organization’s internal customers (those who will be interacting with the e-commerce platform), personas can also be built for this purpose. Examples of useful internal personas are sales managers, brand managers, and customer service directors.

    1.1.1 Activity: Build personas for your key customers that you’ll need to support via traditional and e-commerce channels (continued)

    Input

    • Customer demographics and psychographics

    Output

    • List of prioritized customer personas

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project team

    Build use-case scenarios to model the transactional customer journey and inform drivers for your commerce strategy

    A use-case scenario is a story or narrative that helps explore the set of interactions that a customer has with an organization. Scenario mapping will help identify key business and technology drivers as well as more granular functional requirements for POS or e-commerce platform selection.

    A GOOD SCENARIO…

    • Describes specific task(s) that need to be accomplished.
    • Describes user goals and motivations.
    • Describes interactions with a compelling but not overwhelming amount of detail.
    • Can be rough, as long as it provokes ideas and discussion.

    SCENARIOS ARE USED TO...

    • Provide a shared understanding about what a user might want to do and how they might want to do it.
    • Help construct the sequence of events that are necessary to address in your user interface(s).

    TO CREATE GOOD SCENARIOS…

    • Keep scenarios high level, not granular, in nature.
    • Identify as many scenarios as possible. If you’re time constrained, try to develop two to three key scenarios per persona.
    • Sketch each scenario out so that stakeholders understand the goal of the scenario.

    1.1.2 Exercise: Build commerce user scenarios to understand what you want your customers to do from a transactional viewpoint

    1 hour

    Example

    Simplified E-Commerce Workflow Purchase Products

    This image contains an example of a Simplified E-Commerce Workflow Purchase Products

    Step 1.2

    Create Key Drivers and Metrics

    This step will walk you through the following activities:

    • Create the business drivers you need to enable with your commerce strategy.
    • Enumerate metrics to track the efficacy of your commerce strategy.

    Identify Critical Drivers for Your Omnichannel Commerce Strategy

    This step involves the following participants:

    • Business stakeholders (Sales, Marketing)
    • IT project team

    Outcomes of this step:

    • Business drivers for the commerce strategy
    • Metrics and key performance indicators for the commerce strategy

    1.2 Finish elaboration of your scenarios and map them to your personas: identify core business drivers for commerce

    1.5 hours

    1. List all commerce scenarios required to satisfy the immediate needs of your personas.
      1. Does the use-case scenario address commonly felt user challenges?
      2. Can the scenario be used by those with changing behaviors and tendencies?
    2. Look for recurring themes in use-case scenarios (for example, increasing average transaction cost through better product recommendations) and identify business drivers: drivers are common thematic elements that can be found across multiple scenarios. These are the key principles for your commerce strategy.
    3. Prioritize your use cases by leveraging the priorities of your business drivers.

    Example

    This is an example of how step 1.2 can help you identify business drivers

    1.2 Finish elaboration of your scenarios and map them to your personas: identify core business drivers for commerce (continuation)

    Input

    • User personas

    Output

    • List of use cases
    • Alignment of use cases to business objectives

    Materials

    • Whiteboard
    • Markers

    Participants

    • Business Analyst
    • Developer
    • Designer

    Show the benefits of commerce solution deployment with metrics aimed at both overall efficacy and platform adoption

    The ROI and perceived value of the organization’s e-commerce and POS solutions will be a critical indication of the success of the suite’s selection and implementation.

    Commerce Strategy and Technology Adoption Metrics

    EXAMPLE METRICS

    Commerce Performance Metrics

    Average revenue per unique transaction

    Quantity and quality of commerce insights

    Aggregate revenue by channel

    Unique customers per channel

    Savings from automated processes

    Repeat customers per channel

    User Adoption and Business Feedback Metrics

    User satisfaction feedback

    User satisfaction survey with technology

    Business adoption rates

    Application overhead cost reduction

    Info-Tech Insight

    Even if e-commerce metrics are difficult to track right now, the implementation of a dedicated e-commerce platform brings access to valuable customer intelligence from data that was once kept in silos.

    Phase 2

    Map Drivers to the Right Channels and Technologies

    2.1 Build the Commerce Channel Matrix

    2.2 Review Technology and Trends Primer

    Enable Omnichannel Commerce That Delights Your Customers

    Step 2.1

    Build the Commerce Channel Matrix

    This step will walk you through the following activities:

    • Based on your business drivers, create a blended mix of e-commerce channels that will suit your organization’s and customers’ needs.

    Map Drivers to the Right Channels and Technologies

    This step involves the following participants:

    • Business stakeholders (Sales, Marketing)
    • IT project team

    Outcomes of this step:

    • Commerce channel map

    Pick the transactional channels that align with your customer personas and enable your target scenarios and drivers

    Traditional Channels

    E-Commerce Channels

    Hybrid Channels

    Physical stores (brick and mortar) are the mainstay of retailers selling tangible goods – some now also offer intangible service delivery.

    E-commerce websites as exemplified by services like Amazon are accessible by a browser and deliver both goods and services.

    Online ordering/in-store fulfilment is a model whereby customers can place orders online but pick the product up in store.

    Telesales allows customers to place orders over the phone. This channel has declined in favor of mobile commerce via smartphone apps.

    Mobile commerce allows customers to shop through a dedicated, native mobile application on a smartphone or tablet.

    IoT-enabled smart carts/bags allow customers to shop in store, but check-out payments are handled by a mobile application.

    Mail order allows customers to send (”snail”) mail orders. A related channel is fax orders. Both have diminished in favor of e-commerce.

    Social media embedded shopping allows customers to order products directly through services such as Facebook.

    Info-Tech Insight

    Your channel selections should be driven by customer personas and scenarios. For example, social media may be extensively employed by some persona types (i.e. millennials) but see limited adoption in other demographics or use cases (i.e. B2B).

    2.1 Activity: Build your commerce channel matrix

    30 minutes

    1. Inventory which transactional channels are currently used by your firm (segment by product lines if variation exists).
    2. Interview product leaders, sales leaders, and marketing managers to determine if channels support transactional capabilities or are used for marketing and service delivery.
    3. Review your customer personas, scenarios, and drivers and assess which of the channels you will use in the future to sell products and services. Document below.

    Example: Commerce Channel Map

    Product Line A Product Line B Product Line C
    Currently Used? Future Use? Currently Used? Future Use? Currently Used? Future Use?
    Store Yes Yes No No No No
    Kiosk Yes No No No No No
    E-Commerce Site/Portal No Yes Yes Yes Yes Yes
    Mobile App No No Yes Yes No Yes
    Embedded Social Yes Yes Yes Yes Yes Yes

    Input

    • Personas, scenarios, and driver

    Output

    • Channel map

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project team

    Step 2.2

    Review Technology and Trends Primer

    This step will walk you through the following activities:

    • Review the scope of e-commerce and POS solutions and understand key drivers impacting e-commerce and traditional commerce.

    Map Drivers to the Right Channels and Technologies

    This step involves the following participants:

    • Business stakeholders (Sales, Marketing)
    • IT project team

    Outcomes of this step:

    • Understanding of key technologies
    • Understanding of key trends

    Application spotlight: e-commerce platforms

    How It Enables Your Strategy

    • Modern e-commerce platforms provide capabilities for end-to-end orchestration of online commerce experiences, from product site deployment to payment processing.
    • Some e-commerce platforms are purpose-built for business-to-business (B2B) commerce, emphasizing customer portals and EDI features. Other e-commerce vendors place more emphasis on business-to-consumer (B2C) capabilities, such as product catalog management and executing transactions at scale.
    • There has been an increasing degree of overlap between traditional web experience management solutions and the e-commerce market; for example, in 2018, Adobe acquired Magento to augment its overall web experience offering within Adobe Experience Manager.
    • E-commerce platforms typically fall short when it comes to order fulfilment and logistics; this piece of the puzzle is typically orchestrated via an ERP system or logistics management module.
    • This research provides a starting place for defining e-commerce requirements and selection artefacts.

    Key Trends

    • E-commerce vendors are rapidly supporting a variety of form factors and integration with other channels such as social media. Mobile is sufficiently popular that some vendors and industry commentators refer to it as “m-commerce” to differentiate app-based shopping experiences from those accessed through a traditional browser.
    • Hybrid commerce is driving more interplay between e-commerce solutions and POS.

    E-Commerce KPIs

    Strong e-commerce applications can improve:

    • Bounce Rates
    • Exit Rates
    • Lead Conversion Rates
    • Cart Abandonment Rates
    • Re-Targeting Efficacy
    • Average Cart Size
    • Average Cart Value
    • Customer Lifetime Value
    • Aggregate Reach/Impressions

    Familiarize yourself with the e-commerce market

    How it got here

    Initial Traction as the Dot-Com Era Came to Fruition

    Unlike some enterprise application markets, such as CRM, the e-commerce market appeared almost overnight during the mid-to-late nineties as the dot-com explosion fueled the need to have reliable solutions for executing transactions online.

    Early e-commerce solutions were less full-fledged suites than they were mediums for payment processing and basic product list management. PayPal and other services like Digital River were pioneers in the space, but their functionality was limited vis-à-vis tools such as web content management platforms, and their ability to amalgamate and analyze the data necessary for dynamic personalization and re-targeting was virtually non-existent.

    Rapidly Expanding Scope of Functional Capabilities as the Market Matured

    As marketers became more sophisticated and companies put an increased focus on customer experience and omnichannel interaction, the need arose for platforms that were significantly more feature rich than their early contemporaries. In this context, vendors such as Shopify and Demandware stepped into the limelight, offering far richer functionality and analytics than previous offerings, such as asset management, dynamic personalization, and the ability to re-target customers who abandoned their carts.

    As the market has matured, there has also been a series of acquisitions of some players (for example, Demandware by Salesforce) and IPOs of others (i.e. Shopify). Traditional payment-oriented services like PayPal still fill an important niche, while newer entrants like Square seek to disrupt both the e-commerce market and point-of-sale solutions to boot.

    Familiarize yourself with the e-commerce market

    Where it’s going

    Support for a Proliferation of Form Factors and Channels

    Modern e-commerce solutions are expanding the number of form factors (smartphones, tablets) they support via both responsive design and in-app capabilities. Many platforms now also support embedded purchasing options in non-owned channels (for example, social media). With the pandemic leading to a heightened affinity for online shopping, the importance of fully using these capabilities has been further emphasized.

    AI and Machine Learning

    E-commerce is another customer experience domain ripe for transformation via the potential of artificial intelligence. Machine learning algorithms are being used to enhance the effectiveness of dynamic personalization of product collateral, improve the accuracy of product recommendations, and allow for more effective re-targeting campaigns of customers who did not make a purchase.

    Merger of Online Commerce and Traditional Point-of-Sale

    Many e-commerce vendors – particularly the large players – are now going beyond traditional e-commerce and making plays into brick-and-mortar environments, offering point-of-sale capabilities and the ability to display product assets and customizations via augmented reality – truly blending the physical and virtual shopping experience.

    Emphasis on Integration with the Broader Customer Experience Ecosystem

    The big names in e-commerce recognize they don’t live on an island: out-of-the-box integrations with popular CRM, web experience, and marketing automation platforms have been increasing at a breakneck pace. Support for digital wallets has also become increasingly popular, with many vendors integrating contactless payment technology (i.e. Apple Pay) directly into their applications.

    E-Commerce Vendor Snapshot: Part 1

    Mid-Market E-Commerce Solutions

    This image contains the logos for the following Companies: Magento; Spryker; Bigcommerce; Woo Commerce; Shopify

    E-Commerce Vendor Snapshot: Part 2

    Large Enterprise and Full-Suite E-Commerce Platforms

    This image contains the logos for the following Companies: Salesforce commerce cloud; Oracle Commerce Cloud; Adobe Commerce Cloud; Sitecore; Sap Hybris Commerce

    Speak with category experts to dive deeper into the vendor landscape

    • Fact-based reviews of business software from IT professionals.
    • Product and category reports with state-of-the-art data visualization.
    • Top-tier data quality backed by a rigorous quality assurance process.
    • User-experience insight that reveals the intangibles of working with a vendor.

    Software Reviews is powered by Info-Tech

    Technology coverage is a priority for Info-Tech, and SoftwareReviews provides the most comprehensive unbiased data on today’s technology. The insights of our expert analysts provide unparalleled support to our members at every step of their buying journey.

    CLICK HERE to access SoftwareReviews Comprehensive software reviews to make better IT decisions.

    We collect and analyze the most detailed reviews on enterprise software from real users to give you an unprecedented view into the product and vendor before you buy.

    Evaluate software category leaders through vendor rankings and awards

    SoftwareReviews

    This is an image of the data quarant report

    The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.

    This is an image of the data quarant report chart

    Vendors are ranked by their Composite Score, based on individual feature evaluations, user satisfaction rankings, vendor capability comparisons, and likeliness to recommend the platform.

    This is a image of the Emotional Footprint Report

    The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.

    This is a image of the Emotional Footprint Report chart

    Vendors are ranked by their Customer Experience (CX) Score, which combines the overall Emotional Footprint rating with a measure of the value delivered by the solution.

    Leading B2B E-Commerce Platforms

    As of February 2022

    Data Quadrant

    This image contains a screenshot of the Data Quadrant chart for B2B E-commerce

    Emotional Footprint

    This image contains a screenshot of the Emotional Footprint chart for B2B E-commerce

    Leading B2C E-Commerce Platforms

    As of February 2022

    Data Quadrant

    This image contains a screenshot of the Data Quadrant chart for B2C E-commerce

    Emotional Footprint

    This image contains a screenshot of the Emotional Footprint chart for B2C E-commerce

    Application spotlight: point-of-sale solutions

    How It Enables Your Strategy

    • Point-of-sale solutions provide capabilities for cash register/terminal management, transaction processing, and lightweight inventory management.
    • Many POS vendors also offer products that have the ability to create orders from EDI, phone, or fax channels.
    • An increasing emphasis has been placed on retail analytics by POS vendors – providing reporting and analysis tools to help with inventory planning, promotion management, and product recommendations.
    • Integration of POS systems with a central customer data warehouse or other system of record for customer information allows for the ability to build richer customer profiles and compare shopping habits in physical stores against other transactional channels that are offered.
    • POS vendors often offer (or integrate with) loyalty management solutions to track, manage, and redeem loyalty points. See this note on loyalty management systems.
    • Legacy and/or homegrown POS systems tend to be an area of frustration for customer experience management modernization.

    Key Trends

    • POS solutions are moving from “cash-register-only” solutions to encompass mobile POS form factors like smartphones and tablets. Vendors such as Square have experienced tremendous growth in opening up the market via “mPOS” platforms that have lower costs to entry than the traditional hardware needed to support full-fledged POS solutions.
    • This development puts robust POS toolsets in the hands of small and medium businesses that otherwise would be priced out of the market.

    POS KPIs

    Strong POS applications can improve:

    • Customer Data Collection
    • Inventory or Cash Shrinkage
    • Cost per Transaction
    • Loyalty Program Administration Costs
    • Cycle Time for Transaction Execution

    Point-of-Sales Vendor Snapshot: Part 1

    Mid-Market POS Solutions

    This image contains the following company Logos: Square; Shopify; Vend; Heartland|Retail

    Point-of-Sales Vendor Snapshot: Part 2

    Large Enterprise POS Platforms

    This image contains the following Logos: Clover; Oracle Netsuite; RQ Retail Management; Salesforce Commerce Cloud; Korona

    Leading Retail POS Systems

    As of February 2022

    Data Quadrant

    This is an image of the Data Quadrant Chart for the Leading Retail Pos Systems

    Emotional Footprint

    This is an image of the Emotional Footprint chart for the Leading Retail POS Systems

    Summary of Accomplishment

    Knowledge Gained

    • Commerce channel framework
    • Customer affinities
    • Commerce channel overview
    • Commerce-enabling technologies

    Processes Optimized

    • Persona definition for commerce strategy
    • Persona channel shortlist

    Deliverables Completed

    • Customer personas
    • Commerce user scenarios
    • Business drivers for traditional commerce and e-commerce
    • Channel matrix for omnichannel commerce

    Bibliography

    “25 Amazing Omnichannel Statistics Every Marketer Should Know (Updated for 2021).” V12, 29 June 2021. Accessed 12 Jan. 2022.

    “Amazon Go.” Amazon, n.d. Web.

    Andersen, Derek. “33 Statistics Retail Marketers Need to Know in 2021.” Invoca, 19 July 2021. Accessed 12 Jan. 2022.

    Andre, Louie. “115 Critical Customer Support Software Statistics: 2022 Market Share Analysis & Data.” FinancesOnline, 14 Jan. 2022. Accessed 25 Jan. 2022.

    Chuang, Courtney. “The future of support: 5 key trends that will shape customer care in 2022.” Intercom, 10 Jan. 2022. Accessed 11 Jan. 2022.

    Cramer-Flood, Ethan. “Global Ecommerce Update 2021.” eMarketer, 13 Jan. 2021. Accessed 12 Jan. 2022.

    Cramer-Flood, Ethan. “Spotlight on total global retail: Brick-and-mortar returns with a vengeance.” eMarketer, 3 Feb. 2022. Accessed 12 Apr. 2022.

    Fox Rubin, Ben. “Amazon now operates seven different kinds of physical stores. Here's why.” CNET, 28 Feb. 2020. Accessed 12 Jan. 2022.

    Krajewski, Laura. “16 Statistics on Why Omnichannel is the Future of Your Contact Center and the Foundation for a Top-Notch Competitive Customer Experience.” Business 2 Community, 10 July 2020. Accessed 11 Jan. 2022.

    Manoff, Jill. “Fun and convenience: CEO Nany Green on Old Navy’s priorities for holiday.” Glossy, 8 Dec. 2020. Accessed 12 Jan. 2022.

    Meola, Andrew. “Rise of M-Commerce: Mobile Ecommerce Shopping Stats & Trends in 2021.” Insider, 30 Dec. 2020. Accessed 12 Jan. 2022.

    “Outdoor apparel retailer Icebreaker uses AI to exceed shopper expectations.” Salesforce, n.d.(a). Accessed 20 Jan. 2022.

    “Personas.” Usability.gov., n.d. Web. 28 Aug. 2018.

    “PetSmart – Why Commerce Cloud?” Salesforce, n.d.(b). Web. 30 April 2018.

    Toor, Meena. “Customer expectations: 7 Types all exceptional researchers must understand.” Qualtrics, 3 Dec. 2020. Accessed 11 Jan. 2022.

    Westfall, Leigh. “Omnichannel vs. multichannel: What's the difference?” RingCentral, 10 Sept. 2021. Accessed 11 Jan. 2022.

    “Worldwide ecommerce will approach $5 trillion this year.” eMarketer, 14 Jan. 2021. Accessed 12 Jan. 2022.

    Create a Customized Big Data Architecture and Implementation Plan

    • Buy Link or Shortcode: {j2store}388|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management
    • Big data architecture is different from traditional data for several key reasons, including:
      • Big data architecture starts with the data itself, taking a bottom-up approach. Decisions about data influence decisions about components that use data.
      • Big data introduces new data sources such as social media content and streaming data.
      • The enterprise data warehouse (EDW) becomes a source for big data.
      • Master data management (MDM) is used as an index to content in big data about the people, places, and things the organization cares about.
      • The variety of big data and unstructured data requires a new type of persistence.
    • Many data architects have no experience with big data and feel overwhelmed by the number of options available to them (including vendor options, storage options, etc.). They often have little to no comfort with new big data management technologies.
    • If organizations do not architect for big data, there are a couple of main risks:
      • The existing data architecture is unable to handle big data, which will eventually result in a failure that could compromise the entire data environment.
      • Solutions will be selected in an ad hoc manner, which can cause incompatibility issues down the road.

    Our Advice

    Critical Insight

    • Before beginning to make technology decisions regarding the big data architecture, make sure a strategy is in place to document architecture principles and guidelines, the organization’s big data business pattern, and high-level functional and quality of service requirements.
    • The big data business pattern can be used to determine what data sources should be used in your architecture, which will then dictate the data integration capabilities required. By documenting current technologies, and determining what technologies are required, you can uncover gaps to be addressed in an implementation plan.
    • Once you have identified and filled technology gaps, perform an architectural walkthrough to pull decisions and gaps together and provide a fuller picture. After the architectural walkthrough, fill in any uncovered gaps. A proof-of-technology project can be started as soon as you have evaluation copies (or OSS) products and at least one person who understands the technology.

    Impact and Result

    • Save time and energy trying to fix incompatibilities between technology and data.
    • Allow the Data Architect to respond to big data requests from the business more quickly.
    • Provide the organization with valuable insights through the analytics and visualization technologies that are integrated with the other building blocks.

    Create a Customized Big Data Architecture and Implementation Plan Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Recognize the importance of big data architecture

    Big data is centered on the volume, variety, velocity, veracity, and value of data. Achieve a data architecture that can support big data.

    • Storyboard: Create a Customized Big Data Architecture and Implementation Plan

    2. Define architectural principles and guidelines while taking into consideration maturity

    Understand the importance of a big data architecture strategy. Assess big data maturity to assist with creation of your architectural principles.

    • Big Data Maturity Assessment Tool
    • Big Data Architecture Principles & Guidelines Template

    3. Build the big data architecture

    Come to accurate big data architecture decisions.

    • Big Data Architecture Decision Making Tool

    4. Determine common services needs

    What are common services?

    5. Plan a big data architecture implementation

    Gain business satisfaction with big data requests. Determine what steps need to be taken to achieve your big data architecture.

    • Big Data Architecture Initiative Definition Tool
    • Big Data Architecture Initiative Planning Tool

    Infographic

    Workshop: Create a Customized Big Data Architecture and Implementation Plan

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Recognize the Importance of Big Data Architecture

    The Purpose

    Set expectations for the workshop.

    Recognize the importance of doing big data architecture when dealing with big data.

    Key Benefits Achieved

    Big data defined.

    Understanding of why big data architecture is necessary.

    Activities

    1.1 Define the corporate strategy.

    1.2 Define big data and what it means to the organization.

    1.3 Understand why doing big data architecture is necessary.

    1.4 Examine Info-Tech’s Big Data Reference Architecture.

    Outputs

    Defined Corporate Strategy

    Defined Big Data

    Reference Architecture

    2 Design a Big Data Architecture Strategy

    The Purpose

    Identification of architectural principles and guidelines to assist with decisions.

    Identification of big data business pattern to choose required data sources.

    Definition of high-level functional and quality of service requirements to adhere architecture to.

    Key Benefits Achieved

    Key Architectural Principles and Guidelines defined.

    Big data business pattern determined.

    High-level requirements documented.

    Activities

    2.1 Discuss how maturity will influence architectural principles.

    2.2 Determine which solution type is best suited to the organization.

    2.3 Define the business pattern driving big data.

    2.4 Define high-level requirements.

    Outputs

    Architectural Principles & Guidelines

    Big Data Business Pattern

    High-Level Functional and Quality of Service Requirements Exercise

    3 Build a Big Data Architecture

    The Purpose

    Establishment of existing and required data sources to uncover any gaps.

    Identification of necessary data integration requirements to uncover gaps.

    Determination of the best suited data persistence model to the organization’s needs.

    Key Benefits Achieved

    Defined gaps for Data Sources

    Defined gaps for Data Integration capabilities

    Optimal Data Persistence technology determined

    Activities

    3.1 Establish required data sources.

    3.2 Determine data integration requirements.

    3.3 Learn which data persistence model is best suited.

    3.4 Discuss analytics requirements.

    Outputs

    Data Sources Exercise

    Data Integration Exercise

    Data Persistence Decision Making Tool

    4 Plan a Big Data Architecture Implementation

    The Purpose

    Identification of common service needs and how they differ for big data.

    Performance of an architectural walkthrough to test decisions made.

    Group gaps to form initiatives to develop an Initiative Roadmap.

    Key Benefits Achieved

    Common service needs identified.

    Architectural walkthrough completed.

    Initiative Roadmap completed.

    Activities

    4.1 Identify common service needs.

    4.2 Conduct an architectural walkthrough.

    4.3 Group gaps together into initiatives.

    4.4 Document initiatives on an initiative roadmap.

    Outputs

    Architectural Walkthrough

    Initiative Roadmap

    Service Management Integration With Agile Practices

    • Buy Link or Shortcode: {j2store}400|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Service Management
    • Parent Category Link: /service-management

    • Work efficiently and in harmony with Agile and service management to deliver business value.
    • Optimize the value stream of services and products.
    • Leverage the benefits of each practice.
    • Create a culture of collaboration to support a rapidly changing business.

    Our Advice

    Critical Insight

    Agile and Service Management are not necessarily at odds; find the integration points to solve specific problems.

    Impact and Result

    • Optimize the value stream of services and products.
    • Work efficiently and in harmony with Agile and service management to deliver business value.
    • Create a culture of collaboration to support a rapidly changing business.

    Service Management Integration With Agile Practices Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Service Management Integration With Agile Practices Storyboard – Use this deck to understand the integration points and how to overcome common challenges.

    Understand how service management integrates with Agile software development practices, and how to solve the most common challenges to work efficiently and deliver business value.

    • Service Management Integration With Agile Practices Storyboard

    2. Service Management Stakeholder Register Template – Use this tool to identify and document Service Management stakeholders.

    Use this tool to identify your stakeholders to engage when working on the service management integration.

    • ITSM Stakeholder Register Template

    3. Service Management Integration With Agile Practices Assessment Tool – Use this tool to identify key challenging integration points in your organization.

    Use this tool to identify which of your current practices might already be aligned with Agile mindset and which might need adjustment. Identify integration challenges with the current service management practices.

    • Service Management Integration With Agile Practices Assessment Tool
    [infographic]

    Further reading

    Service Management Integration With Agile Practices

    Understand how Agile transformation affects service management

    Analyst Perspective

    Don't forget about operations

    Many organizations believe that once they have implemented Agile that they no longer need any service management framework, like ITIL. They see service management as "old" and a roadblock to deliver products and services quickly. The culture clash is obvious, and it is the most common challenge people face when trying to integrate Agile and service management. However, it is not the only challenge. Agile methodologies are focused on optimized delivery. However, what happens after delivery is often overlooked. Operations may not receive proper communication or documentation, and processes are cumbersome or non-existent. This is a huge paradox if an organization is trying to become nimbler. You need to find ways to integrate your Agile practices with your existing Service Management processes.

    This is a picture of Renata Lopes

    Renata Lopes
    Senior Research Analyst
    Organizational Transformation Practice
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • Work efficiently and in harmony with Agile and service management to deliver business value.
    • Optimize the value stream of services and products.
    • Leverage the benefits of each practice.
    • Create a culture of collaboration to support a rapidly changing business.

    Common Obstacles

    • Culture clashes.
    • Inefficient or inexistent processes.
    • Lack of understanding of what Agile and service management mean.
    • Leadership doesn't understand the integration points of practices.
    • Development overlooks the operations requirement.

    Info-Tech's Approach

    • When integrating Agile and service management practices start by understanding the key integration points:
    • Processes
    • People and resources
    • Governance and org structure

    Info-Tech Insight

    Agile and Service Management are not necessarily at odds Find the integration points to solve specific problems.

    Your challenge

    Deliver seamless business value by integrating service management and Agile development.

    • Understand how Agile development impacts service management.
    • Identify bottlenecks and inefficiencies when integrating with service management.
    • Connect teams across the organization to collaborate toward the organizational goals.
    • Ensure operational requirements are considered while developing products in an Agile way.
    • Stay in alignment when designing and delivering services.

    The most significant Agile adoption barriers

    46% of respondents identified inconsistent processes and practices across teams as a challenge.
    Source: Digital.ai, 2021

    43% of respondents identified Culture clashes as a challenge.
    Source: Digital.ai, 2021

    What is Agile?

    Agile development is an umbrella term for several iterative and incremental development methodologies to develop products.

    In order to achieve Agile development, organizations will adopt frameworks and methodologies like Scaled Agile Framework (SAFe), Scrum, Large Scaled Scrum (LeSS), DevOps, Spotify Way of Working (WoW), etc.

    • DevOps
    • WoW
    • SAFe
    • Scrum
    • LeSS

    Decide if You Are Ready for SAFe

    • Buy Link or Shortcode: {j2store}355|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • Complex application landscapes require delivery teams to work together and coordinate changes across multiple product lines and releases.
    • Leadership wants to balance strategic goals with localized prioritization of changes.
    • Traditional methodologies are not well suited to support enterprise agility: Scrum doesn’t scale easily, and Waterfall is too slow and risky.

    Our Advice

    Critical Insight

    SAFe’s popularity is largely due to its structural resemblance to enterprise portfolio and project planning with top-down prioritization and decision making. This directly conflicts with Agile’s purpose and principles of empowerment and agility.

    • Poor culture, processes, governance, and leadership will disrupt any methodology. Many drivers for SAFe could be solved by improving and standardizing development and release management within current methodologies.
    • Few organizations are capable or should be applying a pure SAFe framework. Successful organizations have adopted and modified SAFe frameworks to best fit their needs, teams, value streams, and maturity.

    Impact and Result

    • Start with a clear understanding of your needs, constraints, goals, and culture.
      • Start with an Agile readiness assessment. Agile is core to value realization.
      • Take the time to determine your drivers and goals.
      • If SAFe is right for you, selecting the right implementation partner is key.
    • Plan SAFe as a long-term enterprise cultural transformation requiring changes at all levels.

    Decide if You Are Ready for SAFe Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Decide if You Are Ready for SAFe Storyboard – Research to help you understand where SAFe fits into delivery methodologies and determine if SAFe is right for your organization.

    This deck will guide you to define your primary drivers for SAFe, assess your Agile readiness, define enablers and blockers, estimate implementation risk, and start your SAFe implementation plan.

    • Decide if You Are Ready for SAFe Storyboard

    2. Scaled Agile Readiness Assessment – A tool to conduct an Agile readiness survey.

    Start your journey with a clear understanding about the level of Agile and product maturity throughout the organization. Each area that lacks strength should be evaluated further and added to your journey map.

    • Scaled Agile Readiness Assessment

    3. SAFe Transformation Playbook – A template to build a change management plan to guide your transition.

    Define clear ownership for every critical step.

    • SAFe Transformation Playbook
    [infographic]

    Workshop: Decide if You Are Ready for SAFe

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand where SAFe fits into delivery methodologies and SDLCs

    The Purpose

    Understand what is driving your proposed SAFe transformation and if it is the right framework for your organization.

    Key Benefits Achieved

    Better understanding of your scaled agile needs and drivers

    Activities

    1.1 Define your primary drivers for SAFe.

    1.2 Create your own list of pros and cons of SAFe.

    Outputs

    List of primary drivers for SAFe

    List of pros and cons of SAFe

    2 Determine if you are ready for SAFe

    The Purpose

    Identify factors influencing a SAFe implementation and ensure teams are aware and prepared.

    Key Benefits Achieved

    Starting understanding of your organization’s readiness to implement a SAFe framework

    Activities

    2.1 Assess your Agile readiness.

    2.2 Define enablers and blockers of scaling Agile delivery.

    2.3 Estimate your SAFe implementation risk.

    2.4 Start your SAFe implementation plan.

    Outputs

    Agile readiness assessment results

    List of enablers and blockers of scaling Agile delivery

    Estimated SAFe implementation risk

    High-level SAFe implementation plan template

    Further reading

    Decide if You Are Ready for SAFe

    Approach the Scaled Agile Framework (SAFe) with open eyes and an open wallet.

    Analyst Perspective

    Ensure that SAFe is the right move before committing.

    Waterfall is dead. Or obsolete at the very least.

    Organizations cannot wait months or years for product, service, application, and process changes. They need to embrace business agility to respond to opportunities more quickly and deliver value sooner. Agile established values and principles that have promoted smaller cycle times, greater connections between teams, improved return on investment (ROI) prioritization, and improved team empowerment.

    Where organizations continue to struggle is matching localized Scrum teams with enterprise initiatives. This struggle is compounded by legacy executive planning cycles, which undermine Agile team authority. SAFe has provided a series of frameworks to help organizations deal with these issues. It combines enterprise planning and alignment with cross-team collaboration.

    Don't rely on popularity or marketing to make your scaled Agile decision. SAFe is a highly disruptive transformation, and it requires extensive training, coaching, process changes, and time to implement. Without the culture shift to an Agile mindset at all levels, SAFe becomes a mirror of Waterfall processes dressed in SAFe names. Furthermore, SAFe itself will not fix problems with communication, requirements, development, testing, release, support, or governance. You will still need to fix these problems within the SAFe framework to be successful.

    Hans Eckman, Principal Research Director, Applications Delivery and Management

    Hans Eckman
    Principal Research Director, Applications Delivery and Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge Common Obstacles Info-Tech's Approach
    • Complex application landscapes require delivery teams to work together and coordinate changes across multiple product lines and releases.
    • Leadership wants to maintain executive strategic planning with faster delivery of changes.
    • Traditional methodologies are not well suited to support enterprise agility.
      • Waterfall is too slow, inefficient, and full of accumulated risk.
      • Scrum is not easy to scale and requires behavioral changes.
    • Enterprise transformations are never fast or easy, and SAFe is positioned as a complete replacement of your delivery practices.
    • Teams struggle with SAFe's rigid framework, interconnected methodologies, and new terms.
    • Few organizations are successful at implementing a pure SAFe framework.
    • Organizations without scaled product families have difficulties organizing SAFe teams into proper value streams.
    • Team staffing and stability are hard to resolve.
    Start with a clear understanding of your needs, constraints, goals, and culture.
    • Developing an Agile mindset is core to value realization. Start with Info-Tech's Agile Readiness Assessment.
    • Take the time to identify your drivers and goals.
    • If SAFe is right for you, build a transformation plan and select the right implementation partner.
    Plan SAFe as a long-term enterprise cultural transformation, requiring changes at all levels.

    Info-Tech Insight
    SAFe is a highly disruptive enterprise transformation, and it won't solve your organizational delivery challenges by itself. Start with an open mind, and understand what is needed to support a multi-year cultural transition. Decide how far and how fast you are willing to transform, and make sure that you have the right transformation and coaching partner in place. There is no right software development lifecycle (SDLC) or methodology. Find or create the methodology that best aligns to your needs and goals.

    Agile's Four Core Values

    "...while there is value in the items on the right, we value the items on the left more."
    - The Agile Manifesto

    STOP! If you're not Agile, don't start with SAFe.

    Agile over SAFe

    Successful SAFe requires an Agile mindset at all levels.

    Be aware of common myths around Agile and SAFe

    SAFe does not...

    1...solve development and communication issues.

    2...ensure that you will finish requirements faster.

    3...mean that you do not need planning and documentation.

    "Without proper planning, organizations can start throwing more resources at the work, which spirals into the classic Waterfall issues of managing by schedule."
    – Kristen Morton, Associate Implementation Architect,
    OneShield Inc. (Info-Tech Interview)

    Info-Tech Insight
    Poor culture, processes, governance, and leadership will disrupt any methodology. Many drivers for SAFe could be solved by improving and standardizing development and release management within current methodologies.

    Review the drivers that are motivating your organization to adopt and scale Agile practices

    Functional groups have their own drivers to adopt Agile development processes, practices, and techniques (e.g. to improve collaboration, decrease churn, or increase automation). Their buy-in to scaling Agile is just as important as the buy-in of stakeholders.

    If a group's specific needs and drivers are not addressed, its members may develop negative sentiments toward Agile development. These negative sentiments can affect their ability to see the benefits of Agile, and they may return to their old habits once the opportunity arises.

    It is important to find opportunities in which both business objectives and functional group drivers can be achieved by scaling Agile development. This can motivate teams to continuously improve and adhere to the new environment, and it will maintain business buy-in. It can also be used to justify activities that specifically address functional group drivers.

    Examples of Motivating Drivers for Scaling Agile

    • Improve artifact handoffs between development and operations.
    • Increase collaboration among development teams.
    • Reveal architectural and system risks early.
    • Expedite the feedback loop from support.
    • Improve capacity management.
    • Support development process innovation.
    • Create a safe environment to discuss concerns.
    • Optimize value streams.
    • Increase team engagement and comradery.

    Don't start with scaled Agile!

    Scaling Agile is a way to optimize product management and product delivery in application lifecycle management practices. Do not try to start with SAFe when the components are not yet in place.

    Scaled Agile


    Thought model describing how Agile connects Product Management to Product Delivery to elevate the entire Solution Lifecycle.

    Scale Agile delivery to improve cross-functional dependencies and releases

    Top Business Concerns When Scaling Agile

    1 Organizational Culture: The current culture may not support team empowerment, learning from failure, and other Agile principles. SAFe also allows top-down decisions to persist.

    2 Executive Support: Executives may not dedicate resources, time, and effort into removing obstacles to scaling Agile because of lack of business buy-in.

    3 Team Coordination: Current collaboration structures may not enable teams and stakeholders to share information freely and integrate workflows easily.

    4 Business Misalignment: Business vision and objectives may be miscommunicated early in development, risking poorly planned and designed initiatives and low-quality products.

    Extending collaboration is the key to success.

    Uniting stakeholders and development into a single body is the key to success. Assess the internal and external communication flow and define processes for planning and tracking work so that everyone is aware of how to integrate, communicate, and collaborate.

    The goal is to enable faster reaction to customer needs, shorter release cycles, and improved visibility of the project's progress with cross-functional and diverse conversations.

    Advantages of successful SAFe implementations

    Once SAFe is complete and operational, organizations have seen measurable benefits:

    • Multiple frameworks to support different levels of SAFe usage
    • Deliberate and consistent planning and coordination
    • Coordinating dependencies within value streams
    • Reduced time to delivery
    • Focus on customers and end users
    • Alignment to business goals and value streams
    • Increased employee engagement

    Sources: TechBeacon, 2019; Medium, 2020; "Benefits," Scaled Agile, 2023;
    "Pros and Cons," PremierAgile, n.d.; "Scaling Agile Challenges," PremierAgile, n.d.

    Advantages of successful SAFe implementations

    Source: "Benefits," Scaled Agile, 2023

    Recognize the difference between Scrum teams and the Scaled Agile Framework (SAFe)

    SAFe provides a framework that aligns Scrum teams into coordinated release trains driven by top-down prioritization.

    Scrum vs SAFe

    Develop Your Agile Approach for a Successful Transformation

    Source: Scaled Agile, Inc.

    Info-Tech's IT Management & Governance Framework

    Info-Tech's IT Management & Governance Framework

    Info-Tech Insight
    SAFe is an enterprise, culture, and process transformation that impacts all IT services. Some areas of Info-Tech's IT Management & Governance Framework have higher impacts and require special attention. Plan to include transformation support for each of these topics during your SAFe implementation. SAFe will not fix broken processes on its own.

    Without adopting an Agile mindset, SAFe becomes Waterfall with SAFe terminology

    Waterfall with SAFe terminology

    Source: Scaled Agile, Inc.

    Info-Tech Insight
    When first implementing SAFe, organizations reproduce their organizational design and Waterfall delivery structures with SAFe terms:

    • Delivery Manager = Release Train Engineer
    • Stakeholder/Sponsor = Product Manager
    • Release = Release Train
    • Project/Program = Project or Portfolio

    SAFe isn't without risks or challenges

    Risks and Causes of Failed SAFe Transformations

    • SAFe conflicts with legacy cultures and delivery processes.
    • SAFe promotes continued top-down decisions, undermining team empowerment.
    • Scaled product families are required to define proper value streams.
    • Team empowerment and autonomy are reduced.
    • SAFe activities are poorly executed.
    • There are high training and coaching costs.
    • Implementation takes a long time.
    • End-to-end delivery management tools aligned to SAFe are required.
    • Legacy delivery challenges are not specifically solved with SAFe.
    • SAFe is designed to work for large-scale development teams.

    Challenges

    • Adjusting to a new set of terms for common roles, processes, and activities
    • Executing planning cycles
    • Defining features and epics at the right level
    • Completing adequate requirements
    • Defining value streams
    • Coordinating releases and release trains
    • Providing consistent quality

    Sources: TechBeacon, 2019; Medium, 2020; "Benefits," Scaled Agile, 2023;
    "Pros and Cons," PremierAgile, n.d.; "Scaling Agile Challenges," PremierAgile, n.d.

    Focus on your core competencies instead

    Before undertaking an enterprise transformation, consider improving the underlying processes that will need to be fixed anyway. Fixing these areas while implementing SAFe compounds the effort and disruption.

    Product Delivery

    Product Management

    "But big-bang transitions are hard. They require total leadership commitment, a receptive culture, enough talented and experienced agile practitioners to staff hundreds of teams without depleting other capabilities, and highly prescriptive instruction manuals to align everyone's approach."
    – "Agile at Scale," Harvard Business Review

    Insight Summary

    Overarching insight
    SAFe is a highly disruptive enterprise transformation, and it will not solve your organizational delivery challenges by itself. Start with an open mind, and understand what is needed to support a multi-year cultural transition. Decide how far and fast you are willing to transform and make sure that you have the right transformation and coaching partner in place.

    SAFe conflicts with core Agile principles.
    The popularity of SAFe is largely due to its structural resemblance to enterprise portfolio and project planning with top-down prioritization and decision-making. This directly conflicts with Agile's purpose and principles of empowerment and agility.

    SAFe and Agile will not solve enterprise delivery challenges.
    Poor culture, processes, governance, and leadership will disrupt any methodology. Many issues with drivers for SAFe could be solved by improving development and release management within current methodologies.

    Most organizations should not be using a pure SAFe framework
    Few organizations are capable of, or should be, applying a pure SAFe framework. Successful organizations have adopted and modified SAFe frameworks to best fit their needs, teams, value streams, and maturity.

    Without an Agile mindset, SAFe will be executed as Waterfall stages using SAFe terminology.
    Groups that "Do Agile" are not likely to embrace the behavioral changes needed to make any scaled framework effective. SAFe becomes a series of Waterfall PIs using SAFe terminology.

    Your transformation does not start with SAFe.
    Start your transition to scaled Agile with a maturity assessment for current delivery practices. Fixing broken process, tools, and teams must be at the heart of your initiative.

    Blueprint Deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Key Deliverable

    SAFe Transformation Playbook

    Build a transformation and organizational change management plan to guide your transition. Define clear ownership for every critical step.

    Scaled Agile Readiness Assessment

    Conduct the Agile readiness survey. Without an Agile mindset, SAFe will follow Waterfall or WaterScrumFall practices.

    Case Study

    Spotify's approach to Agile at scale

    INDUSTRY: Digital Media
    SOURCE: Unified Communications and Collaborations

    Spotify's Scaling Agile Initiative

    With rapid user adoption growth (over 15 million active users in under six years), Spotify had to find a way to maintain an Agile mindset across 30+ teams in three different cities, while maintaining the benefits of cross-functional collaboration and flexibility for future growth.

    Spotify's Approach

    Spotify found a fit-for-purpose way for the organization to increase team autonomy without losing the benefits of cross-team communication from economics of scale. Spotify focused on identifying dependencies that block or slow down work through a mix of reprioritization, reorganization, architectural changes, and technical solutions. The organization embraced dependencies that led to cross-team communication and built in the necessary flexibility to allow Agile to grow with the organization.

    Spotify's scaling Agile initiative used interview processes to identify what each team depended on and how those dependencies blocked or slowed the team.

    Squad refers to an autonomous Agile release team in this case study.

    Case Study

    Suncorp instilled dedicated communication streams to ensure cross-role collaboration and culture.

    INDUSTRY: Insurance
    SOURCE: Agile India, International Conference on Agile and Lean Software Development, 2014

    Challenge Solution Results
    • Suncorp Group wanted to improve delivery and minimize risk. Suncorp realized that it needed to change its project delivery process to optimize business value delivery.
    • With five core business units, over 15,000 employees, and US$96 billion in assets, Suncorp had to face a broad set of project coordination challenges.
    • Suncorp decided to deliver all IT projects using Agile.
    • Suncorp created a change program consisting of five main streams of work, three of which dealt with the challenges specific to Agile culture:
      • People: building culture, leadership, and support
      • Communication: ensuring regular employee collaboration
      • Capabilities: blending training and coaching
    • Sponsorship from management and champions to advocate Agile were key to ensure that everyone was unified in a common purpose.
    • Having a dedicated communication stream was vital to ensure regular sharing of success and failure to enable learning.
    • Having a structured, standard approach to execute the planned culture change was integral to success.

    Case Study

    Nationwide embraces DevOps and improves software quality.

    INDUSTRY: Insurance
    SOURCE: Agile India, International Conference on Agile and Lean Software Development, 2014

    Challenge Solution Results
    • In the past, Nationwide primarily followed a Waterfall development process. However, this method created conflicts between IT and business needs.
    • The organization began transitioning from Waterfall to Agile development. It has seen early successes with Agile: decrease in defects per release and more success in meeting delivery times.
    • Nationwide needed to respond more efficiently to changing market requirements and regulations and to increase speed to market.
    • Nationwide decided to take a DevOps approach to application development and delivery.
    • IT wanted to perform continuous integration and deployment in its environments.
    • Cross-functional teams were organically created, made up of members from the business and multiple IT groups, including development and operations.
    • DevOps allowed Nationwide to be more Agile and more responsive to its customers.
    • Teams were able to perform acceptance testing with their customers in parallel with development. This allowed immediate feedback to help steer the project in the right direction.
    • DevOps improved code quality by 50% over a three-year period and reduced user downtime by 70%.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit Guided Implementation Workshop Consulting
    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1

    Call #1:

    Scope your requirements, objectives, and specific challenges.

    Call #2:

    1.1.1 Define your primary drivers for SAFe.

    1.1.2 Create your own list of pros and cons of SAFe.

    Call #3:

    1.2.1 Assess your Agile readiness.

    1.2.2 Define enablers and blockers for scaling Agile delivery.

    1.2.3 Estimate your SAFe implementation risk.

    Call #4:

    1.2.4 Start your SAFe implementation plan.

    Summarize your results and plan your next steps.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is one to four calls over the course of one to six weeks.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Pre-Planning Step 1.1 Step 1.2
    Identify your stakeholders. Step 1.1 Understand where SAFe fits into your delivery methodologies and SDLCs. Step 1.2 Determine if you are ready for SAFe.
    Activities 1. Determine stakeholders and subject matter experts.
    2. Coordinate timing and participation.
    3. Set goals and expectations for the workshop.
    1.1.1 Define your primary drivers for SAFe.
    1.1.2 Create your own list of pros and cons of SAFe
    1.2.1 Assess your Agile readiness.
    1.2.2 Define enablers and blockers for scaling Agile delivery.
    1.2.3 Estimate your SAFe implementation risk.
    1.2.4 Start your SAFe implementation plan.
    Deliverables
  • Workshop schedule
  • Participant commitment
    • List of primary drivers for SAFe
    • List of pros and cons of SAFe
    • Agile Readiness Assessment results
    • List of enablers and blockers for scaling Agile delivery
    • Estimated SAFe implementation risk
    • Template for high-level SAFe implementation plan

    Supporting Your Agile Journey

    Enable Product Agile Delivery Executive Workshop Develop Your Agile Approach Spread Best Practices with an Agile Center of Excellence Implement DevOps Practices That Work Enable Organization-Wide Collaboration by Scaling Agile
    Number One Number two Number Three Number Four Number Five

    Align and prepare your IT leadership teams.

    Audience: Senior and IT delivery leadership

    Size: 8-16 people

    Time: 7 hours

    Tune Agile team practices to fit your organization culture.

    Audience: Agile pilot teams and subject matter experts (SMEs)

    Size: 10-20 people

    Time: 4 days

    Leverage Agile thought leadership to expand your best practices.

    Audience: Agile SMEs and thought leaders

    Size: 10-20 people

    Time: 4 days

    Build a continuous integration and continuous delivery pipeline.

    Audience: Product owners (POs) and delivery team leads

    Size: 10-20 people

    Time: 4 days

    Execute a disciplined approach to rolling out Agile methods.

    Audience: Agile steering team and SMEs

    Size: 3-8 people

    Time: 3 hours

    Repeat Legend

    Sample agendas are included in the following sections for each of these topics.

    Your Product Transformation Journey

    1. Make the Case for Product Delivery2. Enable Product Delivery - Executive Workshop3. Deliver on Your Digital Product Vision4. Deliver Digital Products at Scale5. Mature and Scale Product Ownership
    Align your organization with the practices to deliver what matters most.Participate in a one-day executive workshop to help you align and prepare your leadership.Enhance product backlogs, roadmapping, and strategic alignment.Scale product families to align with your organization's goals.Align and mature your product owners.

    Audience: Senior executives and IT leadership

    Size: 8-16 people

    Time: 6 hours

    Repeat Symbol

    Audience: Product owners/managers

    Size: 10-20 people

    Time: 3-4 days

    Repeat Symbol

    Audience: Product owners/managers

    Size: 10-20 people

    Time: 3-4 days

    Audience: Product owners/managers

    Size: 8-16 people

    Time: 2-4 days

    Repeat Symbol

    Repeat Legend

    Phase 1

    Determine if SAFe Is Right for Your Organization

    Phase 1
    1.1 Understand where SAFe fits into your delivery methodologies and SDLCs
    1.2 Determine if you are ready for SAFe (fit for purpose)

    This phase will walk you through the following activities:

    • 1.1.1 Define your primary drivers for SAFe.
    • 1.1.2 Create your own list of pros and cons of SAFe.
    • 1.2.1 Assess your Agile readiness.
    • 1.2.2 Define enablers and blockers for scaling Agile delivery.
    • 1.2.3 Estimate your SAFe implementation risk.
    • 1.2.4 Start your SAFe implementation plan.

    This phase involves the following participants:

    • Senior leadership
    • IT leadership
    • Project Management Office
    • Delivery managers
    • Product managers/owners
    • Agile thought leaders and coaches
    • Compliance teams leads

    Step 1.1

    Understand where SAFe fits into your delivery methodologies and SDLCs

    Activities
    1.1.1 Define your primary drivers for SAFe
    1.1.2 Create your own list of pros and cons of SAFe

    This step involves the following participants:

    • IT leadership
    • Delivery managers
    • Project management office
    • Product owners and managers
    • Development team leads
    • Portfolio managers
    • Architects

    Outcomes of this step:

    • List of primary drivers for SAFe
    • List of pros and cons of SAFe

    Agile's Four Core Values

    "...while there is value in the items on the right, we value the items on the left more."
    – The Agile Manifesto

    STOP! If you're not Agile, don't start with SAFe.

    Agile's Four Core Values

    Successful SAFe requires an Agile mindset at all levels.

    Be aware of common myths around Agile and SAFe

    SAFe does not...

    1...solve development and communication issues.

    2...ensure that you will finish requirements faster.

    3...mean that you do not need planning and documentation.

    "Without proper planning, organizations can start throwing more resources at the work, which spirals into the classic Waterfall issues of managing by schedule."
    – Kristen Morton, Associate Implementation Architect,
    OneShield Inc. (Info-Tech Interview)

    Info-Tech Insight
    SAFe only provides a framework and steps where these issues can be resolved.

    The importance of values and principles

    Modern development practices (such as Agile, Lean, and DevOps) are based on values and principles. This supports the move away from command-and-control management to self-organizing teams.

    Values

    • Values represent your team's core beliefs and capture what you want to instill in your team.

    Principles

    • Principles represent methods for solving a problem or deciding.
    • Given that principles are rooted in specifics, they can change more frequently because they are both fallible and conducive to learning.

    Consider the guiding principles of your application team

    Teams may have their own perspectives on how they deliver value and their own practices for how they do this. These perspectives can help you develop guiding principles for your own team to explain your core values and cement your team's culture. Guiding principles can help you:

    • Enable the appropriate environment to foster collaboration within current organizational, departmental, and cultural constraints
    • Foster the social needs that will engage and motivate your team in a culture that suits its members
    • Ensure that all teams are driven toward the same business and team goals, even if other teams are operating differently
    • Build organizational camaraderie aligned with corporate strategies

    Info-Tech Insight
    Following methodologies by the book can be detrimental if they do not fit your organization's needs, constraints, and culture. The ultimate goal of all teams is to deliver value. Any practices or activities that drive teams away from this goal should be removed or modified.

    Review the drivers that are motivating your organization to adopt and scale Agile practices

    Functional groups have their own drivers to adopt Agile development processes, practices, and techniques (e.g. to improve collaboration, decrease churn, or increase automation). Their buy-in to scaling Agile is just as important as the buy-in of stakeholders.

    By not addressing a group's specific needs and drivers, the resulting negative sentiments of its members toward Agile development can affect their ability to see the benefits of Agile and they may return to old habits once the opportunity arises.

    Find opportunities in which both business objectives and functional group drivers can be achieved with scaling Agile development. This alignment can motivate teams to continuously improve and adhere to the new environment, and it will maintain business buy-in. This assessment can also be used to justify activities that specifically address functional group drivers.

    Examples of Motivating Drivers for Scaling Agile

    • Improve artifact hand-offs between development and operations.
    • Increase collaboration among development teams.
    • Reveal architectural and system risks early.
    • Expedite the feedback loop from support.
    • Improve capacity management.
    • Support development process innovation.
    • Create a safe environment to discuss concerns.
    • Optimize value streams.
    • Increase team engagement and comradery.

    Exercise 1.1.1 Define your primary drivers for SAFe

    30 minutes

    • Brainstorm a list of drivers for scaling Agile.
    • Build a value canvas to help capture and align team expectations.
    • Identify jobs or functions that will be impacted by SAFe.
    • List your current pains and gains.
    • List the pain relievers and gain creators.
    • Identify the deliverable needed for a successful transformation.
    • Complete your SAFe value canvas in your SAFe Transformation Playbook.

    Enter the results in your SAFe Transformation Playbook.

    Input
    • Organizational understanding
    • Existing Agile delivery strategic plans
    Output
    • IT leadership
    • Delivery managers
    • Project management office
    • Product owners and managers
    • Development team leads
    • Portfolio managers
    • Architects

    SAFe Value Canvas Template

    SAFe Value Canvas Template

    Case Study

    A public utilities organization steadily lost stakeholder engagement, diminishing product quality.

    INDUSTRY: Public Utilities
    SOURCE: Info-Tech Expert Interview

    Challenge

    • The goal of a public utilities organization was to adopt Agile so it could quickly respond to changes and trim costs.
    • The organization decided to scale Agile using a structured approach. It began implementation with IT teams that were familiar with Agile principles and leveraged IT seniors as Agile champions. To ensure that Agile principles were widespread, the organization decided to develop a training program with vendor assistance.
    • As Agile successes began to be seen, the organization decided to increase the involvement of business teams gradually so it could organically grow the concept within the business.

    Results

    • Teams saw significant success with many projects because they could easily demonstrate deliverables and clearly show the business value. Over time, the teams used Agile for large projects with complex processing needs.
    • Teams continued to deliver small projects successfully, but business engagement waned over time. Some of the large, complex applications they delivered using Agile lacked the necessary functionality and appropriate controls and, in some cases, did not have the ability to scale due to a poor architectural framework. These applications required additional investment, which far exceeded the original cost forecasts.

    While Agile and product development are intertwined, they are not the same!

    Delivering products does not necessarily require an Agile mindset. However, Agile methods help to facilitate the journey because product thinking is baked into them.

    Agile and product development are intertwined

    Recognize the difference between Scrum teams and the Scaled Agile Framework (SAFe)

    SAFe provides a framework that aligns Scrum teams into coordinated release trains driven by top-down prioritization.

    Difference between Scrum and SAFe

    Develop Your Agile Approach for a Successful Transformation

    Without adopting an Agile mindset, SAFe becomes Waterfall with SAFe terminology

    Waterfall with SAFe terminology

    Info-Tech Insight
    When first implementing SAFe, organizations reproduce their organizational design and Waterfall delivery structures with SAFe terms:

    • Delivery Manager = Release Train Engineer
    • Stakeholder/Sponsor = Product Manager
    • Release = Release Train
    • Project/Program = Project or Portfolio

    Advantages of successful SAFe implementations

    Once SAFe is complete and operational, organizations have seen measurable benefits:

    • Multiple frameworks to support different levels of SAFe usage
    • Deliberate and consistent planning and coordination
    • Coordinating dependencies within value streams
    • Reduced time to delivery
    • Focus on customers and end users
    • Alignment to business goals and value streams
    • Increased employee engagement

    Sources: TechBeacon, 2019; Medium, 2020; "Benefits," Scaled Agile, 2023;
    "Pros and Cons," PremierAgile, n.d.; "Scaling Agile Challenges," PremierAgile, n.d.

    Advantages of successful SAFe implementations

    Source: "Benefits," Scaled Agile, 2023

    SAFe isn't without risks or challenges

    Risks and Causes of Failed SAFe Transformations

    • SAFe conflicts with legacy cultures and delivery processes.
    • SAFe promotes continued top-down decisions, undermining team empowerment.
    • Scaled product families are required to define proper value streams.
    • Team empowerment and autonomy are reduced.
    • SAFe activities are poorly executed.
    • There are high training and coaching costs.
    • Implementation takes a long time.
    • End-to-end delivery management tools aligned to SAFe are required.
    • Legacy delivery challenges are not specifically solved with SAFe.
    • SAFe is designed to work for large-scale development teams.

    Challenges

    • Adjusting to a new set of terms for common roles, processes, and activities
    • Executing planning cycles
    • Defining features and epics at the right level
    • Completing adequate requirements
    • Defining value streams
    • Coordinating releases and release trains
    • Providing consistent quality

    Sources: TechBeacon, 2019; Medium, 2020; "Benefits," Scaled Agile, 2023; "Pros and Cons," PremierAgile, n.d.; "Scaling Agile Challenges," PremierAgile, n.d.

    Exercise 1.1.2 Create your own list of the pros and cons of SAFe

    1 hour

    Pros Cons

    Enter the results in your SAFe Transformation Playbook

    Input
    • Organizational drivers
    • Analysis of SAFe
    • Estimate of fit for purpose
    Output
    • IT leadership
    • Delivery managers
    • Project management office
    • Product owners and managers
    • Development team leads
    • Portfolio managers
    • Architects

    Focus on your core competencies instead

    Before undertaking an enterprise transformation, consider improving the underlying processes that will need to be fixed anyway. Fixing these areas while implementing SAFe compounds the effort and disruption.

    Product Delivery

    Product Management

    "But big-bang transitions are hard. They require total leadership commitment, a receptive culture, enough talented and experienced agile practitioners to staff hundreds of teams without depleting other capabilities, and highly prescriptive instruction manuals to align everyone's approach."
    - "Agile at Scale," Harvard Business Review

    Step 1.2

    Determine if you are ready for SAFe (fit for purpose)

    Activities
    1.2.1 Assess your Agile readiness
    1.2.2 Define enablers and blockers for scaling Agile delivery
    1.2.3 Estimate your SAFe implementation risk
    1.2.4 Start your SAFe implementation plan

    This step involves the following participants:

    • IT leadership
    • Delivery managers
    • Project management office
    • Product owners and managers
    • Development team leads
    • Portfolio managers
    • Architects

    Outcomes of this step:

    • Agile Readiness Assessment results
    • Enablers and blockers for scaling Agile
    • SAFe implementation risk
    • SAFe implementation plan

    Use CLAIM to guide your Agile journey

    Use CLAIM to guide your Agile journey

    Conduct the Agile Readiness Assessment Survey

    Without an Agile mindset, SAFe will follow Waterfall or WaterScrumFall practices.

    • Start your journey with a clear understanding of the level of Agile and product maturity throughout your organization.
    • Each area that lacks strength should be evaluated further and added to your journey map.

    Chart of Agile Readiness

    Exercise 1.2.1 Assess your Agile readiness

    1 hour

    • Open and complete the Agile Readiness Assessment in your playbook or the Excel tool provided.
    • Discuss each area's high and low scores to reach a consensus.
    • Record your results in your SAFe Transformation Playbook.

    Chart of Agile Readiness

    Enter the results in Scaled Agile Readiness Assessment.

    Input
    • Organizational knowledge
    • Agile Readiness Assessment
    Output
    • IT leadership
    • Delivery managers
    • Project Management Office
    • Product owners and managers
    • Development team leads
    • Portfolio managers
    • Architects

    Exercise 1.2.2 Define enablers and blockers for scaling Agile delivery

    1 hour

    • Identify and mitigate blockers for scaling Agile in your organization.
      • Identify enablers who will support successful SAFe transformation.
      • Identify blockers who will make the transition to SAFe more difficult.
      • For each blocker, define at least one mitigating step.
    Enablers Blockers Mitigation

    Enter the results in your SAFe Transformation Playbook

    Input
    • Agile Readiness Assessment
    • Organizational knowledge
    Output
    • IT leadership
    • Delivery managers
    • Project management office
    • Product owners and managers
    • Development team leads
    • Portfolio managers
    • Architects

    Estimate your SAFe implementation risk

    Poor Fit High Risk Scaling Potential
    Team size <50 >150 or non-dedicated 50-150 dedicated
    Agile maturity Waterfall and project delivery Individual Scrum DevOps teams Scrum DevOps teams coordinating dependencies
    Product management maturity Project-driver changes from stakeholders Proxy product owners within delivery teams Defined product families and products
    Strategic goals Localized decisions Enterprise goals implemented at the app level Translation and refinement of enterprise goals through product families
    Enterprise architecture Siloed architecture standards Common architectures Future enterprise architecture and employee review board (ERB) reviews
    Release management Independent release schedules Formal release calendar Continuous integration/development (CI/CD) with organizational change management (OCM) scheduled cross-functional releases
    Requirements management and quality assurance Project based Partial requirements and test case coverage Requirements as an asset and test automation

    Exercise 1.2.3 Estimate your SAFe implementation risk

    30 minutes

    • Determine which description best matches your overall organizational state.
    • Enter the results in your SAFe Transformation Playbook.
    • Change the text to bold in the cell you selected to describe your current state and/or add a border around the cell.

    Chart of SAFe implementation risk

    Enter the results in SAFe Transformation Playbook.

    Input
    • Agile Readiness Assessment
    • Organizational knowledge
    Output
    • IT leadership
    • Delivery managers
    • Project management office
    • Product owners and managers
    • Development team leads
    • Portfolio managers
    • Architects

    Interpret your SAFe implementation risks

    Analyze your highlighted selections and patterns in the rows and columns. Use these factors to inform your SAFe implementation steps and timing.

    Interpret your SAFe implementation risks

    Build your implementation plan

    Build a transformation and organizational change management plan to guide your transition. Define clear ownership for every critical step.

    Plan your transformation.

    • Align stakeholders and thought leaders.
    • Select an implementation partner.
    • Insert critical steps.

    Build your SAFe framework.

    • Define your target SAFe framework.
    • Customize your SAFe framework.
    • Establish SAFe governance and reporting.
    • Insert critical steps.

    Implement SAFe practices.

    • Define product families and value streams.
    • Conduct SAFe training for:
      • Executive leadership
      • Agile SAFe coaches
      • Practitioners
    • Insert critical steps.

    For additional help with OCM, please download Master Organizational Change Management Practices.

    Exercise 1.2.4 Start your SAFe implementation plan

    30 minutes

    • Using the high-level SAFE implementation framework, begin building out the critical steps.
    • Record the results in your SAFe Transformation Playbook.
    • Your playbook is an evergreen document to help guide your implementation. It should be reviewed often.

    SAFe implementation plan

    Enter the results in your SAFe Transformation Playbook

    Input
    • SAFe readiness assessment
    • Enablers and blockers
    • Drivers for SAFe
    Output
    • IT leadership
    • Delivery managers
    • Project management office
    • Product owners and managers
    • Development team leads
    • Portfolio managers
    • Architects

    Select an implementation partner

    Finding the right SAFe implementation partner is critical to your transformation success.

    • Using your previous assessment, align internal and external resources to support your transformation.
    • Select a partner who has experience in similar organizations and is aligned with your delivery goals.
    • Plan to transition support to internal teams when SAFe practices have stabilized and moved into continuous improvement.
    • Augment your transformation partner with internal coaches.
    • Plan for a multiyear engagement before SAFe benefits are realized.

    Summary of Accomplishments

    Your journey begins.

    Implementing SAFe is a long, expensive, and difficult process. For some organizations, SAFe provides the balance of leadership-driven prioritization and control with shorter release cycles and time to value. The key is making sure that SAFe is right for you and you are ready for SAFe. Few organizations fit perfectly into one of the SAFe frameworks. Instead, consider fine-tuning and customizing SAFe to meet your needs and gradual transformation.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.
    workshops@infotech.com
    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.

    Below are sample activities that will be conducted by Info-Tech analysts with your team:

    Scaled Agile Delivery Readiness Assessment
    This assessment will help identify enablers and blockers in your organizational culture using our CLAIM+G organization transformation model.

    SAFE Value Canvas
    Use a value campus to define jobs, pains, gains, pain relievers, gain creators, and needed deliverables to help inform and guide your SAFe transformation.

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Bibliography

    "6 Biggest SAFe Agile Implementation Mistakes to Avoid." Triumph Strategic Consulting, 27 July 2017.

    "The 7 Must-Haves for Achieving Scaling Agile Success." The 7 Must-Haves for Achieving Scaling Agile Success.

    Ageling, Willem-Jan. "11 Most Common Reasons to Use Scaled Agile Framework (SAFE) and How to Do This With Unscaled Scrum." Medium, Serious Scrum, 26 Jan. 2020.

    Agile India, International Conference on Agile and Lean Software Development, 2014.

    "Air France - KLM - Agile Adoption with SAFe." Scaled Agile, 28 Nov. 2022.

    "Application Development Trends 2019 - Global Survey Report." OutSystems.

    "Benefits of SAFe: How It Benefits Organizations." Scaled Agile, 13 Mar. 2023.

    Berkowitz, Emma. "The Cost of a SAFe(r) Implementation: CPRIME Blog." Cprime, 30 Jan. 2023.

    "Chevron - Adopting SAFe with Remote Workforce." Scaled Agile, 28 Nov. 2022.

    "Cisco It - Adopting Agile Development with SAFe." Scaled Agile, 13 Sept. 2022.

    "CMS - Business Agility Transformation Using SAFe." Scaled Agile, 13 Sept. 2022.

    Crain, Anthony. "4 Biggest Challenges in Moving to Scaled Agile Framework (SAFe)." TechBeacon, 25 Jan. 2019.

    "The Essential Role of Communications ." Project Management Institute .

    Gardiner, Phil. "SAFe Implementation: 4 Tips for Getting Started." Applied Frameworks, 20 Jan. 2022.

    "How Do I Start Implementing SAFe?" Agility in Mind, 29 July 2022.

    "How to Masterfully Screw Up Your SAFe Implementation." Wibas Artikel-Bibliothek, 6 Sept. 2022.

    "Implementation Roadmap." Scaled Agile Framework, 14 Mar. 2023.

    Islam, Ayvi. "SAFe Implementation 101 - The Complete Guide for Your Company." //Seibert/Media, 22 Dec. 2020.

    "Johnson Controls - SAFe Implementation Case Study." Scaled Agile, 28 Nov. 2022.

    "The New Rules and Opportunities of Business Transformation." KPMG.

    "Nokia Software - SAFe Agile Transformation." Scaled Agile, 28 Nov. 2022.

    Pichler, Roman. "What Is Product Management?" Romanpichler, 2014.

    "Product Documentation." ServiceNow.

    "Pros and Cons of Scaled Agile Framework." PremierAgile.

    "Pulse of the Profession Beyond Agility." Project Management Institute.

    R, Ramki. "Pros and Cons of Scaled Agile Framework (SAFe)." Medium, 3 Mar. 2019.

    R, Ramki. "When Should You Consider Implementing SAFe (Scaled Agile Framework)?" Medium, Medium, 3 Mar. 2019.

    Rigby, Darrell, Jeff Sutherland, and Andy Noble. "Agile at Scale: How to go from a few teams to hundreds." Harvard Business Review, 2018.

    "SAFe Implementation Roadmap." Scaled Agile Framework, Scaled Agile, Inc., 14 Mar. 2023.

    "SAFe Partner Cprime: SAFe Implementation Roadmap: Scaled Agile." Cprime, 5 Apr. 2023.

    "SAFe: The Good, the Bad, and the Ugly." Project Management Institute.

    "Scaled Agile Framework." Wikipedia, Wikimedia Foundation, 29 Mar. 2023.

    "Scaling Agile Challenges and How to Overcome Them." PremierAgile.

    "SproutLoud - a Case Study of SAFe Agile Planning." Scaled Agile, 29 Nov. 2022.

    "Story." Scaled Agile Framework, 13 Apr. 2023.

    Sutherland , Jeff. "Scrum: How to Do Twice as Much in Half the Time." Tedxaix, YouTube, 7 July 2014.

    Venema, Marjan. "6 Scaled Agile Frameworks - Which One Is Right for You?" NimbleWork, 23 Dec. 2022.

    Warner, Rick. "Scaled Agile: What It Is and Why You Need It." High-Performance Low-Code for App Development, OutSystems, 25 Oct. 2019.

    Watts, Stephen, and Kirstie Magowan. "The Scaled Agile Framework (SAFE): What to Know and How to Start." BMC Blogs, 9 Sept. 2020.

    "What Is SAFe? The Scaled Agile Framework Explained." CIO, 9 Feb. 2021.

    "Why Agile Transformations Fail: Four Common Culprits." Planview.

    "Why You Should Use SAFe (and How to Find SAFe Training to Help)." Easy Agile.

    Y., H. "Story Points vs. 'Ideal Days.'" Cargo Cultism, 19 Aug. 2010.

    Bibliography

    Enable Organization-Wide Collaboration by Scaling Agile

    Ambler, Scott W. "Agile Architecture: Strategies for Scaling Agile Development." Agile Modeling, 2012.

    - - -. "Comparing Approaches to Budgeting and Estimating Software Development Projects." AmbySoft.

    - - -. "Agile and Large Teams." Dr. Dobb's, 17 Jun 2008.

    Ambler, Scott W. and Mark Lines. Disciplined Agile Delivery: A Practitioner's Guide to Agile Software Delivery in the Enterprise. IBM Press, 2012.

    Ambler, Scott W., and Mark Lines. "Scaling Agile Software Development: Disciplined Agility at Scale." Disciplined Agile Consortium White Paper Series, 2014.

    AmbySoft. "2014 Agile Adoption Survey Results." Scott W. Ambler + Associates, 2014.

    Bersin, Josh. "Time to Scrap Performance Appraisals?" Forbes Magazine, 5 June 2013. Accessed 30 Oct. 2013..

    Cheese, Peter, et al. " Creating an Agile Organization." Accenture, Oct. 2009. Accessed Nov. 2013..

    Croxon, Bruce, et al. "Dinner Series: Performance Management with Bruce Croxon from CBC's 'Dragon's Den.'" HRPA Toronto Chapter. Sheraton Hotel, Toronto, ON, 12 Nov. 2013. Panel discussion.

    Culbert, Samuel. "10 Reasons to Get Rid of Performance Reviews." Huffington Post Business, 18 Dec. 2012. Accessed 28 Oct. 2013.

    Denning, Steve. "The Case Against Agile: Ten Perennial Management Objections." Forbes Magazine, 17 Apr. 2012. Accessed Nov. 2013.

    Estis, Ryan. "Blowing up the Performance Review: Interview with Adobe's Donna Morris." Ryan Estis & Associates, 17 June 2013. Accessed Oct. 2013.

    Heikkila et al. "A Revelatory Case Study on Scaling Agile Release Planning." EUROMICRO Conference on Software Engineering and Advanced Applications (SEAA), 2010.

    Holler, Robert, and Ian Culling. "From Agile Pilot Project to Enterprise-Wide Deployment: Five Sure-Fire Ways To Fail When You Scale." VersionOne, 2010.

    Kniberg, Henrik, and Anders Ivarsson, "Scaling Agile @ Spotify," Unified Communications and Collaborations, 2012.

    Narayan, Sriram. "Agile IT Organization Design: For Digital Transformation and Continuous Delivery." Addison-Wesley Professional, 2015.

    Shrivastava, NK, and Phillip George. "Scaling Agile." RefineM, 2015.

    Sirkia, Rami, and Maarit Laanti. "Lean and Agile Financial Planning." Scaled Agile Framework Blog, 2014.

    Scaled Agile Framework (SAFe). "Agile Architecture." Scaled Agile Inc., 2015.

    VersionOne. 9th Annual: State of Agile Survey. VersionOne, LLC, 2015.

    Appendix A: Supporting Info-Tech Research

    Transformation topics and supporting research to make your journey easier, with less rework

    Supporting research and services

    Improving IT Alignment

    Build a Business-Aligned IT Strategy
    Success depends on IT initiatives clearly aligned to business goals, IT excellence, and driving technology innovation.

    Make Your IT Governance Adaptable
    Governance isn't optional, so keep it simple and make it flexible.

    Create an IT View of the Service Catalog
    Unlock the full value of your service catalog with technical components.

    Application Portfolio Management Foundations
    Ensure your application portfolio delivers the best possible return on investment.

    Shifting Toward Agile DevOps

    Agile/DevOps Research Center
    Access the tools and advice you need to be successful with Agile.

    Develop Your Agile Approach for a Successful Transformation
    Understand Agile fundamentals, principles, and practices so you can apply them effectively in your organization.

    Implement DevOps Practices That Work
    Streamline business value delivery through the strategic adoption of DevOps practices.

    Perform an Agile Skills Assessment
    Being Agile isn't about processes, it's about people.

    Define the Role of Project Management in Agile and Product-Centric Delivery
    Projects and products are not mutually exclusive.

    Shifting Toward Product Management

    Make the Case for Product Delivery
    Align your organization on the practices to deliver what matters most.

    Deliver on Your Digital Product Vision
    Build a product vision your organization can take from strategy through execution.

    Deliver Digital Products at Scale
    Deliver value at the scale of your organization through defining enterprise product families.

    Mature and Scale Product Ownership
    Strengthen the product owner role in your organization by focusing on core capabilities and proper alignment.

    Build a Value Measurement Framework
    Focus product delivery on business value- driven outcomes.

    Improving Value and Delivery Metrics

    Build a Value Measurement Framework
    Focus product delivery on business value-driven outcomes.

    Create a Holistic IT Dashboard
    Mature your IT department by measuring what matters.

    Select and Use SDLC Metrics Effectively
    Be careful what you ask for, because you will probably get it.

    Reduce Time to Consensus With an Accelerated Business Case
    Expand on the financial model to give your initiative momentum.

    Improving Governance, Prioritization, and Value

    Make Your IT Governance Adaptable
    Governance isn't optional, so keep it simple and make it flexible.

    Maximize Business Value From IT Through Benefits Realization
    Embed benefits realization into your governance process to prioritize IT spending and confirm the value of IT.

    Drive Digital Transformation With Platform Strategies
    Innovate and transform your business models with digital platforms.

    Succeed With Digital Strategy Execution
    Building a digital strategy is only half the battle: create a systematic roadmap of technology initiatives to execute the strategy and drive digital transformation.

    Build a Value Measurement Framework
    Focus product delivery on business value-driven outcomes.

    Create a Holistic IT Dashboard
    Mature your IT department by measuring what matters.

    Improving Requirements Management and Quality Assurance

    Requirements Gathering for Small Enterprises
    Right-size the guidelines of your requirements gathering process.

    Improve Requirements Gathering
    Back to basics: great products are built on great requirements.

    Build a Software Quality Assurance Program
    Build quality into every step of your SDLC.

    Automate Testing to Get More Done
    Drive software delivery throughput and quality confidence by extending your automation test coverage.

    Manage Your Technical Debt
    Make the case to manage technical debt in terms of business impact.

    Create a Business Process Management Strategy
    Avoid project failure by keeping the "B" in BPM.

    Build a Winning Business Process Automation Playbook
    Optimize and automate your business processes with a user-centric approach.

    Improving Release Management

    Optimize Applications Release Management
    Build trust by right-sizing your process using appropriate governance.

    Streamline Application Maintenance
    Effective maintenance ensures the long-term value of your applications.

    Streamline Application Management
    Move beyond maintenance to ensure exceptional value from your apps.

    Optimize IT Change Management
    Right-size IT change management to protect the live environment.

    Manage Your Technical Debt
    Make the case to manage technical debt in terms of business impact.

    Improve Application Development Throughput
    Drive down your delivery time by eliminating development inefficiencies and bottlenecks while maintaining high quality.

    Improving Business Relationship Management

    Embed Business Relationship Management in IT
    Show that IT is worthy of Trusted Partner status.

    Mature and Scale Product Ownership
    Strengthen the product owner role in your organization by focusing on core capabilities and proper alignment.

    Improving Security

    Build an Information Security Strategy
    Create value by aligning your strategy to business goals and business risks.

    Develop and Deploy Security Policies
    Enhance your overall security posture with a defensible and prescriptive policy suite.

    Simplify Identity and Access Management
    Leverage risk- and role-based access control to quantify and simplify the identity and access management (IAM) process.

    Improving and Supporting Business-Managed Applications

    Embrace Business-Managed Applications
    Empower the business to implement their own applications with a trusted business-IT relationship.

    Enhance Your Solution Architecture Practices
    Ensure your software systems solution is architected to reflect stakeholders' short- and long-term needs.

    Satisfy Digital End Users With Low- and No-Code
    Extend IT, automation, and digital capabilities to the business with the right tools, good governance, and trusted organizational relationships.

    Build Your First RPA Bot
    Support RPA delivery with strong collaboration and management foundations.

    Automate Work Faster and More Easily With Robotic Process Automation
    Embrace the symbiotic relationship between the human and digital workforce.

    Improving Business Intelligence, Analytics, and Reporting

    Modernize Data Architecture for Measurable Business Results
    Enable the business to achieve operational excellence, client intimacy, and product leadership with an innovative, agile, and fit-for-purpose data architecture practice.

    Build a Reporting and Analytics Strategy
    Deliver actionable business insights by creating a business-aligned reporting and analytics strategy.

    Build Your Data Quality Program
    Quality data drives quality business decisions.

    Design Data-as-a-Service
    Journey to the data marketplace ecosystems.

    Build a Robust and Comprehensive Data Strategy
    Learn about the key to building and fostering a data-driven culture.

    Build an Application Integration Strategy
    Level the table before assembling the application integration puzzle or risk losing pieces.

    Appendix B: SDLC Transformation Steps

    Waterfall SDLC

    Valuable product delivered at the end of an extended project lifecycle, frequently in years

    Waterfall SDLC

    • Business is separated from the delivery of technology it needs. Only one-third of the product is actually valuable (ITRG, N=40,000).
    • In Waterfall, a team of experts in specific disciplines hand off different aspects of the lifecycle.
    • Document sign-offs are required to ensure integration between silos (Business, Development, and Operations) and individuals.
    • A separate change-request process lays over the entire lifecycle to prevent changes from disrupting delivery.
    • Tools are deployed to support a specific role (e.g. BA) and seldom integrated (usually requirements <-> test).

    Wagile/Agifall/WaterScrumFall SDLC

    Valuable product delivered in multiple releases

     Wagile/Agifall/WaterScrumFall SDLC

    • Business is more closely integrated by a business product owner, who is accountable for day-to-day delivery of value for users.
    • The team collaborates and develops cross-functional skills as they define, design, build, and test code over time.
    • Sign-offs are reduced but documentation is still focused on satisfying project delivery and operations policy requirements.
    • Change is built into the process to allow the team to respond to change dynamically.
    • Tools start to be integrated to streamline delivery (usually requirements and Agile work management tools).

    Agile SDLC

    Valuable product delivered iteratively: frequency depends Ops' capacity

    Agile SDLC

    • Business users are closely integrated through regularly scheduled demos (e.g. every two weeks).
    • Team is fully cross-functional and collaborates to plan, define, design, build, and test the code, supported by specialists.
    • Documentation is focused on future development and operations needs.
    • Change is built into the process to allow the team to respond to change dynamically.
    • Automation is explored for application development (e.g. automated regression testing).

    Agile With DevOps SDLC

    High frequency iterative delivery of valuable product (e.g. every two weeks)

     Agile With DevOps SDLC

    • Business users are closely integrated through regularly scheduled demos.
    • Development and operations teams collaborate to plan, define, design, build, test, and deploy code, supported by automation.
    • Documentation is focused on supporting users, future changes, and operational support.
    • Change is built into the process to allow the team to respond to change dynamically.
    • Test, build, deploy process is fully automated. (Service desk is still separated.)

    DevOps SDLC

    Continuous integration and delivery

     DevOps SDLC

    • Business users are closely integrated through regularly scheduled demos.
    • Fully integrated DevOps team collaborates to plan, define, design, build, test, deploy, and maintain code.
    • Documentation is focused on future development and use adoption.
    • Change is built into the process to allow the team to respond to change dynamically.
    • Development and operations toolchain are fully integrated.

    Fully integrated product SDLC

    Agile + DevOps + continuous delivery of valuable product on demand

     Fully integrated product SDLC

    • Business users are fully integrated with the teams through dedicated business product owner.
    • Cross-functional teams collaborate across the business and technical life of the product.
    • Documentation supports internal and external needs (business, users, operations).
    • Change is built into the process to allow the team to respond to change dynamically.
    • Toolchain is fully integrated (including service desk).

    Appendix C: Understanding Agile Scrum Practices and Ceremonies

    Cultural advantages of Agile

    Cultural advantages of Agile

    Agile* SDLC

    With shared ownership instead of silos, we are able to deliver value at the end of every iteration (aka sprint)

    Agile SDLC

    Key Elements of the Agile SDLC

    • You are not "one and done." There are many short iterations with constant feedback.
    • There is an empowered product owner. This is a single authoritative voice who represents stakeholders.
    • There is a fluid product backlog. This enables prioritization of requirements "just-in-time."
    • There is a cross-functional, self-managing team. This team makes commitments and is empowered by the organization to do so.
    • There is working, tested code at the end of each sprint: Value becomes more deterministic along sprint boundaries.
    • Stakeholders are allowed to see and use the functionality and provide necessary feedback.
    • Feedback is being continuously injected back into the product backlog. This shapes the future of the solution.
    • There is continuous improvement through sprint retrospectives.
    • The virtuous cycle of sprint-demo-feedback is internally governed when done right.

    * There are many Agile methodologies to choose from, but Scrum is by far the most widely used (and is shown above).

    Understand the Scrum process

    The scrum process coordinates multiple stakeholders to deliver on business priorities.

    Understand the Scrum process

    Understand the ceremonies part of the scrum process

     Understand the ceremonies part of the scrum process

    Scrum vs. Kanban: Key differences

    Scrum vs. Kanban: Key differences

    Scrum vs. Kanban: When to use each

    Scrum

    Related or grouped changes are delivered in fixed time intervals.

    Use when:

    • Coordinating the development or release of related items
    • Maturing a product or service
    • Coordinating interdependencies between work items

    Kanban

    Independent items are delivered as soon as each is ready.

    Use when:

    • Completing work items from ticketing or individual requests
    • Completing independent changes
    • Releasing changes as soon as possible

    Appendix D: Improving Product Management

    Product delivery realizes value for your product family

    While planning and analysis are done at the family level, work and delivery are done at the individual product level.

    Product delivery realizes value for your product family

    Manage and communicate key milestones

    Successful product-delivery managers understand and define key milestones in their product-delivery lifecycles. These milestones need to be managed along with the product backlog and roadmap.

    Manage and communicate key milestones

    Info-Tech Best Practice
    Product management is not just about managing the product backlog and development cycles. Teams need to manage key milestones, such as learning milestones, test releases, product releases, phase gates, and other organizational checkpoints.

    A backlog stores and organizes product backlog items (PBIs) at various stages of readiness

    Organize product backlog at various stages of readiness

    A well-formed backlog can be thought of as a DEEP backlog:

    Detailed Appropriately: PBIs are broken down and refined as necessary.

    Emergent: The backlog grows and evolves over time as PBIs are added and removed.

    Estimated: The effort that a PBI requires is estimated at each tier.

    Prioritized: A PBI's value and priority are determined at each tier.

    Source: Perforce, 2018

    Backlog tiers facilitate product planning steps

    Ranging from the intake of an idea to a PBI ready for development; to enter the backlog, each PBI must pass through a given quality filter.

    Backlog tiers facilitate product planning steps

    Each activity is a variation of measuring value and estimating effort in order to validate and prioritize a PBI.

    A PBI successfully completes an activity and moves to the next backlog tier when it meets the appropriate criteria. Quality filters should exist between each tier.

    Use quality filters to ensure focus on the most important PBIs

    Expand the concepts of defining "ready" and "done" to include the other stages of a PBI's journey through product planning.

    Use quality filters to ensure focus on the most important PBIs

    Info-Tech Best Practice
    A quality filter ensures that quality is met and the appropriate teams are armed with the correct information to work more efficiently and improve throughput.

    Define product value by aligning backlog delivery with roadmap goals

    In each product plan, the backlogs show what you will deliver. Roadmaps identify when and in what order you will deliver value, capabilities, and goals.

    Define product value by aligning backlog delivery with roadmap goals

    Product roadmaps guide delivery and communicate your strategy

    In "Deliver on Your Digital Product Vision," we demonstrate how a product roadmap is core to value realization. The product roadmap is your communicated path. As a product owner, you use it to align teams and changes to your defined goals, as well as your product to enterprise goals and strategy.

    Product roadmaps guide delivery and communicate your strategy

    Info-Tech Insight
    The quality of your product backlog - and your ability to realize business value from your delivery pipeline - is directly related to the input, content, and prioritization of items in your product roadmap.

    Info-Tech's approach

    Operationally align product delivery to enterprise goals

    Operationally align product delivery to enterprise goals

    The Info-Tech Difference

    Create a common definition of what a product is and identify the products in your inventory.

    Use scaling patterns to build operationally aligned product families.

    Develop a roadmap strategy to align families and products to enterprise goals and priorities.

    Use products and families to assess value realization.

    Microsoft Dynamics 365: Understand the Transition to the Cloud

    • Buy Link or Shortcode: {j2store}350|cart{/j2store}
    • member rating overall impact (scale of 10): 8.7/10 Overall Impact
    • member rating average dollars saved: $94,858 Average $ Saved
    • member rating average days saved: 4 Average Days Saved
    • Parent Category Name: Licensing
    • Parent Category Link: /licensing
    • Your on-premises Dynamics CRM or AX needs updating or replacing, and you’re not sure whether to upgrade or transition to the cloud with the new Microsoft Dynamics 365 platform. You’re also uncertain about what the cost might be or if there are savings to be had with a transition to the cloud for your enterprise resource planning system.
    • The new license model, Apps vs. Plans and Dual Use Rights in the cloud, includes confusing terminology and licensing rules that don’t seem to make sense. This makes it difficult to purchase proper licensing that aligns with your current on-premises setup and to maximize your choices in transition licenses.
    • There are different licensing programs for Dynamics 365 in the cloud. You need to decide on the most cost effective program for your company, for now and for the future.
    • Microsoft is constantly pressuring you to move to the cloud, but you don’t understand the why. You're uncertain if there's real value in such a strategic move right now, or if should you wait awhile.

    Our Advice

    Critical Insight

    • Focus on what’s best for you. Do a thorough current state assessment of your hardware and software needs and consider what will be required in the near future (one to four years).
    • Educate yourself. You should have a good understanding of your options from staying on-premises vs. an interim hybrid model vs. a lift and shift to the cloud.
    • Consider the overall picture. There might not be hard cost savings to be realized in the near term, given the potential increase in licensing costs over a CapEx to OpEx savings.

    Impact and Result

    • Understanding the best time to transition, from a licensing perspective, could save you significant dollars over the next one to four years.
    • Planning and effectively mapping your current licenses to the new cloud user model will maximize your current investment into the cloud and fully leverage all available Microsoft incentives in the process.
    • Gaining the knowledge required to make the most informed transition decision, based on best timing, most appropriate licensing program, and maximized cost savings in the near term.
    • Engaging effectively with Microsoft and a competent Dynamics partner for deployment or licensing needs.

    Microsoft Dynamics 365: Understand the Transition to the Cloud Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should learn about Microsoft Dynamics 365 user-based cloud licensing, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Timing

    Review to confirm if you are eligible for Microsoft cloud transition discounts and what is your best time to move to the cloud.

    • Microsoft Dynamics 365: Understand the Transition to the Cloud – Phase 1: Timing
    • Microsoft License Agreement Summary Tool
    • Existing CRM-AX License Summary Worksheet

    2. Licensing

    Begin with a review to understand user-based cloud licensing, then move to mapping your existing licenses to the cloud users and plans.

    • Microsoft Dynamics 365: Understand the Transition to the Cloud – Phase 2: Licensing
    • Microsoft Dynamics 365 On-Premises License Transition Mapping Tool
    • Microsoft Dynamics 365 User License Assignment Tool
    • Microsoft Licensing Programs Brief Overview

    3. Cost review

    Use your cloud mapping activity as well your eligible discounts to estimate your cloud transition licensing costs.

    • Microsoft Dynamics 365: Understand the Transition to the Cloud – Phase 3: Cost Review
    • Microsoft Dynamics 365 Cost Estimator

    4. Analyze and decide

    Start by summarizing your choice license program, decide on the ideal time, then move on to total cost review.

    • Microsoft Dynamics 365: Understand the Transition to the Cloud – Phase 4: Analyze and Decide
    [infographic]

    Workshop: Microsoft Dynamics 365: Understand the Transition to the Cloud

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand What You Own and What You Can Transition to the Cloud

    The Purpose

    Understand what you own and what you can transition to the cloud.

    Learn which new cloud user licenses to transition.

    Key Benefits Achieved

    All your licenses in one summary.

    Eligible transition discounts.

    Mapping of on-premises to cloud users.

    Activities

    1.1 Validate your discount availability.

    1.2 Summarize agreements.

    1.3 Itemize your current license ownership.

    1.4 Review your timing options.

    1.5 Map your on-premises licenses to the cloud-based, user-based model.

    Outputs

    Current agreement summary

    On-premises to cloud user mapping summary

    Understanding of cloud app and plan features

    2 Transition License Cost Estimate and Additional Costs

    The Purpose

    Estimate cloud license costs and other associated expenses.

    Summarize and decide on the best timing, users, and program.

    Key Benefits Achieved

    Good cost estimate of equivalent cloud user-based licenses.

    Understanding of when and how to move your on-premises licensing to the new Dynamics 365 cloud model.

    Activities

    2.1 Estimate cloud user license costs.

    2.2 Calculate additional costs related to license transitions.

    2.3 Review all activities.

    2.4 Summarize and analyze your decision.

    Outputs

    Cloud user licensing cost modeling

    Summary of total costs

    Validation of costs and transition choices

    An informed decision on your Dyn365 timing, licensing, and costs

    Effectively Manage CxO Relations

    • Buy Link or Shortcode: {j2store}384|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Manage Business Relationships
    • Parent Category Link: /manage-business-relationships

    With the exponential pace of technological change, an organization's success will depend largely on how well CIOs can evolve from technology evangelists to strategic business partners. This will require CIOs to effectively broker relationships to improve IT's effectiveness and create business value. A confidential journal can help you stay committed to fostering productive relationships while building trust to expand your sphere of influence.

    Our Advice

    Critical Insight

    Highly effective executives have in common the ability to successfully balance three things: time, personal capabilities, and relationships. Whether you are a new CIO or an experienced leader, the relentless demands on your time and unpredictable shifts in the organization’s strategy require a personal game plan to deliver business value. Rather than managing stakeholders one IT project at a time, you need an action plan that is tailored for unique work styles.

    Impact and Result

    A personal relationship journal will help you:

    • Understand the context in which key stakeholders operate.
    • Identify the best communication approach to engage with different workstyles.
    • Stay committed to fostering relationships through difficult periods.

    Effectively Manage CxO Relations Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Effectively Manage CxO Relations Storyboard – A guide to creating a personal action plan to help effectively manage relationships across key stakeholders.

    Use this research to create a personal relationship journal in four steps:

    • Effectively Manage CxO Relations Storyboard

    2. Personal Relationship Management Journal Template – An exemplar to help you build your personal relationship journal.

    Use this exemplar to build a journal that is readily accessible, flexible, and easy to maintain.

    • Personal Relationship Management Journal Template

    Infographic

    Further reading

    Effectively Manage CxO Relations

    Make relationship management a daily habit with a personalized action plan.

    Analyst Perspective

    "Technology does not run an enterprise, relationships do." – Patricia Fripp

    As technology becomes increasingly important, an organization's success depends on the evolution of the modern CIO from a technology evangelist to a strategic business leader. The modern CIO will need to leverage their expansive partnerships to demonstrate the value of technology to the business while safeguarding their time and effort on activities that support their strategic priorities. CIOs struggling to transition risk obsolescence with the emergence of new C-suite roles like the Digital Transformation Officer, Chief Digital Officer, Chief Data Officer, and so on.

    CIOs will need to flex new social skills to accommodate diverse styles of work and better predict dynamic situations. This means expanding beyond their comfort level to acquire new social skills. Having a clear understanding of one's own work style (preferences, natural tendencies, motivations, and blind spots) is critical to identify effective communication and engagement tactics.

    Building trust is an art. Striking a balance between fulfilling your own goals and supporting others will require a carefully curated approach to navigate the myriad of personalities and work styles. A personal relationship journal will help you stay committed through these peaks and troughs to foster productive partnerships and expand your sphere of influence over the long term.

    Photo of Joanne Lee
    Joanne Lee
    Principal, Research Director, CIO Advisory
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    In today's unpredictable markets and rapid pace of technological disruptions, CIOs need to create business value by effectively brokering relationships to improve IT's performance. Challenges they face:

    • Operate in silos to run the IT factory.
    • Lack insights into their stakeholders and the context in which they operate.
    • Competing priorities and limited time to spend on fostering relationships.
    • Relationship management programs are narrowly focused on associated change management in IT project delivery.

    Common Obstacles

    Limited span of influence.

    Mistaking formal roles in organizations for influence.

    Understanding what key individuals want and, more importantly, what they don't want.

    Lack of situational awareness to adapt communication styles to individual preferences and context.

    Leveraging different work styles to create a tangible action plan.

    Perceiving relationships as "one and done."

    Info-Tech's Approach

    A personal relationship journal will help you stay committed to fostering productive relationships while building trust to expand your sphere of influence.

    • Identify your key stakeholders.
    • Understand the context in which they operate to define a profile of their mandate, priorities, commitments, and situation.
    • Choose the most effective engagement and communication strategies for different work styles.
    • Create an action plan to monitor and measure your progress.

    Info-Tech Insight

    Highly effective executives have in common the ability to balance three things: time, personal capabilities, and relationships. Whether you are a new CIO or an experienced leader, the relentless demand on your time and unpredictable shifts in the organization's strategy will require a personal game plan to deliver business value. This will require more than managing stakeholders one IT project at a time: It requires an action plan that fosters relationships over the long term.

    Key Concepts

    Stakeholder Management
    A common term used in project management to describe the successful delivery of any project, program, or activity that is associated with organizational change management. The goal of stakeholder management is intricately tied to the goals of the project or activity with a finite end. Not the focus of this advisory research.

    Relationship Management
    A broad term used to describe the relationship between two parties (individuals and/or stakeholder groups) that exists to create connection, inclusion, and influence. The goals are typically associated with the individual's personal objectives and the nature of the interaction is seen as ongoing and long-term.

    Continuum of Commitment
    Info-Tech's framework that illustrates the different levels of commitment in a relationship. It spans from active resistance to those who are committed to actively supporting your personal priorities and objectives. This can be used to baseline where you are today and where you want the relationship to be in the future.

    Work Style
    A reference to an individual's natural tendencies and expectations that manifest itself in their communication, motivations, and leadership skills. This is not a behavior assessment nor a commentary on different personalities but observable behaviors that can indicate different ways people communicate, interact, and lead.

    Glossary
    CDxO: Chief Digital Officer
    CDO: Chief Data Officer
    CxO: C-Suite Executives

    The C-suite is getting crowded, and CIOs need to foster relationships to remain relevant

    The span of influence and authority for CIOs is diminishing with the emergence of Chief Digital Officers and Chief Data Officers.

    63% of CDxOs report directly to the CEO ("Rise of the Chief Digital Officer," CIO.com)

    44% of organizations with a dedicated CDxO in place have a clear digital strategy versus 22% of those without a CDxO (KPMG/Harvey Nash CIO Survey)

    The "good news": CIOs tend to have a longer tenure than CDxOs.

    A diagram that shows the average tenure of C-Suites in years.
    Source: "Age and Tenure of C-Suites," Korn Ferry

    The "bad news": The c-suite is getting overcrowded with other roles like Chief Data Officer.

    A diagram that shows the number of CDOs hired from 2017 to 2021.
    Source: "Chief Data Officer Study," PwC, 2022

    An image of 7 lies technology executives tell ourselves.

    Info-Tech Insight

    The digital evolution has created the emergence of new roles like the Chief Digital Officer and Chief Data Officer. They are a response to bridge the skill gap that exists between the business and technology. CIOs need to focus on building effective partnerships to better communicate the business value generated by technology or they risk becoming obsolete.

    Create a relationship journal to effectively manage your stakeholders

    A diagram of relationship journal

    Info-Tech's approach

    From managing relationships with friends to key business partners, your success will come from having the right game plan. Productive relationships are more than managing stakeholders to support IT initiatives. You need to effectively influence those who have the potential to champion or derail your strategic priorities. Understanding differences in work styles is fundamental to adapting your communication approach to various personalities and situations.

    A diagram that shows from 1.1 to 4.1

    A diagram of business archetypes

    Summary of Insights

    Insight 1: Expand your sphere of influence
    It's not just about gaining a volume of acquaintances. Figure out where you want to spend your limited time, energy, and effort to develop a network of professional allies who will support and help you achieve your strategic priorities.

    Insight 2: Know thyself first and foremost
    Healthy relationships start with understanding your own working style, preferences, and underlying motivations that drive your behavior and ultimately your expectations of others. A win/win scenario emerges when both parties' needs for inclusion, influence, and connection are met or mutually conceded.

    Insight 3: Walk a mile in their shoes
    If you want to build successful partnerships, you need to understand the context in which your stakeholder operates: their motivations, desires, priorities, commitments, and challenges. This will help you adapt as their needs shift and, moreover, leverage empathy to identify the best tactics for different working styles.

    Insight 4: Nurturing relationships is a daily commitment
    Building, fostering, and maintaining professional relationships requires a daily commitment to a plan to get through tough times, competing priorities, and conflicts to build trust, respect, and a shared sense of purpose.

    Related Info-Tech Research

    Supplement your CIO journey with these related blueprints.

    Photo of First 100 Days as CIO

    First 100 Days as CIO

    Photo of Become a Strategic CIO

    Become a Strategic CIO

    Photo of Improve IT Team Effectiveness

    Improve IT Team Effectiveness

    Photo of Become a Transformational CIO

    Become a Transformational CIO

    Executive Brief Case Study

    Logo of Multicap Limited

    • Industry: Community Services
    • Source: Scott Lawry, Head of Digital

    Conversation From Down Under

    What are the hallmarks of a healthy relationship with your key stakeholders?
    "In my view, I work with partners like they are an extension of my team, as we rely on each other to achieve mutual success. Partnerships involve a deeper, more intimate relationship, where both parties are invested in the long-term success of the business."

    Why is it important to understand your stakeholder's situation?
    "It's crucial to remember that every IT project is a business project, and vice versa. As technology leaders, our role is to demystify technology by focusing on its business value. Empathy is a critical trait in this endeavor, as it allows us to see a stakeholder's situation from a business perspective, align better with the business vision and goals, and ultimately connect with people, rather than just technology."

    How do you stay committed during tough times?
    "I strive to leave emotions at the door and avoid taking a defensive stance. It's important to remain neutral and not personalize the issue. Instead, stay focused on the bigger picture and goals, and try to find a common purpose. To build credibility, it's also essential to fact-check assumptions regularly. By following these principles, I approach situations with a clear mind and better perspective, which ultimately helps achieve success."

    Photo of Scott Lawry, Head Of Digital at Multicap Limited

    Key Takeaways

    In a recent conversation with a business executive about the evolving role of CIOs, she expressed: "It's the worst time to be perceived as a technology evangelist and even worse to be perceived as an average CIO who can't communicate the business value of technology."

    This highlights the immense pressure many CIOs face when evolving beyond just managing the IT factory.

    The modern CIO is a business leader who can forge relationships and expand their influence to transform IT into a core driver of business value.

    Stakeholder Sentiment

    Identify key stakeholders and their perception of IT's effectiveness

    1.1 Identify Key Stakeholders

    A diagram of Identify Key Stakeholders

    Identify and prioritize your key stakeholders. Be diligent with stakeholder identification. Use a broad view to identify stakeholders who are known versus those who are "hidden." If stakeholders are missed, then so are opportunities to expand your sphere of influence.

    1.2 Understand Stakeholder's Perception of IT

    A diagram that shows Info-Tech's Diagnostic Reports and Hospital Authority XYZ

    Assess stakeholder sentiments from Info-Tech's diagnostic reports and/or your organization's satisfaction surveys to help identify individuals who may have the greatest influence to support or detract IT's performance and those who are passive observers that can become your greatest allies. Determine where best to focus your limited time amid competing priorities by focusing on the long-term goals that support the organization's vision.

    Info-Tech Insight

    Understand which individuals can directly or indirectly influence your ability to achieve your priorities. Look inside and out, as you may find influencers beyond the obvious peers or executives in an organization. Influence can result from expansive connections, power of persuasion, and trust to get things done.

    Visit Info-Tech's Diagnostic Programs

    Activity: Identify and Prioritize Stakeholders

    30-60 minutes

    1.1 Identify Key Stakeholders

    Start with the key stakeholders that are known to you. Take a 360-degree view of both internal and external connections. Leverage external professional & network platforms (e.g. LinkedIn), alumni connections, professional associations, forums, and others that can help flush out hidden stakeholders.

    1.2 Prioritize Key Stakeholders

    Use stakeholder satisfaction surveys like Info-Tech's Business Vision diagnostic as a starting point to identify those who are your allies and those who have the potential to derail IT's success, your professional brand, and your strategic priorities. Review the results of the diagnostic reports to flush out those who are:

    • Resisters: Vocal about their dissatisfaction with IT's performance and actively sabotage or disrupt
    • Skeptics: Disengaged, passive observers
    • Ambassadors: Aligned but don't proactively support
    • Champions: Actively engaged and will proactively support your success

    Consider the following:

    • Influencers may not have formal authority within an organization but have relationships with your stakeholders.
    • Influencers may be hiding in many places, like the coach of your daughter's soccer team who rows with your CEO.
    • Prioritize, i.e. three degrees of separation due to potential diverse reach of influence.

    Key Output: Create a tab for your most critical stakeholders.

    A diagram that shows profile tabs

    Download the Personal Relationship Management Journal Template.

    Understand stakeholders' business

    Create a stakeholder profile to understand the context in which stakeholders operate.

    2.1 Create individual profile for each stakeholder

    A diagram that shows different stakeholder questions

    Collect and analyze key information to understand the context in which your stakeholders operate. Use the information to derive insights about their mandate, accountabilities, strategic goals, investment priorities, and performance metrics and challenges they may be facing.

    Stakeholder profiles can be used to help design the best approach for personal interactions with individuals as their business context changes.

    If you are short on time, use this checklist to gather information:

    • Stakeholder's business unit (BU) strategy goals
    • High-level organizational chart
    • BU operational model or capability map
    • Key performance metrics
    • Projects underway and planned
    • Financial budget (if available)
    • Milestone dates for key commitments and events
    • External platforms like LinkedIn, Facebook, Twitter, Slack, Instagram, Meetup, blogs

    Info-Tech Insight

    Understanding what stakeholders want (and more importantly, what they don't) requires knowing their business and the personal and social circumstances underlying their priorities and behaviors.

    Activity: Create a stakeholder profile

    30-60 minutes

    2.1.0 Understand stakeholder's business context

    Create a profile for each of your priority stakeholders to document their business context. Review all the information collected to understand their mandate, core accountability, and business capabilities. The context in which individuals operate is a window into the motivations, pressures, and vested interests that will influence the intersectionality between their expectations and yours.

    2.1.1 Document Observable Challenges as Private Notes

    Crushing demands and competing priorities can lead to tension and stress as people jockey to safeguard their time. Identify some observable challenges to create greater situational awareness. Possible underlying factors:

    • Sudden shifts/changes in mandate
    • Performance (operations, projects)
    • Finance
    • Resource and talent gaps
    • Politics
    • Personal circumstances
    • Capability gaps/limitations
    • Capacity challenges

    A diagram that shows considerations of this activity.

    Analyze Stakeholder's Work Style

    Adapt communication styles to the situational context in which your stakeholders operate

    2.2 Determine the ideal approach for engaging each stakeholder

    Each stakeholder has a preferred modality of working which is further influenced by dynamic situations. Some prefer to meet frequently to collaborate on solutions while others prefer to analyze data in solitude before presenting information to substantiate recommendations. However, fostering trust requires:

    1. Understanding your preferred default when engaging others.
    2. Knowing where you need to expand your skills.
    3. Identifying which skills to activate for different professional scenarios.

    Adapting your communication style to create productive interactions will require a diverse arsenal of interpersonal skills that you can draw upon as situations shift. The ability to adapt your work style to dial any specific trait up or down will help to increase your powers of persuasion and influence.

    "There are only two ways to influence human behavior: you can manipulate it, or you can inspire it." – Simon Sinek

    Activity: Identify Engagement Strategies

    30 minutes

    2.2.0 Establish work styles

    Every individual has a preferred style of working. Determine work styles starting with self-awareness:

    • Express myself - How you communicate and interact with others
    • Expression by others - How you want others to communicate and interact with you

    Through observation and situational awareness, we can make inferences about people's work style.

    • Observations - Observable traits of other people's work style
    • Situations - Personal and professional circumstances that influence how we communicate and interact with one another

    Where appropriate and when opportunities arise, ask individuals directly about their preferred work styles and method for communication. What is their preferred method of communication? During a normal course of interaction vs. for urgent priorities?

    2.2.1 Brainstorm possible engagement strategies

    Consider the following when brainstorming engagement strategies for different work styles.

    A table of involvement, influence, and connection.

    Think engagement strategies in different professional scenarios:

    • Meetings - Where and how you connect
    • Communicating - How and what you communicate to create connection
    • Collaborating - What degree of involved in shared activities
    • Persuading - How you influence or direct others to get things done

    Expand New Interpersonal Skills

    Use the Business Archetypes to brainstorm possible approaches for engaging with different work styles. Additional communication and engagement tactics may need to be considered based on circumstances and changing situations.

    A diagram that shows business archetypes and engagement strategies.

    Communicate Effectively

    Productive communication is a dialogue that requires active listening, tailoring messages to fluid situations, and seeking feedback to adapt.

    A diagram of elements that contributes to better align intention and impact

    Be Relevant

    • Understand why you need to communicate
    • Determine what you need to convey
    • Tailor your message to what matters to the audience and their context
    • Identify the most appropriate medium based on the situation

    Be Consistent and Accurate

    • Say what you mean and mean what you say to avoid duplicity
    • Information should be accurate and complete
    • Communicate truthfully; do not make false promises or hide bad news
    • Don't gossip

    Be Clear and Concise

    • Keep it simple and avoid excessive jargon
    • State asks upfront to set intention and transparency
    • Avoid ambiguity and focus on outcomes over details
    • Be brief and to the point or risk losing stakeholder's attention

    Be Attentive and Authentic

    • Stay engaged and listen actively
    • Be curious and inquire for clarification or explanation
    • Be flexible to adapt to both verbal and non-verbal cues
    • Be authentic in your approach to sharing yourself
    • Avoid "canned" approaches

    A diagram of listen, observe, reflect.


    "Good communication is the bridge between confusion and clarity."– Nat Turner (LinkedIn, 2020)

    Exemplar: Engaging With Jane

    A diagram that shows Exemplar: Engaging With Jane

    Exemplar: Engaging With Ali

    A diagram that shows Exemplar: Engaging With Ali

    Develop an Action Plan

    Moving from intent to action requires a plan to ensure you stay committed through the peaks and troughs.

    Create Your 120-Day Plan

    An action plan example

    Key elements of the action plan:

    • Strategic priorities – Your top focus
    • Objective – Your goals
    • 30-60-90-120 Day Topics – Key agenda items
    • Meeting Progress Notes – Key takeaways from meetings
    • Private Notes – Confidential observations

    Investing in relationships is a long-term process. You need to accumulate enough trust to trade or establish coalitions to expand your sphere of influence. Even the strongest of professional ties will have their bouts of discord. To remain committed to building the relationship during difficult periods, use an action plan that helps you stay grounded around:

    • Shared purpose
    • Removing emotion from the situation
    • Continuously learning from every interaction

    Photo of Angela Diop
    "Make intentional actions to set intentionality. Plans are good to keep you grounded and focused especially when relationship go through ups and down and there are changes: to new people and new relationships."
    – Angela Diop, Senior Director, Executive Services, Info-Tech & former VP of Information Services with Unity Health Care

    Activity: Design a Tailored Action Plan

    30-60 minutes

    3.1.0 Determine your personal expectations

    Establish your personal goals and expectations around what you are seeking from the relationship. Determine the strength of your current connection and identify where you want to move the relationship across the continuum of commitment.

    Use insights from your stakeholder's profile to explore their span of influence and degree of interest in supporting your strategic priorities.

    3.1.1 Determine what you want from the relationship

    Based on your personal goals, identify where you want to move the relationship across the continuum of commitment: What are you hoping to achieve from the relationship? How will this help create a win/win situation for both you and the key stakeholder?

    A diagram of Continuum of Commitment.

    3.1.2 Identify your metrics for progress

    Fostering relationships take time and commitment. Utilizing metrics or personal success criteria for each of your focus areas will help you stay on track and find opportunities to make each engagement valuable instead of being transactional.

    A graph that shows influence vs interest.

    Make your action plan impactful

    Level of Connection

    The strength of the relationship will help inform the level of time and effort needed to achieve your goals.

    • Is this a new or existing relationship?
    • How often do you connect with this individual?
    • Are the connections driven by a shared purpose or transactional as needs arise?

    Focus on Relational Value

    Cultivate your network and relationship with the goal of building emotional connection, understanding, and trust around your shared purpose and organization's vision through regular dialogue. Be mindful of transactional exchanges ("quid pro quo") to be strategic about its use. Treat every interaction as equally important regardless of agenda, duration, or channel of communication.

    Plan and Prepare

    Everyone's time is valuable, and you need to come prepared with a clear understanding of why you are engaging. Think about the intentionality of the conversation:

    • Gain buy-in
    • Create transparency
    • Specific ask
    • Build trust and respect
    • Provide information to clarify, clear, or contain a situation

    Non-Verbal Communication Matters

    Communication is built on both overt expressions and subtext. While verbal communication is the most recognizable form, non-lexical components of verbal communication (i.e. paralanguage) can alter stated vs. intended meaning. Engage with the following in mind:

    • Tone, pitch, speed, and hesitation
    • Facial expressions and gestures
    • Choice of channel for engagement

    Exemplar: Action Plan for VP, Digital

    A diagram that shows Exemplar: Action Plan for VP, Digital

    Make Relationship Management a Daily Habit

    Management plans are living documents and need to be flexible to adapt to changes in stakeholder context.

    Monitor and Adjust to Communicate Strategically

    A diagram that shows Principles for Effective Communication and Key Measures

    Building trust takes time and commitment. Treat every conversation with your key stakeholders as an investment in building the social capital to expand your span of influence when and where you need it to go. This requires making relationship management a daily habit. Action plans need to be a living document that is your personal journal to document your observations, feelings, and actions. Such a plan enables you to make constant adjustments along the relationship journey.

    "Without involvement, there is no commitment. Mark it down, asterisk it, circle it, underline it."– Stephen Convey (LinkedIn, 2016)

    Capture some simple metrics

    If you can't measure your actions, you can't manage the relationship.

    An example of measures: what, why, how - metrics, and intended outcome.

    While a personal relationship journal is not a formal performance management tool, identifying some tangible measures will improve the likelihood of aligning your intent with outcomes. Good measures will help you focus your efforts, time, and resources appropriately.

    Keep the following in mind:

    1. WHAT are you trying to measure?
      Specific to the situation or scenario
    2. WHY is this important?
      Relevant to your personal goals
    3. HOW will you measure?
      Achievable and quantifiable
    4. WHAT will the results tell you?
      Intended outcome that is directional

    Summary of accomplishments

    Knowledge Gained

    • Relationship management is critical to a CIO's success
    • A personal relationship journal will help build:
      • Customized approach to engaging stakeholders
      • New communication skills to adapt to different work styles

    New Concepts

    • Work style assessment framework and engagement strategies
    • Effective communication strategies
    • Continuum of commitment to establish personal goals

    Approach to Creating a Personal Journal

    • Step-by-step approach to create a personal journal
    • Key elements for inclusion in a journal
    • Exemplar and recommendations

    Related Info-Tech Research

    Photo of Tech Trends and Priorities Research Centre

    Tech Trends and Priorities Research Centre

    Access Info-Tech's Tech Trend reports and research center to learn about current industry trends, shifts in markets, and disruptions that are impacting your industry and sector. This is a great starting place to gain insights into how the ecosystem is changing your business and the role of IT within it.

    Photo of Embed Business Relationship Management in IT

    Embed Business Relationship Management in IT

    Create a business relationship management (BRM) function in your program to foster a more effective partnership with the business and drive IT's value to the organization.

    Photo of Become a Transformational CIO

    Become a Transformational CIO

    Collaborate with the business to lead transformation and leave behind a legacy of growth.

    Appendix: Framework

    Content:

    • Adaptation of DiSC profile assessment
    • DiSC Profile Assessment
    • FIRO-B Framework
    • Experience Cube

    Info-Tech's Adaption of DiSC Assessment

    A diagram of business archetypes

    Info-Tech's Business Archetypes was created based on our analysis of the DiSC Profile and Myers-Briggs FIRO-B personality assessment tools that are focused on assessing interpersonal traits to better understand personalities.

    The adaptation is due in part to Info-Tech's focus on not designing a personality assessment tool as this is neither the intent nor the expertise of our services. Instead, the primary purpose of this adaptation is to create a simple framework for our members to base their observations of behavioral cues to identify appropriate communication styles to better interact with key stakeholders.

    Cautionary note:
    Business archetypes are personas and should not be used to label, make assumptions and/or any other biased judgements about individual personalities. Every individual has all elements and aspects of traits across various spectrums. This must always remain at the forefront when utilizing any type of personality assessments or frameworks.

    Click here to learn about DiSC Profile
    Click here learn about FIRO-B
    Click here learn about Experience Cube

    DiSC Profile Assessment

    A photo of DiSC Profile Assessment

    What is DiSC?

    DisC® is a personal assessment tool that was originally developed in 1928 by psychologist William Moulton Marston, who designed it to predict job performance. The tool has evolved and is now widely used by thousands of organizations around the world, from large government agencies and Fortune 500 companies to nonprofit and small businesses, to help improve teamwork, communication, and productivity in the workplace. The tool provides a common language people can use to better understand themselves and those they interact with - and use this knowledge to reduce conflict and improve working relationships.

    What does DiSC mean?

    DiSC is an acronym that stands for the four main personality profiles described in the Everything DiSC model: (D)ominance, (i)nfluence, (S)teadiness, (C)onscientiousness

    People with (D) personalities tend to be confident and emphasize accomplishing bottom-line results.
    People with (i) personalities tend to be more open and emphasize relationships and influencing or persuading others.
    People with (S) personalities tend to be dependable and emphasize cooperation and sincerity.
    People with (C) personalities tend to emphasize quality, accuracy, expertise, and competency.

    Go to this link to explore the DiSC styles

    FIRO-B® – Interpersonal Assessment

    A diagram of FIRO framework

    What is FIRO workplace relations?

    The Fundamental Interpersonal Relations Orientation Behavior (FIRO-B®) tool has been around for forty years. The tool assesses your interpersonal needs and the impact of your behavior in the workplace. The framework reveals how individuals can shape and adapt their individual behaviors, influence others effectively, and build trust among colleagues. It has been an excellent resource for coaching individuals and teams about the underlying drivers behind their interactions with others to effectively build successful working relationships.

    What does the FIRO framework measure?

    The FIRO framework addresses five key questions that revolve around three interpersonal needs. Fundamentally, the framework focuses on how you want to express yourself toward others and how you want others to behave toward you. This interaction will ultimately result in the universal needs for (a) inclusion, (b) control, and (c) affection. The insights from the results are intended to help individuals adjust their behavior in relationships to get what they need while also building trust with others. This will allow you to better predict and adapt to different situations in the workplace.

    How can FIRO influence individual and team performance in the workplace?

    FIRO helps people recognize where they may be giving out mixed messages and prompts them to adapt their exhibited behaviors to build trust in their relationships. It also reveals ways of improving relationships by showing individuals how they are seen by others, and how this external view may differ from how they see themselves. Using this lens empowers people to adjust their behavior, enabling them to effectively influence others to achieve high performance.

    In team settings, it is a rich source of information to explore motivations, underlying tensions, inconsistent behaviors, and the mixed messages that can lead to mistrust and derailment. It demonstrates how people may approach teamwork differently and explains the potential for inefficiencies and delays in delivery. Through the concept of behavioral flexibility, it helps defuse cultural stereotypes and streamline cross-cultural teams within organizations.

    Go to this link to explore FIRO-B for Business

    Experience Cube

    A diagram of experience cube model.

    What is an experience cube?

    The Experience Cube model was developed by Gervase Bushe, a professor of Leadership and Organization at the Simon Fraser University's school of Business and a thought leader in the field of organizational behavior. The experience cube is intended as a tool to plan and manage conversations to communicate more effectively in the moment. It does this by promoting self-awareness to better reduce anxiety and adapt to evolving and uncertain situations.

    How does the experience cube work?

    Using the four elements of the experience cube (Observations, Thoughts, Feelings, and Wants) helps you to separate your experience with the situation from your potential judgements about the situation. This approach removes blame and minimizes defensiveness, facilitating a positive discussion. The goal is to engage in a continuous internal feedback loop that allows you to walk through all four quadrants in the moment to help promote self-awareness. With heightened self-awareness, you may (1) remain curious and ask questions, (2) check-in for understanding and clarification, and (3) build consensus through agreement on shared purpose and next steps.

    Observations: Sensory data (information you take in through your senses), primarily what you see and hear. What a video camera would record.

    Thoughts: The meaning you add to your observations (i.e. the way you make sense of them, including your beliefs, expectations, assumptions, judgments, values, and principles). We call this the "story you make up."

    Feelings: Your emotional or physiological response to the thoughts and observations. Feelings words such as sad, mad, glad, scared, or a description of what is happening in your body.

    Wants: Clear description of the outcome you seek. Wants go deeper than a simple request for action. Once you clearly state what you want, there may be different ways to achieve it.

    Go to this link to explore more: Experience Cube

    Research Contributors and Experts

    Photo of Joanne Lee
    Joanne Lee
    Principal, Research Director, CIO Advisory
    Info-Tech Research Group

    Joanne is a professional executive with over twenty-five years of experience in digital technology and management consulting spanning healthcare, government, municipal, and commercial sectors across Canada and globally. She has successfully led several large, complex digital and business transformation programs. A consummate strategist, her expertise spans digital and technology strategy, organizational redesign, large complex digital and business transformation, governance, process redesign, and PPM. Prior to joining Info-Tech Research Group, Joanne was a Director with KPMG's CIO Advisory management consulting services and the Digital Health practice lead for Western Canada. She brings a practical and evidence-based approach to complex problems enabled by technology.

    Joanne holds a Master's degree in Business and Health Policy from the University of Toronto and a Bachelor of Science (Nursing) from the University of British Columbia.



    Photo of Gord Harrison
    Gord Harrison
    Senior Vice President, Research and Advisory
    Info-Tech Research Group

    Gord Harrison, SVP, Research and Consulting, has been with Info-Tech Research Group since 2002. In that time, Gord leveraged his experience as the company's CIO, VP Research Operations, and SVP Research to bring the consulting and research teams together under his current role, and to further develop Info-Tech's practical, tactical, and value-oriented research product to the benefit of both organizations.

    Prior to Info-Tech, Gord was an IT consultant for many years with a focus on business analysis, software development, technical architecture, and project management. His background of educational game software development, and later, insurance industry application development gave him a well-rounded foundation in many IT topics. Gord prides himself on bringing order out of chaos and his customer-first, early value agile philosophy keeps him focused on delivering exceptional experiences to our customers.



    Photo of Angela Diop
    Angela Diop
    Senior Director, Executive Services
    Info-Tech Research Group

    Angela has over twenty-five years of experience in healthcare, as both a healthcare provider and IT professional. She has spent over fifteen years leading technology departments and implementing, integrating, managing, and optimizing patient-facing and clinical information systems. She believes that a key to a healthcare organization's ability to optimize health information systems and infrastructure is to break the silos that exist in healthcare organizations.

    Prior to joining Info-Tech, Angela was the Vice President of Information Services with Unity Health Care. She has demonstrated leadership and success in this area by fostering environments where business and IT collaborate to create systems and governance that are critical to providing patient care and sustaining organizational health.

    Angela has a Bachelor of Science in Systems Engineering and Design from the University of Illinois and a Doctorate of Naturopathic Medicine from Bastyr University. She is a Certified CIO with the College of Healthcare Information Management Executives. She is a two-time Health Information Systems Society (HIMSS) Davies winner.



    Photo of Edison Barreto
    Edison Barreto
    Senior Director, Executive Services
    Info-Tech Research Group

    Edison is a dynamic technology leader with experience growing different enterprises and changing IT through creating fast-paced organizations with cultural, modernization, and digital transformation initiatives. He is well versed in creating IT and business cross-functional leadership teams to align business goals with IT modernization and revenue growth. Over twenty-five years of Gaming, Hospitality, Retail, and F&B experience has given him a unique perspective on guiding and coaching the creation of IT department roadmaps to focus on business needs and execute successful changes.

    Edison has broad business sector experience, including:
    Hospitality, Gaming, Sports and Entertainment, IT policy and oversight, IT modernization, Cloud first programs, R&D, PCI, GRDP, Regulatory oversight, Mergers acquisitions and divestitures.



    Photo of Mike Tweedie
    Mike Tweedie
    Practice Lead, CIO Strategy
    Info-Tech Research Group

    Michael Tweedie is the Practice Lead, CIO – IT Strategy at Info-Tech Research Group, specializing in creating and delivering client-driven, project-based, practical research, and advisory. He brings more than twenty-five years of experience in technology and IT services as well as success in large enterprise digital transformations.

    Prior to joining Info-Tech, Mike was responsible for technology at ADP Canada. In that role, Mike led several large transformation projects that covered core infrastructure, applications, and services and worked closely with and aligned vendors and partners. The results were seamless and transparent migrations to current services, like public cloud, and a completely revamped end-user landscape that allowed for and supported a fully remote workforce.

    Prior to ADP, Mike was the North American Head of Engineering and Service Offerings for a large French IT services firm, with a focus on cloud adoption and complex ERP deployment and management; he managed large, diverse global teams and had responsibilities for end-to-end P&L management.

    Mike holds a Bachelor's degree in Architecture from Ryerson University.



    Photo of Carlene McCubbin
    Carlene McCubbin
    Practice Lead, People and Leadership
    Info-Tech Research Group

    Carlene McCubbin is a Research Lead for the CIO Advisory Practice at Info-Tech Research Group covering key topics in operating models & design, governance, and human capital development.

    During her tenure at Info-Tech, Carlene has led the development of Info-Tech's Organization and Leadership practice and worked with multiple clients to leverage the methodologies by creating custom programs to fit each organization's needs.

    Before joining Info-Tech, Carlene received her Master of Communications Management from McGill University, where she studied development of internal and external communications, government relations, and change management. Her education honed her abilities in rigorous research, data analysis, writing, and understanding the organization holistically, which has served her well in the business IT world.



    Photo of Anubhav Sharma
    Anubhav Sharma
    Research Director, CIO Strategy
    Info-Tech Research Group

    Anubhav is a digital strategy and execution professional with extensive experience in leading large-scale transformation mandates for organizations both in North America and globally, including defining digital strategies for leading banks and spearheading a large-scale transformation project for a global logistics pioneer across ten countries. Prior to joining Info-Tech Research Group, he held several industry and consulting positions in Fortune 500 companies driving their business and technology strategies. In 2023, he was recognized as a "Top 50 Digital Innovator in Banking" by industry peers.

    Anubhav holds an MBA in Strategy from HEC Paris, a Master's degree in Finance from IIT-Delhi, and a Bachelor's degree in Engineering.



    Photo of Kim Osborne-Rodriguez
    Kim Osborne-Rodriguez
    Research Director, CIO Strategy
    Info-Tech Research Group

    Kim is a professional engineer and Registered Communications Distribution Designer (RCDD) with over a decade of experience in management and engineering consulting spanning healthcare, higher education, and commercial sectors. She has worked on some of the largest hospital construction projects in Canada, from early visioning and IT strategy through to design, specifications, and construction administration. She brings a practical and evidence-based approach to digital transformation, with a track record of supporting successful implementations.

    Kim holds a Bachelor's degree in Mechatronics Engineering from University of Waterloo.



    Photo of Amanda Mathieson
    Amanda Mathieson
    Research Director, People and Leadership
    Info-Tech Research Group

    Amanda joined Info-Tech Research Group in 2019 and brings twenty years of expertise working in Canada, the US, and globally. Her expertise in leadership development, organizational change management, and performance and talent management comes from her experience in various industries spanning pharmaceutical, retail insurance, and financial services. She takes a practical, experiential approach to people and leadership development that is grounded in adult learning methodologies and leadership theory. She is passionate about identifying and developing potential talent, as well as ensuring the success of leaders as they transition into more senior roles.

    Amanda has a Bachelor of Commerce degree and Master of Arts in Organization and Leadership Development from Fielding Graduate University, as well as a post-graduate diploma in Adult Learning Methodologies from St. Francis Xavier University. She also has certifications in Emotional Intelligence – EQ-i 2.0 & 360, Prosci ADKAR® Change Management, and Myers-Briggs Type Indicator Step I and II.

    Bibliography

    Bacey, Christopher. "KPMG/Harvey Nash CIO Survey finds most organizations lack enterprise-wide digital strategy." Harvey Nash/KPMG CIO Survey. Accessed Jan. 6, 2023. KPMG News Perspective - KPMG.us.com

    Calvert, Wu-Pong Susanna. "The Importance of Rapport. Five tips for creating conversational reciprocity." Psychology Today Magazine. June 30, 2022. Accessed Feb. 10, 2023. psychologytoday.com/blog

    Coaches Council. "14 Ways to Build More Meaningful Professional Relationships." Forbes Magazine. September 16, 2020. Accessed Feb. 20, 2023. forbes.com/forbescoachescouncil

    Council members. "How to Build Authentic Business Relationships." Forbes Magazine. June 15, 2021. Accessed Jan. 15, 2023. Forbes.com/business council

    Deloitte. "Chief Information Officer (CIO) Labs. Transform and advance the role of the CIO." The CIO program. Accessed Feb. 5, 2021.

    Dharsarathy, Anusha et al. "The CIO challenge: Modern business needs a new kind of tech leader." McKinsey and Company. January 27, 2020. Accessed Feb 2023. Mckinsey.com

    DiSC profile. "What is DiSC?" DiSC Profile Website. Accessed Feb. 5, 2023. discprofile.com

    FIRO Assessment. "Better working relationships". Myers Brigg Website. Resource document downloaded Feb. 10, 2023. myersbriggs.com/article

    Fripp, Patricia. "Frippicisms." Website. Accessed Feb. 25, 2023. fripp.com

    Grossman, Rhys. "The Rise of the Chief Digital Officer." Russell Reynolds Insights, January 1, 2012. Accessed Jan. 5, 2023. Rise of the Chief Digital Officer - russellreynolds.com

    Kambil, Ajit. "Influencing stakeholders: Persuade, trade, or compel." Deloitte Article. August 9, 2017. Accessed Feb. 19, 2023. www2.deloitte.com/insights

    Kambil, Ajit. "Navigating the C-suite: Managing Stakeholder Relationships." Deloitte Article. March 8, 2017. Accessed Feb. 19, 2023. www2.deloitte.com/insights

    Korn Ferry. "Age and tenure in the C-suite." Kornferry.com. Accessed Jan. 6, 2023. Korn Ferry Study Reveals Trends by Title and Industry

    Kumthekar, Uday. "Communication Channels in Project". Linkedin.com, 3 March 2020. Accessed April 27, 2023. Linkedin.com/Pulse/Communication Channels

    McWilliams, Allison. "Why You Need Effective Relationships at Work." Psychology Today Magazine. May 5, 2022. Accessed Feb. 11, 2023. psychologytoday.com/blog

    McKinsey & Company. "Why do most transformations fail? A conversation with Harry Robinson." Transformation Practice. July 2019. Accessed Jan. 10, 2023. Mckinsey.com

    Mind Tools Content Team. "Building Good Work Relationships." MindTools Article. Accessed Feb. 11, 2023. mindtools.com/building good work relationships

    Pratt, Mary. "Why the CIO-CFO relationship is key to digital success." TechTarget Magazine. November 11, 2021. Accessed Feb. 2023. Techtarget.com

    LaMountain, Dennis. "Quote of the Week: No Involvement, No Commitment". Linkedin.com, 3 April 2016. Accessed April 27, 2023. Linkedin.com/pulse/quote-week-involvement

    PwC Pulse Survey. "Managing Business Risks". PwC Library. 2022. Accessed Jan. 30, 2023. pwc.com/pulse-survey

    Rowell, Darin. "3 Traits of a Strong Professional Relationship." Harvard Business Review. August 8, 2019. Accessed Feb. 20, 2023. hbr.org/2019/Traits of a strong professional relationship

    Sinek, Simon. "The Optimism Company from Simon Sinek." Website. Image Source. Accessed, Feb. 21, 2023. simonsinek.com

    Sinek, Simon. "There are only two ways to influence human behavior: you can manipulate it or you can inspire it." Twitter. Dec 9, 2022. Accessed Feb. 20, 2023. twitter.com/simonsinek

    Whitbourne, Susan Krauss. "10 Ways to Measure the Health of Relationship." Psychology Today Magazine. Aug. 7, 2021. Accessed Jan. 30, 2023. psychologytoday.com/blog

    Improve Your Statements of Work to Hold Your Vendors Accountable

    • Buy Link or Shortcode: {j2store}233|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $10,638 Average $ Saved
    • member rating average days saved: 16 Average Days Saved
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management
    • SOW reviews are tedious, and reviewers may lack the skills and experience to effectively complete the process.
    • Vendors draft provisions that shift the performance risk to the customer in subtle ways that are often overlooked or not identified by customers.
    • Customers don’t understand the power and implications of SOWs, treating them as an afterthought or formality.

    Our Advice

    Critical Insight

    • There is often a disconnect between what is sold and what is purchased. To gain the customer’s approval, vendors will present a solution- or outcome-based proposal. However, the SOW is task or activity based, shifting the risk for success to the customer.
    • A good SOW takes time and should not be rushed. The quality of the requirements and of the SOW wording drive success. Not allocating enough time to address both increases the risk of the project’s failure.

    Impact and Result

    • Info-Tech’s guidance and insights will help you navigate the complex process of SOW review and identify the key details necessary to maximize the protections for your organization and hold vendors accountable.
    • This blueprint provides direction on spotting vendor-biased terms and conditions and offers tips for mitigating the risk associated with words and phrases that shift responsibilities and obligations from the vendor to the customer.

    Improve Your Statements of Work to Hold Your Vendors Accountable Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should spend more time assessing your statements of work, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess SOW Terms and Conditions

    Use Info-Tech’s SOW review guidance to find common pitfalls and gotchas, to maximize the protections for your organization, and to hold vendors accountable.

    • Improve Your Statements of Work to Hold Your Vendors Accountable – Storyboard
    • Contract or SOW Guide
    • SOW Maps Tool
    • Red-Flag Words and Phrases Tool
    [infographic]

    Workshop: Improve Your Statements of Work to Hold Your Vendors Accountable

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess SOW Terms and Conditions

    The Purpose

    Gain a better understanding of common SOW clauses and phrases.

    Key Benefits Achieved

    Reduce risk

    Increase vendor accountability

    Improve negotiation positions

    Activities

    1.1 Review sample SOW provisions, identify the risks, and develop a negotiation position.

    1.2 Review Info-Tech tools.

    Outputs

    Awareness and increased knowledge

    Familiarity with the Info-Tech tools

    Explore the Secrets of IBM Software Contracts to Optimize Spend and Reduce Compliance Risk

    • Buy Link or Shortcode: {j2store}141|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Licensing
    • Parent Category Link: /licensing
    • IBM customers want to make effective use of their paid-up licenses to avoid overspending and stay compliant with agreements.
    • Each IBM software product is subject to different rules.
    • Clients control and have responsibility for aligning usage and payments. Over time, the usage of the software may be out of sync with what the client has paid for, resulting in either overspending or violation of the licensing agreement.
    • IBM audits software usage in order to generate revenue from non-compliant customers.

    Our Advice

    Critical Insight

    • You have a lot of work to do if you haven’t been paying attention to your IBM software.
    • Focus on needs first. Conduct and document a thorough requirements assessment. Well-documented needs will be your core asset in negotiation.
    • Know what’s in IBM’s terms and conditions. Failure to understand these can lead to major penalties after an audit.
    • Review your agreements and entitlements quarterly. IBM may have changed the rules, and you have almost certainly changed your usage.

    Impact and Result

    • Establish clear licensing requirements.
    • Maintain an effective process for managing your IBM license usage and compliance.
    • Identify any cost-reduction opportunities.
    • Prepare for penalty-free IBM audits.

    Explore the Secrets of IBM Software Contracts to Optimize Spend and Reduce Compliance Risk Research & Tools

    Start here – read the Executive Brief

    Read this Executive Brief to understand why you need to invest effort in managing usage and licensing of your IBM software.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Review terms and conditions for your IT contract

    Use Info-Tech’s licensing best practices to avoid the common mistakes of overspending on IBM licensing or failing an IBM audit.

    • IBM Passport Advantage Software RFQ Template
    • IBM 3-Year Bundled Price Analysis Tool
    [infographic]

    Implement Software Asset Management

    • Buy Link or Shortcode: {j2store}313|cart{/j2store}
    • member rating overall impact (scale of 10): 9.3/10 Overall Impact
    • member rating average dollars saved: $107,154 Average $ Saved
    • member rating average days saved: 39 Average Days Saved
    • Parent Category Name: Asset Management
    • Parent Category Link: /asset-management
    • Organizations are aware of the savings that result from implementing software asset management (SAM), but are unsure of where to start the process.
    • Poor data capture procedures and lack of a centralized repository produce an incomplete picture of software assets and licenses, preventing accurate forecasting and license optimization.
    • Audit protocols are ad hoc, resulting in sloppy reporting and time-consuming work and lack of preparedness for external software audits.

    Our Advice

    Critical Insight

    • A strong SAM program will benefit all aspects of the business. Data and reports gained through SAM will enable data-driven decision making for all areas of the business.
    • Don’t just track licenses; manage them to create value from data. Gathering and monitoring license data is just the beginning. What you do with that data is the real test.
    • Win the audit battle without fighting. Conduct internal audits to minimize surprises when external audits are requested.

    Impact and Result

    • Conduct a current state assessment of existing SAM processes to form an appropriate plan for implementing or improving your SAM program.
    • Define standard policies, processes, and procedures for each stage of the software asset lifecycle, from procurement through to retirement.
    • Develop an internal audit policy to mitigate the risk of costly external audits.

    Implement Software Asset Management Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should implement software asset management, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess & plan

    Assess current state and plan the scope of the SAM program, team, and budget.

    • Implement Software Asset Management – Phase 1: Assess & Plan
    • SAM Maturity Assessment
    • SAM Standard Operating Procedures
    • SAM Budget Workbook

    2. Procure, receive & deploy

    Define processes for software requests, procurement, receiving, and deployment.

    • Implement Software Asset Management – Phase 2: Procure, Receive & Deploy
    • SAM Process Workflows (Visio)
    • SAM Process Workflows (PDF)

    3. Manage, redeploy & retire

    Define processes for software inventory, maintenance, harvest and redeployment, and retirement.

    • Implement Software Asset Management – Phase 3: Manage, Redeploy & Retire
    • Patch Management Policy

    4. Build supporting processes

    Build processes for audits and plan the implementation.

    • Implement Software Asset Management – Phase 4: Build Supporting Processes & Tools
    • Software Audit Scoping Email Template
    • Software Audit Launch Email Template
    • SAM Communication Plan
    • SAM FAQ Template
    • Software Asset Management Policy
    [infographic]

    Workshop: Implement Software Asset Management

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess & Plan

    The Purpose

    Assess current state and plan the scope of the SAM program, team, and budget.

    Key Benefits Achieved

    Current state assessment

    Defined roles and responsibilities

    SAM budget plan

    Activities

    1.1 Outline SAM challenges and objectives.

    1.2 Assess current state.

    1.3 Identify roles and responsibilities for SAM team.

    1.4 Identify metrics and reports.

    1.5 Identify SAM functions to centralize vs. decentralize.

    1.6 Plan SAM budget process.

    Outputs

    Current State Assessment

    RACI Chart

    Defined metrics and reports

    SAM Budget Workbook

    2 Procure, Receive & Deploy

    The Purpose

    Define processes for software requests, procurement, receiving, and deployment.

    Key Benefits Achieved

    Defined standards for software procurement

    Documented processes for software receiving and deployment

    Activities

    2.1 Determine software standards.

    2.2 Define procurement process for new contracts.

    2.3 Define process for contract renewals and additional procurement scenarios.

    2.4 Design process for receiving software.

    2.5 Design deployment workflow.

    2.6 Define process for non-standard software requests.

    Outputs

    Software standards

    Standard Operating Procedures

    SAM Process Workflows

    3 Manage, Redeploy & Retire

    The Purpose

    Define processes for software inventory, maintenance, harvest and redeployment, and retirement.

    Key Benefits Achieved

    Defined process for conducting software inventory

    Maintenance and patch policy

    Documented workflows for software harvest and redeployment as well as retirement

    Activities

    3.1 Define process for conducting software inventory.

    3.2 Define policies for software maintenance and patches.

    3.3 Map software license harvest and reallocation process.

    3.4 Define policy for retiring software.

    Outputs

    Standard Operating Procedures

    Patch management policy

    SAM Process Workflows

    4 Build Supporting Processes & Tools

    The Purpose

    Build processes for audits, identify tool requirements, and plan the implementation.

    Key Benefits Achieved

    Defined process for internal and external audits

    Tool requirements

    Communication and implementation plan

    Activities

    4.1 Define and document the internal audit process.

    4.2 Define and document the external audit process.

    4.3 Document tool requirements.

    4.4 Develop a communication plan.

    4.5 Prepare an FAQ list.

    4.6 Identify SAM policies.

    4.7 Develop a SAM roadmap to plan your implementation.

    Outputs

    Audit response templates

    Tool requirements

    Communication plan

    End-user FAQ list

    Software Asset Management Policy

    Implementation roadmap

    Further reading

    Implement Software Asset Management

    Go beyond tracking licenses to proactively managing software throughout its lifecycle.

    Table of contents

    1. Title
    2. Executive Brief
    3. Execute the Project/DIY Guide
    4. Next Steps
    5. Appendix

    Analyst Perspective

    “Organizations often conflate software asset management (SAM) with license tracking. SAM is not merely knowing how many licenses you require to be in compliance; it’s asking the deeper budgetary questions to right-size your software spend.

    Software audits are a growing concern for businesses, but proactive reporting and decision making supported by quality data will mitigate audit risks. Value is left on the table through underused or poor-quality data, so active data management must be in play. A dedicated ITAM tool can assist with extracting value from your license data.

    Achieving an optimized SAM program is a transformative effort, but the people, processes, and technology need to be in place before that can happen.” (Sandi Conrad, Senior Director, Infrastructure & Operations Practice, Info-Tech Research Group)

    Software license complexity and audit frequency are increasing: are you prepared to manage the risk?

    This Research Is Designed For:

    • CIOs that want to improve IT’s reputation with the business.
    • CIOs that want to eliminate the threat of a software audit.
    • Organizations that want proactive reporting that benefits the entire business.
    • IT managers who want visibility into their software usage.

    This Research Will Help You:

    • Establish a standardized software management process.
    • Track and manage software throughout its lifecycle, from procurement through to retirement or redeployment.
    • Rationalize your software license estate.
    • Improve your negotiations with software vendors.
    • Improve the quality of your SAM data gathering and reporting.

    Executive summary

    Situation

    • Organizations are aware of the savings that result from implementing software asset management (SAM), but are unsure of where to start the process. With no formal standards in place for managing licenses, organizations are constantly at risk for costly software audits and poorly executed software spends.

    Complication

    • Poor data-capture procedures produce an incomplete picture of software lifecycles.
    • No centralized repository exists, resulting in fragmented reporting.
    • Audit protocols are ad hoc, resulting in sloppy reporting and time-consuming work.

    Resolution

    • Conduct a current state assessment of existing SAM processes to form an appropriate plan for implementing or improving your SAM program.
    • Build and involve a SAM team in the process from the beginning to help embed the change.
    • Define standard policies, processes, and procedures for each stage of the software asset lifecycle, from procurement through to retirement. Pace yourself; a staged implementation will make your ITAM program a success.
    • Develop an internal audit program to mitigate the risk of costly audits.
    • Once a standardized SAM program and data are in place, you will be able to use the data to optimize and rationalize your software licenses.

    Info-Tech Insight

    A strong SAM program will benefit all aspects of the business.
    Data and reports gained through SAM will enable data-driven decision making for all areas of the business.

    Don’t just track licenses; manage them to create value from data.
    Gathering and monitoring license data is just the beginning. What you do with that data is the real test.

    Win the audit battle without fighting.
    Conduct internal audits to minimize surprises when external audits are requested.

    Build the business case for SAM on cost and risk avoidance

    You can estimate the return even without tools or data.

    Benefit Calculate the return
    Compliance

    How many audits did you have in the past three years?

    How much time did you spend in audit response?

    Suppose you had two audits each year for the last three years, each with an average $250,000 in settlements.

    A team of four with an average salary of $75,000 each took six months to respond each year, allocating 20% of their work time to the audit.

    You could argue annual audits cost on average $530,000. Increasing ITAM maturity stands to reduce that cost significantly.

    Efficiency

    How much do you spend on software and maintenance by supplier?

    Suppose you spent $1M on software last year. What if you could reduce the spend by just 10% through better practices?

    SAM can help reduce the annual spend by simplifying support, renegotiating contracts based on asset data, reducing redundancy, and reducing spend.

    The Business Benefits of SAM

    • Compliance: Managing audits and meeting legal, contractual, and regulatory obligations.
    • Efficiency: Reducing costs and making the best use of assets while maintaining service.
    • Agility: Anticipate requirements using asset data for business intelligence and analytics.

    Poor software asset management practices increase costs and risks

    Failure to implement SAM can lead to:

    High cost of undiscovered IT assets
    • Needless procurement of software for new hires can be costly.
    Licensing, liability, and legal violations
    • Legal actions and penalties that result from ineffective SAM processes and license incompliance can severely impact an organization’s financial performance and corporate brand image.
    Compromised security
    • Not knowing what assets you have, who is using them and how, can compromise the security of sensitive information.
    Increased management costs
    • Not having up-to-date software license information impacts decision making, with many management teams failing to respond quickly and efficiently to operational demands.
    Increased disruptions
    • Vendors seek out organizations who don’t manage their software assets effectively; it is likely that you could be subject to major operational disruptions as a result of an audit.
    Poor supplier/vendor relationship
    • Most organizations fear communicating with vendors and are anxious about negotiating new licenses.

    54% — A study by 1E found that only 54% of organizations believe they can identify all unused software in their organization.

    28% — On average, 28% of deployed software is unused, with a wasted cost of $224 per PC on unused software (1E, 2014).

    53% — Express Metrix found that 53% of organizations had been audited within the past two years. Of those, 72% had been audited within the last 12 months.

    SAM delivers cost savings beyond the procurement stage

    SAM delivers cost savings in several ways:

    • Improved negotiating position
      • Certainty around software needs and licensing terms can put the organization in a better negotiating position for new contracts or contract renewals.
    • Improved purchasing position
      • Centralized procurement can allow for improved purchasing agreements with better pricing.
    • More accurate forecasting and spend
      • With accurate data on what software is installed vs. used, more accurate decisions can be made around software purchasing needs and budgeting.
    • Prevention of over deployment
      • Deploy software only where it is needed based on what end users actively use.
    • Software rationalization
      • SAM data may reveal multiple applications performing similar functions that can be rationalized into a single standard software that is used across the enterprise.
    • License harvesting
      • Identify unused licenses that can be harvested and redeployed to other users rather than purchasing new licenses.

    SAM delivers many benefits beyond cost savings

    Manage risk. If licensing terms are not properly observed, the organization is at risk of legal and financial exposure, including illegal software installation, loss of proof of licenses purchased, or breached terms and conditions.

    Control and predict spend. Unexpected problems related to software assets and licenses can significantly impact cash flow.

    Less operational interruptions. Poor software asset management processes could lead to failed deployments, software update interruptions, viruses, or a shutdown of unlicensed applications.

    Avoid security breaches. If data is not secure through software patches and security, confidential information may be disclosed.

    More informed decisions. More accurate data on software assets improves transparency and informs decision making.

    Improved contract management. Automated tools can alert you to when contracts are up for renewal to allow time to plan and negotiate, then purchase the right amount of licenses.

    Avoid penalties. Conduct internal audits and track compliance to avoid fees or penalties if an external audit occurs.

    Reduced IT support. Employees should require less support from the service desk with proper, up to date, licensed software, freeing up time for IT Operations to focus on other work.

    Enhanced productivity. By rationalizing and standardizing software offerings, more staff should be using the same software with the same versioning, allowing for better communication and collaboration.

    Asset management is especially correlated with the following processes

    Being highly effective at asset management means that you are more likely to be highly effective at almost all IT processes, especially:

    Icon for process 'BAI10 Configuration Management'. Configuration Management
    76% more effective
    Icon for process 'ITRG03 Manage Service Catalogs'. Service Catalog
    74% more effective
    Icon for process 'APO11 Quality Management'. Quality Management
    63% more effective
    Icon for process 'ITRG08 Data Quality'. Data Quality
    62% more effective
    Icon for process 'MEA01 Performance Measurement'. Performance Measurement
    61% more effective
    Icon for process 'BAI05 Organizational Change Management'. Organizational Change Management
    60% more effective
    Icon for process 'APO05 Portfolio Management'. Portfolio Management
    59% more effective
    Icon for process 'APO03 Enterprise Architecture'. Enterprise Architecture
    58% more effective

    Why? Good SAM processes are integral to both service management and configuration management

    (Source: Info-Tech Research Group, IT Management and Governance Diagnostic; N=972 organizations) (High asset management effectiveness was defined as those organizations with an effectiveness score of 8 or above.)

    To accelerate progress, Info-Tech Research Group parses software asset management into its essential processes

    Focus on software asset management essentials

    Software Procurement:

    • Define procurement standards for software and related warranties and support options.
    • Develop processes and workflows for purchasing and work out financial implications to inform budgeting later.

    Software Deployment and Maintenance:

    • Define policies, processes, and workflows for software receiving, deployment, and maintenance practices.
    • Develop processes and workflows for managing imaging, harvests and redeployments, service requests, and large-scale rollouts.

    Software Harvest and Retirement:

    • Manage the employee termination and software harvest cycle.
    • Develop processes, policies, and workflows for software security and retirement.

    Software Contract and Audit Management:

    • Develop processes for data collection and validation to prepare for an audit.
    • Define metrics and reporting processes to keep asset management processes on track.
    A diagram that looks like a tier circle with 'Implement SAM' at the center. The second ring has 'Request & Procure', 'Receive & Deploy', 'Manage & Maintain', and 'Harvest & Retire'. The third ring seems to be a cycle beginning with 'Plan', 'Request', 'Procure', 'Deploy', 'Manage', 'Retire', and back to 'Plan'.

    Asset management is a key piece of Info-Tech’s COBIT-based IT Management and Governance Framework

    The Info-Tech / COBIT5 IT Management & Governance Framework, a number of IT process icons arranged like a periodic table. A magnifying glass highlights process 'BAI09 Asset Management' in the 'Infrastructure & Operations' category.

    Follow Info-Tech's methodology to build a plan to implement software asset management

    Phase 1
    Assess & Plan
    Phase 2
    Procure, Receive & Deploy
    Phase 3
    Manage, Redeploy & Retire
    Phase 4
    Build supporting processes

    1.1

    Assess current state

    2.1

    Request & procure

    3.1

    Manage & maintain contracts

    4.1

    Compliance & audits

    1.2

    Build team and define metrics

    2.2

    Receive & deploy

    3.2

    Harvest or retire

    4.2

    Communicate & build roadmap

    1.3

    Plan & budget
    Deliverables
    Standard Operating Procedures (SOP)
    SAM maturity assessment Process workflows Process workflows Audit response templates
    RACI chart Software standards Patch management policy Communication plan & FAQ template
    SAM metrics SAM policies
    SAM budget workbook

    Thanks to SAM, Visa saved $200 million in three years

    Logo for VISA.

    Case Study

    Industry: Financial Services
    Source: International Business Software Managers Association

    Visa, Inc.

    Visa, Inc. is the largest payment processing company in the world, with a network that can handle over 40,000 transactions every minute.

    Software Asset Management Program

    In 2006, Visa launched a formal IT asset management program, but it was not until 2011 that it initiated a focus on SAM. Joe Birdsong, the SAM director, first addressed four major enterprise license agreements (ELAs) and compliance issues. The SAM team implemented a few dedicated SAM tools in conjunction with an aggressive approach to training.

    Results

    The proactive approach taken by Visa used a three-pronged strategy: people, process, and tools. The process included ELA negotiations, audit responses, and software license rationalization exercises.

    According to Birdsong, “In the past three years, SAM has been credited with saving Visa over $200 million.”

    An timeline arrow with benchmarks, in order: 'Tool purchases', 'ELA negotiations', 'License rationalization', 'Audit responses', '$200 million in savings in just three years thanks to optimized SAM processes'.

    Info-Tech delivers: Use our tools and templates to accelerate your project to completion

    Thumbnail of Info-Tech's 'SAM Standard Operating Procedures (SOP)'.
    SAM Standard Operating Procedures (SOP)
    Thumbnail of Info-Tech's 'SAM Maturity Assessment'.
    SAM Maturity Assessment
    Thumbnail of Info-Tech's 'SAM Visio Process Workflows'.
    SAM Visio Process Workflows
    Thumbnail of Info-Tech's 'SAM Budget Workbook'.
    SAM Budget Workbook
    Thumbnail of Info-Tech's 'Additional SAM Policy Templates'.
    Additional SAM Policy Templates
    Thumbnail of Info-Tech's 'Software Asset Management Policy'.
    Software Asset Management Policy
    Thumbnail of Info-Tech's 'SAM Communication Plan'.
    SAM Communication Plan
    Thumbnail of Info-Tech's 'SAM FAQ Template'.
    SAM FAQ Template

    Use these insights to help guide your understanding of the project

    • SAM provides value to other processes in IT.
      Data, reports, and savings gained through SAM will enable data-driven decision making for all areas of the business.
    • Don’t just track licenses; manage them to create value from data.
      Gathering and monitoring license data is just the beginning. What you do with that data is the real test.
    • SAM isn’t about managing costs; it’s about understanding your environment to make better decisions.
      Capital tied up in software can impact the progress of other projects.
    • Managing licenses can impact the entire organization.
      Gain project buy-in from stakeholders by articulating the impact that managing licenses can have on other projects and the prevalence of shadow IT.

    Measure the value of a guided implementation (GI)

    Engaging in GIs doesn’t just offer valuable project advice, it also results in significant cost savings.

    GI Measured Value (Assuming 260 workdays in a year)
    Phase 1: Assess & Plan
    • Time, value, and resources saved by using Info-Tech’s methodology to assess current state and create a defined SAM team with actionable metrics
    • For example, 2 FTEs * 5 days * $80,000/year = $6,400
    Phase 2: Procure, Receive & Deploy
    • Time, value, and resources saved by using Info-Tech’s methodology to streamline request, procurement, receiving, and deployment processes for software assets.
    • For example, 2 FTEs * 5 days * $80,000/year = $6,400
    Phase 3: Manage, Redeploy & Retire
    • Time, value, and resources saved by using Info-Tech’s methodology to streamline the maintenance, inventory, license redeployment, and software retiring processes.
    • For example, 2 FTEs * 5 days * $80,000/year = $6,400
    Phase 4: Build Supporting Processes and Tools
    • Time, resources, and potential audit fines saved by using Info-Tech’s methodology to improve audit defense processes ($298,325 average audit penalty (Based on the results of Cherwell Software’s 2013 Software Audit Industry Report)) and design a communication and implementation plan.
    • For example, 2 FTEs * 5days * $80,000/year = $6,400 + $298,325 = $304,725
    Total savings $330,325

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Implement Software Asset Management – project overview

    Phase 1: Assess & plan Phase 2: Procure, receive & deploy Phase 3: Manage, redeploy & retire Phase 4: Build supporting processes
    Supporting Tool icon Best-Practice Toolkit

    Step 1.1: Assess current state

    Step 1.2: Build team and define metrics

    Step 1.3: Plan and budget

    Step 2.1: Request and procure

    Step 2.2: Receive and deploy

    Step 3.1: Manage and maintain contracts

    Step 3.2: Harvest, redeploy, or retire

    Step 4.1: Compliance and audits

    Step 4.2: Communicate and build roadmap

    Guided Implementations
    • Assess current state and challenges.
    • Define roles and responsibilities as well as metrics.
    • Discuss SAM budgeting.
    • Define software standards and procurement process.
    • Build processes for receiving software and deploying software.
    • Define process for conducting software inventory and maintenance and patches.
    • Build software harvest and redeployment processes and retirement.
    • Define process for internal and external audits.
    • Develop communication and implementation plan.
    Associated Activity icon Onsite Workshop Module 1:
    Assess & Plan
    Module 2:
    Map Core Processes: Procure, Receive & Deploy
    Module 3:
    Map Core Processes: Manage, Redeploy & Retire
    Module 4:
    Prepare for audit, build roadmap and communications

    Workshop Overview

    Contact your account representative or email Workshops@InfoTech.com for more information.

    Workshop Day 1 Workshop Day 2 Workshop Day 3 Workshop Day 4
    Activities
    Assess & Plan

    1.1 Outline SAM challenges and objectives

    1.2 Assess current state

    1.3 Identify roles and responsibilities for SAM team

    1.4 Identify metrics and reports

    1.5 Identify SAM functions to centralize vs. decentralize

    1.6 Plan SAM budget process

    Map Core Processes: Procure, Receive & Deploy

    2.1 Determine software standards

    2.2 Define procurement process for new contracts

    2.3 Define process for contract renewals and additional procurement scenarios

    2.4 Design process for receiving software

    2.5 Design deployment workflow

    2.6 Define process for non-standard software requests

    Map Core Processes: Manage, Redeploy & Retire

    3.1 Define process for conducting software inventory

    3.2 Define policies for software maintenance and patches

    3.3 Map software license harvest and reallocation process

    3.4 Define policy for retiring software

    Build Supporting Processes

    4.1 Define and document the internal audit process

    4.2 Define and document the external audit process

    4.3 Develop a communication plan

    4.4 Prepare an FAQ list

    4.5 Identify SAM policies

    4.6 Develop a SAM roadmap to plan your implementation

    Deliverables
    • SAM maturity assessment
    • RACI chart
    • Defined metrics and reports
    • Budget workbook
    • Process workflows
    • Software standards
    • Process workflows
    • Patch management policy
    • Standard operating procedures
    • Audit response templates
    • Communication plan
    • FAQ template
    • Additional policy templates
    • Roadmap of initiatives

    Use these icons to help direct you as you navigate this research

    Use these icons to help guide you through each step of the blueprint and direct you to content related to the recommended activities.

    A small monochrome icon of a wrench and screwdriver creating an X.

    This icon denotes a slide where a supporting Info-Tech tool or template will help you perform the activity or step associated with the slide. Refer to the supporting tool or template to get the best results and proceed to the next step of the project.

    A small monochrome icon depicting a person in front of a blank slide.

    This icon denotes a slide with an associated activity. The activity can be performed either as part of your project or with the support of Info-Tech team members, who will come onsite to facilitate a workshop for your organization.

    Phase 1: Assess Current State

    VISA fought fire with fire to combat costly software audits

    Logo for VISA.

    Case Study

    Industry: Financial Services
    Source: SAM Summit 2014

    Challenge

    Visa implemented an IT asset management program in 2006. After years of software audit teams from large firms visiting and leaving expensive software compliance bills, the world’s leading payment processing company decided it was time for a change.

    Upper management recognized that it needed to combat audits. It had the infrastructure in place and the budget to purchase SAM tools that could run discovery and tracking functions, but it was lacking the people and processes necessary for a mature SAM program.

    Solution

    Visa decided to fight fire with fire. It initially contracted the same third-party audit teams to help build out its SAM processes. Eventually, Visa formed a new SAM team that was led by a group of former auditors.

    The former auditors recognized that their role was not technology based, so a group of technical individuals were hired to help roll out various SAM tools.

    The team rolled out tools like BDNA Discover and Normalize, Flexera FlexNet Manager, and Microsoft SCCM.

    Results

    To establish an effective SAM team, diverse talent is key. Visa focused on employees that were consultative but also technical. Their team needed to build relationships with teams within the organization and externally with vendors.

    Most importantly, the leaders of the team needed to think like auditors to better prepare for audits. According to Joe Birdsong, SAM Director at Visa, “we want to be viewed as a team that can go in and help right-size their environment and better understand licensing to help teams make better decisions.”

    The SAM team was only the beginning.

    Step 1.1 Assess current state and plan scope

    Phase 1:
    Assess & Plan
    This step will walk you through the following activities:This step involves the following participants:

    1.1

    Assess current state
    • 1.1.1 Outline the organization’s SAM challenges
    • 1.1.2 Identify objectives of SAM program
    • 1.1.3 Determine the maturity of your SAM program
    • Project Sponsor
    • IT Director, CIO
    • IT Managers and SAM Manager

    1.2

    Build team and define metrics

    1.3

    Plan & budget

    Step Outcomes

    • An outline of the challenges related to SAM
    • A clear direction for the program based on drivers, anticipated benefits, and goals
    • A completed maturity assessment of current SAM processes

    Sketch out challenges related to software asset management to shape the direction of the project

    Common SAM challenges

    • Audits are disruptive, time-consuming, and costly
    • No audit strategy and response in place
    • Software non-compliance risk is too high
    • Lacking data to forecast software needs
    • No central repository of software licenses
    • Untracked or unused software licenses results in wasted spend
    • Software license and maintenance costs account for a large percentage of the budget
    • Lacking data to know what software is purchased and deployed across the organization
    • Lack of software standards make it difficult to collect consistent information about software products
    • New software licenses are purchased when existing licenses remain on the shelf or multiple similar software products are purchased
    • Employees or departments make ad hoc purchases, resulting in overspending and reduced purchasing power
    • License renewal dates come up unexpectedly without time for adequate decision making
    • No communication between departments to coordinate software purchasing
    • Difficult to stay up to date with software licensing rule changes to remain in compliance
    • Processes and policies are unstandardized and undocumented

    Outline the organization’s SAM challenges

    Associated Activity icon 1.1.1 Brainstorm SAM challenges

    Participants: CIO/CFO, IT Director, Asset Manager, Purchasing, Service Desk Manager, Security (optional), Operations (optional)

    1. Distribute sticky notes to participants. Have everyone start by identifying challenges they face as a result of poor software asset management.
    2. As group, discuss and outline the software asset management challenges facing the organization. These may be challenges caused by poor SAM processes or simply by a lack of process. Group the challenges into key pain points to inform the current state discussion and assessment to follow.

    To be effective with software asset management, understand the drivers and potential impact to the organization

    Drivers of effective SAM Results of effective SAM
    Contracts and vendor licensing programs are complex and challenging to administer without data related to assets and their environment. Improved access to accurate data on contracts, licensing, warranties, installed software for new contracts, renewals, and audit requests.
    Increased need to meet compliance requires a formal approach to tracking and managing assets. Encryption, software application controls, and change notifications all contribute to better asset controls and data security.
    Cost cutting is on the agenda, and management is looking to reduce overall IT spend in the organization in any possible way. Reduction of software spend through data for better forecasting, planning, and licensing rationalization and harvesting.
    Audits are time consuming, disruptive to project timelines and productivity, and costly. Respond to audits with a formalized process, accurate data, and minimal disruption using always-available reporting.

    Determine goals to focus the direction of your SAM program

    Associated Activity icon 1.1.2 Identify objectives of the SAM program

    Participants: CIO/CFO, IT Director, Asset Manager, Service Manager (optional)

    Document: Document in the Standard Operating Procedures.

    1. Identify the drivers behind the software asset management implementation or improvement project. List on a whiteboard or flip chart.
    2. Using the project drivers as input, brainstorm the goals of the SAM project. Discuss the goals as a group and finalize into a list of objectives for the SAM program.
    3. Record the objectives in the SOP and keep them in mind as you work through the rest of the project.

    Sample Objectives:

    1. A single data repository to efficiently manage assets for their entire lifecycle.
    2. Formalizing a methodology for documenting assets to make data retrieval easy and accurate.
    3. Defining and documenting processes to determine where improvements can be made.
    4. Improving customer experience in accessing, using, and maintaining assets.
    5. Centralizing contract information.
    6. Providing access to information for all technical teams as needed.

    Implementing SAM processes will support other IT functions

    By improving how you manage your licenses and audit requests, you will not only provide benefits through a mature SAM program, you will also improve your service desk and disaster recovery functions.

    Service Desk Disaster Recovery
    • Effective service desk tickets require a certain degree of technical detail for completion that a SAM program often provides.
    • Many tools are available that can handle both ITSM and ITAM functions. Your SAM data can be integrated into many of your service desk functions.
    • For example, if a particular application is causing a high number of tickets, SAM data could show the application’s license is almost expired and its usage has decreased due to end-user frustrations. The SAM team could review the application and decide to purchase software that better meets end-user needs.
    • If you don’t know what you have, you don’t know what needs to be back online first.
    • The ability to restore system functionality is heavily dependent on the ability to locate or reproduce master media documentation and system configuration information.
    • If systems/software are permanently lost, the ability to recover software licensing information is crucial to preserving compliance.
    • License agreement and software are needed to demonstrate software ownership. Unless the proof of ownership is present, there is no proof of compliance.
    Short description of Info-Tech blueprint 'Standardize the Service Desk'. Short description of Info-Tech blueprint 'Create a Right-Sized Disaster Recovery Plan'.

    Each level of SAM maturity comes with its own unique challenges

    Maturity People & Policies Processes Technology
    Chaos
    • No dedicated staff
    • No policies published
    • Procedures not documented or standardized
    • Licenses purchased randomly
    • Help desk images machines, but users can buy and install software
    • Minimal tracking tools in place
    Reactive
    • Semi-focused SAM manager
    • No policies published
    • Reliance on suppliers to provide reports for software purchases
    • Buy licenses as needed
    • Software installations limited to help desk
    • Discovery tools and spreadsheets used to manage software
    Controlled
    • Full-time SAM manager
    • End-user policies published and requiring sign-off
    • License reviews with maintenance and support renewals
    • SAM manager involved in budgeting and planning sessions
    • Discovery and inventory tools used to manage software
    • Compliance reports run as needed
    Proactive
    • Extended SAM team, including help desk and purchasing
    • Corporate anti-piracy statement in place and enforced
    • Quarterly license reviews
    • Centralized view into software licenses
    • Software requests through service catalog with defined standard and non-standard software
    • Product usage reports and alerts in place to harvest and reuse licenses
    • Compliance and usage reports used to negotiate software contracts
    Optimized
    • SAM manager trained and certified
    • Working with HR, Legal, Finance, and IT to enforce policies
    • Full support and maintenance analysis for all license reviews
    • Quarterly meetings with SAM team to review policies, procedures, upcoming contracts, and rollouts
    • Software deployed automatically through service catalog/apps store
    • Detailed savings reports provided to executive team annually
    • Automated policy enforcement and process workflows

    Determine the maturity of your SAM program

    Supporting Tool icon 1.1.3 Use the SAM Maturity Assessment Tool
    1. Download the SAM Maturity Assessment Tool and go to tab 2.
    2. Complete the self-assessment in all seven categories:
      1. Control Environment
      2. Roles & Responsibilities
      3. Policies & Procedures
      4. Competence
      5. Planning & Implementation Process
      6. Monitoring & Review
      7. Inventory Processes
    3. Go to tab 3 and examine the graphs produced. Identify the areas in your SAM program that require the most attention and which are already relatively mature.
    4. Use the results of this maturity assessment to focus the efforts of the project moving forward. Return to the assessment after a pre-determined time (e.g. one year later) to track improvement in maturity over time.
    Screenshot of the results page from the SAM Maturity Assessment Tool. Screenshot of the processes page from the SAM Maturity Assessment Tool.

    Step 1.2 Build team and define metrics

    Phase 1:
    Assess & Plan
    This step will walk you through the following activities:This step involves the following participants:

    1.1

    Assess current state
    • 1.2.1 Identify roles and responsibilities for SAM team
    • 1.2.2 Identify metrics and KPIs to track the success of your SAM program
    • 1.2.3 Define SAM reports to track metrics
    • CIO/CFO
    • IT Director
    • SAM Manager
    • SAM Team
    • Service Desk Manager

    1.2

    Build team and define metrics

    1.3

    Plan & budget

    Step Outcomes

    • A description of the roles and responsibilities of IT staff involved in SAM
    • A list of metrics and reports to track to measure the success of the software asset management program

    Define roles and responsibilities for the SAM program

    Roles and responsibilities should be adapted to fit specific organizational requirements based on its size, structure, and distribution and the scope of the program. Not all roles are necessary and in small organizations, one or two people may fulfill multiple roles.

    Senior Management Sponsor – Ensures visibility and support for the program.

    IT Asset Manager – Responsible for management of all assets and maintaining asset database.

    Software Asset Manager – Responsible for management of all software assets (a subset of the overall responsibility of the IT Asset Manager).

    SAM Process Owner – Responsible for overall effectiveness and efficiency of SAM processes.

    Asset Analyst – Maintains up-to-date records of all IT assets, including software version control.

    Additional roles that interact with SAM:

    • Security Manager
    • Auditors
    • Procurement Manager
    • Legal Council
    • Change Manager
    • Configuration Manager
    • Release and Deployment Manager
    • Service Desk Manager

    Form a software asset management team to drive project success

    Many organizations simply do not have a large enough staff to hire a full-time software asset manager. The role will need to be championed by an internal employee.

    Avoid filling this position with a temporary contract; one of the most difficult operational factors in SAM implementation and continuity is constant turnover and organizational shifts. Hiring a software asset manager on contract might get the project going faster, but without the knowledge gained by doing the processes, the program won’t have enough momentum to sustain itself.

    Software Asset Manager Duties

    • Gather proof of license.
    • Record and track all assets within the SAM repository.
    • Produce compliance reports.
    • Preparation of budget requests.
    • Administration of software renewal process.
    • Contract and support analysis.
    • Document procedures.
    • Ensure project is on track.

    SAM Team Member Duties

    • Record license and contract data in SAM tool.
    • Assist in production of SAM reports.
    • Data analysis.
    • Match tickets to SAM data.
    • Assist in documentation.
    • Assist in compliance reports.
    • Gather feedback from end users.

    Info-Tech Best Practice

    Make sure your SAM team is diverse. The SAM team will need to be skilled at achieving compliance, but there is also a need for technically skilled individuals to maximize the function of the SAM tool(s) at your organization.

    Identify roles and responsibilities for SAM

    Associated Activity icon 1.2.1 Complete a RACI chart for your organization

    Participants: CIO/CFO, IT Director, SAM Manager, SAM Team, Service Desk Manager

    Document: Document in the Standard Operating Procedures.

    Determine the roles and responsibilities for your SAM program. Record the results in a RACI (responsible, accountable, consulted, informed) chart such as the example below.

    SAM Processes and Tasks CIO CFO SAM Manager IT Director Service Management Team IT Ops Security Finance Legal Project Manager
    Policies/Governance A C R R I I C I R I
    Strategy A C R R I I I I C
    Risk Management/Asset Security A C R R C R C C C
    Data Entry/Quality I I A R R
    Compliance Auditing R C A R I I I I
    Education & Training R I A C I I
    Contract Lifecycle Management R R A R C C C C R C
    Workflows R C A R I I I R I C/I
    Budgeting R R R A C R
    Software Acquisition R I A R I C R C C
    Controls/Reporting R I A R I I C I
    Optimize License Harvesting I I A R I C C

    Identify metrics to form the framework of the project

    Trying to achieve goals without metrics is like trying to cook without measuring your ingredients. You might succeed, but you’ll have no idea how to replicate it.

    SAM metrics should measure one of five categories:

    • Quantity → How many do we have? How many do we want?
    • Compliance → What is the level of compliance in a specific area?
    • Duration → How long does it take to achieve the desired result?
    • Financial → What is the cost/value? What is our comparative spend?
    • Quality → How good was the end result? E.g. Completeness, accuracy, timeliness

    The metrics you track depend on your maturity level. As your organization shifts in maturity, the metrics you prioritize for tracking will shift to reflect that change. Example:

    Metric category Low maturity metric High maturity metric
    Compliance % of software installed that is unauthorized % of vendors in effective licensing position (ELP) report
    Quantity % of licenses documented in ITAM tool % of requests made through unauthorized channels

    Associate KPIs and metrics with SAM goals

    • Identify the critical success factors (CSFs) for your software asset management program based on strategic goals.
    • For each success factor, identify the key performance indicators (KPIs) to measure success, as well as specific metrics that will be tracked and reported on.
    • Sample metrics are below:

    CSF = Goal, or what success looks like

    KPI = How achievement of goal will be defined

    Metric = Numerical measure to determine if KPI has been achieved

    CSF/Goal KPI Metrics
    Improve accuracy of software budget and forecasting
    • Reduce software spend by 5%
    • Total software asset spending
    • Budgeted software spend vs. actual software spend
    Avoid over purchasing software licenses and optimize use of existing licenses
    • Reduce number of unused and underused licenses by 10%
    • Number of unused licenses
    • Money saved from harvesting licenses instead of purchasing new ones
    Improve accuracy of data
    • Data in SAM tool matches what is deployed with 95% accuracy
    • Percentage of entitlements recorded in SAM tool
    • Percentage of software titles recognized by SAM tool
    Improved service delivery
    • Reduce time to deploy new software by 10%
    • Mean time to purchase new software
    • Mean time to fulfill new software requests

    Identify metrics and KPIs to track the success of your SAM program

    Associated Activity icon 1.2.2 Brainstorm metrics and KPIs

    Participants: CIO, IT Director, SAM Manager, SAM Team

    Document: Document in the Standard Operating Procedures.

    1. Discuss the goals and objectives of implementing or improving software asset management, based on challenges identified earlier.
    2. From the goals, identify the critical success factors for the SAM program.
    3. For each CSF, identify one to three key performance indicators (KPIs) to evaluate achievement of the success factor.
    4. For each KPI, identify one to three metrics that can be tracked and reported on to measure success. Ensure that the metrics are tangible and measurable.

    Use the table below as an example.

    Goal/CSF KPI Metric
    Improve license visibility Increase accuracy and completeness of SAM data
    • % of total titles included in ITAM tool
    • % of licenses documented in ITAM tool
    Reduce software costs Reduce number of unused software licenses by 20%
    • % of licenses assigned to ex-employees
    • % of deployed licenses that have not been used in the past six months
    Reduce shadow IT Reduce number of unauthorized software purchases and installations by 10%
    • % of software requests made through unauthorized channels
    • % of software installed that is unauthorized

    Tailor metrics and reports to specific stakeholders

    Asset Managers

    Asset managers require data to manage how licenses are distributed throughout the organization. Are there multiple versions of the same application deployed? What proportion of licenses deployed are assigned to employees who are no longer at the organization? What are the usage patterns for applications?

    Service Desk Technicians

    Service desk technicians need real-time data on licenses currently available to deploy to machines that need to be imaged/updated, otherwise there is a risk of breaching a vendor agreement.

    Business Managers and Executives

    Business managers and executives need reports to make strategic decisions. The reports created for business stakeholders need to help them align business projects or business processes with SAM metrics. To determine which reports will provide the most value, start by looking at business goals and determining the tactical data that will help inform and support these goals and their progress.

    Additional reporting guidelines:

    • Dashboards should provide quick-glance information for daily maintenance.
    • Alerts should be set for all contract renewals to provide enough advanced notice (e.g. 90 days).
    • Reports should be automated to provide actionable information to appropriate stakeholders as needed.

    Define SAM reports to track metrics

    Associated Activity icon 1.2.3 Identify reports and metrics to track regularly

    Participants: CIO, IT Director, SAM Manager, SAM Team

    Document: Document in the Standard Operating Procedures.

    1. Identify key stakeholders requiring SAM reports. For each audience, identify their goals and requirements from reporting.
    2. Using the list of metrics identified previously, sort metrics into reports for each audience based on their requirements and goals. Add any additional metrics required.
    3. Identify a reporting frequency for each report.

    Example:

    Stakeholder Purpose Report Frequency
    Asset Manager
    • Manage budget
    • Manage contracts and cash flow
    • Ensure processes are being followed
    Operational budget spent to date Monthly
    Capital budget spent to date Monthly
    Contracts coming due for renewal Quarterly
    Software harvested for redeployment Quarterly
    Number of single applications being managed Annually
    CFO
    • Manage budget
    • Manage cash flow
    Software purchased, operational & capital Monthly
    Software accrued for future purchases Monthly
    Contracts coming due for renewal
    • Include dollar value, savings/spend
    Quarterly
    CIO
    • Resource planning
    • Progress reporting
    Software deployments and redeployments Monthly
    Software rollouts planned Quarterly
    % of applications patched Quarterly
    Money saved Annually
    Number of contracts & apps managed Quarterly

    Step 1.3 Plan the SAM program and budget

    Phase 1:
    Assess & Plan
    This step will walk you through the following activities:This step involves the following participants:

    1.1

    Assess current state
    • 1.3.1 Identify SAM functions to centralize vs. decentralize
    • 1.3.2 Complete the SAM budget tool
    • Project Sponsor
    • IT Director, CIO
    • IT Managers and SAM Manager
    • CFO

    1.2

    Build team and define metrics

    1.3

    Plan & budget

    Step Outcomes

    • Defined scope for the SAM program in terms of the degree of centralization of core functions and contracts
    • A clearer picture of software spend through the use of a SAM budgeting tool.

    Asset managers need to be involved in infrastructure projects at the decision-making stage

    Ensure that your software asset manager is at the table when making key IT decisions.

    Many infrastructure managers and business managers are unaware of how software licensing can impact projects. For example, changes in core infrastructure configuration can have big impacts from a software licensing perspective.

    Mini Case Study

    • When a large healthcare organization’s core infrastructure team decided to make changes to their environment, they failed to involve their asset manager in the decision-making process.
    • When the healthcare organization decided to make changes to their servers, they were running Oracle software on their servers, but the licenses were not being tracked.
    • When the change was being made to the servers, the business contacted Oracle to notify them of the change. What began as a tech services call quickly devolved into a licensing error; the vendor determined that the licenses deployed in the server environment were unauthorized.
    • For breaching the licensing agreement, Oracle fined the healthcare organization $250,000.
    • Had the asset manager been involved in the process, they would have understood the implications that altering the hardware configuration would have on the licensing agreement and a very expensive mistake could have been avoided.

    Decide on the degree of centralization for core SAM functions

    • Larger organizations with multiple divisions or business units will need to decide which SAM functions will be centralized and which, if any, will be decentralized as they plan the scope of their SAM program. Generally, certain core functions should be centralized for the SAM program to deliver the greatest benefits.
    • The degree of centralization may also be broken down by contract, with some contracts centralized and some decentralized.
    • A centralized SAM database gives needed visibility into software assets and licenses across the organization, but operation of the database may also be done locally.

    Centralization

    • Allows for more strategic planning
    • Visibility into software licenses across the organization promotes rationalization and cost savings
    • Ensure common products are used
    • More strategic sourcing of vendors and resellers
    • Centrally negotiate pricing for better deals
    • Easier to manage risk and prepare for audits
    • Greater coordination of resources

    Decentralization

    • May allow for more innovation
    • May be easier to demonstrate local compliance if the organization is geographically decentralized
    • May be easier to procure software if offices are in different countries
    • Deployment and installation of software on user devices may be easier

    Identify SAM functions to centralize vs. decentralize

    Associated Activity icon 1.3.1 Identify functions for centralization

    Participants: CIO, IT Director, SAM Manager, SAM Team

    Document: Document in the Standard Operating Procedures.

    1. If applicable, identify SAM functions that will need to be centralized and evaluate the implications of centralization to ensure it is feasible.
    2. If applicable, identify SAM functions that will be decentralized, if resources are available to manage those functions locally.

    Example:

    Centralized Functions
    • Operation of SAM database
    • SAM budget
    • Vendor selection
    • Contract negotiation and purchasing
    • Data analysis
    • Software receiving and inventory
    • Audits and risk management
    Decentralized functions
    • Procurement
    • Deployment and installation

    Software comprises the largest part of the infrastructure and operations budget

    After employee salaries (38%), the four next largest spend buckets have historically been infrastructure related. Adding salaries and external services, the average annual infrastructure and operations spend is over 50% of all IT spend.

    The largest portion of that spend is on software license and maintenance. As of 2016, software accounted for the roughly the same budget total as voice communications, data communications, and hardware combined. Managing software contracts is a crucial part of any mature budgeting process.

    Graph showing the percentage of all IT spend used for 'Ongoing software license and maintenance' annually. In 2010 it was 17%; in 2018 it was 21%. Graph showing the percentage of all IT spend used for 'Hardware maintenance / upgrades' annually. In 2010 it was 7%; in 2018 it was 8%. Graph showing the percentage of all IT spend used for 'Data communications' annually. In 2010 it was 7%; in 2018 it was 7%. Graph showing the percentage of all IT spend used for 'Voice communications' annually. In 2010 it was 5%; in 2018 it was 7%.

    Gain control of the budget to increase the success of SAM

    A sophisticated software asset management program will be able to uncover hidden costs, identify opportunities for rationalization, save money through reharvesting unused licenses, and improve forecasting of software usage to help control IT spending.

    While some asset managers may not have experience managing budgets, there are several advantages to the ITAM function owning the budget:

    • Be more involved in negotiating pricing with vendors.
    • Build better relationships with stakeholders across the business.
    • Gain greater purchasing power and have a greater influence on purchasing decisions.
    • Forecast software requirements more accurately.
    • Inform benchmarks and metrics with more data.
    • Directly impact the reduction in IT spend.
    • Manage the asset database more easily and have a greater understanding of software needs.
    • Identify opportunities for cost savings through rationalization.

    Examine your budget from a SAM perspective to optimize software spend

    How does examining your budget from a SAM perspective benefit the business?

    • It provides a chance to examine vendor contracts as they break down contracts by projects and services, which gives a clearer picture of where software fits into the budget.
    • It also gives organizations a chance to review vendor agreements and identify any redundancies present in software supporting services.

    Review the budget:

    • When reviewing your budget, implement a contingency fund to mitigate risk from a possible breach of compliance.
    • If your organization incurs compliance issues that relate to specific services, these fines may be relayed back to the departments that own those services, affecting how much money each department has.
    • The more sure you are of your compliance position, the less likely you are to need a contingency fund, and vice versa.

    Info-Tech Best Practice

    Finance needs to be involved. Their questions may cover:

    • Where are the monthly expenditures? Where are our financial obligations? Do we have different spending amounts based on what time of year it is?

    Use the SAM Budget Workbook to uncover insights about your software spend

    Supporting Tool icon 1.3.2 Complete the SAM budget tool

    The SAM Budget Workbook is designed to assist in developing and justifying the budget for software assets for the upcoming year.

    Instructions

    1. Work through tabs 2-6, following the instructions as you go.
    2. Tab 2 involves selecting software vendors and services provided by software.
    3. Tab 3 involves classifying services by vendor and assigning a cost to them. Tab 3 also allows you to classify the contract status.
    4. Tab 4 is a cost variance tracking sheet for software contracts.
    5. Tabs 5 and 6 are monthly budget sheets that break down software costs by vendor and service, respectively.
    6. Tab 7 provides graphs to analyze the data generated by the tool.
    7. Use the results found on tab 7 to analyze your budget: are you spending too much with one service? Is there vendor overlap based on what project or service that software is reporting?
    Screenshots of the 'Budget of Services Supported by Software Vendors' and 'Software Expense cashflow reports by Vendor' pages from the SAM Budget Workbook. Screenshot of the 'Analysis of Data' page from the SAM Budget Workbook.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of an Info-Tech analyst.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    1.1.3

    Sample of activity 1.1.3 'Determine the maturity of your SAM program'. Determine the maturity of your SAM program

    Using the SAM Maturity Assessment Tool, fill out a series of questions in a survey to assess the maturity of your current SAM program. The survey assesses seven categories that will allow you to align your strategy to your results.

    1.2.3

    Sample of activity 1.2.3 'Define SAM reports to track metrics'. Define SAM reports to track metrics

    Identify key stakeholders with reporting needs, metrics to track to fulfill reporting requirements, and a frequency for producing reports.

    Phase 1 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 1: Assess and Plan

    Proposed Time to Completion (in weeks): 4
    Step 1.1: Assess current state Step 1.2: Build team and define metrics Step 1.3: Plan and budget
    Start with an analyst kick-off call:
    • Outline SAM challenges
    • Overview of the project
    • Assess current maturity level
    Review findings with analyst:
    • Define roles and responsibilities of SAM staff
    • Identify metrics and reports to track
    Review findings with analyst:
    • Plan centralization of SAM program
    • Discuss SAM budgeting
    Then complete these activities…
    • Identify challenges
    • Identify objectives of SAM program
    • Assess maturity of current state
    Then complete these activities…
    • Define roles and responsibilities
    • Identify metrics and KPIs
    • Plan reporting
    Then complete these activities…
    • Identify SAM functions to centralize
    • Complete the SAM budgeting tool
    With these tools & templates:
    • SAM Maturity Assessment
    • Standard Operating Procedures
    With these tools & templates:
    • Standard Operating Procedures
    With these tools & templates:
    • SAM Budget Workbook

    Phase 2: Procure, Receive, and Deploy

    VISA used high-quality SAM data to optimize its software licensing

    Logo for VISA.

    Case Study

    Industry: Financial Services
    Source: SAM Summit 2014

    Challenge

    Visa formed a SAM team in 2011 to combat costly software audits.

    The team’s first task was to use the available SAM data and reconcile licenses deployed throughout the organization.

    Organizations as large as Visa constantly run into issues where they are grossly over or under licensed, causing huge financial risk.

    Solution

    Data collection and analysis were used as part of the license rationalization process. Using a variety of tools combined with a strong team allowed Visa to perform the necessary steps to gather license data and analyze usage.

    One of the key exercises was uniting procurement and deployment data and the teams responsible for each.

    End-to-end visibility allowed the data to be uniform. As a result, better decisions about license rationalization can be made.

    Results

    By improving its measurement of SAM data, Visa was able to dedicate more time to analyze and reconcile its licenses. This led to improved license management and negotiations that reflected actual usage.

    By improving license usage through rationalization, Visa reduced the cost of supporting additional titles.

    The SAM team also performed license reclamation to harvest and redistribute licenses to further improve usage. The team’s final task was to optimize audit responses.

    Step 2.1 Request and procure software

    Phase 2:
    Procure, Receive & Deploy
    This step will walk you through the following activities:This step involves the following participants:

    2.1

    Request & Procure
    • 2.1.1 Determine which software contracts should be centralized vs. localized
    • 2.1.2 Determine your software standards
    • 2.1.3 Define procurement policy
    • 2.1.4 Identify approvals and requests for authorization thresholds
    • 2.1.5 Build software procurement workflow for new contracts
    • 2.1.6 Define process for contract renewals and additional procurement scenarios
    • IT Director, CIO
    • IT Managers and SAM Manager
    • SAM Team

    2.2

    Receive & Deploy

    Step Outcomes

    • Defined standards for software requests
    • A documented policy for software procurement including authorization thresholds
    • Documented process workflows for new contracts and contract renewals

    Procurement and SAM teams must work together to optimize purchasing

    Procurement and SAM must collaborate on software purchases to ensure software purchases meet business requirements and take into account all data on existing software and licenses to optimize the purchase and contract. Failure to work together can lead to unnecessary software purchases, overspending on purchases, and undesirable contract terms.

    SAM managers must collaborate with Procurement when purchasing software.

    SAM managers should:

    • Receive requests for software licenses
    • Ensure a duplicate license isn’t already purchased before going through with purchase
    • Ensure the correct license is purchased for the correct individuals
    • Ensure the purchasing information is tracked in the ITAM/SAM tool
    • Report on software usage to inform purchases
    Two cartoon people in work attire each holding a piece of a puzzle that fits with the other. Procurement must commit to be involved in the asset management process.

    Procurement should:

    • Review requests and ensure all necessary approvals have been received before purchasing
    • Negotiate optimal contract terms
    • Track and manage purchasing information and invoices and handle financial aspects
    • Use data from SAM team on software usage to decide on contract terms and optimize value

    Centralize procurement to decrease the likelihood of overspending

    Centralized negotiation and purchasing of software can ensure that the SAM team has visibility and control over the procurement process to help prevent overspending and uncontrolled agreements.

    Benefits of centralized procurement

    • Ability to easily manage software demand.
    • Provides capability to effectively manage your relationships with suppliers.
    • Allows for decreased contract processing times.
    • Provides easy access to data with a single consolidated system for tracking assets at an early stage.
    • Reduces number of rogue purchases by individual departments.
    • Efficiency through automation and coordinated effort to examine organization’s compliance and license position.
    • Higher degree of visibility and transparency into asset usage in the organization.

    Info-Tech Insights

    It may be necessary to procure some software locally if organizations have multiple locations, but try to centrally procure and manage the biggest contracts from vendors that are likely to audit the organization. Even with a decentralized model, ensure all teams communicate and that contracts remain visible centrally even if managed locally.

    Standards for software procurement help prevent overspending

    Software procurement is often more difficult for organizations than hardware procurement because:

    • Key departments that need to be involved in the purchasing process do not communicate or interact enough.
    • A fear of software auditing causes organizations to overspend to mitigate risk.
    • Standards are often not in place, with most purchases being made outside of the gold imaging standard.
    • A lack of discovery results in gross overspending on software licenses that are already present and underused.

    Info-Tech Insight

    One of the major challenges involved in implementing SAM is uniting multiple datasets and data sources across the enterprise. A conversation with each major business unit will help with the creation of software procurement standards that are acceptable to all.

    Determine which software contracts should be centralized vs. localized (optional)

    Associated Activity icon 2.1.1 Identify central standard enterprise offerings

    Participants: CIO, IT Director, SAM Manager, SAM Team

    Document: Document in the Standard Operating Procedures.

    1. As a group, list as many software contracts that are in place across the organization as can easily be identified, focusing on top vendors.
    2. Identify which existing software contracts are standard enterprise offerings that are procured and managed centrally and which are non-standard or localized applications.
    3. Looking at the list of non-standard software, identify if any can or should be rationalized or replaced with a standard offering.
    Standard enterprise offerings
    • Microsoft
    • IBM
    • Adobe
    • Dell
    • Cisco
    • VMware
    • Barracuda
    Localized or non-standard software

    Classify your approved software into tiers to improve workflow efficiency

    Not all titles are created equal; classifying your pre-approved and approved software titles into a tiered system will provide numerous benefits for your SAM program.

    The more prestigious the asset tier, the higher the degree of data capture, support, and maintenance required.

    • Mission-critical, high-priority applications are classified as gold standard.
    • Secondary applications or high priority are silver standard.
    • Low-usage applications or normal priority are bronze standard.

    E.g. An enterprise application that needs to be available 24/7, such as a learning management system, should be classified as a gold tier to ensure it has 24/7 support.

    Creating tiers assists stakeholders in justifying the following set of decision points:

    • Which assets will require added maintenance (e.g. software assurance for Microsoft)
    • Technical support requirements to meet business requirements
    • Lifecycle and upgrade cycle of the software assets.
    • Monitoring usage to determine whether licenses can be harvested
    • Authorizations required for purchase requests

    Determine your software standards

    Associated Activity icon 2.1.2 Identify standard software images for your organization

    Participants: Asset Manager, Purchasing, Service Desk Manager, Operations (optional)

    Document: Document in the Standard Operating Procedures.

    1. As a group, discuss and identify the relevant software asset tiers and number of tiers.
    2. For each tier, define:
      • Support requirements (hours and payments)
      • Maintenance requirements (mandatory or optional)
      • Lifecycle (when to upgrade, when to patch)
      • Financial requirements (CapEx/OpEx expenses)
      • Request authorizations (requestors and approvers)
    3. Sort the software contracts identified in the previous category into tiers, for example:
      • Mission-critical software (gold tier)
      • High-priority software (silver tier)
      • Normal-priority software (bronze tier)
    4. Use the SOP as an example.

    Determine which licensing options and methodologies fit into future IT strategy

    Not everyone is ready to embrace the cloud for all solutions; make sure to align cloud strategy to business requirements. Work closely with IT executives to determine appropriate contract terms, licensing options, and tracking processes.

    Vendors make changes to bundles and online services terms on a regular basis. Ensure you document your agreed upon terms to save your required functionality as vendor standard offerings change.

    • Any contracts getting moved to the cloud will need to undergo a contract comparison first.
    • The contract you signed last month could be completely different this month. Many cloud contracts are dynamic in nature.
    • Keep a copy of the electronic contract that you signed in a secure, accessible location.
    • Consider reaching a separate agreement with the vendor that they will ensure you maintain the results of the original agreement to prevent scope creep.

    Not all on-premises to cloud options transition linearly:

    • Features of perpetual licenses may not map to subscriptions
    • Product terms may differ from online services terms
    • Licensing may change from per device to per user
    • Vendor migrations may be more complex than anticipated

    Download the Own the Cloud: Strategy and Action Plan blueprint for more guidance

    Understand the three primary models of software usage agreements

    Licensed Open Source Shareware
    License Structure A software supplier is paid for the permission to use their software. The software is provided free of charge, but is still licensed. The software is provided free of charge, but is still licensed. Usage may be on a trial basis, with full usage granted after purchase.
    Source Code The source code is still owned by the supplier. Source code is provided, allowing users to change and share the software to suit their needs. Source code is property of the original developer/supplier.
    Technical Support Technical support is included in the price of the contract. Technical support may be provided, often in a community-based format from other developers of the open-source software in question. Support may be limited during trial of software, but upgraded once a purchase is made.

    Info-Tech Insight

    Open-source software should be managed in the same manner as commercial software to understand licensing requirements and be aware of any changes to these agreements, such as commercialization of such products, as well as any rules surrounding source code.

    Coordinate with purchasing department to define software procurement policy

    Associated Activity icon 2.1.3 Define procurement policy

    Participants: Asset Manager, Purchasing, Service Desk Manager, Operations (optional)

    Document: Document in the Standard Operating Procedures.

    Define and document policies that will apply to IT software purchases, including policies around:

    • Software purchase approvals
    • Licenses for short-term contractors
    • On-premises vs. SaaS purchases
    • Shareware and freeware fees
    • Open-source software

    Use the example below as guidance and document in the SOP.

    • Software will not be acquired through user corporate credit cards, office supply, petty cash, or personal expense budgets. Purchases made outside of the acceptable processes will not be reimbursed and will be removed from company computers.
    • Contractors who are short term and paid through vendor contracts and invoices will supply their own licenses.
    • Software may be purchased as on-premises or as-a-service solutions as IT deems appropriate for the solution.
    • Shareware and freeware authors will be paid the fee they specify for use of their products.
    • Open-source software will be managed in the same manner as commercial software to understand licensing requirements and be aware of any changes to these agreements, such as commercialization of such products.

    Identify approvals and requests for authorization thresholds

    Associated Activity icon 2.1.4 Identify financial thresholds for approvals and requests

    Participants: Asset Manager, Purchasing, CIO, CFO, IT Director

    Document: Document in the Standard Operating Procedures.

    Identify and classify financial thresholds for contracts requiring approval. For each category of contract value, identify who needs to authorize the request. Discuss and document any other approvals necessary. An example is provided below.

    Example:
    Requests for authorization will need to be directed based on the following financial thresholds:

    Contract value Authorization
    <$50,000 IT Director
    $50,000 to $250,000 CIO
    $250,000 to $500,000 CIO and CFO
    >$500,000 Legal review

    Develop a defined process for software procurement

    A poorly defined software procurement workflow can result in overspending on unnecessary software licensing throughout the year. This can impact budgeting and any potential software refreshes, as businesses will often rely on purchasing what they can afford, not what they need.

    Benefits of a defined workflow

    • Standardized understanding of the authorization processes results in reduced susceptibility to errors and quicker processing times.
    • Compliance with legal regulations.
    • Protection from compliance violations.
    • Transparency with the end user by communicating the process of software procurement to the business.

    Elements to include in procurement workflows:

    • RFP
    • Authorizations and approvals
    • Contract review
    • Internal references to numbers, cost centers, locations, POs, etc.

    Four types of procurement workflows:

    1. New contract – Purchasing brand new software
    2. Add to contract – Adding new POs or line items to an existing contract
    3. Contract renewal – Renewing an existing contract
    4. No contract required – Smaller purchases that don’t require a signed contract

    Outline the procurement process for new contracts

    The procurement workflow may involve the Service Desk, procurement team, and asset manager.

    The following elements should be accounted for:

    • Assignee
    • Requestor
    • Category
    • Type
    • Model or version
    • Requisition number
    • Purchase order number
    • Unit price
    A flowchart outlining the procurement process for new contracts. There are three levels, at the top is 'Tier 2 or Tier 3', the middle is 'IT Procurement', the bottom is 'Asset Manager'. It begins in 'Tier 2 or Tier 3' with 'Approved request received', and if it is not declined it moves on to 'Purchasing request forwarded to Procurement' on the 'IT Procurement' level. If an RFP is required, it eventually moves to 'Receives contract' on the 'Asset Manager' level and ends with 'Document license requirements, notify IT Product Owner'.

    Build software procurement workflow for new contracts

    Associated Activity icon 2.1.5 Build new contract procurement workflow

    Participants: Asset Manager, Purchasing, Service Desk Manager, Operations (optional)

    Document: Document in the Standard Operating Procedures.

    1. As a team, outline each of the tasks in the process of procuring a new software asset using cue cards, sticky notes, or a whiteboard.
    2. Use the sample procurement workflow on the previous slide as an example if needed.
    3. Ensure the following elements required for the asset procurement process have been accounted for:
      • Assignee
      • Requestor
      • Category
      • Type
      • Model or version
      • Requisition number
      • Purchase order number
      • Unit price
    4. Review the workflow and make any adjustments necessary to improve the process. Document using Visio and add to the SOP.

    Review vendor contracts to right-size licensing procurement

    Many of your applications come from the same vendor, and a view into the business services provided by each software vendor contract will prove beneficial to the business.

    • You may uncover overlaps in services provided by software across departments.
    • The same service may be purchased from different vendors simply because two departments never compared notes!
    • This leaves a lot of money on the table from a lack of volume discounts.
    A graphic depicting a Venn diagram in which the 'Software' and 'Services' circles overlap, both of which stem from a 'Vendor Contract'.
    • Be cautious about approaching license budgeting strictly from a cost perspective. SAM is designed to right-size your licenses to properly support your organization.
    • One trap organizations often fall into is bundling discounts. Vendors will offer steep discounts if clients purchase multiple titles. On the surface, this might seem like a great offer.
    • However, what often happens is that organizations will bundle titles to get a steep discount on their prize title of the group.
    • The other titles become shelfware, and when the time comes to renew the contract, the maintenance fees on the shelfware titles will often make the contract more expensive than if only the prize title was purchased.

    Additionally, information regarding what licenses are being used for certain services may yield insight into potential redundancies. For example, two separate departments may have each have a different application deployed that supports the same service. This presents an opportunity for savings based on bulk licensing agreements, not to mention a simplified support environment by reducing the number of titles deployed in your environment.

    Define a procedure for tracking and negotiating contract renewals

    Participants: IT Director/CIO, Asset Manager, Purchasing, Service Desk Manager, Operations (optional)

    Document: Document in the Standard Operating Procedures.

    Discuss and document a policy for tracking and negotiating contract renewals. Answer the following questions as guides:

    • How will renewal dates be tracked and monitored?
    • How soon should contracts be reviewed prior to renewal to determine appropriateness for use and compliance?
    • What criteria will be used to determine if the product should be renewed?
    • Who will be consulted for contract renewal decisions for major contracts?
    • How will licensing and support decisions be made?

    Optional contract review:

    1. Take a sample contract to renew. Create a list of services that are supported by the software. Look for overlaps, redundancies, shelfware, and potential bundling opportunities. Recall the issues outlined when purchasing bundled software.
    2. Create a list of action items to bring into the next round of contract negotiations with that vendor and identify a start date to begin reviewing these items.

    Define process for contract renewals and additional procurement scenarios

    Associated Activity icon 2.1.6 Build additional procurement workflows

    Participants: Asset Manager, Purchasing, Service Desk Manager, Operations (optional)

    Document: Document in the Standard Operating Procedures.

    Build procurement workflows and define policies and procedures for additional purchasing scenarios beyond new contracts.

    This may include:

    1. Contract renewals
    2. Single purchase, non-contract procurement
    3. Adding to contracts

    Use the sample workflows in the Standard Operating Procedures as a guide.

    A flowchart outlining the procurement process for 'Software Contract Renewal'.

    A flowchart outlining the procurement process for 'Software single purchase, non-contract'.

    Negotiate for value to ensure quality license agreements

    Approach negotiating from a value-first, price-second perspective.

    Contract negotiations too often come down to a question of price. While you want to avoid overpaying for licenses, a worse offense is getting a steep discount for a bundle of applications where the majority will go unused.

    Vendors will try to sell a full stack of software at a steep discount to give the illusion of value. Often organizations bite off more than they can chew. When auditors come knocking, the business may be in compliance, but being over-licensed is a dangerous state to be in. Organizations end up over-licensed and in possession of numerous “shelfware” apps that sit on the proverbial shelf collecting dust while drawing expensive maintenance and licensing fees from the business.
    • Pressure from the business is also an issue. Negotiations can be rushed in an effort to fulfill an immediate need.
    • Make sure you clearly outline the level of compliance expected from the vendor.
    • Negotiate reduced-fee software support services. Your Service Desk can already handle the bulk of requests, and investing in a mature Service Desk will provide more lasting value than paying for expensive maintenance and support services that largely go unused.

    Learn to negotiate effectively to optimize contract renewals

    Leverage Info-Tech’s research, Master Contract Review and Negotiation for Software Agreements, to review your software contracts to leverage your unique position during negotiations and find substantial cost savings.

    This blueprint includes the following tools and templates:

    • RASCI Chart
    • Vendor Communication Management Plan
    • Software Business Use Case Template
    • SaaS TCO Calculator
    • Software Terms & Conditions Evaluation Tool
    • Software Buyer’s Checklist
    • Controlled Vendor Communications Letter
    • Key Vendor Fiscal Year End Calendar
    • Contract Negotiation Tactics Playbook

    Step 2.2 Receive and deploy software

    Phase 2:
    Procure, Receive & Deploy
    This step will walk you through the following activities:This step involves the following participants:

    2.1

    Request & Procure
    • 2.2.1 Identify storage locations for software information and media
    • 2.2.2 Design the workflow for receiving software
    • 2.2.3 Design and document the deployment workflow(s)
    • 2.2.4 Create a list of pre-approved, approved, and unapproved software titles
    • 2.2.5 Document the request and deployment process for non-standard software requests
    • IT Director, CIO
    • IT Managers and SAM Manager
    • SAM Team
    • Purchasing (optional)
    • Service Desk Manager (optional)
    • Operations (optional)
    • Release & Deployment manager (optional)

    2.2

    Receive & Deploy

    Step Outcomes

    • A strategy for storing software information and media in the ITAM database and DML
    • A documented workflow for the software receiving process
    • Documented process workflows for software requests and deployment, including for large quantities of software
    • A list of pre-approved, approved, and unapproved software titles for deployment
    • A process for responding to non-standard software requests

    Verify product and information upon receipt

    Upon receipt of procured software:

    • Verify that the product is correct
    • Reconcile with purchase record to ensure the order has been completed
    • Verify that the invoice is correct
    • Update financial information such as budget and accounting records
    • Update ITAM database to show status as received
    • Record/attach license keys and software codes in ITAM database
    • Attach relevant documents to record in the ITAM database (license reports, invoices, end-user agreement, etc.)
    • Download and store any installation files, DVDs, and CDs
    • Once software has been installed, verify license is matched to discovered installed software within the ITAM database

    Info-Tech Best Practice

    While most software will be received through email and download, in some cases physical software may be received through courier or mail. Ensure processes and procedures are defined for both cases.

    Establish a secure repository for licenses and documentation

    All licenses, documentation, and digital media for authorized and supported software should be collected and stored in a central, secure location to minimize risk of theft, loss, or unauthorized installation or duplication of software.

    Where to store software data?

    The ITAM database should contain an up-to-date record of all software assets, including their associated:

    • Serial numbers
    • License keys and codes
    • Contracts and agreements

    The database allows you to view software that is installed and associated licenses.

    A definitive media library (DML) is a single logical storage area, which may consist of one or more locations in which definitive authorized versions of all software configuration items are securely stored and protected.

    The DML consists of file storage as well as physical storage of CDs and DVDs and must be continually updated to contain the latest information about each configuration item.

    The DML is used to organize content and link to automated deployment to easily install software.

    Use a definitive media library (DML) to assist in storage of software packages for deployment

    The DML will usually contain the most up-to-date versions to minimize errors created by having unauthorized, old, or problematic software releases being deployed into the live IT environment. The DML can be used for both full-packed product (FPP) software and in-house developed software, providing formalized data around releases of in-house software.

    The DML should consist of two main storage areas:

    1. Secure file storage
    2. Secure physical storage for any master CD/DVDs

    Additional Recommendations:

    • The process of building, testing, adapting, and final pre-production testing should provide your IT department with a solid final deployment package, but the archive will enable you to quickly pull in a previous version if necessary.
    • When upgrading software packages to include new patches or configurations, use the DML to ensure you're referencing a problem-free version.
    • Include the DML in your disaster recovery plan (DRP) and include testing of the DML as part of your DRP testing. If you need to rebuild servers from these files, offsite, you'll want to know your backup DML is sound.

    Ensure you have a strategy to create and update your DML

    Your DML should have a way to separate archived, new, and current software to allow for optimal organization of files and code, to ensure the correct software is installed, and to prepare for automated deployment through the service catalog.

    New software hasn’t been tested yet. Make it available for testing, but not widely available.

    Keep a record for archived software, but do not make it available for install.

    Current software is regularly used and should be available for install.

    Deployment

    • Are you using tools to integrate with the DML for deployment?
    • Store files that are ready for automated deployment in a separate location.

    Identify storage locations for software information and media

    Associated Activity icon 2.2.1 Identify software storage locations

    Participants: Asset Manager, IT Director

    Document: Document in the Standard Operating Procedures.

    1. Identify storage locations for asset data that is received (i.e. ITAM database, DML).
    2. Identify information that should be stored with each asset (i.e. license, serial number, invoice, end-user license agreement) and where this information should be stored.
    3. Identify fields that should be populated in the DML for each record:
      • Product name
      • Version
      • Description
      • Authorized by
      • Received by/date
      • Configuration item on which asset is installed
      • Media
      • Physical and backup locations
      • Verified by/date

    Define the standard process for receiving software

    Define the following in your receiving process:

    • Process for software received by email/download
    • Process for physical material received at Service Desk
    • Information to be recorded and where
    • Process following discrepancy of received software
    A flowchart outlining the standard process for receiving software. There are two levels, at the top is 'Desktop Support Team' and the bottom is 'Procurement'. It begins in 'Desktop Support Team' with 'Received at Service Desk' or 'Receive by email/download'. If the reconciliation is correct it eventually moves on to 'Fulfill service request, deliver and close ticket'. If the reconciliation is not correct it moves to 'Contact vendor with discrepancy details' in 'Procurement'. If a return is required 'Repackage and ship', or if not 'Notify Desktop Support Team of resolution'.

    Design the workflow for receiving software

    Associated Activity icon 2.2.2 Design the workflow for receiving software

    Participants: Asset Manager, Purchasing, Service Desk Manager, Operations (optional)

    Document: Document in the Standard Operating Procedures.

    Option 1: Whiteboard

    1. Discuss the workflow and draw it on the whiteboard.
    2. Assess whether you are using the best workflow. Modify it if necessary.
    3. Use the sample workflow from this step as a guide if starting from scratch.
    4. Engage the team in refining the process workflow.
    5. Transfer data to Visio and add to the SOP.

    Option 2: Tabletop Exercise

    1. Distribute index cards to each member of the team.
    2. Have each person write a single task they perform on the index card. Be granular. Include the title or the name of the person responsible.
    3. Mark cards that are decision points. Use a card of a different color or use a marker to make a colored dot.
    4. Arrange the index cards in order, removing duplicates.
    5. Assess whether you are using the best workflow. Engage the team to refine it if necessary.
    6. Transfer data to Visio and add to the SOP.

    Build release management into your software deployment process

    A sound software deployment process is tied to sound release management practices.

    Releases: A collection of authorized changes to an IT service. Releases are divided into:

    • Major software releases/upgrades: Normally containing large areas of new functionality, some of which may make intervening fixes to redundant problems.
    • Minor software releases/upgrades: Normally containing small enhancements and fixes, some of which may have already been issued as emergency fixes.
    • Emergency software fixes: Contain the corrections to a small number of known problems.

    Ensure that release management processes work with SAM processes:

    • If a release will impact licensing, the SAM manager must be made aware to make any necessary adjustments.
    • Deployment models should be in line with SAM strategy (i.e. is software rolled out to everyone or individually when upgrades are needed?).
    • How will user requests for upgrades be managed?
    • Users should be on the same software version to ensure file compatibility and smooth patch management.
    • Ideally, software should be no more than two versions back.

    Document the process workflow for software deployment

    Define the process for deploying software to users.

    Include the following in your workflow:

    • All necessary approvals
    • Source of software
    • Process for standard vs. non-standard software requests
    • Update ITAM database once software has been installed with license data and install information
    A flowchart outlining the process workflow for software deployment. There are four levels, at the top is 'Business', then 'Desktop Support Team', 'Procurement', and the bottom is 'Asset Manager'. It begins in 'Business' with 'Request for software', and if it is approved by the manager it moves to 'Check DB: Can a volume serial # be used?' in 'Desktop Support Team'. If yes, it eventually moves on to 'Close ticket' on the same level, if not it eventually moves to 'Initiate procurement process' in 'Procurement', 'Initiate receiving process' in 'Asset Manager', and finally to 'Run quarterly license review to purchase volume licenses'.

    Large-scale software rollouts should be run as projects

    Rollouts or upgrades of large quantities of software will likely be managed as projects.

    These projects should include project plans, including resources, timelines, and detailed procedures.

    Define the process for large-scale deployment if it will differ from the regular deployment process.

    A flowchart outlining large-scale software rollouts. There are three levels, at the top is 'IT Procurement', then 'Asset Manager', and the bottom is 'Software Packager'. It begins in 'IT Procurement' with 'Project plan approved', and if a bid is not required it skips to 'Sign contract/Create purchase order'. This eventually moves to 'Receive access to eLicense site/receive access to new product' in 'Asset Manager', and either to 'Approve invoice for payment, forward to accounting' on the same level or to 'Download software, license keys' in 'Software Packager' then eventually to 'Deploy'.

    Design and document the deployment workflow(s)

    Associated Activity icon 2.2.3 Document deployment workflows for desktop and large-scale deployment

    Participants: Asset Manager, Service Desk Manager, Release & Deployment Manager

    Document: Document in the Standard Operating Procedures.

    1. Outline each step in the process of software deployment using notecards or on a whiteboard. Be as granular as possible. On each card, describe the step and the individual responsible for each step.
      • Be sure to identify the type of release for standard software releases and patches.
      • Additionally, identify how additional software outside the scope of the base image will be addressed.
    2. When you are satisfied that each step is accurately captured, use a second color of notecard to document any challenges, inefficiencies, or pains associated with each step. Consider further documenting the time on each task.
    3. Examine each challenge or pain point. Discuss whether there is a clear solution to the problem. If so, document the solution and amend the workflow. If not, engage in a broader discussion of possible solutions, considering people, processes, and available technology.
    4. Document separately the process for large-scale software deployment if required.

    Develop standards to streamline your software estate

    Software should be approved and deployed based on approved standards to minimize over-deployed software and manage costs appropriately. A list of standard software improves the efficiency of the software approval process.

    • Pre-approved titles include basic platforms like Office or Adobe Reader that are often available in enterprise-wide license packages.
    • Approved titles include popular titles with license numbers that need to be managed on a role-by-role basis. For example, if most of your marketing team uses the Adobe Creative Suite, a user still needs to get approval before they can get a license.
    • Unapproved titles are managed on a case-by-case basis and are up to the discretion of the asset manager and other involved parties.

    Additionally, create a list of unauthorized software including titles not to be installed under any circumstances. This list should be designed with feedback from your end users and technical support staff. Front-line knowledge is crucial to identifying which titles are causing major problems.

    Create a list of pre-approved, approved, and unapproved software titles

    Associated Activity icon 2.2.4 Determine software categories for deployment

    Participants: IT Director, Asset Manager, Purchasing (optional), Service Desk Manager (optional), Release & Deployment Manager (optional)

    Document: Document in the Standard Operating Procedures.

    1. Define software categories that will be used to build software standards.
    2. Include definitions of each category.
    3. Add examples of software to each category to begin building list of approved software titles for deployment.

    Use the following example as a guide.

    Category Definition Software titles
    Pre-approved/standard
    • Supported and approved for install for all end users
    • Included on most, if not all devices
    • Typically installed as a base image
    • Microsoft Office (Outlook, Word, Excel, PowerPoint)
    • Adobe Reader
    • Windows
    Approved by role
    • Supported and approved for install, but only for certain groups of end users
    • Popular titles with license numbers that need to be managed on a role-by-role basis
    • Pre-approved for purchase with business manager’s approval
    • Adobe Creative Cloud Suite
    • Adobe Acrobat Pro
    • Microsoft Visio
    Unapproved/requires review
    • Not previously approved or installed by IT
    • Special permission required for installation based on demonstrable business need
    • Managed on a case-by-case basis
    • Up to the discretion of the asset manager and other involved parties
    • Dynamics
    • Zoom Text
    • Adaptive Insights
    Unauthorized
    • Not to be installed under any circumstances
    • Privately owned software
    • Pirated copies of any software titles
    • Internet downloads

    Define the review and approval process for non-standard software

    Software requiring review will need to be managed on a case-by-case basis, with approval dependent on software evaluation and business need.

    The evaluation and approval process may require input from several parties, including business analysts, Security, technical team, Finance, Procurement, and the manager of the requestor’s department.

    A flowchart outlining the review and approval process for non-standard software. There are five levels, at the top is 'Business Analyst/Project Manager', then 'Security Team', 'Technical Team', 'Financial & Contract Review' and the bottom is 'Procurement'. It begins in 'Business Analyst/Project Manager' with 'Request for non-standard software', and if the approved product is available it moves to 'Evaluate tool for security, data, and privacy compliance' in 'Security Team'. If more evaluation is necessary it moves to 'Evaluate tool for infrastructure and integration requirements' in 'Technical Team', and then 'Evaluate terms and conditions' in 'Financial & Contract Review'. At any point in the evaluation process it can move back to the 'Business Analyst/Project Manager' level for 'Assemble requirements details', and finally down to the 'Procurement' level for 'Execute purchase'.

    Document the request and deployment process for non-standard software

    Associated Activity icon 2.2.5 Document process for non-standard software requests

    Participants: Asset Manager, Service Desk Manager, Release & Deployment Manager

    Document: Document in the Standard Operating Procedures.

    Define the review and approval process for non-standard software requests.

    Use the workflow on the previous slide as a guide to map your own workflow process and document the steps in the Standard Operating Procedures.

    The following assessments may need to be included in the process:

    • Functionality and use requirements: May include suggestion back to the business before proceeding any further to see if similar, already approved software could be used in its place.
    • Technical specifications: Cloud, data center, hardware, backups, integrations (Active Directory, others), file, and program compatibility.
    • Security: Security team may need to assess to ensure nothing will install that will compromise data or systems security.
    • Privacy policy: Security and compliance team may need to evaluate the solution to ensure data will be secured and accessed only by authorized users.
    • Terms and conditions: The contracts team may evaluate terms and conditions to ensure contracts and end-user agreements do not violate existing standards.
    • Accessibility and compliance: Software may be required to meet accessibility requirements in accordance with company policies.

    BMW deployed a global data centralization program to achieve 100% license visibility

    Logo for BMW.

    Case Study

    Industry: Financial Services
    Source: SAM Summit 2014

    Challenge

    BMW is a large German automotive manufacturer that employs over 100,000 people. It has over 7,000 software products deployed across 106,000 clients and servers in over 150 countries.

    When the global recession hit in 2008, the threat of costly audits increased, so BMW decided to boost its SAM program to cut licensing costs. It sought to centralize inventory data from operations across the globe.

    Solution

    A new SAM office was established in 2009 in Germany. The SAM team at BMW began by processing all the accumulated license and installation data from operations in Germany, Austria, and the UK. Within six months, the team had full visibility of all licenses and software assets.

    Compliance was also a priority. The team successfully identified where they could make substantial reductions in support and maintenance costs as well as remove surplus costs associated with duplicate licensing.

    Results

    BMW overcame a massive data centralization project to achieve 100% visibility of its global licensing estate, an incredible achievement given the scope of the operation.

    BMW experienced efficiency gains due to transparency and centralized management of licenses through the new SAM office.

    Additionally, internal investment in training and technical knowledge has helped BMW continuously improve the program. This has resulted in ongoing cost reductions for the manufacturer.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of an Info-Tech analyst.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    2.1.5

    Sample of activity 2.1.5 'Build software procurement workflow for new contracts'. Build software procurement workflow for new contracts

    Use the sample workflow to document your own process for procurement of new software contracts.

    2.2.4

    Sample of activity 2.2.4 'Create a list of pre-approved, approved, and unapproved software titles'. Create a list of pre-approved, approved, and unapproved software titles

    Build definitions of software categories to inform software standards and brainstorm examples of each category.

    Phase 2 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 2: Procure, receive, and deploy

    Proposed Time to Completion (in weeks): 6
    Step 2.1: Request and procureStep 2.2: Receive and deploy
    Start with an analyst kick-off call:
    • Define standards for software requests
    • Build procurement policy
    • Define procurement processes
    Review findings with analyst:
    • Build processes for software receiving
    • Build processes for software requests and deployment
    • Define process for non-standard requests
    Then complete these activities…
    • Determine software standards
    • Define procurement policy
    • Identify authorization thresholds
    • Build procurement workflows for new contracts and renewals
    Then complete these activities…
    • Identify storage locations for software information
    • Design workflow for receiving software
    • Design workflow for software deployment
    • Create a list of approved and non-standard requests
    • Define process for non-standard requests
    With these tools & templates:
    • Standard Operating Procedures
    With these tools & templates:
    • Standard Operating Procedures

    Phase 3: Manage, Redeploy, and Retire

    Step 3.1 Manage and maintain software contracts

    Phase 3:
    Manage, Redeploy & Retire
    This step will walk you through the following activities:This step involves the following participants:

    3.1

    Manage & Maintain Software
    • 3.1.1 Define process for conducting software inventory
    • 3.1.2 Define policies for software maintenance and patches
    • 3.1.3 Document your patch management policy
    • IT Director, CIO
    • IT Managers and SAM Manager
    • SAM Team
    • Release Manager (optional)
    • Security (optional)

    3.2

    Harvest, Redeploy, or Retire

    Step Outcomes

    • A process for conducting regular software inventory checks and analyzing the data to continually manage software assets and license compliance.
    • An understanding of software maintenance requirements
    • A policy for conducting regular software maintenance and patching
    • A documented patch management policy

    Manage your software licenses to decrease your risk of overspending

    Many organizations fail to track their software inventory effectively; the focus often remains on hardware due to its more tangible nature. However, annual software purchases often account for a higher IT spend than annual hardware purchases, so it’s important to track both.

    Benefits of managing software licenses

    • Better control of the IT footprint. Many companies already employ hardware asset management, but when they employ SAM, there is potential to save millions of dollars through optimal use of all technology assets.
    • Better purchasing decisions and negotiating leverage. Enhanced visibility into actual software needs means not only can companies procure and deploy the right increments of software in the right areas, but they can also do so more cost-effectively through tools such as volume purchase agreements or bundled services.
    • No refund policy combined with shelfware (software that sits unused “on the shelf”) is where software companies make their money.
    • Managing licenses will help prevent costly audit penalties. Special attention should be paid to software purchased from large vendors such as Microsoft, Oracle, Adobe, SAP, or IBM.

    Maintain a comprehensive, up-to-date software inventory to manage licenses effectively

    A clearly defined process for inventory management will reduce the risk of over buying licenses and falling out of compliance.

    • A detailed software inventory and tracking system should act as a single point of contact for all your license data.
    • Maintain a comprehensive inventory of installed software through complete and accurate records of all licenses, certifications, and software purchase transactions, storing these in a secure repository.
    • Periodically review installed software and accompanying licenses to ensure only legal and supported software is in use and to ensure ongoing compliance with the software management policy.

    Info-Tech Best Practice

    Have and maintain a list of supported software to guide what new software will be approved for purchase and what current software should be retained on the desktops, servers, and other processing devices.

    Conduct a baseline inventory of deployed software to know what you have

    You have to know what you have before you can manage it.

    A baseline inventory tells you exactly what software you have deployed and where it is being used. This can help to determine how to best optimize software and license usage.

    A software inventory will allow you to:

    • Identify all software residing on computers.
    • Compare existing software to the list of supported software.
    • Identify and delete illegal or unsupported software.
    • Identify and stop software use that violates license agreements, copyright law, or organizational policies.

    Two methods for conducting a software inventory:

    1. If you have several computers to analyze, use automated tools to conduct inventory for greater accuracy and efficiency. Software inventory or discovery tools scan installed software and generate inventory reports, while asset management tools will help you manage that data.
    2. Manual inventory may be possible if your organization has few computers.

    How to conduct a manual software inventory:

    1. Record serial number of device being analyzed.
    2. Record department and employee to whom the computer is assigned.
    3. Inspect contents of hard drive and/or server to identify software as well as hidden files and directories.
    4. Record licensing information for software found on workstation and server.
    5. Compare findings with list of supported software and licenses stored in repository.

    Keep the momentum going through regular inventory and licensing checks

    Take preventive action to avoid unauthorized software usage through regular software inventory and license management:

    • Regularly update the list of supported software and authorized use.
    • Monitor and optimize software license usage.
    • Continually communicate with and train employees around software needs and policies.
    • Maintain a regular inventory schedule to keep data up to date and remain compliant with licensing requirements – your specific schedule will depend on the size of the company and procurement schedule.
    • Conduct random spot inventories – even if you are using a tool, periodic spot checks should still be performed to ensure accuracy of inventory.
    • Periodically review software procurement records and ensure procurement process is being followed.
    • Continuously monitor software installations on networked computers through automated tools.
    • Ensure software licensing documentation and data is secure.

    Define process for conducting software inventory

    Associated Activity icon 3.1.1 Define process for regular software inventory

    Participants: IT Director, Asset Manager

    Document: Document in the Standard Operating Procedures.

    1. If a baseline software inventory has not been conducted, discuss and document a plan for completing the inventory.
      • Will the inventory be conducted manually or through automated tools?
      • If manually, what information will be collected and recorded? Which devices will be analyzed? Where will data be stored?
      • If automatically, which tools will be used? Will any additional information need to be collected? Who will have access to the inventory?
      • When will the inventory be conducted and by whom?
        • Monthly inventory may be required if there is a lot of change and movement, otherwise quarterly is usually sufficient.
    2. Document how inventory data will be analyzed.
      • How will data be compared against supported software?
      • How will software violations be addressed?
    3. Develop a plan for continual inventory spot checks and maintenance.
      • How often will inventory be conducted and/or analyzed?
      • How often will spot checks be performed?

    Don’t forget that software requires maintenance

    While maintenance efforts are typically focused around hardware, software maintenance – including upgrades and patches – must be built into the software asset management process to ensure software remains compliant with security and regulatory requirements.

    Software maintenance guidelines:

    • Maintenance agreements should be stored in the ITAM database.
    • Software should be kept as current as possible. It is recommended that software remain no more than two versions off.
    • Unsupported software should be uninstalled or upgraded as required.
    • Upgrades should be tested, especially for high-priority or critical applications or if integrated with other applications.
    • Change and release management best practices should be applied for all software upgrades and patches.
    • A process should be defined for how often patches will be applied to end-user devices.

    Integrate patch management with your SAM practice to improve security and reduce downtime

    The integration between patch management and asset management is incredibly valuable from a technology point of view. IT asset management (ITAM) tools create reports on the characteristics of deployed software. By combining these reports with a generalized software updater, you can automate most simple patches to save your team’s efforts for more-critical incidents. Usage reports can also help determine which applications should be reviewed and removed from the environment.

    • In recent years, patch management has grown in popularity due to widespread security threats, the resultant downtime, and expenses associated with them.
    • The main objective of patch management is to create a consistently configured environment that is secure against known vulnerabilities in operating systems and application software.

    Assessing new patches should include questions such as:

    • What’s the risk of releasing the patch? What is the criticality of the system? What end users will be affected?
    • How will we manage business disruption during an incident caused by a failed patch deployment?
    • In the event of service outage as a result of a failed patch deployment, how will we recover services effectively in business priority order?
    • What’s the risk of expediting the patch? Of not releasing the patch at all?

    Define policies for software maintenance and patches

    Associated Activity icon 3.1.2 Define software maintenance and patching policies

    Participants: IT Director, Asset Manager, Release Manager (optional), Security (optional)

    Document: Document in the Standard Operating Procedures.

    Software maintenance:

    Review the software maintenance guidelines in this section and in the SOP template. Discuss each policy and revise and document in accordance with your policies.

    Patch management:

    Discuss and document patch management policies:

    1. How often will end-user devices receive patches?
    2. How often will servers be patched?
    3. How will patches be prioritized? See example below.
      • Critical patches will be applied within two days of release, with testing prioritized to meet this schedule.
      • High-priority patches will be applied within 30 days of release, with testing scheduled to meet this requirement.
      • Normal-priority patches will be evaluated for appropriateness and will be installed as needed.

    Document your patch management policy

    Supporting Tool icon 3.1.3 Use the Patch Management Policy template to document your policy

    The patch management policy helps to ensure company computers are properly patched with the latest appropriate updates to reduce system vulnerability and to enhance repair application functionality. The policy aids in establishing procedures for the identification of vulnerabilities and potential areas of functionality enhancements, as well as the safe and timely installation of patches. The patch management policy is key to identifying and mitigating any system vulnerabilities and establishing standard patch management practices.

    Use Info-Tech’s Patch Management Policy template to get started.

    Sample of the 'Patch Management Policy' template.

    Step 3.2 Harvest, Redeploy, or Retire Software

    Phase 3:
    Manage, Redeploy & Retire
    This step will walk you through the following activities:This step involves the following participants:

    3.1

    Manage & Maintain Software
    • 3.2.1 Map your software license harvest and reallocation process
    • 3.2.2 Define the policy for retiring software
    • IT Director, CIO
    • IT Managers and SAM Manager
    • SAM Team

    3.2

    Harvest, Redeploy, or Retire

    Step Outcomes

    • A defined process for harvesting and reallocating unused software licenses
    • A defined policy for how and when to retire unused or outdated software

    Harvest and reallocate software to optimize license usage

    Using a defined process for harvesting licenses will yield a crop of savings throughout the organization.

    Unused software licenses are present in nearly every organization and result in wasted resources and software spend. Recycling and reharvesting licenses is a critical process within software asset management to save your organization money.

    Licensing Recycling

    When computers are no longer in use and retired, the software licenses installed on the machines may be able to be reused.

    License recycling involves reusing these licenses on machines that are still in use or for new employees.

    License Harvesting

    License harvesting involves more actively identifying machines with licenses that are either not in use or under utilized, and recovering them to be used elsewhere, thus reducing overall software spend on new licenses.

    Use software monitoring data to identify licenses for reallocation in alignment with policies and agreements

    1. Monitor software usage
      Monitor and track software license usage to gain a clear picture of where and how existing software licenses are being used and identify any unused or underused licenses.
    2. Identify licenses for reharvesting
      Identify software licenses that can be reharvested and reallocated according to your policy.
    3. Uninstall software
      Notify user, schedule a removal time if approved, uninstall software, and confirm it has been removed.
    4. Reallocate license when needed

    Sources of surplus licenses for harvest:

    • Projects that required a license during a particular time period, but now do not require a license (i.e. the free version of the software will suffice)
    • Licenses assigned to users no longer with the organization
    • Software installed on decommissioned hardware
    • Installed software that hasn’t been used by the user in the last 90 days (or other defined period)
    • Over-purchased software due to poorly controlled software request, approval, or provisioning processes

    Info-Tech Insight

    Know the stipulations of your end-user license agreement (EULA) before harvesting and reallocating licenses. There may be restrictions on how often a license can be recycled in your agreement.

    Create a defined process for software license harvesting

    Define a standard reharvest timeline. For example, every 90 days, your SAM team can perform an internal audit using your SAM tool to gather data on software usage. If a user has not used a title in that time period, your team can remove that title from that user’s machine. Depending on the terms and conditions of the contract, the license can either be retired or harvested and reallocated.

    Ensure you have exception rules built in for software that’s cyclical in its usage. For example, Finance may only use tax software during tax season, so there’s no reason to lump it under the same process as other titles.

    It’s important to note that in addition to this process, you will need a software usage policy that supports your license harvest process.

    The value of license harvesting

    • Let’s say you paid for 1,000 licenses of a software title at a price of $200 per license.
    • Of this total, 950 have been deployed, and of that total, 800 are currently being used.
    • This means that 16% of deployed licenses are not in use – at a cost of $30,000.
    • With a defined license harvest process, this situation would have been prevented.

    Build a workflow to document the software harvest process

    Include the following in your process:

    • How will unused software be identified?
    • How often will usage reports be reviewed?
    • How will the user be notified of software to be removed?
    • How will the software be removed?
    A flowchart documenting the software harvest process. There are two levels, at the top is 'IT Asset Manager', and the bottom is 'Desktop Support Team'. It begins in 'IT Asset Manager' with 'Create/Review Usage Report', and if the client agrees to removal it moves to 'License deactivation required?' in 'Desktop Support Team'. Eventually you 'Close ticket' and it moves back up to 'Discovery tool will register change automatically' in 'IT Asset Manager'.

    Map your software license harvest and reallocation process

    Associated Activity icon 3.2.1 Build license harvest and reallocation workflow

    Participants: IT Director, Asset Manager, Service Desk Manager

    Document: Document in the Standard Operating Procedures.

    1. Outline each step in the process of software harvest and reallocation using notecards or a whiteboard. Be as granular as possible. On each card, describe the step and the individual responsible for each step.
    2. When you are satisfied that each step is accurately captured, use a second color of notecard to document any challenges, inefficiencies, or pains associated with each step. Consider further documenting the time on each task.
    3. Examine each challenge or pain point. Discuss whether there is a clear solution to the problem. If so, document the solution and amend the workflow. If not, engage in a broader discussion of possible solutions, considering people, processes, and available technology.
    4. Use the sample workflow on the previous slide as a guide if needed.

    The same flowchart documenting the software harvest process from the previous section.

    Improve your software retirement process to drive savings for the whole business

    Business Drivers for Software Disposal

    • Cost Reduction
      • Application retirement allows the application and the supporting hardware stack to be decommissioned.
      • This eliminates recurring costs such as licensing, maintenance, and application administration costs, representing potentially significant savings
    • Consolidation
      • Many legacy applications are redundant systems. For example, many companies have ten or more legacy financial systems from mergers/acquisitions.
      • Systems can be siloed, running incompatible software. Moving data to a common accessible repository streamlines research, audits, and reporting.
    • Compliance
      • An increased focus on regulations places renewed emphasis on e-discovery policies. Keeping legacy applications active just to retain data is an expensive proposition.
      • During application retirement, data is classified, assigned retention policies, and disposed of according to data/governance initiatives.
    • Risk Mitigation
      • Relying on IT to manage legacy systems is problematic. The lack of IT staff familiar with the application increases the potential risk of delayed responses to audits and e-discovery.
      • Retiring application data to a common platform lets you leverage skills you have current investments in. This enables you to be responsive to audit or litigation results.

    Retire your outdated software to decrease IT spend on redundant applications

    Benefits of software retirement:

    1. Assists the service desk in not having to support every release, version, or edition of software that your company might have used in the past.
    2. Stay current with product releases so your company is better placed to take advantage of improvements built-in to such products, rather than being limited by the lack of a newly introduced function.
    3. Removing software that is no longer of commercial benefit can offer a residual value through assets.

    Consequences of continuing to support outdated software:

    • Budgets are tied up to support existing applications and infrastructure, which leaves little room to invest in new technologies that would otherwise help grow business.
    • Much of this software includes legacy systems that were acquired or replaced when new applications were deployed. The value of these outdated systems decreases with every passing year, yet organizations often continue to support these applications.
      • Fear of compliance and data access are the most common reasons.
    • Unfortunately, the cost of doing so can consume over 50% of an overall IT budget.

    The solution to this situation is to retire outdated software.

    “Time and time again, I keep hearing stories from schools on how IT budgets are constantly being squeezed, but when I dig a little deeper, little or no effort is being made on accounting for software that might be on the kit we are taking away.” (Phil Goldsmith, Managing Director – ScrumpyMacs)

    Define the policy for retiring software

    Associated Activity icon 3.2.2 Document process for software retirement

    Participants: IT Director, Asset Manager, Operations

    Document: Document in the Standard Operating Procedures.

    1. Discuss and document the process for retiring software that has been deemed redundant due to changing business needs or an improvement in competitive options.
    2. Consider the following:
      • What criteria will determine when software is suited for retirement?
      • The contract should always be reviewed before making a decision to ensure proper notice is given to the vendor.
      • Notice should be provided as soon as possible to ensure no additional billing arrives for renewals.
      • How will software be removed from all devices? How soon must the software be replaced, if applicable?
      • How long will records be archived in the ITAM database?
    3. Document decisions in the Standard Operating Procedures.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of an Info-Tech analyst.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    3.1.2

    Sample of activity 3.1.2 'Define policies for software maintenance and patches'. Define policies for software maintenance and patches

    Discuss best practices and define policies for conducting regular software maintenance and patching.

    3.2.1

    Sample of activity 3.3.1 'Assess the maturity of audit management processes and policies'. Map your software license harvest and reallocation process

    Build a process workflow for harvesting and reallocating unused software licenses.

    Phase 3 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 3: Manage, redeploy, and retire

    Proposed Time to Completion (in weeks): 4
    Step 3.1: Manage and maintain softwareStep 3.2: Harvest, redeploy, or retire
    Start with an analyst kick-off call:
    • Define a process for conducting software inventory
    • Define a policy for software maintenance
    • Build a patch management policy
    Review findings with analyst:
    • Build a process for harvesting and reallocating software licenses
    • Define a software retirement policy
    Then complete these activities…
    • Define process for conducting software inventory
    • Define policies for software maintenance
    • Document patch management policy
    Then complete these activities…
    • Map software harvest and reallocation process
    • Define software retirement policy
    With these tools & templates:
    • Standard Operating Procedures
    • Patch Management Policy
    With these tools & templates:
    • Standard Operating Procedures

    Phase 4: Build Supporting Processes & Tools

    Visa used an internal SAM strategy to win the audit battle

    Logo for VISA.

    Case Study

    Industry: Financial Services
    Source: SAM Summit 2014

    Challenge

    The overarching goal of any SAM program is compliance to prevent costly audit fines. The SAM team at Visa was made up of many individuals who were former auditors.

    To deal with audit requests from vendors, “understand how auditors do things and understand their approach,” states Joe Birdsong, SAM Director at Visa.

    Vendors are always on the lookout for telltale signs of a lucrative audit. For Visa, the key was to understand these processes and learn how to prepare for them.

    Solution

    Vendors typically look for the following when evaluating an organization for audit:

    1. A recent decrease in customer spend
    2. How easy the licensed software is to audit
    3. Organizational health

    Ultimately, an audit is an attack on the relationship between the vendor and organization. According to Birdsong: “Maybe they haven’t really touched base with your teams and had good contact and relationship with them, and they don’t really know what’s going on in your enterprise.”

    Results

    By understanding the motivations behind potential audits, Visa was able to form a strategy to increase transparency with the vendor.

    Regular data collection, almost real-time reporting, and open, quick communication with the vendor surrounding audits made Visa a low-risk client for vendors.

    Buy-in from management is also important, and the creation of an official SAM strategy helps maintain support. Thanks to its proactive SAM program, Visa saved $200 million in just three years.

    Step 4.1 Ensure compliance for audits

    Phase 4:
    Build supporting processes & tools
    This step will walk you through the following activities:This step involves the following participants:

    4.1

    Compliance & audits
    • 4.1.1 Define and document the internal audit process
    • 4.1.2 Define and document the external audit process
    • 4.1.3 Prepare an audit scoping email template
    • 4.1.4 Prepare an audit launch email template
    • IT Director, CIO
    • IT Managers and SAM Manager
    • SAM Team

    4.2

    Communicate & build roadmap

    Step Outcomes

    • An understanding of the audit process and importance of audit preparation
    • A defined process for conducting regular internal audits to prepare for and defend against external audits
    • A strategy and documented process for responding to external audit requests

    Take a lifecycle approach to your software compliance process

    Internal audits are an effective way for organizations to regularly assess their licensing position in preparation for an audit.

    1. Gather License Data
      Use your SAM tool to run a discovery check to determine the current state of your software estate.
    2. Improve Data Quality
      Scan the data for red flags. Improve its completeness, consistency, and quality.
    3. Identify Audit Risks
      Using corrected license data, examine your reports and identify areas of risk within the organization.
    4. Identify priority titles
      Determine which titles need attention first by using the output of the license rationalization step.
    5. Reconcile to eliminate gaps
      Ensure that the correct number of licenses are deployed for each title.
    6. Draft Vendor Response
      Prepare response to vendor for when an audit has been requested.

    Improve audit response maturity by leveraging technology and contract data

    By improving your software asset management program’s maturity, you will drive savings for the business that go beyond the negotiating table.

    Recognize the classic signs of each stage of audit response maturity to identify where your organization currently stands and where it can go.

    • Optimized: Automated tools generate compliance, usage, and savings reports. Product usage reports and alerts in place to harvest and reuse licenses. Detailed savings reports provided to executive team.
    • Proactive: Best practices enforced. Compliance positions are checked quarterly, and compliance reports are used to negotiate software contracts.
    • Reactive: Best practices identified but unused. Manual tools still primarily in use. Compliance reports are time-consuming and often inaccurate.
    • Chaotic: Purchases are ad hoc and transaction based. Minimal tracking in place, leading to time-consuming manual processes.

    Implement a proactive internal audit strategy to defend against external audits

    Audits – particularly those related to software – have been on the rise as vendors attempt to recapture revenue.

    Being prepared for an audit is critical. Internal preparation will not only help your organization reduce the risk associated with an audit but will also improve daily operations through focusing on diligent documentation and data collection.

    Conducting routine internal audits will help prepare your organization for the real deal and may even prevent the audit from happening altogether. Hundreds of thousands of dollars can be saved through a proactive audit strategy with routine documentation in place.

    In addition to the fines incurred from a failed audit, numerous other negative consequences can arise:

    • Multiple audits: Failing an audit makes the organization more likely to be audited again.
    • Poor perception of IT: Unless non-compliance was previously disclosed to the business, IT can be deemed responsible.
    • Punitive injunctions: If a settlement is not reached, vendors will apply for an injunction, inhibiting use of their software.
    • Inability to justify purchases: IT can have difficulty justifying the purchase of additional resources after a failed audit.
    • Disruption to business: Precious time and resources will be spent dealing with the results of the audit.

    Perform routine internal compliance reports to decrease audit risk

    The intent of an internal audit is to stop the battle from happening before it starts. Waiting for a knock at the door from a vendor can be stressful, and it can do harm beyond a costly fine.

    • Internal audits help to ensure you’re keeping track of any software changes to keep your data and licensing up to date and avoid costly surprises if an external audit is requested.
    • Identify areas where processes are breaking down and address them before there’s a potential negative impact.
    • Identify control points in processes ahead of time to more easily identify access points where information should be verified.

    “You want to get [the] environment to a level where you’re comfortable sharing information with [a] vendor. Inviting them in to have a chat and exposing numbers means there’s no relationship there where they’re coming to audit you. They only come to audit you when they know there’s a gain to be had, otherwise what’s the point of auditing?
    I want customers to get comfortable with licensing and what they’re spending, and then there’s no problem exposing that to vendors. Vendors actually appreciate that.”
    (Ben Brand, SAM Practice Manager, Insight)

    Info-Tech Insight

    “The supreme art of war is to subdue the enemy without fighting.” – Sun Tzu

    Performing routine checks on your license compliance will drastically reduce the risk that your organization gets hit with a costly fine. Maintaining transparency and demonstrating compliance will fend off audit-hungry vendors.

    Define and document the internal audit process

    Associated Activity icon 4.1.1 Document process and procedures for internal audits

    Participants: CIO and/or IT Director, Asset Manager, IT Managers

    Document: Document in the Standard Operating Procedures.

    Define and document a process for conducting internal software audits.
    Include the following:

    1. How often will audits be completed for each software published?
    2. When will audits be conducted?
    3. Who will conduct the audit? Who will be consulted?
    4. What will be included in the scope of the audit?

    Example:

    • Annual audits will be completed for each software publisher, scheduled as part of the license or maintenance agreement renewals.
    • Where annual purchases are not required, vendor audits for compliance will be conducted annually, with a date predetermined based on minimizing scheduling conflicts with larger audits.
    • Audit will be completed with input from product managers.
    • Audit will include:
      • Software compliance review: Licenses owned compared to product installed.
      • Version review: Determine if installed versions match company standards. If there is a need for upgrades, does the license permit upgrading?
      • Maintenance review: Does the maintenance match requirements for the next year’s plans and licenses in use?
      • Support review: Is the support contract appropriate for use?
      • Budget: Has budget been allocated; is there an adjustment required due to increases?

    Identify organizational warning signs to decrease audit risk

    Being prepared for an audit is critical. Internal preparation will not only help your organization reduce the risk associated with an audit but will also improve daily operations through focusing on diligent documentation and data collection.

    Certain triggers exist that indicate a higher risk of an audit occurring. It is important to recognize these warning signs so you can prepare accordingly.

    Health of organization
    If your organization is putting out fires and a vendor can sense it, they’ll see an audit as a highly lucrative exercise.

    Decrease in customer spend
    A decrease in spend means that an organization has a high chance of being under-licensed.

    License complexity
    The more complex the license, the harder it is to remain in compliance. Some vendors are infamous for their complex licensing agreements.

    Audit Strategy

    • Audits should neither be feared nor embraced.
    • An audit is an attack on your relationship with your vendor; your vendor needs to defend its best interests, but it would also rather maintain a satisfied relationship with its client.
    • A proactive approach to audits through routine reporting and transparency with vendors will alleviate all fear surrounding the audit process. It provides your vendor with compliance assurance and communicates that an audit won’t net the vendor enough revenue to justify the effort.

    Focus on three key tactics for success before responding to an audit

    Taking these due diligence steps will pay dividends downstream, reducing the risk of negative results such as release of confidential information.

    Form an Audit Team

    • Once an audit letter is received from a vendor or third party, a virtual team needs to be formed.
    • The team should be cross-functional, representing various core areas of the business.
    • Don’t forget legal counsel: they will assist in the review of audit provision(s) to determine your contractual rights and obligations with respect to the audit.

    Sign an NDA

    • An NDA should be signed by all parties, the organization, the vendor, and the auditor.
    • Don’t wait on a vendor to provide its NDA. The organization should have its own and provide it to both parties.
    • If the auditor is a third party, negotiate a three-way NDA. This will prevent data being shared with other third parties.

    Examine Contract History

    • Vendors will attempt to alter terms of contracts when new products are purchased.
    • Maintain your current agreement if they are more favorable by “grandfathering” your original agreement.
    • Oracle master level agreements are an example: master level agreements offer more favorable terms than more recent versions.

    Info-Tech Insight

    Even if you cannot get a third-party NDA signed, the negotiation process should delay the overall audit process by at least a month, buying your organization valuable time to gather license data.

    Be prepared for external audit requests with a defined process for responding

    1. Vendor-initiated audit request received and brought to attention of IT Asset Manager and CIO.
    2. Acknowledge receipt of audit notice.
    3. Negotiate timing and scope of the audit (including software titles, geographic locations, entities, and completion date).
    4. Notify staff not to remove or acquire licenses for software under audit.
    5. Gather documentation and create report of all licensed software within audit scope.
      • Include original contract, most recent contract, and any addendums, purchase receipts, or reseller invoices, and publisher documentation such as manuals or electronic media.
    6. Compare documentation to installed software according to ITAM database.
    7. Validate any unusual or non-compliant software.
    8. Complete documentation requested by auditor and review results.

    Define and document the external audit process

    Associated Activity icon 4.1.2 Define external audit process

    Participants: CIO and/or IT Director, Asset Manager, IT Managers

    Document: Document in the Standard Operating Procedures.

    Define and document a process for responding to external software audit requests.
    Include the following:

    1. Who must be notified of the audit request when it is received?
    2. When must acknowledgement of the notice be sent and by whom?
    3. What must be defined under the scope of the audit (e.g. software titles, geographic locations, entities, completion date)?
    4. What communications must be sent to IT staff and end users to ensure compliance?
    5. What documentation should be gathered to review?
    6. How will documentation be verified against data?
    7. How will unusual or non-compliant software be identified and validated?
    8. Who needs to be informed of the results?

    Control audit scope with an audit response template

    Supporting Tool icon 4.1.3 Prepare an audit scoping email template

    Use the Software Audit Scoping Email Template to create an email directed at your external (or internal) auditors. Send the audit scoping email several weeks before an audit to determine the audit’s scope and objectives. The email should include:

    • Detailed questions about audit scope and objectives.
    • Critical background information on your organization/program.

    The email will help focus your preparation efforts and initiate your relationship with the auditors.

    Control scope by addressing the following:

    • Products covered by a properly executed agreement
    • Geographic regions
    • User groups
    • Time periods
    • Specific locations
    • A subset of users’ computers
    Sample of the 'Software Audit Scoping Email Template'.

    Keep leadership informed with an audit launch email

    Supporting Tool icon 4.1.4 Prepare an audit launch email template

    Approximately a week before the audit, you should email the internal leadership to communicate information about the start of the audit. Use the Software Audit Launch Email Template to create this email, including:

    • Staffing
    • Functional requirements
    • Audit contact person information
    • Scheduling details
    • Audit report estimated delivery time

    For more guidance on preparing for a software audit, see Info-Tech’s blueprint: Prepare and Defend Against a Software Audit.

    Sample of the 'Software Audit Launch Email Template'.

    A large bank employed proactive, internal audits to experience big savings

    Case Study

    Industry: Banking
    Source: Pomeroy

    Challenge

    A large American financial institution with 1,300 banking centers in 12 states, 28,000 end users, and 108,000 assets needed to improve its asset management program.

    The bank had employed numerous ITAM tools, but IT staff identified that its asset data was still fragmented. There was still incomplete insight into what assets the banked owned, the precise value of those assets, their location, and what they’re being used for.

    The bank decided to establish an asset management program that involved internal audits to gather more-complete data sets.

    Solution

    With the help of a vendor, the bank implemented cradle-to-grave asset tracking and lifecycle management, which provided discovery of almost $80 million in assets.

    The bank also assembled an ITAM team and a dedicated ITAM manager to ensure that routine internal audits were performed.

    The team was instrumental in establishing standardization of IT policies, hardware configuration, and service requirements.

    Results

    • The bank identified and now tracks over 108,000 assets.
    • The previous level of 80% accuracy in inventory tracking was raised to 96%.
    • Nearly $500,000 was saved through asset recovery and repurposing of 600 idle assets.
    • There are hundreds of thousands of dollars in estimated savings as the result of avoiding costly penalties from failed audits thanks to proactive internal audits.

    Step 4.2 Build communication plan and roadmap

    Phase 4:
    Build supporting processes & tools
    This step will walk you through the following activities:This step involves the following participants:

    4.1

    Compliance & audits
    • 4.2.1 Develop a communication plan to convey the right messages
    • 4.2.2 Anticipate end-user questions by preparing an FAQ list
    • 4.2.3 Build a software asset management policy
    • 4.2.4 Build additional SAM policies
    • 4.2.5 Develop a SAM roadmap to plan your implementation
    • IT Director, CIO
    • IT Managers and SAM Manager
    • SAM Team

    4.2

    Communicate & build roadmap

    Step Outcomes

    • A documented communications plan for relevant stakeholders to understand the benefits and changes the SAM program will bring
    • A list of anticipated end-user questions with responses
    • Documented software asset management policies
    • An implementation roadmap

    Communicate SAM processes to gain acceptance and support

    Communication is crucial to the integration and overall implementation of your SAM program. If staff and users do not understand the purpose of processes and policies, they will fail to provide the desired value.

    An effective communication plan will:

    • Gain support from management at the project proposal phase.
    • Create end-user buy-in once the program is set to launch.
    • Maintain the presence of the program throughout the business.
    • Instill ownership throughout the business from top-level management to new hires.

    Communicate the following:

    1. Advertise successes

      • Regularly demonstrate the value of the SAM program with descriptive statistics focused on key financial benefits.
      • Share data with the appropriate personnel; promote success to obtain further support from senior management.
    2. Report and share asset data

      • Sharing detailed asset-related reports frequently gives decision makers useful data to aid in their strategy.
      • These reports can help your organization prepare for audits, adjust budgeting, and detect unauthorized software.
    3. Communicate the value of SAM

      • Educate management and end users about how they fit into the bigger picture.
      • Individuals need to know which behaviors may put the organization at risk or adversely affect data quality.

    Educate staff and end users through SAM training to increase program success

    As part of your communication plan and overall SAM implementation, training should be provided to both staff and end users within the organization.

    • ITAM solutions are complex by nature with both business process and technical knowledge required to use them correctly.
    • All facets of the business, from management to new hires, should be provided with training to help them understand their role in the program’s success.
    • Keep the message appropriate to the audience – end users don’t need to know the complete process, but will need to know policy and how to request.
    • Even after the SAM program has been fully implemented, keep employees up to date with policies and processes through ongoing training sessions for both new hires and existing employees:
      • New hires: Provide new hires with all relevant SAM policies and ensure they understand the importance of software asset management.
      • Existing employees: Continually remind them of how SAM is involved in their daily operations and inform them of any changes to policies.

    Create your communications plan to anticipate challenges, remove obstacles, and ensure buy-in

    Provide separate communications to key stakeholder groups

    Why:
    • What problems are you trying to solve?
    What:
    • What processes will it affect (that will affect me)?
    Who:
    • Who will be affected?
    • Who do I go to if I have issues with the new process?
    Three circular arrows each linking t the next in a downward daisy chain. The type arrow has 'IT Staff' in the middle, the second 'Management', and the third 'End Users' When:
    • When will this be happening?
    • When will it affect me?
    How:
    • How will these changes manifest themselves?
    Goal:
    • What is the final goal?
    • How will it benefit me?

    Develop a communication plan to convey the right messages

    Associated Activity icon 4.2.1 Develop a communication plan to convey the right messages

    Participants: CIO, IT Director, Asset Manager, Service Desk Manager

    Document: Document in the SAM Communication Plan.

    1. Identify the groups that will be affected by the SAM program.
    2. For each group requiring a communication plan, identify the following:
    3. Benefits of SAM for that group of individuals (e.g. more efficient software requests).
    4. The impact the change will have on them (e.g. change in the way a certain process will work).
    5. Communication method (i.e. how you will communicate).
    6. Timeframe (i.e. when and how often you will communicate the changes).
    7. Complete this information in a table like the one below and document in the Communication Plan.
    Group Benefits Impact Method Timeline
    Executives
    • Improved audit compliance
    • Improved budgeting and forecasting
    • Review and sign off on policies
    End Users
    • Streamlined software request process
    • Follow software installation and security policies
    IT
    • Faster access to data and one source of truth
    • Modified processes
    • Ensure audits are completed regularly

    Anticipate end-user questions by preparing an FAQ list

    Associated Activity icon 4.2.2 Prepare an FAQ list

    Document: Document FAQ questions and answers in the SAM FAQ Template.

    ITAM imposes changes to end users throughout the business and it’s normal to expect questions about the new program. Prepare your team ahead of time by creating a list of FAQs.

    Some common questions include:

    • Why are you changing from the old processes?
    • Why now?
    • What are you going to ask me to do differently?
    • Will I lose any of my software?

    The benefits of preparing a list of answers to FAQs include:

    • A reduction in time spent creating answers to questions. If you focus on the most common questions, you will make efficient use of your team’s time.
    • Consistency in your team’s responses. By socializing the answers to FAQs, you ensure that no one on your team is out of the loop and the message remains consistent across the board.

    Include policy design and enforcement in your communication plan

    • Software asset management policies should define the actions to be taken to support software asset management processes and ensure the effective and efficient management of IT software assets across the asset lifecycle.
    • Implementing asset management policies enforces the notion that the organization takes its IT assets and the management of them seriously and will help ensure the benefits of SAM are achieved.
    • Designing, approving, documenting, and adopting one set of standard SAM policies for each department to follow will ensure the processes are enforced equally across the organization.

    Info-Tech Insight

    Use policy templates to jumpstart your policy development and ensure policies are comprehensive, but be sure to modify and adapt policies to suit your corporate culture or they will not gain buy-in from employees. For a policy to be successful, it must be a living document and have participation and involvement from the committees and departments to whom it will pertain.

    Build a software asset management policy

    Supporting Tool icon 4.2.3 Document a SAM policy

    Use Info-Tech’s Software Asset Management Policy template to define and document the purpose, scope, objectives, and roles and responsibilities for your organization's software asset management program.

    The template allows you to customize policy requirements for:

    • Procurement
    • Installation and Removal
    • Maintenance
    • Mergers and Acquisitions
    • Company Divestitures
    • Audits

    …as well as consequences for non-compliance.

    Sample of the 'Software Asset Management Policy' template.

    Use Info-Tech’s policy templates to build additional policies

    Supporting Tool icon 4.2.4 Build additional SAM policies

    Asset Security Policy
    The IT asset security policy will describe your organization's approach to ensuring the physical and digital security of your IT assets throughout their entire lifecycle.

    End-User Devices Acceptable Use Policy
    This policy should describe how business tools provided to employees are to be used in a responsible, ethical, and compliant manner, as well as the consequences of non-compliance.

    Purchasing Policy
    The purchasing policy helps to establish company standards, guidelines, and procedures for the purchase of all information technology hardware, software, and computer-related components as well as the purchase of all technical services.

    Release Management Policy
    Use this policy template to define and document the purpose, scope, objectives, and roles and responsibilities for your organization's release management program.

    Internet Acceptable Use Policy
    Use this template to help keep the internet use policy up to date. This policy template includes descriptions of acceptable and unacceptable use, security provisions, and disclaimers on the right of the organization to monitor usage and liability.

    Samples of additional SAM policies, listed to the left.

    Implement SAM in a phased, constructive approach

    One of the most difficult decisions to make when implementing a SAM program is: “where do we start?”

    It’s not necessary to deploy a comprehensive SAM program to start. Build on the essentials to become more mature as you grow.

    SAM Program Maturity (highest to lowest)

    • Audits and reporting
      Gather and analyze data about software assets to ensure compliance for audits and to continually improve the business.
    • Contracts and budget
      Analyze contracts and licenses for software across the enterprise and optimize planning to enable cost reduction.
    • Lifecycle standardization
      Define standards and processes for all asset lifecycle phases from request and procurement through to retirement and redistribution.
    • Inventory and tracking
      Define assets you will procure, distribute, and track. Know what you have, where it is deployed, and keep track of contracts and all relevant data.

    Integrate your SAM program with the organization to assist its implementation

    SAM cannot perform on its own – it must be integrated with other functional areas of the organization to maintain its stability and support.

    • Effective SAM is supported by a comprehensive set of processes as part of its implementation.
    • For example, integration with the procurement team’s processes and tools is required to track software purchases to mitigate software license compliance risk.
    • Integration with Finance is required to support internal cost allocations and chargebacks.
    • Integration with the service desk is required to track and deploy software requests.

    Info-Tech Best Practice

    To integrate SAM effectively, a clear implementation roadmap needs to be designed. Prioritize “quick wins” to demonstrate success to the business early and to gain buy-in from your team. Short-term gains should be designed to support long-term goals of your SAM program.

    Sample short-term goals
    • Identify inventory classification and tool
    • Create basic SAM policies and processes
    • Implement SAM auto-discovery tools
    Sample long-term goals
    • Software contract data integration
    • Continual improvement through review and revision
    • Software compliance reports, internal audits

    Develop a SAM roadmap to plan your implementation

    Associated Activity icon 4.2.5 Build a project roadmap
    1. Identify and review all initiatives that will be taken to implement or improve the software asset management program. These may fall under people, process, or technology-related tasks.
    2. Assign a priority level to each task (Quick Win, Low, Medium, High).
    3. Use the priority to sort tasks into start dates, breaking down by:
      1. Short, medium, or long-term
      2. 1 month, 3 months, 6 months, 12+ months
      3. Q1, Q2, Q3, Q4
    4. Review tasks and adjust start dates for some, if needed to set realistic and achievable timelines.
    5. Transfer tasks to a project plan or Gantt chart to formalize.
    Examples:
    Q1 Q2 Q3 Q4
    • Hire software asset manager
    • Document SOP
    • Define policies
    • Select a SAM tool
    • Create list of approved services and software
    • Define metrics
    • Inventory existing software and contracts
    • Build a patch policy
    • Build a service catalog
    • Contract renewal alignment
    • Run internal audit
    • Security review

    Review and maintain the SAM program to reach optimal maturity

    • SAM is a dynamic process. It must adapt to keep pace with the direction of the organization. New applications, different licensing needs, and a constant stream of new end users all contribute to complicating the licensing process.
    • As part of your organization’s journey to an optimized SAM program, put in place continual improvement practices to maintain momentum.

    A suggested cycle of review and maintenance for your SAM: 'Plan', 'Do', 'Check', 'Act'.

    Info-Tech Insight

    Advertising the increased revenue that is gained from good SAM practices is a powerful way to gain project buy-in.

    Keep the momentum going:

    • Clearly define ongoing responsibilities for each role.
    • Develop a training and awareness program for new employees to be introduced to SAM processes and policies.
    • Continually review and revise existing processes as necessary.
    • Measure the success of the program to identify areas for improvement and demonstrate successes.
    • Measure adherence to process and policies and enforce as needed.

    Reflect on the outcomes of implementing SAM to target areas for improvement and share knowledge gained within and beyond the SAM team. Some questions to consider include:

    1. How did the data compare to our expectations? Was the project a success?
    2. What obstacles were present that impacted the project?
    3. How can we apply lessons learned through this project to others in the future?

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of an Info-Tech analyst.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    4.2.1

    Sample of activity 4.2.1 'Develop a communication plan to convey the right messages'. Develop a communication plan to convey the right messages

    Identify stakeholders requiring communication and formulate a message and delivery method for each.

    4.2.5

    Sample of activity 4.2.5 'Develop a SAM roadmap to plan your implementation'. Develop a SAM roadmap to plan your implementation

    Outline the tasks necessary for the implementation of this project and prioritize to build a project roadmap.

    Phase 4 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 4: Build supporting processes & tools

    Proposed Time to Completion (in weeks): 4
    Step 4.1: Compliance & audits Step 4.2: Communicate & build roadmap
    Start with an analyst kick-off call:
    • Discuss audit process
    • Define a process for internal audits
    • Define a process for external audit response
    Review findings with analyst:
    • Build communication plan
    • Discuss policy needs
    • Build a roadmap
    Then complete these activities…
    • Document internal audit process
    • Document external audit process
    • Prepare audit templates
    Then complete these activities…
    • Develop communication plan
    • Prepare an FAQ list for end users
    • Build SAM policies
    • Develop a roadmap
    With these tools & templates:
    • Standard Operating Procedures
    • Software Audit Scoping Email Template
    • Software Audit Launch Email Template
    With these tools & templates:
    • SAM Communication Plan
    • Software Asset Management FAQ Template
    • Software Asset Management Policy
    • Additional Policy Templates

    Bibliography

    2013 Software Audit Industry Report.” Express Metrix, 2013. Web.

    7 Vital Trends Disrupting Today’s Workplace: Results and Data from 2013 TINYpulse Employee Engagement Survey.” TINYpulse, 2013. Web.

    Beaupoil, Christof. “How to measure data quality and protect against software audits.” Network World, 6 June 2011.

    Begg, Daniel. “Effective Licence Position (ELP) – What is it really worth?” LinkedIn, 19 January 2016.

    Boehler, Bernhard. “Advanced License Optimization: Go Beyond Compliance for Maximum Cost Savings.” The ITAM Review, 24 November 2014.

    Bruce, Warren. “SAM Baseline – process & best practice.” Microsoft. 2013 Australia Partner Conference.

    Case Study Top 20 U.S. Bank Tackles Asset Management.” Pomeroy, 2012. Web.

    Cherwell Software Software Audit Industry Report.” Cherwell Software, 2015. Web.

    Conrad, Sandi. “SAM starter kit: everything you need to get started with software asset management. Conrad & Associates, 2010.

    Corstens, Jan, and Diederik Van der Sijpe. “Contract risk & compliance software asset management (SAM).” Deloitte, 2012.

    Deas, A., T. Markowitzm and E. Black. “Software asset management: high risk, high reward.” Deloitte, 2014.

    Doig, Chris. “Why you should always estimate ROI before buying enterprise software” CIO, 13 August 2015.

    Fried, Chuck. “America Needs An Education On Software Asset Management (SAM).” LinkedIn. 16 June 2015.

    Lyons, Gwen. “Understanding the Drivers Behind Application Rationalization Critical to Success.” Flexera Software Blog, 31 October 2012.

    Bibliography

    Metrics to Measure SAM Success: eight ways to prove your SAM program is delivering business benefits.” Snow Software White Paper, 2015.

    Microsoft. “The SAM Optimization Model.” Microsoft Corporation White Paper, 2010.

    Miller, D. and M. Oliver. “Engaging Stakeholders for Project Success.” Project Management Institute White Paper, 2015.

    Morrison, Dan. “5 Common Misconceptions of Software Asset Management.” SoftwareOne. 12 May 2015.

    O’Neill, Leslie T. “Visa Case Study: SAM in the 21st Century.” International Business Software Managers Association (IBSMA), 30 July 2014.

    Reducing Hidden Operating Costs Through IT Asset Discovery.” NetSupport Inc., 2011.

    SAM Summit 2014, 23-25 June 2014, University of Chicago Gleacher Center Conference Facilities, Chicago, MI.

    Saxby, Heather. “20 Things Every CIO Needs to Know about Software Asset Management.” Crayon Software Experts, 13 May 2015.

    The 2016 State of IT: Managing the money monsters for the coming year.” Spiceworks, 2016.

    The Hidden Cost of Unused Software.” A 1E Report, 1E.com: 2014. Web.

    What does it take to achieve software license optimization?” Flexera White Paper, 2013.

    Research contributors and experts

    Photo of Michael Dean, Director, User Support Services, Des Moines University Michael Dean
    Director, User Support Services
    Des Moines University
    Simon Leuty
    Co-Founder
    Livingstone Tech
    Photo of Simon Leuty, Co-Founder, Livingstone Tech
    Photo of Clare Walsh, PR Consultant, Adesso Tech Ltd. Clare Walsh
    PR Consultant
    Adesso Tech Ltd.
    Alex Monaghan
    Director, Presales EMEA
    Product Support Solutions
    Photo of Alex Monaghan, Director, Presales EMEA, Product Support Solutions

    Research contributors and experts

    Photo of Ben Brand, SAM Practice Manager, Insight Ben Brand
    SAM Practice Manager
    Insight
    Michael Swanson
    President
    ISAM
    Photo of Michael Swanson, President, ISAM
    Photo of Bruce Aboudara, SVP, Marketing & Business Development, Scalable Software Bruce Aboudara
    SVP, Marketing & Business Development
    Scalable Software
    Will Degener
    Senior Solutions Consultant
    Scalable Software
    Photo of Will Degener, Senior Solutions Consultant, Scalable Software

    Research contributors and experts

    Photo of Peter Gregorowicz, Associate Director, Network & Client Services, Vancouver Community College Peter Gregorowicz
    Associate Director, Network & Client Services
    Vancouver Community College
    Peter Schnitzler
    Operations Team Lead
    Toyota Canada
    Photo of Peter Schnitzler, Operations Team Lead, Toyota Canada
    Photo of David Maughan, Head of Service Transition, Mott MacDonald Ltd. David Maughan
    Head of Service Transition
    Mott MacDonald Ltd.
    Brian Bernard
    Infrastructure & Operations Manager
    Lee County Clerk of Court
    Photo of Brian Bernard, Infrastructure & Operations Manager, Lee County Clerk of Court

    Research contributors and experts

    Photo of Leticia Sobrado, IT Data Governance & Compliance Manager, Intercept Pharmaceuticals Leticia Sobrado
    IT Data Governance & Compliance Manager
    Intercept Pharmaceuticals

    Develop Meaningful Service Metrics

    • Buy Link or Shortcode: {j2store}399|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $20,308 Average $ Saved
    • member rating average days saved: 30 Average Days Saved
    • Parent Category Name: Service Management
    • Parent Category Link: /service-management
    • IT organizations measure services from a technology perspective but rarely from a business goal or outcome perspective.
    • Most organizations do a poor job of identifying and measuring service outcomes over the duration of a service’s lifecycle – never ensuring the services remain valuable and meet expected long-term ROI.

    Our Advice

    Critical Insight

    • Service metrics are critical to ensuring alignment of IT service performance and business service value achievement.
    • Service metrics reinforce positive business and end-user relationships by providing user-centric information that drives responsiveness and consistent service improvement.
    • Poorly designed metrics drive unintended and unproductive behaviors that have negative impacts on IT and produce negative service outcomes.

    Impact and Result

    Effective service metrics will provide the following service gains:

    • Confirm service performance and identify gaps.
    • Drive service improvement to maximize service value.
    • Validate performance improvements while quantifying and demonstrating business value.
    • Ensure service reporting aligns with end-user experience.
    • Achieve and confirm process and regulatory compliance.

    Which will translate into the following relationship gains:

    • Embed IT into business value achievement.
    • Improve the relationship between the business and IT.
    • Achieve higher customer satisfaction (happier end users receiving expected service, the business is able to identify how things are really performing).
    • Reinforce desirable actions and behaviors from both IT and the business.

    Develop Meaningful Service Metrics Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should develop meaningful service metrics, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Develop Meaningful Service Metrics – Executive Brief
    • Develop Meaningful Service Metrics – Phases 1-3

    1. Design the metrics

    Identify the appropriate service metrics based on stakeholder needs.

    • Develop Meaningful Service Metrics to Ensure Business and User Satisfaction – Phase 1: Design the Metrics
    • Metrics Development Workbook

    2. Design reports and dashboards

    Present the right metrics in the most interesting and stakeholder-centric way possible.

    • Develop Meaningful Service Metrics to Ensure Business and User Satisfaction – Phase 2: Design Reports and Dashboards
    • Metrics Presentation Format Selection Guide

    3. Implement, track, and maintain

    Run a pilot with a smaller sample of defined service metrics, then continuously validate your approach and make refinements to the processes.

    • Develop Meaningful Service Metrics to Ensure Business and User Satisfaction – Phase 3: Implement, Track, and Maintain
    • Metrics Tracking Tool
    [infographic]

    Workshop: Develop Meaningful Service Metrics

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Design the Metrics

    The Purpose

    Define stakeholder needs for IT based on their success criteria and identify IT services that are tied to the delivery of business outcomes.

    Derive meaningful service metrics based on identified IT services and validate that metrics can be collected and measured.

    Key Benefits Achieved

    Design meaningful service metrics from stakeholder needs.

    Validate that metrics can be collected and measured.

    Activities

    1.1 Determine stakeholder needs, goals, and pain points.

    1.2 Determine the success criteria and related IT services.

    1.3 Derive the service metrics.

    1.4 Validate the data collection process.

    1.5 Validate metrics with stakeholders.

    Outputs

    Understand stakeholder priorities

    Adopt a business-centric perspective to align IT and business views

    Derive meaningful business metrics that are relevant to the stakeholders

    Determine if and how the identified metrics can be collected and measured

    Establish a feedback mechanism to have business stakeholders validate the meaningfulness of the metrics

    2 Design Reports and Dashboards

    The Purpose

    Determine the most appropriate presentation format based on stakeholder needs.

    Key Benefits Achieved

    Ensure the metrics are presented in the most interesting and stakeholder-centric way possible to guarantee that they are read and used.

    Activities

    2.1 Understand the different presentation options.

    2.2 Assess stakeholder needs for information.

    2.3 Select and design the metric report.

    Outputs

    Learn about infographic, scorecard, formal report, and dashboard presentation options

    Determine how stakeholders would like to view information and how the metrics can be presented to aid decision making

    Select the most appropriate presentation format and create a rough draft of how the report should look

    3 Implement, Track, and Maintain Your Metrics

    The Purpose

    Run a pilot with a smaller sample of defined service metrics to validate your approach.

    Make refinements to the implementation and maintenance processes prior to activating all service metrics.

    Key Benefits Achieved

    High user acceptance and usability of the metrics.

    Processes of identifying and presenting metrics are continuously validated and improved.

    Activities

    3.1 Select the pilot metrics.

    3.2 Gather data and set initial targets.

    3.3 Generate the reports and validate with stakeholders.

    3.4 Implement the service metrics program.

    3.5 Track and maintain the metrics program.

    Outputs

    Select the metrics that should be first implemented based on urgency and impact

    Complete the service intake form for a specific initiative

    Create a process to gather data, measure baselines, and set initial targets

    Establish a process to receive feedback from the business stakeholders once the report is generated

    Identify the approach to implement the metrics program across the organization

    Set up mechanism to ensure the success of the metrics program by assessing process adherence and process validity

    Further reading

    Develop Meaningful Service Metrics

    Select IT service metrics that drive business value.

    ANALYST PERSPECTIVE

    Are you measuring and reporting what the business needs to know?

    “Service metrics are one of the key tools at IT’s disposal in articulating and ensuring its value to the business, yet metrics are rarely designed and used for that purpose.

    Creating IT service metrics directly from business and stakeholder outcomes and goals, written from the business perspective and using business language, is critical to ensuring that the services that IT provides are meeting business needs.

    The ability to measure, manage, and improve IT service performance in relation to critical business success factors, with properly designed metrics, embeds IT in the value chain of the business and ensures IT’s focus on where and how it enables business outcomes.”

    Valence Howden,
    Senior Manager, CIO Advisory
    Info-Tech Research Group

    Our understanding of the problem

    This Research Is Designed For:
    • CIO
    • IT VPs
    This Research Will Help You:
    • Align business/IT objectives (design top-down or outside-in)
    • Significantly improve the relationship between the business and IT aspects of the organization
    • Reinforce desirable actions and behaviors
    This Research Will Also Assist:
    • Service Level Managers
    • Service Owners
    • Program Owners
    This Research Will Help Them
    • Identify unusual deviations from the normal operating state
    • Drive service improvement to maximize service value
    • Validate the value of performance improvements while quantifying and demonstrating benefits realization

    Executive summary

    Situation

    • IT organizations measure services from a technology perspective yet rarely measure services from a business goal/outcome perspective.
    • Most organizations do a poor job of identifying and measuring service outcomes over the duration of a service’s lifecycle – never ensuring the services remain valuable and meet expected long-term ROI.

    Complication

    • IT organizations have difficulty identifying the right metrics to demonstrate the value of IT services to the business in tangible terms.
    • IT metrics, as currently designed, reinforce division between the IT and business perspectives of service performance. They drive siloed thinking and finger-pointing within the IT structure, and prevent IT resources from understanding how their work impacts business value.

    Resolution

    • Our program enables IT to develop the right service metrics to tie IT service performance to business value and user experience.
    • Ensure the metrics you implement have immediate stakeholder value, reinforcing alignment between IT and the business while influencing behavior in the desired direction.
    • Make sure that your metrics are defined in relation to the business goals and drivers, ensuring they will provide actionable outcomes.

    Info-Tech Insight

    1. Service metrics are critical to ensuring alignment of IT service performance and business service value achievement.
    2. Service metrics reinforce positive business and end-user relationships by providing user-centric information that drives responsiveness and consistent service improvement.
    3. Poorly designed metrics drive unintended and unproductive behaviors, which have negative impacts on IT and produce negative service outcomes.

    Service metrics 101

    What are service metrics?

    Service metrics measure IT services in a way that relates to a business outcome. IT needs to measure performance from the business perspective using business language.

    Why do we need service metrics?

    To ensure the business cares about the metrics that IT produces, start with business needs to make sure you’re measuring the right things. This will give IT the opportunity talk to the right stakeholders and develop metrics that will meet their business needs.

    Service metrics are designed with the business perspective in mind, so they are fully aligned with business objectives.

    Perspectives Matter

    Different stakeholders will require different types of metrics. A CEO may require metrics that provide a snapshot of the critical success of the company while a business manager is more concerned about the performance metrics of their department.

    What are the benefits of implementing service metrics?

    Service metrics help IT communicate with the business in business terms and enables IT to articulate how and where they provide business value. Business stakeholders can also easily understand how IT services contribute to their success.

    The majority of CIOs feel metrics relating to business value and stakeholder satisfaction require significant improvement

    A significantly higher proportion of CIOs than CEOs feel that there is significant improvement necessary for business value metrics and stakeholder satisfaction reporting. Stacked horizontal bar chart presenting survey results from CIOs and CXOs of 'Business Value Metrics'. Answer options are 'Effective', 'Some Improvement Necessary', 'Significant Improvement Necessary', and 'Not Required'.N=364

    Stacked horizontal bar chart presenting survey results from CIOs and CXOs of 'Stakeholder Satisfaction Reporting'. Answer options are 'Effective', 'Some Improvement Necessary', 'Significant Improvement Necessary', and 'Not Required'.N=364

    (Source: Info-Tech CIO-CXO Alignment Diagnostic Survey)

    Meaningless metrics are a headache for the business

    A major pitfall of many IT organizations is that they often provide pages of technical metrics that are meaningless to their business stakeholders.

    1. Too Many MetricsToo many metrics are provided and business leaders don’t know what to do with these metrics.
    2. Metrics Are Too TechnicalIT provides technical metrics that are hard to relate to business needs, and methods of calculating metrics are not clearly understood, articulated, and agreed on.
    3. Metrics Have No Business ValueService metrics are not mapped to business goals/objectives and they drive incorrect actions or spend.
    When considering only CEOs who said that stakeholder satisfaction reporting needed significant improvement, the average satisfaction score goes down to 61.6%, which is a drop in satisfaction of 12%.

    A bar that says 73% dropping to a bar that says 61%. Description above.

    (Source: Info-Tech Research Group CIO-CXO Alignment Diagnostic Survey)

    Poorly designed metrics hurt IT’s image within the organization

    By providing metrics that do not articulate the value of IT services, IT reinforces its role as a utility provider and an outsider to strategic decisions.

    When the CIOs believe business value metrics weren’t required, 50% of their CEOs said that significant improvements were necessary.

    Pie Chart presenting the survey results from CEOs regarding 'Business Value Metrics'. Description above.

    (Source: Info-Tech Research Group CIO-CXO Alignment Diagnostic Survey)
    1. Reinforce the wrong behaviorThe wrong metrics drive us-against-them, siloed thinking within IT, and meeting metric targets is prioritized over providing meaningful outcomes.
    2. Do not reflect user experienceMetrics don’t align with actual business/user experience, reinforcing a poor view of IT services.
    3. Effort ≠ ValueInvesting dedicated resources and effort to the achievement of the wrong metrics will only leave IT more constrained for other important initiatives.

    Articulate meaningful service performance that supports the achievement of business outcomes

    Service metrics measure the performance of IT services and how they enable or drive the activity outcomes.

    A business process consists of multiple business activities. In many cases, these business activities require one or more supporting IT services.

    A 'Business Process' broken down to its parts, multiple 'Business Activities' and their 'IT Services'. For each business process, business stakeholders and their goals and objectives should be identified.

    For each business activity that supports the completion of a business process, define the success criteria that must be met in order to produce the desirable outcome.

    Identify the IT services that are used by business stakeholders for each business activity. Measure the performance of these services from a business perspective to arrive at the appropriate service metrics.

    Differentiate between different types of metrics

    Stakeholders have different goals and objectives; therefore, it is critical to identify what type of metrics should be presented to each stakeholder.

    Business Metrics

    Determine Business Success

    Business metrics are derived from a pure business perspective. These are the metrics that the business stakeholders will measure themselves on, and business success is determined using these metrics.

    Arrow pointing right.

    Service Metrics

    Manage Service Value to the Business

    Service metrics are used to measure IT service performance against business outcomes. These metrics, while relating to IT services, are presented in business terms and are tied to business goals.

    Arrow pointing right.

    IT Metrics

    Enable Operational Excellence

    IT metrics are internal to the IT organization and used to manage IT service delivery. These metrics are technical, IT-specific, and drive action for IT. They are not presented to the business, and are not written in business language.

    Implementing service metrics is a key step in becoming a service provider and business partner

    As a prerequisite, IT organizations must have already established a solid relationship with the business and have a clear understanding of its critical business-facing services.

    At the very least, IT needs to have a service-oriented view and understand the specific needs and objectives associated with each stakeholder.

    Visualization of 'Business Relationship Management' with an early point on the line representing 'Service Provider: Establish service-oriented culture and business-centric service delivery', and the end of the line being 'Strategic Partner'.

    Once IT can present service metrics that the business cares about, it can continue on the service provider journey by managing the performance of services based on business needs, determine and influence service demand, and assess service value to maximize benefits to the business.

    Which processes drive service metrics?

    Both business relationship management (BRM) and service level management (SLM) provide inputs into and receive outputs from service metrics.

    Venn Diagram of 'Business Relationship Management', 'Service Metrics', and 'Service Level Management'.

    Business Relationship Management

    BRM works to understand the goals and objectives of the business and inputs them into the design of the service metrics.

    Service Metrics

    BRM leverages service metrics to help IT organizations manage the relationship with the business.

    BRM articulates and manages expectations and ensures IT services are meeting business requirements.

    Which processes drive service metrics?

    Both BRM and SLM provide inputs into and receive outputs from service metrics.

    Venn Diagram of 'Business Relationship Management', 'Service Metrics', and 'Service Level Management'.

    Service Level Management

    SLM works with the business to understand service requirements, which are key inputs in designing the service metrics.

    Service Metrics

    SLM leverages service metrics in overseeing the day-to-day delivery of IT services. It ensures they are provided to meet expected service level targets and objectives.

    Effective service metrics will deliver both service gains and relationship gains

    Effective service metrics will provide the following service gains:

    • Confirm service performance and identify gaps
    • Drive service improvement to maximize service value
    • Validate performance improvements while quantifying and demonstrating business value
    • Ensure service reporting aligns with end-user experience
    • Achieve and confirm process and regulatory compliance
        Which will translate into the following relationship gains:
        • Embed IT into business value achievement
        • Improve relationship between the business and IT
        • Achieve higher customer satisfaction (happier end users receiving expected service, the business is able to identify how things are really performing)
        • Reinforce desirable actions and behaviors from both IT and the business

    Don’t let conventional wisdom become your roadblock

    Conventional Wisdom

    Info-Tech Perspective

    Metrics are measured from an application or technology perspective Metrics need to be derived from a service and business outcome perspective.
    The business doesn’t care about metrics Metrics are not usually designed to speak in business terms about business outcomes. Linking metrics to business objectives creates metrics that the business cares about.
    It is difficult to have a metrics discussion with the business It is not a metrics/number discussion, it is a discussion on goals and outcomes.
    Metrics are only presented for the implementation of the service, not the ongoing outcome of the service IT needs to focus on service outcome and not project outcome.
    Quality can’t be measured Quality must be measured in order to properly manage services.

    Our three-phase approach to service metrics development

    Let Info-Tech guide you through your service metrics journey

    1

    2

    3

    Design Your Metrics Develop and Validate Reporting Implement, Track, and Maintain
    Sample of Phase 1 of Info-Tech's service metric development package, 'Design Your Metrics'. Sample of Phase 2 of Info-Tech's service metric development package, 'Develop and Validate Reporting'. Sample of Phase 3 of Info-Tech's service metric development package, 'Implement, Track, and Maintain'.
    Start the development and creation of your service metrics by keeping business perspectives in mind, so they are fully aligned with business objectives. Identify the most appropriate presentation format based on stakeholder preference and need for metrics. Track goals and success metrics for your service metrics programs. It allows you to set long-term goals and track your results over time.

    CIOs must actively lead the design of the service metrics program

    The CIO must actively demonstrate support for the service metrics program and lead the initial discussions to determine what matters to business leaders.

    1. Lead the initiative by defining the need
      Show visible support and demonstrate importance
    2. Articulate the value to both IT and the business
      Establish the urgency and benefits
    3. Select and assemble an implementation group
      Find the best people to get the job done
    4. Drive initial metrics discussions: goals, objectives, actions
      Lead brainstorming with senior business leaders
    5. Work with the team to determine presentation formats and communication methods
      Identify the best presentation approach for senior stakeholders
    6. Establish a feedback loop for senior management
      Solicit feedback on improvements
    7. Validate the success of the metrics
      Confirm service metrics support business outcomes

    Measure the success of your service metrics

    It is critical to determine if the designed service metrics are fulfilling their intended purpose. The process of maintaining the service metrics program and the outcomes of implementing service metrics need to be monitored and tracked.

    Validating Service Metrics Design

    Target Outcome

    Related Metrics

    The business is enabled to identify and improve service performance to their end customer # of improvement initiatives created based on service metrics
    $ cost savings/revenue generated due to actions derived from service metrics

    Procedure to validate the usefulness of IT metrics

    # / % of service metrics added/removed per year

    Alignment between IT and business objectives and processes Business’ satisfaction with IT

    Measure the success of your service metrics

    It is critical to determine if the designed service metrics are fulfilling their intended purpose. The process of maintaining the service metrics program and the outcomes of implementing service metrics need to be monitored and tracked.

    Validating Service Metrics Process

    Target Outcome

    Related Metrics

    Properly defined service metrics aligned with business goals/outcomes
    Easy understood measurement methodologies
    % of services with (or without) defined service metrics

    % of service metrics tied to business goals

    Consistent approach to review and adjust metrics# of service metrics adjusted based on service reviews

    % of service metrics reviewed on schedule

    Demonstrate monetary value and impact through the service metrics program

    In a study done by the Aberdeen Group, organizations engaged in the use of metrics benchmarking and measurement have:
    • 88% customer satisfaction rate
    • 60% service profitability
    • 15% increase in workforce productivity over the last 12 months

    Stock image of a silhouette of three people's head and shoulders.
    (Source: Aberdeen Group. “Service Benchmarking and Measurement.”)

    A service metric is defined for: “Response time for Business Application A

    The expected response time has not been achieved and this is visible in the service metrics. The reduced performance has been identified as having an impact of $250,000 per month in lost revenue potential.

    The service metric drove an action to perform a root-cause analysis, which identified a network switch issue and drove a resolution action to fix the technology and architect redundancy to ensure continuity.

    The fix eliminated the performance impact, allowing for recovery of the $250K per month in revenue, improved end-user confidence in the organization, and increased use of the application, creating additional revenue.

    Implementing and measuring a video conferencing service

    CASE STUDY
    Industry: Manufacturing | Source: CIO interview and case material
    Situation

    The manufacturing business operates within numerous countries and requires a lot of coordination of functions and governance oversight. The company has monthly meetings, both regional and national, and key management and executives travel to attend and participate in the meetings.

    Complication

    While the meetings provide a lot of organizational value, the business has grown significantly and the cost of business travel has started to become prohibitive.

    Action

    It was decided that only a few core meetings would require onsite face-to-face meetings, and for all other meetings, the company would look at alternative means. The face-to-face aspect of the meetings was still considered critical so they focused on options to retain that aspect.

    The IT organization identified that they could provide a video conferencing service to meet the business need. The initiative was approved and rolled out in the organization.

    Result:

    IT service metrics needed to be designed to confirm that the expected value outcome of the implementation of video conferencing was achieved.

    Under the direction of the CIO, the business goals and needs driving use of the service (i.e. reduction in travel costs, efficiency, no loss of positive outcome) were used to identify success criteria and key questions to confirm success.

    With this information, the service manager was able to implement relevant service metrics in business language and confirmed an 80% adoption rate and a 95% success rate in term meetings running as expected and achieving core outcomes.

    Use these icons to help direct you as you navigate this research

    Use these icons to help guide you through each step of the blueprint and direct you to content related to the recommended activities.

    A small monochrome icon of a wrench and screwdriver creating an X.

    This icon denotes a slide where a supporting Info-Tech tool or template will help you perform the activity or step associated with the slide. Refer to the supporting tool or template to get the best results and proceed to the next step of the project.

    A small monochrome icon depicting a person in front of a blank slide.

    This icon denotes a slide with an associated activity. The activity can be performed either as part of your project or with the support of Info-Tech team members, who will come onsite to facilitate a workshop for your organization.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Develop meaningful service metrics to ensure business and user satisfaction

    1. Design the Metrics 2. Design Reports and Dashboards 3. Implement, Track, and Maintain
    Supporting Tool icon

    Best-Practice Toolkit

    1. Defining stakeholder needs for IT based on their success criteria
    2. Derive meaningful service metrics based on identified IT services and validate with business stakeholders
    3. Validate metrics can be collected and measured
    4. Determine calculation methodology
    1. Presentation format selected based on stakeholder needs and preference for information
    2. Presentation format validated with stakeholders
    1. Identify metrics that will be presented first to the stakeholders based on urgency or impact of the IT service
    2. Determine the process to collect data, select initial targets, and integrate with SLM and BRM functions
    3. Roll out the metrics implementation for a broader audience
    4. Establish roles and timelines for metrics maintenance

    Guided Implementations

    • Design metrics based on business needs
    • Validate the metrics
    • Select presentation format
    • Review metrics presentation design
    • Select and implement pilot metrics
    • Determine rollout process and establish maintenance/tracking mechanism
    Associated Activity icon

    Onsite Workshop

    Module 1:
    Derive Service Metrics From Business Goals
    Module 2:
    Select and Design Reports and Dashboards
    Module 3:
    Implement, Track, and Maintain Your Metrics to Ensure Success
    Phase 1 Outcome:
    • Meaningful service metrics designed from stakeholder needs
    Phase 2 Outcome:
    • Appropriate presentation format selected for each stakeholder
    Phase 3 Outcome:
    • Metrics implemented and process established to maintain and track program success

    Workshop overview

    Contact your account representative or email Workshops@InfoTech.com for more information.
    Workshop Day 1 Workshop Day 2 Workshop Day 3 Workshop Day 4
    Design the Metrics
    Determine Presentation Format and Implement Metrics
    Gather Service Level Requirements
    Monitor and Improve Service Levels

    Activities

    • 1.1 Determine stakeholder needs
    • 1.2 Determine success criteria and key performance indicators
    • 1.3 Derive metrics
    • 1.4 Validate the metric collection
    • 2.1 Discuss stakeholder needs/preference for data and select presentation format
    • 2.2 Select and design the metric report
    • Requirements
    • 3.1 Determine the business requirements
    • 3.2 Negotiate service levels
    • 3.3 Align operational level agreements (OLAs) and supplier contracts
    • 4.1 Conduct service report and perform service review
    • 4.2 Communicate service review
    • 4.3 Remediate issues using action plan
    • 4.4 Proactive prevention

    Deliverables

    1. Metrics Development Workbook
    1. Metrics Presentation Format Selection Guide
    2. Metrics Tracking Tool
    1. Service Level Management SOP
    2. Service Level Agreement
    1. Service Level Report
    2. Service Level Review
    3. Business Satisfaction Report

    Develop Meaningful Service Metrics to Ensure Business and User Satisfaction

    PHASE 1

    Design the Metrics

    Step (1): Design the Metrics

    PHASE 1 PHASE 2 PHASE 3

    1.1

    Derive the Service Metrics

    1.2

    Validate the Metrics

    2.1

    Determine Reporting Format

    3.1

    Select Pilot Metrics

    3.2

    Activate and Maintain Metrics

    This step involves the following participants:

    • CIO
    • Business Relationship Manager (BRM)
    • Service Level Manager (SLM)

    Outcomes of this step

    • Defined stakeholder needs for IT based on their success criteria
    • Identified IT services that are tied to the delivery of business outcomes
    • Derived meaningful service metrics based on identified IT services and validated with business stakeholders
    • Validated that metrics can be collected and measured
    • Determined calculation methodology

    Phase 1 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 1: Design the Metrics

    Proposed Time to Completion (in weeks): 4 weeks
    Step 1.1: Design Metrics Step 1.2: Validate the Metrics
    Start with an analyst kick-off call:
    • Determine the stakeholder and their needs
    • Identify IT services that are tied to the delivery of business outcomes
    • Derive the service metrics
    Review findings with analyst:
    • For the selected metrics, identify the data source for collection
    • Validate whether or not the data can be created
    • Create a calculation method for the metrics
    Then complete these activities…
    • Using the methodology provided, identify additional stakeholders and map out their success criteria, including KPIs to determine the appropriate service metrics
    Then complete these activities…
    • Determine whether the designed metrics are measurable, and if so, how
    With these tools & templates:
    • Metrics Development Workbook
    With these tools & templates:
    • Metrics Development Workbook

    Design your service metrics – overview

    Figure representing 'CIO'. Step 1
    Derive your service metrics

    Metrics Worksheet

    Figure representing 'SLM' and/or 'BRM'. Step 2
    Validate your metrics

    Metrics Worksheet

    Figures representing 'CIO', 'SLM', and/or 'BRM'. Step 3
    Confirm with stakeholders

    Metrics Tracking Sheet

    A star.

    Defined IT Service Metrics

    Deriving the right metrics is critical to ensuring that you will generate valuable and actionable service metrics.

    Derive your service metrics from business objectives and needs

    Service metrics must be designed with the business perspective in mind so they are fully aligned with business objectives.

    Thus, IT must start by identifying specific stakeholder needs. The more IT understands about the business, the more relevant the metrics will be to the business stakeholders.

    1. Who are your stakeholders?
    2. What are their goals and pain points?
    3. What do the stakeholders need to know?
    4. What do I need to measure?
    5. Derive your service metrics

    Derive your service metrics

    Supporting Tool icon 1.1 Metrics Development Workbook

    This workbook guides the development and creation of service metrics that are directly tied to stakeholder needs.

    This process will ensure that your service metrics are designed with the business perspective in mind so they are fully aligned with business objectives.

    1. Who are the relevant stakeholders?
    2. What are the goals and pain points of your stakeholders?
    3. What do the stakeholders need to know?
    4. What does IT need to measure?
    5. What are the appropriate IT metrics?

    Download the Metrics Development Workbook.

    Sample of Info-Tech's Metrics Development Workbook.

    Determine your stakeholders

    Supporting Tool icon 1.1 0.5 Hour

    Who are your stakeholders?

    1. Identify the primary stakeholders of your service metrics. Stakeholders are the people who have a very specific need to know about how IT services affect their business outcomes. Different stakeholders can have different perspective on the same IT service metric.Most often, the primary target of service metrics are the business stakeholders, e.g. VP of a business unit.
    2. Identify any additional stakeholders. The CIO is also a stakeholder since they are effectively the business relationship manager for the senior leaders.

    Video Conferencing Case Study
    Manufacturing company

    For this phase, we will demonstrate how to derive the service metrics by going through the steps in the methodology.

    At a manufacturing company, the CIO’s main stakeholder is the CEO, whose chief concern is to improve the financial position of the company.

    Identify goals and pain points of your stakeholders

    Supporting Tool icon 1.2 0.5 Hour

    What are their goals and pain points?

    1. Clearly identify each stakeholder’s business goals and outcomes. These would be particular business goals related to a specific business unit.
    2. Identify particular pain points for each business unit to understand what is preventing them from achieving the desirable business outcome.

    VC Case Study

    One of the top initiatives identified by the company to improve financial performance was to reduce expense.

    Because the company has several key locations in different states, company executives used to travel extensively to carry out meetings at each location.

    Therefore, travel expenses represent a significant proportion of operational expenses and reducing travel costs is a key goal for the company’s executives.

    What do the stakeholders need to know?

    Supporting Tool icon 1.3 0.5 Hour

    What do the stakeholders need to know?

    1. Identify the key things that the stakeholders would need to know based on the goals and pain points derived from the previous step.These are your success criteria and must be met to successfully achieve the desired goals.

    VC Case Study

    The CEO needs to have assurance that without executives traveling to each location, remote meetings can be as effective as in-person meetings.

    These meetings must provide the same outcome and allow executives to collaborate and make similar strategic decisions without the onsite, physical presence.

    Therefore, the success criteria are:

    • Reduced travel costs
    • Effective collaboration
    • High-quality meetings

    What do I need to measure?

    Supporting Tool icon 1.4 1 Hour

    What does IT need to measure?

    1. Identify the IT services that are leveraged to achieve the business goals and success criteria.
    2. Identify the users of those services and determine the nature of usage for each group of users.
    3. Identify the key indicators that must be measured for those services from an IT perspective.

    VC Case Study

    The IT department decides to implement the video conferencing service to reduce the number of onsite meetings. This technology would allow executives to meet remotely with both audio and video and is the best option to replicate a physical meeting.

    The service is initially available to senior executives and will be rolled out to all internal users once the initial implementation is deemed successful.

    To determine the success of the service, the following needs to be measured:

    1. Outcomes of VC meetings
    2. Quality of the VC meetings
    3. Reduction in travel expenses

    Derive service metrics

    Supporting Tool icon 1.5 0.5 Hour

    Derive your service metrics

    1. Derive the service metrics that are meaningful to business stakeholders based on the IT services and the key indicators identified in the previous steps.
    2. Distinguish between service metrics and business metrics. You may identify some business metrics in addition to the IT metrics, and although these are important, IT doesn’t own the process of tracking and reporting business metrics.

    VC Case Study

    In the previous step, IT identified that it must measure the outcomes of VC meetings, quality of the VC meetings, and the reduction in travel expenses. From these, the appropriate service metrics can be derived to answer the needs of the CEO.

    IT needs to measure:

    1. Percent of VC meetings successfully delivered
    2. Growth of number of executive meetings conducted via VC
    Outcomes

    IT also identified the following business metrics:

    1. Reduction in percent of travel expense/spend
    2. Reduction in lost time due to travel

    Validate your metrics

    Once appropriate service metrics are derived from business objectives, the next step is to determine whether or not it is viable to actually measure the metrics.

    Can you measure it? The first question IT must answer is whether the metric is measurable. IT must identify the data source, validate its ability to collect the data, and specify the data requirement. Not all metrics can be measured!
    How will you measure it? If the metric is measurable, the next step is to create a way to measure the actual data. In most cases, simple formulas that can be easily understood are the best approach.
    Define your actions Metrics must be used to drive or reinforce desirable outcomes and behaviors. Thus, IT must predetermine the necessary actions associated with the different metric levels, thresholds, or trends.

    Determine if you can measure the identified metric

    Supporting Tool icon 1.6 0.5 Hour

    INSTRUCTIONS

    1. Determine what data sources are available. Make sure that you know where the information you need is captured, or will need to be captured. This would include:
      • A ticket/request system
      • An auto discovery tool
      • A configuration management database ( CMDB)
    2. Confirm that IT has the ability to collect the information.
      • If the necessary data is already contained in an identified data source, then you can proceed.
      • If not, consider whether it’s possible to gather the information using current sources and systems.
      • Understand the constraints and cost/ROI to implement new technology or revise processes and data gathering to produce the data.

    VC Case Study

    Using the metric derived from the video conferencing service example, IT wants to measure the % of VC meetings successfully delivered.

    What are the data sources?

    • Number of VC meetings that took place
    • Number of service incidents
    • User survey

    Determine if you can measure the identified metric

    Supporting Tool icon 1.6 0.5 Hour

    INSTRUCTIONS

    1. Understand your data requirements
      • To produce relevant metrics from your data, you need to ensure the level of quality and currency that provides you with useful information. You need to define:
        • The level of detail that has to be captured to make the data useful.
        • The consistency of the data, and how it needs to be entered or gathered.
        • The accuracy of the data. This includes how current the data needs to be, how quickly changes have to be made, and how data quality will be verified.

    VC Case Study

    Data requirement for percent of successful VC meetings:

    • Level of detail – user category, location, date/time,
    • Consistency – how efficiently are VC-related incidents opened and closed? Is the data collected and stored consistently?
    • Accuracy – is the information entered accurately?

    Create the calculation to measure it

    Supporting Tool icon 1.7 0.5 Hour

    Determine how to calculate the metrics.

    INSTRUCTIONS
    1. Develop the calculations that will be used for each accepted metric. The measurement needs to be clear and straightforward.
    2. Define the scope and assumptions for each calculation, including:
      • The defined measurement period (e.g. monthly, weekly)
      • Exclusions (e.g. nonbusiness hours, during maintenance windows)

    VC Case Study

    Metric: Percent of VC meetings delivered successfully

    IT is able to determine the total number of VC meetings that took place and the number of VC service requests to the help desk.

    That makes it possible to use the following formula to determine the success percentage of the VC service:

    ((total # VC) – (# of VC with identified incidents)) / (total # VC) * 100

    Define the actions to be taken for each metric

    Supporting Tool icon 1.7 1.5 Hour

    INSTRUCTIONS

    Centered on the defined metrics and their calculations, IT can decide on the actions that should be driven out of each metric based on one of the following scenarios:
    • Scenario 1: Ad hoc remedial action and root-cause investigation. If the reason for the result is unknown, determining root cause or identifying trends is required to determine required actions.
    • Scenario 2: Predefined remedial action. A set of predetermined actions associated with different results. This is useful when the meaning of the results is clear and points to specific issues within the environment.
    • Scenario 3: Nonremedial action. The metrics may produce a result that reinforces or supports company direction and strategy, or identifies an opportunity that may drive a new initiative or idea.

    VC Case Study

    If the success rate of the VC meetings is below 90%, IT needs to focus on determining if there is a common cause and identify if this is a consistent downward trend.

    A root-cause analysis is performed that identifies that network issues are causing difficulties, impacting the connection quality and usability of the VC service.

    Validate the confirmed metrics with the business

    Supporting Tool icon 1.8 1 Hour

    INPUT: Selected service metrics, Discussion with the business

    OUTPUT: Validated metrics with the business

    Materials: Metrics with calculation methodology

    Participants: IT and business stakeholders, Service owners

    INSTRUCTIONS

    1. Once you have derived the appropriate metrics and established that the metrics are measurable, you must go back to the targeted stakeholders and validate that the selected metrics will provide the right information to meet their identified goals and success criteria.
    2. Add confirmed metrics to the Metrics Tracking Tool, in the Metrics Tracking Plan tab.
    Service Metric Corresponding
    Business Goal
    Measurement
    Method
    Defined Actions

    Example: Measuring the online banking service at a financial institution

    Who are IT’s stakeholders? The financial institution provides various banking solutions to its customers. Retail banking is a core service offered by the bank and the VP of retail banking is a major stakeholder of IT.
    What are their goals and pain points? The VP of retail banking’s highest priorities are to increase revenue, increase market share, and maintain the bank’s brand and reputation amongst its customers.
    What do they need to know? In order to measure success, the VP of retail banking needs to determine performance in attracting new clients, retaining clients, expanding into new territory, and whether they have increased the number of services provided to existing clients.
    What does IT need to measure? The recent implementation of an online banking service is a key initiative that will keep the bank competitive and help retail banking meet its goals. The key indicators of this service are: the total number of clients, the number of products per client, percent of clients using online banking, number of clients by segment, service, territory.
    Derive the service metrics Based on the key indicators, IT can derive the following service metrics:
    1. Number of product applications originated from online banking
    2. Customer satisfaction/complaints
    As part of the process, IT also identified some business metrics, such as the number of online banking users per month or the number of times a client accesses online banking per month.

    Design service metrics to track service performance and value

    CASE STUDY
    Industry: Manufacturing | Source: CIO
    Challenge Solution Results
    The IT organization needed to generate metrics to show the business whether the video conferencing service was being adopted and if it was providing the expected outcome and value.

    Standard IT metrics were technical and did not provide a business context that allowed for easy understanding of performance and decision making.

    The IT organization, working through the CIO and service managers, sat down with the key business stakeholders of the video conferencing service.

    They discussed the goals for the meeting and defined the success criteria for those goals in the context of video conference meeting outcomes.

    The success criteria that were discussed were then translated into a set of questions (key performance indicators) that if answered, would show that the success criteria were achieved.

    The service manager identified what could be measured to answer the defined questions and eliminated any metrics that were either business metrics or non-IT related.

    The remaining metrics were identified as the possible service metrics, and the ability to gather the information and produce the metric was confirmed.

    Service metrics were defined for:

    1. Percent of video conference meetings delivered successfully
    2. Growth in the number of executive meetings conducted via video conference

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of Valence Howden, Senior Manager, CIO Advisory, Info-Tech Research Group.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    1.1

    Sample of activity 1.1 'Determine your stakeholders'. Determine stakeholder needs, goals, and pain points

    The onsite analyst will help you select key stakeholders and analyze their business objectives and current pain points.

    1.2

    Sample of activity 1.2 'Identify goals and pain points of your stakeholders'. Determine the success criteria and related IT services

    The analyst will facilitate a discussion to uncover the information that these stakeholders care about. The group will also identify the IT services that are supporting these objectives.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    1.5

    Sample of activity 1.5 'Derive service metrics'. Derive the service metrics

    Based on the key performance indicators obtained in the previous page, derive meaningful business metrics that are relevant to the stakeholders.

    1.6

    Sample of activity 1.6 'Determine if you can measure the identified metric'. Validate the data collection process

    The analyst will help the workshop group determine whether the identified metrics can be collected and measured. If so, a calculation methodology is created.

    1.7

    Sample of activity 1.7 'Create the caluclation to measure it'. Validate metrics with stakeholders

    Establish a feedback mechanism to have business stakeholders validate the meaningfulness of the metrics.

    Develop Meaningful Service Metrics to Ensure Business and User Satisfaction

    PHASE 2

    Design Reports and Dashboards

    Step (2): Design Reports and Dashboards

    PHASE 1PHASE 2PHASE 3

    1.1

    Derive the Service Metrics

    1.2

    Validate the Metrics

    2.1

    Determine Reporting Format

    3.1

    Select Pilot Metrics

    3.2

    Activate and Maintain Metrics

    This step involves the following participants:

    • Business Relationship Manager
    • Service Level Manager
    • Business Stakeholders

    Outcomes of this step

    • Presentation format selected based on stakeholder needs and preference for information
    • Presentation format validated with stakeholders

    Phase 2 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 2: Design Reports and Dashboards

    Proposed Time to Completion (in weeks): 3 weeks
    Step 2.1: Select Presentation Format Step 2.2: Review Design
    Start with an analyst kick-off call:
    • Review the different format of metrics presentation and discuss the pros/cons of each format
    • Discuss stakeholder needs/preference for data
    • Select the presentation format
    Review findings with analyst:
    • Discuss stakeholder feedback based on selected presentation format
    • Modify and adjust the presentation format as needed
    Then complete these activities…
    • Design the metrics using the selected format
    Then complete these activities…
    • Finalize the design for metrics presentation
    With these tools & templates:
    • Metrics Presentation Format Selection Guide
    With these tools & templates:
    • Metrics Presentation Format Selection Guide

    Design the reports – overview

    Figure representing 'SLM' and/or 'BRM'. Step 1
    Understand the pros and cons of different reporting styles
    Figure representing 'SLM' and/or 'BRM'. Step 2
    Determine your reporting and presentation style

    Presentation Format Selection

    Figure representing 'SLM' and/or 'BRM'. Step 3
    Design your metrics reports
    A star.

    Validated Service Reports

    The design of service metrics reporting is critically important. The reporting style must present the right information in the most interesting and stakeholder-centric way possible to ensure that it is read and used.

    The reports must also display information in a way that generates actions. If your stakeholders cannot make decisions, kick off activities, or ask questions based on your reports, then they have no value.

    Determine the right presentation format for your metrics

    Most often, metrics are presented in the following ways:

    Dashboard
    (PwC. “Mega-Trends and Implications.”)
    Sample of the 'Dashboard' metric presentation format.
    Infographic
    (PwC. “Healthcare’s new entrants.”)
    Sample of the 'Infographic' metric presentation format.
    Report
    (PwC Blogs. “Northern Lights.”)
    Sample of the 'Report' metric presentation format.
    Scorecard
    (PwC. “Annual Report 2015.”)
    Sample of the 'Scorecard' metric presentation format.

    Understand the advantages and disadvantages of each reporting style – Dashboard

    A dashboard is a reporting method that provides a dynamic at-a-glance view of key metrics from the perspective of key stakeholders. It provides a quick graphical way to process important performance information in real time.

    Features

    Typically web-based

    Dynamic data that is updated in real time

    Advantage

    Aggregates a lot of information into a single view

    Presents metrics in a simplistic style that is well understood

    Provides a quick point-in-time view of performance

    Easy to consume visual presentation style

    Disadvantage

    Complicated to set up well.
    Requires additional technology support: programming, API, etc.

    Promotes a short-term outlook – focus on now, no historical performance and no future trends. Doesn’t provide the whole picture and story.

    Existing dashboard tools are often not customized enough to provide real value to each stakeholder.

    Dashboards present real-time metrics that can be accessed and viewed at any time

    Sample of the 'Dashboard' metric presentation format.
    (Source: PwC. “Mega-Trends and Implications.”)
    Metrics presented through online dashboards are calculated in real time, which allows for a dynamic, current view into the performance of IT services at any time.

    Understand the advantages and disadvantages of each reporting style – Infographic

    An infographic is a graphical representation of metrics or data, which is used to show information quickly and clearly. It’s based on the understanding that people retain and process visual information more readily than written details.

    Features

    Turns dry into attractive –transforms data into eye-catching visual memory that is easier to retain

    Can be used as the intro to a formal report

    There are endless types of infographics

    Advantage

    Easily consumable

    Easy to retain

    Eye catching

    Easily shared

    Spurs conversation

    Customizable

    Disadvantage

    Require design expertise and resources

    Can be time consuming to generate

    Could be easily misinterpreted

    Message can be lost with poor design

    Infographics allow for completely unique designs

    Sample of the 'Infographic' metric presentation format.
    (Source: PwC. “Healthcare’s new entrants…”)
    There is no limit when it comes to designing an infographic. The image used here visually articulates the effects of new entrants pulling away the market.

    Understand the advantages and disadvantages of each reporting style – Formal Report

    A formal report is a more structured and official reporting style that contains detailed research, data, and information required to enable specific business decisions, and to help evaluate performance over a defined period of time.

    Definition

    Metrics can be presented as a component of a periodic, formal report

    A physical document that presents detailed information to a particular audience

    Advantage

    More detailed, more structured and broader reporting period

    Formal, shows IT has put in the effort

    Effectively presents a broader and more complete story

    Targets different stakeholders at the same time

    Disadvantage

    Requires significant effort and resources

    Higher risk if the report does not meet the expectation of the business stakeholder

    Done at a specific time and only valuable for that specific time period

    Harder to change format

    Formal reports provide a detailed view and analysis of performance

    Sample of the 'Formal Report' metric presentation format.
    (Source: PwC Blogs. “Northern Lights: Where are we now?”)
    An effective report incorporates visuals to demonstrate key improvements.

    Formal reports can still contain visuals, but they are accompanied with detailed explanations.

    Understand the advantages and disadvantages of each reporting style – Scorecard

    A scorecard is a graphic view of the progress and performance over time of key performance metrics. These are in relation to specified goals based on identified critical stakeholder objectives.

    Features

    Incorporates multiple metrics effectively.

    Scores services against the most important organizational goals and objectives. Scorecards may tie back into strategy and different perspectives of success.

    Advantage

    Quick view of performance against objectives

    Measure against a set of consistent objectives

    Easily consumable

    Easy to retain

    Disadvantage

    Requires a lot of forethought

    Scorecards provide a time-bound summary of performance against defined goals

    Sample of the 'Scorecard' metric presentation format.
    (PwC. “Annual Report 2015.”)
    Scorecards provide a summary of performance that is directly linked to the organizational KPIs.

    Determine your report style

    Supporting Tool icon 2.1 Metrics Presentation Format Selection Guide

    In this section, you will determine the optimal reporting style for the service metrics.

    This guide contains four questions, which will help IT organizations identify the most appropriate presentation format based on stakeholder preference and needs for metrics.

    1. Who is the relevant stakeholder?
    2. What are the defined actions for the metric?
    3. How frequently does the stakeholder need to see the metric?
    4. How does the stakeholder like to receive information?
    Sample of Info-Tech's Metrics Presentation Format Selection Guide.
    Download the Metrics Presentation Format Selection Guide.

    Determine your best presentation option

    Supporting Tool icon 2.1 2 Hours

    INPUT: Identified stakeholder and his/her role

    OUTPUT: Proper presentation format based on need for information

    Materials: Metrics Presentation Format Selection Guide

    Participants: BRM, SLM, Program Manager

    After deciding on the report type to be used to present the metric, the organization needs to consider how stakeholders will consume the metric.

    There are three options based on stakeholder needs and available presentation options within IT.

    1. Paper-based presentation is the most traditional form of reporting and works well with stakeholders who prefer physical copies. The report is produced at a specific time and requires no additional IT capability.
    2. Online documents stored on webpages, SharePoint, or another knowledge management system could be used to present the metrics. This allows the report to be linked to other information and easily shared.
    3. Online dashboards and graphics can be used to have dynamic, real-time reporting and anytime access. These webpages can be incorporated into an intranet and allow the user to view the metrics at any time. This will require IT to continuously update the data in order to maintain the accuracy of the metrics.

    Design your metric reports with these guidelines in mind

    Supporting Tool icon 2.2 30 Minutes
    1. Stakeholder-specificThe report must be driven by the identified stakeholder needs and preferences and articulate the metrics that are important to them.
    2. ClarityTo enable decision making and drive desired actions, the metrics must be clear and straightforward. They must be presented in a way that clearly links the performance measurement to the defined outcome without leading to different interpretations of the results.
    3. SimplicityThe report must be simple to read, understand, and analyze. The language of the report must be business-centric and remove as much complexity as possible in wording, imaging, and context.

    Be sure to consider access rights for more senior reports. Site and user access permissions may need to be defined based on the level of reporting.

    Metrics reporting on the video conferencing service

    CASE STUDY
    Industry: Manufacturing | Source: CIO Interview
    The Situation

    The business had a clear need to understand if the implementation of video conferencing would allow previously onsite meetings to achieve the same level of effectiveness.

    Reporting Context

    Provided reports had always been generated from an IT perspective and the business rarely used the information to make decisions.

    The metrics needed to help the business understand if the meetings were remaining effective and be tied into the financial reporting against travel expenses, but there would be limited visibility during the executive meetings.

    Approach

    The service manager reviewed the information that he had gathered to confirm how often they needed information related to the service. He also met with the CIO to get some insight into the reports that were already being provided to the business, including the ones that were most effective.

    Considerations

    The conversations identified that there was no need for a dynamic real-time view of the performance of the service, since tracking of cost savings and utility would be viewed monthly and quarterly. They also identified that the item would be discussed within a very small window of time during the management meetings.

    The Solution

    It was determined that the best style of reporting for the metric was an existing scorecard that was produced monthly, using some infographics to ensure that the information is clear at a glance to enable quick decision making.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of Valence Howden, Senior Manager, CIO Advisory, Info-Tech Research Group.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    2.1

    Sample of presentation format option slide 'Determine the right presentation format for your metrics'. Understand the different presentation options

    The onsite analyst will introduce the group to the communication vehicles of infographic, scorecard, formal report, and dashboard.

    2.1

    Sample of activity 2.1 'Determine your best presentation option'. Assess stakeholder needs for information

    For selected stakeholders, the analyst will facilitate a discussion on how stakeholders would like to view information and how the metrics can be presented to aid decision making.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    2.2

    Sample of activity 2.2 'Design your metric reports with these guidelines in mind'. Select and design the metric report

    Based on the discussion, the working group will select the most appropriate presentation format and create a rough draft of how the report should look.

    Develop Meaningful Service Metrics to Ensure Business and User Satisfaction

    PHASE 3

    Implement, Track, and Maintain Your Metrics

    Step (3): Implement, Track, and Maintain Your Metrics

    PHASE 1PHASE 2PHASE 3

    1.1

    Derive the Service Metrics

    1.2

    Validate the Metrics

    2.1

    Determine Reporting Format

    3.1

    Select Pilot Metrics

    3.2

    Activate and Maintain Metrics

    This step involves the following participants:

    • Service Level Manager
    • Business Relationship Manager
    • Service Metrics Program Manager

    Activities in this step

    • Determine the first batch of metrics to be implemented as part of the pilot program
    • Create a process to collect and validate data, determine initial targets, and integrate with SLM and BRM functions
    • Present the metric reports to the relevant stakeholders and incorporate the feedback into the metric design
    • Establish a standard process and roll out the implementation of metrics in batches
    • Establish a process to monitor and track the effectiveness of the service metrics program and make adjustments when necessary

    Phase 3 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 3: Implement, Track, and Maintain Your Metrics

    Proposed Time to Completion (in weeks): 4 weeks
    Step 3.1: Select and Launch Pilot Metrics Step 3.2: Track and Maintain the Metrics
    Start with an analyst kick-off call:
    • Identify metrics that will be presented first to the stakeholders based on urgency or impact of the IT service
    • Determine the process to collect data, select initial targets, and integrate with SLM and BRM functions
    Review findings with analyst:
    • Review the success of metrics and discuss feedback from stakeholders
    • Roll out the metrics implementation to a broader audience
    • Establish roles and timelines for metrics maintenance
    Then complete these activities…
    • Document the first batch of metrics
    • Document the baseline, initial targets
    • Create a plan to integrate with SLM and BRM functions
    Then complete these activities…
    • Create a document that defines how the organization will track and maintain the success of the metrics program
    • Review the metrics program periodically
    With these tools & templates:
    • Metrics Tracking Tool
    With these tools & templates:
    • Metrics Tracking Tool

    Implement, Track, and Maintain the Metrics

    Figure representing 'SLM' and/or 'BRM'. Step 1
    Run your pilot

    Metrics Tracking Tool

    Figure representing 'SLM' and/or 'BRM'. Step 2
    Validate success

    Metrics Tracking Tool

    Figure representing 'SLM' and/or 'BRM'. Step 3
    Implement your metrics program in batches

    Metrics Tracking Tool

    A star.

    Active Service Metrics Program

    Once you have defined the way that you will present the metrics, you are ready to run a pilot with a smaller sample of defined service metrics.

    This allows you to validate your approach and make refinements to the implementation and maintenance processes where necessary, prior to activating all service metrics.

    Track the performance of your service metrics

    Supporting Tool icon 3.1

    The Metrics Tracking Tool will enable you to track goals and success metrics for your service metrics programs. It allows you to set long-term goals and track your results over time.

    There are three sections in this tool:
    1. Metrics Tracking Plan. Identify the metrics to be tracked and their purpose.
    2. Metrics Tracking Actuals. Monitor and track the actual performance of the metrics.
    3. Remediation Tracking. Determine and document the steps that need to be taken to correct a sub-performing metric.
    Sample of Info-Tech's Metrics Tracking Tool.

    Select pilot metrics

    Supporting Tool icon 3.1 30 Minutes

    INPUT: Identified services, Business feedback

    OUTPUT: Services with most urgent need or impact

    Materials: Service catalog or list of identified services

    Participants: BRM, SLM, Business representatives

    To start the implementation of your service metrics program and drive wider adoption, you need to run a pilot using a smaller subset of metrics.

    INSTRUCTIONS

    To determine the sample for the pilot, consider metrics that:

    • Are related to critical business services and functions
    • or
    • Address known/visible pain points for the business
    • or
    • Were designed for supportive or influential stakeholders

    Metrics that meet two or more criteria are ideal for the pilot

    Collect and validate data

    Supporting Tool icon 3.2 1 Hour

    INPUT: Identified metrics

    OUTPUT: A data collection mythology, Metrics tracking

    Materials: Metrics

    Participants: SLM, BRM, Service owner

    You will need to start collection and validation of your identified data in order to calculate the results for your pilot metrics.

    INSTRUCTIONS

    1. Initiate data collection
      • Use the data sources identified during the design phase and initiate the data collection process.
    2. Determine start date
      • If historical data can be retrieved and gathered, determine how far back you want your measurements to start.
    3. Compile data and validate
      • Ensure that the information is accurate and up to date. This will require some level of data validation and audit.
    4. Run the metric
      • Use the defined calculation and source data to generate the metrics result.
    5. Record metrics results
      • Use the metrics tracking sheet to track the actual results.

    Determine initial targets

    Supporting Tool icon 3.3 1 Hour

    INPUT: Historical data/baseline data

    OUTPUT: Realistic initial target for improvement

    Materials: Metrics Tracking Tool

    Participants: BRM, SLM, Service owner

    INSTRUCTIONS

    Identify an initial service objective based on one or more of the following options:

    1. Establish an initial target using historical data and trends of performance.
    2. Establish an initial target based on stakeholder-identified requirements and expectations.
    3. Run the metrics report over a defined period of time and use the baseline level of achievement to establish an initial target.

    The target may not always be a number - it could be a trend. The initial target will be changed after review with stakeholders

    Integrate with SLM and BRM processes

    Supporting Tool icon 3.4 1 Hour

    INPUT: SLM and BRM SOPs or responsibility documentations

    OUTPUT: Integrate service metrics into the SLM/BRM role

    Materials: SLM / BRM reports

    Participants: SLM, BRM, CIO, Program manager, Service manager

    The service metrics program is usually initiated, used, and maintained by the SLM and BRM functions.

    INSTRUCTIONS

    Ensure that the metrics pilot is integrated with those functions by:

    1. Engaging with SLM and BRM functions/resources
      • Identify SLM and BRM resources associated with or working on the services where the metrics are being piloted
      • Obtain their feedback on the metrics/reporting
    2. Integrating with the existing reporting and meeting cycles
      • Ensure the metrics will be calculated and available for discussion at standing meetings and with existing reports
    3. Establishing the metrics review and validation cycle for these metrics
      • Confirm the review and validation period for the metrics in order to ensure they remain valuable and actionable

    Generate reports and present to stakeholders

    Supporting Tool icon 3.5 1 Hour

    INPUT: Identified metrics, Selected presentation format

    OUTPUT: Metrics reports that are ready for distribution

    Materials: Metrics Presentation Format Selection Guide

    Participants: BRM, SLM, CIO, Business representatives

    INSTRUCTIONS

    Once you have completed the calculation for the pilot metrics:

    1. Confirm the report style for the selected metrics (as defined in Phase 2)
    2. Generate the reporting for the pilot metrics
    3. Present the pilot metric reports to the identified BRM and SLM resources who will present the reporting to the stakeholders
    4. Gather feedback from Stakeholders on metrics - results and process
    5. Create and execute remediation plans for any actions identified from the metrics
    6. Initiate the review cycle for metrics (to ensure they retain value)

    Plan the rollout and implementation of the metrics reporting program

    Supporting Tool icon 3.6 1 Hour

    INPUT: Feedback from pilot, Services in batch

    OUTPUT: Systematic implementation of metrics

    Materials: Metrics Tracking Tool

    Participants: BRM, SLM, Program manager

    Upon completion of the pilot, move to start the broader implementation of metrics across the organization:

    INSTRUCTIONS

    1. Identify the service metrics that you will implement. They can be selected based on multiple criteria, including:
      • Organizational area/business unit
      • Service criticality
      • Pain points
      • Stakeholder engagement (detractors, supporters)
    2. Create a rollout plan for implementation in batches, identifying expected launch timelines, owners, targeted stakeholders, and communications plans
    3. Use the implementation plan from the pilot to roll out each batch of service metrics:
      • Collect and validate data
      • Determine target(s)
      • Integrate with BRM and SLM
      • Generate and communicate reports to stakeholders

    Maintain the service metrics

    Supporting Tool icon 3.7 1.5 Hour

    INPUT: Feedback from business stakeholders

    OUTPUT: Modification to individual metrics or to the process

    Materials: Metrics Tracking Tool, Metrics Development Workbook

    Participants: CIO, BRM, SLM, Program manager, Service owner

    Once service metrics and reporting become active, it is necessary to determine the review time frame for your metrics to ensure they remain useful.

    INSTRUCTIONS

    1. Confirm and establish a review time frame with stakeholders (e.g. annually, bi-annually, after organizational or strategic changes).
    2. Meet with stakeholders by the review date to discuss the value of existing metrics and validate:
      • Whether the goals associated with the metrics are still valid
      • If the metric is still necessary
      • If there is a more effective way to present the metrics
    3. Track actions based on review outcomes and update the remediation tracking sheet.
    4. Update tracking sheet with last complete review date.

    Maintain the metrics

    Supporting Tool icon 3.7

    Based on the outcome of the review meeting, decide what needs to be done for each metric, using the following options:

    Add

    A new metric is required or an existing metric needs large-scale changes (example: calculation method or scope).
    Triggers metrics design as shown in phases 1 and 2.

    Change

    A minor change is required to the presentation format or data. Note: a major change in a metric would be performed through the Add option.

    Remove

    The metric is no longer required, and it needs to be removed from reporting and data gathering. A final report date for that metric should be determined.

    Maintain

    The metric is still useful and no changes are required to the metric, its measurement, or how it’s reported.

    Ensuring metrics remain valuable

    VC CASE STUDY
    Industry: Manufacturing | Source: CIO Interview

    Reviewing the value of active metrics

    When the video conferencing service was initially implemented, it was performed as a pilot with a group of executives, and then expanded for use throughout the company. It was understood that prior to seeing the full benefit in cost reduction and increased efficiency and effectiveness, the rate of use and adoption had to be understood.

    The primary service metrics created for the service were based on tracking the number of requests for video conference meetings that were received by the IT organization. This identified the growth in use and could be used in conjunction with financial metrics related to travel to help identify the impact of the service through its growth phase.

    Once the service was adopted, this metric continued to be tracked but no longer showed growth or expanded adoption.

    The service manager was no longer sure this needed to be tracked.

    Key Activity

    The metrics around requests for video conference meetings were reviewed at the annual metrics review meeting with the business. The service manager asked if the need for the metric, the goal of tracking adoption, was still important for the business.

    The discussion identified that the adoption rate was over 80%, higher than anticipated, and that there was no value in continuing to track this metric.

    Based on the discussion, the adoption metrics were discontinued and removed from data gathering and reporting, while a success rate metric was added (how many meetings ran successfully and without issue) to ensure the ongoing value of the video conferencing service.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of Valence Howden, Senior Manager, CIO Advisory, Info-Tech Research Group.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    3.1

    Sample of activity 3.1 'Select pilot metrics'. Select the pilot metrics

    The onsite analyst will help the workshop group select the metrics that should be first implemented based on the urgency and impact of these metrics.

    3.2

    Sample of activity 3.2 'Collect and validate data'. Gather data and set initial targets

    The analyst will help the group create a process to gather data, measure baselines, and set initial targets.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    3.5

    Sample of activity 3.5 'Generate reports and present to stakeholders'. Generate the reports and validate with stakeholders

    The Info-Tech analyst will help the group establish a process to receive feedback from the business stakeholders once the report is generated.

    3.6

    Sample of activity 3.6 'Plan the rollout and implementation of the metrics reporting program'. Implement the service metrics program

    The analyst will facilitate a discussion on how to implement the metrics program across the organization.

    3.7

    Sample of activity 3.7 'Maintain the service metrics'. Track and maintain the metrics program

    Set up a mechanism to ensure the success of the metrics program by assessing process adherence and process validity.

    Insight breakdown

    Insight 1

    Service metrics are critical to ensuring alignment of IT service performance and business service value achievement.

    Insight 2

    Service metrics reinforce positive business and end-user relationships by providing user-centric information that drives responsiveness and consistent service improvement.

    Insight 3

    Poorly designed metrics drive unintended and unproductive behaviors that have negative impacts on IT and produce negative service outcomes.

    Summary of accomplishment

    Knowledge Gained

    • Follow a methodology to identify metrics that are derived from business objectives.
    • Understand the proper presentation format based on stakeholder needs for information.
    • Establish a process to ensure the metrics provided will continue to provide value and aid decision making.

    Processes Optimized

    • Metrics presentation to business stakeholders
    • Metrics maintenance and tracking

    Deliverables Completed

    • Metrics Development Workbook
    • Metrics Presentation Format Selection Guide
    • Metrics Tracking Tool

    Research contributors and experts

    Name Organization
    Joe Evers Joe Evers Consulting
    Glen Notman Associate Partner, Citihub
    David Parker Client Program Manager, eHealth Ontario
    Marianne Doran Collins CIO, The CIO-Suite, LLC
    Chris Kalbfleisch Manager, Service Management, eHealth Ontario
    Joshua Klingenberg BHP Billiton Canada Inc.

    Related Info-Tech research

    Stock image of a menu. Design & Build a User-Facing Service Catalog
    The user-facing service catalog is the go-to place for IT service-related information.
    Stock image of a laptop keyboard. Unleash the True Value of IT by Transforming Into a Service Provider
    Earn your seat at the table and influence business strategy by becoming an IT service provider.

    Bibliography

    Pollock, Bill. “Service Benchmarking and Measurement: Using Metrics to Drive Customer Satisfaction and Profits.” Aberdeen Group. June 2009. http://722consulting.com/ServiceBenchmarkingandMeasurement.pdf

    PwC. “Mega-Trends and Implications.” RMI Discussion. LinkedIn SlideShare. September 2015. http://www.slideshare.net/AnandRaoPwC/mega-trends-and-implications-to-retirement

    PwC. “Healthcare’s new entrants: Who will be the industry’s Amazon.com?” Health Research Institute. April 2014. https://www.pwc.com/us/en/health-industries/healthcare-new-entrants/assets/pwc-hri-new-entrant-chart-pack-v3.pdf

    PwC. “Northern Lights: Where are we now?” PwC Blogs. 2012. http://pwc.blogs.com/files/12.09.06---northern-lights-2--summary.pdf

    PwC. “PwC’s key performance indicators

    Create a Data Management Roadmap

    • Buy Link or Shortcode: {j2store}122|cart{/j2store}
    • member rating overall impact (scale of 10): 9.3/10 Overall Impact
    • member rating average dollars saved: $100,135 Average $ Saved
    • member rating average days saved: 36 Average Days Saved
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management

    Data has quickly become one of the most valuable assets in any organization. But when it comes to strategically and effectively managing those data assets, many businesses find themselves playing catch-up. The stakes are high because ineffective data management practices can have serious consequences, from poor business decisions and missed revenue opportunities to critical cybersecurity risks.

    Successful management and consistent delivery of data assets requires collaboration between the business and IT and the right balance of technology, process, and resourcing solutions.

    Build an effective and collaborative data management practice

    Data management is not one-size-fits-all. Cut through the noise around data management and create a roadmap that is right for your organization:

    • Align data management plans with business requirements and strategic plans.
    • Create a collaborative plan that unites IT and the business in managing data assets.
    • Design a program that can scale and evolve over time.
    • Perform data strategy planning and incorporate data capabilities into your broader plans.
    • Identify gaps in current data services and the supporting environment and determine effective corrective actions.

    This blueprint will help you design a data management practice that builds capabilities to support your organization’s current use of data and its vision for the future.

    Create a Data Management Roadmap Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Create a Data Management Roadmap Storyboard – Use this deck to help you design a data management practice and turn data into a strategic enabler for the organization.

    Effective data delivery and management provides the business with new and improved opportunities to leverage data for business operations and decision making. This blueprint will help you design a data management practice that will help your team build capabilities that align to the business' current usage of data and its vision for the future.

    • Create a Data Management Roadmap – Phases 1-2

    2. Data Management Strategy Planning Tools – Use these tools to align with the business and lay the foundations for the success of your data management practice.

    Begin by using the interview guide to engage stakeholders to gain a thorough understanding of the business’ challenges with data, their strategic goals, and the opportunities for data to support their future plans. From there, these tools will help you identify the current and target capabilities for your data management practice, analyze gaps, and build your roadmap.

    • Data Strategy Planning Interview Guide
    • Data Management Assessment and Planning Tool
    • Data Management Project Charter Template

    3. Stakeholder Communication and Assessment Tools – Use these templates to develop a communication strategy that will convey the value of the data management project to the organization and meet the needs of key stakeholders.

    Strong messaging around the value and purpose of the data management practice is essential to ensure buy-in. Use these templates to build a business case for the project and socialize the idea of data management across the various levels of the organization while anticipating the impact on and reactions from key stakeholders.

    • Data Management Communication/Business Case Template
    • Project Stakeholder and Impact Assessment Tool

    4. Data Management Strategy Work Breakdown Structure Template – Use this template to maintain strong project management throughout your data management project.

    This customizable template will support an organized approach to designing a program that addresses the business’ current and evolving data management needs. Use it to plan and track your deliverables and outcomes related to each stage of the project.

    • Data Management Strategy Work Breakdown Structure Template

    5. Data Management Roadmap Tools – Use these templates to plan initiatives and create a data management roadmap presentation.

    Create a roadmap for your data management practice that aligns to your organization’s current needs for data and its vision for how it wants to use data over the next 3-5 years. The initiative tool guides you to identify and record all initiative components, from benefits to costs, while the roadmap template helps you create a presentation to share your project findings with your executive team and project sponsors.

    • Initiative Definition Tool
    • Data Management Roadmap Template

    6. Track and Measure Benefits Tool – Use this tool to monitor the project’s progress and impact.

    Benefits tracking enables you to measure the effectiveness of your project and make adjustments where necessary to realize expected benefits. This tool will help you track benefit metrics at regular intervals to report progress on goals and identify benefits that are not being realized so that you can take remedial action.

    • Track and Measure Benefits Tool

    Infographic

    Workshop: Create a Data Management Roadmap

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Develop Data Strategies

    The Purpose

    Understand the business’s vision for data and the role of the data management practice.

    Determine business requirements for data.

    Map business goals and strategic plans to create data strategies.

    Key Benefits Achieved

    Understanding of business’s vision for data

    Unified vision for data management (business and IT)

    Identification of the business’s data strategies

    Activities

    1.1 Establish business context for data management.

    1.2 Develop data management principles and scope.

    1.3 Develop conceptual data model (subject areas).

    1.4 Discuss strategic information needs for each subject area.

    1.5 Develop data strategies.

    1.6 Identify data management strategies and enablers.

    Outputs

    Practice vision

    Data management guiding principles

    High-level data requirements

    Data strategies for key data assets

    2 Assess Data Management Capabilities

    The Purpose

    Determine the current and target states of your data management practice.

    Key Benefits Achieved

    Clear understanding of current environment

    Activities

    2.1 Determine the role and scope of data management within the organization.

    2.2 Assess current data management capabilities.

    2.3 Set target data management capabilities.

    2.4 Identify performance gaps.

    Outputs

    Data management scope

    Data management capability assessment results

    3 Analyze Gaps and Develop Improvement Initiatives

    The Purpose

    Identify how to bridge the gaps between the organization’s current and target environments.

    Key Benefits Achieved

    Creation of key strategic plans for data management

    Activities

    3.1 Evaluate performance gaps.

    3.2 Identify improvement initiatives.

    3.3 Create preliminary improvement plans.

    Outputs

    Data management improvement initiatives

    4 Design Roadmap and Plan Implementation

    The Purpose

    Create a realistic and action-oriented plan for implementing and improving the capabilities for data management.

    Key Benefits Achieved

    Completion of a Data Management Roadmap

    Plan for how to implement the roadmap’s initiatives

    Activities

    4.1 Align data management initiatives to data strategies and business drivers.

    4.2 Identify dependencies and priorities

    4.3 Build a data management roadmap (short and long term)

    4.4 Create a communication plan

    Outputs

    Data management roadmap

    Action plan

    Communication plan

    Further reading

    Contents

    Executive Brief
    Analyst Perspective
    Executive Summary
    Phase 1: Build Business and User Context
    Phase 2: Assess Data Management and Build Your Roadmap
    Additional Support
    Related Research
    Bibliography

    Create a Data Management Roadmap

    Ensure the right capabilities to support your data strategy.

    EXECUTIVE BRIEF

    Analyst Perspective

    Establish a data management program to realize the data strategy vision and data-driven organization.

    Data is one of the most valuable organizational assets, and data management is the foundation – made up of plans, programs, and practices – that delivers, secures, and enhances the value of those assets.

    Digital transformation in how we do business and innovations like artificial intelligence and automation that deliver exciting experiences for our customers are all powered by readily available, trusted data. And there’s so much more of it.

    A data management roadmap designed for where you are in your business journey and what’s important to you provides tangible answers to “Where do we start?” and “What do we do?”

    This blueprint helps you build and enhance data management capabilities as well as identify the next steps for evaluating, strengthening, harmonizing, and optimizing these capabilities, aligned precisely with business objectives and data strategy.

    Andrea Malick
    Director, Research & Advisory, Data & Analytics Practice
    Info-Tech Research Group

    Frame the problem

    Who this research is for
    • Data management professionals looking to improve the organization’s ability to leverage data in value-added ways
    • Data governance managers and data analysts looking to improve the effectiveness and value of their organization’s data management practice
    This research will help you
    • Align data management plans with business requirements and strategic plans.
    • Create a collaborative plan that unites IT and the business in managing the organization’s data assets.
    • Design a data management program that can scale and evolve over time.
    This research will also assist
    • Business leaders creating plans to leverage data in their strategic planning and business processes
    • IT professionals looking to improve the environment that manages and delivers data
    This research will also help you
    • Perform data strategy planning and incorporate data capabilities and plans into your broader plans.
    • Identify gaps in current data services and the supporting environment and determine effective corrective actions.

    Executive Summary

    Your Challenge
    • The organizational appetite for data is increasing, with growing demands for data to better support business processes and inform decision making.
    • For data to be accessible and trustworthy for the business it must be effectively managed throughout its lifecycle.
    • With so much data circulating throughout our systems and a steady flow via user activity and business activities, it is imperative that we understand our data environment, focus our data services and oversight on what really matters, and work closely with business leads to ensure data is an integral part of the digital solution.
    Common Obstacles
    • Despite the growing focus on data, many organizations struggle to develop an effective strategy for managing their data assets.
    • Successful management and consistent delivery of data assets throughout their lifecycle requires the collaboration of the business and IT and the balance of technology, process, and resourcing solutions.
    • Employees are doing their best to just get things done with their own spreadsheets and familiar patterns of behavior. It takes leadership to pause those patterns and take a thoughtful enterprise and strategic approach to a more streamlined – and transformed – business data service.
    Info-Tech’s Approach
    • Incremental approach: Building a mature and optimized practice doesn’t occur overnight – it takes time and effort. Use this blueprint’s approach and roadmap results to support your organization in building a practice that prioritizes scope, increases the effectiveness of your data management practice, and improves your alignment with business data needs.
    • Build smart: Don’t do data management for data management’s sake; instead, align it to business requirements and the business’ vision for the organization’s data. Ensure initiatives and program investments best align to business priorities and support the organization in becoming more data driven and data centric.

    Info-Tech Insight

    Use value streams and business capabilities to develop a prioritized and practical data management plan that provides the highest business satisfaction in the shortest time.

    Full page illustration of the 'Create a Data Management Roadmap' using the image of a cargo ship labelled 'Data Management' moving in the direction of 'Business Strategy'. The caption at the top reads 'Data Management capabilities create new business value by augmenting data & optimizing it for analytics. Data is a digital imprint of organizational activities.'

    Data Management Capabilities

    A similar concept to the last one, with a ship moving toward 'Business Strategy', except the ship is cross-sectioned with different capabilities filling the interior of the silhouette. Below are different steps in data management 'Data Creation', 'Data Ingestion', 'Data Accumulation, 'Data Augmentation', 'Data Delivery', and 'Data Consumption'.

    Data is a business asset and needs to be treated like one

    Data management is an enabler of the business and therefore needs to be driven by business goals and objectives. For data to be a strategic asset of the business, the business and IT processes that support its delivery and management must be mature and clearly executed.

    Business Drivers
    1. Client Intimacy/Service Excellence
    2. Product and Service Innovations
    3. Operational Excellence
    4. Risk and Compliance Management
    Data Management Enablers
    • Data Governance
    • Data Strategy Planning
    • Data Architecture
    • Data Operations Management
    • Data Risk Management
    • Data Quality Management

    Industry spotlight: Risk management in the financial services sector

    REGULATORY
    COMPLIANCE

    Regulations are the #1 driver for risk management.

    US$11M:

    Fine incurred by a well-known Wall Street firm after using inaccurate data to execute short sales orders.
    “To successfully leverage customer data while maintaining compliance and transparency, the financial sector must adapt its current data management strategies to meet the needs of an ever-evolving digital landscape.” (Phoebe Fasulo, Security Scorecard, 2021)

    Industry spotlight: Operational excellence in the public sector

    GOVERNMENT
    TRANSPARENCY

    With frequent government scandals and corruption dominating the news, transparency to the public is quickly becoming a widely adopted practice at every level of government. Open government is the guiding principle that the public has access to the documents and proceedings of government to allow for effective public oversight. With growing regulations and pressure from the public, governments must adopt a comprehensive data management strategy to ensure they remain accountable to their rate payers, residents, businesses, and other constituents.

    1. Transparency Transparency is not just about access; it’s about sharing and reuse.
    2. Social and commercial value Everything from finding your local post office to building a search engine requires access to data.
    3. Participatory government Open data enables citizens to be more directly informed and involved in decision making.

    Industry spotlight: Operational excellence and client intimacy in major league sports

    SPORTS
    ANALYTICS

    A professional sports team is essentially a business that is looking for wins to maximize revenue. While they hope for a successful post-season, they also need strong quarterly results, just like you. Sports teams are renowned for adopting data-driven decision making across their organizations to do everything from improving player performance to optimizing tickets sales. At the end of the day, to enable analytics you must have top-notch information management.

    Team Performance Benefits
    1. Talent identification
    2. In-game decision making
    3. Injury reduction
    4. Athlete performance
    5. Bargaining agreement
    Team Performance Benefits
    1. Fan engagement
    2. Licensing
    3. Sports gambling
    (Deloitte Insights, 2020)
    Industry leaders cite data, and the insights they glean from it, as their means of standing apart from their competitors.

    Industry spotlight: Operational excellence and service delivery within manufacturing and supply chain services

    SUPPLY CHAIN
    EFFICIENCY

    Data offers key insights and opportunities when it comes to supply chain management. The supply chain is where the business strategy gets converted to operational service delivery of the business. Proper data management enables business processes to become more efficient, productive, and profitable through the greater availability of quality data and analysis.

    Fifty-seven percent of companies believe that supply chain management gives them a competitive advantage that enables them to further develop their business (FinancesOnline, 2021).

    Involving Data in Your Supply Chain

    25%

    Companies can reap a 25% increase in productivity, a 20% gain in space usage, and a 30% improvement in stock use efficiency if they use integrated order processing for their inventory system.

    36%

    Thirty-six percent of supply chain professionals say that one of the top drivers of their analytics initiatives is the optimization of inventory management to balance supply and demand.
    (Source: FinancesOnline, 2021)

    Industry spotlight: Intelligent product innovation and strong product portfolios differentiate consumer retailers and CPGs

    INFORMED PRODUCT
    DEVELOPMENT
    Consumer shopping habits and preferences are notoriously variable, making it a challenge to develop a well-received product. Information and insights into consumer trends, shopping preferences, and market analysis support the probability of a successful outcome.

    Maintaining a Product Portfolio
    What is selling? What is not selling?

    Product Development
    • Based on current consumer buying patterns, what will they buy next?
    • How will this product be received by consumers?
    • What characteristics do consumers find important?
    A combination of operational data and analytics data is required to accurately answer these questions.
    Internal Data
    • Organizational sales performance
    External Data
    • Competitor performance
    • Market analysis
    • Consumer trends and preferences
    Around 75% of ideas fail for organizational reasons – viability or feasibility or time to market issues. On the other hand, around 20% of product ideas fail due to user-related issues – not valuable or usable (Medium, 2020).

    Changes in business and technology are changing how organizations use and manage data

    The world moves a lot faster today

    Businesses of today operate in real time. To maintain a competitive edge, businesses must identify and respond quickly to opportunities and events.

    To effectively do this businesses must have accurate and up-to-date data at their fingertips.

    To support the new demands around data consumption, data velocity (pace in which data is captured, organized, and analyzed) must also accelerate.

    Data Management Implications
    • Strong integration capabilities
    • Intelligent and efficient systems
    • Embedded data quality management
    • Strong transparency into the history of data and its transformation

    Studies and projections show a clear case of how data and its usage will grow and evolve.

    Zettabyte Era

    64.2

    More Data

    The amount of data created, consumed, and stored globally is forecast to increase rapidly, reaching 64.2 zettabytes in 2020 and projected to grow to over 180 zettabyes in 2025 (Statista, 2021).

    Evolving Technologies

    $480B

    Cloud Proliferation

    Global end-user spending on public cloud services is expected to exceed $480 billion next year (Info-Tech, 2021).

    To differentiate and remain competitive in today’s marketplace, organizations are becoming more data-driven

    Pyramid with a blue tip. Sublevels from top down are labelled 'Analytical Companies', 'Analytical Aspirations', 'Localized Analytics', and 'Analytically Impaired'.

    Analytic Competitor

    “Given the unforgiving competitive landscape, organizations have to transform now, and correctly. Winning requires an outcome-focused analytics strategy.” (Ramya Srinivasan, Forbes, 2021)
    Data and the use of data analytics has become a centerpiece to effective modern business. Top-performing organizations across a variety of industries have been cited as using analytics five times more than lower performers (MIT Sloan).

    The strategic value of data

    Power intelligent and transformative organizational performance through leveraging data.

    Respond to industry disruptors

    Optimize the way you serve your stakeholders and customers

    Develop products and services to meet ever-evolving needs

    Manage operations and mitigate risk

    Harness the value of your data

    Despite investments in data initiatives, organizations are carrying high levels of data debt

    Data debt is the accumulated cost that is associated with the suboptimal governance of data assets in an enterprise, like technical debt.

    Data debt is a problem for 78% of organizations.

    40%

    of organizations say individuals within the business do not trust data insights.

    66%

    of organizations say a backlog of data debt is impacting new data management initiatives.

    33%

    of organizations are not able to get value from a new system or technology investment.

    30%

    of organizations are unable to become data-driven.

    (Source: Experian, 2020)

    The journey to being data-driven

    The journey to becoming a data-driven organization requires a pit stop at data enablement.

    The Data Economy

    Diagram of 'The Data Economy' with three points on an arrow. 'Data Disengaged: You have a low appetite for data and rarely use data for decision making.' 'Data Enabled: Technology, data architecture, and people and processes are optimized and supported by data governance.' 'Data Driven: You are differentiating and competing on data and analytics, described as a “data first” organization. You’re collaborating through data. Data is an asset.'

    Measure success to demonstrate tangible business value

    Put data management into the context of the business:
    • Tie the value of data management and its initiatives back to the business capabilities that are enabled.
    • Leverage the KPIs of those business capabilities to demonstrate tangible and measurable value. Use terms and language that will resonate with senior leadership.

    Don’t let measurement be an afterthought:

    Start substantiating early on how you are going to measure success as your data management program evolves.

    Build a right-sized roadmap

    Formulate an actionable roadmap that is right-sized to deliver value in your organization.

    Key considerations:
    • When building your data management roadmap, ensure you do so through an enterprise lens. Be cognizant of other initiatives that might be coming down the pipeline that may require you to align your data governance milestones accordingly.
    • Apart from doing your planning with consideration for other big projects or launches that might be in-flight and require the time and attention of your data management partners, also be mindful of the more routine yet still demanding initiatives.
    • When doing your roadmapping, consider factors like the organization’s fiscal cycle, typical or potential year-end demands, and monthly/quarterly reporting periods and audits. Initiatives such as these are likely to monopolize the time and focus of personnel key to delivering on your data management milestones
    Sample milestones:
    • Data Management Leadership & Org Structure Definition
      Define the home for data management, as approved by senior leadership.
    • Data Management Charter and Policies
      Create a charter for your program and build/refresh associated policies.
    • Data Culture Diagnostic
      Understand the organization’s current data culture, perception of data, value of data, and knowledge gaps.
    • Use Case Build and Prioritization
      Build a use case that is tied to business capabilities. Prioritize accordingly.
    • Business Data Glossary/Catalog
      Build and/or refresh the business’ glossary for addressing data definitions and standardization issues.
    • Tools & Technology
      Explore the tools and technology offering in the data management space that would serve as an enabler to the program (e.g. RFI, RFP).

    Insight summary

    Overarching insight

    Your organization’s value streams and the associated business capabilities require effectively managed data. Whether building customer service excellence or getting ahead of cyberattacks, a data management practice is the dependable mainstay supporting business operations and transformation.

    Insight 1

    Data – it’s your business.
    Data is a digital imprint of business activities. Data architecture and flows are reflective of the organizational business architecture. Take data management capabilities as seriously as other core business capabilities.

    Insight 2

    Take a data-oriented approach.
    Data management must be data-centric – with technology and functional enablement built around the data and its structure and flows. Maintain the data focus during project’s planning, delivery, and evaluation stages.

    Insight 3

    Get the business into the data business.
    Data is not “IT’s thing.” Just as a bank helps you properly allocate your money to achieve your financial goals, IT will help you implement data management to support your business goals, but the accountability for data resides with the business.

    Tactical insight

    Data management is the program and environment we build once we have direction, i.e. a data strategy, and we have formed an ongoing channel with the guiding voice of the business via data governance. Without an ultimate goal in a strategy or the real requirements of the business, what are we building data systems and processes for? We are used to tech buzz words and placing our hope in promising innovations like artificial intelligence. There are no shortcuts, but there are basic proven actions we can take to meet the digital revolution head on and let our data boost our journey.

    Key deliverable:

    Data Management Roadmap Template

    Use this template to guide you in translating your project's findings and outcomes into a presentation that can be shared with your executive team and project sponsors.

    Sample of the 'Data Management Roadmap Template' key deliverable.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Data Management Assessment and Planning Tool

    Use this tool to support your team in assessing and designing the capabilities and components of your organization's data management practice. Sample of the 'Data Management Assessment and Planning Tool' deliverable.

    Data Culture Diagnostic and Scorecard

    Sample of the 'Data Culture Diagnostic and Scorecard' deliverable.

    Leverage Info-Tech’s Data Culture Diagnostic to understand how your organization scores across 10 areas relating to data culture.

    Business Capability Map

    This template takes you through a business capability and value stream mapping to identify the data capabilities required to enable them. Sample of the 'Business Capability Map' deliverable.

    Measure the value of this blueprint

    Leverage this blueprint’s approach to ensure your data management initiatives align and support your key value streams and their business capabilities.
    • Aligning your data management program and its initiatives to your organization’s business capabilities is vital for tracing and demonstrating measurable business value for the program.
    • This alignment of data management with value streams and business capabilities enables you to use business-defined KPIs and demonstrate tangible value.

    Project outcome

    Metric

    Timely data delivery Time of data delivery to consumption
    Improved data quality Data quality scorecard metrics
    Data provenance transparency Time for data auditing (from report/dashboard to the source)
    New reporting and analytic capabilities Number of level 2 business capabilities implemented as solutions
    In Phase 1 of this blueprint, we will help you establish the business context, define your business drivers and KPIs, and understand your current data management capabilities and strengths.

    In Phase 2, we will help you develop a plan and a roadmap for addressing any gaps and improving the relevant data management capabilities so that data is well positioned to deliver on those defined business metrics.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Create a Data Management Roadmap project overview

    1. Build Business Context and Drivers for the Data Management Program 2. Assess Data Management and Build Your Roadmap
    Best-Practice Toolkit

    1.1 Review the Data Management Framework

    1.2 Understand and Align to Business Drivers

    1.3 Build High-Value Use Cases

    1.4 Create a Vision

    2.1 Assess Data Management

    2.2 Build Your Data Management Roadmap

    2.3 Organize Business Data Domains

    Guided Implementation
    • Call 1
    • Call 2
    • Call 3
    • Call 4
    • Call 5
    • Call 6
    • Call 7
    • Call 8
    • Call 9
    Phase Outcomes
    • An understanding of the core components of an effective data management program
    • Your organization’s business capabilities and value streams
    • A business capability map for your organization
    • High-value use cases for data management
    • Vision and guiding principles for data management
    • An understanding of your organization’s current data management capabilities
    • Definition of target-state capabilities and gaps
    • Roadmap of priority data management initiatives
    • Business data domains and ownership

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 8 to 12 calls over the course of 4 to 6 months.

    What does a typical GI on this topic look like?

    Phase 1

    Phase 2

    Call #1: Understand drivers, business context, and scope of data management at your organization. Learn about Info-Tech’s approach and resources.

    Call #2: Get a detailed overview of Info-Tech’s approach, framework, Data Culture Diagnostic, and blueprint.

    Call #3:Align your business capabilities with your data management capabilities. Begin to develop a use case framework.

    Call #4:Further discuss alignment of business capabilities to data management capabilities and use case framework.

    Call #5: Assess your current data management capabilities and data environment. Review your Data Culture Diagnostic Scorecard, if applicable.

    Call #6: Plan target state and corresponding initiatives.

    Call #7: Identify program risks and formulate a roadmap.

    Call #8: Identify and prioritize improvements. Define a RACI chart.

    Call #9: Summarize results and plan next steps.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com1-888-670-8889
    Day 1 Day 2 Day 3 Day 4 Day 5
    Activities
    Understand and contextualize

    1.1 Review your data strategy.

    1.2 Learn data management capabilities.

    1.3 Discuss DM capabilities cross-dependencies and interactions.

    1.4 Develop high-value use cases.

    Assess current DM capabilities and set improvement targets

    2.1 Assess you current DM capabilities.

    2.2 Set targets for DM capabilities.

    Formulate and prioritize improvement initiatives

    3.1 Formulate core initiatives for DM capabilities improvement.

    3.2 Discuss dependencies across the initiatives and prioritize them.

    Plan for delivery dates and assign RACI

    4.1 Plan dates and assign RACI for the initiatives.

    4.2 Brainstorm initiatives to address gaps and enable business goals.

    Next steps and wrap-up (offsite)

    5.1 Complete in-progress deliverables from previous four days.

    5.2 Set up review time for workshop deliverables and to discuss next steps.

    Deliverables
    1. Understanding of the data management capabilities and their interactions and logical dependencies
    2. Use cases
    1. DM capability assessment results
    2. DM vision and guiding principles
    1. Prioritized DM capabilities improvement initiatives
    1. DM capabilities improvement roadmap
    2. Business data domains and ownership
    1. Workshop final report with key findings and recommendations

    Full page diagram of the 'Data & Analytics landscape'. Caption reads 'The key to landscaping your data environment lies in ensuring foundational disciplines are optimized in a way that recognizes the interdependency among the various disciplines.' Many foundational disciplines are color-coded to a legend determining whether its 'accountability sits with IT' or 'with the business; CDO'. An arrow labeled 'You Are Here' points to 'Data Management', which is coded in both colors meaning both IT and the business are accountable.

    What is data management and why is it needed?

    “Data management is the development, execution, and supervision of plans, policies, programs and practices that deliver, control, protect and enhance the value of data and information assets throughout their lifecycles.” (DAMA International, 2017)

    Achieving successful management and consistent delivery of data assets throughout their lifecycle requires the collaboration of the business and IT and the balance of technology, process, and resourcing solutions.

    Who:

    This research is designed for:
    • Data management heads and professionals looking to improve their organization’s ability to leverage data in value-added ways.
    • Data management and IT professionals looking to optimize the data environment, from creation and ingestion right through to consumption.

    Are your data management capabilities optimized to support your organization’s data use and demand?

    What is the current situation?

    Situation
    • The volume and variety of data are growing exponentially and show no sign of slowing down.
    • Business landscapes and models are evolving.
    • Users and stakeholders are becoming more and more data-centric, with maturing and demanding expectations.
    Complication
    • Organizations struggle to develop a comprehensive approach to optimizing data management.
    • In their efforts to keep pace with the demands for data, data management groups often adopt a piecemeal approach that includes turning to tools as a means to address the needs.
    • Data architecture, models, and designs fail to deliver real and measurable business impact and value. Technology ROI is not realized.
    Info-Tech Insight

    A data strategy should never be formulated disjointed from the business. Ensure the data strategy aligns with the business strategy and supports the business architecture.

    Info-Tech’s Data Management Framework

    What Is Data Management?

    Data management is the development, execution, and supervision of plans, policies, programs and practices that deliver, control, protect and enhance the value of data and information assets throughout their lifecycles.” (DAMA International, 2017)

    The three-tiered Data Management Framework, tiers are labelled 'Data Management Enablers', 'Information Dimensions', and 'Business Information'.

    Adapted from DAMA-DMBOK and Advanced Knowledge Innovations Global Solutions

    Info-Tech’s Approach

    Info-Tech’s Data Management Framework is designed to show how an organization’s business model sits as the foundation of its data management practice. Drawing from the requirements of the underpinning model, a practice is designed and maintained through the creation and application of the enablers and dimensions of data management.

    Build a data management practice that is centered on supporting the business and its use of key data assets

    Business Resources

    Data subject areas provide high-level views of the data assets that are used in business processes and enable an organization to perform its business functions.

    Classified by specific subjects, these groups reflect data elements that, when used effectively, are able to support analytical and operational use cases of data.

    This layer is representative of the delivery of the data assets and the business’ consumption of the data.

    Data is an integral business asset that exists across all areas of an organization

    Equation stating 'Trustworthy and Usable Data' plus 'Well-Designed and Executed Processes' equals 'Business Capabilities and Functions'.
    Data Management Framework with only the bottom tier highlighted.

    For a data management practice to be effective it ultimately must show how its capabilities and operations better support the business in accessing and leveraging its key data assets.*

    *This project focuses on building capabilities for data management. Leverage our data quality management research to support you in assessing the performance of this model.

    Information dimensions support the different types of data present within an organization’s environment

    Information Dimensions

    Components at the Information Dimensions layer manage the different types of data and information present with an environment.

    At this layer, data is managed based on its type and how the business is looking to use and access the data.

    Custom capabilities are developed at this level to support:

    • Structured data
    • Semi-structured data
    • Unstructured data
    The types, formats, and structure of the data are managed at this level using the data management enablers to support their successful execution and performance.
    Data Management Framework with only the middle tier highlighted.

    Build a data management practice with strong process capabilities

    Use these guiding principles to contextualize the purpose and value for each data management enabler.

    Data Management Framework with only the top tier highlighted.

    Data Management Enablers

    Info-Tech categorizes data management enablers as the processes that guide the management of the organization’s data assets and support the delivery.

    Govern and Direct

    • Ensures data management practices and processes follow the standards and policies outlined for them
    • Manages the executive oversight of the broader practice

    Align and Plan

    • Aligns data management plans to the business’ data requirements
    • Creates the plans to guide the design and execution of data management components

    Build, Acquire, Operate, Deliver, and Support

    • Executes the operations that manage data as it flows through the business environment
    • Manages the business’ risks in relation to its data assets and the level of security and access required

    Monitor and Improve

    • Analyzes the performance of data management components and the quality of business data
    • Creates and execute plans to improve the performance of the practice and the quality and use of data assets

    Use Info-Tech’s assessment framework to support your organization’s data management planning

    Info-Tech employs a consumer-driven approach to requirements gathering in order to support a data management practice. This will create a vision and strategic plan that will help to make data an enabler to the business as it looks to achieve its strategic objectives.

    Data Strategy Planning

    To support the project in building an accurate understanding of the organization’s data requirements and the role of data in its operations (current and future), the framework first guides organizations on a business and subject area assessment.

    By focusing on data usage and strategies for unique data subject areas, the project team will be better able to craft a data management practice with capabilities that will generate the greatest value and proactively handle evolving data requirements.

    Arrow pointing right.

    Data Management Assessment

    To support the design of a fit-for-purpose data management practice that aligns with the business’ data requirements this assessment will guide you in:

    • Determining the target capabilities for the different dimensions of data management.
    • Identifying the interaction dependencies and coordination efforts required to build a successful data management practice.

    Create a Data Management Roadmap

    Phase 1

    Build Business Context and Drivers for the Data Management Program

    Phase 1

    1.1 Review the Data Management Framework

    1.2 Understand and Align to Business Drivers

    1.3 Build High-Value Use Cases

    1.4 Create a Vision

    Phase 2

    2.1 Assess Data Management

    2.2 Build Your Data Management Roadmap

    2.3 Organize Business Data Domains

    This phase will walk you through the following activities:

    • Identify your business drivers and business capabilities.
    • Align data management capabilities with business goals.
    • Define scope and vision of the data management plan.
    • This phase involves the follow

    This phase involves the following participants:

    • Data Management Lead/Information Management Lead, CDO, Data Lead
    • Senior Business Leaders
    • Business SMEs
    • Data Owners, Records Managers, Regulatory Subject Matter Experts (e.g. Legal Counsel, Security)

    Step 1.1

    Review the Data Management Framework

    Activities

    1.1.1 Walk through the main parts of the best-practice Data Management Framework

    This step will guide you through the following activities:

    • Understand the main disciplines and makeup of a best-practice data management program.
    • Determine which data management capabilities are considered high priority by your organization.

    Outcomes of this step

    • A foundation for data management initiative planning that’s aligned with the organization’s business architecture: value streams, business capability map, and strategy map
    Build Business Context and Drivers
    Step 1.1 Step 1.2 Step 1.3 Step 1.4

    Full page diagram of the 'Data & Analytics landscape'. Caption reads 'The key to landscaping your data environment lies in ensuring foundational disciplines are optimized in a way that recognizes the interdependency among the various disciplines.' Many foundational disciplines are color-coded to a legend determining whether its 'accountability sits with IT' or 'with the business; CDO'. An arrow labeled 'You Are Here' points to 'Data Management', which is coded in both colors meaning both IT and the business are accountable.

    Full page illustration of the 'Create a Data Management Roadmap' using the image of a cargo ship labelled 'Data Management' moving in the direction of 'Business Strategy'. The caption at the top reads 'Data Management capabilities create new business value by augmenting data & optimizing it for analytics. Data is a digital imprint of organizational activities.'

    Data Management Capabilities

    A similar concept to the last one, with a ship moving toward 'Business Strategy', except the ship is cross-sectioned with different capabilities filling the interior of the silhouette. Below are different steps in data management 'Data Creation', 'Data Ingestion', 'Data Accumulation, 'Data Augmentation', 'Data Delivery', and 'Data Consumption'.

    Build a Robust & Comprehensive Data Strategy

    Business Strategy

    Organizational Goals & Objectives

    Business Drivers

    Industry Drivers

    Current Environment

    Data Management Capability Maturity Assessment

    Data Culture Diagnostic

    Regulatory and Compliance Requirements

    Data Strategy

    Organizational Drivers and Data Value

    Data Strategy Objectives & Guiding Principles

    Data Strategy Vision and Mission

    Data Strategy Roadmap

    People: Roles and Organizational Structure

    Data Culture & Data Literacy

    Data Management and Tools

    Risk and Feasibility

    Unlock the Value of Data

    Generate Game-Changing Insights

    Fuel Data-Driven Decision Making

    Innovate and Transform With Data

    Thrive and Differentiate With a Data-Driven Culture

    Elevate Organizational Data IQ

    Build a Foundation for Data Valuation

    What is a data strategy and why is it needed?

    • Your data strategy is the vehicle for ensuring data is poised to support your organization’s strategic objectives.
    • For any CDO or equivalent data leader, a robust and comprehensive data strategy is the number one tool in your toolkit for generating measurable business value from data.
    • The data strategy will serve as the mechanism for making high-quality, trusted, and well-governed data readily available and accessible to deliver on your organizational mandate.

    What is driving the need to formulate or refresh your organization’s data strategy?

    Who:

    This research is designed for:

    • Chief Data Officer (CDO) or equivalent
    • Head of Data
    • Chief Analytics Officer (CAO)
    • Head of Digital Transformation
    • CIO

    Info-Tech Insight

    A data strategy should never be formulated disjointed from the business. Ensure the data strategy aligns with the business strategy and supports the business architecture.

    Info-Tech’s Data Governance Framework

    Model of Info-Tech's Data Governance Framework titled 'Key to Data Enablement'. There are inputs, a main Data Governance cycle, and a selection of outputs. The inputs are 'Business Strategy' and 'Data Strategy' injected into the cycle via 'Strategic Goals & Objectives'. The cycle consists of 'Operating Model', 'Policies & Procedures', 'Data Literacy & Culture', 'Enterprise Projects & Services', 'Data Management', 'Data Privacy & Security', 'Data Leadership', and 'Data Ownership & Stewardship'. The latter two are part of 'Enterprise Governance's 'Oversight & Alignment' cycle. Outputs are 'Defined Data Accountability & Responsibility', 'Knowledge & Common Understanding of Data Assets', 'Trust & Confidence in Traceable Data', 'Improved Data ROI & Reduced Data Debt', and 'Support of Ethical Use of Data in a Data-Driven Culture'.

    What is data governance and why is it needed?

    • Data governance is an enabling framework of decision rights, responsibilities, and accountabilities for data assets across the enterprise.
    • It should deliver agreed-upon models that are conducive to your organization’s operating culture, where there is clarity on who can do what with which data and via what means.
    • It is the key enabler for bringing high-quality, trusted, secure, and discoverable data to the right users across your organization.
    • It promotes and drives responsible and ethical use and handling of data while helping to build and foster an organizational culture of data excellence.

    Do you feel there is a clear definition of data accountability and responsibility in your organization?

    Who:

    This research is designed for:

    • Chief Data Officer (CDO) or equivalent
    • Head of Data Governance, Lead Data Governance Officer
    • Head of Data
    • Head of Digital Transformation
    • CIO

    Info-Tech Insight

    Data governance should not sit as an island in your organization. It must continuously align with the organization’s enterprise governance function.

    A diagram titled 'Data Platform Selection - Make complex tasks simple by applying proven methodology to connect businesses to software' with five steps. '1. Formalize a Business Strategy', '2. Identify Platform Specific Considerations', '3. Execute Data Platform Architecture Selection', 'Select Software', 'Achieve Business Goals'.

    Info-Tech’s Data Platform Framework

    Data pipeline for versatile and scalable data delivery

    a diagram showing the path from 'Data Creation' to 'Data Accumulation', to 'Engineering & Augmentation', to 'Data Delivery'. Each step has a 'Fast Lane', 'Operational Lane', and 'Curated Lane'.

    What are the data platform and practice and why are they needed?

    • The data platform and practice are two parts of the data and analytics equation:
      • The practice is about the operating model for data; that is, how stakeholders work together to deliver business value on your data platform. These stakeholders are a combination of business and IT from across the organization.
      • The platform is a combination of the architectural components of the data and analytics landscape that come together to support the role the business plays day to day with respect to data.
    • Don’t jump directly into technology: use Info-Tech tools to solve and plan first.
    • Create a continuous roadmap to implement and evolve your data practice and platform.
    • Promote collaboration between the business and IT by clearly defining responsibilities.

    Does your data platform effectively serve your reporting and analytics capabilities?

    Who:

    This research is designed for:

    • Data and Information Leadership
    • Enterprise Information Architect
    • Data Architect
    • Data Engineer/Modeler

    Info-Tech Insight

    Info-Tech’s approach is driven by business goals and leverages standard data practice and platform patterns. This enables the implementation of critical and foundational data and analytics components first and subsequently facilitates the evolution and development of the practice and platform over time.

    Info-Tech’s Reporting and Analytics Framework

    Formulating an enterprise reporting and analytics strategy requires the business vision and strategies to first be substantiated. Any optimization to the data warehouse, integration, and source layers is in turn driven by the enterprise reporting and analytics strategy.
    A diagram of the 'Reporting and Analytics Framework' with 'Business vision/strategies' fed through four stages beginning with 'Business Intelligence: Reporting & Analytics Strategy', 'Data Warehouse: Data Warehouse/ Data Lake Strategy', 'Integration and Translation: Data Integration Strategy', 'Sources: Source Strategy (Content/Quality)'
    The current states of your integration and warehouse platforms determine what data can be used for BI and analytics.
    Your enterprise reporting and analytics strategy is driven by your organization’s vision and corporate strategy.

    What is reporting and analytics and why is it needed?

    • Reporting and analytics bridges the gap between an organization’s data assets and consumable information that facilitates insight generation and informed or evidence-based decision making.
    • The reporting and analytics strategy drives data warehouse and integration strategies and the data needs to support business decisions.
    • The reporting and analytics strategy ensures that the investment made in optimizing the data environment to support reporting and analytics is directly aligned with the organization’s needs and priorities and hence will deliver measurable business value.

    Do you have a strategy to enable self-serve analytics? What does your operating model look like? Have you an analytics CoE?

    Who:

    This research is designed for:

    • Head of BI and Analytics
    • CIO or Business Unit (BU) Leader looking to improve reporting and analytics
    • Applications Lead

    Info-Tech Insight

    Formulating an enterprise reporting and analytics strategy requires the business vision and strategies to first be substantiated. Any optimization to the data warehouse, integration, and source layer is in turn driven by the enterprise reporting and analytics strategy.

    Info-Tech’s Data Architecture Framework

    Info-Tech’s methodology:
      1. Prioritize your core business objectives and identify your business driver.
      2. Learn how business drivers apply to specific tiers of Info-Tech’s five-tier data architecture model.
      3. Determine the appropriate tactical pattern that addresses your most important requirements.
    Visual diagram of the first two parts of the methodology on the left. Objectives apply to the data architecture model, which appropriates tactical patterns, which leads to a focus.
      1. Select the areas of the five-tier architecture to focus on.
      2. Measure your current state.
      3. Set the targets of your desired optimized state.
      1. Roadmap your tactics.
      2. Manage and communicate change.
    Visual diagram of the third part of the methodology on the left. A roadmap of tactics leads to communicating change.

    What is data architecture and why is it needed?

    • Data architecture is the set of rules, policies, standards, and models that govern and define the type of data collected and how it is used, stored, managed, and integrated within the organization and its database systems.
    • In general, the primary objective of data architecture is the standardization of data for the benefit of the organization.

    Is your architecture optimized to sustainably deliver readily available and accessible data to users?

    Who:

    This research is designed for:

    • Data Architects or their equivalent
    • Enterprise Architects
    • Head of Data
    • CIO
    • Database Administrators

    Info-Tech Insight

    Data architecture is not just about models. Viewing data architecture as just technical data modeling can lead to a data environment that does not aptly serve or support the business. Identify your business’ priorities and adapt your data architecture to those needs.

    A diagram titled 'Build Your Data Quality Program'. '1. Data Quality & Data Culture Diagnostics Business Landscape Exercise', '2. Business Strategy & Use Cases', '3. Prioritize Use Cases With Poor Quality'. 'Info-Tech Insight: As data is ingested, integrated, and maintained in the various streams of the organization's system and application architecture, there are multiple points where the quality of the data can degrade.' A data flow diagram points out how 'Data quality issues can occur at any stage of the data flow', and that it is better to 'Fix data quality root causes here' during the 'Data Creation', 'Data Ingestion', and 'Data Accumulation & Engineering' stages in order 'to prevent expensive cures here' in the 'Data Delivery' and 'Reporting & Analytics' stages.

    What is data quality management and why is it needed?

    • Data is the foundation of decisions made at data-driven organizations.
    • Data quality management ensures that foundation is sustainably solid.
    • If there are problems with the organization’s underlying data, it can have a domino effect on many downstream business functions.
    • The transformational insights that executives are constantly seeking can be uncovered by a data quality practice that makes high-quality, trustworthy information readily available to the business users who need it.

    Do your users have an optimal level of trust and confidence in the quality of the organization’s data?

    Who:

    This research is designed for:

    • Chief Data Officer (CDO) or equivalent Head of Data
    • Chief Analytics Officer (CAO)
    • Head of Digital Transformation
    • CIO

    Info-Tech Insight

    Data quality suffers most at the point of entry. The resulting domino effect of error propagation makes these errors among the most costly forms of data quality errors. Fix data ingestion, whether through improving your application and database design or improving your data ingestion policy, and you will fix a majority of data quality issues.

    Info-Tech’s Enterprise Content Management Framework

    Drivers Governance Information Architecture Process Policy Systems Architecture
    Regulatory, Legal –›
    Efficiency, Cost-Effectiveness –›
    Customer Service –›
    User Experience –›
    • Establish decision-making committee
    • Define and formalize roles (RACI, charter)
    • Develop policies
    • Create business data glossary
    • Decide who approves documents in workflow
    • Operating models
    • Information categories (taxonomy)
    • Classifications, retention periods
    • Metadata (for findability and as tags in automated workflows)
    • Review and approval process, e.g. who approves
    • Process for admins to oversee performance of IM service
    • Process for capturing and classifying incoming documents
    • Audit trails and reporting process
    • Centralized index of data and records to be tracked and managed throughout their lifecycle
    • Data retention policy
    • E-signature policy
    • Email policy
    • Information management policies
    • Access/privacy rules
    • Understand the flow of content through multiple systems (e.g. email, repositories)
    • Define business and technical requirements to select a new content management platform/service
    • Improve integrations
    • Right-size solutions for use case (e.g. DAM)
    • Communication/Change Management
    • Data Literacy

    What is enterprise content management and why is it needed?

    “Enterprise Content Management is the systematic collection and organization of information that is to be used by a designated audience – business executives, customers, etc. Neither a single technology nor a methodology nor a process, it is a dynamic combination of strategies, methods and tools used to capture, manage, store, preserve and deliver information supporting key organizational processes through its entire lifecycle.” (AIIM, 2021)

    • Changing your ECM capabilities is about changing organizational behavior; take an all-hands-on-deck approach to make the most of information gathering, create a vested interest, and secure buy-in.
    • It promotes and drives responsible and ethical use and handling of content while helping to build and foster an organizational culture of information excellence.

    Who:

    This research is designed for:

    • Information Architect
    • Chief Data Officer (CDO)
    • Head of Data, Information Management
    • Records Management
    • CIO

    Info-Tech Insight

    ECM is critical to becoming a digital and modernized operation, where both structured data (such as sales reports) and unstructured content (such as customer sentiment in social media) are brought together for a 360-degree view of the customer or for a comprehensive legal discovery.

    Metadata management/Data cataloging

    Overview

    Metadata is structured information that describes, explains, locates, or otherwise makes it easier to retrieve, use, or manage an information resource. Metadata is often called data about data or information about information (NISO).

    Metadata management is the function that manages and maintains the technology and processes that creates, processes, and stores metadata created by business processes and data.

    90%

    The majority of data is unstructured information like text, video, audio, web server logs, social media, and more (MIT Sloan, 2021).
    As data becomes more unstructured, complex, and manipulated, the importance and value of metadata will grow exponentially and support improved:
    • Data consumption
    • Quality management
    • Risk management

    Value of Effective Metadata Management

    • Supports the traceability of data through an environment.
    • Creates standards and logging that enable information and data to be searchable and cataloged.
    • Metadata schemas enable easier transferring and distribution of data across different environments.
    Data about data: The true value of metadata and the management practices supporting it is its ability to provide deeper understanding and auditability to the data assets and processes of the business.
    Metadata supports the use of:
    Big Data
    Unstructured data
    Content and Documents
    Unstructured and semi-structured data
    Structured data
    Master, reference, etc.

    Critical Success Factors of Metadata Management

    • Consistent and documented data standards and definitions
    • Architectural planning for metadata
    • Incorporation of metadata into system design and the processing of data
    • Technology to support metadata creation, collection, storage, and reviews (metadata repository, meta marts, etc.)

    Info-Tech’s Data Integration Framework

    On one hand…

    Data has massive potential to bring insight to an organization when combined and analyzed in creative ways.

    On the other hand…

    It is difficult to bring data together from different sources to generate insights and prevent stale data.

    How can these two ideas be reconciled?

    Answer: Info-Tech’s Data Integration Onion Framework summarizes an organization’s data environment at a conceptual level and is used to design a common data-centric integration environment.

    A diagram of the 'Data Integration Onion Framework' with five layers: 'Enterprise Business Processes', 'Enterprise Analytics', 'Enterprise Integration', 'Enterprise Data Repositories', and 'Enterprise Data' at the center.
    Info-Tech’s Data Integration Onion Framework
    Data-centric integration is the solution you need to bring data together to break down data silos.

    What is data integration and why is it needed?

    • To get more value from their information, organizations are relying on increasingly more complex data sources. These diverse data sources have to be properly integrated to unlock the full potential of that data.
    • Integrating large volumes of data from the many varied sources in an organization has incredible potential to yield insights, but many organizations struggle with creating the right structure for that blending to take place, and that leads to the formation of data silos.
    • Data-centric integration capabilities can break down organizational silos. Once data silos are removed and all the information that is relevant to a given problem is available, problems with operational and transactional efficiencies can be solved, and value from business intelligence (BI) and analytics can be fully realized.

    Is your integration near real time and scalable?

    Who:

    This research is designed for:

    • Data Engineers
    • Business Analysts
    • Data Architects
    • Head of Data Management
    • Enterprise Architects

    Info-Tech Insight

    Every IT project requires data integration. Any change in the application and database ecosystem requires you to solve a data integration problem.

    Info-Tech’s Master Data Management Framework

    Master data management (MDM) “entails control over Master Data values and identifiers that enable consistent use, across systems, of the most accurate and timely data about essential business entities” (DAMA, 2017).

    The Data Management Framework from earlier with tier 2 item 'Reference and Master' highlighted.

    Fundamental objective of MDM: Enable the business to see one view of critical data elements across the organization.

    Phases of the MDM Framework. 'Phase 1: Build a Vision for MDM' entails a 'Readiness Assessment', then both 'Identify the Master Data Needs of the Business' and 'Create a Strategic Vision'. 'Phase 2: Create a Plan and Roadmap for the Organization’s MDM Program' entails 'Assess Current MDM Capabilities', then 'Initiative Planning', then 'Strategic Roadmap'.

    What is MDM and why is it needed?

    • Master data management (MDM) “entails control over Master Data values and identifiers that enable consistent use, across systems, of the most accurate and timely data about essential business entities” (DAMA, 2017).
    • The fundamental objective of MDM is to enable the business to see one view of critical data elements across the organization.
    • What is included in the scope of MDM?
      • Party data (employees, customers, etc.)
      • Product/service data
      • Financial data
      • Location data

    Is there traceability and visibility into your data’s lineage? Does your data pipeline facilitate that single view across the organization?

    Who:

    This research is designed for:

    • Chief Data Officer (CDO)
    • Head of Data Management, CIO
    • Data Architect
    • Head of Data Governance, Data Officer

    Info-Tech Insight

    Successful MDM requires a comprehensive approach. To be successfully planned, implemented, and maintained it must include effective capabilities in the critical processes and subpractices of data management.

    Data Modeling Framework

    • The framework consists of the business, enterprise, application, and implementation layers.
    • The Business Layer encodes real-world business concepts via the conceptual model.
    • The Enterprise Layer defines all enterprise data asset details and their relationships.
    • The Application Layer defines the data structures as used by a specific application.
    • The Implementation Layer defines the data models and artifacts for use by software tools.
    Data Modeling Framework with items from the 'Implementation Layer' contributing to items in the 'Application Layer' and 'Enterprise Layer' before turning into a 'Conceptual Model' in the 'Business Layer'.

    Model hierarchy

    • The Conceptual data model describes the organization from a business perspective.
    • The Message model is used to describe internal- and external-facing messages and is equivalent to the canonical model.
    • The Enterprise model depicts the whole organization and is divided into domains.
    • The Analytical model is built for specific business use cases.
    • Application models are application-specific operational models.
    Model hierarchy with items from the 'Implementation Layer' contributing to items in the 'Application Layer' and 'Enterprise Layer' before turning into a 'Conceptual Model' in the 'Business Layer'.

    Info-Tech Insight

    The Conceptual model acts as the root of all the models required and used by an organization.

    Data architecture and modeling processes

    A diagram moving from right to left through 5 phases: 'Business concepts defined and organized', 'Business concepts enriched with attribution', 'Physical view of the data, still vendor agnostic', 'The view being used by developers and business', and 'Manage the progression of your data assets'.

    Info-Tech Insight

    The Conceptual data model adds relationships to your business data glossary terms and is the first step of the modeling journey.

    Data operations

    Objectives of Data Operations Management

    • Implement and follow policies and procedures to manage data at each stage of its lifecycle.
    • Maintain the technology supporting the flow and delivery of data (applications, databases, systems, etc.).
    • Control the delivery of data within the system environment.

    Indicators of Successful Data Operations Management

    • Effective delivery of data assets to end users.
    • Successful maintenance and performance of the technical environment that collects, stores, delivers, and purges organizational data.
    'Data Lifecycle' with steps 'Create', 'Acquire', 'Store', 'Maintain', 'Use', and 'Archive/Destroy'.
    This data management enabler has a heavy focus on the management and performance of data systems and applications.
    It works closely with the organization’s technical architecture to support successful data delivery and lifecycle management (data warehouses, repositories, databases, networks, etc.).

    Step 1.2

    Understand and Align to Business Drivers

    Activities

    1.2.1 Define your value streams

    1.2.2 Identify your business capabilities

    1.2.3 Categorize your organization’s key business capabilities

    1.2.4 Develop a strategy map tied to data management

    This step will guide you through the following activities:

    • Leverage your organization’s existing business capability map or initiate the formulation of a business capability map.
    • Determine which business capabilities are considered high priority by your organization.
    • Map your organization’s strategic objectives to value streams and capabilities to communicate how objectives are realized with the support of data.

    Outcomes of this step

    • A foundation for data management initiative planning that’s aligned with the organization’s business architecture: value streams, business capability map, and strategy map

    Build Business Context and Drivers

    Step 1.1 Step 1.2 Step 1.3 Step 1.4

    Identifying value streams

    Value streams connect business goals to organization’s value realization activities. They enable an organization to create and capture value in the marketplace by engaging in a set of interconnected activities.
    There are several key questions to ask when endeavouring to identify value streams.

    Key Questions

    • Who are your customers?
    • What are the benefits we deliver to them?
    • How do we deliver those benefits?
    • How does the customer receive the benefits?

    1.2.1 Define value streams

    1-3 hours

    Input: Business strategy/goals, Financial statements, Info-Tech’s industry-specific business architecture

    Output: List of organization-specific value streams, Detailed value stream definition(s)

    Materials: Whiteboard/kanban board, Info-Tech’s Reference Architecture Template – contact your Account Representative for details, Other industry standard reference architecture models: BIZBOK, APQC, etc., Info-Tech’s Archimate models

    Participants: Enterprise/Business Architect, Business Analysts, Business Unit Leads, CIO, Departmental Executive & Senior managers

    Unify the organization’s perspective on how it creates value.

    1. Write a short description of the value stream that includes a statement about the value provided and a clear start and end for the value stream. Validate the accuracy of the descriptions with your key stakeholders.
    2. Consider:
      • How does the organization deliver those benefits?
      • How does the customer receive the benefits?
      • What is the scope of your value stream? What will trigger the stream to start and what will the final value be?
    3. Avoid:
      • Don’t start with a blank page. Use Info-Tech’s business architecture models for sample value streams.

    Contact your Account Representative for access to Info-Tech’s Reference Architecture Template

    Define or validate the organization’s value streams

    Value streams connect business goals to the organization’s value realization activities. These value realization activities, in turn, depend on data.

    If the organization does not have a business architecture function to conduct and guide Activity 1.2.1, you can leverage the following approach:

    • Meet with key stakeholders regarding this topic, then discuss and document your findings.
    • When trying to identify the right stakeholders, consider: Who are the decision makers and key influencers? Who will impact this piece of business architecture–related work? Who has the relevant skills, competencies, experience, and knowledge about the organization?
    • Engage with these stakeholders to define and validate how the organization creates value. Consider:
      • Who are your main stakeholders? This will depend on the industry in which you operate. For example, they could be customers, residents, citizens, constituents, students, patients.
      • What are your stakeholders looking to accomplish?
      • How does your organization’s products and/or services help them accomplish that?
      • What are the benefits your organization delivers to them and how does your organization deliver those benefits?
      • How do your stakeholders receive those benefits?

    Align data management to the organization’s value realization activities.

    Value streams enable the organization to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

    Info-Tech Insight

    Your organization’s value streams and the associated business capabilities require effectively managed and governed data. Without this, you could face elevated operational costs, missed opportunities, eroded stakeholder satisfaction, negative impact to reputation and brand, and/or increased exposure to business risk.

    Example of value streams – Retail Banking

    Value streams connect business goals to the organization’s value realization activities.

    Example value stream descriptions for: Retail Banking

    Value streams enable the organization to create or capture value in the market in which it operates by engaging in a set of interconnected activities. Example Value Stream for Retail Banking with five value chains. 'Attract Customers: Retail banks design new products to fill gaps in their product portfolios by analyzing the market for changing customer needs and new competitor offerings or pricing; Pricing a product correctly through analysis and rate setting is a delicate balance and fundamental to a bank’s success.' 'Supply Loans and Mortgages and Credit Cards: Selecting lending criteria helps banks decide on the segment of customer they should take on and the degree of risk they are willing to accept.' 'Provide Core Banking Services: Servicing includes the day-to-day interactions with customers for onboarding, payments, adjustments, and offboarding through multiple banking channels; Customer retention and growing share of wallet are crucial capabilities in servicing that directly impact the growth and profitability of retail banks.' 'Offer Card Services: Card servicing involves quick turnarounds on card delivery and acceptance at a large number of merchants; Accurate billing and customizable spending alerts are crucial in ensuring that the customer understands their spending habits.' 'Grow Investments and Manage Wealth: Customer retention can be increased through effective wealth management and additional services that will increase the number of products owned by a customer.'

    For this value stream, download Info-Tech’s Industry Reference Architecture for Retail Banking.

    Example of value streams – Higher Education

    Value streams connect business goals to the organization’s value realization activities.

    Example value stream descriptions for: Higher Education

    Value streams enable the organization to create or capture value in the market in which it operates by engaging in a set of interconnected activities. Example Value Stream for Higher Education with five value chains. 'Shape Institutional Research: Institutional research provides direct benefits to both partners and faculty, ensuring efficient use of resources and compliance with ethical and methodological standards; This value stream involves all components of the research lifecycle, from planning and resourcing to delivery and commercialization.' 'Facilitate Curriculum Design: Curriculum design is the process by which learning content is designed and developed to achieve desired student outcomes; Curriculum management capabilities include curriculum planning, design and commercialization, curriculum assessment, and instruction management.' 'Design Student Support Services: Support services design and development provides a range of resources to assist students with academic success, such as accessibility, health and counseling, social services, housing, and academic skills development.' 'Manage Academic Administration: Academic administration involves the broad capabilities required to attract and enroll students in institutional programs; This value stream involves all components related to recruitment, enrollment, admissions, and retention management.' 'Deliver Student Services: Delivery of student services comes after curricular management, support services design, and academic administration. It comprises delivery of programs and services to enable student success; Program and service delivery capabilities include curriculum delivery, convocation management, and student and alumni support services.'

    For this value stream, download Info-Tech’s Industry Reference Architecture for Higher Education.

    Example of value streams – Local Government

    Value streams connect business goals to the organization’s value realization activities.

    Example value stream descriptions for: Local Government

    Value streams enable the organization to create or capture value in the market in which it operates by engaging in a set of interconnected activities. Example Value Stream for Local Government with five value chains. 'Sustain Land, Property, and the Environment: Local governments act as the stewards of the regional land and environment that are within their boundaries; Regional government bodies are responsible for ensuring that the natural environment is protected and sustained for future citizens in the form of parks and public land.' 'Facilitate Civic Engagement: Local governments engage with constituents to maintain a high quality of life through art, culture, and education.' 'Protect Local Health and Safety: Health concerns are managed by a local government through specialized campaigns and clinics; Emergency services are provided by the local authority to protect and react to health and safety concerns including police and firefighting services.' 'Grow the Economy: Economic growth is a cornerstone of a strong local government. Growth comes from flourishing industries, entrepreneurial success, high levels of employment, and income from tourism.' 'Provide Regional Infrastructure: Local governments ensure that infrastructure is built, maintained, and effective in meeting the needs of constituents. (Includes: electricity, water, sustainable energy sources, waste collection, transit, and local transportation.'

    For this value stream, download Info-Tech’s Industry Reference Architecture for Local Government.

    Example of value streams – Manufacturing

    Value streams connect business goals to the organization’s value realization activities.

    Example value stream descriptions for: Manufacturing

    Value streams enable the organization to create or capture value in the market in which it operates by engaging in a set of interconnected activities. Example Value Stream for Manufacturing with three value chains. 'Design Product: Manufacturers proactively analyze their respective markets for any new opportunities or threats; They design new products to serve changing customer needs or to rival any new offerings by competitors; A manufacturer’s success depends on its ability to develop a product that the market wants at the right price and quality level.' 'Produce Product: Optimizing production activities is an important capability for manufacturers. Raw materials and working inventories need to be managed effectively to minimize wastage and maximize the utilization of the production lines; Processes need to be refined continuously over time to remain competitive and the quality of the materials and final products needs to be strictly managed.' 'Sell Product: Once produced, manufacturers need to sell the products. This is done through distributors, retailers, and, in some cases, directly to the end consumer; After the sale, manufacturers typically have to deliver the product, provide customer care, and manage complaints; Manufacturers also randomly test their end products to ensure they meet quality requirements.'

    For this value stream, download Info-Tech’s Industry Reference Architecture for Manufacturing.

    Define the organization’s business capabilities in a business capability map

    A business capability defines what a business does to enable value creation. Business capabilities represent stable business functions and typically will have a defined business outcome.

    Business capabilities can be thought of as business terms defined using descriptive nouns such as “Marketing” or “Research and Development.”

    If your organization doesn’t already have a business capability map, you can leverage the following approach to build one. This initiative requires a good understanding of the business. By working with the right stakeholders, you can develop a business capability map that speaks a common language and accurately depicts your business.

    Working with the stakeholders as described in the slide entitled “Define or validate the organization’s value streams”:

    • Analyze the value streams to identify and describe the organization’s capabilities that support them.
    • Consider the objective of your value stream. (This can highlight which capabilities support which value stream.)
    • As you initiate your engagement with your stakeholders, don’t start a blank page. Leverage the examples on the next slides as a starting point for your business capability map.
    • When using these examples, consider: What are the activities that make up your particular business? Keep the ones that apply to your organization, remove the ones that don’t, and add any needed.

    Align data management to the organization’s value realization activities.

    Info-Tech Insight

    A business capability map can be thought of as a visual representation of your organization’s business capabilities and hence represents a view of what your data management program must support.

    For more information, refer to Info-Tech’s Document Your Business Architecture.

    1.2.2 Identify your business capabilities

    Input: List of confirmed value streams and their related business capabilities

    Output: Business capability map with value streams for your organization

    Materials: Your existing business capability map, Business Alignment worksheet provided in the Data Management Assessment and Planning Tool, Info-Tech’s Document Your Business Architecture blueprint

    Participants: Key business stakeholders, Data stewards, Data custodians, Data leads and administrators

    Confirm your organization's existing business capability map or initiate the formulation of a business capability map:

    • If you have an existing business capability map, meet with the relevant business owners/stakeholders to confirm that the content is accurate and up to date. Confirm the value streams (how your organization creates and captures value) and their business capabilities reflect the organization’s current business environment.
    • If you do not have an existing business capability map, complete this activity to initiate the formulation of a map (value streams and related business capabilities):
      1. Define the organization’s value streams. Meet with senior leadership and other key business stakeholders to define how your organization creates and captures value.
      2. Define the relevant business capabilities. Meet with senior leadership and other key business stakeholders to define the business capabilities.

    Note: A business capability defines what a business does to enable value creation. Business capabilities are business terms defined using nouns such as “Marketing” or “Research and Development.” They represent stable business functions, are unique and independent of one another, and typically will have a defined business outcome.

    Example business capability map – Retail Banking

    A business capability map can be thought of as a visual representation of your organization’s business capabilities and hence represents a view of what your data governance program must support.

    Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

    Info-Tech Tip: Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realization capabilities under discussion. This will help to build awareness and visibility of the data management program.

    Example business capability map for: Retail Banking

    Example business capability map for Retail Banking with value stream items as column headers, and rows 'Enabling', 'Shared', and 'Defining'.

    For this business capability map, download Info-Tech’s Industry Reference Architecture for Retail Banking.

    Example business capability map – Higher Education

    A business capability map can be thought of as a visual representation of your organization’s business capabilities and hence represents a view of what your data governance program must support.

    Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

    Info-Tech Tip: Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realization capabilities under discussion. This will help to build awareness and visibility of the data management program.

    Example business capability map for: Higher Education

    Example business capability map for Higher Education with value stream items as column headers, and rows 'Enabling', 'Shared', and 'Defining'.

    For this business capability map, download Info-Tech’s Industry Reference Architecture for Higher Education.

    Example business capability map – Local Government

    A business capability map can be thought of as a visual representation of your organization’s business capabilities and hence represents a view of what your data governance program must support.

    Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

    Info-Tech Tip: Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realization capabilities under discussion. This will help to build awareness and visibility of the data governance program.

    Example business capability map for: Local Government

    Example business capability map for Local Government with value stream items as column headers, and rows 'Enabling', 'Shared', and 'Defining'.

    For this business capability map, download Info-Tech’s Industry Reference Architecture for Local Government.

    Example business capability map – Manufacturing

    A business capability map can be thought of as a visual representation of your organization’s business capabilities and hence represents a view of what your data governance program must support.

    Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

    Info-Tech Tip: Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realization capabilities under discussion. This will help to build awareness and visibility of the data governance program.

    Example business capability map for: Manufacturing

    Example business capability map for Manufacturing with value stream items as column headers, and rows 'Enabling', 'Shared', and 'Defining'.

    For this business capability map, download Info-Tech’s Industry Reference Architecture for Manufacturing.

    Example business capability map – Retail

    A business capability map can be thought of as a visual representation of your organization’s business capabilities and hence represents a view of what your data governance program must support.

    Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

    Info-Tech Tip: Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realization capabilities under discussion. This will help to build awareness and visibility of the data governance program.

    Example business capability map for: Retail

    Example business capability map for Retail with value stream items as column headers, and rows 'Enabling', 'Shared', and 'Defining'.

    For this business capability map, download Info-Tech’s Industry Reference Architecture for Retail.

    1.2.3 Categorize your organization’s key capabilities

    Input: Strategic insight from senior business stakeholders on the business capabilities that drive value for the organization

    Output: Business capabilities categorized and prioritized (e.g. cost advantage creators, competitive advantage differentiators, high value/high risk) See next slide for an example

    Materials: Your existing business capability map or the business capability map derived in Activity 1.2.2

    Participants: Key business stakeholders, Data stewards, Data custodians, Data governance working group

    Determine which capabilities are considered high priority in your organization.

    1. Categorize or heatmap the organization’s key capabilities. Consult with senior and other key business stakeholders to categorize and prioritize the business’ capabilities. This will aid in ensuring your data governance future-state planning is aligned with the mandate of the business. One approach to prioritizing capabilities with business stakeholders is to examine them through the lens of cost advantage creators, competitive advantage differentiators, and/or by high value/high risk.
    2. Identify cost advantage creators. Focus on capabilities that drive a cost advantage for your organization. Highlight these capabilities and prioritize programs that support them.
    3. Identify competitive advantage differentiators. Focus on capabilities that give your organization an edge over rivals or other players in your industry.

    This categorization/prioritization exercise helps highlight prime areas of opportunity for building use cases, determining prioritization, and the overall optimization of data and data governance.

    For more information, refer to Info-Tech’s Document Your Business Architecture.

    Example of business capabilities categorization or heatmapping – Retail

    This exercise is useful in ensuring the data governance program is focused and aligned to support the priorities and direction of the business.

    • Depending on the mandate from the business, priority may be on developing cost advantage. Hence the capabilities that deliver efficiency gains are the ones considered to be cost advantage creators.
    • The business’ priority may be on maintaining or gaining a competitive advantage over its industry counterparts. Differentiation might be achieved in delivering unique or enhanced products, services, and/or experiences, and the focus will tend to be on the capabilities that are more end-stakeholder-facing (e.g. customer-, student-, patient,- and/or constituent-facing). These are the organization’s competitive advantage creators.

    Example: Retail

    Example business capability map for Retail with capabilities categorized into Cost Advantage Creators and Competitive Advantage creators via a legend. Value stream items as column headers, and rows 'Enabling', 'Shared', and 'Defining'.

    For this business capability map, download Info-Tech’s Industry Reference Architecture for Retail.

    1.2.4 Develop a strategy map tied to data management

    Input: Strategic objectives as outlined by the organization’s business strategy and confirmed by senior leaders

    Output: A strategy map that maps your organizational strategic objectives to value streams, business capabilities, and ultimately data programs

    Materials: Your existing business capability map or the one created in Activity 1.2.2, Business strategy (see next slide for an example)

    Participants: Key business stakeholders, Data stewards, Data custodians, Data governance working group

    Identify the strategic objectives for the business. Knowing the key strategic objectives will drive business–data governance alignment. It’s important to make sure the right strategic objectives of the organization have been identified and are well understood.

    1. Meet with senior business leaders and other relevant stakeholders to help identify and document the key strategic objectives for the business.
    2. Leverage their knowledge of the organization’s business strategy and strategic priorities to visually represent how these map to value streams, business capabilities, and ultimately data and data governance needs and initiatives. Tip: Your map is one way to visually communicate and link the business strategy to other levels of the organization.
    3. Confirm the strategy mapping with other relevant stakeholders.

    Example of a strategy map tied to data management

    • Strategic objectives are the outcomes the organization is looking to achieve.
    • Value streams enable an organization to create and capture value in the market through interconnected activities that support strategic objectives.
    • Business capabilities define what a business does to enable value creation in value streams.
    • Data capabilities and initiatives are descriptions of action items on the data and data governance roadmap that will enable one or multiple business capabilities in its desired target state.

    Info-Tech Tip: Start with the strategic objectives, then map the value streams that will ultimately drive them. Next, link the key capabilities that enable each value stream. Then map the data and data governance initiatives that support those capabilities. This process will help you prioritize the data initiatives that deliver the most value to the organization.

    Example: Retail

    Example of a strategy map tied to data management with diagram column headers 'Strategic Objectives' (are realized through...) 'Value Streams' (are enabled by...) 'Key Capabilities' (are driven by...) 'Data Capabilities and Initiatives'. Row headers are objectives and fields are composed of three examples of each column header.

    For this strategy map, download Info-Tech’s Industry Reference Architecture for Retail.

    Step 1.3

    Build High-Value Use Cases for Data Management

    Activities

    1.3.1 Build high-value use cases

    This step will guide you through the following activities:

    • Understand the main disciplines and makeup of a best-practice data management program.
    • Determine which data management capabilities are considered high priority by your organization.

    Outcomes of this step

    • A foundation for data management initiative planning that’s aligned with the organization’s business architecture: value streams, business capability map, and strategy map

    Build Business Context and Drivers

    Step 1.1 Step 1.2 Step 1.3 Step 1.4

    1.3.1 Build high-value use cases

    Input: Value streams and business capabilities as defined by business leaders, Business stakeholders’ subject area expertise, Data custodian systems, integration, and data knowledge

    Output: Use cases that articulate data-related challenges, needs, or opportunities that are tied to defined business capabilities and hence, if addressed, will deliver measurable value to the organization

    Materials: Your business capability map from Activity 1.2.2, Info-Tech’s Data Use Case Framework Template, Whiteboard or flip charts (or shared screen if working remotely), Markers/pens

    Participants: Key business stakeholders, Data stewards and business SMEs, Data custodians, Data leads and administrators

    This business needs gathering activity will highlight and create relevant use cases around data-related problems or opportunities that are clear and contained and, if addressed, will deliver value to the organization.

    1. Bring together key business stakeholders (data owner, stewards, SMEs) from a particular line of business as well the relevant data custodian(s) to build cases for their units. Leverage the business capability map you created for facilitating this act.
    2. Leverage Info-Tech’s Data Use Case Framework Template as seen on the next slide.
    3. Have the stakeholders move through each breakout session outlined in the use case worksheet. Use flip charts or a whiteboard to brainstorm and document their thoughts.
    4. Debrief and document results in the Data Use Case Framework Template.
    5. Repeat this exercise with as many lines of the business as possible, leveraging your business capability map to guide your progress and align with business value.

    Tip: Don’t conclude these use case discussions without substantiating what measures of success will be used to demonstrate the business value of the effort to produce the desired future state, as relevant to each particular use case.

    Download Info-Tech’s Data Use Case Framework Template

    Data use cases

    Sample Data

    The following is the list of use cases as articulated by key stakeholders at [Organization Name].

    The stakeholders see these as areas that are relevant and highly valuable for delivering strategic value to [Organization Name].

    Use Case 1: Customer/Student/Patient/Resident 360 View

    Use Case 2: Project/Department Financial Performance

    Use Case 3: Vendor Lifecycle Management

    Use Case 4: Project Risk Management

    Prioritization of use cases

    Example table for use case prioritization. Column headers are 'Use Case', 'Order of Priority', and 'Comments'. Fields are empty.

    Use case 1

    Sample Data

    Problem statement:

    • We are not realizing our full growth potential because we do not have a unified 360 view of our customers/clients/[name of external stakeholder].
    • This impacts: our cross-selling; upselling; talent acquisition and retention; quality of delivery; ability to identify and deliver the right products, markets, and services...

    If we could solve this:

    • We would be able to better prioritize and position ourselves to meet evolving customer needs.
    • We would be able to optimize the use of our limited resources.

    Use case 1: challenges, risks, and opportunities

    Sample Data

    1. What is the number one risk you need to alleviate?
      • Loss of potential revenue, whether from existing or net new customers.
        • How?
          • By not maximizing opportunities with customers or even by losing customers; by not understanding or addressing their greatest needs
          • By not being able to win potential new customers because we don’t understand their needs
    2. What is the number one opportunity you wish to see happen?
      • The ability to better understand and anticipate the needs of both existing and potential customers.
    3. What is the number one pain point you have when working with data?
      • I can’t do my job with confidence because it’s not based on comprehensive, sound, reliable data. My group spends significant time reconciling data sets with little time left for data use and analysis.
    4. What are your challenges in performing the activity today?
      • I cannot pull together customer data in a timely manner due to having a high level of dependence on specific individuals with institutional knowledge rather than having easy access to information.
      • It takes too much time and effort to pull together what we know about a customer.
      • The necessary data is not consolidated or readily/systematically available for consumption.
      • These challenges are heightened when dealing with customers across markets.

    Use case 1 (cont'd)

    Sample Data

    1. What does “amazing” look like if we solve this perfectly?
      • Employees have immediate, self-service access to necessary information, leading to better and more timely decisions. This results in stronger business and financial growth.
    2. What other business unit activities/processes will be impacted/improved if we solve this?
      • Marketing/bid and proposal, staffing, procurement, and contracting strategy
    3. What compliance/regulatory/policy concerns do we need to consider in any solution?
      • PII, GDPR, HIPAA, CCPA, etc.
    4. What measures of success/change should we use to prove the value of the effort (KPIs/ROI)?
      • Win rate, number of services per customer, gross profit, customer retention, customer satisfaction scores, brand awareness, and net promoter score
    5. What are the steps in the process/activity today?
      • Manual aggregation (i.e. pull data from systems into Excel), reliance on unwritten knowledge, seeking IT support, canned reports

    Use case 1 (cont'd)

    Sample Data

    1. What are the applications/systems used at each step?
      • Salesforce CRM, Excel, personal MS Access databases, SharePoint
    2. What data elements (domains) are involved, created, used, or transformed at each step?
      • Bid and proposal information, customer satisfaction, forecast data, list of products, corporate entity hierarchy, vendor information, key staffing, recent and relevant news, and competitor intelligence

    Use case worksheet

    Objective: This business needs gathering activity will help you highlight and create relevant use cases around data-related problems or opportunities. They should be clear and contained and, if addressed, will deliver value to the organization.

    1.

    What business capability (or capabilities) in your business area is this use case tied to?

    Examples: Demand Planning, Assortment Planning, Allocation & Replenishment, Fulfillment Planning, Customer Management
    2.

    What are your data-related challenges in performing this today?

    Use case worksheet (cont’d.)

    Objective: This business needs gathering activity will help you highlight and create relevant use cases around data-related problems or opportunities. They should be clear and contained and, if addressed, will deliver value to the organization.

    3.

    What are the steps in the process/activity today?

    4.

    What are the applications/systems used at each step today?

    5.

    What data domains are involved, created, used, or transformed at each step today?

    Use case worksheet (cont’d.)

    Objective: This business needs gathering activity will help you highlight and create relevant use cases around data-related problems or opportunities. They should be clear and contained and, if addressed, will deliver value to the organization.

    6.

    What does an ideal or improved state look like?

    7.

    What other business units, business capabilities, activities, or processes will be impacted and/or improved if this were to be solved?

    8.

    Who are the stakeholders impacted by these changes? Who needs to be consulted?

    9.

    What are the risks to the organization (business capability, revenue, reputation, customer loyalty, etc.) if this is not addressed?

    Use case worksheet (cont’d.)

    Objective: This business needs gathering activity will help you highlight and create relevant use cases around data-related problems or opportunities. They should be clear and contained and, if addressed, will deliver value to the organization.

    10.

    What compliance, regulatory, or policy concerns do we need to consider in any solution?

    11.

    What measures of success or change should we use to prove the value of the effort (KPIs/ROI)? What is the measurable business value of doing this?

    Use case worksheet (cont’d.)

    Objective: This business needs gathering activity will help you highlight and create relevant use cases around data-related problems or opportunities. They should be clear and contained and, if addressed, will deliver value to the organization.

    10.

    Conclusion: What are the data capabilities that need to be optimized, addressed, or improved to support or help realize the business capability (or capabilities) highlighted in this use case?

    (Tip: This will inform your future-state data capabilities optimization planning and roadmapping activities.)

    Data Management Workshop
    Use Case 1: Covid-19 Emergency Management

    [SAMPLE]

    Problem Statement

    Inability to provide insights to DPH due to inconsistent data, inaccurate reporting, missing governance, and unknown data sources resulting in decisions that impact citizens being made without accurate information.

    Challenges
    • Data is not suitable for analytics. It takes lot of effort to clean data.
    • Data intervals are not correct and other data quality issues.
    • The roles are not clearly defined.
    • Lack of communication between key stakeholders.
    • Inconsistent data/reporting/governance in the agencies. This has resulted in number of issues for Covid-19 emergency management. Not able to report accurately on number of cases, deaths, etc.
    • Data collection systems changed overtime (forms, etc.).
    • GIS has done all the reporting. However, why GIS is doing all the reporting is not clear. GIS provides critical information for location. Reason: GIS was ready with reporting solution ArcGIS.
    • Problem with data collection, consolidation, and providing hierarchical view.
    • Change in requirements, metrics – managing crisis by email and resulting in creating one dashboard after another. Not sure whether these dashboards being used.
    • There is a lot of manual intervention and repeated work.
    What Does Amazing Look Like?
    • One set of dashboards (or single dashboard) – too much time spend on measure development
    • Accurate and timely data
    • Automated data
    • Access to granular data (for researchers and other stakeholders)
    • Clear ownership of data and analytics
    • It would have been nice to have governance already prior to this crisis
    • Proper metrics to measure usage and value
    • Give more capabilities such as predictive analytics, etc.
    Related Processes/Impact
    • DPH
    • Schools
    • Business
    • Citizens
    • Resources & Funding
    • Data Integration & GIS
    • Data Management
    • Automated Data Quality
    Compliance
    • HIPAA, FERPA, CJIS, IRS
    • FEMA
    • State compliance requirement – data classification
    • CDC
    • Federal data-sharing agreements/restrictions
    Benefits/KPIs
    • Reduction in cases
    • Timely response to outbreak
    • Better use of resources
    • Economic impact
    • Educational benefits
    • Trust and satisfaction

    Data Management Workshop
    Use Case 1: Covid-19 Emergency Management

    [SAMPLE]

    Problem Statement

    Inability to provide insights to DPH due to inconsistent data, inaccurate reporting, missing governance, and unknown data sources resulting in decisions that impact citizens being made without accurate information.

    Current Steps in Process Activity (Systems)
    1. Collect data through Survey123 using ArcGIS (hospitals are managed to report by 11 am) – owned KYEM
    2. KYEM stores this information/data
    3. Deduplicate data (emergency preparedness group)
    4. Generate dashboard using ArcGIS
    5. Map to monitor status of the update
    6. Error correction using web portal (QAQC)
    7. Download Excel/CVS after all 97 hospital reports
    8. Sent to federal platform (White House, etc.)
    9. Generate reports for epidemiologist (done manually for public reporting)
    Data Flow diagram

    Data flow diagram.

    SystemsData Management Dimensions
    1. Data Governance
    2. Data Quality
    3. Data Integrity
    4. Data Integration
    1. Data Architecture
    2. Metadata
    3. Data Warehouse, Reporting & Analytics
    4. Data Security

    Data Management Workshop
    Use Case 1: Covid-19 Emergency Management

    [SAMPLE]

    Problem Statement

    Inability to provide insights to DPH due to inconsistent data, inaccurate reporting, missing governance, and unknown data sources resulting in decisions that impact citizens being made without accurate information.

    List Future Process Steps

    Prior to COVID-19 Emergency Response:

    • ArcGIS data integrated available in data warehouse/data lake.
    • KYEM data integrated and available in data warehouse/data lake.
    • CHFS data integrated and available in data warehouse/data lake.
    • Reporting standards and tools framework established.

    After COVID-19 Emergency Response:

    • Collect data through Survey123 using ArcGIS (hospitals are managed to report by 11 am) – owned KYEM.
    • Error correction using web portal (QAQC).
    • Generate reports/dashboard/files as per reporting/analytical requirements:
      • Federal reporting
      • COVID dashboards
      • Epidemiologist reports
      • Lab reporting
    Future Process and Data Flow

    Data flow diagram with future processes.

    Step 1.4

    Create a Vision and Guiding Principles for Data Management

    Activities

    1.4.1 Craft a vision

    1.4.2 Create guiding principles

    This step will guide you through the following activities:

    • Leverage your organization’s existing business capability map or initiate the formulation of a business capability map, guided by info-Tech’s approach.
    • Determine which business capabilities are considered high priority by your organization.
    • Map your organization’s strategic objectives to value streams and capabilities to communicate how objectives are realized with the support of data.

    Outcomes of this step

    • A foundation for data management initiative planning that’s aligned with the organization’s business architecture: value streams, business capability map, and strategy map

    Build Business Context and Drivers

    Step 1.1 Step 1.2 Step 1.3 Step 1.4

    1.4.1 Craft a vision

    Input: Organizational vision and mission statements, Stakeholder survey results and elicitation findings, Use cases, Business and data capability map

    Output: Vision and mission statements

    Materials: Markers and pens, Whiteboard, Online whiteboard, Vision samples and templates

    Participants: Key business stakeholders, Data managers, Data owners, Business leads and SMEs, Project team, Project sponsor

    Complete the vision statement to set the direction, the “why,” for the changes we’re making. The vision is a reference point that should galvanize everyone in the organization and set guardrails for technical and process decisions to follow.

    1. Bring together key business stakeholders (content owners, SMEs, and relevant IT custodians) to craft a data management vision statement.
    2. Start by brainstorming keywords, such as customer-focused, empower the business, service excellence, findable and manageable, protected, accessible, paperless.
    3. Highlight the keywords that resonate most with the group. Refer to example vision statements for ideas.

    Create a common data management vision that is consistently communicated to the organization

    A data management program should be an enterprise-wide initiative.

    • To create a strong vision for data management, there must be participation from the business and IT. A common vision will articulate the state the organization wishes to achieve and how it will reach that state. Visioning helps to develop long-term goals and direction.
    • Once the vision is established, it must be effectively communicated to everyone, especially those who are involved in creating, managing, disposing, or archiving data.
    • The data management program should be periodically refined. This will ensure the organization continues to incorporate best methods and practices as the organization grows and data needs evolve.
    Stock image of a megaphone with multiple icons pouring from its opening.

    Info-Tech Tips

    • Use information from the stakeholder interviews to derive business goals and objectives.
    • Work to integrate different opinions and perspectives into the overall vision for data management.
    • Brainstorm guiding principles for content and understand the overall value to the organization.

    Create compelling vision and mission statements for the organization’s future data management practice

    A vision represents the way your organization intends to be in the future.

    A clear vision statement helps align the entire organization to the same end goal.

    Your vision should be brief, concise, and inspirational; it is attempting to say a lot in a few words, so be very thoughtful and careful with the words you choose. Consider your strengths across departments – business and IT, the consumers of your services, and your current/future commitments to service quality.

    Remember that a vision statement is internally facing for other members of your company throughout the process.

    A mission expresses why you exist.

    While your vision is a declaration of where your organization aspires to be in the future, your mission statement should communicate the fundamental purpose of the data management practice.

    It identifies the function of the practice, what it produces, and its high-level goals that are linked to delivering timely, high-quality, relevant, and valuable data to business processes and end users. Consider if the practice is responsible for providing data for analytical and/or operational use cases.

    A mission statement should be a concise and clear statement of purpose for both internal and external stakeholders.

    “The Vision is the What, Where or Who you want the company to become. The Mission is the WHY the company exists, it is your purpose, passion or cause.” (Doug Meyer-Cuno, Forbes, 2021)

    Data Management Vision and Mission Statements: Draft

    Vision and mission statements crafted by the workshop participants. These statements are to be reviewed, refined into a single version, approved by members of the senior leadership team, and then communicated to the wider organization.

    Corporate

    Group 1

    Group 2

    Vision:
    Create and maintain an institution of world-class excellence.
    Vision: Vision:
    Mission:
    Foster an economic and financial environment conducive to sustainable economic growth and development.
    Mission: Mission:

    Information management framework

    The information management framework is a way to organize all the ECM program’s guidelines and artifacts

    Information management framework with 'Information Management Vision' above six principles. Below them are 'Information Management Policies' and 'Information Management Standards and Procedures.'

    The vision is a statement about the organization’s goals and provides a basis to guide decisions and rally employees toward a shared goal.

    The principles or themes communicate the organization’s priorities for its information management program.

    Policies are a set of official guidelines that determine a course of action. For example: Company is committed to safety for its employees.

    Procedures are a set of actions for doing something. For example: Company employees will wear protective gear while on the production floor.

    Craft your vision

    Use the insights you gathered from users and stakeholders to develop a vision statement
    • The beginning of a data management practice is a clear set of goals and key performance indicators (KPIs).
      A good set of goals takes time and input from senior leadership and stakeholders.
    • The data management program lead is selling a compelling vision of what is possible.
    • The vision also helps set the scope and expectations about what the data management program lead is and is not doing.
    • Be realistic about what you can do and how long it will take to see a difference.
    Table comparing the talk (mission statements, vision statements, and values) with the walk (strategies/goals, objectives, and tactical plans). Example vision statements:
    • The organization is dedicated to creating an enabling structure that helps the organization get the right information to the right people at the right time.
    • The organization is dedicated to creating a program that recognizes data as an asset, establishing a data-centric culture, and ensuring data quality and accessibility to achieve service excellence.
    The vision should be short, memorable, inspirational and draw a clear picture of what that future-state data management experience looks like.

    Is it modern and high end, with digital self-service?

    Is it a trusted and transparent steward of customer assets?

    1.4.2 Create guiding principles

    Input: Sample data management guiding principles, Stakeholder survey results and elicitation findings, Use cases, Business and data capability map

    Output: Data management guiding principles

    Materials: Markers and pens, Whiteboard, Online whiteboard, Guiding principles samples and templates

    Participants: Key business stakeholders, Data managers, Data owners, Business leads and SMEs, Project team, Project sponsor

    Draft a set of guiding principles that express your program’s values as a framework for decisions and actions and keep the data strategy alive.

    1. Bring together key business stakeholders (data owners, SMEs, and relevant IT custodians) to craft a set of data management guiding principles.
    2. Refer to industry sample guiding principles for data management.
    3. Discuss what’s important to stakeholders and owners, e.g. security, transparency, integrity. Good guiding principles address real challenges.
    4. A helpful tip: Craft principles as “We will…” statements for the problems you’ve identified.

    Twelve data management universal principles

    [SAMPLE]
    Principle Definitions
    Data Is Accessible Data is accessible across the organization based on individuals’ roles and privileges.
    Treat Data as an Asset Treat data as a most valuable foundation to make right decisions at the right time. Manage the data lifecycle across organization.
    Manage Data Define strategic enterprise data management that defines, integrates, and effectively retrieves data to generate accurate, consistent insights.
    Define Ownership & Stewardship Organizations should clearly appoint data owners and data stewards and ensure all team members understand their role in the company’s data management system.
    Use Metadata Use metadata to ensure data is properly managed by tacking how data has been collected, verified, reported, and analyzed.
    Single Source of Truth Ensure the master data maintenance across the organization.
    Ensure Data Quality Ensure data integrity though out the lifecycle of data by establishing a data quality management program.
    Data Is Secured Classify and maintain the sensitivity of the data.
    Maximize Data Use Extend the organization’s ability to make the most of its data.
    Empower the Users Foster data fluency and technical proficiency through training to maximize optimal business decision making.
    Share the Knowledge Share and publish the most valuable insights appropriately.
    Consistent Data Definitions Establish a business data glossary that defines consistent business definitions and usage of the data.

    Create a Data Management Roadmap

    Phase 2

    Assess Data Management and Build Your Roadmap

    Phase 1

    1.1 Review the Data Management Framework

    1.2 Understand and Align to Business Drivers

    1.3 Build High-Value Use Cases

    1.4 Create a Vision

    Phase 2

    2.1 Assess Data Management

    2.2 Build Your Data Management Roadmap

    2.3 Organize Business Data Domains

    This phase will walk you through the following activities:

    • Understand your current data management capabilities.
    • Define target-state capabilities required to achieve business goals and enable the data strategy.
    • Identify priority initiatives and planning timelines for data management improvements.

    This phase involves the following participants:

    • Data Management Lead/Information Management Lead, CDO, Data Lead
    • Senior Business Leaders
    • Business SMEs
    • Data owners, records managers, regulatory subject matter experts (e.g. legal counsel, security)

    Step 2.1

    Assess Your Data Management Capabilities

    Activities

    2.1.1 Define current state of data management capabilities

    2.1.2 Set target state and identify gaps

    This step will guide you through the following activities:

    • Assess the current state of your data management capabilities.
    • Define target-state capabilities required to achieve business goals and enable the data strategy.
    • Identify gaps and prioritize focus areas for improvement.

    Outcomes of this step

    • A prioritized set of improvement areas aligned with business value stream and drivers

    Assess Data Management and Build Your Roadmap

    Step 2.1 Step 2.2 Step 2.3

    Define current state

    The Data Management Assessment and Planning Tool will help you analyze your organization’s data requirements, identify data management strategies, and systematically develop a plan for your target data management practice.
    • Based on Info-Tech’s Data Management Framework, evaluate the current-state performance levels for your organization’s data management practice.
    • Use the CMMI maturity index to assign values 1 to 5 for each capability and enabler.

    A visualization of stairs numbered up from the bottom. Main headlines of each step are 'Initial and Reactive', 'Managed while developing DG capabilities', 'Defined DG capabilities', 'Quantitatively Managed by DG capabilities', and 'Optimized'.

    Sample of the 'Data Management Current State Assessment' form the Data Management Assessment and Planning Tool.

    2.1.1 Define current state

    Input: Stakeholder survey results and elicitation findings, Use cases, Business and data management capability map

    Output: Current-state data management capabilities

    Materials: Data Management Assessment and Planning Tool

    Participants: Key business stakeholders, Business leads and SMEs, Project team, Project sponsor, Data leads, Data custodians

    Assign a maturity level value from 1 to 5 for each question in the assessment tool, organized into capabilities, e.g. Data Governance, Data Quality, Risk.

    1. Bring together key business stakeholders (data owners, SMEs, and relevant IT custodians) to assign current-state maturity levels in each question of the worksheet.
    2. Remember that there is more distance between levels 4 and 5 than there is between 1 and 2 – the distance between levels is not even throughout.
    3. To help assign values, think of the higher levels as representing cross-enterprise standardization, monitored for continuous improvement, formalized and standardized, while the lower levels mean applied within individual units, not formalized or tracked for performance.
    4. In tab 4, “Current State Assessment,” populate a current-state value for each item in the Data Management Capabilities worksheet.
    5. Once you’ve entered values in tab 4, a visual and summary report of the results will be generated on tab 5, “Current State Results.”

    2.1.2 Set target state and identify gaps

    Input: Stakeholder survey results and elicitation findings, Use cases, Business and data management capability map to identify priorities

    Output: Target-state data management capabilities, Gaps identification and analysis

    Materials: Data Management Assessment and Planning Tool

    Participants: Key business stakeholders, Business leads and SMEs, Project team, Project sponsor, Data leads, Data custodians

    Assign a maturity level value from 1 to 5 for each question in the assessment tool, organized into capabilities, e.g., Data Governance, Data Quality, Risk.

    1. Bring together key business stakeholders (data owners, SMEs, and relevant IT custodians) to assign target-state maturity levels in each question of the worksheet.
    2. Remember that there is more distance between levels 4 and 5 than there is between 1 and 2 – the distance between levels is not even throughout.
    3. To help assign values, think of the higher levels as representing cross-enterprise standardization, monitored for continuous improvement, formalized and standardized, while the lower levels mean applied within individual units, not formalized or tracked for performance.
    4. In tab 6, “Target State & Gap Analysis,” enter maturity values in each item of the Capabilities worksheet in the Target State column.
    5. Once you’ve assigned both target-state and current-state values, the tool will generate a gap analysis chart on tab 7, “Gap Analysis Results,” where you can start to decide first- and second-line priorities.

    Step 2.2

    Build Your Data Management Roadmap

    Activities

    2.2.1 Describe gaps

    2.2.2 Define gap initiatives

    2.2.2 Build a data management roadmap

    This step will guide you through the following activities:

    • Identify and understand data management gaps.
    • Develop data management improvement initiatives.
    • Build a data management–prioritized roadmap.

    Outcomes of this step

    • A foundation for data management initiative planning that’s aligned with the organization’s business architecture: value streams, business capability map, and strategy map

    Assess Data Management and Build Your Roadmap

    Step 2.1 Step 2.2 Step 2.3

    2.2.1 Describe gaps

    Input: Target-state maturity level

    Output: Detail and context about gaps to lead planners to specific initiatives

    Materials: Data Management Assessment and Planning Tool

    Participants: Key business stakeholders, Business leads and SMEs, Project team, Project sponsor, Data leads, Data custodians

    Based on the gaps result, describe the nature of the gap, which will lead to specific initiatives for the data management plan:

    1. In tab 6, “Target State & Gap Analysis,” the same tab where you entered your target-state maturity level, enter additional context about the nature and extent of each gap in the Gap Description column.
    2. Based on the best-practices framework we walked through in Phase 1, note the specific areas that are not fully developed in your organization; for example, we don’t have a model of our environment and its integrations, or there isn’t an established data quality practice with proactive monitoring and intervention.

    2.2.2 Define gap initiatives

    Input: Gaps analysis, Gaps descriptions

    Output: Data management initiatives

    Materials: Data Management Assessment and Planning Tool

    Participants: Key business stakeholders, Business leads and SMEs, Project team, Project sponsor, Data leads, Data custodians

    Based on the gap analysis, start to define the data management initiatives that will close the gaps and help the organization achieve its target state.

    1. In tab 6, “Target State & Gap Analysis,” the same tab where you entered your target-state maturity level, note in the Gap Initiative column what actions you can take to address the gap for each item. For example, if we found through diagnostics and use cases that users didn’t understand the meaning of their data or reports, an initiative might be, “Build a standard enterprise business data catalog.”
    2. It’s an opportunity to brainstorm, to be creative, and think about possibilities. We’ll use the roadmap step to select initiatives from this list.
    3. There are things we can do right away to make a difference. Acknowledge the resources, talent, and leadership momentum you already have in your organization and leverage those to find activities that will work in your culture. For example, one company held a successful Data Day to socialize the roadmap and engage users.

    2.2.3 Build a data management roadmap

    Input: Gap initiatives, Target state and current-state assessment

    Output: Data management initiatives and roadmap

    Materials: Data Management Assessment and Planning Tool

    Participants: Key business stakeholders, Business leads and SMEs, Project team, Project sponsor, Data leads, Data custodians

    Start to list tangible actions you will take to address gaps and achieve data objectives and business goals along with timelines and responsibility:

    1. With an understanding of your priority areas and specific gaps, and referring back to your use cases, draw up specific initiatives that you can track, measure, and align with your original goals.
    2. For example, in data governance, initiatives might include:
      • Assign data owners and stewards for all data assets.
      • Consolidate disparate business data catalogs.
      • Create a data governance charter or terms of reference.
    3. Alongside the initiatives, fill in other detail, especially who is responsible and timing (start and end dates). Assigning responsibility and some time markers will help to keep momentum alive and make the work projects real.

    Step 2.3

    Organize Business Data Domains

    Activities

    2.3.1 Define business data domains and assign owners

    This step will guide you through the following activities:

    • Identify business data domains that flow through and support the systems environment and business processes.
    • Define and organize business data domains with assigned owners, artifacts, and profiles.
    • Apply the domain map to building governance program.

    Outcomes of this step

    • Business data domain map with assigned owners and artifacts

    Assess Data Management and Build Your Roadmap

    Step 2.1 Step 2.2 Step 2.3

    2.3.1 Define business data domains

    Input: Target-state maturity level

    Output: Detail and context about gaps to lead planners to specific initiatives

    Materials: Data Management Assessment and Planning Tool

    Participants: Key business stakeholders, Business leads and SMEs, Project team, Project sponsor, Data leads, Data custodians

    Identify the key data domains for each line of business, where the data resides, and the main contact or owner.

    1. We have an understanding of what the business wants to achieve, e.g. build customer loyalty or comply with privacy laws. But where is the data that can help us achieve that? What systems is that data moving and living in and who, if anyone, owns it?
    2. Define the main business data domains apart from what system it may be spread over. Use the worksheet on the next slide as an example.
    3. Examples of business data domains: Customer, Product, Vendor.
    4. Each domain should have owners and associated business processes. Assign data domain owners, application owners, and business process owners.

    Business and data domains

    [SAMPLE]

    Business Domain App/Data Domains Business Stewards Application Owners Business Owners
    Client Experience and Sales Tech Salesforce (Sales, Service, Experience Clouds), Mulesoft (integration point) (Any team inputting data into the system)
    Quality and Regulatory Salesforce
    Operations Salesforce, Salesforce Referrals, Excel spreadsheets, SharePoint
    Finance Workday, Sage 300 (AccPac), Salesforce, Moneris Finance
    Risk/Legal Network share drive/SharePoint
    Human Resources Workday, Network share drive/SharePoint HR team
    Corporate Sales Salesforce (Sales, Service, Health, Experience Clouds),
    Sales and Client Success Mitel, Outlook, PDF intake forms, Workday, Excel. Sales & Client Success Director, Marketing Director CIO, Sales & Client Success Director, Marketing Director

    Embrace the technology

    Make the available data governance tools and technology work for you:
    • Data catalog
    • Business data glossary
    • Data lineage
    • Metadata management
    While data governance tools and technologies are no panacea, leverage their automated and AI-enabled capabilities to augment your data governance program.
    Array of logos of tech companies whose products are used for this type of work: Informatica, Collibra, Tibco, Alation, Immuta, TopQuadrant, and SoftwareReviews.

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.
    Photo of an analyst.

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:
    Sample of the Data Governance Strategy Map slide from earlier.

    Build Your Business and User Context

    Work with your core team of stakeholders to build out your data management roadmap, aligning data management initiatives with business capabilities, value streams, and, ultimately, your strategic priorities.
    Sample of a 'Data Management Enablers' table.

    Formulate a Plan to Get to Your Target State

    Develop a data management future-state roadmap and plan based on an understanding of your current data governance capabilities, your operating environment, and the driving needs of your business.

    Related Info-Tech Research

    Stock image of people pointing to a tablet with a dashboard.

    Build a Robust and Comprehensive Data Strategy

    Key to building and fostering a data-driven culture.
    Sample of the 'Data & Analytics Landscape' slide from earlier.

    Understand the Data and Analytics Landscape

    Optimize your data and analytics environment.
    Stock image of co-workers looking at the same thing.

    Build a Data Pipeline for Reporting and Analytics

    Data architecture best practices to prepare data for reporting and analytics.

    Research Contributors

    Name Position Company
    Anne Marie Smith Board of Directors DAMA International
    Andy Neill Practice Lead, Data & Analytics Info-Tech Research Group
    Dirk Coetsee Research Director, Data & Analytics Info-Tech Research Group
    Graham Price Executive Advisor, Advisory Executive Services Info-Tech Research Group
    Igor Ikonnikov Research Director, Data & Analytics Info-Tech Research Group
    Jean Bujold Senior Workshop Delivery Director Info-Tech Research Group
    Mario Cantin Chief Data Strategist Prodago
    Martin Sykora Director NexJ Analytics
    Michael Blaha Author, Patterns of Data Modeling Consultant
    Rajesh Parab Research Director, Data & Analytics Info-Tech Research Group
    Ranjani Ranganathan Product Manager, Research – Workshop Delivery Info-Tech Research Group
    Reddy Doddipalli Senior Workshop Director Info-Tech Research Group

    Bibliography

    AIIM, “What is Enterprise Content Management (ECM)?” Intelligent Information Management Glossary, AIIM, 2021. Web.

    BABOK V3: A Guide to Business Analysis Body of Knowledge. IIBA, 2014. Web.

    Barton, Dominic, and David Court. "Three Keys To Building a Data-Driven Strategy." McKinsey and Company, 1 Mar. 2013. Web.

    Boston University Libraries. "Data Life Cycle » Research Data Management | Boston University." Research Data Management RSS. Boston University, n.d. Accessed Oct. 2015.

    Chang, Jenny. “97 Supply Chain Statistics You Must Know: 2020 / 2021 Market Share Analysis & Data.” FinancesOnline, 2021. Web.

    COBIT 5: Enabling Information. ISACA, 2013. Web.

    CSC (Computer Sciences Corporation), Big Data Infographic, 2012. Web.

    DAMA International. DAMA-DMBOK Guide. 1st ed., Technics Publications, 2009. Digital.

    DAMA International. “DAMA Guide to the Data Management Body of Knowledge (DAMA-DMBOK2 Guide).” 2nd ed., 2017. Accessed June 2017.

    Davenport, Thomas H. "Analytics in Sports: The New Science of Winning." International Institute for Analytics, 2014. Web.

    Department of Homeland Security. Enterprise Data Management Policy. Department of Homeland Security, 25 Aug. 2014. Web.

    Enterprise Data Management Data Governance Plan. US Federal Student Aid, Feb. 2007. Accessed Oct. 2015.

    Experian. “10 signs you are sitting on a pile of data debt.” Experian, 2020. Accessed 25 June 2021.

    Fasulo, Phoebe. “6 Data Management Trends in Financial Services.” SecurityScorecard, 3 June 2021. Web.

    Georgia DCH Medicaid Enterprise – Data Management Strategy. Georgia Department of Community Health, Feb. 2015. Accessed Oct. 2015.

    Hadavi, Cyrus. “Use Exponential Growth of Data to Improve Supply Chain Operations.” Forbes, 5 Oct. 2021. Web.

    Harbert, Tam. “Tapping the power of unstructured data.” MIT Sloan, 1 Feb. 2021. Web.

    Hoberman, Steve, and George McGeachie. Data Modeling Made Simple with PowerDesigner. Technics Pub, 2011. Print.

    “Information Management Strategy.” Information Management – Alberta. Service Alberta, Nov.-Dec. 2013. Web.

    Jackson, Brian, et al. “2021 Tech Trends.” Info-Tech Research Group, 2021. Web.

    Jarvis, David, et al. “The hyperquantified athlete: Technology, measurement, and the business of sports.” Deloitte Insights, 7 Dec. 2020. Web.

    Bibliography

    Johnson, Bruce. “Leveraging Subject Area Models.” EIMInsight Magazine, vol. 3, no. 4, April 2009. Accessed Sept. 2015.

    Lewis, Larry. "How to Use Big Data to Improve Supply Chain Visibility." Talking Logistics, 14 Sep. 2014. Web.

    McAfee, Andrew, and Erik Brynjolfsson. “Big Data: The Management Revolution,” Harvard Business Review, vol. 90, no. 10, 2012, pp. 60-68.

    Meyer-Cuno, Doug. “Is A Vision Statement Important?” Forbes, 24 Feb. 2021. Web.

    MIT. “Big Data: The Management Revolution.” MIT Center for Digital Business, 29 May 2014. Accessed April 2014.

    "Open Framework, Information Management Strategy & Collaborative Governance.” MIKE2 Methodology RSS, n.d. Accessed Aug. 2015.

    PwC. “Asset Management 2020: A Brave New World.” PwC, 2014. Accessed April 2014.

    Riley, Jenn. Understanding Metadata: What is Metadata, and What is it For: A Primer. NISO, 1 Jan. 2017. Web.

    Russom, Philip. "TDWI Best Practices Report: Managing Big Data." TDWI, 2013. Accessed Oct. 2015.

    Schneider, Joan, and Julie Hall. “Why Most Product Launches Fail.” Harvard Business Review, April 2011. Web.

    Sheridan, Kelly. "2015 Trends: The Growth of Information Governance | Insurance & Technology." InformationWeek. UBM Tech, 10 Dec. 2014. Accessed Nov. 2015.

    "Sports Business Analytics and Tickets: Case Studies from the Pros." SloanSportsConference. Live Analytics – Ticketmaster, Mar. 2013. Accessed Aug. 2015.

    Srinivasan, Ramya. “Three Analytics Breakthroughs That Will Define Business in 2021.” Forbes, 4 May 2021. Web.

    Statista. “Amount of data created, consumed, and stored 2010-2020.” Statista, June 2021. Web.

    “Understanding the future of operations: Accenture Global Operations Megatrends research.” Accenture Consulting, 2015. Web.

    Vardhan, Harsh. “Why So Many Product Ideas Fail?” Medium, 26, Sept. 2020. Web.

    Improve Security Governance With a Security Steering Committee

    • Buy Link or Shortcode: {j2store}373|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $10,000 Average $ Saved
    • member rating average days saved: 20 Average Days Saved
    • Parent Category Name: Governance, Risk & Compliance
    • Parent Category Link: /governance-risk-compliance
    • Security is still seen as an IT problem rather than a business risk, resulting in security governance being relegated to the existing IT steering committee.
    • Security is also often positioned in the organization where they are not privy to the details of the organization’s overall strategy. Security leaders struggle to get the full enterprise picture.

    Our Advice

    Critical Insight

    • Work to separate the Information Security Steering Committee (ISSC) from the IT Steering Committee (ITSC). Security transcends the boundaries of IT and needs an independent, eclectic approach to make strategic decisions.
    • Be the lawyer, not the cop. Ground your communications in business terminology to facilitate a solution that makes sense to the entire organization.
    • Develop and stick to the agenda. Continued engagement from business stakeholders requires sticking to a strategic level-focused agenda. Dilution of purpose will lead to dilution in attendance.

    Impact and Result

    • Define a clear scope of purpose and responsibilities for the ISSC to gain buy-in and consensus for security governance receiving independent agenda time from the broader IT organization.
    • Model the information flows necessary to provide the steering committee with the intelligence to make strategic decisions for the enterprise.
    • Determine membership and responsibilities that shift with the evolving security landscape to ensure participation reflects interested parties and that money being spent on security mitigates risk across the enterprise.
    • Create clear presentation material and strategically oriented meeting agendas to drive continued participation from business stakeholders and executive management.

    Improve Security Governance With a Security Steering Committee Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how to improve your security governance with a security steering committee, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define committee purpose and responsibilities

    Identify the purpose of your committee, determine the capabilities of the committee, and define roles and responsibilities.

    • Improve Security Governance With a Security Steering Committee – Phase 1: Define Committee Purpose and Responsibilities
    • Information Security Steering Committee Charter

    2. Determine information flows, membership & accountabilities

    Determine how information will flow and the process behind that.

    • Improve Security Governance With a Security Steering Committee – Phase 2: Determine Information Flows, Membership & Accountabilities

    3. Operate the Information Security Steering Committee

    Define your meeting agendas and the procedures to support those meetings. Hold your kick-off meeting. Identify metrics to measure the committee’s success.

    • Improve Security Governance With a Security Steering Committee – Phase 3: Operate the Information Security Steering Committee
    • Security Metrics Summary Document
    • Information Security Steering Committee Stakeholder Presentation
    [infographic]

    Further reading

    Improve Security Governance With a Security Steering Committee

    Build an inclusive committee to enable holistic strategic decision making.

    ANALYST PERSPECTIVE

    "Having your security organization’s steering committee subsumed under the IT steering committee is an anachronistic framework for today’s security challenges. Conflicts in perspective and interest prevent holistic solutions from being reached while the two permanently share a center stage.

    At the end of the day, security is about existential risks to the business, not just information technology risk. This focus requires its own set of business considerations, information requirements, and delegated authorities. Without an objective and independent security governance body, organizations are doomed to miss the enterprise-wide nature of their security problems."

    – Daniel Black, Research Manager, Security Practice, Info-Tech Research Group

    Our understanding of the problem

    This Research Is Designed For:

    • CIOs
    • CISOs
    • IT/Security Leaders

    This Research Will Help You:

    • Develop an effective information security steering committee (ISSC) that ensures the right people are involved in critical decision making.
    • Ensure that business and IT strategic direction are incorporated into security decisions.

    This Research Will Also Assist:

    • Information Security Steering Committee (ISSC) members

    This Research Will Help Them:

    • Formalize roles and responsibilities.
    • Define effective security metrics.
    • Develop a communication plan to engage executive management in the organization’s security planning.

    Executive summary

    Situation

    • Successful information security governance requires a venue to address security concerns with participation from across the entire business.
    • Without access to requisite details of the organization – where we are going, what we are trying to do, how the business expects to use its technology – security can not govern its strategic direction.

    Complication

    • Security is still seen as an IT problem rather than a business risk, resulting in security governance being relegated to the existing IT steering committee.
    • Security is also often positioned in the organization where they are not privy to the details of the organization’s overall strategy. Security leaders struggle to get the full enterprise picture.

    Resolution

    • Define a clear scope of purpose and responsibilities for the Information Security Steering Committee to gain buy-in and consensus for security governance receiving independent agenda time from the broader IT organization.
    • Model the information flows necessary to provide the steering committee with the intelligence to make strategic decisions for the enterprise.
    • Determine membership and responsibilities that shift with the evolving security landscape to ensure participation reflects interested parties and that money being spent on security mitigates risk across the enterprise.
    • Create security metrics that are aligned with committee members’ operational goals to incentivize participation.
    • Create clear presentation material and strategically oriented meeting agendas to drive continued participation from business stakeholders and executive management.

    Info-Tech Insight

    1. Work to separate the ISSC from the IT Steering Committee (ITSC). Security transcends the boundaries of IT and needs an independent, eclectic approach to make strategic decisions.
    2. Be the lawyer, not the cop. Ground your communications in business terminology to facilitate a solution that make sense to the entire organization.
    3. Develop and stick to the agenda. Continued engagement from business stakeholders requires sticking to a strategic level-focused agenda. Dilution of purpose will lead to dilution in attendance.

    Empower your security team to act strategically with an ISSC

    Establishing an Information Security Steering Committee (ISSC)

    Even though security is a vital consideration of any IT governance program, information security has increasingly become an important component of the business, moving beyond the boundaries of just the IT department.

    This requires security to have its own form of steering, beyond the existing IT Steering Committee, that ensures continual alignment of the organization’s security strategy with both IT and business strategy.

    An ISSC should have three primary objectives:

    • Direct Strategic Planning The ISSC formalizes organizational commitments to strategic planning, bringing visibility to key issues and facilitating the integration of security controls that align with IT and business strategy.
    • Institute Clear Accountability The ISSC facilitates the involvement and commitment of executive management through clearly defined roles and accountabilities for security decisions, ensuring consistency in participation as the organization’s strategies evolve.
    • Optimize Security Resourcing The ISSC maximizes security by monitoring the implementation of the security strategic plan, making recommendations on prioritization of effort, and securing necessary resources through the planning and budgeting processes, as necessary.

    What does the typical ISSC do?

    Ensuring proper governance over your security program is a complex task that requires ongoing care and feeding from executive management to succeed.

    Your ISSC should aim to provide the following core governance functions for your security program:

    1. Define Clarity of Intent and Direction How does the organization’s security strategy support the attainment of the business and IT strategies? The ISSC should clearly define and communicate strategic linkage and provide direction for aligning security initiatives with desired outcomes.
    2. Establish Clear Lines of Authority Security programs contain many important elements that need to be coordinated. There needs to be clear and unambiguous authority, accountability, and responsibility defined for each element so lines of reporting/escalation are clear and conflicting objectives can be mediated.
    3. Provide Unbiased Oversight The ISSC should vet the organization’s systematic monitoring processes to make certain there is adherence to defined risk tolerance levels and ensure that monitoring is appropriately independent from the personnel responsible for implementing and managing the security program.
    4. Optimize Security Value Delivery Optimized value delivery occurs when strategic objectives for security are achieved and the organization’s acceptable risk posture is attained at the lowest possible cost. This requires constant attention to ensure controls are commensurate with any changes in risk level or appetite.

    Formalize the most important governance functions for your organization

    Creation of an ISSC is deemed the most important governance and oversight practice that a CISO can implement, based on polling of IT security leaders analyzing the evolving role of the CISO.

    Relatedly, other key governance practices reported – status updates, upstream communications, and executive-level sponsorship – are within the scope of what organizations traditionally formalize when establishing their ISSC.

    Vertical bar chart highlighting the most important governance functions according to respondents. The y axis is labelled 'Percentage of Respondents' with the values 0%-60%, and the x axis is labelled 'Governance and Oversight Practices'. Bars are organized from highest percentage to lowest with 'Creation of cross-functional committee to oversee security strategy' at 56%, 'Regularly scheduled reporting on the state of security to stakeholders' at 55%, 'Upstream communication channel from security leadership to CEO' at 46%, and 'Creation of program charter approved by executive-level sponsor' at 37%. Source: Ponemon Institute, 2017; N=184 organizations; 660 respondents.

    Despite the clear benefits of an ISSC, organizations are still falling short

    83% of organizations have not established formal steering committees to evaluate the business impact and risks associated with security decisions. (Source: 2017 State of Cybersecurity Metrics Report)

    70% of organizations have delegated cybersecurity oversight to other existing committees, providing security limited agenda time. (Source: PwC 2017 Annual Corporate Director Survey)

    "This is a group of risk managers an institution would bring together to deal with a response anyway. Having them in place to do preventive discussions and formulate policy to mitigate the liability sets and understand compliance obligations is just powerful." (Kirk Bailey, CISO, University of Washington)

    Prevent the missteps that make 9 out of 10 steering committees unsuccessful

    Why Do Steering Committees Fail?

    1. A lack of appetite for a steering committee from business partners. An effective ISSC requires participation from core members of the organization’s leadership team. The challenge is that most business partners don’t understand the benefits of an ISSC and the responsibilities aren’t tailored to participants’ needs or interests. It’s the CISO’s (or senior IT/security leader’s) responsibility to make this case to stakeholders and right-size the committee responsibilities and membership.
    2. ISSC committees are given inappropriate responsibilities. The steering committee is fundamentally about decision making; it’s not a working committee. Security leadership typically struggles with clarifying these responsibilities on two fronts: either the responsibilities are too vague and there is no clear way to execute on them within a meeting or responsibilities are too tactical and require knowledge that participants do not have. Responsibilities should determine who is on the ISSC, not the other way around.
    3. Lack of process around execution. An ISSC is only valuable if members are able to successfully execute on its mandate. Without well-defined processes it becomes nearly impossible for the ISSC to be actionable. As a result, participants lack the information they need to make critical decisions, agendas are unmet, and meetings are seen as a waste of time.

    Use these icons to help direct you as you navigate this research

    Use these icons to help guide you through each step of the blueprint and direct you to content related to the recommended activities.

    A small monochrome icon of a wrench and screwdriver creating an X.

    This icon denotes a slide where a supporting Info-Tech tool or template will help you perform the activity or step associated with the slide. Refer to the supporting tool or template to get the best results and proceed to the next step of the project.

    A small monochrome icon depicting a person in front of a blank slide.

    This icon denotes a slide with an associated activity. The activity can be performed either as part of your project or with the support of Info-Tech team members, who will come onsite to facilitate a workshop for your organization.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Improve Security Governance With a Security Steering Committee – project overview

    1. Define Committee Purpose and Responsibilities

    2. Determine Information Flows, Membership & Accountabilities

    3. Operate the Information Security Steering Committee

    Supporting Tool icon

    Best-Practice Toolkit

    1.1 Tailor Info-Tech’s Information Security Steering Committee Charter Template to define terms of reference for the ISSC

    1.2 Conduct a SWOT analysis of your information security governance capabilities

    1.3 Identify the responsibilities and duties of the ISSC

    1.4 Draft the committee purpose statement of your ISSC

    2.1 Define your SIPOC model for each of the ISSC responsibilities

    2.2 Identify committee participants and responsibility cadence

    2.3 Define ISSC participant RACI for each of the responsibilities

    3.1 Define the ISSC meeting agendas and procedures

    3.2 Define which metrics you will report to the ISSC

    3.3 Hold a kick-off meeting with your ISSC members to explain the process, responsibilities, and goals

    3.4 Tailor the Information Security Steering Committee Stakeholder Presentation template

    3.5 Present the information to the security leadership team

    3.6 Schedule your first meeting of the ISSC

    Guided Implementations

    • Identify the responsibilities and duties of the ISSC.
    • Draft the committee purpose of the ISSC.
    • Determine SIPOC modeling of information flows.
    • Determine accountabilities and responsibilities.
    • Set operational standards.
    • Determine effectiveness metrics.
    • Steering committee best practices.
    Associated Activity icon

    Onsite Workshop

    This blueprint can be combined with other content for onsite engagements, but is not a standalone workshop.
    Phase 1 Outcome:
    • Determine the purpose and responsibilities of your information security steering committee.
    Phase 2 Outcome:
    • Determine membership, accountabilities, and information flows to enable operational excellence.
    Phase 3 Outcome:
    • Define agendas and standard procedures to operate your committee.
    • Design an impactful stakeholder presentation.

    Improve Security Governance With a Security Steering Committee

    PHASE 1

    Define Committee Purpose and Responsibilities

    Phase 1: Define Committee Purpose and Responsibilities

    ACTIVITIES:

    • 1.1 Tailor Info-Tech’s Information Security Steering Committee Charter Template to define terms of reference for the ISSC
    • 1.2 Conduct a SWOT analysis of your information security governance capabilities
    • 1.3 Identify the responsibilities and duties of the ISSC
    • 1.4 Draft the committee purpose statement for your ISSC

    OUTCOMES:

    • Conduct an analysis of your current information security governance capabilities and identify opportunities and weaknesses.
    • Define a clear scope of purpose and responsibilities for your ISSC.
    • Begin to customize your ISSC charter.

    Info-Tech Insight

    Balance vision with direction. Purpose and responsibilities should be defined so that they encompass your mission and objectives to the enterprise in clear terms, but provide enough detail that you can translate the charter into operational plans for the security team.

    Tailor Info-Tech’s Information Security Steering Committee Charter Template to define terms of reference for the ISSC

    Supporting Tool icon 1.1

    A charter is the organizational mandate that outlines the purpose, scope, and authority of the ISSC. Without a charter, the steering committee’s value, scope, and success criteria are unclear to participants, resulting in unrealistic stakeholder expectations and poor organizational acceptance.

    Start by reviewing Info-Tech’s template. Throughout the next two sections we will help you to tailor its contents.

    • Committee Purpose: The rationale, benefits of, and overall function of the committee.
    • Organization and Membership: Who is on the committee and how is participation measured against organizational need.
    • Responsibilities and Duties: What tasks/decisions the accountable committee is making.
    • RACI: Who is accountable, responsible, consulted, and informed regarding each responsibility.
    • Committee Procedures and Agendas: Includes how the committee will be organized and how the committee will interact and communicate with interested parties.
    Sample of the Info-Tech deliverable 'Information Security Steering Committee Charter Template'.

    Download the Information Security Steering Committee Charter to customize your organization’s charter

    Conduct a SWOT analysis of your information security governance capabilities

    Associated Activity icon 1.2

    INPUT: Survey outcomes, Governance overview handouts

    OUTPUT: SWOT analysis, Top identified challenges and opportunities

    1. Hold a meeting with your IT leadership team to conduct a SWOT analysis on your current information security governance capabilities.
    2. In small groups, or individually, have each group complete a SWOT analysis for one of the governance areas. For each consider:
      • Strengths: What is currently working well in this area?
      • Weaknesses: What could you improve? What are some of the challenges you’re experiencing?
      • Opportunities: What are some organizational trends that you can leverage? Consider whether your strengths or weaknesses could create opportunities.
      • Threats: What are some key obstacles across people, process, and technology?
    3. Have each team or individual rotate until each person has contributed to each SWOT. Add comments from the stakeholder survey to the SWOT.
    4. As a group, rank the inputs from each group and highlight the top five challenges and the top five opportunities you see for improvement.

    Identify the responsibilities and duties of the ISSC

    Associated Activity icon 1.3

    INPUT: SWOT analysis, Survey reports

    OUTPUT: Defined ISSC responsibilities

    1. With your security leadership team, review the typical responsibilities of the ISSC on the following slides (also included in the templated text of the charter linked below).
    2. Print off the following two slides, and in small teams or individually, identify which responsibilities the ISSC should have in your organization, brainstorm any additional responsibilities, and document reasoning.
    3. Have each team present to the larger group, track the similarities and differences between each of the groups, and come to consensus on the list of categories and responsibilities.
    4. Complete a sanity check: review your SWOT analysis. Do the responsibilities you’ve identified resolve the critical challenges or weaknesses?
    5. As a group, consider the responsibilities and whether you can reasonably implement those in one year or if there are any that will need to wait until year two of the committee.

    Add or modify responsibilities in Info-Tech’s Information Security Steering Committee Charter.

    Typical ISSC responsibilities and duties

    Use the following list of responsibilities to customize the list of responsibilities your ISSC may take on. These should link directly to the Responsibilities and Duties section of your ISSC charter.

    Strategic Oversight

    • Provide oversight and ensure alignment between information security strategy and company objectives.
    • Assess the adequacy of resources and funding to sustain and advance successful security programs and practices for identifying, assessing, and mitigating cybersecurity risks across all business functions.
    • Review controls to prevent, detect, and respond to cyber-attacks or information or data breaches involving company electronic information, intellectual property, data, or connected devices.
    • Review the company’s cyberinsurance policies to ensure appropriate coverage.
    • Provide recommendations, based on security best practices, for significant technology investments.

    Policy Governance

    • Review company policies pertaining to information security and cyberthreats, taking into account the potential for external threats, internal threats, and threats arising from transactions with trusted third parties and vendors.
    • Review privacy and information security policies and standards and the ramifications of updates to policies and standards.
    • Establish standards and procedures for escalating significant security incidents to the ISSC, board, other steering committees, government agencies, and law enforcement, as appropriate.

    Typical ISSC responsibilities and duties (continued)

    Use the following list of responsibilities to customize the list of responsibilities your ISSC may take on. These should link directly to the Responsibilities and Duties section of your ISSC charter.

    Risk Governance

    • Review and approve the company’s information risk governance structure and key risk management processes and capabilities.
    • Assess the company’s high-risk information assets and coordinate planning to address information privacy and security needs.
    • Provide input to executive management regarding the enterprise’s information risk appetite and tolerance.
    • Review the company’s cyber-response preparedness, incident response plans, and disaster recovery capabilities as applicable to the organization’s information security strategy.
    • Promote an open discussion regarding information risk and integrate information risk management into the enterprise’s objectives.

    Monitoring & Reporting

    • Receive periodic reports and coordinate with management on the metrics used to measure, monitor, and manage cyber and IT risks posed to the company and to review periodic reports on selected risk topics as the Committee deems appropriate.
    • Review reports provided by the IT organization regarding the status of and plans for the security of the company’s data stored on internal resources and with third-party providers.
    • Monitor and evaluate the quality and effectiveness of the company’s technology security, capabilities for disaster recovery, data protection, cyberthreat detection and cyber incident response, and management of technology-related compliance risks.

    Review the organization’s security strategy to solidify understanding of the ISSC’s purpose

    The ISSC should consistently evolve to reflect the strategic purpose of the security program. If you completed Info-Tech’s Security Strategy methodology, review the results to inform the scope of your committee. If you have not completed Info-Tech’s methodology, determining these details should be achieved through iterative stakeholder consultations.

    Strategy Components

    ISSC Considerations

    Security Pressure Analysis

    Review the ten security domains and your organization’s pressure levels to review the requisite maturity level of your security program. Consider how this may impact the focus of your ISSC.

    Security Drivers/Obligations

    Review how your security program supports the attainment of the organization’s business objectives. By what means should the ISSC support these objectives? This should inform the rationale, benefits, and overall function of the committee.

    Security Strategy Scope and Boundaries

    Consider the scope and boundaries of your security program to reflect on what the program is responsible for securing. Is this reflected adequately in the language of the committee’s purpose? Should components be added or redacted?

    Draft the committee purpose statement of your ISSC

    Associated Activity icon 1.4

    INPUT: SWOT Analysis, Security Strategy

    OUTPUT: ISSC Committee Purpose

    1. In a meeting with your IT leadership team – and considering the organization’s security strategy, defined responsibilities, and opportunities and threats identified – review the example goal statement in the Information Security Steering Committee Charter, and identify whether any of these statements apply to your organization. Select the statements that apply and collaboratively make any changes needed.
    2. Define unique goal statements by considering the following questions:
      • What three things would you realistically list for the ISSC to achieve?
      • If you were to accomplish three things in the next year, what would those be?
    3. With those goal statements in mind, consider the overall purpose of the committee. The purpose statement should be a reflection of what the committee does, why, and the goals.
    4. Have each individual review the example purpose statement and draft what they think a good purpose statement would be.
    5. Present each statement, and work together to determine a best-of-breed statement.

    Alter the Committee Purpose section in the Information Security Steering Committee Charter.

    Vendor Management

    • Buy Link or Shortcode: {j2store}15|cart{/j2store}
    • Related Products: {j2store}15|crosssells{/j2store}
    • member rating overall impact (scale of 10): 9.3/10
    • member rating average dollars saved: $9,627
    • member rating average days saved: 10
    • Parent Category Name: Financial Management
    • Parent Category Link: /financial-management
    That does not mean strong-arming. It means maximizing the vendor relationship value.

    Acquire the Right Hires with Effective Interviewing

    • Buy Link or Shortcode: {j2store}576|cart{/j2store}
    • member rating overall impact (scale of 10): 8.5/10 Overall Impact
    • member rating average dollars saved: $15,749 Average $ Saved
    • member rating average days saved: 2 Average Days Saved
    • Parent Category Name: Attract & Select
    • Parent Category Link: /attract-and-select
    • Scope: Acquiring the best talent relies heavily on an effective interviewing process, which involves the strategic preparation of stakeholders, including interviewers. Asking the most effective questions will draw out the most appropriate information to best assess the candidate. Evaluating the interview process and recording best practices will inspire continuous interviewing improvement within the organization.
    • Challenge: The majority of organizations do not have a solid interviewing process in place, and most interviewers are not practiced at interviewing. This results in many poor hiring decisions, costing the organization in many ways. Upsizing is on the horizon, the competition for good talent is escalating, and distinguishing between a good interviewee and a good candidate fit for a position is becoming more difficult.
    • Pain/Risk: Although properly preparing for and conducting an interview requires additional time on the part of HR, the hiring manager, and all interviewers involved, the long-term benefits of an effective interview process positively affect the organization’s bottom line and company morale.

    Our Advice

    Critical Insight

    • Most interviewers are not as good as they think they are, resulting in many poor hiring decisions. A poor hire can cost an organization up to 15 times the position’s annual salary, as well as hurt employee morale.
    • The Human Resources department needs to take responsibility for an effective interview process, but the business needs to take responsibility for developing its new hire needs, and assessing the candidates using the best questions and the most effective interview types and techniques.
    • All individuals with a stake in the interview process need to invest sufficient time to help define the ideal candidate, understand their roles and decision rights in the process, and prepare individually to interview effectively.
    • There are hundreds of different interview types, techniques, and tools for an organization to use, but the most practiced and most effective is behavioral interviewing.
    • There is no right interview type and technique. Each hiring scenario needs to be evaluated to pick the appropriate type and technique that should be practiced, and the right questions that should be asked.

    Impact and Result

    • Gain insight into and understand the need for a strong interview process.
    • Strategize and plan your organization’s interview process, including how to make up an ideal candidate profile, who should be involved in the process, and how to effectively match interview types, techniques, and questions to assess the ideal candidate attributes.
    • Understand various hiring scenarios, and how an interview process may be modified to reflect your organization’s scenario.
    • Learn about the most common interview types and techniques, when they are appropriate to use, and best practices around using them effectively.
    • Evaluate your interview process and yourself as an interviewer to better inform future candidate interviewing strategy.

    Acquire the Right Hires with Effective Interviewing Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Implement an effective interview and continuous improvement process

    Acquire the right hire.

    • Storyboard: Acquire the Right Hires with Effective Interviewing

    2. Document all aspects of your interview strategy and plan with stakeholders

    Ensure an effective and seamless interview process.

    • Candidate Interview Strategy and Planning Guide

    3. Recognize common interviewing errors and study best practices to address these errors

    Be an effective interviewer.

    • Screening Interview Template
    • Interview Guide Template
    • Supplement: Quick Fixes to Common Interview Errors
    • Pre-interview Guide for Interviewers
    • Candidate Communication Template
    [infographic]

    Ensure Cloud Security in IaaS, PaaS, and SaaS Environments

    • Buy Link or Shortcode: {j2store}386|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Secure Cloud & Network Architecture
    • Parent Category Link: /secure-cloud-network-architecture
    • Security remains a large impediment to realizing cloud benefits. Numerous concerns still exist around the ability for data privacy, confidentiality, and integrity to be maintained in a cloud environment.
    • Even if adoption is agreed upon, it becomes hard to evaluate vendors that have strong security offerings and even harder to utilize security controls that are internally deployed in the cloud environment.

    Our Advice

    Critical Insight

    • The cloud can be secure despite unique security threats.
    • Securing a cloud environment is a balancing act of who is responsible for meeting specific security requirements.
    • Most security challenges and concerns can be minimized through our structured process (CAGI) of selecting a trusted cloud security provider (CSP) partner.

    Impact and Result

    • The business is adopting a cloud environment and it must be secured, which includes:
      • Ensuring business data cannot be leaked or stolen.
      • Maintaining privacy of data and other information.
      • Securing the network connection points.
    • Determine your balancing act between yourself and your CSP; through contractual and configuration requirements, determine what security requirements your CSP can meet and cover the rest through internal deployment.
    • This blueprint and associated tools are scalable for all types of organizations within various industry sectors.

    Ensure Cloud Security in IaaS, PaaS, and SaaS Environments Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should prioritize security in the cloud, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Determine your cloud risk profile

    Determine your organization’s rationale for cloud adoption and what that means for your security obligations.

    • Ensure Cloud Security in IaaS, PaaS, and SaaS Environments – Phase 1: Determine Your Cloud Risk Profile
    • Secure Cloud Usage Policy

    2. Identify your cloud security requirements

    Use the Cloud Security CAGI Tool to perform four unique assessments that will be used to identify secure cloud vendors.

    • Ensure Cloud Security in IaaS, PaaS, and SaaS Environments – Phase 2: Identify Your Cloud Security Requirements
    • Cloud Security CAGI Tool

    3. Evaluate vendors from a security perspective

    Learn how to assess and communicate with cloud vendors with security in mind.

    • Ensure Cloud Security in IaaS, PaaS, and SaaS Environments – Phase 3: Evaluate Vendors From a Security Perspective
    • IaaS and PaaS Service Level Agreement Template
    • SaaS Service Level Agreement Template
    • Cloud Security Communication Deck

    4. Implement your secure cloud program

    Turn your security requirements into specific tasks and develop your implementation roadmap.

    • Ensure Cloud Security in IaaS, PaaS, and SaaS Environments – Phase 4: Implement Your Secure Cloud Program
    • Cloud Security Roadmap Tool

    5. Build a cloud security governance program

    Build the organizational structure of your cloud security governance program.

    • Ensure Cloud Security in IaaS, PaaS, and SaaS Environments – Phase 5: Build a Cloud Security Governance Program
    • Cloud Security Governance Program Template
    [infographic]

    Take a Realistic Approach to Disaster Recovery Testing

    • Buy Link or Shortcode: {j2store}414|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: DR and Business Continuity
    • Parent Category Link: /business-continuity

    You have made significant investments in availability and disaster recovery – but your ability to recover hasn’t been tested in years. Testing will:

    • Improve your DR capabilities.
    • Identify required changes to planning documentation and procedures.
    • Validate DR capabilities for interested customers and auditors.

    Our Advice

    Critical Insight

    • If you treat testing as a pass/fail exercise, you aren’t meeting the end goal of improving organizational resilience.
    • Focus on identifying gaps and risks, and addressing them, before a real disaster hits.
    • Take a realistic, iterative approach to resilience testing that starts with small, low-risk tests and builds on lessons learned.

    Impact and Result

    • Identify testing scenarios and scope that can deliver value to your organization.
    • Create practical test plans with Info-Tech’s template.
    • Demonstrate value from testing to gain buy-in for additional tests.

    Take a Realistic Approach to Disaster Recovery Testing Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Take a Realistic Approach to Disaster Recovery Testing Storyboard – A guide to establishing a right-sized approach to DR testing that delivers durable value to your organization.

    Use this research to understand the different types of tests, prioritize and plan tests for your organization, review the results, and establish a cadence for testing.

    • Take a Realistic Approach to Disaster Recovery Testing Storyboard

    2. Disaster Recovery Test Plan Template – A template to document your organization's DR test plan.

    Use this template to document scope and goals, participants, key pre-test milestones, the test-day schedule, and your findings from the testing exercise.

    • Disaster Recovery Test Plan Template

    3. Disaster Recovery Testing Program Summary – A template to outline your organization's DR testing program.

    Identify the tests you will run over the next year and the expertise, governance, process, and funding required to support testing.

    • Disaster Recovery Testing Program Summary

    [infographic]

     

    Further reading

    Take a Realistic Approach to Disaster Recovery Testing

    Reduce costly downtime with a right-sized testing program that improves IT resilience.

    Analyst Perspective

    Reduce costly downtime with a right-sized testing program that improves IT resilience.

    Andrew Sharp

    Most businesses make significant investments in disaster recovery and technology resilience. Redundant sites and systems, monitoring, intrusion prevention, backups, training, documentation: it all costs time and money.

    But does this investment deliver expected value? Specifically, can you deliver service continuity in a way that meets business requirements?

    You can’t know the answer without regularly testing recovery processes and systems. And more than just validation, testing helps you deliver service continuity by finding and addressing gaps in your plans and training your staff on recovery procedures.

    Use the insights, tools, and templates in this research to create a streamlined and effective resilience testing program that helps validate recovery capabilities and enhance service reliability, availability, and continuity.

    Andrew Sharp

    Research Director, Infrastructure & Operations
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    You have made significant investments in availability and disaster recovery (DR) – but your ability to recover hasn’t been tested in years. Testing will:

    • Improve your DR capabilities.
    • Identify required changes to planning documentation and procedures.
    • Validate DR capabilities for interested customers and auditors.

    Common Obstacles

    Despite the value testing can offer, actually executing on DR tests is difficult because:

    • Testing is often an IT-driven initiative, and it can be difficult to secure business buy-in to redirect resources away from other urgent projects or accept risks that come with testing.
    • Previous tests have been overly complex and challenging to coordinate and leave a hangover so bad that no one wants to do them again.

    Info-Tech's Approach

    Take a realistic approach to resilience testing by starting with small, low-risk tests, then iterating with the lessons you’ve learned:

    • Identify testing scenarios and scope that can deliver value to your organization.
    • Create practical test plans with Info-Tech’s template.
    • Get buy-in for regular DR testing from key stakeholders with a testing program summary.

    Info-Tech Insight

    If you treat testing as a pass/fail exercise, you aren’t meeting the end goal of improving organizational resilience. Focus on identifying gaps and risks so you can address them before a real disaster hits.

    Process and Outputs

    This research is accompanied by templates to help you achieve your goals faster.

    1 - Establish the business rationale for DR testing.
    2 - Review a range of options for testing.
    3 - Prioritize tests that are most valuable to your business.
    4 - Create a disaster recovery test plan.
    5 - Establish a Test Program to support a regular testing cycle.

    Outputs:

    DR Test Plan
    DR Testing Program Summary

    Example Orange Activity slide.
    Orange activity slides like the one on the left provide directions to help you make key decisions.

    Key Deliverable:

    Disaster Recovery Test Plan Template

    Build a plan for your first disaster recovery test.

    This document provides a complete example you can use to quickly build your own plan, including goals, milestones, participants, the test-day schedule, and findings from the after-action review.

    Why test?

    Testing helps you avoid costly downtime

    • In a disaster scenario, speed matters. Immediately after an outage, the impact on the organization is small, but impact increases rapidly the longer the outage continues.
    • A quick and reliable response and recovery can protect the organization from significant losses.
    • A DRP testing and maintenance program helps ensure you’re ready to recover when you need to, rather than figuring it out as you go.

    “Routine testing is vital to survive a disaster… that’s when muscle memory sets in. If you don’t test your DR plan it falls [in importance], and you never see how routine changes impact it.”

    – Jennifer Goshorn
    Chief Administrative Officer
    Gunderson Dettmer LLP

    Info-Tech members estimated even one day of system downtime could lead to significant revenue losses. Estimated loss of revenue over 24 hours. Core Infrastructure has the highest potential for lost revenue.

    Average estimated potential loss* in thousands of USD due to a 24-hour outage (N=41)

    *Data aggregated from 41 business impact analyses (BIAs) conducted with Info-Tech advisory assistance. BIAs evaluate potential revenue loss due to a full day of system downtime, at the worst possible time.

    Run tests to enhance disaster recovery plans

    Testing improves organizational resilience

    • Identify and address gaps in your plans before a real disaster strikes.
    • Cross-train staff on systems recovery.
    • Go beyond testing technology to test recovery processes.
    • Establish a culture that centers resilience in everyday decision-making.

    Testing keeps DR documentation ready for action

    • Update documentation ahead of tests to prepare for the testing exercise.
    • Update documentation after testing to incorporate any lessons learned.

    Testing validates that investments in resilience deliver value

    • Confirm your organization can meet defined recovery time objectives (RTOs) and recovery point objectives (RPOs).
    • Provide proof of testing for auditors, prospective customers, and insurance applications

    Overcome testing challenges

    Despite the value of effective recovery testing, most IT organizations struggle to test recovery plans

    Common challenges

    • Key resources don’t have time for testing exercises.
    • You don’t have the technology to support live recovery testing.
    • Tests are done ad hoc and lessons learned are lost.
    • A lack of business support for test exercises as the value isn’t understood.
    • Tests are always artificially simple because RTOs and RPOs must be met to satisfy customer or auditor inquiries

    Overcome challenges with a realistic approach:

    • Start small with tabletop and recovery tests for specific systems.
    • Include recovery tests in operational tasks (e.g. restore systems when you have a maintenance window).
    • Create testing plans for larger testing exercises.
    • Build on successful tests to streamline testing exercises in the future.
    • Don’t make testing a pass-fail exercise. Focus on identifying gaps and risks so you can address them before a real disaster hits.

    Go beyond traditional testing

    Different test techniques help validate recovery against different threats

    • There are many threats to service continuity, including ransomware, severe weather events, geopolitical conflict, legacy systems, staff turnover, and day-to-day outages caused by human error, software updates, hardware failures, or network outages.
    • At its core, disaster recovery planning is about recovery. A plan for service recovery will help you mitigate against many threats at once. The testing approaches on the right will help you validate different aspects of that recovery process.
    • This research will provide an overview of the approaches outlined on the right and help you prioritize tests that are most valuable to your organization.
    Different test techniques for disaster recover training: System Failover tests, tabletop exercises, ransomware recovery tests, etc.

    00 Identify a working group

    30 minutes

    Identify a group of participants who can fill the following roles and inform the discussions around testing in this research. A single person could fill multiple roles and some roles could be filled by multiple people. Many participants will be drawn from the larger DRP team.

    Roles and expectations for Disaster Recovery Planning. DRP sponsor, Testing coordinator, System testers, business liaisons, executive team.

    Input

    • Organizational context

    Output

    • A list of key participants for test planning and execution

    Participants

    • Typically, start by identifying the sponsor and coordinator and have them identify the other members of the working group.

    Start by updating your disaster recovery plan (DRP)

    Use Info-Tech’s Create a Right-Sized Disaster Recovery Plan research to identify recovery objectives based on business impact and outline recovery processes. Both are tremendously valuable inputs to your test plans.

    Overall Business Continuity Plan

    IT Disaster Recovery Plan

    A plan to restore IT services (e.g. applications and infrastructure) following a disruption. A DRP:

    • Identifies critical applications and dependencies.
    • Defines appropriate recovery objectives based on a business impact analysis (BIA).
    • Creates a step-by-step incident response plan.

    BCP for Each Business Unit

    A set of plans to resume business processes for each business unit. A business continuity plan (BCP) is also sometimes called a continuity of operations plan (COOP).

    BCPs are created and owned by each business unit, and creating a BCP requires deep involvement from the leadership of each business unit.

    Info-Tech’s Develop a Business Continuity Plan blueprint provides a methodology for creating business unit BCPs as part of an overall BCP for the organization.

    Crisis Management Plan

    A plan to manage a wide range of crises, from health and safety incidents to business disruptions to reputational damage.

    Info-Tech’s Implement Crisis Management Best Practices blueprint provides a framework for planning a response to any crisis, from health and safety incidents to reputational damage.

    01 Confirm: why test at all?

    15-30 minutes

    Identify the value recovery testing for your organization. Use language appropriate for a nontechnical audience. Start with the list below and add, modify, or delete bullet points to reflect your own organization.

     

    Drivers for testing – Examples:

     

    • Improve service continuity.
    • Identify and address gaps in recovery plans before a real disaster strikes.
    • Cross-train staff on systems recovery to minimize single points of failure.
    • Identify how we coordinate across teams during a major systems outage.
    • Exercise both recovery processes and technology.
    • Support a culture that centers system resilience in everyday decision-making.
    • Keep recovery documentation up-to-date and ready for action.
    • Confirm that our stated recovery objectives can be met.
    • Provide proof of testing for auditors, prospective customers, and insurance applications.
    • We require proof of testing to pass audits and renew cybersecurity insurance.

    Info-Tech Insight

    Time-strapped technical staff will sometimes push back on planning and testing, objecting that the team will “figure it out” in a disaster. But the question isn’t whether recovery is possible – it’s whether the recovery aligns with business needs. If your plan is to “MacGyver” a solution on the fly, you can’t know if it’s the right solution for your organization.

    Input

    • Business drivers and context for testing

    Output

    • Specific goals that are driving testing

    Participants

    • DR sponsor
    • Test coordinator

    Think about what and how you test

    Different layers of the stack to test: Network, Authentication, compute and storage, visualization platforms, database services, middleware, app servers, web servers.

    Find gaps and risks with tabletop testing

    Tabletop planning had the greatest impact on meeting recovery objectives (RTOs/RPOs).

    In a tabletop planning exercise, the team walks through a disaster scenario to outline the recovery workflow, and risks or gaps that could disrupt that workflow.

    Tabletops are particularly effective because:

    • It enables you to play out a wider range of scenarios than technology-based testing (e.g. full-scale, parallel) due to cost and complexity factors.
    • It is non-intrusive, so it can be executed more easily than other testing methodologies.
    • The exercise translates into recovery documentation: you create a workflow as you go.
    • A major site or service recovery scenario will review all aspects of the recovery process and create the backbone of your recovery plan.

    02 Run a tabletop exercise

    2 hours

    Tabletop testing is part of our core DRP methodology, Create a Right-Sized Disaster Recovery Plan. This exercise can be run using cue cards, sticky notes, or on a whiteboard; many of our facilitators find building the workflow directly in flowchart software to be very effective.

    Use our Recovery Workflow Template as a starting point.

    Some tips for running your first tabletop exercise:

    Do

    • Review the complete workflow from notification all the way to user acceptance testing.
    • Keep focused; stay on task and on time.
    • Revisit each step and record gaps and risks (and known solutions, but don’t dwell on this).
    • Revise and improve the plan with task owners.

    Don't

    • Get weighed down by tools.
    • Try to find solutions to every gap/risk as you go. Save in-depth research/discussion for later.
    • Document the details right away – stick to the high-level plan for the first exercise.
    1. Ahead of the exercise, decide on a scenario, identify participants, and book a meeting time.
      • For your first walkthrough of a DR scenario, we often recommend a scenario that considers a site failure requiring failover to a DR site.
      • For the first exercise, focus on technical aspects of recovery before bringing in members of the business. The technical team may need space to discuss the appropriate steps in the recovery process before you bring in business liaisons to discuss user acceptance testing (UAT).
      • A complete failover considers all systems, the viability of your second site, and can help identify parts of the process that require additional exercises.
    2. Review the scenario with participants. Then, discuss and document the recovery process, starting with initial notification of an event.
      • Record steps in the process on white cards or boxes.
      • On yellow and red cards, document gaps and risks in people process and technology requirements.
    3. Once you’ve walked through the process, return to the start.
      • Record the time required to complete each step. Consider identifying who is responsible for key steps. Identify any additional gaps and risks.
    4. Clean up and record the results of the workflow. Save a copy with your DRP documentation.

    Input

    • Expert knowledge on systems recovery

    Output

    • Recovery workflow, including gaps and risks

    Participants

    • Test coordinator
    • Technical SMEs

    Move from tabletop testing to functional exercises

    See how your plans fare in the real world

    In live exercises, some portion of your recovery plans are executed in a way that mimics a real recovery scenario. Some advantages of live testing:

    • See how standby systems behave. A tabletop exercise can miss small issues that can make or break the recovery process. For example, connectivity or integration issues on a new subnet might be difficult to predict prior to actually running services in that environment.
    • Hands-on practice: Familiarize the team with the steps, commands, and interfaces of your recovery toolset.
    • Manage the pressure of the DR scenario: Nothing’s quite like the real thing, but a live exercise may be the closest your team can get to a disaster situation without experiencing it firsthand.

    Examples of live exercises

    Boot and smoke test Turn on a standby system and confirm it boots up correctly.
    Restore and validate data Restore data or servers from backup. Confirm data integrity.
    Parallel testing Send familiar transactions to production and standby systems. Confirm both systems produce the same result.
    Failover systems Shut down the production system and use the standby system in production.

    Run local tests ahead of releases

    Think small

    Most unacceptable downtime is caused by localized issues, such as hardware or software failures, rather than widespread destructive events. Regular local testing can help validate the recovery plan for local issues and improve overall service continuity.

    Make local testing a standard step in maintenance work and new deployments to embed resilience considerations in day-to-day activities. Run the same tests in both your primary and your DR environment.

    Some examples of localized tests:

    • Review backup logs and check for errors.
    • Restore files or whole systems from backup.
    • Run application-based tests as part of release management, including unit, regression, and performance tests.
      • Ensure application tests are run for both the primary and DR environment.
      • For a deep-dive on application testing, see Info-Tech’s research Automate Testing to Get More Done.

    Info-Tech Insight

    Local tests will vary between different services, and local test design is usually best left to the system SMEs. At the same time, centralize reporting to understand where tests are being done.

    Investigate whether your IT Service Management or ticketing system can create recurring tasks or work orders to schedule, document, and track test exercises. Tasks can be pre-populated with checklists and documentation to support the test and provide a record of completed tests to support oversight and reporting.

    Have the business validate recovery

    If your business doesn’t think a system’s recovered, it’s not recovered.

    User acceptance testing (UAT) after system recovery is a key step in the recovery process. Like any step in the process, there’s value in testing it before it actually needs to be done. Assign responsibility for building UATs to the person who will be responsible for executing them.

    An acceptance test script might look something like the checklist below.

    • Does the application open?
    • Does the interface look right?
    • Do you see any unusual notifications or warnings?
    • Can you conduct a key transaction with dummy data?
    • Can you run key reports?

    “I cannot stress how important it is to assign ownership of responsibilities in a test; this is the only way to truly mitigate against issues in a test.”

    – Robert Nardella
    IT Service Management
    Certified z/OS Mainframe Professional

    Info-Tech Insight

    Build test scripts and test transactions ahead of time to minimize the amount of new work required during a recovery scenario.

    Beyond the Basics: Full Failover Testing

    • A failover test – a full failover of your production environment to a secondary environment – is what many IT and businesspeople think about when they think of disaster recovery testing.
    • A full test can validate previous local or tabletop tests, identify additional gaps and risks, and provide hands-on training experience with recovery processes and technologies.
    • Setting a date for failover testing can also inject some urgency into otherwise low-priority (but high importance) disaster recovery planning and documentation exercises, which need to be completed prior to the test.
    • Despite these benefits, full failover tests carry significant risk and require a great deal of effort and cost. Typically, only businesses that already have an active-active environment capable of supporting in-scope production systems are able to run a full environment failover.
    • This is especially true the first time you test. While in theory a DR plan should be ready to go at any time, there will be documents to update, gaps to address, and risks to mitigate before you go ahead with the test.

    Full Failover Testing

    What you get:

    • Provide hands-on experience with recovery processes and technology.
    • Confirm that site failover works in practice as you assumed in tabletop or local testing exercises.
    • Identify critical gaps you might have missed without a full failover test.

    What you need:

    • An active-active secondary site, with sufficient standby equipment, data, and licensed standby software to support production.
    • A completed tabletop exercise and documented recovery workflow.
    • A documented test plan, backout plan, and formal sign-off.
    • An off-hours downtime window.
    • Time from technical SMEs and business resources, both for creating the plan and executing the test.

    Beyond the Basics: Site Reliability Engineering

    • Site reliability engineering (SRE) is an application of skills and approaches from software engineering to improve system resilience.
    • SRE is focused on “availability, latency, performance, efficiency, change management, monitoring, emergency response, and capacity planning” across a set portfolio of services (Sloss, 2017).
    • In many organizations, SRE is implemented as a team that supports separate applications teams.
    • Applications must have defined and granular resilience requirements, translated into service objectives. The SRE team and applications teams will work together to meet these objectives.
    • Site reliability engineers (the folks that do SRE, and often also abbreviated as SREs) are expected to build solutions and processes to ensure services remain stable and performant, not just respond when they fail. For example, Google allows their SREs to spend just half their time on incident response, with the rest of their time focused on development and automation tasks.

    Site Reliability Testing

    What you get:

    • Improved reliability and reduced frequency and impact of downtime.
    • Increased use of automation to address problems before they cause an incident.
    • Granular resilience objectives.

    What you need:

    • Systems running on software-defined infrastructure.
    • Specialized skills in programming, infrastructure-as-code.
    • Business & product owners able to define and fund acceptable and appropriate resilience objectives.
    • Technical experts able to translate product requirements into technical design requirements.

    Beyond the Basics: Chaos Engineering

    • Chaos engineering, a term and approach first popularized by the team at Netflix, aims to improve the resilience of particularly large and distributed systems by simulating system failures and evaluating performance against a baseline.
    • Experiments simulate a variety of real-world events that could cause outages (e.g. network slowdowns or server failures). Experiments run continuously, and the recommendation is to run them in production where feasible while minimizing the impact on customers.
    • Tools to help you run chaos testing exist, including open-source toolkits like Chaos Monkey or Mangle and paid software as a service (SaaS) solutions like Gremlin.
    • Deciding whether the long-term benefits of tests that can degrade production are worth the potential risk of system slowdowns or outages is a business or product decision. Technical considerations aside, if the business owner of a particular system doesn’t see the value of continuous testing outweighing the introduced risk, this approach to testing isn’t going to happen.

    Chaos Engineering

    What you get:

    • Confidence that systems can weather volatile and unpredictable conditions in a production environment.
    • An embedded resilience culture.

    What you need:

    • High-maturity IT incident, monitoring and event practices.
    • Standby/resilient systems to minimize downtime impact.
    • Business buy-in for introducing risk into the production environment.
    • Specialized skills to identify, develop, and run tests that degrade production performance in a controlled way.
    • Budget and time to act on issues identified through testing.

    Beyond the Basics: Security Event Simulations

    • Ransomware is driving demands for proof of recovery testing from customers, executives, auditors, and insurance companies. Systems recovery is part of ransomware recovery, but recovering from a breach includes detection, analysis, containment, and eradication of the attack vector before systems recovery can begin.
    • Beyond technical recovery, internal legal and communications teams will have a role, as will your insurance provider, consultants specialized in ransomware recovery, or professional ransom negotiators.
    • A tabletop exercise focused on ransomware incident response is a key first step. You can find Info-Tech’s methodology for a ransomware tabletop in Phase 3 of Build Resilience Against Ransomware Attacks.
    • Live testing approaches can offer hands-on experience and further insight into how your systems are vulnerable to malware. A variety of open source and proprietary tools can simulate ransomware and help you identify problems, though it’s important to understand the limitations of different simulators (Allon, 2022).
    • A “red team” exercise simulates an adversarial attack against your processes and systems. A specialized penetration tester will often take on the role of the red team and provide a report of identified gaps and risks after the engagement.

    Security Event Simulation

    What you get:

    • Hands-on experience managing and recovering from a ransomware attack in a controlled environment.
    • A better understanding of gaps in your response process.

    What you need:

    • A completed ransomware tabletop exercise and mature security incident response processes.
    • For Ransomware Simulators: An air-gapped sandbox environment hosting a copy of your production systems and security tools, and time from your technical SMEs.
    • For Red Team Exercises: A trusted provider, scope for your testing plans, and time from your security incident response team.

    Prioritize tests by asking these three questions

    1. Will the scope of this test deliver sufficient value?

    • Yes, these are critical systems with low tolerance for downtime or data loss.
    • Yes, major changes or new systems require validation of DR capabilities.
    • Yes, there’s high probability of an outage, or recent experience of an outage.
    • •Yes, we have audit requirements or customer demands for testing.

    2. Are we ready for this test?

    • Yes, recovery plans and recovery objectives are documented.
    • Yes, key technical and business resources have time to commit to testing exercises.
    • Yes, technology is currently able to support proposed tests.

    3. Is it easy to do?

    • Yes, effort required to complete the test is low (i.e. minimal work, few participants).
    • Yes, the risks related to testing are low.
    • Yes, it won’t cost much.

    Info-Tech Insight

    More complex, challenging, risky, or costly tests, such as full failover tests, can deliver value. But do the high-value, low-effort stuff first!

    03 Brainstorm and prioritize test ideas

    30-60 minutes

    Even if you have an idea of what you need to test and how you want to run those tests, this brainstorming exercise can generate useful ideas for testing that might otherwise have been missed.

      1. Review the slides above to develop ideas on how and what you want to test. These slides may be enough to kickstart a brainstorming process. Don’t debate or discount ideas at this point. Write down these ideas in a space where all participants can see them (e.g. whiteboard or shared screen).

    The next steps will help you prioritize the list – if needed – to tests that are highest value and lowest effort.

    1. Discuss where you have the greatest need to test. Assign a score of 0 – 3 for each test, with a score of 3 being high-need and a score of zero being low-need. Consider whether:
      • These applications have a low tolerance for downtime.
      • There’s a high chance of an outage, or recent experience with an outage.
      • There’s a need to train or cross-train staff on recovery for the system(s) in question.
      • Major changes require a review or validation of DR capabilities.
      • Audit requirements or customer/executive demands can be met via testing.
    2. Discuss which tests will require the least effort to complete – where readiness is high and tests are easier to do. Assign a score between 0 and 3 for each test, with a score of 3 being least effort and a score of 0 being high effort. Consider whether:
      • Recovery plans and recovery objectives are documented for these systems.
      • Technical experts are available to work on testing exercises.
      • For active testing, standby/sandbox systems are available and capable of supporting proposed tests.
      • The effort required to complete the test is low (e.g. minimal new work, few participants).
      • The risks related to testing are low.
      • You will need to secure additional funding.
    3. Sum together the assigned scores for each test. Higher scores should be the highest priority, but of course use your judgement to validate the results and select one or two tests to execute in the coming year.

    “There are different levels of testing and it is very progressive. I do not recommend my clients to do anything, unless they do it in a progressive fashion. Don’t try to do a live failover test with your users, right out of the box.”

    – Steve Tower
    Principal Consultant
    Prompta Consulting Group

    Input

    • Organizational and technical context

    Output

    • Prioritize list of DR testing ideas

    Participants

    • DR sponsor
    • Test coordinator

    04 Build a test plan

    3-5 days

    Building a test plan helps the test run smoothly and can uncover issues with the underlying DRP as you dig into the details.

    The test coordinator will own the plan document but will rely on the sponsor to confirm scope and goals, technical SMEs to develop system recovery plans, and business liaisons to create UAT scripts.

    Download Info-Tech’s Disaster Recovery Test Plan Template. Use the structure of the template to build your own document, deleting example data as you go. Consider saving a separate copy of this document as an example and working from a second copy.

    Key sections of the document include:

    • Goals, scenario, and scope of the test.
    • Assumptions, constraints, risks, and mitigation strategies.
    • Test participants.
    • Key pre-test milestones, and test-day schedule.
    • After-action review.

    Download the Disaster Recovery Test Plan Template

    Input

    • Scope
    • High-level goals

    Output

    • Test plan, including goals, scope, key milestones, risks and mitigations, and test-day schedule

    Participants

    • Test coordinator develops the plan with support from:
      • Technical SMEs
      • Business liaisons
      • DR sponsor

    05 Run an after-action review

    30-60 minutes

    Take time after test exercises – especially large-scale tests with many participants – to consider what went well, what didn’t, and where you can improve future testing exercises. Track lessons learned and next steps at the bottom of your test plan.

    1. Start with a short (5-10 minute) debrief of the test and allow participants to ask questions. Confirm:
      • Did we meet the goals we set for the exercise, including RTOs and RPOs?
      • What was done well? What issues, gaps, and risks were identified?
    2. Work through variations of the following questions:
      • Was the test plan effective, and was the test well organized?
      • Was the documentation effective? Where did we follow the plan as documented, and where did we deviate from the plan?
      • Was our communication/collaboration during the test effective?
      • Have gaps and issues found during the test been reported to the testing coordinator? Could some of the issues uncovered apply more broadly to other IT services as well?
      • What could we test next, based on what was discovered?
      • Are there other tools or approaches that could be useful?

    Input

    • Insights and experience from a recent testing exercise

    Output

    • Identified gaps and risks, and action items to address them
    • Ideas to improve future test exercises

    Participants

    • Test coordinator develops the plan with support from:
      • Test coordinator
      • Test participants

    Follow a testing cycle

    All tests are expected to drive actions to improve resilience, as appropriate. Experience from previous tests will be applied to future testing exercises.

    The testing cycle: 1. Plan a test, 2. Run test, 3. Take action.

    Use your experience to simplify testing

    The fifth testing exercise should be easier than the first

    Outputs and lessons learned from testing should help you run future tests.

    • With past experience under their belt, participants should have a better understanding of their role, and of their peers’ roles, and the goal of the exercise.
    • Facilitators will be more comfortable facilitating the exercise, and everyone should be more confident in the steps required to recover their systems.
    • Gather feedback from participants through after-action reviews to identify what worked and what didn’t.
    • Documentation from previous tests can provide a template for future tests.
    • Gaps identified in previous tests can provide ideas for future tests.

    Experience, lessons learned, improved process, new test targets, repeat.

    Info-Tech Insight

    Testing should get easier over time. But if you’re easily passing every test, it’s a sign that you’re ready to run more challenging tests.

    06 Create a test program summary

    2-4 hours

    Regular testing allows you to build on prior tests and helps keep plans current despite changes to your environment.

    Keeping a regular testing schedule requires expertise, a process to coordinate your efforts, and a level of governance to provide oversight and ensure testing continues to deliver value. Create a call to action using Info-Tech’s Disaster Recovery Testing Program Summary Template.

    The result is a summary document that:

    • Identifies key takeaways and testing goals
    • Presents key elements of the testing program
    • Outlines the testing cycle
    • Lists expected milestones for the next year
    • Identifies participants
    • Recommends next steps

    “It is extremely important in the early stages of development to concentrate the focus on actual recoverability and data protection, enhancing these capabilities over time into a fully matured program that can truly test the recovery, and not simply focusing on the testing process itself.”

    – Joe Starzyk
    Senior Business Development Executive
    IBM Global Services

    Research Contributors and Experts

    • Bernard A. Jones, Business Continuity & Disaster Recovery Expert
    • Robert Nardella, IT Service Management, Certified z/OS Mainframe Professional
    • Larry Liss, Chief Technology Officer, Blank Rome LLP
    • Jennifer Goshorn, Chief Administrative and Chief Compliance Officer, Gunderson Dettmer LLP
    • Paul Kirvan, FBCI, CISA, Independent IT Consultant/Auditor, Paul Kirvan Associates
    • Steve Tower, Principal Consultant, Prompta Consulting Group
    • Joe Starzyk, Senior Business Development Executive, IBM Global Services
    • Thomas Bronack, Enterprise Resiliency and Corporate Certification Consultant, DCAG
    • Paul S. Randal, CEO & Owner, SQLskills.com
    • Tom Baumgartner, Disaster Recovery Analyst, Catholic Health

    Bibliography

    Alton, Yoni. “Ransomware simulators – reality or a bluff?” Palo Alto Blog, 2 May 2022. Accessed 31 Jan 2023.
    https://www.paloaltonetworks.com/blog/security-operations/ransomware-simulators-reality-or-a-bluff/

    Brathwaite, Shimon. “How to Test your Business Continuity and Disaster Recovery Plan,” Security Made Simple, 13 Nov 2022. Accessed 31 Jan 2023.
    https://www.securitymadesimple.org/cybersecurity-blog/how-to-test-your-business-continuity-and-disaster-recovery-plan

    The Business Continuity Institute. Good Practice Guidelines: 2018 Edition. The Business Continuity Institute, 2017.

    Emigh, Jacqueline. “Disaster Recovery Testing: Ensuring Your DR Plan Works,” Enterprise Storage Forum, 28 May 2019. Accessed 31 Jan 2023.
    Disaster Recovery Testing: Ensuring Your DR Plan Works | Enterprise Storage Forum

    Gardner, Dana. "Case Study: Strategic Approach to Disaster Recovery and Data Lifecycle Management Pays off for Australia's SAI Global." ZDNet. BriefingsDirect, 26 Apr 2012. Accessed 31 Jan 2023.
    http://www.zdnet.com/article/case-study-strategic-approach-to-disaster-recovery-and-data-lifecycle-management-pays-off-for-australias-sai-global/.

    IBM. “Section 11. Testing the Disaster Recovery Plan.” IBM, 2 Aug 2021. Accessed 31 Jan 2023. Section 11. Testing the disaster recovery plan - IBM Documentation Lutkevich, Ben and Alexander Gillis. “Chaos Engineering”. TechTarget, Jun 2021. Accessed 31 Jan 2023.
    https://www.techtarget.com/searchitoperations/definition/chaos-engineering

    Monperrus, Martin. “Principles of Antifragility.” Arxiv Forum, 7 June 2017. Accessed 31 Jan 2023.
    https://arxiv.org/ftp/arxiv/papers/1404/1404.3056.pdf

    “Principles of Chaos Engineering.” Principles of Chaos Engineering, 2019 March. Accessed 31 Jan 2023.
    https://principlesofchaos.org/

    Sloss, Benjamin Treynor. “Introduction.” Site Reliability Engineering. Ed. Betsy Beyer. O’Reilly Media, 2017. Accessed 31 Jan 2023.
    https://sre.google/sre-book/introduction/

    Develop a Security Operations Strategy

    • Buy Link or Shortcode: {j2store}264|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $79,249 Average $ Saved
    • member rating average days saved: 28 Average Days Saved
    • Parent Category Name: Security Processes & Operations
    • Parent Category Link: /security-processes-and-operations
    • There is an onslaught of security data – generating information in different formats, storing it in different places, and forwarding it to different locations.
    • The organization lacks a dedicated enterprise security team. There is limited resourcing available to begin or mature a security operations center.
    • Many organizations are developing ad hoc security capabilities that result in operational inefficiencies, the misalignment of resources, and the misuse of security technology investments.
    • It is difficult to communicate the value of a security operations program when trying to secure organizational buy-in to gain the appropriate resourcing.
    • There is limited communication between security functions due to a centralized security operations organizational structure.

    Our Advice

    Critical Insight

    1. Security operations is no longer a center, but a process. The need for a physical security hub has evolved into the virtual fusion of prevention, detection, analysis, and response efforts. When all four functions operate as a unified process, your organization will be able to proactively combat changes in the threat landscape.
    2. Functional threat intelligence is a prerequisite for effective security operations – without it, security operations will be inefficient and redundant. Eliminate false positives by contextualizing threat data, aligning intelligence with business objectives, and building processes to satisfy those objectives.
    3. If you are not communicating, you are not secure. Collaboration eliminates siloed decisions by connecting people, processes, and technologies. You leave less room for error, consume fewer resources, and improve operational efficiency with a transparent security operations process.

    Impact and Result

    • A unified security operations process actively transforms security events and threat information into actionable intelligence, driving security prevention, detection, analysis, and response processes, addressing the increasing sophistication of cyberthreats, and guiding continuous improvement.
    • This blueprint will walk through the steps of developing a flexible and systematic security operations program relevant to your organization.

    Develop a Security Operations Strategy Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should enhance your security operations program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess your current state

    Assess current prevention, detection, analysis, and response capabilities.

    • Develop a Security Operations Strategy – Phase 1: Assess Operational Requirements
    • Security Operations Preliminary Maturity Assessment Tool

    2. Develop maturity initiatives

    Design your optimized state of operations.

    • Develop a Security Operations Strategy – Phase 2: Develop Maturity Initiatives
    • Information Security Requirements Gathering Tool
    • Concept of Operations Maturity Assessment Tool

    3. Define operational interdependencies

    Identify opportunities for collaboration within your security program.

    • Develop a Security Operations Strategy – Phase 3: Define Operational Interdependencies
    • Security Operations RACI Chart & Program Plan
    • Security Operations Program Cadence Schedule Template
    • Security Operations Collaboration Plan
    • Security Operations Metrics Summary Document
    [infographic]

    Workshop: Develop a Security Operations Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess Operational Requirements

    The Purpose

    Determine current prevention, detection, analysis, and response capabilities, operational inefficiencies, and opportunities for improvement.

    Key Benefits Achieved

    Determine why you need a sound security operations program.

    Understand Info-Tech’s threat collaboration environment.

    Evaluate your current security operation’s functions and capabilities.

    Activities

    1.1 Understand the benefits of refining your security operations program.

    1.2 Gauge your current prevention, detection, analysis, and response capabilities.

    Outputs

    Security Operations Preliminary Maturity Assessment Tool

    2 Develop Maturity Initiatives

    The Purpose

    Begin developing and prioritizing gap initiatives in order to achieve the optimal state of operations.

    Key Benefits Achieved

    Establish your goals, obligations, scope, and boundaries.

    Assess your current state and define a target state.

    Develop and prioritize gap initiatives.

    Define the cost, effort, alignment, and security benefits of each initiative.

    Develop a security strategy operational roadmap.

    Activities

    2.1 Assess your current security goals, obligations, and scope.

    2.2 Design your ideal target state.

    2.3 Prioritize gap initiatives.

    Outputs

    Information Security Strategy Requirements Gathering Tool

    Security Operations Maturity Assessment Tool

    3 Define Operational Interdependencies

    The Purpose

    Identify opportunities for collaboration.

    Formalize your operational process flows.

    Develop a comprehensive and actionable measurement program.

    Key Benefits Achieved

    Understand the current security operations process flow.

    Define the security operations stakeholders and their respective deliverables.

    Formalize an internal information-sharing and collaboration plan.

    Activities

    3.1 Identify opportunities for collaboration.

    3.2 Formalize a security operations collaboration plan.

    3.3 Define operational roles and responsibilities.

    3.4 Develop a comprehensive measurement program.

    Outputs

    Security Operations RACI & Program Plan Tool

    Security Operations Collaboration Plan

    Security Operations Cadence Schedule Template

    Security Operations Metrics Summary

    Further reading

    INFO-TECH RESEARCH GROUP

    Develop a Security Operations Strategy

    Transition from a security operations center to a threat collaboration environment.

    Info-Tech Research Group, Inc. is a global leader in providing IT research and advice. Info-Tech’s products and services combine actionable insight and relevant advice with ready-to-use tools and templates that cover the full spectrum of IT concerns.
    © 1997-2017 Info-Tech Research Group Inc.

    ANALYST PERSPECTIVE

    “A reactive security operations program is no longer an option. The increasing sophistication of threats demands a streamlined yet adaptable mitigation and remediation process. Protect your assets by preparing for the inevitable; unify your prevention, detection, analysis, and response efforts and provide assurance to your stakeholders that you are making information security a top priority.”

    Phot of Edward Gray, Consulting Analyst, Security, Risk & Compliance, Info-Tech Research Group.

    Edward Gray,
    Consulting Analyst, Security, Risk & Compliance
    Info-Tech Research Group



    Our understanding of the problem

    This Research Is Designed For:
    • Chief Information Officer (CIO)
    • Chief Information Security Officer (CISO)
    • Chief Operating Officer (COO)
    • Security / IT Management
    • Security Operations Director / Security Operations Center (SOC)
    • Network Operations Director / Network Operations Center (NOC)
    • Systems Administrator
    • Threat Intelligence Staff
    • Security Operations Staff
    • Security Incident Responders
    • Vulnerability Management Staff
    • Patch Management
    This Research Will Help You:
    • Enhance your security program by implementing and streamlining next-generation security operations processes.
    • Increase organizational situational awareness through active collaboration between core threat teams, enriching internal security events with external threat intelligence and enhancing security controls.
    • Develop a comprehensive threat analysis and dissemination process: align people, process, and technology to scale security to threats.
    • Identify the appropriate technological and infrastructure-based sourcing decisions.
    • Design a step-by-step security operations implementation process.
    • Pursue continuous improvement: build a measurement program that actively evaluates program effectiveness.
    This Research Will Also Assist:
    • Board / Chief Executive Officer
    • Information Owners (Business Directors/VP)
    • Security Governance and Risk Management
    • Fraud Operations
    • Human Resources
    • Legal and Public Relations
    This Research Will Help Them
    • Aid decision making by staying abreast of cyberthreats that could impact the business.
    • Increase visibility into the organization’s threat landscape to identify likely targets or identify exposed vulnerabilities.
    • Ensure the business is compliant with regularity, legal, and/or compliance requirements.
    • Understand the value and return on investment of security operations offerings.

    Executive summary

    Situation

    • Current security practices are disjointed, operating independently with a wide variety of processes and tools to conduct incident response, network defense, and threat analysis. These disparate mitigations leave organizations vulnerable to the increasing number of malicious events.
    • Threat management has become resource intensive, requiring continuous monitoring, collection, and analysis of massive volumes of security event data, while juggling business, compliance, and consumer obligations.

    Complication

    • There is an onslaught of security data – generating information in different formats, storing it in different places, and forwarding it to different locations.
    • The organization lacks a dedicated enterprise security team. There is limited resourcing available to begin or mature a security operations center.
    • Many organizations are developing ad hoc security capabilities that result in operational inefficiencies, the misalignment of resources, and the misuse of their security technology investments.
    • It is difficult to communicate the value of a security operations program when trying to secure organizational buy-in to gain the appropriate resourcing.
    • There is limited communication between security functions due to a centralized security operations organizational structure.

    Resolution

    • A unified security operations process actively transforms security events and threat information into actionable intelligence, driving security prevention, detection, analysis, and response processes, addressing the increasing sophistication of cyberthreats, and guiding continuous improvement.
    • This blueprint will walk through the steps of developing a flexible and systematic security operations program relevant to your organization.

    Info-Tech Insight

    1. Security operations is no longer a center, but a process. The need for a physical security hub has evolved into the virtual fusion of prevention, detection, analysis, and response efforts. When all four functions operate as a unified process, your organization will be able to proactively combat changes in the threat landscape.
    2. Functional threat intelligence is a prerequisite for effective security operations – without it, security operations will be inefficient and redundant. Eliminate false positives by contextualizing threat data, aligning intelligence with business objectives, and building processes to satisfy those objectives.
    3. If you are not communicating, you are not secure. Collaboration eliminates siloed decisions by connecting people, processes, and technologies. You leave less room for error, consume fewer resources, and improve operational efficiency with a transparent security operations process.

    Data breaches are resulting in major costs across industries

    Horizontal bar chart of 'Per capita cost by industry classification of benchmarked companies', with the highest cost attributed to 'Health', 'Pharmaceutical', 'Financial', 'Energy', and 'Transportation'.

    Average data breach costs per compromised record hit an all-time high of $217 (in 2015); $74 is direct cost (e.g. legal fees, technology investment) and $143 is indirect cost (e.g. abnormal customer churn). (Source: Ponemon Institute, “2015 Cost of Data Breach Study: United States”)

    '% of systems impacted by a data breach', '1% No Impact', '19% 1-10% impacted', '41% 11-30% impacted', '24% 31-50% impacted', '15% more than 50% impacted
    Divider line.
    '% of customers lost from a data breach', '61% Lost <20%', '21% Lost 20-40%', '8% Lost 40-60%', '6% Lost 60-80%', '4% Lost 80-100%'.
    Divider line.
    '% of business opportunity lost from a data breach', '58% Lost <20%', '25% Lost 20-40%', '9% Lost, 40-60%', '5% Lost 60-80%', '4% Lost 80-100%'.
    (Source: The Network, “ Cisco 2017 Security Capabilities Benchmark Study”)

    Persistent issues

    • Organizational barriers separating prevention, detection, analysis, and response efforts.
      Siloed operations limit collaboration and internal knowledge sharing.
    • Lack of knowledgeable security staff.
      Human capital is transferrable between roles and functions and must be cross-trained to wear multiple hats.
    • Failure to evaluate and improve security operations.
      The effectiveness of operations must be frequently measured and (re)assessed through an iterative system of continuous improvement.
    • Lack of standardization.
      Pre-established use cases and policies outlining tier-1 operational efforts will eliminate ad hoc remediation efforts and streamline operations.
    • Failure to acknowledge the auditor as a customer.
      Many compliance and regulatory obligations require organizations to have comprehensive documentation of their security operations practices.

    60% Of organizations say security operation teams have little understanding of each other’s requirements.

    40% Of executives report that poor coordination leads to excessive labor and IT operational costs.

    38-100% Increase in efficiency after closing operational gaps with collaboration.
    (Source: Forbes, “The Game Plan for Closing the SecOps Gap”)

    The solution

    Bar chart of the 'Benefits of Internal Collaboration' with 'Increased Operational Efficiency' and 'Increased Problem Solving' having the highest percentage.

    “Empower a few administrators with the best information to enable fast, automated responses.”
    – Ismael Valenzuela, IR/Forensics Technical Practice Manager, Foundstone® Services, Intel Security)

    Insufficient security personnel resourcing has been identified as the most prevalent challenge in security operations…

    When an emergency security incident strikes, weak collaboration and poor coordination among critical business functions will magnify inefficiencies in the incident response (IR) process, impacting the organization’s ability to minimize damage and downtime.

    The solution: optimize your SOC. Info-Tech has seen SOCs with five analysts outperform SOCs with 25 analysts through tools and process optimization.

    Sources:
    Ponemon. "2016 State of Cybersecurity in Small & Medium-Sized Businesses (SMB).”
    Syngress. Designing and Building a Security Operations Center.

    Maintain a holistic security operations program

    Legacy security operations centers (SOCs) fail to address gaps between data sources, network controls, and human capital. There is limited visibility and collaboration between departments, resulting in siloed decisions that do not support the best interests of the organization.
    Venn diagram of 'Next-Gen Security Operations' with four intersecting circles: 'Prevent', 'Detect', 'Analyze', and 'Respond'.

    Security operations is part of what Info-Tech calls a threat collaboration environment, where members must actively collaborate to address cyberthreats affecting the organization’s brand, business operations, and technology infrastructure on a daily basis.

    Prevent: Defense in depth is the best approach to protect against unknown and unpredictable attacks. Diligent patching and vulnerability management, endpoint protection, and strong human-centric security (amongst other tactics) are essential. Detect: There are two types of companies – those who have been breached and know it and those who have been breached and don’t know it. Ensure that monitoring, logging, and event detection tools are in place and appropriate to your organizational needs
    Analyze: Raw data without interpretation cannot improve security and is a waste of time, money, and effort. Establish a tiered operational process that not only enriches data but also provides visibility into your threat landscape. Respond: Organizations can’t rely on an ad hoc response anymore – don’t wait until a state of panic. Formalize your response processes in a detailed incident runbook in order to reduce incident remediation time and effort.

    Info-Tech’s security operations blueprint ties together various initiatives

    Stock image 1.

    Design and Implement a Vulnerability Management Program

    Vulnerability Management
    Vulnerability management revolves around the identification, prioritization, and remediation of vulnerabilities. Vulnerability management teams hunt to identify which vulnerabilities need patching and remediating.
    Deliverables
    • Vulnerability Tracking Tool
    • Vulnerability Scanning Tool RFP Template
    • Penetration Test RFP Template
    • Vulnerability Mitigation Process Template
    Stock image 2.

    Integrate Threat Intelligence Into Your Security Operations

    Threat Intelligence
    Threat intelligence addresses the collection, analysis, and dissemination of external threat data. Analysts act as liaisons to their peers, publishing actionable threat alerts, reports, and briefings. Threat intelligence proactively monitors and identifies whether threat indicators are impacting your organization.
    • Maturity Assessment Tool
    • Threat Intelligence RACI Tool
    • Management Plan Template
    • Threat Intelligence Policy Template
    • Alert Template
    • Alert and Briefing Cadence Schedule
    Stock image 3.

    Develop Foundational Security Operations Processes

    Operations
    Security operations include the real-time monitoring and analysis of events based on the correlation of internal and external data sources. This also includes incident escalation based on impact. Analysts are constantly tuning and tweaking rules and reporting thresholds to further help identify which indicators are most impactful during the analysis phase of operations.
    • Maturity Assessment Tool
    • Event Prioritization Tool
    • Efficiency Calculator
    • SecOps Policy Template
    • In-House vs. Outsourcing Decision-Making Tool
    • SecOps RACI Tool
    • TCO & ROI Comparison Calculator
    Stock image 4.

    Develop and Implement a Security Incident Management Program

    Incident Response
    Effective and efficient management of incidents involves a formal process of analysis, containment, eradication, recovery, and post-incident activities. IR teams coordinate root-cause analysis and incident gathering while facilitating post-incident lessons learned. Incident response can provide valuable threat data that ties specific indicators to threat actors or campaigns.
    • Incident Management Policy
    • Maturity Assessment Tool
    • Incident Management RACI Tool
    • Incident Management Plan
    • Incident Runbook Prioritization Tool
    • Various Incident Management Runbooks

    This blueprint will…

    …better protect your organization with an interdependent and collaborative security operations program.

    Phase 01

    Assess your operational requirements.

    Phase 02

    Optimize and further mature your security operations processes

    Phase 3a

    Develop the process flow and specific interaction points between functions

    Phase 3b

    Test your current capabilities with a table top exercise
    Briefly assess your current prevention, detection, analysis, and response capabilities.
    Highlight operational weak spots that should be addressed before progressing.
    Develop a prioritized list of security-focused operational initiatives.
    Conduct a holistic analysis of your operational capabilities.
    Define the operational interaction points between security-focused operational departments.
    Document the results in comprehensive operational interaction agreement.
    Test your operational processes with Info-Tech’s security operations table-top exercise.

    Info-Tech integrates several best practices to create a best-of-breed security framework

    Legend for the 'Information Security Framework' identifying blue best practices as 'In Scope' and white best practices as 'Out of Scope'. Info-Tech's 'Information Security Framework' of best practices with two main categories 'Governance' and 'Management', each with subcategories such as 'Context & Leadership' and 'Prevention', each with a group of best practices color-coded to the associated legend identifying them as 'In Scope' or 'Out of Scope'.

    Benefits of a collaborative and integrated operations program

    Effective security operations management will help you do the following:

    • Improve efficacy
      Develop structured processes to automate activities and increase process consistency across the security program. Expose operational weak points and transition teams from firefighting to an innovator role.
    • Improve threat protection
      Enhance network controls through the hardening of perimeter defenses, an intelligence-driven analysis process, and a streamlined incident remediation process.
    • Improve visibility and information sharing
      Promote both internal and external information sharing to enable good decision making.
    • Create and clarify accountability and responsibility
      Security operations management practices will set a clear level of accountability throughout the security program and ensure role responsibility for all tasks and processes involved in service delivery.
    • Control security costs
      Security operations management is concerned with delivering promised services in the most efficient way possible. Good security operations management practices will provide insight into current costs across the organization and present opportunities for cost savings.
    • Identify opportunities for continuous improvement
      Increased visibility into current performance levels and the ability to accurately identify opportunities for continuous improvement.

    Impact

    Short term:

    • Streamlined security operations program development process.
    • Completed comprehensive list of operational gaps and initiatives.
    • Formalized and structured implementation process.
    • Standardized operational use cases that predefine necessary operational protocol.

    Long term:

    • Enhanced visibility into immediate threat environment.
    • Improved effectiveness of internal defensive controls.
    • Increased operational collaboration between prevention, detection, analysis, and response efforts.
    • Enhanced security pressure posture.
    • Improved communication with executives about relevant security risks to the business.

    Understand the cost of not having a suitable security operations program

    A practical approach, justifying the value of security operations, is to identify the assets at risk and calculate the cost to the company should the information assets be compromised (i.e. assess the damage an attacker could do to the business).

    Cost Structure Cost Estimation ($) for SMB
    (Small and medium-sized business)
    Cost Estimation ($) for LE
    (Large enterprise)
    Security controls Technology investment: software, hardware, facility, maintenance, etc.
    Cost of process implementation: incident response, CMBD, problem management, etc.
    Cost of resource: salary, training, recruiting, etc.
    $0-300K/year $200K-2M/year
    Security incidents
    (if no security control is in place)
    Explicit cost:
    1. Incident response cost:
      • Remediation costs
      • Productivity: (number of employees impacted) × (hours out) × (burdened hourly rate)
      • Extra professional services
      • Equipment rental, travel expenses, etc.
      • Compliance fine
      • Cost of notifying clients
    2. Revenue loss: direct loss, the impact of permanent loss of data, lost future revenues
    3. Financial performance: credit rating, stock price
      Hidden cost:
      • Reputation, customer loyalty, etc.
    $15K-650K/year $270K-11M/year

    Workshop Overview

    Contact your account representative or email Workshops@InfoTech.com for more information.

    Workshop Day 1 Workshop Day 2 Workshop Day 3 Workshop Day 4 Workshop Day 5
    Activities
    • Kick-off and introductions.
    • High-level overview of weekly activities and outcomes.
    • Activity: Define workshop objectives and current state of knowledge.
    • Understand the threat collaboration environment.
    • Understand the benefits of an optimized security operations.
    • Activity: Review preliminary maturity level.
    • Activity: Assess current people, processes, and technology capabilities.
    • Activity: Assess workflow capabilities.
    • Activity: Begin deep-dive into maturity assessment tool.
    • Discuss strategies to enhance the analysis process (ticketing, automation, visualization, use cases, etc.).
    • Activity: Design ideal target state.
    • Activity: Identify security gaps.
    • Build initiatives to bridge the gaps.
    • Activity: Estimate the resources needed.
    • Activity: Prioritize gap initiatives.
    • Activity: Develop dashboarding and visualization metrics.
    • Activity: Plan for a transition with the security roadmap and action plan.
    • Activity: Define and assign tier 1, 2 & 3 SOC roles and responsibilities.
    • Activity: Assign roles and responsibilities for each security operations initiative.
    • Activity: Develop a comprehensive measurement program.
    • Activity: Develop specific runbooks for your top-priority incidents (e.g. ransomware).
      • Detect the incident.
      • Analyze the incident.
      • Contain the incident.
      • Eradicate the root cause.
      • Recover from the incident.
      • Conduct post-incident analysis and communication.
    • Activity:Conduct attack campaign simulation.
    • Finalize main deliverables.
    • Schedule feedback call.
    Deliverables
    1. Security Operations Maturity Assessment Tool
    1. Target State and Gap Analysis (Security Operations Maturity Assessment Tool)
    1. Security Operations Role & Process Design
    2. Security Operations RACI Chart
    3. Security Operations Metrics Summary
    4. Security Operations Phishing Process Runbook
    5. Attack Campaign Simulation PowerPoint

    All Final Deliverables

    Develop a Security Operations Strategy

    PHASE 1

    Assess Operational Requirements

    1

    Assess Operational Requirements

    2

    Develop Maturity Initiatives

    3

    Define Interdependencies

    This step will walk you through the following activities:

    • Determine why you need a sound security operations program.
    • Understand Info-Tech’s threat collaboration environment.
    • Evaluate your current security operation’s functions and capabilities.

    Outcomes of this step

    • A defined scope and motive for completing this project.
    • Insight into your current security operations capabilities.
    • A prioritized list of security operations initiatives based on maturity level.

    Info-Tech Insight

    Security operations is no longer a center, but a process. The need for a physical security hub has evolved into the virtual fusion of prevention, detection, analysis, and response efforts. When all four functions operate as a unified process, your organization will be able to proactively combat changes in the threat landscape.

    Warm-up exercise: Why build a security operations program?

    Estimated time to completion: 30 minutes

    Discussion: Why are we pursuing this project?

    What are the objectives for optimizing and developing sound security operations?

    Stakeholders Required:

    • Key business executives
    • IT leaders
    • Security operations team members

    Resources Required

    • Sticky notes
    • Whiteboard
    • Dry-erase markers
    1. Briefly define the scope of security operations
      What people, processes, and technology fall within the security operations umbrella?
    2. Brainstorm the implications of not acting
      What does the status quo have in store? What are the potential risks?
    3. Define the goals of the project
      Clarify from the outset: what exactly do you want to accomplish from this project?
    4. Prioritize all brainstormed goals
      Classify the goals based on relevant prioritization criteria, e.g. urgency, impact, cost.

    Info-Tech Best Practice

    Don’t develop a security operations program with the objective of zero incidents. This reliance on prevention results in over-engineered security solutions that cost more than the assets being protected.

    Decentralizing the SOC: Security as a function

    Before you begin, remember that no two security operation programs are the same. While the end goal may be similar, the threat landscape, risk tolerance, and organizational requirements will differ from any other SOC. Determine what your DNA looks like before you begin to protect it.

    Security operations must provide several fundamental functions:
    • Real-time monitoring, detecting, and triaging of data from both internal and external sources.
    • In-depth analysis of indicators and incidents, leveraging malware analysis, correlation and rule tweaking, and forensics and eDiscovery techniques.
    • Network/host scanning and vulnerability patch management.
    • Incident response, remediation, and reporting. Security operations must disseminate appropriate information/intelligence to relevant stakeholders.
    • Comprehensive logging and ticketing capabilities that document and communicate events throughout the threat collaboration environment.
    • Tuning and tweaking of technologies to ingest collected data and enhance the analysis process.
    • Enhance overall organizational situational awareness by reporting on security trends, escalating incidents, and sharing adversary tools, tactics, and procedures.
    Venn diagram of 'Security Operations' with four intersecting circles: 'Prevent', 'Detect', 'Analyze', and 'Respond'.
    At its core, a security operations program is responsible for the prevention, detection, analysis, and response of security events.

    Optimized security operations can seamlessly integrate threat and incident management processes with monitoring and compliance workflows and resources. This integration unlocks efficiency.

    Understand the levels of security operations

    Take the time to map out what you need and where you should go. Security operations has to be more than just monitoring events – there must be a structured program.

    Foundational Arrow with a plus sign pointing right. Operational Arrow with a plus sign pointing right. Strategic
    • Intrusion Detection Management
    • Active Device and Event Monitoring
    • Log Collection and Retention
    • Reporting and Escalation Management
    • Incident Management
    • Audit Compliance
    • Vendor Management
    • Ticketing Processes
    • Packet Capture and Analysis
    • SIEM
    • Firewall
    • Antivirus
    • Patch Management
    • Event Analysis and Incident Triage
    • Security Log Management
    • Vulnerability Management
    • Host Hardening
    • Static Malware Analysis
    • Identity and Access Management
    • Change Management
    • Endpoint Management
    • Business Continuity Management
    • Encryption Management
    • Cloud Security (if applicable)
    • SIEM with Defined Use Cases
    • Big Data Security Analytics
    • Threat Intelligence
    • Network Flow Analysis
    • VPN Anomaly Detection
    • Dynamic Malware Analysis
    • Use-Case Management
    • Feedback and Continuous Improvement Management
    • Visualization and Dashboarding
    • Knowledge Portal Ticket Documentation
    • Advanced Threat Hunting
    • Control and Process Automation
    • eDiscovery and Forensics
    • Risk Management
    ——Security Operations Capabilities—–›

    Understand security operations: Establish a unified threat collaboration environment

    Stock image 1.

    Design and Implement a Vulnerability Management Program

    Security operations is part of what Info-Tech calls a threat collaboration environment, where members must actively collaborate to address threats impacting the organization’s brand, operations, and technology infrastructure.
    • Managing incident escalation and response.
    • Coordinating root-cause analysis and incident gathering.
    • Facilitating post-incident lessons learned.
    • Managing system patching and risk acceptance.
    • Conducting vulnerability assessment and penetration testing.
    • Monitoring in real-time and triaging of events.
    • Escalating events to incident management team.
    • Tuning and tweaking rules and reporting thresholds.
    • Gathering and analyzing external threat data.
    • Liaising with peers, industry, and government.
    • Publishing threat alerts, reports, and briefings.

    Info-Tech Best Practice

    Ensure that information flows freely throughout the threat collaboration environment – each function should serve to feed and enhance the next.

    Stock image 2.

    Integrate Threat Intelligence Into Your Security Operations

    Stock image 3.

    Develop Foundational Security Operations Processes

    Stock image 4.

    Develop and Implement a Security Incident Management Program

    The threat collaboration environment is comprised of three core elements

    Info-Tech Insight

    The value of a SOC can be achieved with fewer prerequisites than you think. While it is difficult to cut back on process and technology requirements, human capital is transferrable between roles and functions and can be cross-trained to satisfy operational gaps.

    Three hexes fitting together with the words 'People', 'Process', and 'Technology'. People. Effective human capital is fundamental to establishing an efficient security operations program, and if enabled correctly, can be the driving factor behind successful process optimization. Ensure you address several critical human capital components:
    • Who is responsible for each respective threat collaboration environment function?
    • What are the required operational roles, responsibilities, and competencies for each employee?
    • Are there formalized training procedures to onboard new employees?
    • Is there an established knowledge transfer and management program?
    Processes. Formal and informal mechanisms that bridge security throughout the collaboration environment and organization at large. Ask yourself:
    • Are there defined runbooks that clearly outline critical operational procedures and guidelines?
    • Is there a defined escalation protocol to transfer knowledge and share threats internally?
    • Is there a defined reporting procedure to share intelligence externally?
    • Are there formal and accessible policies for each respective security operations function?
    • Is there a defined measurement program to report on the performance of security operations?
    • Is there a continuous improvement program in place for all security operations functions?
    • Is there a defined operational vendor management program?
    Technology. The composition of all infrastructure, systems, controls, and tools that enable processes and people to operate and collaborate more efficiently. Determine:
    • Are the appropriate controls implemented to effectively prevent, detect, analyze, and remediate threats? Is each control documented with an assigned asset owner?
    • Can a solution integrate with existing controls? If so, to what extent?
    • Is there a centralized log aggregation tool such as a SIEM?
    • What is the operational cost to effectively manage each control?
    • Is the control the most up-to-date version? Have the most recent patches and configuration changes been applied? Can it be consolidated with or replaced by another control?

    Conduct a preliminary maturity assessment before tackling this project

    Stock image 1.

    Design and Implement a Vulnerability Management Program

    Sample of Info-Tech's Security Operations Preliminary Maturity Assessment

    At a high level, assess your organization’s operational maturity in each of the threat collaboration environment functions. Determine whether the foundational processes exist in order to mature and streamline your security operations.

    Stock image 2.

    Integrate Threat Intelligence Into Your Security Operations

    Stock image 3.

    Develop Foundational Security Operations Processes

    Stock image 4.

    Develop and Implement a Security Incident Management Program

    Assess the current maturity of your security operations program

    Prioritize the component most important to the development of your security operations program.

    Screenshot of a table from the Security Operations Preliminary Maturity Assessment presenting the 'Impact Sub-Weightings' of 'People', 'Process', 'Technology', and 'Policy'.
    Screenshot of a table from the Security Operations Preliminary Maturity Assessment assessing the 'Current State' and 'Target State' of different 'Security Capabilities'.
    Each “security capability” covers a component of the overarching “security function.” Assign a current and target maturity score to each respective security capability. (Note: The CMMI maturity scores are further explained on the following slide.) Document any/all comments for future Info-Tech analyst discussions.

    Assign each security capability a reflective and desired maturity score.

    Your current and target state maturity will be determined using the capability maturity model integration (CMMI) scale. Ensure that all participants understand the 1-5 scale.
    Two-way vertical arrow colored blue at the top and green at the bottom. Ad Hoc
    1 Arrow pointing right. Initial/Ad Hoc: Activity is not well defined and is ad hoc, e.g. no formal roles or responsibilities exist, de facto standards are followed on an individual-by-individual basis.
    2 Arrow pointing right. Developing: Activity is established and there is moderate adherence to its execution, e.g. while no formal policies have been documented, content management is occurring implicitly or on an individual-by-individual basis.
    3 Arrow pointing right. Defined: Activity is formally established, documented, repeatable, and integrated with other phases of the process, e.g. roles and responsibilities have been defined and documented in an accessible policy, however, metrics are not actively monitored and managed.
    4 Arrow pointing right. Managed and Measurable: Activity execution is tracked by gathering qualitative and quantitative feedback, e.g. metrics have been established to monitor the effectiveness of tier-1 SOC analysts.
    5 Arrow pointing right. Optimized: Qualitative and quantitative feedback is used to continually improve the execution of the activity, e.g. the organization is an industry leader in the respective field; research and development efforts are allocated in order to continuously explore more efficient methods of accomplishing the task at hand.
    Optimized

    Notes: Info-Tech seldom sees a client achieve a CMMI score of 4 or 5. To achieve a state of optimization there must be a subsequent trade-off elsewhere. As such, we recommend that organizations strive for a CMMI score of 3 or 4.

    Ensure that your threat collaboration environment is of a sufficient maturity before progressing

    Example report card from the maturity assessment. Functions are color-coded green, yellow, and red. Review the report cards for each of the respective threat collaboration environment functions.
    • A green function indicates that you have exceeded the operational requirements to proceed with the security operations initiative.
    • A yellow function indicates that your maturity score is below the recommended threshold; Info-Tech advises revisiting the attached blueprint. In the instance of a one-off case, the client can proceed with this security operations initiative.
    • A red function indicates that your maturity score is well below the recommended threshold; Info-Tech strongly advises to not proceed with the security operations initiative. Revisit the recommended blueprint and further mature the specific function.

    Are you ready to move on to the next phase?

    Self-Assessment Questions

    • Have you clearly defined the rationale for refining your security operations program?
    • Have you clearly defined and prioritized the goals and outcomes of optimizing your security operations program?
    • Have you assessed your respective people, process, and technological capabilities?
    • Have you completed the Security Operations Preliminary Maturity Assessment Tool?
    • Were all threat collaboration environment functions of a sufficient maturity level?

    If you answered “yes” to the questions, then you are ready to move on to Phase 2: Develop Maturity Initiatives

    Develop a Security Operations Strategy

    PHASE 2

    Develop Maturity Initiatives

    1

    Assess Operational Requirements

    2

    Develop Maturity Initiatives

    3

    Define Interdependencies

    This step will walk you through the following activities:

    • Establish your goals, obligations, scope, and boundaries.
    • Assess your current state and define a target state.
    • Develop and prioritize gap initiatives.
    • Define cost, effort, alignment, and security benefit of each initiative.
    • Develop a security strategy operational roadmap.

    Outcomes of this step

    • A formalized understanding of your business, customer, and regulatory obligations.
    • A comprehensive current and target state assessment.
    • A succinct and consolidated list of gap initiatives that will collectively achieve your target state.
    • A formally documented set of estimated priority variables (cost, effort, business alignment).
    • A fully prioritized security roadmap that is in alignment with business goals and informed by the organization’s needs and limitations.

    Info-Tech Insight

    Functional threat intelligence is a prerequisite for effective security operations – without it, security operations will be inefficient and redundant. Eliminate false positives by contextualizing threat data, aligning intelligence with business objectives, and building processes to satisfy those objectives

    Align your security operations program with corporate goals and obligations

    A common challenge for security leaders is learning to express their initiatives in terms that are meaningful to business executives.

    Frame the importance of your security operations program to
    align with that of the decision makers’ over-arching strategy.

    Oftentimes resourcing and funding is dependent on the
    alignment of security initiatives to business objectives.

    Corporate goals and objectives can be categorized into three major buckets:
    1. BUSINESS OBLIGATIONS
      The primary goals and functions of the organization at large. Examples include customer retention, growth, innovation, customer experience, etc.
    2. CONSUMER OBLIGATIONS
      The needs and demands of internal and external stakeholders. Examples include ease of use (external), data protection (external), offsite access (internal), etc.
    3. COMPLIANCE OBLIGATIONS
      The requirements of the organization to comply with mandatory and/or voluntary standards. Examples include HIPAA, PIPEDA, ISO 27001, etc.
    *Do not approach the above list with a security mindset – take a business perspective and align your security efforts accordingly.

    Info-Tech Best Practice

    Developing a security operations strategy is a proactive activity that enables you to get in front of any upcoming business projects or industry trends rather than having to respond reactively later on. Consider as many foreseeable variables as possible!

    Determine your security operations program scope and boundaries

    It is important to define all security-related areas of responsibility. Upon completion you should clearly understand what you are trying to secure.

    Ask yourself:
    Where does the onus of responsibility stop?

    The organizational scope and boundaries and can be categorized into four major buckets:
    1. PHYSICAL SCOPE
      The physical locations that the security operations program is responsible for. Examples include office locations, remote access, clients/vendors, etc.
    2. IT SYSTEMS
      The network systems that must be protected by the security operations program. Examples include fully owned systems, IaaS, PaaS, remotely hosted SaaS, etc.
    3. ORGANIZATIONAL SCOPE
      The business units, departments, or divisions that will be affected by the security operations program. Examples include user groups, departments, subsidiaries, etc.
    4. DATA SCOPE
      The data types that the business handles and the privacy/criticality level of each. Examples include top secret, confidential, private, public, etc.

    This also includes what is not within scope. For some outsourced services or locations you may not be responsible for security. For some business departments you may not have control of security processes. Ensure that it is made explicit at the outset, what will be included and what will be excluded from security considerations.

    Reference Info-Tech’s security strategy: goals, obligations, and scope activities

    Explicitly understanding how security aligns with the core business mission is critical for having a strategic plan and fulfilling the role of business enabler.

    Download and complete the information security goals, obligations and scope activities (Section 1.3) within the Info-Tech security strategy research publication. If previously completed, take the time to review your results.

    GOALS and OBLIGATIONS
    Proceed through each slide and brainstorm the ways that security operations supports business, customer, and compliance needs.

    Goals & Obligations
    Screenshots of slides from the information security goals, obligations and scope activities (Section 1.3) within the Info-Tech security strategy research publication.

    PROGRAM SCOPE & BOUNDARIES
    Assess your current organizational environment. Document current IT systems, critical data, physical environments, and departmental divisions.

    If a well-defined corporate strategy does not exist, these questions can help pinpoint objectives:

    • What is the message being delivered by the CEO?
    • What are the main themes of investments and projects?
    • What are the senior leaders measured on?
    Program Scope & Boundaries
    Screenshots of slides from the information security goals, obligations and scope activities (Section 1.3) within the Info-Tech security strategy research publication.

    INFO-TECH OPPORTUNITY

    For more information on how to complete the goals & obligations activity please reference Section 1.3 of Info-Tech’s Build an Information Security Strategy blueprint.

    Complete the Information Security Requirements Gathering Tool

    On tab 1. Goals and Obligations:
    • Document all business, customer, and compliance obligations. Ensure that each item is reflective of the over-arching business strategy and is not security focused.
    • In the second column, identify the corresponding security initiative that supports the obligation.
    Screenshot from tab 1 of Info-Tech's Information Security Requirements Gathering Tool. Columns are 'Business obligations', 'Security obligations to support the business (optional)', and 'Notes'.
    On tab 2. Scope and Boundaries:
    • Record all details for what is in and out of scope from physical, IT, organizational, and data perspectives.
    • Complete the affiliated columns for a comprehensive scope assessment.
    • As a discussion guide, refer to the considerations slides prior to this in phase 1.3.
    Screenshot from tab 2 of Info-Tech's Information Security Requirements Gathering Tool. Title is 'Physical Scope', Columns are 'Environment Name', 'Highest data criticality here', 'Is this in scope of the security strategy?', 'Are we accountable for security here?', and 'Notes'.
    For the purpose of this security operations initiative please IGNORE the risk tolerance activities on tab 3.

    Info-Tech Best Practice

    A common challenge for security leaders is expressing their initiatives in terms that are meaningful to business executives. This exercise helps make explicit the link between what the business cares about and what security is trying to do.

    Conduct a comprehensive security operations maturity assessment

    The following slides will walk you through the process below.

    Define your current and target state

    Self-assess your current security operations capabilities and determine your intended state.

    Create your gap initiatives

    Determine the operational processes that must be completed in order to achieve the target state.

    Prioritize your initiatives

    Define your prioritization criteria (cost, effort, alignment, security benefit) based on your organization

    Build a Gantt chart for your upcoming initiatives
    The final output will be a Gantt to action your prioritized initiatives

    Info-Tech Insight

    Progressive improvements provide the most value to IT and your organization. Leaping from pre-foundation to complete optimization is an ineffective goal. Systematic improvements to your security performance delivers value to your organization, each step along the way.

    Optimize your security operations workflow

    Info-Tech consulted various industry experts and consolidated their optimization advice.

    Dashboards: Centralized visibility, threat analytics, and orchestration enable faster threat detection with fewer resources.

    Adding more controls to a network never increases resiliency. Identify technological overlaps and eliminate unnecessary costs.

    Automation: There is shortfall in human capital in contrast to the required tools and processes. Automate the more trivial processes.

    SOCs with 900 employees are just as efficient as those with 35-40. There is an evident tipping point in marginal value.

    There are no plug-and-play technological solutions – each is accompanied by a growing pain and an affiliated human capital cost.

    Planning: Narrow the scope of operations to focus on protecting assets of value.

    Cross-train employees throughout different silos. Enable them to wear multiple hats.

    Practice: None of the processes happen in a vacuum. Make the most of tabletop exercises and other training exercises.

    Define appropriate use cases and explicitly state threat escalation protocol. Focus on automating the tier-1 analyst role.

    Self-assess your current-state capabilities and determine the appropriate target state

    1. Review:
    The heading in blue is the security domain, light blue is the subdomain and white is the specific control.
    2. Determine and Record:
    Ask participants to identify your organization’s current maturity level for each control. Next, determine a target maturity level that meets the requirements of the area (requirements should reflect the goals and obligations defined earlier).
    3.
    In small groups, have participants answer “what is required to achieve the target state?” Not all current/target state gaps will require additional description, explanation, or an associated imitative. You can generate one initiative that may apply to multiple line items.

    Screenshot of a table for assessing the current and target states of capabilities.

    Info-Tech Best Practice

    When customizing your gap initiatives consider your organizational requirements and scope while remaining realistic. Below is an example of lofty vs. realistic initiatives:
    Lofty: Perform thorough, manual security analysis. Realistic: Leverage our SIEM platform to perform more automated security analysis through the use of log information.

    Consolidate related gap initiatives to simplify and streamline your roadmap

    Identify areas of commonality between gap initiative in order to effectively and efficiently implement your new initiatives.

    Steps:
    1. After reviewing and documenting initiatives for each security control, begin sorting controls by commonality, where resources can be shared, or similar end goals and actions. Begin by copying all initiatives from tab 2. Current State Assessment into tab 5. Initiative List of the Security Operations Maturity Assessment Tool and then consolidating them.
    2. Initiatives Consolidated Initiatives
      Document data classification and handling in AUP —› Document data classification and handling in AUP Keep urgent or exceptional initiatives separate so they can be addressed appropriately.
      Document removable media in AUP —› Define and document an Acceptable Use Policy Other similar or related initiatives can be consolidated into one item.
      Document BYOD and mobile devices in AUP —›
      Document company assets in Acceptable Use Policy (AUP) —›

    3. Review grouped initiatives and identify specific initiatives should be broken out and defined separately.
    4. Record your consolidated gap initiatives in the Security Operations Maturity Assessment Tool, tab 6. Initiative Prioritization.

    Understand your organizational maturity gap

    After inputting your current and target scores and defining your gap initiatives in tab 2, review tab 3. Current Maturity and tab 4. Maturity Gap in Info-Tech’s Security Operations Maturity Assessment Tool.

    Automatically built charts and tables provide a clear visualization of your current maturity.

    Presenting these figures to stakeholders and management can help visually draw attention to high-priority areas and contextualize the gap initiatives for which you will be seeking support.

    Screenshot of tabs 3 and 4 from Info-Tech's Security Operations Maturity Assessment Tool. Bar charts titled 'Planning and Direction', 'Vulnerability Management', 'Threat Intelligence', and 'Security Maturity Level Gap Analysis'.

    Info-Tech Best Practice

    Communicate the value of future security projects to stakeholders by copying relevant charts and tables into an executive stakeholder communication presentation (ask an Info-Tech representative for further information).

    Define cost, effort, alignment, and security benefit

    Define low, medium, and high resource allocation, and other variables for your gap initiatives in the Concept of Operations Maturity Assessment Tool. These variables include:
    1. Define initial cost. One-time, upfront capital investments. The low cut-off would be a project that can be approved with little to no oversight. Whereas the high cut-off would be a project that requires a major approval or a formal capital investment request. Initial cost covers items such as appliance cost, installation, project based consulting fees, etc.
    2. Define ongoing cost. This includes any annually recurring operating expenses that are new budgetary costs, e.g. licensing or rental costs. Do not account for FTE employee costs. Generally speaking you can take 20-25% of initial cost as ongoing cost for maintenance and service.
    3. Define initial staffing in hours. This is total time in hours required to complete a project. Note: It is not total elapsed time, but dedicated time. Consider time required to research, document, implement, review, set up, fine tune, etc. Consider all staff hours required (2 staff at 8 hours means 16 hours total).
    4. Define ongoing staffing in hours. This is the ongoing average hours per week required to support that initiative. This covers all operations, maintenance, review, and support for the initiative. Some initiatives will have a week time commitment (e.g. perform a vulnerability scan using our tool once a week) versus others that may have monthly, quarterly, or annual time commitments that need to averaged out per week (e.g. perform annual security review requiring 0.4 hours/week (20 hours total based on 50 working weeks per year).
    Table relating the four definitions on the left, 'Initial Cost', 'Ongoing Cost (annual)', 'Initial Staffing in Hours', and 'Ongoing Staffing in Hours/Week'. Each row header is a definition and has four sub-rows 'High', 'Medium', 'Low', and 'Zero'.

    Info-Tech Best Practice

    When considering these parameters, aim to use already existing resource allocations.

    For example, if there is a dollar value that would require you to seek approval for an expense, this might be the difference between a medium and a high cost category.

    Define cost, effort, alignment, and security benefit

    1. Define Alignment with Business. This variable is meant to capture how well the gap initiative aligns with organizational goals and objectives. For example, something with high alignment usually can be tied to a specific organization initiative and will receive senior management support. You can either:
      • Set low, medium, and high based on levels of support the organization will provide (e.g. High – senior management support, Medium – VP/business unit head support, IT support only)
      • Attribute specific corporate goals or initiatives to the gap initiative (e.g. High – directly supports a customer requirement/key contract requirement; Medium – indirectly support customer requirement/key contract OR enables remote workforce; Low – security best practice).
    2. Define Security Benefit. This variable is meant to capture the relative security benefit or risk reduction being provided by the gap initiative. This can be represented through a variety of factors, such as:
      • Reduces compliance or regulatory risk by meeting a control requirement
      • Reduces availability and operational risk
      • Implements a non-existent control
      • Secures high-criticality data
      • Secures at-risk end users
    Table relating the two definitions on the left, 'Alignment with Business', and 'Security Benefit'. Each row header is a definition and has three sub-rows 'High', 'Medium', and 'Low'.

    Info-Tech Best Practice

    Make sure you consider the value of AND/OR. For either alignment with business or security benefit, the use of AND/OR can become useful thresholds to rank similar importance but different value initiatives.

    Example: with alignment with business, an initiative can indirectly support a key compliance requirement OR meet a key corporate goal.

    Info-Tech Insight

    You cannot do everything – and you probably wouldn’t want to. Make educated decisions about which projects are most important and why.

    Apply your variable criteria to your initiatives

    Identify easy-win tasks and high-value projects worth fighting for.
    Categorize the Initiative
    Select the gap initiative type from the down list. Each category (Must, Should, Could, and Won’t) is considered to be an “execution wave.” There is also a specific order of operations within each wave. Based on dependencies and order of importance, you will execute on some “must-do” items before others.
    Assign Criteria
    For each gap initiative, evaluate it based on your previously defined parameters for each variable.
    • Cost – initial and ongoing
    • Staffing – initial and ongoing
    • Alignment with business
    • Security benefit
    Overall Cost/Effort Rating
    An automatically generated score between 0 and 12. The higher the score attached to the initiative, the more effort required. The must-do, low-scoring items are quick wins and must be prioritized first.
    Screenshot of a table from Info-Tech's Concept of Operations Maturity Assessment Tool with all of the previous table row headers as column headers.

    A financial services organization defined its target security state and created an execution plan

    CASE STUDY
    Industry: Financial Services | Source: Info-Tech Research Group
    Framework Components
    Security Domains & Accompanied Initiatives
    (A portion of completed domains and initiatives)
    CSC began by creating over 100 gap initiatives across Info-Tech’s seven security domains.
    Current-State Assessment Context & Leadership Compliance, Audit & Review Security Prevention
    Gap Initiatives Created 12
    Initiatives
    14
    Initiatives
    45
    Initiatives
    Gap Initiative Prioritization
    Planned Initiative(s)* Initial Cost Ongoing Cost Initial Staffing Ongoing Staffing
    Document Charter Low - ‹$5K Low - ‹$1K Low - ‹1d Low - ‹2 Hour
    Document RACI Low - ‹$5K Low - ‹$1K Low - ‹1d Low - ‹2 Hour
    Expand IR processes Medium - $5K-$50K Low - ‹$1K High - ›2w Low - ‹2 Hour
    Investigate Threat Intel Low - ‹$5K Low - ‹$1K Medium - 1-10d Low - ‹2 Hour
    CSC’s defined low, medium, and high for cost and staffing are specific to the organization.

    CSC then consolidated its initiatives to create less than 60 concise tasks.

    *Initiatives and variables have been changed or modified to maintain anonymity

    Review your prioritized security roadmap

    Review the final Gantt chart to review the expected start and end dates for your security initiatives as part of your roadmap.

    In the Gantt chart, go through each wave in sequence and determine the planned start date and planned duration for each gap initiative. As you populate the planned start dates, take into consideration the resource constraints or dependencies for each project. Go back and revise the granular execution wave to resolve any conflicts you find.

    Screenshot of a 'Gantt Chart for Initiatives', a table with planned and actual start times and durations for each initiative, and beside it a roadmap with the dates from the Gantt chart plugged in.
    Review considerations
    • Does this roadmap make sense for our organization?
    • Do we focus too much on one quarter over others?
    • Will the business be going through any significant changes during the upcoming years that will directly impact this project?
    This is a living management document
    • You can use the same process on a per-case basis to decide where this new project falls in the priority list, and then add it to your Gantt chart.
    • As you make progress, check items off of the list, and periodically use this chart to retroactively update your progress towards achieving your overall target state.

    Consult an Info-Tech Analyst

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    Onsite workshops offer an easy way to accelerate your project. If a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to successfully complete your project.
    Photo of TJ Minichillo, Senior Director – Security, Risk & Compliance, Info-Tech Research Group. TJ Minichillo
    Senior Director – Security, Risk & Compliance
    Info-Tech Research Group
    Edward Gray, Consulting Analyst – Security, Risk & Compliance, Info-Tech Research Group. Edward Gray
    Consulting Analyst – Security, Risk & Compliance
    Info-Tech Research Group
    Photo of Celine Gravelines, Research Manager – Security, Risk & Compliance, Info-Tech Research Group. Celine Gravelines
    Research Manager – Security, Risk & Compliance
    Info-Tech Research Group
    If you are not communicating, then you are not secure.

    Call 1-888-670-8889 or email workshops@infotech.com for more information.

    Are you ready to move on to the next phase?

    Self-Assessment Questions

    • Have you identified your organization’s corporate goals along with your obligations?
    • Have you defined the scope and boundaries of your security program?
    • Have you determined your organization’s risk tolerance level?
    • Have you considered threat types your organization may face?
    • Are the above answers documented in the Security Requirements Gathering Tool?
    • Have you defined your maturity for both your current and target state?
    • Do you have clearly defined initiatives that would bridge the gap between your current and target state?
    • Are each of the initiatives independent, specific, and relevant to the associated control?
    • Have you indicated any dependencies between your initiatives?
    • Have you consolidated your gap initiatives?
    • Have you defined the parameters for each of the prioritization variables (cost, effort, alignment, and security benefit)?
    • Have you applied prioritization parameters to each consolidated initiative?
    • Have you recorded your final prioritized roadmap in the Gantt chart tab?
    • Have you reviewed your final Gantt chart to ensure it aligns to your security requirements?

    If you answered “yes” to the questions, then you are ready to move on to Phase 3: Define Operational Interdependencies

    Develop a Security Operations Strategy

    PHASE 3

    Define Operational Interdependencies

    1

    Assess Operational Requirements

    2

    Develop Maturity Initiatives

    3

    Define Interdependencies

    This step will walk you through the following activities:

    • Understand the current security operations process flow.
    • Define the security operations stakeholders and their respective deliverables.
    • Formalize an internal information sharing and collaboration plan.

    Outcomes of this step

    • A formalized security operations interaction agreement.
    • A security operations service and product catalog.
    • A structured operations collection plan.

    Info-Tech Insight

    If you are not communicating, you are not secure. Collaboration eliminates siloed decisions by connecting people, processes, and technologies. You leave less room for error, consume fewer resources, and improve operational efficiency with a transparent security operations process.

    Tie everything together with collaboration

    If you are not communicating, you are not secure. Collaboration eliminates siloed decisions by connecting people, processes, and technologies. You leave less room for error, consume fewer resources, and improve operational efficiency with a transparent security operations process.

    Define Strategic Needs and Requirements Participate in Information Sharing Communicate Clearly
    • Establish a channel to communicate management needs and requirements and define important workflow activities. Focus on operationalizing those components.
    • Establish a feedback loop to ensure your actions satisfied management’s criteria.
    • Consolidate critical security data within a centralized portal that is accessible throughout the threat collaboration environment, reducing the human capital resources required to manage that data.
    • Participate in external information sharing groups such as ISACs. Intelligence collaboration allows organizations to band together to decrease risk and protect one another from threat actors.
    • Disseminate relevant information in clear and succinct alerts, reports, or briefings.
    • Security operations analysts must be able to translate important technical security issues and provide in-depth strategic insights.
    • Define your audience before presenting information; various stakeholders will interpret information differently. You must present it in a format that appeals to their interests.
    • Be transparent in your communications. Holding back information will only serve to alienate groups and hinder critical business decisions.

    Info-Tech Best Practice

    Simple collaborative activities, such as a biweekly meeting, can unite prevention, detection, analysis, and response teams to help prevent siloed decision making.

    Understand the security operations process flow

    Process standardization and automation is critical to the effectiveness of security operations.

    Process flow for security operations with column headers 'Monitoring', 'Preliminary Analysis (Tier 1)', 'Triage', 'Investigation & Analysis (Tier 2)', 'Response', and 'Advanced Threat Detection (Tier 3)'. All processes begin with elements in the 'Monitoring' column and end up at 'Visualization & Dashboarding'.

    Document your security operations’ capabilities and tasks

    Table of capabilities and tasks for security operations.
    Document your security operations’ functional capabilities and operational tasks to satisfy each capability. What resources will you leverage to complete the specific task/capability? Identify your internal and external collection sources to satisfy the individual requirement. Identify the affiliated product, service, or output generated from the task/capability. Determine your escalation protocol. Who are the stakeholders you will be sharing this information with?
    Capabilities

    The major responsibilities of a specific function. These are the high-level processes that are expected to be completed by the affiliated employees and/or stakeholders.

    Tasks

    The specific and granular tasks that need to be completed in order to satisfy a portion of or the entire capability.

    Download Info-Tech’s Security Operations RACI Chart & Program Plan.

    Convert your results into actionable process flowcharts

    Map each functional task or capability into a visual process-flow diagram.

    • The title should reflect the respective capability and product output.
    • List all involved stakeholders (inputs and threat escalation protocol) along the left side.
    • Ensure all relevant security control inputs are documented within the body of the process-flow diagram.
    • Map out the respective processes in order to achieve the desired outcome.
    • Segment each process within its own icon and tie that back to the respective input.
    Example of a process flow made with sticky notes.

    Title: Output #1 Example of a process flow diagram with columns 'Stakeholders', 'Input Processes', 'Output Processes', and 'Threat Escalation Protocol'. Processes are mapped by which stakeholder and column they fall to.

    Download Info-Tech’s Security Operations RACI Chart & Program Plan.

    Formalize the opportunities for collaboration within your security operations program

    Security Operations Collaboration Plan

    Security operations provides a single pane of glass through which the threat collaboration environment can manage its operations.

    How to customize

    The security operations interaction agreement identifies opportunities for optimization through collaboration and cross-training. The document is composed of several components:

    • Security operations program scope and objectives
    • Operational capabilities and outputs on a per function basis
    • A needs and requirements collection plan
    • Escalation protocol and respective information-sharing guidance (i.e. a detailed cadence schedule)
    • A security operations RACI chart
    Sample of Info-Tech's Security Operations Collaboration Plan.

    Info-Tech Best Practice

    Understand the operational cut-off points. While collaboration is encouraged, understand when the onus shifts to the rest of the threat collaboration environment.

    Assign responsibilities for the threat management process

    Security Operations RACI Chart & Program Plan

    Formally documenting roles and responsibilities helps to hold those accountable and creates awareness as to everyone’s involvement in various tasks.

    How to customize
    • Customize the header fields with applicable stakeholders.
    • Identify stakeholders that are:
      • Responsible: The person(s) who does the work to accomplish the activity; they have been tasked with completing the activity and/or getting a decision made.
      • Accountable: The person(s) who is accountable for the completion of the activity. Ideally, this is a single person and is often an executive or program sponsor.
      • Consulted: The person(s) who provides information. This is usually several people, typically called subject matter experts (SMEs).
      • Informed: The person(s) who is updated on progress. These are resources that are affected by the outcome of the activities and need to be kept up to date.
    Sample of Info-Tech's Security Operations Collaboration Plan.

    Download Info-Tech’s Security Operations RACI Chart & Program Plan.

    Identify security operations consumers and their respective needs and requirements

    Ensure your security operations program is constantly working toward satisfying a consumer need or requirement.

    Internal Consumers External Consumers
    • Business Executives & Management (CIO, CISO, COO):
      • Inform business decisions regarding threats and their association with future financial risk, reputational risk, and continuity of operations.
    • Human Resources:
      • Security operations must directly work with HR to enforce tight device controls, develop processes, and set expectations.
    • Legal:
      • Security operations is responsible to notify the legal department of data breaches and the appropriate course of action.
    • Audit and Compliance:
      • Work with the auditing department to define additional audits or controls that must be measured.
    • Public Relations/Marketing Employees:
      • Employees must be educated on prevalent threats and how to avoid or mitigate them.

    Note: Your organization might not be the final target, but it could be a primary path for attackers. If you exist as a third-party partner to another organization, your responsibility in your technology ecosystem extends beyond your own product or service offerings.

    • Third-Party Contractors:
      • Identify relevant threats across industries – security operations is responsible for protecting more than just itself.
    • Commercial Vendors:
      • Identify commercial vendors of control failures and opportunities for operational improvement.
    • Suppliers:
      • Provide or maintain a certain level of security delivery.
      • Meet the same level of security that is expected of business units.
    • All End Users:
      • Be notified of any data breaches and potential violations of privacy.

    Info-Tech Best Practice

    “In order to support a healthy constituency, network operations and security operations should be viewed as equal partners, rather than one subordinate to the other.” (Mitre world-class CISO)

    Define the stakeholders, their respective outputs, and the underlying need

    Security Operations Program Service & Product Catalog

    Create an informal security operations program service and product catalog. Work your way backwards – map each deliverable to the respective stakeholders and functions.

    Action/Output Arrow pointing right. Frequency Arrow pointing right. Stakeholders/Function
    Document the key services and outputs produced by the security operations program. For example:
    • Real-time monitoring
    • Event analysis and incident coordination
    • Malware analysis
    • External information sharing
    • Published alerts, reports, and briefings
    • Metrics
    Define the frequency for which each deliverable or service is produced or conducted. Leverage this activity to establish a state of accountability within your threat collaboration environment. Identify the stakeholders or groups affiliated with each output. Remember to include potential MSSPs.
    • Vulnerability Management
    • Threat Intelligence
    • Tier 1, 2, and 3 Analysts
    • Incident Response
    • MSSP
    • Network Operations
    Remember to include any target-state outputs or services identified in the maturity assessment. Use this exercise as an opportunity to organize your security operations outputs and services.

    Info-Tech Best Practice

    Develop a central web/knowledge portal that is easily accessible throughout the threat collaboration environment.

    Internal information sharing helps to focus operational efforts

    Organizations must share information internally and through secure external information sharing and analysis centers (ISACs).

    Ensure information is shared in a format that relates to the particular end user. Internal consumers fall into two categories:

    • Strategic Users — Intelligence enables strategic stakeholders to better understand security trends, minimize risk, and make more educated and informed decisions. The strategic intelligence user often lacks technical security knowledge; bridge the communication gap between security and non-technical decision makers by clearly communicating the underlying value and benefits.
    • Operational Users — Operational users integrate information and indicators directly into their daily operations and as a result have more in-depth knowledge of the technical terms. Reports help to identify escalated alerts that are part of a bigger campaign, provide attribution and context to attacks, identify systems that have been compromised, block malicious URLs or malware signatures in firewalls, IDPS systems, and other gateway products, identify patches, reduce the number of incidents, etc.
    Collaboration includes the exchange of:
    • Contextualized threat indicators, threat actors, TTPs, and campaigns.
    • Attribution of the attack, motives of the attacker, victim profiles, and frequent exploits.
    • Defensive and mitigation strategies.
    • Best-practice incident response procedures.
    • Technical tools to help normalize threat intelligence formats or decode malicious network traffic.
    Collaboration can be achieved through:
    • Manual unstructured exchanges such as alerts, reports, briefings, knowledge portals, or emails.
    • Automated centralized platforms that allow users to privately upload, aggregate, and vet threat intelligence. Current players include commercial, government, and open-source information-sharing and analysis centers.
    Isolation prevents businesses from learning from each others’ mistakes and/or successes.

    Define the routine of your security operations program in a detailed cadence schedule

    Security Operations Program Cadence Schedule Template

    Design your meetings around your security operations program’s outputs and capabilities

    How to customize

    Don’t operate in a silo. Formalize a cadence schedule to develop a state of accountability, share information across the organization, and discuss relevant trends. A detailed cadence schedule should include the following:

    • Activity, output, or topic being discussed.
    • Participants and stakeholders involved.
    • Value and purpose of meeting.
    • Duration and frequency of each meeting.
    • Investment per participant per meeting.
    Sample of Info-Tech's Security Operations Program Cadence Schedule Template.

    Info-Tech Best Practice

    Schedule regular meetings composed of key members from different working groups to discuss concerns, share goals, and communicate operational processes pertaining to their specific roles.

    Apply a strategic lens to your security operations program

    Frame the importance of optimizing the security operations program to align with that of the decision makers’ overarching strategy.

    Strategies
    1. Bridge the communication gap between security and non-technical decision makers. Communicate concisely in business-friendly terms.
    2. Quantify the ROI for the given project.
    3. Educate stakeholders – if stakeholders do not understand what a security operations program encompasses, it will be hard for them to champion the initiative.
    4. Communicate the implications, value, and benefits of a security operations program.
    5. Frame the opportunity as a competitive advantage, e.g. proactive security measures as a client acquisition strategy.
    6. Address the increasing prevalence of threat actors. Use objective data to demonstrate the impact, e.g. through case studies, recent media headlines, or statistics.

    Defensive Strategy diagram with columns 'Adversaries', 'Defenses', 'Assets', and priority level.
    (Source: iSIGHT, “ Definitive Guide to Threat Intelligence”)

    Info-Tech Best Practice

    Refrain from using scare tactics such as fear, uncertainty, and doubt (FUD). While this may be a short-term solution, it limits the longevity of your operations as senior management is not truly invested in the initiative.

    Example: Align your strategic needs with that of management.

    Identify assets of value, current weak security measures, and potential adversaries. Demonstrate how an optimized security operations program can mitigate those threats.

    Develop a comprehensive measurement program to evaluate the effectiveness of your security operations

    There are three types of metrics pertaining to security operations:

    1) Operations-focused

    Operations-focused metrics are typically communicated through a centralized visualization such as a dashboard. These metrics guide operational efforts, identifying operational and control weak points while ensuring the appropriate actions are taken to fix them.

    Examples include, but are not limited to:

    • Ticketing metrics (e.g. average ticket resolution rate, ticketing status, number of tickets per queue/analyst).
    • False positive percentage per control.
    • Incident response metrics (e.g. mean time to recovery).
    • CVSS scores per vulnerability.

    2) Business-focused

    The evaluation of operational success from a business perspective.

    Example metrics include:

    • Return on investment.
    • Total cost of ownership (can be segregated by function: prevent, detect, analyze, and respond).
    • Saved costs from mitigated breaches.
    • Security operations budget as a percentage of the IT budget.

    3) Initiative-focused

    The measurement of security operations project progress. These are frequently represented as time, resource, or cost-based metrics.

    Note: Remember to measure end-user feedback. Asking stakeholders about their current expectations via a formal survey is the most effective way to kick-start the continuous improvement process.

    Info-Tech Best Practice

    Operational metrics have limited value beyond security operations – when communicating to management, focus on metrics that are actionable from a business perspective.

    Download Info-Tech’s Security Operations Metrics Summary Document.Sample of Info-Tech's Security Operations Metrics Summary Document.

    Identify the triggers for continual improvement

    Continual Improvement

    • Audits: Check for performance requirements in order to pass major audits.
    • Assessments: Variances in efficiency or effectiveness of metrics when compared to the industry standard.
    • Process maturity: Opportunity to increase efficiency of services and processes.
    • Management reviews: Routine reviews that reveal gaps.
    • Technology advances: For example, new security architecture/controls have been released.
    • Regulations: Compliance to new or changed regulations.
    • New staff or technology: Disruptive technology or new skills that allow for improvement.

    Conduct tabletop exercises with Info-Tech’s onsite workshop

    Assess your security operations capabilities

    Leverage Info-Tech’s Security Operations Tabletop Exercise to guide simulations to validate your operational procedures.

    How to customize
    • Use the templates to document actions and actors.
    • For each new injection, spend three minutes discussing the response as a group. Then spend two minutes documenting each role’s contribution to the response. After the time limit, proceed to the following injection scenario.
    • Review the responses only after completing the entire exercise.
    Sample of Info-Tech's Security Operations Tabletop Exercise.

    This tabletop exercise is available through an onsite workshop as we can help establish and design a tabletop capability for your organization.

    Are you ready to implement your security operations program?

    Self-Assessment Questions

    • Is there a formalized security operations collaboration plan?
    • Are all key stakeholders documented and acknowledged?
    • Have you defined your strategic needs and requirements in a formalized collection plan?
    • Is there an established channel for management to communicate needs and requirements to the security operation leaders?
    • Are all program outputs documented and communicated?
    • Is there an accessible, centralized portal or dashboard that actively aggregates and communicates key information?
    • Is there a formalized threat escalation protocol in order to facilitate both internal and external information sharing?
    • Does your organization actively participate in external information sharing through the use of ISACs?
    • Does your organization actively produce reports, alerts, products, etc. that feed into and influence the output of other functions’ operations?
    • Have you assigned program responsibilities in a detailed RACI chart?
    • Is there a structured cadence schedule for key stakeholders to actively communicate and share information?
    • Have you developed a structured measurement program on a per function basis?
    • Now that you have constructed your ideal security operations program strategy, revisit the question “Are you answering all of your objectives?”

    If you answered “yes” to the questions, then you are ready to implement your security operations program.

    Summary

    Insights

    1. Security operations is no longer a center, but a process. The need for a physical security hub has evolved into the virtual fusion of prevention, detection, analysis, and response efforts. When all four functions operate as a unified process, your organization will be able to proactively combat changes in the threat landscape.
    2. Functional threat intelligence is a prerequisite for effective security operations – without it, security operations will be inefficient and redundant. Eliminate false positives by contextualizing threat data, aligning intelligence with business objectives, and building processes to satisfy those objectives
    3. If you are not communicating, then you are not secure. Collaboration eliminates siloed decisions by connecting people, processes, and technologies. You leave less room for error, consume fewer resources, and improve operational efficiency with a transparent security operations process.

    Best Practices

    • Have a structured plan of attack. Define your unique threat landscape, as well as business, regulatory, and consumer obligations.
    • Foster both internal and external collaboration.
    • Understand the operational cut-off points. While collaboration is encouraged, understand when the onus shifts to the rest of the threat collaboration environment.
    • Do not bite off more than you can chew. Identify current people, processes, and technologies that satisfy immediate problems and enable future expansion.
    • Leverage threat intelligence to create a predictive and proactive security operations analysis process.
    • Formalize escalation procedures with logic and incident management flow.
    • Don’t develop a security operations program with the objective of zero incidents. This reliance on prevention results in over-engineered security solutions that cost more than the assets being protected.
    • Ensure that information flows freely throughout the threat collaboration environment – each function should serve to feed and enhance the next.
    • Develop a central web/knowledge portal that is easily accessible throughout the threat collaboration environment
    Protect your organization with an interdependent and collaborative security operations program.

    Bibliography

    “2016 State of Cybersecurity in Small & Medium-Sized Businesses (SMB).” Ponemon Institute, June 2016. Web. 10 Nov. 2016.

    Ahmad, Shakeel et al. “10 Tips to Improve Your Security Incident Readiness and Response.” RSA, n.d. Web. 12 Nov. 2016.

    Anderson, Brandie. “ Building, Maturing & Rocking a Security Operations Center.” Hewlett Packard, n.d. Web. 4 Nov. 2016.

    Barnum, Sean. “Standardizing cyber threat intelligence information with the structured threat information expression.” STIX, n.d. Web. 03 Oct. 2016.

    Bidou, Renaud. “Security Operation Center Concepts & Implementation.” IV2-Technologies, n.d. Web. 20 Nov. 2016.

    Bradley, Susan. “Cyber threat intelligence summit.” SANS Institute InfoSec Reading Room, n.d. Web. 03 Oct. 2016.

    “Building a Security Operations Center.” DEF CON Communications, Inc., 2015. Web. 14 Nov. 2016.

    “Building a Successful Security Operations Center.” ArcSight, 2015. Web. 21 Nov. 2016.

    “Building an Intelligence-Driven Security Operations Center.” RSA, June 2014. Web. 25 Nov. 2016.

    Caltagirone, Sergio, Andrew Pendergast, and Christopher Betz. “Diamond Model of Intrusion Analysis,” Center for Cyber Threat Intelligence and Threat Research, 5 July 2013. Web. 25 Aug. 2016.

    “Cisco 2017 Annual Cybersecurity Report: Chief Security Officers Reveal True Cost of Breaches and the Actions Organizations Are Taking.” The Network. Cisco, 31 Jan. 2017. Web. 11 Nov. 2017.

    “CITP Training and Education.” Carnegie Mellon University, 2015. Web. 03 Oct. 2016.

    “Creating and Maintaining a SOC.” Intel Security, n.d. Web. 14 Nov. 2016.

    “Cyber Defense.” Mandiant, 2015. Web. 10 Nov. 2016.

    “Cyber Security Operations Center (CSOC).” Northrop Grumman, 2014. Web. 14 Nov. 2016.

    Danyliw, Roman. “Observations of Successful Cyber Security Operations.” Carnegie Mellon, 12 Dec. 2016. Web. 14 Dec. 2016.

    “Designing and Building Security Operations Center.” SearchSecurity. TechTarget, Mar. 2016. Web. 14 Dec. 2016.

    EY. “Managed SOC.” EY, 2015. Web. 14 Nov. 2016.

    Fishbach, Nicholas. “How to Build and Run a Security Operations Center.” Securite.org, n.d. Web. 20 Nov. 2016.

    “Framework for improving critical infrastructure cybersecurity.” National Institute of Standards and Technology, 12 Feb. 2014. Web.

    Friedman, John, and Mark Bouchard. “Definitive Guide to Cyber Threat Intelligence.” iSIGHT, 2015. Web. 1 June 2015.

    Goldfarb, Joshua. “The Security Operations Hierarchy of Needs.” Securityweek.com, 10 Sept. 2015. Web. 14 Dec. 2016.

    “How Collaboration Can Optimize Security Operations.” Intel, n.d. Web. 2 Nov. 2016.

    Hslatman. “Awesome threat intelligence.” GitHub, 16 Aug. 2016. Web. 03 Oct. 2016.

    “Implementation Framework – Collection Management.” Carnegie Mellon University, 2015. Web.

    “Implementation Framework – Cyber Threat Prioritization.” Carnegie Mellon University, 03 Oct. 2016. Web. 03 Oct. 2016.

    “Intelligent Security Operations Center.” IBM, 25 Feb. 2015. Web. 15 Nov. 2016.

    Joshi Follow , Abhishek. “Best Practices for Security Operations Center.” LinkedIn, 01 Nov. 2015. Web. 14 Nov. 2016.

    Joshi. “Best Practices for a Security Operations Center.” Cybrary, 18 Sept. 2015. Web. 14 Dec. 2016.

    Kelley, Diana and Ron Moritz. “Best Practices for Building a Security Operations Center.” Information Security Today, 2006. Web. 10 Nov. 2016.

    Killcrece, Georgia, Klaus-Peter Kossakowski, Robin Ruefle, and Mark Zajicek. ”Organizational Models for Computer Security Incident Response Teams (CSIRTs).” Carnegie Mellon Software Engineering Institute, Dec. 2003. Carnegie Mellon. Web. 10 Nov. 2016.

    Kindervag , John. “SOC 2.0: Three Key Steps toward the Next-generation Security Operations Center.” SearchSecurity. TechTarget, Dec. 2010. Web. 14 Dec. 2016.

    Kvochko, Elena. “Designing the Next Generation Cyber Security Operations Center.” Forbes Magazine, 14 Mar. 2016. Web. 14 Dec. 2016.

    Lambert, P. “ Security Operations Center: Not Just for Huge Enterprises.” TechRepublic, 31 Jan. 2013. Web. 10 Nov. 2016.

    Lecky, M. and D. Millier. “Re-Thinking Security Operations.” SecTor Security Education Conference. Toronto, 2014.

    Lee, Michael. “Three Elements That Every Advanced Security Operations Center Needs.” CSO | The Resource for Data Security Executives, n.d. Web. 16 Nov. 2016.

    Linch, David and Jason Bergstrom. “Building a Culture of Continuous Improvement in an Age of Disruption.” Deloitte LLP, 2014.

    Lynch, Steve. “Security Operations Center.” InfoSec Institute, 14 May 2015. Web. 14 Dec. 2016.

    Macgregor, Rob. “Diamonds or chains – cyber security updates.” PwC, n.d. Web. 03 Oct. 2016.

    “Make Your Security Operations Center (SOC) More Efficient.” Making Your Data Center Energy Efficient (2011): 213-48. Intel Security. Web. 20 Nov. 2016.

    Makryllos, Gordon. “The Six Pillars of Security Operations.” CSO | The Resource for Data Security Executives, n.d. Web. 14 Nov. 2016.

    Marchany, R. “ Building a Security Operations Center.” Virginia Tech, 2015. Web. 8 Nov. 2016.

    Marty, Raffael. “Dashboards in the Security Operations Center (SOC).” Security Bloggers Network, 15 Jan. 2016. Web. 14 Nov. 2016.

    Minu, Adolphus. “Discovering the Value of Knowledge Portal.” IBM, n.d. Web. 1 Nov. 2016.

    Muniz, J., G. McIntyre, and N. AlFardan. “Introduction to Security Operations and the SOC.” Security Operations Center: Building, Operating, and Maintaining your SOC. Cisco Press, 29 Oct. 2015. Web. 14 Nov. 2016.

    Muniz, Joseph and Gary McIntyre. “ Security Operations Center.” Cisco, Nov. 2015. Web. 14 Nov. 2016.

    Muniz, Joseph. “5 Steps to Building and Operating an Effective Security Operations Center (SOC).” Cisco, 15 Dec. 2015. Web. 14 Dec. 2016.

    Nathans, David. Designing and Building a Security Operations Center. Syngress, 2015. Print.

    National Institute of Standards and Technology. “SP 800-61 Revision 2: Computer Security Incident Handling Guide.” 2012. Web.

    National Institute of Standards and Technology. “SP 800-83 Revision 1.” 2013. Web.

    National Institute of Standards and Technology. “SP 800-86: Guide to Integrating Forensic Techniques into Incident Response.” 2006. Web.

    F5 Networks. “F5 Security Operations Center.” F5 Networks, 2014. Web. 10 Nov. 2016.

    “Next Generation Security Operations Center.” DTS Solution, n.d. Web. 20 Nov. 2016.

    “Optimizing Security Operations.” Intel, 2015. Web. 4 Nov. 2016.

    Paganini, Pierluigi. “What Is a SOC ( Security Operations Center)?” Security Affairs, 24 May 2016. Web. 14 Dec. 2016.

    Ponemon Institute LLC. “Cyber Security Incident Response: Are we as prepared as we think?” Ponemon, 2014. Web.

    Ponemon Institute LLC. “The Importance of Cyber Threat Intelligence to a Strong Security Posture.” Ponemon, Mar. 2015. Web. 17 Aug. 2016.

    Poputa-Clean, Paul. “Automated defense – using threat intelligence to augment.” SANS Institute InfoSec Reading Room, 15 Jan. 2015. Web.

    Quintagroup. “Knowledge Management Portal Solution.” Quintagroup, n.d. Web.

    Rasche, G. “Guidelines for Planning an Integrated Security Operations Center.” EPRI, Dec. 2013. Web. 25 Nov. 2016.

    Rehman, R. “What It Really Takes to Stand up a SOC.” Rafeeq Rehman – Personal Blog, 27 Aug. 2015. Web. 14 Dec. 2016.

    Rothke, Ben. “Designing and Building Security Operations Center.” RSA Conference, 2015. Web. 14 Nov. 2016.

    Ruks, Martyn and David Chismon. “Threat Intelligence: Collecting, Analysing, Evaluating.” MWR Infosecurity, 2015. Web. 24 Aug. 2016.

    Sadamatsu, Takayoshi. “Practice within Fujitsu of Security Operations Center.” Fujitsu, July 2016. Web. 15 Nov. 2016.

    Sanders, Chris. “Three Useful SOC Dashboards.” Chris Sanders, 24 Oct. 2016. Web. 14 Nov. 2016.

    SANS Institute. “Incident Handler's Handbook.” 2011. Web.

    Schilling, Jeff. “5 Pitfalls to Avoid When Running Your SOC.” Dark Reading, 18 Dec. 2014. Web. 14 Nov. 2016.

    Schinagl, Stef, Keith Schoon, and Ronald Paans. “A Framework for Designing a Security Operations Centre (SOC).” 2015 48th Hawaii International Conference on System Sciences. Computer.org, 2015. Web. 20 Nov. 2016.

    “Security – Next Gen SOC or SOF.” InfoSecAlways.com, 31 Dec. 2013. Web. 14 Nov. 2016.

    “Security Operations Center Dashboard.” Enterprise Dashboard Digest, n.d. Web. 14 Dec. 2016.

    “Security Operations Center Optimization Services.” AT&T, 2015. Web. 5 Nov. 2016.

    “Security Operations Centers — Helping You Get Ahead of Cybercrime Contents.” EY, 2014. Web. 6 Nov. 2016.

    Sheikh, Shah. “DTS Solution - Building a SOC (Security Operations Center).” LinkedIn, 4 May 2013. Web. 20 Nov. 2016.

    Soto, Carlos. “ Security Operations Center (SOC) 101.” Tom's IT Pro, 28 Oct. 2015. Web. 14 Dec. 2016.

    “Standardizing and Automating Security Operations.” National Institute of Standards and Technology, 3 Sept. 2006. Web.

    “Strategy Considerations for Building a Security Operations Center.” IBM, Dec. 2013. Web. 5 Nov. 2016.

    “Summary of Key Findings.” Carnegie Mellon University, 03 Oct. 2016. Web. 03 Oct. 2016.

    “Sustainable Security Operations.” Intel, 2016. Web. 20 Nov. 2016.

    “The Cost of Malware Containment.” Ponemon Institute, Jan. 2015. Web.

    “The Game Plan for Closing the SecOps Gap.” BMC. Forbes Magazine, Jan. 2016. Web. 10 Jan. 2017.

    Veerappa Srinivas, Babu. “Security Operations Centre (SOC) in a Utility Organization.” GIAC, 17 Sept. 2014. Web. 5 Nov. 2016.

    Wang, John. “Anatomy of a Security Operations Center.” NASA, 2015. Web. 2 Nov. 2016.

    Weiss, Errol. “Statement for the Record.” House Financial Services Committee, 1 June 2012. Web. 12 Nov. 2016.

    Wilson, Tim. “SOC 2.0: A Crystal-Ball Glimpse of the Next-Generation Security Operations Center.” Dark Reading, 22 Nov. 2010. Web. 10 Nov. 2016.

    Zimmerman, Carson. “Ten Strategies of a World-Class Cybersecurity Operations Center.” Mitre, 2014. Web. 24 Aug. 2016.

    Build a Better Manager

    • Buy Link or Shortcode: {j2store}603|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Train & Develop
    • Parent Category Link: /train-and-develop
    • Management skills training is needed, but organizations are struggling to provide training that makes a long-term difference in the skills managers actually use in their day to day.
    • Many training programs are ineffective because they offer the wrong content, deliver it in a way that is not memorable, and are not aligned with the IT department’s business objectives.

    Our Advice

    Critical Insight

    • More of the typical manager training is not enough to solve the problem of underprepared first-time IT managers.
    • You must overcome the key pitfalls of ineffective training to deliver training that is better than the norm.
    • Offer tailored training that focuses on skill building and is aligned with measurable business goals to make your manager training a tangible success.

    Impact and Result

    Use Info-Tech’s tactical, practical training materials to deliver training that is:

    • Specifically tailored to first-time IT managers.
    • Designed around practical application of new skills.
    • Aligned with your department’s business goals.

    Build a Better Manager Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build a Better Manager Capstone Deck – This deck will guide you through identifying the critical skills your managers need to succeed and planning out a training program tailored to your team and organization.

    This deck presents a behind-the-scenes explanation for the training materials, enabling a facilitator to deliver the training.

    • Build a Better Manager – Phases 1-3

    2. Facilitation Guides – These ready-to-deliver presentation decks span 8 modules. Each module covers a key management skill. The modules can be delivered independently or as a series.

    The modules are complete with presentation slides, speaker’s notes, and accompanying participant workbooks and provide everything you need to deliver the training to your team.

    • Accountability Facilitation Guide
    • Coaching and Feedback Facilitation Guide
    • Communicate Effectively Facilitation Guide
    • Manage Conflict Constructively Facilitation Guide
    • Your Role in Decision Making Facilitation Guide
    • Master Time Facilitation Guide
    • Performance Management Facilitation Guide
    • Your Role in the Organization Facilitation Guide

    3. Participant Workbooks and Supporting Materials – Each training module comes with a corresponding participant workbook to help trainees record insights and formulate individual skill development plans.

    Each workbook is tailored to the presentation slides in its corresponding facilitation guide. Some workbooks have additional materials, such as role play scenarios, to aid in practice. Every workbook comes with example entries to help participants make the most of their training.

    • Communicate Effectively Participant Workbook
    • Performance Management Participant Workbook
    • Coaching and Feedback Participant Workbook
    • Effective Feedback Training Role Play Scenarios
    • Your Role in the Organization Participant Workbook
    • Your Role in Decision Making Participant Workbook
    • Decision Making Case Study
    • Manage Conflict Constructively Participant Workbook
    • Conflict Resolution Role Play Scenarios
    • Master Time Participant Workbook
    • Accountability Participant Workbook
    [infographic]

    Workshop: Build a Better Manager

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Build a Better Manager

    The Purpose

    Attend training on the specific topics necessary for each individual management team.

    Each workshop consists of four days, one 3-hour training session per day. One module is delivered per day, selecting from the following pool of topics:

    Master Time

    Accountability

    Your Role in the Organization

    Your Role in Decision Making

    Manage Conflict Constructively

    Effective Communication

    Performance Management

    Coaching & Feedback

    Key Benefits Achieved

    Managers learn about best practices, practice their application, and formulate individual skill development plans.

    Activities

    1.1 Training on one topic per day, for four days (selected from a pool of eight possible topics)

    Outputs

    Completed workbook and action plan

    Further reading

    Build a Better Manager

    Support IT success with a solid management foundation.

    Analyst Perspective

    Training that delivers results.

    Jane Koupstova.

    Ninety-eight percent of managers say they need more training, but 93% of managers already receive some level of manager training. Unfortunately, the training typically provided, although copious, is not working. More of the same will never get you better outcomes.

    How many times have you sat through training that was so long, you had no hope of implementing half of it?

    How many times have you been taught best practices, with zero guidance on how to apply them?

    To truly support our managers, we need to rethink manager training. Move from fulfilling an HR mandate to providing truly trainee-centric instruction. Teach only the right skills – no fluff – and encourage and enable their application in the day to day.

    Jane Kouptsova
    Research Director, People & Leadership
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    IT departments often promote staff based on technical skill, resulting in new managers feeling unprepared for their new responsibilities in leading people.

    The success of your organization hinges on managers’ ability to lead their staff; by failing to equip new managers adequately, you are risking the productivity of your entire department.

    Despite the fact that $14 billion is spent annually on leadership training in the US alone (Freedman, 2016), only one in ten CIOs believe their department is very effective at leadership, culture, and values (Info-Tech, 2019).

    Training programs do not deliver results due to trainee overwhelm, ineffective skill development, and a lack of business alignment.

    Use Info-Tech’s tactical, practical approach to management training to deliver training that:

    • Is specifically tailored to first-time IT managers.
    • Is designed around practical application of new skills.
    • Is aligned with your department’s business goals.
    • Equips your new managers with essential skills and foundational competencies

    Info-Tech Insight

    When it comes to manager training, more is not more. Attending training is not equal to being trained. Even good information is useless when it doesn’t get applied. If your role hasn’t required you to use your training within 48 hours, you were not trained on the most relevant skills.

    Effective managers drive effective departments by engaging their teams

    The image contains a screenshot to demonstrate effective managers.

    Engaged teams are:

    • 52% more willing to innovate*
    • 70% more likely to be at the organization a year from now**
    • 57% more likely to exceed their role’s expectations**

    Engaged teams are driven by managers:

    • 70% of team-level engagement is accounted for by managers***
    *McLean & Company; N=3,395; **McLean & Company; N=5,902; ***Gallup, 2018

    Despite the criticality of their role, IT organizations are failing at supporting new managers

    87% of middle managers wish they had more training when they were first promoted

    98% of managers say they need more training

    Source: Grovo, 2016

    IT must take notice:

    IT as an industry tends to promote staff on the basis of technical skill. As a result, new managers find themselves suddenly out of their comfort zone, tasked with leading teams using management skills they have not been trained in and, more often than not, having to learn on the job. This is further complicated because many new IT managers must go from a position of team member to leader, which can be a very complex transition.

    The truth is, many organizations do try and provide some degree of manager training, it just is not effective

    99% of companies offer management training*

    93% of managers attend it*

    $14 billion spent annually in the US on leadership training**

    Fewer than one in ten CIOs believe their IT department is highly effective at leadership, culture, and values.

    The image contains a screenshot of a pie chart that demonstrates the effectiveness of the IT department at leadership, culture, and values.

    *Grovo, 2016; **Chief Executive, 2016
    Info-Tech’s Management & Governance Diagnostic, N=337 CIOs

    There are three key reasons why manager training fails

    1. Information Overload

    Seventy-five percent of managers report that their training was too long to remember or to apply in their day to day (Grovo, 2016). Trying to cover too much useful information results in overwhelm and does not deliver on key training objectives.

    2. Limited Implementation

    Thirty-three percent of managers find that their training had insufficient follow-up to help them apply it on the job (Grovo, 2016). Learning is only the beginning. The real results are obtained when learning is followed by practice, which turns new knowledge into reliable habits.

    3. Lack of departmental alignment

    Implementing training without a clear link to departmental and organizational objectives leaves you unable to clearly communicate its value, undermines your ability to secure buy-in from attendees and executives, and leaves you unable to verify that the training is actually improving departmental effectiveness.

    Overcome those common training pitfalls with tactical solutions

    MOVE FROM

    TO

    1. Information Overload

    Timely, tailored topics

    The more training managers attend, the less likely they are to apply any particular element of it. Combat trainee overwhelm by offering highly tactical, practical training that presents only the essential skills needed at the managers’ current stage of development.

    2. Limited Implementation

    Skills-focused framework

    Many training programs end when the last manager walks out of the last training session. Ensure managers apply their new knowledge in the months and years after the training by relying on a research-based framework that supports long-term skill building.

    3. Lack of Departmental Alignment

    Outcome-based measurement

    Setting organizational goals and accompanying metrics ahead of time enables you to communicate the value of the training to attendees and stakeholders, track whether the training is delivering a return on your investment, and course correct if necessary.

    This research combats common training challenges by focusing on building habits, not just learning ideas

    Manager training is only useful if the skills it builds are implemented in the day-to-day.

    Research supports three drivers of successful skill building from training:

    Habits

    Organizational Support

    The training modules include committing to implementing new skills on the job and scheduling opportunities for feedback.

    Learning Structure

    Training activities are customizable, flexible, and accompanied by continuous learning self-evaluation.

    Personal Commitment

    Info-Tech’s methodology builds in activities that foster accountability and an attitude of continuous improvement.

    Learning

    Info-Tech Insight

    When it comes to manager training, stop thinking about learning, and start thinking about practice. In difficult situations, we fall back on habits, not theoretical knowledge. If a manager is only as good as their habits, we need to support them in translating knowledge into practice.

    This research focuses on building good management habits to drive enterprise success

    Set up your first-time managers for success by leveraging Info-Tech’s training to focus on three key areas of management:

    • Managing people as a team
    • Managing people as individuals
    • Managing yourself as a developing leader

    Each of these areas:

    • Is immediately important for a first-time manager
    • Includes practical, tactical skills that can be implemented quickly
    • Translates to departmental and organizational benefits

    Info-Tech Insight

    There is no such thing as “effective management training.” Various topics will be effective at different times for different roles. Delivering only the highest-impact learning at strategic points in your leadership development program will ensure the learning is retained and translates to results.

    This blueprint covers foundational training in three key domains of effective management

    Effective Managers

    • Self
      • Conflict & Difficult Conversations
      • Your Role in the Organization
      • Your Role in Decisions
    • Team
      • Communication
      • Feedback & Coaching
      • Performance Management
    • People
      • Master Time
      • Delegate
      • Accountability

    Each topic corresponds to a module, which can be used individually or as a series in any order.

    Choose topics that resonate with your managers and relate directly to their day-to-day tasks. Training on topics that may be useful in the future, while interesting, is less likely to generate lasting skill development.

    Info-Tech Best Practice

    This blueprint is not a replacement for formal leadership or management certification. It is designed as a practical, tactical, and foundational introduction to key management capabilities.

    Info-Tech’s training tools guide participants through successful skill building

    Practical facilitation guides equip you with the information, activities, and speaker’s notes necessary to deliver focused, tactical training to your management team.

    The participant’s workbook guides trainees through applying the three drivers of skill building to solidify their training into habits.

    Measure the effectiveness of your manager training with outcomes-focused metrics

    Linking manager training with measurable outcomes allows you to verify that the program is achieving the intended benefits, course correct as needed, and secure buy-in from stakeholders and participants by articulating and documenting value.

    Use the metrics suggested below to monitor your training program’s effectiveness at three key stages:

    Program Metric

    Calculation

    Program enrolment and attendance

    Attendance at each session / Total number enrolled in session

    First-time manager (FTM) turnover rate

    Turnover rate: Number of FTM departures / Total number of FTMs

    FTM turnover cost

    Number of departing FTMs this year * Cost of replacing an employee

    Manager Effectiveness Metric

    Calculation

    Engagement scores of FTM's direct reports

    Use Info-Tech's Employee Engagement surveys to monitor scores

    Departures as a result of poor management

    Number of times "manager relationships" is selected as a reason for leaving on an exit survey / Total number of departures

    Cost of departures due to poor management

    Number of times "manager relationships" is selected as a reason for leaving on an exit survey * Cost associated with replacing an employee

    Organizational Outcome Metric

    Calculation

    On-target delivery

    % projects completed on-target = (Projects successfully completed on time and on budget / Total number of projects started) * 100

    Business stakeholder satisfaction with IT

    Use Info-Tech’s business satisfaction surveys to monitor scores

    High-performer turnover rate

    Number of permanent, high-performing employee departures / Average number of permanent, high-performing employees

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.” “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.” “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.” “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3

    Call #1: Scope requirements, objectives, and your specific challenges.

    Call #2: Review selected modules and discuss training delivery.

    Call #3: Review training delivery, discuss lessons learned. Review long-term skill development plan.

    A Guided Implementation (GI) is a series

    of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 1 to 3 calls over the course of several months, depending on training schedule.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4

    3-Hour Training Session

    3-Hour Training Session

    3-Hour Training Session

    3-Hour Training Session

    Activities

    Training on topic 1 (selected from a pool of 8 possible topics)

    Training on topic 2 (selected from a pool of 8 possible topics)

    Training on topic 3 (selected from a pool of 8 possible topics)

    Training on topic 4 (selected from a pool of 8 possible topics)

    Deliverables

    Completed workbook and action plan

    Completed workbook and action plan

    Completed workbook and action plan

    Completed workbook and action plan

    Pool of topics:

    • Master Time
    • Accountability
    • Your Role in the Organization
    • Your Role in Decision Making
    • Manage Conflict Constructively
    • Effective Communication
    • Performance Management
    • Coaching & Feedback

    Phase 1

    Prepare to facilitate training

    Phase 1 Phase 2 Phase 3
    • Select training topics
    • Customize the training facilitation guide for your organization
    • Deliver training modules
    • Confirm skill development action plan with trainees
    • Secure organizational support from trainees' supervisors

    Outcomes of this phase:

    • Training facilitation deck customized to organizational norms
    • Training workbook distributed to participants
    • Training dates and facilitator finalized

    1.1 Select training modules

    1-3 hours

    1. Review the module descriptions on the following slides.
    2. Identify modules that will address managers’ most pressing development needs.
      To help make this decision, consult the following:
      • Trainees’ development plans
      • Trainees’ supervisors
    Input Output
    • Module descriptions
    • Trainees’ development goals and needs
    • Prioritized list of training modules
    Materials Participants
    • Prioritized list of training modules
    • Training sponsor
    • Trainees’ supervisors

    Effective Communication

    Effective communication is the cornerstone of good management

    Effective communication can make or break your IT team’s effectiveness and engagement and a manager’s reputation in the organization. Effective stakeholder management and communication has a myriad of benefits – yet this is a key area where IT leaders continue to struggle.


    There are multiple ways in which you communicate with your staff. The tactics you will learn in this section will help you to:

    1. Understand communication styles. Every staff member has a predisposition in terms of how they give, receive, and digest information. To drive effective communication new managers need to understand the profiles of each of their team members and adjust their communicate style to suit.
    2. Understand what your team members want communicated to them and how. Communication is highly personal, and a good manager needs to clearly understand what their team wants to be informed about, their desired interactions, and when they need to be involved in decision making. They also must determine the appropriate channels for communication exchanges.
    3. Make meetings matter. Many new managers never receive training on what differentiates a good and bad meeting. Effective meetings have a myriad of benefits, but more often than not meetings are ineffective, wasting both the participants’ and organizer’s time. This training will help you to ensure that every team meeting drives a solid outcome and gets results.

    Benefits:

    • Better buy-in, understanding, and communication.
    • Improved IT reputation with the organization.
    • Improved team engagement.
    • Improved stakeholder satisfaction.
    • Better-quality decision making.
    • Improved transparency, trust, and credibility.
    • Less waste and rework.
    • Greater ability to secure support and execute the agenda.
    • More effective cooperation on activities, better quality information, and greater value from stakeholder input.
    • Better understanding of IT performance and contribution.

    Effective Communication

    Effective manager communication has a direct impact on employee engagement

    35% Of organizations say they have lost an employee due to poor internal communication (project.co, 2021).

    59% Of business leaders lose work time to mistakes caused by poor communication (Grammarly, 2022).

    $1.2 trillion Lost to US organizations as a result of poor communication (Grammarly, 2022).

    Effective Communication

    Effective communication is crucial to all parts of the business

    Operations

    Human Resources

    Finance

    Marketing

    Increases production by boosting revenue.

    Reduces the cost of litigation and increases revenue through productivity improvements.

    Reduces the cost of failing to comply with regulations.

    Increases attraction and retention of key talent.

    Effective Communication

    The Communicate Effectively Facilitation Guide covers the following topics:

    • Understand Communication Styles
    • Tailor Communication Methods to Activities
    • Make Meetings Matter

    Learning outcomes:

    Main goal: Become a better communicator across a variety of personal styles and work contexts.

    Key objectives:

    • Reaffirm why effective communication matters.
    • Work with people with different communication styles.
    • Communicate clearly and effectively within a team.
    • Make meetings more effective.

    Info-Tech Insight

    First-time IT managers face specific communication challenges that come with managing people for the first time: learning to communicate a greater variety of information to different kinds of people, in a variety of venues. Tailored training in these areas helps managers focus and fast-track critical skill development.

    Performance Management

    Meaningful performance measures drive employee engagement, which in turn drives business success

    Meaningful performance measures help employees understand the rationale behind business decisions, help managers guide their staff, and clarify expectations for employees. These factors are all strong predictors of team engagement:

    The image contains a screenshot to demonstrate the relationship and success between performance measures and employee engagement.

    Performance Management

    Clear performance measures benefit employees and the organization

    Talent Management Outcomes

    Organizational Outcomes

    Performance measure are key throughout the talent management process.

    Candidates:

    • Want to know how they will be assessed
    • Rely on measures to become productive as soon as possible

    Employees:

    • Benefit from training centered on measures that are aligned with business outcomes
    • Are rewarded, recognized, and compensated based on measurable guidelines

    Promotions and Evaluations:

    • Are more effective when informed by meaningful performance measures that align with what leadership believes is important

    Performance measures benefit the organization by:

    • Helping employees know the steps to take to improve their performance
    • Ensuring alignment between team objectives and organizational goals
    • Providing a standardized way to support decision making related to compensation, promotions, and succession planning
    • Reducing “gaming” of metrics, when properly structured, thereby reducing risk to the organization
    • Affording legal defensibility by providing an objective basis for decision making

    Performance Management

    The Performance Management Facilitation Guide covers the following topics:

    • Develop Meaningful Goals
    • Set Meaningful Metrics

    Learning outcomes:

    Main goal: Become proficient in setting, tracking, and communicating around performance management goals.

    Key objectives:

    • Understand the role of managers and employees in the performance management process.
    • Learn to set SMART, business-aligned goals for your team.
    • Learn to help employees set useful individual goals.
    • Learn to set meaningful, holistic metrics to track goal progression.
    • Understand the relationship between goals, metrics, and feedback.

    Info-Tech Insight

    Goal and metric development holds special significance for first-time IT managers because it now impacts not only their personal performance, but that of their employees and their team collectively. Training on these topics with a practical team- and employee-development approach is a focused way to build these skills.

    Coaching & Feedback

    Coaching and feedback are effective methods to influence employees and drive business outcomes

    COACHING is a conversation in which a manager asks an employee questions to guide them to solve problems themselves, instead of just telling them the answer.

    Coaching increases employee happiness, and decreases turnover.1

    Coaching promotes innovation.2

    Coaching increases employee engagement, effort and performance.3

    FEEDBACK is information about the past, given in the present, with the goal of influencing behavior or performance for the future. It includes information given for reinforcement and redirection.

    Honest feedback enhances team psychological safety.4

    Feedback increases employee engagement.5

    Feedback boosts feelings of autonomy and drives innovation.6

    1. Administrative Sciences, 2022
    2. International Review of Management and Marketing, 2020
    3. Current Psychology, 2021
    4. Quantum Workplace, 2021
    5. Issues and Perspectives in Business and Social Sciences, 2022
    6. Sustainability, 2021

    Coaching & Feedback

    The Coaching & Feedback Facilitation Guide covers the following topics:

    • The 4 A’s of Coaching
    • Effective Feedback

    Learning outcomes:

    Main goal: Get prepared to coach and offer feedback to your staff as appropriate.

    Key objectives:

    • Understand the difference between coaching and feedback and when to apply each one.
    • Learn the importance of a coaching mindset.
    • Learn effective coaching via the 4 A’s framework.
    • Understand the actions that make up feedback and the factors that make it successful.
    • Learn to deal with resistance to feedback.

    Info-Tech Insight

    First-time managers often shy away from giving coaching and feedback, stalling their team’s performance. A focused and practical approach to building these skills equips new managers with the tools and confidence to tackle these challenges as soon as they arise.

    Your Role in the Organization

    IT managers who understand the business context provide more value to the organization

    Managers who don’t understand the business cannot effect positive change. The greater understanding that IT managers have of business context, the more value they provide to the organization as seen by the positive relationship between IT’s understanding of business needs and the business’ perception of IT value.

    The image contains a screenshot of a scatter plot grid demonstrating business satisfaction with IT Understanding of Needs across Overall IT Value.

    Source: Info-Tech Research Group

    Your Role in the Organization

    Knowing your stakeholders is key to understanding your role in the business and providing value to the organization

    To understand your role in the business, you need to know who your stakeholders are and what value you and your team provide to the organization. Knowing how you help each stakeholder meet their wants needs and goals means that you have the know-how to balance experience and outcome-based behaviors. This is the key to being an attentive leader.


    The tactics you will learn in this section will help you to:

    1. Know your stakeholders. There are five key stakeholders the majority of IT managers have: management, peers, direct reports, internal users, and external users or customers. Managers need to understand the goals, needs, and wants of each of these groups to successfully provide value to the organization.
    2. Understand the value you provide to each stakeholder. Stakeholder relationship management requires IT managers to exhibit drive and support behaviors based on the situation. By knowing how you drive and support each stakeholder, you understand how you provide value to the organization and support its mission, vision, and values.
    3. Communicate the value your team provides to the organization to your team. Employees need to understand the impact of their work. As an IT manager, you are responsible for communicating how your team provides value to the organization. Mission statements on how you provide value to each stakeholder is an easy way to clearly communicate purpose to your team.

    Benefits:

    • Faster and higher growth.
    • Improved team engagement.
    • Improved stakeholder satisfaction.
    • Better quality decision making.
    • More innovation and motivation to complete goals and tasks.
    • Greater ability to secure support and execute on goals and tasks.
    • More effective cooperation on activities, better quality information, and greater value from stakeholder input.
    • Better understanding of IT performance and contribution.

    Your Role in the Organization

    The Your Role in the Organization Facilitation Guide covers the following topics:

    • Know Your Stakeholders
    • Understand the Value You Provide to the Organization
    • Develop Learnings Into Habits

    Learning outcomes:

    Main goal: Understand how your role and the role of your team serves the business.

    Key objectives:

    • Learn who your stakeholders are.
    • Understand how you drive and support different stakeholder relationships.
    • Relate your team’s tasks back to the mission, vision, and values of the organization.
    • Create a mission statement for each stakeholder to bring back to your team.

    Info-Tech Insight

    Before training first-time IT managers, take some time as the facilitator to review how you will serve the wants and needs of those you are training and your stakeholders in the organization.

    Decision Making

    Bad decisions have tangible costs, so managers must be trained in how to make effective decisions

    To understand your role in the decision-making process, you need to know what is expected of you and you must understand what goes into making a good decision. The majority of managers report they have no trouble making decisions and that they are good decision makers, but the statistics say otherwise. This ease at decision making is due to being overly confident in their expertise and an inability to recognize their own ignorance.1


    The tactics you will learn in this section will help you to:

    1. Effectively communicate decisions. Often, first-time managers are either sharing their decision recommendations with their manager or they are communicating a decision down to their team. Managers need to understand how to have these conversations so their recommendations provide value to management and top-down decisions are successfully implemented.
    2. Provide valuable feedback on decisions. Evaluating decisions is just as critical as making decisions. If decisions aren’t reviewed, there is no data or feedback to discover why a decision was a success or failure. Having a plan in place before the decision is made facilitates the decision review process and makes it easier to provide valuable feedback.
    3. Avoid common decision-making mistakes. Heuristics and bias are common decision pitfalls even senior leaders are susceptible to. By learning what the common decision-making mistakes are and being able to recognize them when they appear in their decision-making process, first-time managers can improve their decision-making ability.

    20% Of respondents say their organizations excel at decision making (McKinsey, 2018).

    87% “Diverse teams are 87% better at making decisions” (Upskillist, 2022).

    86% of employees in leadership positions blame the lack of collaboration as the top reason for workplace failures (Upskillist, 2022).

    Decision Making

    A decision-making process is imperative, even though most managers don’t have a formal one

    1. Identify the Problem and Define Objectives
    2. Establish Decision Criteria
    3. Generate and Evaluate Alternatives
    4. Select an Alternative and Implement
    5. Evaluate the Decision

    Managers tend to rely on their own intuition which is often colored by heuristics and biases. By using a formal decision-making process, these pitfalls of intuition can be mitigated or avoided. This leads to better decisions.

    First-time managers are able to apply this framework when making decision recommendations to management to increase their likelihood of success, and having a process will improve their decisions throughout their career and the financial returns correlated with them.

    Decision Making

    Recognizing personal heuristics and bias in the decision-making process improves more than just decision results

    Employees are able to recognize bias in the workplace, even when management can’t. This affects everything from how involved they are in the decision-making process to their level of effort and productivity in implementing decisions. Without employee support, even good decisions are less likely to have positive results. Employees who perceive bias:

    Innovation

    • Hold back ideas and solutions
    • Intentionally fail to follow through on important projects and tasks

    Brand Reputation

    • Speak negatively about the company on social media
    • Do not refer open positions to qualified persons in their network

    Engagement

    • Feel alienated
    • Actively seek new employment
    • Say they are not proud to work for the company

    Decision Making

    The Decision Making Facilitation Guide covers the following topics:

    • Effectively Communicate Decisions
    • Provide Valuable Feedback on Decisions
    • Avoid Common Decision-Making Mistakes

    Learning outcomes:

    Main goal: Understand how to successfully perform your role in the decision process.

    Key objectives:

    • Understand the decision-making process and how to assess decisions.
    • Learn how to communicate with your manager regarding your decision recommendations.
    • Learn how to effectively communicate decisions to your team.
    • Understand how to avoid common decision-making errors.

    Info-Tech Insight

    Before training a decision-making framework, ensure it is in alignment with how decisions are made in your organization. Alternatively, make sure leadership is on board with making a change.

    Manage Conflict Constructively

    Enable leaders to resolve conflicts while minimizing costs

    If you are successful in your talent acquisition, you likely have a variety of personalities and diverse individuals within your IT organization and in the business, which means that conflict is inevitable. However, conflict does not have to be negative – it can take on many forms. The presence of conflict in an organization can actually be a very positive thing: the ability to freely express opinions and openly debate can lead to better, more strategic decisions being made.

    The effect that the conflict is having on individuals and the work environment will determine whether the conflict is positive or counterproductive.

    As a new manager you need to know how to manage potential negative outcomes of conflict by managing difficult conversations and understanding how to respond to conflict in the workplace.


    The tactics you will learn in this section will help you to:

    1. Apply strategies to prepare for and navigate through difficult conversations.
    2. Expand your comfort level when handling conflict, and engage in constructive conflict resolution approaches.

    Benefits:

    • Relieve stress for yourself and your co-workers.
    • Save yourself time and energy.
    • Positively impact relationships with your employees.
    • Improve your team dynamic.
    • Remove roadblocks to your work and get things done.
    • Save the organization money.
    • Improve performance.
    • Prevent negative issues from reoccurring.

    Manage Conflict Constructively

    Addressing difficult conversations is beneficial to you, your people, and the organization

    When you face a difficult conversation you…

    • Relieve stress on you and your co-workers.
    • Save yourself time and energy.
    • Positively impact relationships with your employees.
    • Improve your team dynamic.
    • Remove roadblocks to your work
    • Save the organization money.
    • Improve performance.
    • Prevent negative issues from reoccurring.

    40% Of employees who experience conflict report being less motivated as a result (Acas, 2021).

    30.6% Of employees report coming off as aggressive when trying to resolve a conflict
    (Niagara Institute, 2022).

    Manage Conflict Constructively

    The Manage Conflict Constructively Facilitation Guide covers the following topics:

    • Know Your Ideal Time Mix
    • Calendar Diligence
    • Effective Delegation
    • Limit Interruptions

    Learning outcomes:

    Main goal: Effectively manage your time and know which tasks are your priority and which tasks to delegate.

    Key objectives:

    • Understand common reasons for difficult conversations.
    • Learn Info-Tech’s six-step process to best to prepare for difficult conversations.
    • Follow best practices to approach difficult conversations.
    • Learn the five approaches to conflict management.
    • Practice conflict management skills.

    Info-Tech Insight

    Conflict does not have to be negative. The presence of conflict in an organization can actually be a very positive thing: the ability to freely express opinions and openly debate can lead to better, more strategic decisions being made.

    Master Time

    Effective leaders spend their time in specific ways

    How effective leaders average their time spent across the six key roles:

    Leaders with effective time management skills spend their time across six key manager roles: strategy, projects, management, operations, innovation, and personal. While there is no magic formula, providing more value to the business starts with little practices like:

    • Spending time with the right stakeholders and focusing on the right priorities.
    • Evaluating which meetings are important and productive.
    • Benchmarking yourself against your peers in the industry so you constantly learn from them and improve yourself.


    The keys to providing this value is time management and delegation. The tactics in this section will help first-time managers to:

    1. Discover your ideal time. By analyzing how you currently spend your time, you can see which roles you are under/over using and, using your job description and performance metrics, discover your ideal time mix.
    2. Practice calendar diligence. Time blocking is an effective way to use your time, see your week, and quickly understand what roles you are spending your time in. Scheduling priority tasks first gives insight into which tasks should be delegated.
    3. Effectively delegation. Clear expectations and knowing the strengths of your team are the cornerstone to effective delegation. By understanding the information you need to communicate and identifying the best person on your team to delegate to, tasks and goals will be successfully completed.
    4. Limit interruptions. By learning how to limit interruptions from your team and your manager, you are better able to control your time and make sure your tasks and goals get completed.

    Strategy

    23%

    Projects

    23%

    Management

    19%

    Operations

    19%

    Innovation

    13%

    Personal

    4%

    Source: Info-Tech, N=85

    Master Time

    Signs you struggle with time management

    Too many interruptions in a day to stay focused.

    Too busy to focus on strategic initiatives.

    Spending time on the wrong things.

    The image contains a screenshot of a bar graph that demonstrates struggle with time management.

    Master Time

    The Master Time Facilitation Guide covers the following topics:

    • Understand Communication Styles
    • Tailor Communication Methods to Activities
    • Make Meetings Matter

    Learning outcomes:

    Main goal: Become a better communicator across a variety of personal styles and work contexts.

    Key objectives:

    • Understand how you spend your time.
    • Learn how to use your calendar effectively.
    • Understand the actions to take to successfully delegate.
    • Learn how to successfully limit interruptions.

    Info-Tech Insight

    There is a right and wrong way to manage your calendar as a first-time manager and it has nothing to do with your personal preference.

    Accountability

    Accountability creates organizational and team benefits

    Improves culture and innovation

    Improves individual performance

    Increases employee engagement

    Increases profitability

    Increases trust and productivity

    Enables employees to see how they contribute

    Increases ownership employees feel over their work and outcomes

    Enables employees to focus on activities that drive the business forward

    Source: Forbes, 2019

    Accountability

    Accountability increases employee empowerment

    Employee empowerment is the number one driver of employee engagement. The extent to which you can hold employees accountable for their own actions and decisions is closely related to how empowered they are and how empowered they feel; accountability and empowerment go hand in hand. To feel empowered, employees must understand what is expected of them, have input into decisions that affect their work, and have the tools they need to demonstrate their talents.

    The image contains a screenshot to demonstrate how accountability increases employee empowerment.

    Source: McLean & Company Engagement Database, 2018; N=71,794

    Accountability

    The Accountability Facilitation Guide covers the following topics:

    • Create Clarity and Transparency
    • Articulate Expectations and Evaluation
    • Help Your Team Remove Roadblocks
    • Clearly Introduce Accountability to Your Team

    Learning outcomes:

    Main goal: Create a personal accountability plan and learn how to hold yourself and your team accountable.

    Key objectives:

    • Understand why accountability matters.
    • Learn how to create clarity and transparency.
    • Understand how to successfully hold people accountable through clearly articulating expectations and evaluation.
    • Know how to remove roadblocks to accountability for your team.

    Info-Tech Insight

    Accountability is about focusing on the results of a task, rather than just completing the task. Create team accountability by keeping the team focused on the result and not “doing their jobs.” First-time managers need to clearly communicate expectations and evaluation to successfully develop team accountability.

    Use the Build a Better Manager Participant Workbooks to help participants set accountabilities and track their progress

    A key feature of this blueprint is built-in guidance on transferring your managers’ new knowledge into practical skills and habits they can fall back on when their job requires it.

    The Participant Workbooks, one for each module, are structured around the three key principles of learning transfer to help participants optimally structure their own learning:

    • Track your learning. This section guides participants through conducting self-assessments, setting learning goals, recording key insights, and brainstorming relapse-prevention strategies
    • Establish your personal commitment. This section helps participants record the actions they personally commit to taking to continually practice their new skills
    • Secure organizational support. This section guides participants in recording the steps they will take to seek out support from their supervisor and peers.

    The image contains a screenshot of the Build a Better Manager Participant Workbooks.

    Info-Tech Insight

    Participants should use this workbook throughout their training and continue to review it for at least three months after. Practical skills take an extended amount of time to solidify, and using the workbook for several months will ensure that participants stay on track with regular practice and check-ins.

    Set your trainees up for success by reviewing these training best practices

    Cultural alignment

    It is critical that the department leadership team understand and agree with the best practices being presented. Senior team leads should be comfortable coaching first-time managers in implementing the skills developed through the training. If there is any question about alignment with departmental culture or if senior team leads would benefit from a refresher course, conduct a training session for them as well.

    Structured training

    Ensure the facilitator takes a structured approach to the training. It is important to complete all the activities and record the outputs in the workbook where appropriate. The activities are structured to ensure participants successfully use the knowledge gained during the workshop to build practical skills.

    Attendees

    Who should attend the training? Although this training is designed for first-time IT managers, you may find it helpful to run the training for the entire management team as a refresher and to get everyone on the same page about best practices. It is also helpful for senior leadership to be aware of the training because the attendees may come to their supervisors with requests to discuss the material or coaching around it.

    Info-Tech Insight

    Participants should use this workbook throughout their training and continue to review it for at least three months after. Practical skills take an extended amount of time to solidify, and using the workbook for several months will ensure that participants stay on track with regular practice and check-ins.

    1.2 Customize the facilitation guides

    1-3 hours

    Prior to facilitating your first session, ensure you complete the following steps:

    1. Read through all the module content, including the speaker’s notes, to familiarize yourself with the material and ensure the tactics presented align with your department’s culture and established best practices.
    2. Customize the slides with a pencil icon with information relevant to your organization.
    3. Ensure you are comfortable with all material to be presented and are prepared to answer questions. If you require clarification on any of the material, book a call with your Info-Tech analyst for guidance.
    4. Ensure you do not delete or heavily customize the self-assessment activities and the activities in the Review and Action Plan section of the module. These activities are structured around a skill building framework and designed to aid your trainees in applying their new knowledge in their day to day. If you have any concerns about activities in these sections, book a call with your Info-Tech analyst for guidance.
    Input Output
    • List of selected modules
    • Customized facilitation guides
    Materials Participants
    • Facilitation guides from selected modules
    • Training facilitator

    1.3 Prepare to deliver training

    1-3 hours

    Complete these steps in preparation for delivering the training to your first-time managers:

    1. Select a facilitator.
      • The right person to facilitate the meeting depends on the dynamics within your department. Having a senior IT leader can lend additional weight to the training best practices but may not be feasible in a large department. In these cases, an HR partner or external third party can be asked to facilitate.
    2. Distribute the workbooks to attendees before the first training session.
      • Change the header on the workbook templates to your own organization’s, if desired.
      • Email the workbooks to attendees prior to the first session. There is no pre-work to be completed.
    Input Output
    • List of selected modules
    • Facilitator selected
    • Workbook distributed
    Materials Participants
    • Workbooks from selected modules
    • Training sponsor
    • Training facilitator

    Phase 2

    Deliver training

    Phase 1 Phase 2 Phase 3
    • Select training topics
    • Customize the training facilitation guide for your organization
    • Deliver training modules
    • Confirm skill development action plan with trainees
    • Secure organizational support from trainees' supervisors

    Outcomes of this phase:

    • Training delivered
    • Development goals set by attendees
    • Action plan created by attendees

    2.1 Deliver training

    3 hours

    When you are ready, deliver the training. Ensure you complete all activities and that participants record the outcomes in their workbooks.

    Tips for activity facilitation:

    • Encourage and support participation from everyone. And be sure no one on the team dismisses anyone’s thoughts or opinions – they present the opportunity for further discussion and deeper insight.
    • Debrief after each activity, outlining any lessons learned, action items, and next steps.
    • Encourage participants to record all outcomes, key insights, and action plans in their workbooks.
    Input Output
    • Facilitation guides and workbooks for selected modules
    • Training delivered
    • Workbooks completed
    Materials Participants
    • Facilitation guides and workbooks for selected modules
    • Training facilitator
    • Trainees

    Phase 3

    Enable long-term skill development

    Phase 1Phase 2Phase 3
    • Select training topics
    • Customize the training facilitation guide for your organization
    • Deliver training modules
    • Confirm skill development action plan with trainees
    • Secure organizational support from trainees' supervisors

    Outcomes of this phase:

    • Attendees reminded of action plan and personal commitment
    • Supervisors reminded of the need to support trainees' development

    3.1 Email trainees with action steps

    0.5 hours

    After the training, send an email to attendees thanking them for participating and summarizing key next steps for the group. Use the template below, or write your own:

    “Hi team,

    I want to thank you personally for attending the Communicate Effectively training module. Our group led some great discussion.

    A reminder that the next time you will reconvene as a group will be on [Date] to discuss your progress and challenges to date.

    Additionally, your manager is aware and supportive of the training program, so be sure to follow through on the commitments you’ve made to secure the support you need from them to build your new skills.

    I am always open for questions if you run into any challenges.

    Regards,

    [Your name]”

    InputOutput
    • The date of participants’ next discussion meeting
    • Attendees reminded of next meeting date and encouraged to follow through on action plan
    MaterialsParticipants
    • Training facilitator

    3.2 Secure support from trainees’ supervisors

    0.5 hours

    An important part of the training is securing organizational support, which includes support from your trainees’ supervisors. After the trainees have committed to some action items to seek support from their supervisors, it is important to express your support for this and remind the supervisors of their role in guiding your first-time managers. Use the template below, or write your own, to remind your trainees’ supervisors of this at the end of training (if you are going through all three modules in a short period of time, you may want to wait until the end of the entire training to send this email):

    “Hi team,

    We have just completed Info-Tech’s first-time manager training with our new manager team. The trainees will be seeking your support in developing their new skills. This could be in the form of coaching, feedback on their progress, reviewing their development plan, etc.

    Supervisor support is a crucial component of skill building, so I hope I can count on all of you to support our new managers in their learning. If you are not sure how to handle these requests, or would like a refresher of the material our trainees covered, please let me know.

    I am always open for questions if you run into any challenges.

    Regards,

    [Your name]”

    InputOutput
    • List of trainees’ direct supervisors
    • Supervisors reminded to support trainees’ skill practice
    MaterialsParticipants
    • Training facilitator

    Contributors

    Brad Armstrong

    Brad Armstrong, Senior Engineering Manager, Code42 Software

    I am a pragmatic engineering leader with a deep technical background, now focused on building great teams. I'm energized by difficult, high-impact problems at scale and with the cloud technologies and emerging architectures that we can use to solve them. But it's the power of people and organizations that ultimately lead to our success, and the complex challenge of bringing all that together is the work I find most rewarding.

    We thank the expert contributors who chose to keep their contributions anonymous.

    Bibliography

    360Solutions, LLC. “The High Cost of Poor Communication: How to Improve Productivity and Empower Employees Through Effective Communication.” 360Solutions, 2009. Web.

    Ali, M., B. Raza, W. Ali, and N. Imtaiz. Linking Managerial Coaching with Employees’ Innovative Work Behaviors through Affective Supervisory Commitment: Evidence from Pakistan. International Review of Management and Marketing, vol. 10, no. 4, 2020, pp. 11-16.

    Allen, Frederick E. “The Terrible Management Technique That Cost Microsoft Its Creativity.” Forbes.com, 3 July 2012. Web.

    Allen, Renee. “Generational Differences Chart.” West Midland Family Center, n.d. Web.

    American Management Association. “Leading the Four Generations at Work.” American Management Association, Sept. 2014. Web.

    Aminov, Iskandar, Aaron De Smet, Gregor Jost, and David Mendelsohn. “Decision making in the age of urgency.” McKinsey & Company, 30 April 2019. Web.

    AON Hewitt. “Aon Hewitt Study Reveals Strong Link Between Employee Engagement and Employee Perceptions of Total Rewards. Honest Leader Communication Also Influences Engagement.” PR Newswire, 8 April 2015. Web.

    Armstrong, Brad. “How to Fail as a New Engineering Manager.” Noteworthy - The Journal Blog, 19 Feb. 2018. Web.

    Asmus, Mary Jo. “Coaching vs. Feedback.” Aspire-CS, 9 Dec. 2009. Web.

    Baldwin, Timothy T., et al. “The State of Transfer of Training Research: Moving Toward More Consumer-Centric Inquiry.” Human Resource Development Quarterly, vol. 28, no. 1, March 2017, pp. 17-28. Crossref, doi:10.1002/hrdq.21278.

    Batista, Ed. “Building a Feedback-Rich Culture from the Middle.” Ed Batista, April 2015. Web.

    Bilalic, Merim, Peter McLeod, and Fernand Gobet. Specialization Effect and Its Influence on Memory and Problem Solving in Expert Chess Players. Wiley Online Journal, 23 July 2009, doi: https://doi.org/10.1111/j.1551-6709.2009.01030.x

    Blume, Brian D., et al. “Transfer of Training: A Meta-Analytic Review.” Journal of Management, vol. 36, no. 4, July 2010, pp. 1065-105. Crossref, doi:10.1177/0149206309352880.

    BOH Training Guide. Wild Wing, Jan. 2017. Web.

    Bosler, Shana. “9 Strategies to Create Psychological Safety at Work.” Quantum Workplace, 3 June 2021. Web.

    Building Communication Skills. ACQUIRE Project/EngenderHealth, n.d. Web.

    Bucaro, Frank C. “The real issue in conflict is never about things…” Frank Bucaro blog, 7 March 2014. Web.

    Burke, Lisa A., and Holly M. Hutchins. “Training Transfer: An Integrative Literature Review.” Human Resource Development Review, vol. 6, no. 3, Sept. 2007, pp. 263-96. Crossref, doi:10.1177/1534484307303035.

    Caprino, Kathy. “Separating Performance Management from Compensation: New Trend for Thriving Organizations.” Forbes, 13 Dec. 2016. Web.

    Caprino, Kathy. “Why the Annual Review Process Damages Employee Engagement.” Forbes, 1 March 2016. Web.

    Carpineanu, Silvana. “7 Mistakes You Might Be Making When Writing A Meeting Agenda.” Time Doctor, 12 January 2021. Web.

    Cecchi-Dimeglio, Paola. “How Gender Bias Corrupts Performance Reviews, and What to Do About It.” Harvard Business Review, 12 April 2017. Web.

    Chartered Institute of Personnel and Development (CIPD). “PESTLE Analysis.” Chartered Institute of Personnel and Development, 2010. Web.

    Chiaburu, Dan S., et al. “Social Support in the Workplace and Training Transfer: A Longitudinal Analysis: Social Support and Training Transfer.” International Journal of Selection and Assessment, vol. 18, no. 2, June 2010, pp. 187-200. Crossref, doi:10.1111/j.1468-2389.2010.00500.x.

    Christensen, Ulrik Juul. “How to Teach Employees Skills They Don’t Know They Lack.” Harvard Business Review, 29 Sept. 2017. Web.

    CIPD. “Rapid evidence assessment of the research literature on the effect of goal setting on workplace performance.” Charted Institute of Personnel and Development, Dec. 2016. Web.

    CIPD. Annual Survey Report: Learning & Development 2015. Charted Institute of Personnel and Development, 2015. Web.

    Communication and Organizational Skills: NPHW Training Manual. Population Health Research Institute (PHRI), 17 Sept. 2015. Web.

    Cookson, Phil. “It’s time to see performance management as a benefit, not a burden.” CIPD. 17 March 2017. Web.

    Communication Statistics 2021. Project.co, 2021. Web.

    Connors, Roger. “Why Accountability?” The Oz Principle, Partners In Leadership, 2014.

    Coutifaris, Constantinos G. V., and Adam M. Grant “Taking Your Team Behind the Curtain: The Effects of Leader Feedback-Sharing and Feedback-Seeking on Team Psychological Safety.” Organization Science, vol. 33,
    no. 4, 2021, pp. 1574-1598. https://doi.org/10.1287/orsc.2021.1498

    Coy, Charles. “Peer Feedback: 6 Tips for Successful Crowdsourcing.” Rework, 25 June 2014. Web.

    “CQ Learn What Really Matters.” CQ Evidence-Based Management Learning Platform, n.d. Web.

    Darwant, Sarah. Coaching Training Course Book. Elite Training, 2012. Web.

    De Smet, Aaron, et al. How Companies Manage the Front Line Today: McKinsey Survey Results. McKinsey, Feb. 2010. Web.

    DeNault, Charles. “Employee Coaching Survey Results: Important and Engaging.” Saba, 22 April 2015. Web.

    Dermol, Valerij, and Tomaž Čater. “The Influence of Training and Training Transfer Factors on Organisational Learning and Performance.” Personnel Review, vol. 42, no. 3, April 2013, pp. 324–48. Crossref, doi:10.1108/00483481311320435.

    dgdotto. “Fail to Plan, Plan to Fail.” visual.ly, 30 April 2013. Web.

    Duggan, Kris. “Why the Annual Performance Review is Going Extinct.” Fast Company, 20 Oct. 2015. Web.

    Duhigg, Charles. “What Google Learned From Its Quest to Build the Perfect Team.” The New York Times, 25 Feb. 2016. Web.

    Earley, P. Christopher, and Randall S. Peterson. “The Elusive Cultural Chameleon: Cultural Intelligence as a New Approach to Intercultural Training for the Global Manager.” Academy of Management Learning & Education, vol. 3, no. 1, March 2004, pp. 100-15. Crossref, doi:10.5465/amle.2004.12436826.

    Edmondson, Amy. “Psychological Safety and Learning Behavior in Work Teams.” Administrative Science Quarterly, vol. 44, no. 2, June 1999, pp. 350-383. Web.

    “Effective Employee Communications Fosters Corporate Reputation.” The Harris Poll, 10 June 2015. Web.

    Eichenwald, Kurt. “How Microsoft Lost its Mojo: Steve Ballmer and Corporate American’s Most Spectacular Decline.” Vanity Fair, 24 July 2012. Web.

    Essential Supervisory Skills. University of Washington, 2016. Web.

    “Estimating the Costs of Workplace Conflict.” Acas, 11 May 2021. Web.

    Falcone, Paul. “Viewpoint: How to Redesign Your Performance Appraisal Template.” Society for Human Resource Management, 7 June 2017. Web.

    Fermin, Jeff. “Statistics On The Importance Of Employee Feedback.” Officevibe, 7 Oct. 2014. Web.

    Filipkowski, Jenna, et al. Building a Coaching Culture with Millennial Leaders. Human Capital Institute, 18 Sept. 2017. Web.

    First Time Manager Training to Help New Managers Develop Essential Skills. The Ken Blanchard Companies, n.d. Web.

    Fisher, Dan. Feedback vs. Coaching, What’s the Difference? Menemsha Group, 28 June 2018. Web.

    Freedman, Erica. “How to Build an Internal Leadership Development Program.” Chief Executive, 2016. Web.

    "Futureproof Your Organization with These 8 Manager Effectiveness Metrics.” Visier Inc., 8 Aug. 2017. Web.

    Gallo, Amy. “How to Manage Your Former Peers.” Harvard Business Review, Dec. 2012. Web.

    Gandhi, Vipula. “Want to Improve Productivity? Hire Better Managers.” Gallup, 3 Aug. 2018. Web.

    Gallup. State of the Global Workplace. 1st edition, Gallup Press, 2017. Web.

    Global Workplace Analytics. “Latest Telecommuting Statistics.” Global Workplace Analytics. Sept. 2013. Web.

    Goldsmith, Marshall. “Try Feedforward Instead of Feedback.” Leader to Leader Institute, 5 April 2011. Web.

    Goldsmith, Marshall. "11 Guidelines for Influencing Top Decision Makers." Marshall Goldsmith, n.d. Web.

    Goldsmith, Marshall. "I Know Less Than You Do – and It’s Okay!" Marshall Goldsmith, n.d. Web.

    Goldsmith, Marshall. "Is It Worth It to Add Value? Not Always." Marshall Goldsmith, n.d. Web.

    Goler, L., J. Gale, and A. Grant. “Let’s Not Kill Performance Evaluations Yet.” Harvard Business Review, Nov. 2016. Web.

    Good Manager, Bad Manager. Grovo, 2016. Web.

    Google People Operations. “Guide: Understand Team Effectiveness.” Google, n.d. Web.

    Google’s New Manager Student Workbook. re:Work with Google, n.d. Web.

    Google’s New Manager Training Facilitator Guide. re:Work with Google, n.d. Web.

    Gossen, Paul. A Coaching Culture Transformation ~ Case Study. Athena Training and Consulting, 1 April 2011. Web.

    Goudreau, Jenna. “How to Communicate in the New Multi-Generational Office.” Forbes Magazine, Feb. 2013. Web.

    Govaerts, Natalie, and Filip Dochy. “Disentangling the Role of the Supervisor in Transfer of Training.” Educational Research Review, vol. 12, June 2014, pp. 77-93. Crossref, doi:10.1016/j.edurev.2014.05.002.

    Grenchus, Gabrielle. “Keep employees engaged with clear priorities and crowdsourced recognition.” IBM thinkLeaders. 8 June 2015. Web.

    Grossman, Rebecca, and Eduardo Salas. “The Transfer of Training: What Really Matters: The Transfer of Training.” International Journal of Training and Development, vol. 15, no. 2, June 2011, pp. 103-20. Crossref, doi:10.1111/j.1468-2419.2011.00373.x.

    Grote, Dick. “3 Popular Goal-Setting Techniques Managers Should Avoid.” Harvard Business Review. 2 Jan. 2017. Web.

    Hall, John. “Why Accountability Is Vital To Your Company.” Forbes, 6 Oct. 2019. Web.

    Hancock, Bryan, et al. “The Fairness Factor in Performance Management.” McKinsey, 5 April 2018. Web.

    Harkins, Phil. “10 Leadership Techniques for Building High-Performing Teams.” Linkage Inc., 2014. Web.

    HCI. Building a Coaching Culture with Managers and Leaders. Human Capital Institute, 2016. Web.

    Heathfield, Susan M. “Tips to Create Successful Performance Appraisal Goals.” The Balance, Aug. 2016. Web.

    Hills, Jan. Brain-Savvy Business: 8 Principles From Neuroscience and How to Apply Them. Head Heart + Brain, 2016. Print.

    Hoffman, Mitchell, and Steven Tadelis. People Management Skills, Employee Attrition, and Manager Rewards: An Empirical Analysis. p. 96.

    “How to Create an Effective Feedback Culture.” eXplorance Inc. Feb. 2013. Web.

    “Importance of Performance Management Process & Best Practices To Optimize Monitoring Performance Work Reviews/Feedback and Goal Management.” SAP Success Factors, n.d. Web.

    Jacobson, Darcy. “How Bad Performance Management Killed Microsoft’s Edge.” Globoforce Blog, 5 July 2012. Web.

    Jaidev, Uma Pricilda, and Susan Chirayath. Pre-Training, During-Training and Post-Training Activities as Predictors of Transfer of Training. no. 4, 2012, p. 18.

    Jensen, Michael C. “Paying People to Lie: The Truth about the Budgeting Process.” European Financial Management, vol. 9, no. 3, 2003, pp. 379-406. Print.

    Kahneman, Daniel, and Ram Charan. HBR's 10 Must Reads on Making Smart Decisions. Harvard Business Review, 26 March 2013. Ebook.

    Kirkpatrick, J., and W. Kirkpatrick. “The Kirkpatrick Four Levels: A Fresh Look After 50 Years 1959-2009.” Kirkpatrickpartners.com, 2009. Web.

    Kirwan, Cyril. Improving Learning Transfer. Routledge, 2016.

    Kline, Theresa J.B., and Lorne M. Sulsky. “Measurement and Assessment Issues in Performance Appraisal.” Canadian Psychology, vol. 50, no. 3, 2009, pp. 161-171. Proquest. Web.

    Kowalski, Kyle. “Create a Daily Routine with Calendar Time Blocking (+ 7 Pro Tips).” Sloww, 29 May 2018. Web.

    Krentz, Susanna E., et al. ”Staying on Course with Strategic Metrics.” Healthcare Financial Management, vol. 60, no. 5, 2006, pp. 86-94. Proquest. Web.

    Kuligowski, Kiely. Tips for First-Time Managers. 15 Feb. 2019. Web.

    Laker, Dennis R., and Jimmy L. Powell. “The Differences between Hard and Soft Skills and Their Relative Impact on Training Transfer.” Human Resource Development Quarterly, vol. 22, no. 1, March 2011, pp. 111-22. Crossref, doi:10.1002/hrdq.20063.

    Lawrence, Paul. “Managerial coaching – A literature review.” International Journal of Evidence Based Coaching and Mentoring, vol. 15, no. 2, 2017, pp. 43-66. Web.

    Ledford, Gerald E. Jr., George Benson, and Edward E. Lawler III. “Cutting-Edge Performance Management.” WorldatWork Research, Aug. 2016. Web.

    Lee, W.R.; Choi, S.B.; Kang, S.-W. How Leaders’ Positive Feedback Influences Employees’ Innovative Behavior: The Mediating Role of Voice Behavior and Job Autonomy. Sustainability, vol. 13, no. 4, 2021, pp. 1901. https://doi.org/10.3390/su13041901

    Leopold, Till Alexander, Vesselina Ratcheva, and Saadia Zahidi. The Future of Jobs. World Economic Forum, 2016. Web.

    Levy, Dan. “How to Build a Culture That Embraces Feedback.” Inc. Magazine, March 2014. Web.

    Lighthouse Research & Advisory. “Insights from the CHRO Panel at Workhuman 2017.” Lighthouse Research & Advisory, June 2017. Web.

    Lipman, Victor. “For New Managers, Boundaries Matter (A Lot).” Forbes, 19 March 2018. Web.

    Lipman, Victor. “The Hardest Thing For New Managers.” Forbes, 1 June 2016. Web.

    Lipman, Victor. “The Move To New Manager May Be The Hardest Transition In Business.” Forbes, 2 Jan. 2018. Web.

    Lyons, Rich. “Feedback: You Need To Lead It.” Forbes, 10 July 2017. Web.

    “Managing Email Effectively.” MindTools, n.d. Web.

    Managing Performance Workbook. Trainer Bubble, 16 Feb. 2013. Web.

    Mayfield, Clifton, et al. “Psychological Collectivism and Team Effectiveness: Moderating Effects of Trust and Psychological Safety.” Journal of Organizational Culture, Communications and Conflict, vol. 20, no. 1, Jan. 2016, pp. 78-94. Web.

    McAlpin, Kevin and Hans Vaagenes. “Critical Decision Making.” Performance Coaching International. 17 Nov. 2017. Web.

    McCoy, Jim. “How to Align Employee Performance with Business Strategy.” Workforce Management, vol. 86, no. 12, 2007, pp. S5. Proquest. Web.

    “Measuring Time-To-Full Productivity.” FeverBee, n.d. Web.

    Meister, Jeanne. The 2020 Workplace: How Innovative Companies Attract, Develop, and Keep Tomorrow's Employees Today. HarperBusiness, 2010. Print.

    Meyer, Erin. “The Four Keys To Success With Virtual Teams.” Forbes Magazine, 19 Aug. 2010. Web.

    Morris, Donna. “Death to the Performance Review: How Adobe Reinvented Performance Management and Transformed Its Business.” WorldatWork, 2016, p. 10. Web.

    Myers-Briggs Company. “New Research: Time Spent on Workplace Conflict Has Doubled Since 2008.” Yahoo! Finance, 18 Oct. 2022. Web.

    Murdoch, Elisabeth. “Elisabeth Murdoch's MacTaggart lecture: full text.” The Guardian, 23 Aug. 2012. Web.

    NASA Governance and Strategic Management Handbook (NPD 1000.0B). NASA, June 2014. Web.

    NASA Space Flight Program and Project Management Handbook (NASA/SP-2014-3705). NASA, Sept. 2014. Web.

    New Manager Training: Management & Leadership Skills. Schulich School of Business, n.d. Web.

    O’Hanlon, Margaret. “It’s a Scandal! Manager Training Exposed! [Implementation Part 4].” Compensation Cafe, 16 Feb. 2012. Web.

    Ordonez, Lisa D., et al. “Goals Gone Wild: The Systematic Side Effects of Over-Prescribing Goal Setting.” Social Science Research Network. Harvard Business School, 11 Feb. 2009. Web.

    Paczka, Nina. “Meeting in the Workplace | 2023 Statistics.” LiveCareer, 25 July 2022. Web.

    Pavlou, Christina. “How to Calculate Employee Turnover Rate | Workable.” Recruiting Resources: How to Recruit and Hire Better, 13 July 2016. Web.

    Performance Management 101 Workbook. Halogen Software, 2015. Web.

    Personal Development and Review. Oxford Learning Institute, n.d. Web.

    Personal Development Plan. MindTools, 2014. Web.

    Porath, Christine, et al. “The Effects of Civility on Advice, Leadership, and Performance.” Journal of Applied Psychology, vol. 44, no. 5, Sept. 2015, pp. 1527-1541. Web.

    Project Management Institute. “PMI’s Pulse of The Profession: In-Depth Report.” PMI, May 2013. Web. June 2015.

    Quay, C. C., and A. Yusof. “The influence of employee participation, rewards and recognition, job security, and performance feedback on employee engagement.” Issues and Perspectives in Business and Social Sciences, vol. 2, no. 1, 2022, pp. 20. https://doi.org/10.33093/ipbss.2022.2.1.3

    Quinn, R. E., and J. Rohrbaugh. “A spatial model of effectiveness criteria: Towards a competing values approach to organizational analysis.” Management Science, vol. 29, 1983, pp. 363–377.

    Re:Work Guide: Develop and Support Managers. re:Work with Google, n.d. Web.

    Reardon, Kathleen Kelley. “7 Things to Say When a Conversation Turns Negative.” Harvard Business Review, 11 May 2016. Web.

    Reh, F. John. “Here Is a List of Mistakes New Managers Make and How to Avoid Them.” The Balance Careers, 30 Dec. 2018. Web.

    Richards, Leigh. “Why Is Employee Empowerment a Common Cornerstone of Organizational Development & Change Programs?” Houston Chronicle, Hearts Newspapers, LLC. 5 July 2013. Web.

    Robson, Fiona. Southwood School – A Case Study: Performance Management Systems. Society for Human Resource Management, 2009. Crossref, doi:10.4135/9781473959552.

    Rock, David, and Beth Jones. “Why More and More Companies are Ditching Performance Ratings.” Harvard Business Review, 8 Sept. 2015. Web.

    Rock, David. “SCARF: A Brain-Based Model for Collaborating With and Influencing Others.” NeuroLeadership Journal, 2008. Web..

    Romão, Soraia, Neuza Ribeiro, Daniel Roque Gomes, and Sharda Singh. “The Impact of Leaders’ Coaching Skills on Employees’ Happiness and Turnover Intention.” Administrative Sciences, vol. 12, no. 84, 2022. https://doi.org/10.3390/ admsci12030084

    Romero, Joseluis. “Yes - you can build a feedback culture.” Skills 2 Lead, Aug. 2014. Web.

    Runde, Craig E., and Tim A. Flanagan. “Conflict Competent Leadership.” Leader to Leader, Executive Forum, Winter 2008. PDF.

    Saks, Alan M., and Lisa A. Burke-Smalley. “Is Transfer of Training Related to Firm Performance?: Transfer and Firm Performance.” International Journal of Training and Development, vol. 18, no. 2, June 2014, pp. 104–15. Crossref, doi:10.1111/ijtd.12029.

    Saks, Alan M., et al. “The Transfer of Training: The Transfer of Training.” International Journal of Training and Development, vol. 18, no. 2, June 2014, pp. 81–83. Crossref, doi:10.1111/ijtd.12032.

    Salomonsen, Summer. Grovo’s First-Time Manager Microlearning® Program Will Help Your New Managers Thrive in 2018. Grovo, 2018. Web.

    Schwartz, Dan. “3 Topics Every New Manager Training Should Include.” Training Industry, 12 April 2017. Web.

    Scott, Dow, Tom McMullen, and Mark Royal. “Retention of Key Talent and the Role of Rewards.” WorldatWork, June 2012. Web.

    “Seeking Agility in Performance Management.” Human Resource Executive, 2016. Web.

    “Should You Always Involve Your Team in Decision Making?” Upskillist, 25 April 2022. Web.

    “SHRM Workplace Forecast.” The Top Workplace Trends According to HR Professionals, May 2013. Web.

    Singhal, Nikhyl. “Eight Tips for First Time Managers.” Medium, 20 Aug. 2017. Web.

    Singhania, Prakriti, et al. “2020 Global Marketing Trends.” Deloitte, 2019. Web.

    SMART Goals: A How to Guide. University of California, n.d. Web.

    Smith, Benson, and Tony Rutigliano. “Scrap Your Performance Appraisal System.” Gallup, 2002. Article.

    “State of the Modern Meeting 2015.” BlueJeans, Aug. 2015. Web.

    Sternberg, Larry, and Kim Turnage. “Why Make Managers A Strategic Priority?” Great Leadership, 12 Oct. 2017. Web.

    Sullivan, Dr. John. “Facebook’s Difference: A Unique Approach For Managing Employees.”TLNT, Sept. 2013. Web.

    Tal, David. “A 'Culture of Coaching' Is Your Company's Most Important Ingredient for Success.” Entrepreneur, 27 Sept. 2017. Web.

    Tenut, Jeff. “How Management Development Training Reduces Turnover.” DiscoverLink, 3 July 2018. Web.

    “The 5 Biggest Biases That Affect Decision-Making.” NeuroLeadership Institute, 2 August 2022. Web.

    “The Different Impact of Good and Bad Leadership.” Barna Group, 2015. Web.

    “The Engaged Workplace.” Gallup, 2017. Web.

    “The Individual Development Plan Guide.” Wildland Fire Leadership Development Program, April 2010, p. 15.

    The State of Business Communication. Grammarly, 2022. Web.

    Thomas, Kenneth. “Conflict and Conflict Management.” The Handbook of Industrial and Organizational Psychology, Rand McNally, 1976. In “The Five Conflict-Handling Modes.” The Myers Briggs Company, n.d. PDF.

    Thompson, Rachel. “What Is Stakeholder Management?” MindTools, n.d. Web.

    Tollet, Francoise. “Distracted? Learn how to (re)focus.” Business Digest, 12 July 2021. Podcast.

    Tonhauser, Cornelia, and Laura Buker. Determinants of Transfer of Training: A Comprehensive Literature Review, p. 40.

    Towers Watson. “Clear Direction in a Complex World: How Top Companies Create Clarity, Confidence and Community to Build Sustainable Performance.” Change and Communication ROI Study Report, 2011-2012. Web.

    Trudel, Natalie. “Improve Your Coaching Skills by Understanding the Psychology of Feedback.” TLNT, 12 July 2017. Web.

    “Understanding When to Give Feedback.” Harvard Business Review, Dec. 2014. Web.

    Vacassin, Daniel. “There are no 'good' performance management systems – there are just good line managers.” LinkedIn, 4 Oct. 2016. Web.

    van der Locht, Martijn, et al. “Getting the Most of Management Training: The Role of Identical Elements for Training Transfer.” Personnel Review, vol. 42, no. 4, May 2013, pp. 422–39. Crossref, doi:10.1108/PR-05-2011-0072.

    Vaughan, Liam. “Banks Find New Ways to Measure Staff.” Financial News, 10 Jan. 2011. Web.

    Watkins, Michael, et al. “Hit the Ground Running:Transitioning to New Leadership Roles.” IMD Business School, May 2014. Web.

    Whitney, Kelley. “Kimberly-Clark Corp.: Redesigning Performance Management.” Talent Management Magazine, vol. 2, no. 1, 2006. Web.

    “Whole Foods 2015 Report.” The Predictive Index, n.d. Web.

    “Whole Foods Market Reports Fourth Quarter and Fiscal Year 2016 Results.” Whole Foods, 2 Feb. 2016. Web.

    Wisniewski, Dan. “Here's why everybody hates meetings.” HR Morning, 14 Dec. 2012. Web.

    Woolum, Janet, and Brent Stockwell. Aligning Performance Measurement to Mission, Goals, and Strategy Workbook. Arizona State University, Jan. 2016. Web.

    Worall, Les, et al. The Quality of Working Life. Chartered Management Institute, 2016. Web.

    “Workplace Conflict Statistics: How We Approach Conflict at Work.” Niagara Institute, 11 Aug. 2022. Web.

    “You Waste a Lot of Time at Work Infographic.” Atlassian, 23 August 2012. Web.

    Zenger, Jack, and Joe Folkman. “Feedback: The Leadership Conundrum.” Talent Quarterly: The Feedback Issue, 2015. Web.

    Zuberbühler, P., et al. “Development and validation of the coaching-based leadership scale and its relationship with psychological capital, work engagement, and performance.” Current Psychology, vol. 42, no. 10, 2021, pp. 1-22.

    Security Priorities 2023

    • Buy Link or Shortcode: {j2store}254|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $909 Average $ Saved
    • member rating average days saved: 1 Average Days Saved
    • Parent Category Name: Security Strategy & Budgeting
    • Parent Category Link: /security-strategy-and-budgeting
    • Most people still want a hybrid work model but there is a shortage in security workforce to maintain secure remote work, which impacts confidence in the security practice.
    • Pressure of operational excellence drives organizational modernization with the consequence of higher risks of security attacks that impact not only cyber but also physical systems.
    • The number of regulations with stricter requirements and reporting is increasing, along with high sanctions for violations.
    • Accurate assessment of readiness and benefits to adopt next-gen cybersecurity technologies can be difficult. Additionally, regulation often faces challenges to keep up with next-gen cybersecurity technologies implications and risks of adoption, which may not always be explicit.
    • Software is usually produced as part of a supply chain instead in a silo. Thus, a vulnerability in any part of the supply chain can become a threat surface.

    Our Advice

    Critical Insight

    • Secure remote work still needs to be maintained to facilitate the hybrid work model post pandemic.
    • Despite all the cybersecurity risks, organizations continue modernization plans due to the long-term overall benefits. Hence, we need to secure organization modernization.
    • Organizations should use regulatory changes to improve security practices, instead of treating them as a compliance burden.
    • Next-gen cybersecurity technologies alone are not the silver bullet. A combination of technologies with skilled talent, useful data, and best practices will give a competitive advantage.

    Impact and Result

    • Use this report to help decide your 2023 security priorities by:
      • Collecting and analyzing your own related data, such as your organization 2022 incident reports. Use Info-Tech’s Security Priorities 2023 material for guidance.
      • Identifying your needs and analyzing your capabilities. Use Info-Tech's template to explain the priorities you need to your stakeholders.
      • Determining the next steps. Refer to Info-Tech's recommendations and related research.

    Security Priorities 2023 Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Security Priorities 2023 Report – A report to help decide your 2023 security priorities.

    Each organization is different, so a generic list of security priorities will not be applicable to every organization. Thus, you need to:

  • Collect and analyze your own related data such as your organization 2022 incident reports. Use Info-Tech’s Security Priorities 2023 material for guidance.
  • Identify your needs and analyze your capabilities. Use Info-Tech's template to explain the priorities you need to your stakeholders.
  • Refer to Info-Tech's recommendations and related research for guidance on the next steps.
    • Security Priorities 2023 Report

    Infographic

    Further reading

    Security Priorities 2023

    How we live post pandemic

    Each organization is different, so a generic list of priorities will not be applicable to every organization.

    During 2022, ransomware campaigns declined from quarter to quarter due to the collapse of experienced groups. Several smaller groups are developing to recapture the lost ransomware market. However, ransomware is still the most worrying cyber threat.

    Also in 2022, people returned to normal activities such as traveling and attending sports or music events but not yet to the office. The reasons behind this trend can be many fold, such as employees perceive that work from home (WFH) has positive productivity effects and time flexibility for employees, especially for those with families with younger children. On the other side of the spectrum, some employers perceive that WFH has negative productivity effects and thus are urging employees to return to the office. However, employers also understand the competition to retain skilled workers is harder. Thus, the trend is to have hybrid work where eligible employees can WFH for a certain portion of their work week.

    Besides ransomware and the hybrid work model, in 2022, we saw an evolving threat landscape, regulatory changes, and the potential for a recession by the end of 2023, which can impact how we prioritize cybersecurity this year. Furthermore, organizations are still facing the ongoing issues of insufficient cybersecurity resources and organization modernization.

    This report will explore important security trends, the security priorities that stem from these trends, and how to customize these priorities for your organization.

    In Q2 2022, the median ransom payment was $36,360 (-51% from Q1 2022), a continuation of a downward trend since Q4 2021 when the ransom payment median was $117,116.
    Source: Coveware, 2022

    From January until October 2022, hybrid work grew in almost all industries in Canada especially finance, insurance, real estate, rental and leasing (+14.7%), public administration and professional services (+11.8%), and scientific and technical services (+10.8%).
    Source: Statistics Canada, Labour Force Survey, October 2022; N=3,701

    Hybrid work changes processes and infrastructure

    Investment on remote work due to changes in processes and infrastructure

    As part of our research process for the 2023 Security Priorities Report, we used the results from our State of Hybrid Work in IT Survey, which collected responses between July 10 and July 29, 2022 (total N=745, with n=518 completed surveys). This survey details what changes in processes and IT infrastructure are likely due to hybrid work.

    Process changes to support hybrid work

    A bar graph is depicted with the following dataset: None of the above - 12%; Change management - 29%; Asset management - 34%; Service request support - 41%; Incident management - 42%

    Survey respondents (n=518) were asked what processes had the highest degree of change in response to supporting hybrid work. Incident management is the #1 result and service request support is #2. This is unsurprising considering that remote work changed how people communicate, how they access company assets, and how they connect to the company network and infrastructure.

    Infrastructure changes to support hybrid work

    A bar graph is depicted with the following dataset: Changed queue management and ticketing system(s) - 11%; Changed incident and service request processes - 23%; Addition of chatbots as part of the Service Desk intake process - 29%; Reduced the need for recovery office spaces and alternative work mitigations - 40%; Structure & day-to-day operation of Service Desk - 41%; Updated network architecture - 44%

    For 2023, we believe that hybrid work will remain. The first driver is that employees still prefer to work remotely for certain days of the week. The second driver is the investment from employers on enabling WFH during the pandemic, such as updated network architecture (44%) and the infrastructure and day-to-day operations (41%) as shown on our survey.

    Top cybersecurity concerns and organizational preparedness for them

    Concerns may correspond to readiness.

    In the Info-Tech Research Group 2023 Trends and Priorities Survey of IT professionals, we asked about cybersecurity concerns and the perception about readiness to meet current and future government legislation regarding cybersecurity requirements.

    Cybersecurity issues

    A bar graph is depicted with the following dataset: Cyber risks are not on the radar of the executive leaders or board of directors - 3.19; Organization is not prepared to respond to a cyber attack - 3.08; Supply chain risks related to cyber threats - 3.18; Talent shortages leading to capacity constraints in cyber security - 3.51; New government or industry-imposed regulations - 3.15

    Survey respondents were asked how concerned they are about certain cybersecurity issues from 1 (not concerned at all) to 5 (very concerned). The #1 concern was talent shortages. Other issues with similar concerns included cyber risks not on leadership's radar, supply chain risks, and new regulations (n=507).

    Cybersecurity legislation readiness

    A bar graph is depicted with the following dataset: 1 (Not confident at all) - 2.4%; 2 - 11.2%; 3 - 39.7%; 4 - 33.3%; 5 (Very confident) - 13.4%

    When asked about how confident organizations are about being prepared to meet current and future government legislation regarding cybersecurity requirements, from 1 (not confident at all) to 5 (very confident), the #1 response was 3 (n=499).

    Unsurprisingly, the ever-changing government legislation environment in a world emerging from a pandemic and ongoing wars may not give us the highest confidence.

    We know the concerns and readiness…

    But what is the overall security maturity?

    As part of our research process for the 2023 Security Priorities Report, we reviewed results of completed Info-Tech Research Group Security Governance and Management Benchmark diagnostics (N=912). This report details what we see in our clients' security governance maturity. Setting aside the perception on readiness – what are their actual security maturity levels?

    A bar graph is depicted with the following dataset: Security Culture - 47%; Policy and Process Governance - 47%; Event and Incident Management - 58%; Vulnerability - 57%; Auditing - 52%; Compliance Management - 58%; Risk Analysis - 52%

    Overall, assessed organizations are still scoring low (47%) on Security Culture and Policy and Process Governance. This justifies why most security incidents are still due to gaps in foundational security and security awareness, not lack of advanced controls such as event and incident management (58%).

    And how will the potential recession impact security?

    Organizations are preparing for recession, but opportunities for growth during recession should be well planned too.

    As part of our research process for the 2023 Security Priorities Report, we reviewed the results of the Info-Tech Research Group 2023 Trends and Priorities Survey of IT professionals, which collected responses between August 9 and September 9, 2022 (total N=813 with n=521 completed surveys).

    Expected organizational spending on cybersecurity compared to the previous fiscal year

    A bar graph is depicted with the following dataset: A decrease of more than 10% - 2.2%; A decrease of between 1-10% - 2.6%; About the same - 41.4%; An increase of between 1-10% - 39.6%; An increase of more than 10% - 14.3%

    Keeping the same spending is the #1 result and #2 is increasing spending up to 10%. This is a surprising finding considering the survey was conducted after the middle of 2022 and a recession has been predicted since early 2022 (n=489).

    An infographic titled Cloudy with a Chance of Recession

    Source: Statista, 2022, CC BY-ND

    US recession forecast

    Contingency planning for recessions normally includes tight budgeting; however, it can also include opportunities for growth such as hiring talent who have been laid off by competitors and are difficult to acquire in normal conditions. This can support our previous findings on increasing cybersecurity spending.

    Five Security Priorities for 2023

    This image describes the Five Security Priorities for 2023.

    Maintain Secure Hybrid Work

    PRIORITY 01

    • HOW TO STRATEGICALLY ACQUIRE, RETAIN, OR UPSKILL TALENT TO MAINTAIN SECURE SYSTEMS.

    Executive summary

    Background

    If anything can be learned from COVID-19 pandemic, it is that humans are resilient. We swiftly changed to remote workplaces and adjusted people, processes, and technologies accordingly. We had some hiccups along the way, but overall, we demonstrated that our ability to adjust is amazing.

    The pandemic changed how people work and how and where they choose to work, and most people still want a hybrid work model. However, the number of days for hybrid work itself varies. For example, from our survey in July 2022 (n=516), 55.8% of employees have the option of 2-3 days per week to work offsite, 21.0% for 1 day per week, and 17.8% for 4 days per week.

    Furthermore, the investment (e.g. on infrastructure and networks) to initiate remote work was huge, and the cost doesn't end there, as we need to maintain the secure remote work infrastructure to facilitate the hybrid work model.

    Current situation

    Remote work: A 2022 survey by WFH Research (N=16,451) reports that ~14% of full-time employees are fully remote and ~29% are in a hybrid arrangement as of Summer-Fall 2022.

    Security workforce shortage: A 2022 survey by Bridewell (N=521) reports that 68% of leaders say it has become harder to recruit the right people, impacting organizational ability to secure and monitor systems.

    Confidence in the security practice: A 2022 diagnostic survey by Info-Tech Research Group (N=55) reports that importance may not correspond to confidence; for example, the most important selected cybersecurity area, namely Data Access/Integrity (93.7%), surprisingly has the lowest confidence of the practice (80.5%).

    "WFH doubled every 15 years pre-pandemic. The increase in WFH during the pandemic was equal to 30 years of pre-pandemic growth."

    Source: National Bureau of Economic Research, 2021

    Leaders must do more to increase confidence in the security practice

    Importance may not correspond to confidence

    As part of our research process for the 2023 Security Priorities Report, we analyzed results from the Info-Tech Research Group diagnostics. This report details what we see in our clients' perceived importance of security and their confidence in existing security practices.

    Cybersecurity importance

    A bar graph is depicted with the following dataset: Importance to the Organization - 94.3%; Importance to My Department	92.2%

    Cybersecurity importance areas

    A bar graph is depicted with the following dataset: Mobility (Remote & Mobile Access) - 90.2%; Regulatory Compliance - 90.1%; Desktop Computing - 90.9%; Data Access / Integrity - 93.7%

    Confidence in cybersecurity practice

    A bar graph is depicted with the following dataset: Confidence in the Organization's Overall Security - 79.4%; Confidence in Security for My Department - 79.8%

    Confidence in cybersecurity practice areas

    A bar graph is depicted with the following dataset: Mobility (Remote & Mobile Access) - 75.8%; Regulatory Compliance - 81.5%; Desktop Computing - 80.9%; Data Access / Integrity - 80.5%

    Diagnostics respondents (N=55) were asked about how important security is to their organization or department. Importance to the overall organization is 2.1 percentage points (pp) higher, but confidence in the organization's overall security is slightly lower (-0.4 pp).

    If we break down to security areas, we can see that the most important area, Data Access/Integrity (93.7%), surprisingly has the lowest confidence of the practice: 80.5%. From this data we can conclude that leaders must build a strong cybersecurity workforce to increase confidence in the security practice.

    Use this template to explain the priorities you need your stakeholders to know about.

    Maintain secure hybrid work plan

    Provide a brief value statement for the initiative.

    Build a strong cybersecurity workforce to increase confidence in the security practice to facilitate hybrid work.

    Initiative Description:

    • Description must include what organization will undertake to complete the initiative.
    • Review your security strategy for hybrid work.
    • Identify skills gaps that hinder the successful execution of the hybrid work security strategy.
    • Use the identified skill gaps to define the technical skill requirements for current and future work roles.
    • Conduct a skills assessment on your current workforce to identify employee skill gaps.
    • Decide whether to train, hire, contract, or outsource each skill gap.

    Drivers:

    List initiative drivers.

    • Employees still prefer to WFH for certain days of the week.
    • The investment on WFH during pandemic such as updated network architecture and infrastructure and day-to-day operations.
    • Tech companies' huge layoffs, e.g. Meta laid off more than 11,000 employees.

    Risks:

    List initiative risks and impacts.

    • Unskilled workers lacking certificates or years of experience who are trained and become skilled workers then quit or are hijacked by competitors.
    • Organizational and cultural changes cause friction with work-life balance.
    • Increased attack surface of remote/hybrid workforce.

    Benefits:

    List initiative benefits and align to business benefits or benefits for the stakeholder groups that it impacts.

    • Increase perceived productivity by employees and increase retention.
    • Increase job satisfaction and work-life balance.
    • Hiring talent that has been laid off who are difficult to acquire in normal conditions.

    Related Info-Tech Research:

    Recommended Actions

    1. Identify skill requirements to maintain secure hybrid work

    Review your security strategy for hybrid work.

    Determine the skill needs of your security strategy.

    2. Identify skill gaps

    Identify skills gaps that hinder the successful execution of the hybrid work security strategy.

    Use the identified skill gaps to define the technical skill requirements for work roles.

    3. Decide whether to build or buy skills

    Conduct a skills assessment on your current workforce to identify employee skill gaps.

    Decide whether to train, hire, contract, or outsource each skill gap.

    Source: Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan, Info-Tech

    Secure Organization Modernization

    PRIORITY 02

    • TRENDS SUGGEST MODERNIZATION SUCH AS DIGITAL
      TRANSFORMATION TO THE CLOUD, OPERATIONAL TECHNOLOGY (OT),
      AND THE INTERNET OF THINGS (IOT) IS RISING; ADDRESSING THE RISK
      OF CONVERGING ENVIRONMENTS CAN NO LONGER BE DEFERRED.

    Executive summary

    From computerized milk-handling systems in Wisconsin farms, to automated railway systems in Europe, to Ausgrid's Distribution Network Management System (DNMS) in Australia, to smart cities and beyond; system modernization poses unique challenges to cybersecurity.

    The threats can be safety, such as the trains stopped in Denmark during the last weekend of October 2022 for several hours due to an attack on a third-party IT service provider; economics, such as a cream cheese production shutdown that occurred at the peak of cream cheese demand in October 2021 due to hackers compromising a large cheese manufacturer's plants and distribution centers; and reliability, such as the significant loss of communication for the Ukrainian military, which relied on Viasat's services.

    Despite all the cybersecurity risks, organizations continue modernization plans due to the long-term overall benefits.

    Current situation

    • Pressure of operational excellence: Competitive markets cannot keep pace with demand without modernization. For example, in automated milking systems, the labor time saved from milking can be used to focus on other essential tasks such as the decision-making process.
    • Technology offerings: Technologies are available and affordable such as automated equipment, versatile communication systems, high-performance human machine interaction (HMI), IIoT/Edge integration, and big data analytics.
    • Higher risks of cyberattacks: Modernization enlarges attack surfaces, which are not only cyber but also physical systems. Most incidents indicate that attackers gained access through the IT network, which was followed by infiltration into OT networks.

    IIoT market size is USD 323.62 billion in 2022 and projected to be around USD 1 trillion in 2028.

    Source: Statista,
    March 2022

    Modernization brings new opportunities and new threats

    Higher risks of cyberattacks on Industrial Control System (ICS)

    Target: Australian sewage plant.

    Method: Insider attack. Impact: 265,000 gallons of untreated sewage released.

    Target: Middle East energy companies.

    Method: Shamoon.

    Impact: Overwritten Windows-based systems files.

    Target: German Steel Mill

    Method: Spear-phishing

    Impact: Blast furnace control shutdown failure.

    Target: Middle East Safety Instrumented System (SIS).

    Method: TRISIS/TRITON.

    Impact: Modified safety system ladder logic.

    Target: Viasat's KA-SAT Network.

    Method: AcidRain.

    Impact: Significant loss of communication for the Ukrainian military, which relied on Viasat's services.

    A timeline displaying the years 1903; 2000; 2010; 2012; 2013; 2014; 2018; 2019; 2021; 2022 is displayed.

    Target: Marconi wireless telegraphs presentation. Method: Morse code.

    Impact: Fake message sent "Rats, rats, rats, rats. There was a young fellow of Italy, Who diddled the public quite prettily."

    Target: Iranian uranium enrichment plant.

    Method: Stuxnet.

    Impact: Compromised programmable logic controllers (PLCs).

    Target: ICS supply chain.

    Method: Havex.

    Impact: Remote Access Trojan (RAT) collected information and uploaded data to command-and-control (C&C) servers.

    Target: Ukraine power grid.

    Method: BlackEnergy.

    Impact: Manipulation of HMI View causing 1-6 hour power outages for 230,000 consumers.

    Target: Colonial Pipeline.

    Method: DarkSide ransomware.

    Impact: Compromised billing infrastructure halted the pipeline operation.

    Sources:

    • DOE, 2018
    • CSIS, 2022
    • MIT Technology Review, 2022

    Info-Tech Insight

    Most OT incidents start with attacks against IT networks and then move laterally into the OT environment. Therefore, converging IT and OT security will help protect the entire organization.

    Use this template to explain the priorities you need your stakeholders to know about.

    Secure organization modernization

    Provide a brief value statement for the initiative.

    The systems (OT, IT, IIoT) are evolving now – ensure your security plan has you covered.

    Initiative Description:

    • Description must include what organization will undertake to complete the initiative.
    • Identify the drivers to align with your organization's business objectives.
    • Build your case by leveraging a cost-benefit analysis and update your security strategy.
    • Identify people, process, and technology gaps that hinder the modernization security strategy.
    • Use the identified skill gaps to update risks, policies and procedures, IR, DR, and BCP.
    • Evaluate and enable modernization technology top focus areas and refine security processes.
    • Decide whether to train, hire, contract, or outsource to fill the security workforce gap.

    Drivers:

    List initiative drivers.

    • Pressure of operational excellence
    • Technology offerings
    • Higher risks of cyberattacks

    Risks:

    List initiative risks and impacts.

    • Complex systems with many components to implement and manage require diligent change management.
    • Organizational and cultural changes cause friction between humans and machines.
    • Increased attack surface of cyber and physical systems.

    Benefits:

    List initiative benefits and align to business benefits or benefits for the stakeholder groups that it impacts.

    • Improve service reliability through continuous and real-time operation.
    • Enhance efficiency through operations visibility and transparency.
    • Gain cost savings and efficiency to automate operations of complex and large equipment and instrumentations.

    Related Info-Tech Research:

    Recommended Actions

    1. Identify modernization business cases to secure

    Identify the drivers to align with your organization's business objectives.

    Build your case by leveraging a cost-benefit analysis, and update your security strategy.

    2. Identify gaps

    Identify people, process, and technology gaps that hinder the modernization
    security strategy.

    Use the identified skill gaps to update risks, policies and procedures, IR, DR, and BCP.

    3. Decide whether to build or buy capabilities

    Evaluate and enable modernization technology top focus areas and refine
    security processes.

    Decide whether to train, hire, contract, or outsource to fill the security workforce gap.

    Sources:

    Industrial Control System (ICS) Modernization: Unlock the Value of Automation in Utilities, Info-Tech

    Secure IT-OT Convergence, Info-Tech

    Develop a cost-benefit analysis

    Identify a modernization business case for security.

    Benefits

    Metrics

    Operational Efficiency and Cost Savings

    • Reduction in truck rolls and staff time of manual operations of equipment or instrumentation.
    • Cost reduction in energy usage such as substation power voltage level or water treatment chemical level.

    Improve Reliability and Resilience

    • Reduction in field crew time to identify the outage locations by remotely accessing field equipment to narrow down the
      fault areas.
    • Reduction in outage time impacting customers and avoiding financial penalty in service quality metrics.
    • Improve operating reliability through continuous and real-time trend analysis of equipment performance.

    Energy & Capacity Savings

    • Optimize energy usage of operation to reduce overall operating cost and contribution to organizational net-zero targets.

    Customers & Society Benefits

    • Improve customer safety for essential services such as drinkable water consumption.
    • Improve reliability of services and address service equity issues based on data.

    Cost

    Metrics

    Equipment and Infrastructure

    Upgrade existing security equipment or instrumentation or deploy new, e.g. IPS on Enterprise DMZ and Operations DMZ.

    Implement communication network equipment and labor to install and configure.

    Upgrade or construct server room including cooling/heating, power backup, and server and rack hardware.

    Software and Commission

    The SCADA/HMI software and maintenance fee as well as lifecycle upgrade implementation project cost.

    Labor cost of field commissioning and troubleshooting.

    Integration with security systems, e.g. log management and continuous monitoring.

    Support and Resources

    Cost to hire/outsource security FTEs for ongoing managing and operating security devices, e.g. SOC.

    Cost to hire/outsource IT/OT FTEs to support and troubleshoot systems and its integrations with security systems, e.g. MSSP.

    An example of a cost-benefit analysis for ICS modernization

    Sources:

    Industrial Control System (ICS) Modernization: Unlock the Value of Automation in Utilities, Info-Tech

    Lawrence Berkeley National Laboratory, 2021

    IT-OT convergence demands new security approach and solutions

    Identify gaps

    Attack Vectors

    IT

    • User's compromised credentials
    • User's access device, e.g. laptop, smartphone
    • Access method, e.g. denial-of-service to modem, session hijacking, bad data injection

    OT

    • Site operations, e.g. SCADA server, engineering workstation, historian
    • Controls, e.g. SCADA Client, HMI, PLCs, RTUs
    • Process devices, e.g. sensors, actuators, field devices

    Defense Strategies

    • Limit exposure of system information
    • Identify and secure remote access points
    • Restrict tools and scripts
    • Conduct regular security audits
    • Implement a dynamic network environment

    (Control System Defense: Know the Opponent, CISA)

    An example of a high-level architecture of an electric utility's control system and its interaction with IT systems.

    An example of a high-level architecture of an electric utility's control system and its interaction with IT systems.

    Source: ISA-99, 2007

    RESPOND TO REGULATORY CHANGES

    PRIORITY 03

    • GOVERNMENT-ENACTED POLICY CHANGES AND INDUSTRY REGULATORY CHANGES COULD BE A COMPLIANCE BURDEN … OR PREVENT YOUR NEXT SECURITY INCIDENT.

    Executive summary

    Background

    Government-enacted regulatory changes are occurring at an ever-increasing rate these days. As one example, on November 10, 2022, the EU Parliament introduced two EU cybersecurity laws: the Network and Information Security (NIS2) Directive (applicable to organizations located within the EU and organizations outside the EU that are essential within an EU country) and the Digital Operational Resilience Act (DORA). There are also industry regulatory changes such as PCI DSS v4.0 for the payment sector and the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) for Bulk Electric Systems (BES).

    Organizations should use regulatory changes as a means to improve security practices, instead of treating them as a compliance burden. As said by lead member of EU Parliament Bart Groothuis on NIS2, "This European directive is going to help around 160,000 entities tighten their grip on security […] It will also enable information sharing with the private sector and partners around the world. If we are being attacked on an industrial scale, we need to respond on an industrial scale."

    Current situation

    Stricter requirements and reporting: Regulations such as NIS2 include provisions for incident response, supply chain security, and encryption and vulnerability disclosure and set tighter cybersecurity obligations for risk management reporting obligations.

    Broader sectors: For example, the original NIS directive covers 19 sectors such as Healthcare, Digital Infrastructure, Transport, and Energy. Meanwhile, the new NIS2 directive increases to 35 sectors by adding other sectors such as providers of public electronic communications networks or services, manufacturing of certain critical products (e.g. pharmaceuticals), food, and digital services.

    High sanctions for violations: For example, Digital Services Act (DSA) includes fines of up to 6% of global turnover and a ban on operating in the EU single market in case of repeated serious breaches.

    Approximately 100 cross-border data flow regulations exist in 2022.

    Source: McKinsey, 2022

    Stricter requirements for payments

    Obligation changes to keep up with emerging threats and technologies

    64 New requirements were added
    A total of 64 requirements have been added to version 4.0 of the PCI DSS.

    13 New requirements become effective March 31, 2024
    The other 51 new requirements are considered best practice until March 31, 2025, at which point they will become effective.

    11 New requirements only for service providers
    11 of the new requirements are applicable only to entities that provide third-party services to merchants.

    Defined roles must be assigned for requirements.

    Focus on periodically assessing and documenting scope.

    Entities may choose a defined approach or a customized approach to requirements.

    An example of new requirements for PCI DSS v4.0

    Source: Prepare for PCI DSS v4.0, Info-Tech

    Use this template to explain the priorities you need your stakeholders to know about.

    Respond to regulatory changes

    Provide a brief value statement for the initiative.

    The compliance obligations are evolving – ensure your security plan has you covered.

    Initiative Description:

    Description must include what organization will undertake to complete the initiative.

    • Identify relevant security and privacy compliance and conformance levels.
    • Identify gaps for updated obligations, and map obligations into control framework.
    • Review, update, and implement policies and strategy.
    • Develop compliance exception process and forms.
    • Develop test scripts.
    • Track status and exceptions

    Drivers:

    List initiative drivers.

    • Pressure of new regulations
    • Governance, risk & compliance (GRC) tool offerings
    • High administrative or criminal penalties of non-compliance

    Risks:

    List initiative risks and impacts.

    • Complex structures and a great number of compliance requirements
    • Restricted budget and lack of skilled workforce for organizations such as local municipalities and small or medium organizations compared to private counterparts
    • Personal liability for some regulations for non-compliance

    Benefits:

    List initiative benefits and align to business benefits or benefits for the stakeholder groups that it impacts.

    • Reduces compliance risk.
    • Reduces complexity within the control environment by using a single framework to align multiple compliance regimes.
    • Reduces costs and efforts related to managing IT audits through planning and preparation.

    Related Info-Tech Research:

    Recommended Actions

    1. Identify compliance obligations

    Identify relevant security and privacy obligations and conformance levels.

    Identify gaps for updated obligations, and map obligations into control framework.

    2. Implement compliance strategy

    Review, update, and implement policies and strategy.

    Develop compliance exception process.

    3. Track and report

    Develop test scripts to check your remediations to ensure they are effective.

    Track and report status and exceptions.

    Sources: Build a Security Compliance Program and Prepare for PCI DSS v4.0, Info-Tech

    Identify relevant security and privacy compliance obligations

    Identify obligations

    # Security Jurisdiction
    1 Network and Information Security (NIS2) Directive European Union (EU) and organizations outside the EU that are essential within an EU country
    2 North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) North American electrical utilities
    3 Executive Order (EO) 14028: Improving the Nation's Cybersecurity, The White House, 2021 United States

    #

    Privacy Jurisdiction
    1 General Data Protection Regulation (GDPR) EU and EU citizens
    2 Personal Information Protection and Electronic Documents Act (PIPEDA) Canada
    3 California Consumer Privacy Act (CCPA) California, USA
    4 Personal Information Protection Law of the People’s Republic of China (PIPL) China

    An example of security and privacy compliance obligations

    How much does it cost to become compliant?

    • It is important to understand the various frameworks and to adhere to the appropriate compliance obligations.
    • Many factors influence the cost of compliance, such as the size of organization, the size of network, and current security readiness.
    • To manage compliance obligations, it is important to use a platform that not only performs internal and external monitoring but also provides third-party vendors (if applicable) with visibility into potential threats in their organization.

    Adopt Next-Generation Cybersecurity Technologies

    PRIORITY 04

    • GOVERNMENTS AND HACKERS ARE RECOGNIZING THE IMPORTANCE OF EMERGING TECHNOLOGIES, SUCH AS ZERO TRUST ARCHITECTURE AND AI-BASED CYBERSECURITY. SO SHOULD YOUR ORGANIZATION.

    Executive summary

    Background

    The cat and mouse game between threat actors and defenders is continuing. The looming question "can defenders do better?" has been answered with rapid development of technology. This includes the automation of threat analysis (signature-based, specification-based, anomaly-based, flow-based, content-based, sandboxing) not only on IT but also on other relevant environments, e.g. IoT, IIoT, and OT based on AI/ML.

    More fundamental approaches such as post-quantum cryptography and zero trust (ZT) are also emerging.
    ZT is a principle, a model, and also an architecture focused on resource protection by always verifying transactions using the least privilege principle. Hopefully in 2023, ZT will be more practical and not just a vendor marketing buzzword.

    Next-gen cybersecurity technologies alone are not a silver bullet. A combination of skilled talent, useful data, and best practices will give a competitive advantage. The key concepts are explainable, transparent, and trustworthy. Furthermore, regulation often faces challenges to keep up with next-gen cybersecurity technologies, especially with the implications and risks of adoption, which may not always be explicit.

    Current situation

    ZT: Performing an accurate assessment of readiness and benefits to adopt ZT can be difficult due to ZT's many components. Thus, an organization needs to develop a ZT roadmap that aligns with organizational goals and focuses on access to data, assets, applications, and services; don't select solutions or vendors too early.

    Post-quantum cryptography: Current cryptographic applications, such as RSA for PKI, rely on factorization. However, algorithms such as Shor's show quantum speedup for factorization, which can break current crypto when sufficient quantum computing devices are available. Thus, threat actors can intercept current encrypted information and store it to decrypt in the future.

    AI-based threat management: AI helps in analyzing and correlating data extremely fast compared to humans. Millions of telemetries, malware samples, raw events, and vulnerability data feed into the AI system, which humans cannot process manually. Furthermore, AI does not get tired in processing this big data, thus avoiding human error and negligence.

    Data breach mitigation cost without AI: USD 6.20 million; and with AI: USD 3.15 million

    Source: IBM, 2022

    Traditional security is not working

    Alert Fatigue

    Too many false alarms and too many events to process. Evolving threat landscapes waste your analysts' valuable time on mundane tasks, such as evidence collection. Meanwhile, only limited time is spared for decisions and conclusions, which results in the fear of missing an incident and alert fatigue.

    Lack of Insight

    To report progress, clear metrics are needed. However, cybersecurity still lacks in this area as the system itself is complex and some systems work in silos. Furthermore, lessons learned are not yet distilled into insights for improving future accuracy.

    Lack of Visibility

    System integration is required to create consistent workflows across the organization and to ensure complete visibility of the threat landscape, risks, and assets. Also, the convergence of OT, IoT, and IT enhances this challenge.

    Source: IBM Security Intelligence, 2020

    A business case for AI-based cybersecurity

    Threat management

    Prevention

    Risk scores are generated by machine learning based on variables such as behavioral patterns and geolocation. Zero trust architecture is combined with machine learning. Asset management leverages visibility using machine learning. Comply with regulations by improving discovery, classification, and protection of data using machine learning. Data security and data privacy services use machine learning for data discovery.

    Detection

    AI, advanced machine learning, and static approaches, such as code file analysis, combine to automatically detect and analyze threats and prevent threats from spreading, assisted by threat intelligence.

    Response

    AI helps in orchestrating security technologies for organizations to reduce the number of security agents installed, which may not talk to each other or, worse, may conflict with each other.

    Recovery

    AI continuously tunes based on lessons learned, such as creating security policies for improving future accuracy. AI also does not get fatigue, and it assists humans in a faster recovery.

    Prevention; Detection; Response; Recovery

    AI has been around since the 1940s, but why is it only gaining traction now? Because supporting technologies are only now available, including faster GPUs for complex computations and cheaper storage for massive volumes of data.

    Use this template to explain the priorities you need your stakeholders to know about.

    Adopt next-gen cybersecurity technologies

    Use this template to explain the priorities you need your stakeholders to know about.

    Develop a practical roadmap that shows the business value of next-gen cybersecurity technologies investment.

    Initiative Description:

    Description must include what organization will undertake to complete the initiative.

    • Identify the stakeholders who will be affected by the next-gen cybersecurity technologies implementation and define responsibilities based on skillsets and the degree of support.
    • Adopt well-established data governance practices for cross-functional teams.
    • Conduct a maturity assessment of key processes and highlight interdependencies.
    • Develop a baseline and periodically review risks, policies and procedures, and business plan.
    • Develop a roadmap and deploy next-gen cybersecurity architecture and controls step by step, working with trusted technology partners.
    • Monitor metrics on effectiveness and efficiency.

    Drivers:

    List initiative drivers.

    • Pressure of attacks by sophisticated threat actors
    • Next-gen cybersecurity technologies tool offerings
    • High cost of traditional security, e.g. longer breach lifecycle

    Risks:

    List initiative risks and impacts.

    • Lack of transparency of the model or bias, leading to non-compliance with policies/regulations
    • Risks related with data quality and inadequate data for model training
    • Adversarial attacks, including, but not limited to, adversarial input and model extraction

    Benefits:

    List initiative benefits and align to business benefits or benefits for the stakeholder groups that it impacts.

    • Reduces the number of alerts, thus reduces alert fatigue.
    • Increases the identification of unknown threats.
    • Leads to faster detection and response.
    • Closes skills gap and increases productivity.

    Related Info-Tech Research:

    Recommended Actions

    1. People

    Identify the stakeholders who will be affected by the next-gen cybersecurity technologies implementation and define responsibilities based on skillsets and the degree of support.

    Adopt well-established data governance practices for cross-functional teams.

    2. Process

    Conduct a maturity assessment of key processes and highlight interdependencies.

    Develop a baseline and periodically review risks, policies and procedures, and business plan.

    3. Technology

    Develop a roadmap and deploy next-gen cybersecurity architecture and controls step by step, working with trusted technology partners.

    Monitor metrics on effectiveness and efficiency.

    Source: Leverage AI in Threat Management (keynote presentation), Info-Tech

    Secure Services and Applications

    PRIORITY 05

    • APIS ARE STILL THE #1 THREAT TO APPLICATION SECURITY.

    Executive summary

    Background

    Software is usually produced as part of a supply chain instead of in silos. A vulnerability in any part of the supply chain can become a threat surface. We have learned this from recent incidents such as Log4j, SolarWinds, and Kaseya where attackers compromised a Virtual System Administrator tool used by managed service providers to attack around 1,500 organizations.

    DevSecOps is a culture and philosophy that unifies development, security, and operations to answer this challenge. DevSecOps shifts security left by automating, as much as possible, development and testing. DevSecOps provides many benefits such as rapid development of secure software and assurance that, prior to formal release and delivery, tests are reliably performed and passed.

    DevSecOps practices can apply to IT, OT, IoT, and other technology environments, for example, by integrating a Secure Software Development Framework (SSDF).

    Current situation

    Secure Software Supply Chain: Logging is a fundamental feature of most software, and recently the use of software components, especially open source, are based on trust. From the Log4j incident we learned that more could be done to improve the supply chain by adopting ZT to identify related components and data flows between systems and to apply the least privilege principle.

    DevSecOps: A software error wiped out wireless services for thousands of Rogers customers across Canada in 2021. Emergency services were also impacted, even though outgoing 911 calls were always accessible. Losing such services could have been avoided, if tests were reliably performed and passed prior to release.

    OT insecure-by-design: In OT, insecurity-by-design is still a norm, which causes many vulnerabilities such as insecure protocols implementation, weak authentication schemes, or insecure firmware updates. Additional challenges are the lack of CVEs or CVE duplication, the lack of Software Bill of Materials (SBOM), and product supply chains issues such as vulnerable products that are certified because of the scoping limitation and emphasis on functional testing.

    Technical causes of cybersecurity incidents in EU critical service providers in 2019-2021 shows: software bug (12%) and faulty software changes/update (9%).

    Source: CIRAS Incident reporting, ENISA (N=1,239)

    Software development keeps evolving

    DOD Maturation of Software Development Best Practices

    Best Practices 30 Years Ago 15 Years Ago Present Day
    Lifecycle Years or Months Months or Weeks Weeks or Days
    Development Process Waterfall Agile DevSecOps
    Architecture Monolithic N-Tier Microservices
    Deployment & Packaging Physical Virtual Container
    Hosting Infrastructure Server Data Center Cloud
    Cybersecurity Posture Firewall + SIEM + Zero Trust

    Best practices in software development are evolving as shown on the diagram to the left. For example, 30 years ago the lifecycle was "Years or Months," while in the present day it is "Weeks or Days."

    These changes also impact security such as the software architecture, which is no longer "Monolithic" but "Microservices" normally built within the supply chain.

    The software supply chain has known integrity attacks that can happen on each part of it. Starting from bad code submitted by a developer, to compromised source control platform (e.g. PHP git server compromised), to compromised build platform (e.g. malicious behavior injected on SolarWinds build), to a compromised package repository where users are deceived into using the bad package by the similarity between the malicious and the original package name.

    Therefore, we must secure each part of the link to avoid attacks on the weakest link.

    Software supply chain guidance

    Secure each part of the link to avoid attacks on the weakest link.

    Guide for Developers

    Guide for Suppliers

    Guide for Customers

    Secure product criteria and management, develop secure code, verify third-party components, harden build environment, and deliver code.

    Define criteria for software security checks, protect software, produce well-secured software, and respond to vulnerabilities.

    Secure procurement and acquisition, secure deployment, and secure software operations.

    Source: "Securing the Software Supply Chain" series, Enduring Security Framework (ESF), 2022

    "Most software today relies on one or more third-party components, yet organizations often have little or no visibility into and understanding of how these software components are developed, integrated, and deployed, as well as the practices used to ensure the components' security."

    Source: NIST – NCCoE, 2022

    Use this template to explain the priorities you need your stakeholders to know about.

    Secure services and applications

    Provide a brief value statement for the initiative.

    Adopt recommended practices for securing the software supply chain.

    Initiative Description:

    Description must include what organization will undertake to complete the initiative.

    • Define and keep security requirements and risk assessments up to date.
    • Require visibility into provenance of product, and require suppliers' self-attestation of security hygiene.
    • Verify distribution infrastructure, product and individual components integrity, and SBOM.
    • Use multi-layered defenses, e.g. ZT for integration and control configuration.
    • Train users on how to detect and report anomalies and when to apply updates to a system.
    • Ensure updates from authorized and authenticated sources and verify the integrity of the updated SBOM.

    Drivers:

    List initiative drivers.

    • Cyberattacks exploit the vulnerabilities of weak software supply chain
    • Increased need to enhance software supply chain security, e.g. under the White House Executive Order (EO) 14028
    • OT insecure-by-design hinders OT modernization

    Risks:

    List initiative risks and impacts.

    Only a few developers and suppliers explicitly address software security in detail.

    Time pressure to deliver functionality over security.

    Lack of security awareness and lack of trained workforce.

    Benefits:

    List initiative benefits and align to business benefits or benefits for the stakeholder groups that it impacts.

    Customers (acquiring organizations) achieve secure acquisition, deployment, and operation of software.

    Developers and suppliers provide software security with minimal vulnerabilities in its releases.

    Automated processes such as automated testing avoid error-prone and labor-intensive manual test cases.

    Related Info-Tech Research:

    Recommended Actions

    1. Procurement and Acquisition

    Define and keep security requirements and risk assessments up to date.

    Perform analysis on current market and supplier solutions and acquire security evaluation.

    Require visibility into provenance of product, and require suppliers' self-attestation of security hygiene

    2. Deployment

    Verify distribution infrastructure, product and individual components integrity, and SBOM.

    Save and store the tests and test environment and review and verify the
    self-attestation mechanism.

    Use multi-layered defenses, e.g. ZT for integration and control configuration.

    3. Software Operations

    Train users on how to detect and report anomalies and when to apply updates to a system.

    Ensure updates from authorized and authenticated sources and verify the integrity of the updated SBOM.

    Apply supply chain risk management (SCRM) operations.

    Source: "Securing the Software Supply Chain" series, Enduring Security Framework (ESF), 2022

    Bibliography

    Aksoy, Cevat Giray, Jose Maria Barrero, Nicholas Bloom, Steven J. Davis, Mathias Dolls, and Pablo Zarate. "Working from Home Around the World." Brookings Papers on Economic Activity, 2022.
    Barrero, Jose Maria, Nicholas Bloom, and Steven J. Davis. "Why working from home will stick." WFH Research, National Bureau of Economic Research, Working Paper 28731, 2021.
    Boehm, Jim, Dennis Dias, Charlie Lewis, Kathleen Li, and Daniel Wallance. "Cybersecurity trends: Looking over the horizon." McKinsey & Company, March 2022. Accessed
    31 Oct. 2022.
    "China: TC260 issues list of national standards supporting implementation of PIPL." OneTrust, 8 Nov. 2022. Accessed 17 Nov. 2022.
    Chmielewski, Stéphane. "What is the potential of artificial intelligence to improve cybersecurity posture?" before.ai blog, 7 Aug. 2022. Accessed 15 Aug. 2022.
    Conerly, Bill. "The Recession Will Begin Late 2023 Or Early 2024." Forbes, 1 Nov. 2022. Accessed 8 Nov. 2022.
    "Control System Defense: Know the Opponent." CISA, 22 Sep. 2022. Accessed 17 Nov. 2022.
    "Cost of a Data Breach Report 2022." IBM, 2022.
    "Cybersecurity: Parliament adopts new law to strengthen EU-wide resilience." European Parliament News, 10 Nov. 2022. Press Release.
    "Cyber Security in Critical National Infrastructure Organisations: 2022." Bridewell, 2022. Accessed 7 Nov. 2022.
    Davis, Steven. "The Big Shift to Working from Home." NBER Macro Annual Session On
    "The Future of Work," 1 April 2022.
    "Digital Services Act: EU's landmark rules for online platforms enter into force."
    EU Commission, 16 Nov. 2022. Accessed 16 Nov. 2022.
    "DoD Enterprise DevSecOps Fundamentals." DoD CIO, 12 May 2022. Accessed 21 Nov. 2022.
    Elkin, Elizabeth, and Deena Shanker. "That Cream Cheese Shortage You Heard About? Cyberattacks Played a Part." Bloomberg, 09 Dec. 2021. Accessed 27 Oct. 2022.
    Evan, Pete. "What happened at Rogers? Day-long outage is over, but questions remain." CBC News, 21 April 2022. Accessed 15 Nov. 2022.
    "Fewer Ransomware Victims Pay, as Median Ransom Falls in Q2 2022." Coveware,
    28 July 2022. Accessed 18 Nov. 2022.
    "Fighting cybercrime: new EU cybersecurity laws explained." EU Commission, 10 Nov. 2022. Accessed 16 Nov. 2022.
    "Guide to PCI compliance cost." Vanta. Accessed 18 Nov. 2022.
    Hammond, Susannah, and Mike Cowan. "Cost of Compliance 2022: Competing priorities." Thomson Reuters, 2022. Accessed 18 Nov. 2022.
    Hemsley, Kevin, and Ronald Fisher. "History of Industrial Control System Cyber Incidents." Department of Energy (DOE), 2018. Accessed 29 Aug. 2022.
    Hofmann, Sarah. "What Is The NIS2 And How Will It Impact Your Organisation?" CyberPilot,
    5 Aug. 2022. Accessed 16 Nov. 2022.
    "Incident reporting." CIRAS Incident Reporting, ENISA. Accessed 21 Nov. 2022.
    "Introducing SLSA, an End-to-End Framework for Supply Chain Integrity." Google,
    16 June 2021. Accessed 25 Nov. 2022.
    Kovacs, Eduard. "Trains Vulnerable to Hacker Attacks: Researchers." SecurityWeek, 29 Dec. 2015. Accessed 15 Nov. 2022.
    "Labour Force Survey, October 2022." Statistics Canada, 4 Nov. 2022. Accessed 7 Nov. 2022.
    Malacco, Victor. "Promises and potential of automated milking systems." Michigan State University Extension, 28 Feb. 2022. Accessed 15 Nov. 2022.
    Maxim, Merritt, et al. "Planning Guide 2023: Security & Risk." Forrester, 23 Aug. 2022. Accessed 31 Oct. 2022.
    "National Cyber Threat Assessment 2023-2024." Canadian Centre for Cyber Security, 2022. Accessed 18 Nov. 2022.
    Nicaise, Vincent. "EU NIS2 Directive: what's changing?" Stormshield, 20 Oct. 2022. Accessed
    17 Nov. 2022.
    O'Neill, Patrick. "Russia hacked an American satellite company one hour before the Ukraine invasion." MIT Technology Review, 10 May 2022. Accessed 26 Aug. 2022.
    "OT ICEFALL: The legacy of 'insecure by design' and its implications for certifications and risk management." Forescout, 2022. Accessed 21 Nov. 2022.
    Palmer, Danny. "Your cybersecurity staff are burned out - and many have thought about quitting." ZDNet, 8 Aug. 2022. Accessed 19 Aug. 2022.
    Placek, Martin. "Industrial Internet of Things (IIoT) market size worldwide from 2020 to 2028 (in billion U.S. dollars)." Statista, 14 March 2022. Accessed 15 Nov. 2022.
    "Revised Proposal Attachment 5.13.N.1 ADMS Business Case PUBLIC." Ausgrid, Jan. 2019. Accessed 15 Nov. 2022.
    Richter, Felix. "Cloudy With a Chance of Recession." Statista, 6 April 2022. Web.
    "Securing the Software Supply Chain: Recommended Practices Guide for Developers." Enduring Security Framework (ESF), Aug. 2022. Accessed 22 Sep. 2022.
    "Securing the Software Supply Chain: Recommended Practices Guide for Suppliers." Enduring Security Framework (ESF), Sep. 2022. Accessed 21 Nov. 2022.
    "Securing the Software Supply Chain: Recommended Practices Guide for Customers." Enduring Security Framework (ESF), Oct. 2022. Accessed 21 Nov. 2022.
    "Security Guidelines for the Electricity Sector: Control System Electronic Connectivity."
    North American Electric Reliability Corporation (NERC), 28 Oct. 2013. Accessed 25 Nov. 2022.
    Shepel, Jan. "Schreiber Foods hit with cyberattack; plants closed." Wisconsin State Farmer,
    26 Oct. 2022. Accessed 15 Nov. 2022.
    "Significant Cyber Incidents." Center for Strategic and International Studies (CSIS). Accessed
    1 Sep. 2022.
    Souppaya, Murugiah, Michael Ogata, Paul Watrobski, and Karen Scarfone. "Software Supply Chain and DevOps Security Practices: Implementing a Risk-Based Approach to DevSecOps." NIST - National Cybersecurity Center of Excellence (NCCoE), Nov. 2022. Accessed
    22 Nov. 2022.
    "Ten Things Will Change Cybersecurity in 2023." SOCRadar, 23 Sep. 2022. Accessed
    31 Oct. 2022.
    "The Nature of Cybersecurity Defense: Pentagon To Reveal Updated Zero-Trust Cybersecurity Strategy & Guidelines." Cybersecurity Insiders. Accessed 21 Nov. 2022.
    What Is Threat Management? Common Challenges and Best Practices." IBM Security Intelligence, 2020.
    Woolf, Tim, et al. "Benefit-Cost Analysis for Utility-Facing Grid Modernization Investments: Trends, Challenges, and Considerations." Lawrence Berkeley National Laboratory, Feb. 2021. Accessed 15 Nov. 2022.
    Violino, Bob. "5 key considerations for your 2023 cybersecurity budget planning." CSO Online,
    14 July 2022. Accessed 27 Oct. 2022

    Research Contributors and Experts

    Andrew Reese
    Cybersecurity Practice Lead
    Zones

    Ashok Rutthan
    Chief Information Security Officer (CISO)
    Massmart

    Chris Weedall
    Chief Information Security Officer (CISO)
    Cheshire East Council

    Jeff Kramer
    EVP Digital Transformation and Cybersecurity
    Aprio

    Kris Arthur
    Chief Information Security Officer (CISO)
    SEKO Logistics

    Mike Toland
    Chief Information Security Officer (CISO)
    Mutual Benefit Group

    Capture and Market the ROI of Your VMO

    • Buy Link or Shortcode: {j2store}212|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $108,234 Average $ Saved
    • member rating average days saved: 9 Average Days Saved
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management
    • All IT organizations are dependent on their vendors for technology products, services, and solutions to support critical business functions.
    • Measuring the impact of and establishing goals for the vendor management office (VMO) to maximize its effectiveness requires an objective and quantitative approach whenever possible.
    • Sharing the VMO’s impact internally is a balancing act between demonstrating value and self-promotion.

    Our Advice

    Critical Insight

    • The return on investment (ROI) calculation for your VMO must be customized. The ROI components selected must match your VMO ROI maturity, resources, and roadmap. There is no one-size-fits-all approach to calculating VMO ROI.
    • ROI contributions come from many areas and sources. To maximize the VMO’s ROI, look outside the traditional framework of savings and cost avoidance to vendor-facing interactions and the impact the VMO has on internal departments.

    Impact and Result

    • Quantifying the contributions of the VMO takes the guess work out of whether the VMO is performing adequately.
    • Taking a comprehensive approach to measuring the value created by the VMO and the ROI associated with it will help the organization appreciate the importance of the VMO.
    • Establishing goals for the VMO with the help of the executives and key stakeholders ensures that the VMO is supporting the needs of the entire organization.

    Capture and Market the ROI of Your VMO Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should calculate and market internally your VMO’s ROI, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Get organized

    Begin the process by identifying your VMO’s ROI maturity level and which calculation components are most appropriate for your situation.

    • Capture and Market the ROI of the VMO – Phase 1: Get Organized
    • VMO ROI Maturity Assessment Tool
    • VMO ROI Calculator and Tracker
    • VMO ROI Data Source Inventory and Evaluation Tool
    • VMO ROI Summary Template

    2. Establish baseline

    Set measurement baselines and goals for the next measurement cycle.

    • Capture and Market the ROI of the VMO – Phase 2: Establish Baseline
    • VMO ROI Baseline and Goals Tool

    3. Measure and monitor results

    Measure the VMO's ROI and value created by the VMO’s efforts and the overall internal satisfaction with the VMO.

    • Capture and Market the ROI of the VMO – Phase 3: Measure and Monitor Results
    • RFP Cost Estimator
    • Improvements in Working Capital Estimator
    • Risk Estimator
    • General Process Cost Estimator and Delta Estimator
    • VMO Internal Client Satisfaction Survey
    • Vendor Security Questionnaire
    • Value Creation Worksheet
    • Deal Summary Report Template

    4. Report results

    Report the results to key stakeholders and executives in a way that demonstrates the value added by the VMO to the entire organization.

    • Capture and Market the ROI of the VMO – Phase 4: Report Results
    • Internal Business Review Agenda Template
    • IT Spend Analytics
    • VMO ROI Reporting Worksheet
    • VMO ROI Stakeholder Report Template
    [infographic]

    Workshop: Capture and Market the ROI of Your VMO

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Get Organized

    The Purpose

    Determine how you will measure the VMO’s ROI.

    Key Benefits Achieved

    Focus your measurement on the appropriate activities.

    Activities

    1.1 Determine your VMO’s maturity level and identify applicable ROI measurement categories.

    1.2 Review and select the appropriate ROI formula components for each applicable measurement category.

    1.3 Compile a list of potential data sources, evaluate the viability of each data source selected, and assign data collection and analysis responsibilities.

    1.4 Communicate progress and proposed ROI formula components to executives and key stakeholders for feedback and/or approval/alignment.

    Outputs

    VMO ROI maturity level and first step of customizing the ROI formula components.

    Second and final step of customizing the ROI formula components…what will actually be measured.

    Viable data sources and assignments for team members.

    A progress report for key stakeholders and executives.

    2 Establish Baseline

    The Purpose

    Set baselines to measure created value against.

    Key Benefits Achieved

    ROI contributions cannot be objectively measured without baselines.

    Activities

    2.1 Gather baseline data.

    2.2 Calculate/set baselines.

    2.3 Set SMART goals.

    2.4 Communicate progress and proposed ROI formula components to executives and key stakeholders for feedback and/or approval/alignment.

    Outputs

    Data to use for calculating baselines.

    Baselines for measuring ROI contributions.

    Value creation goals for the next measurement cycle.

    An updated progress report for key stakeholders and executives.

    3 Measure and Monitor Results

    The Purpose

    Calculate the VMO’s ROI.

    Key Benefits Achieved

    An understanding of whether the VMO is paying for itself.

    Activities

    3.1 Assemble the data and calculate the VMO’s ROI.

    3.2 Organize the data for the reporting step.

    Outputs

    The VMO’s ROI expressed in terms of how many times it pays for itself (e.g. 1X, 3X, 5X).

    Determine which supporting data will be reported.

    4 Report Results

    The Purpose

    Report results to stakeholders.

    Key Benefits Achieved

    Stakeholders understand the value of the VMO.

    Activities

    4.1 Create a reporting template.

    4.2 Determine reporting frequency.

    4.3 Decide how the reports will be distributed or presented.

    4.4 Send out a draft report and update based on feedback.

    Outputs

    A template for reporting ROI and supporting data.

    A decision about quarterly or annual reports.

    A decision regarding email, video, and in-person presentation of the ROI reports.

    Final ROI reports.

    Build a Strategic Infrastructure Roadmap

    • Buy Link or Shortcode: {j2store}332|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $36,636 Average $ Saved
    • member rating average days saved: 26 Average Days Saved
    • Parent Category Name: Strategy and Organizational Design
    • Parent Category Link: /strategy-and-organizational-design

    Getting a seat at the table is your first objective in building a strategic roadmap. Knowing what the business wants to do and understanding what it will need in the future is a challenge for most IT departments.

    This could be a challenge such as:

    • Understanding the business vision
    • Clear communications on business planning
    • Insight into what the future state should look like
    • Understanding what the IT team is spending its time on day to day

    Our Advice

    Critical Insight

    • Having a clear vision of what the future state is and knowing that creating an IT Infrastructure roadmap is never finished will give your IT team an understanding of priorities, goals, business vision, and risks associated with not planning.
    • Understand what you are currently paying for and why.

    Impact and Result

    • Understanding of the business priorities, and vision of the future
    • Know what your budget is spent on: running the business, growth, or innovation
    • Increased communication with the right stakeholders
    • Better planning based on analysis of time study, priorities, and business goals

    Build a Strategic Infrastructure Roadmap Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build a Strategic Infrastructure Roadmap Storyboard – Improve and align goals and strategy.

    In this section you will develop a vision and mission statement and set goals that align with the business vision and goals. The outcome will deliver your guiding principles and a list of goals that will determine your initiatives and their priorities.

    • Build Your Infrastructure Roadmap Storyboard
    • Strategic Infrastructure Roadmap Tool

    2. Financial Spend Analysis Template – Envision future and analyze constraints.

    Consider your future state by looking at technology that will help the business in the future. Complete an analysis of your past spending to determine your future spend. Complete a SWOT analysis to determine suitability.

    • Financial Spend Analysis Template

    3. Strategic Roadmap Initiative Template – Align and build the roadmap.

    Develop a risk framework that may slow or hinder your strategic initiatives from progressing and evaluate your technical debt. What is the current state of your infrastructure? Generate and prioritize your initiatives, and set dates for completion.

    • Strategic Roadmap Initiative Template

    4. Infrastructure and Strategy Executive Brief Template – Communicate and improve the process.

    After creating your roadmap, communicate it to your audience. Identify who needs to be informed and create an executive brief with the template download. Finally, create KPIs to measure what success looks like.

    • Infrastructure Strategy and Roadmap Executive Presentation Template
    • Infrastructure Strategy and Roadmap Report Template

    Infographic

    Further reading

    Build a Strategic Infrastructure Roadmap

    Align infrastructure investment to business-driven goals.

    Analysts' Perspectives

    Infrastructure roadmaps are an absolute necessity for all organizations. An organization's size often dictates the degree of complexity of the roadmap, but they all strive to paint the future picture of the organization's IT infrastructure.

    Infrastructure roadmaps typically start with the current state of infrastructure and work on how to improve. That thinking must change! Start with the future vision, an unimpeded vision, as if there were no constraints. Now you can see where you want to be.

    Look at your past to determine how you have been spending your infrastructure budget. If your past shows a trend of increased operational expenditures, that trend will likely continue. The same is true for capital spending and staffing numbers.

    Now that you know where you want to go, and how you ended up where you are, look at the constraints you must deal with and make a plan. It's not as difficult as it may seem, and even the longest journey begins with one step.

    Speaking of that first step, it should be to understand the business goals and align your roadmap with those same goals. Now you have a solid plan to develop a strategic infrastructure roadmap; enjoy the journey!

    There are many reasons why you need to build a strategic IT infrastructure roadmap, but your primary objectives are to set the long-term direction, build a framework for decision making, create a foundation for operational planning, and be able to explain to the business what you are planning. It is a basis for accountability and sets out goals and priorities for the future.

    Other than knowing where you are going there are four key benefits to building the roadmap.

    1. It allows you to be strategic and transformative rather than tactical and reactive.
    2. It gives you the ability to prioritize your tasks and projects in order to get them going.
    3. It gives you the ability to align your projects to business outcomes.
    4. Additionally, you can leverage your roadmap to justify your budget for resources and infrastructure.

    When complete, you will be able to communicate to your fellow IT teams what you are doing and get an understanding of possible business- or IT-related roadblocks, but overall executing on your roadmap will demonstrate to the business your competencies and ability to succeed.

    PJ Ryan

    PJ Ryan
    Research Director
    Infrastructure & Operations Practice
    Info-Tech Research Group

    John Donovan

    John Donovan
    Principal Research Director
    Infrastructure & Operations Practice
    Info-Tech Research Group

    Build a Strategic Infrastructure Roadmap

    Align infrastructure investment to business-driven goals.

    EXECUTIVE BRIEF

    Executive Summary

    Your Challenge

    When it comes to building a strategic roadmap, getting a seat at the table is your first objective. Knowing what the business wants to do and understanding its future needs is a challenge for most IT organizations.

    Challenges such as:

    • Understanding the business vision
    • Clear communications on business planning
    • Insight into what the future state should look like

    Common Obstacles

    Fighting fires, keeping the lights on, patching, and overseeing legacy debt maintenance – these activities prevent your IT team from thinking strategically and looking beyond day-to-day operations. Issues include:

    • Managing time well
    • Building the right teams
    • Setting priorities

    Procrastinating when it comes to thinking about your future state will get you nowhere in a hurry.

    Info-Tech's Approach

    Look into your past IT spend and resources that are being utilized.

    • Analyze all aspects of the operation, and resources required.
    • Be realistic with your timelines.
    • Work from the future state backward.

    Build your roadmap by setting priorities, understanding risk and gaps both in finance and resources. Overall, your roadmap is never done, so don't worry if you get it wrong on the first pass.

    Info-Tech Insight

    Have a clear vision of what the future state is, and know that when creating an IT infrastructure roadmap, it is never done. This will give your IT team an understanding of priorities, goals, business vision, and risks associated with not planning. Understand what you are currently paying for and why.

    Insight Summary

    "Planning is bringing the future into the present so that you can do something about it now."
    Source: Alan Lakein, Libquotes

    Your strategic objectives are key to building a roadmap

    Many organizations' day-to-day IT operations are tactical and reactive. This needs to change; the IT team needs to become strategic and proactive in its planning and execution. Forward thinking bridges the gap from your current state, to what the organization is, to what it wants to achieve. Your strategic objectives need to align to the business vision and goals and keep it running.

    Your future state will determine your roadmap priorities

    Identify what the business needs to meet its goals; this should be reflected in your roadmap priorities. Then identify the tasks and projects that can get you there. Business alignment is key, as these projects require prioritization. Strategic initiatives that align to business outcomes will be your foundation for planning on those priorities. If you do not align your initiatives, you will end up spinning your wheels. A good strategic roadmap will have all the elements of forward thinking and planning to execute with the right resources, right priorities, and right funding to make it happen.

    Understand what you have been paying for the last few years

    Measure the cost of "keeping the lights on" as a baseline for your budget that is earmarked and already spent. Determine if your current spend is holding back innovation due to:

    1. The high cost of maintenance
    2. Resources in operations doing low-value work due to the effort required to do tasks related to break/fix on aging hardware and software

    A successful strategic roadmap will be determined when you have a good handle on your current spending patterns and planning for future needs that include resources, budget, and know-how. Without a plan and roadmap, that plan will not get business buy-in or funding.

    Top challenges reported by Info-Tech members

    Lack of strategic direction

    • Infrastructure leadership must discover the business goals.

    Time seepage

    • Project time is constantly being tracked incorrectly.

    Technical debt

    • Aging equipment is not proactively cycled out with newer enabling technologies.

    Case Study

    The strategic IT roadmap allows Dura to stay at the forefront of automotive manufacturing.

    INDUSTRY: Manufacturing
    SOURCE: Performance Improvement Partners

    Challenge

    Following the acquisition of Dura, MiddleGround aimed to position Dura as a leader in the automotive industry, leveraging the company's established success spanning over a century.

    However, prior limited investments in technology necessitated significant improvements for Dura to optimize its processes and take advantage of digital advancements.

    Solution

    MiddleGround joined forces with PIP to assess technology risks, expenses, and prospects, and develop a practical IT plan with solutions that fit MiddleGround's value-creation timeline.

    By selecting the top 15 most important IT projects, the companies put together a feasible technology roadmap aimed at advancing Dura in the manufacturing sector.

    Results

    Armed with due diligence reports and a well-defined IT plan, MiddleGround and Dura have a strategic approach to maximizing value creation.

    By focusing on key areas such as analysis, applications, infrastructure and the IT organization, Dura is effectively transforming its operations and shaping the future of the automotive manufacturing industry.

    How well do you know your business strategy?

    A mere 25% of managers
    can list three of the company's
    top five priorities.

    Based on a study from MIT Sloan, shared understanding of strategic directives barely exists beyond the top tiers of leadership.

    An image of a bar graph showing the percentage of leaders able to correctly list a majority of their strategic priorities.

    Take your time back

    Unplanned incident response is a leading cause of the infrastructure time crunch, but so too are nonstandard service requests and service requests that should be projects.

    29%

    Less than one-third of all IT projects finish on time.

    200%

    85% of IT projects average cost overruns of 200% and time overruns of 70%.

    70%

    70% of IT workers feel as though they have too much work and not enough time to do it.

    Source: MIT Sloan

    Inventory Assessment

    Lifecycle

    Refresh strategies are still based on truisms (every three years for servers, every seven years for LAN, etc.) more than risk-based approaches.

    Opportunity Cost

    Assets that were suitable to enable business goals need to be re-evaluated as those goals change.

    See Info-Tech's Manage Your Technical Debt blueprint

    an image of info-tech's Manage your technical debt.

    Key IT strategy initiatives can be categorized in three ways

    IT key initiative plan

    Initiatives collectively support the business goals and corporate initiatives, and improve the delivery of IT services.

    1. Business support
      • Support major business initiatives
      • Each corporate initiative is supported by a major IT project and each project has unique IT challenges that require IT support.
    2. IT excellence
      • Reduce risk and improve IT operational excellence
      • These projects will increase IT process maturity and will systematically improve IT.
    3. Innovation
      • Drive technology innovation
      • These projects will improve future innovation capabilities and decrease risk by increasing technology maturity.

    Info-Tech Insight

    A CIO has three roles: enable business productivity, run an effective IT shop, and drive technology innovation. Your key initiative plan must reflect these three mandates and how IT strives to fulfill them.

    IT must accomplish many things

    Manage
    the lifecycle of aging equipment against current capacity and capability demands.

    Curate
    a portfolio of enabling technologies to meet future capacity and capability demands.

    Initiate
    a realistic schedule of initiatives that supports a diverse range of business goals.

    Adapt
    to executive feedback and changing business goals.

    an image of Info-Tech's Build your strategic roadmap

    Primary and secondary infrastructure drivers

    • Primary driver – The infrastructure component that is directly responsible for enabling change in the business metric.
    • Secondary driver – The infrastructure component(s) that primary drivers rely on.

    (Source: BMC)

    Sample primary and secondary drivers

    Business metric Source(s) Primary infrastructure drivers Secondary infrastructure drivers

    Sales revenue

    Online store

    Website/Server (for digital businesses)

    • Network
    • Data center facilities

    # of new customers

    Call center

    Physical plant cabling in the call center

    • PBX/VOIP server
    • Network
    • Data center facilities

    Info-Tech Insight

    You may not be able to directly influence the primary drivers of the business, but your infrastructure can have a major impact as a secondary driver.

    Info-Tech's approach

    1. Align strategy and goals
    • Establish the scope of your IT strategy by defining IT's mission and vision statements and guiding principles.
  • Envision future and analyze constraints
    • Envision and define your future infrastructure and analyze what is holding you back.
  • Align and build the roadmap
    • Establish a risk framework, identify initiatives, and build your strategic infrastructure roadmap.
  • Communicate and improve the process
    • Communicate the results of your hard work to the right people and establish the groundwork for continual improvement of the process.
  • Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Mission and Vision Statement
    Goal Alignment (Slide 28)

    Construct your vision and mission aligned to the business.

    Mission and Vision Statement

    Strategic Infrastructure Roadmap tool

    Build initiatives and prioritize them. Build the roadmap.

    Strategic Infrastructure Roadmap tool

    Infrastructure Domain Study

    What is stealing your time from getting projects done?

    Infrastructure Domain Study

    Initiative Templates Process Maps & Strategy

    Build templates for initiates, build process map, and develop strategies.

    Initiative Templates Process Maps & Strategy

    Key Deliverable

    it infrastructure roadmap template

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Info-Tech's methodology for an infrastructure strategy and roadmap

    1. Align Strategy and Goals

    2. Envision Future and Analyze Constraints

    3. Align and Build the Roadmap

    4. Communicate and Improve the Process

    Phase steps

    1.1 Develop the infrastructure strategy

    1.2 Define the goals

    2.1 Define the future state

    2.2 Analyze constraints

    3.1 Align the roadmap

    3.2 Build the roadmap

    4.1 Identify the audience

    4.2 Improve the process

    Phase Outcomes

    • Vision statement
    • Mission statement
    • Guiding principles
    • List of goals
    • Financial spend analysis
    • Domain time study
    • Prioritized list of roadblocks
    • Future-state vision document
    • IT and business risk frameworks
    • Technical debt assessment
    • New technology analysis
    • Initiative templates
    • Initiative candidates
    • Roadmap visualization
    • Process schedule
    • Communications strategy
    • process map
    • Infrastructure roadmap report

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 0 Phase 1 Phase 2 Phase 3 Phase 4

    Call #1: Scope requirements, objectives, and your specific challenges.

    Call #2: Define mission and vision statements and guiding principles to discuss strategy scope.
    Call #3: Brainstorm goals and definition.

    Call #4: Conduct a spend analysis and a time resource study.
    Call #5: Identify roadblocks.

    Call #6: Develop a risk framework and address technical debt.
    Call #7: Identify new initiatives and SWOT analysis.
    Call #8: Visualize and identify initiatives.
    Call #9: Complete shadow IT and initiative finalization.

    Call #10: Identify your audience and communicate.
    Call #11: Improve the process.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 8 to 12 calls over the course of 4 to 6 months.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Session 0 (Pre-workshop)

    Session 1

    Session 2

    Session 3

    Session 4

    Session 5 (Post-workshop)

    Elicit business context Align Strategy and Goals Envision Future and Analyze Constraints Align and Build the Roadmap Communicate and Improve the Process Wrap-up (offsite)

    0.1 Complete recommended diagnostic programs.
    0.2 Interview key business stakeholders, as needed, to identify business context: business goals, initiatives, and the organization's mission and vision.
    0.3 (Optional) CIO to compile and prioritize IT success stories.

    1.1 Infrastructure strategy.
    1.1.1 Review/validate the business context.
    1.1.2 Construct your mission and vision statements.
    1.1.3 Elicit your guiding principles and finalize IT strategy scope.

    1.2 Business goal alignment
    1.2.1 Intake identification and analysis.
    1.2.2 Survey results analysis.
    1.2.3 Brainstorm goals.
    1.2.4 Perform goal association and analysis.

    2.1 Define the future state.
    2.1.1 Conduct an emerging technology discussion.
    2.1.2 Document desired future state.
    2.1.3 Develop a new technology identification process.
    2.1.4 Compete SWOT analysis.

    2.2 Analyze your constraints
    2.2.1 Perform a historical spend analysis.
    2.2.2 Conduct a time study.
    2.2.3 Identify roadblocks.
    .

    3.1 Align the roadmap
    3.1.1 Develop a risk framework.
    3.1.2 Evaluate technical debt.

    3.2 Build the roadmap.
    3.2.1 Build effective initiative templates.
    3.2.2 Visualize.
    3.2.3 Generate new initiatives.
    3.2.4 Repatriate shadow IT initiatives.
    3.2.5 Finalize initiative candidates.

    4.2 Identify the audience
    4.1.1 Identify required authors and target audiences.
    4.1.2 Plan the process.
    4.1.2 Identify supporters and blockers.

    4.2 Improve the process
    4.2.1 Evaluate the value of each process output.
    4.2.2 Brainstorm improvements.
    4.2.3 Set realistic measures.

    5.1 Complete in-progress deliverables from previous four days.
    5.2 Set up time to review workshop deliverables and discuss next steps.

    1. SWOT analysis of current state
    2. Goals cascade
    3. Persona analysis
    1. Vision statement, mission statement, and guiding principles
    2. List of goals
    1. Spend analysis document
    2. Domain time study
    3. Prioritized list of roadblocks
    4. Future state vision document
    1. IT and business risk frameworks
    2. Technical debt assessment
    3. New technology analysis
    4. Initiative templates
    5. Initiative candidates
    1. Roadmap visualization
    2. Process schedule
    3. Communications strategy
    4. Process map
    1. Strategic Infrastructure Roadmap Report

    Phase 1

    Align Strategy and Goals

    Phase 1

    Phase 2

    Phase 3

    Phase 4

    1.1 Infrastructure strategy

    1.2 Goal alignment

    2.1 Define your future

    2.2 Conduct constraints analysis

    3.1 Drive business alignment

    3.2. Build the roadmap

    4.1 Identify the audience

    4.2 Process improvement

    and measurements

    This phase will walk you through the following activities:

    • How to build IT mission and vision statements
    • How to elicit IT guiding principles
    • How to finalize and communicate your IT strategy scope

    This phase involves the following participants:

    • CIO
    • Senior IT Team

    Step 1.1

    Develop the Infrastructure Strategy

    Activities

    1.1.1 Review/validate the business context

    1.1.2 Construct your mission and vision statements

    1.1.3 Elicit your guiding principles and finalize IT strategy scope

    This step requires the following inputs:

    • Business Mission Statement
    • Business Vision Statement
    • Business Goals

    This step involves the following participants:

    • Roadmap team

    Outcomes of this step

    • IT mission statement
    • IT vision statement
    • Guiding principles

    To complete this phase, you will need:

    Infrastructure Strategy and Roadmap Report Template

    Infrastructure Strategy and Roadmap Report Template

    Use the IT Infrastructure Strategy and Roadmap Report Template to document the results from the following activities:

    • Mission and Vision Statements
    • Business impact
    • Roadmap

    IT must aim to support the organization's mission and vision

    A mission statement

    • Focuses on today and what an organization does to achieve the mission.
    • Drives the company.
    • Answers: What do we do? Who do we serve? How do we service them?

    "A mission statement focuses on the purpose of the brand; the vision statement looks to the fulfillment of that purpose."

    A vision statement

    • Focuses on tomorrow and what an organization ultimately wants to become.
    • Gives the company direction.
    • Answers: What problems are we solving? Who and what are we changing?

    "A vision statement provides a concrete way for stakeholders, especially employees, to understand the meaning and purpose of your business. However, unlike a mission statement – which describes the who, what, and why of your business – a vision statement describes the desired long-term results of your company's efforts."
    Source: Business News Daily, 2020

    Characteristics of mission and vision statements

    A strong mission statement has the following characteristics:

    • Articulates the IT function's purpose and reason for existence.
    • Describes what the IT function does to achieve its vision.
    • Defines the customers of the IT function.
    • Is:
      • Compelling
      • Easy to grasp
      • Sharply focused
      • Concise

    A strong vision statement has the following characteristics:

    • Describes a desired future achievement.
    • Focuses on ends, not means.
    • Communicates promise.
    • Is:
      • Concise; no unnecessary words
      • Compelling
      • Achievable
      • Measurable

    Derive the IT mission and vision statements from the business

    Begin the process by identifying and locating the business mission and vision statements.

    • Corporate websites
    • Business strategy documents
    • Business executives

    Ensure there is alignment between the business and IT statements.

    Note: Mission statements may remain the same unless the IT department's mandate is changing.

    an image showing Business mission, IT mission, Business Vision, and IT Vison.

    1.1.2 Construct mission and vision statements

    1 hour

    Objective: Help teams define their purpose (why they exist) to build a mission statement (if one doesn't already exist).

    Step 1:

    1. Gather the IT strategy creation team and revisit your business context inputs, specifically the corporate mission statement.
    2. Begin by asking the participants:
        1. What is our job as a team?
        2. What's our goal? How do we align IT to our corporate mission?
        3. What benefit are we bringing to the company and the world?
      1. Ask them to share general thoughts in a check-in.

    Step 2:

    1. Share some examples of IT mission statements.
    2. Example: IT provides innovative product solutions and leadership that drives growth and
      success.
    3. Provide each participant with some time to write their own version of an IT mission statement.

    Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.

    Input

    • Business vision statement
    • Business mission statement

    Output

    • IT mission statement
    • IT vision statement

    Materials

    • Sticky notes
    • Markers
    • Whiteboard
    • Paper
    • Collaboration/brain-storming tool (whiteboard, flip chart, digital equivalent)

    Participants

    • CIO
    • Senior IT Team

    1.1.2 Construct mission and vision statements (cont'd)

    1 hour

    Objective: Help teams define their purpose (why they exist) to build a mission statement (if one doesn't already exist).

    Step 3:

    This step involves reviewing individual mission statements, combining them, and building one collective mission statement for the team.

    1. Consider the following approach to build a unified mission statement:

    Use the 20x20 rule for group decision-making. Give the group no more than 20 minutes to craft a collective team purpose with no more than 20 words.

    1. As a facilitator, provide guidelines on how to write for the intended audience. Business stakeholders need business language.
    2. Refer to the corporate mission statement periodically and ensure there is alignment.
    3. Document your final mission statement in your ITRG Infrastructure Strategy and Roadmap Report Template.

    Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.

    Input

    • Business vision statement
    • Business mission statement

    Output

    • IT mission statement
    • IT vision statement

    Materials

    • Sticky notes
    • Markers
    • Whiteboard
    • Paper
    • Collaboration/brain-storming tool (whiteboard, flip chart, digital equivalent)

    Participants

    • CIO
    • Senior IT Team

    1.1.2 Construct mission and vision statements (cont'd)

    1 hour

    Objective: Help teams define their purpose (why they exist) to build a mission statement (if one doesn't already exist).

    Step 4:

    1. Gather the IT strategy creation team and revisit your business context inputs, specifically the corporate vision statement.
    2. Share one or more examples of vision statements.
    3. Provide participants with sticky notes and writing materials and ask them to work individually for this step.
    4. Ask participants to brainstorm:
      1. What is the desired future state of the IT organization?
      2. How should we work to attain the desired state?
      3. How do we want IT to be perceived in the desired state?
    5. Provide participants with guidelines to build descriptive, compelling, and achievable statements regarding their desired future state.
    6. Regroup as a team and review participant answers.

    Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.

    Input

    • Business vision statement
    • Business mission statement

    Output

    • IT mission statement
    • IT vision statement

    Materials

    • Sticky notes
    • Markers
    • Whiteboard
    • Paper
    • Collaboration/brain-storming tool (whiteboard, flip chart, digital equivalent)

    Participants

    • CIO
    • Senior IT Team

    1.1.2 Construct mission and vision statements (cont'd)

    1 hour

    Objective: Help teams define their purpose (why they exist) to build a mission statement (if one doesn't already exist).

    Step 5:

    1. Ask the team to post their notes on the wall.
    2. Have the team group the words that have a similar meaning or feeling behind them; this will create themes.
    3. When the group is done categorizing the statements into themes, ask if there's anything missing. Did they ensure alignment to the corporate vision statement? Are there any elements missing when considering alignment back to the corporate vision statement?

    Step 6:

    1. Consider each category as a component of your vision statement.
    2. Review each category with participants; define what the behavior looks like when it is being met and what it looks like when it isn't.
    3. As a facilitator, provide guidelines on word-smithing and finessing the language.
    4. Refer to the corporate vision statement periodically and ensure there is alignment.
    5. Document your final mission statement in your IT Strategy Presentation Template.

    Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.

    Input

    • Business vision statement
    • Business mission statement

    Output

    • IT mission statement
    • IT vision statement

    Materials

    • Sticky notes
    • Markers
    • Whiteboard
    • Paper
    • Collaboration/brain-storming tool (whiteboard, flip chart, digital equivalent)

    Participants

    • CIO
    • Senior IT Team

    1.1.2 Construct mission and vision statements (cont'd)

    Tips for online facilitation:

    • Pick an online whiteboard tool that allows participants to use a large, zoomable canvas.
    • Set up each topic at a different area of the board; spread them out just like you would do on the walls of a room.
    • Invite participants to zoom in and visit each section and add their ideas as sticky notes once you reach that section of the exercise.
    • If you're not using an online whiteboard, we'd recommend using a collaboration tool such as Google Docs or Teams Whiteboard to collect the information for each step under a separate heading. Invite everyone into the document but be very clear regarding editing rights.
    • Pre-create your screen deck and screen share this with your participants through your videoconferencing software. We'd also recommend sharing this so participants can go through the deck again during the reflection steps.
    • When facilitating group discussion, we'd recommend that participants use non-verbal means to indicate they'd like to speak. You can use tools like Teams' hand-raising tool, a reaction emoji, or have people put their hands up. The facilitator can then invite that person to talk.

    Source: Hyper Island

    Input

    • Business vision statement
    • Business mission statement

    Output

    • IT mission statement
    • IT vision statement

    Materials

    • Sticky notes
    • Markers
    • Whiteboard
    • Paper
    • Collaboration/brainstorming tool (whiteboard, flip chart, digital equivalent)

    Participants

    • CIO
    • Senior IT Team

    IT mission statements demonstrate IT's purpose

    The IT mission statement specifies the function's purpose or reason for being. The mission should guide each day's activities and decisions. The mission statements use simple and concise terminology and speak loudly and clearly, generating enthusiasm for the organization.

    Strong IT mission statements have the following characteristics:

    • Articulate the IT function's purpose and reason for existence
    • Describe what the IT function does to achieve its vision
    • Define the customers of the IT function
    • Are:
      • Compelling
      • Easy to grasp
      • Sharply focused
      • Inspirational
      • Memorable
      • Concise

    Sample IT Mission Statements:

    • To provide infrastructure, support, and innovation in the delivery of secure, enterprise-grade information technology products and services that enable and empower the workforce at [Company Name].
    • To help fulfill organizational goals, the IT department is committed to empowering business stakeholders with technology and services that facilitate effective processes, collaboration, and communication.
    • The mission of the information technology (IT) department is to build a solid, comprehensive technology infrastructure; to maintain an efficient, effective operations environment; and to deliver high-quality, timely services that support the business goals and objectives of ABC Inc.
    • The IT department has operational, strategic, and fiscal responsibility for the innovation, implementation, and advancement of technology at ABC Inc. in three main areas: network administration and end-user support, instructional services, and information systems. The IT department provides leadership in long-range planning, implementation, and maintenance of information technology across the organization.
    • The IT group is customer-centered and driven by its commitment to management and staff. It oversees services in computing, telecommunications, networking, administrative computing, and technology training.

    Sample mission statements (cont'd)

    • To collaborate and empower our stakeholders through an engaged team and operational agility and deliver innovative technology and services.
    • To empower our stakeholders with innovative technology and services, through collaboration and agility.
    • To collaborate and empower our stakeholder, by delivering innovative technology and services, with an engaged team and operational agility.
    • To partner with departments and be technology leaders that will deliver innovative, secure, efficient, and cost-effective services for our citizens.
    • As a client-centric strategic partner, provide excellence in IM and IT services through flexible business solutions for achieving positive user experience and satisfaction.
    • Develop a high-performing global team that will plan and build a scalable, stable operating environment.
    • Through communication and collaboration, empower stakeholders with innovative technology and services.
    • Build a robust portfolio of technology services and solutions, enabling science-lead and business-driven success.
    • Guided by value-driven decision making, high-performing teams and trusted partners deliver and continually improve secure, reliable, scalable, and reusable services that exceed customer expectations.
    • Engage the business to grow capabilities and securely deliver efficient services to our users and clients.
    • Engage the business to securely deliver efficient services and grow capabilities for our users and clients.

    IT vision statements demonstrate what the IT organization aspires to be

    The IT vision statement communicates a desired future state of the IT organization. The statement is expressed in the present tense. It seeks to articulate the desired role of IT and how IT will be perceived.

    Strong IT vision statements have the following characteristics:

    • Describe a desired future
    • Focus on ends, not means
    • Communicate promise
    • Are:
      • Concise; no unnecessary words
      • Compelling
      • Achievable
      • Inspirational
      • Memorable

    Sample IT vision statements:

    • To be a trusted advisor and partner in enabling business innovation and growth through an engaged IT workforce.
    • The IT organization will strive to become a world-class value center that is a catalyst for innovation.
    • IT is a cohesive, proactive, and disciplined team that delivers innovative technology solutions while demonstrating a strong customer-oriented mindset.
    • Develop and maintain IT and an IT support environment that is secure, stable, and reliable within a dynamic environment.

    Sample vision statements (cont'd)

    • Alignment: To ensure that the IT organizational model and all related operational services and duties are properly aligned with all underlying business goals and objectives. Alignment reflects an IT operation "that makes sense," considering the business served, its interests and its operational imperatives.
    • Engagement: To ensure that all IT vision stakeholders are fully engaged in technology-related planning and the operational parameters of the IT service portfolio. IT stakeholders include the IT performing organization (IT Department), company executives and end-users.
    • Best Practices: To ensure that IT operates in a standardized fashion, relying on practical management standards and strategies properly sized to technology needs and organizational capabilities.
    • Commitment to Customer Service: To ensure that IT services are provided in a timely, high-quality manner, designed to fill the operational needs of the front-line end-users, working within the boundaries established by business interests and technology best practices.

    Quoted From ITtoolkit, 2020

    Case Study

    Acme Corp. was able to construct its IT mission and vison statements by aligning to its corporate mission and vision.

    INDUSTRY: Professional Services
    COMPANY: This case study is based on a real company but was anonymized for use in this research.

    Business

    IT

    Mission

    Vision

    Mission

    Vision

    We help IT leaders achieve measurable results by systematically improving core IT processes, governance, and critical technology projects.

    Acme Corp. will grow to become the largest research firm across the industry by providing unprecedented value to our clients.

    IT provides innovative product solutions and leadership that drives growth and success.

    We will relentlessly drive value to our customers through unprecedented innovation.

    IT guiding principles set the boundaries for your strategy

    Strategic guiding principles advise the IT organization on the boundaries of the strategy.

    Guiding principles are a priori decisions that limit the scope of strategic thinking to what is acceptable organizationally, from budgetary, people, and partnership standpoints. Guiding principles can cover other dimensions, as well.

    Organizational stakeholders are more likely to follow IT principles when a rationale is provided.

    After defining the set of IT principles, ensure that they are all expanded upon with a rationale. The rationale ensures principles are more likely to be followed because they communicate why the principles are important and how they are to be used. Develop the rationale for each IT principle your organization has chosen.

    IT guiding principles = IT strategy boundaries

    Consider these four components when brainstorming guiding principles

    Breadth

    of the IT strategy can span across the eight perspectives: people, process, technology, data, process, sourcing, location, and timing.

    Defining which of the eight perspectives is in scope for the IT strategy is crucial to ensuring the IT strategy will be comprehensive, relevant, and actionable.

    Depth

    of coverage refers to the level of detail the IT strategy will go into for each perspective. Info-Tech recommends that depth should go to the initiative level (i.e. individual projects).

    Organizational coverage

    will determine which part of the organization the IT strategy will cover.

    Planning horizon

    of the IT strategy will dictate when the target state should be reached and the length of the roadmap.

    Consider these criteria when brainstorming guiding principle statements

    Approach focused IT principles are focused on the approach, i.e. how the organization is built, transformed, and operated, as opposed to what needs to be built, which is defined by both functional and non-functional requirements.
    Business relevant Create IT principles that are specific to the organization. Tie IT principles to the organization's priorities and strategic aspirations.
    Long lasting Build IT principles that will withstand the test of time.
    Prescriptive Inform and direct decision-making with IT principles that are actionable. Avoid truisms, general statements, and observations.
    Verifiable If compliance can't be verified, the principle is less likely to be followed.
    Easily digestible IT principles must be clearly understood by everyone in IT and by business stakeholders. IT principles aren't a secret manuscript of the IT team. IT principles should be succinct; wordy principles are hard to understand and remember.
    Followed

    Successful IT principles represent a collection of beliefs shared among enterprise stakeholders. IT principles must be continuously reinforced to all stakeholders to achieve and maintain buy-in.

    In organizations where formal policy enforcement works well, IT principles should be enforced through appropriate governance processes.

    Review ten universal IT principles to determine if your organization wishes to adopt them

    IT principle name

    IT principle statement

    1. Enterprise value focus We aim to provide maximum long-term benefits to the enterprise as a whole while optimizing total costs of ownership and risks.
    2. Fit for purpose We maintain capability levels and create solutions that are fit for purpose without over engineering them.
    3. Simplicity We choose the simplest solutions and aim to reduce operational complexity of the enterprise.
    4. Reuse > buy > build We maximize reuse of existing assets. If we can't reuse, we procure externally. As a last resort, we build custom solutions.
    5. Managed data We handle data creation, modification, and use enterprise-wide in compliance with our data governance policy.
    6. Controlled technical diversity We control the variety of technology platforms we use.
    7. Managed security We manage security enterprise-wide in compliance with our security governance policy.
    8. Compliance to laws and regulations We operate in compliance with all applicable laws and regulations.
    9. Innovation We seek innovative ways to use technology for business advantage.
    10. Customer centricity We deliver best experiences to our customers with our services and products.

    1.1.3 Elicit guiding principles

    1 hour

    Objective: Generate ideas for guiding principle statements with silent sticky note writing.

    1. Gather the IT strategy creation team and revisit your mission and vision statements.
    2. Ask the group to brainstorm answers individually, silently writing their ideas on separate sticky notes. Provide the brainstorming criteria from the previous slide to all team members. Allow the team to put items on separate notes that can later be shuffled and sorted as distinct thoughts.
    3. After a set amount of time, ask the members of the group to stick their notes to the whiteboard and quickly present them. Categorize all ideas into four major buckets: breadth, depth, organizational coverage, and planning horizon. Ideally, you want one guiding principle to describe each of the four components.
    4. If there are missing guiding principles in any category or anyone's items inspire others to write more, they can stick those up on the wall too, after everyone has presented.
    5. Discuss and finalize your IT guiding principles.
    6. Document your guiding principles in the IT Strategy Presentation Template in Section 1.

    Source: Hyper Island

    Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.

    Input

    • Four components for eliciting guiding principles
    • Mission and vision statements

    Output

    • IT guiding principles
    • IT strategy scope

    Materials

    • Sticky notes
    • Whiteboard
    • Paper
    • Collaboration/brain-storming tool (whiteboard, flip chart, digital equivalent)

    Participants

    • CIO
    • Senior IT Team

    Guiding principle examples

    • Alignment: Our IT decisions will align with [our organization's] strategic plan.
    • Resources: We will allocate cyber-infrastructure resources based on providing the greatest value and benefit for [the community].
    • User Focus: User needs will be a key component in all IT decisions.
    • Collaboration: We will work within and across organizational structures to meet strategic goals and identify opportunities for innovation and improvement.
    • Transparency: We will be transparent in our decision making and resource use.
    • Innovation: We will value innovative and creative thinking.
    • Data Stewardship: We will provide a secure but accessible data environment.
    • IT Knowledge and Skills: We will value technology skills development for the IT community.
    • Drive reduced costs and improved services
    • Deploy packaged apps – do not develop – retain business process knowledge expertise – reduce apps portfolio
    • Standardize/Consolidate infrastructure with key partners
    • Use what we sell, and help sell
    • Drive high-availability goals: No blunders
    • Ensure hardened security and disaster recovery
    • Broaden skills (hard and soft) across the workforce
    • Improve business alignment and IT governance

    Quoted From: Office of Information Technology, 2014; Future of CIO, 2013

    Case Study

    Acme Corp. elicited guiding principles that set the scope of its IT strategy for FY21.

    INDUSTRY: Professional Services
    COMPANY: Acme Corp.

    The following guiding principles define the values that drive IT's strategy in FY23 and provide the criteria for our 12-month planning horizon.

    • We will focus on big-ticket items during the next 12 months.
    • We will keep the budget within 5%+/- YOY.
    • We will insource over outsource.
    • We will develop a cloud-first technology stack.

    Finalize your IT strategy scope

    Your mission and vision statements and your guiding principles should be the first things you communicate on your IT strategy document.

    Why is this important?

    • Communicating these elements shows how IT supports the corporate direction.
    • The vision and mission statements will clearly articulate IT's aspirations and purpose.
    • The guiding principles will clearly articulate how IT plans to support the business strategically.
    • These elements set expectations with stakeholders for the rest of your strategy.

    Input information into the IT Strategy Presentation Template.

    an image showing the IT Strategy Scope.

    Summary of Accomplishment

    Established the scope of your IT strategy

    • Constructed the IT mission statement to communicate the IT organization's reason for being.
    • Constructed the IT vision statement to communicate the desired future state of the IT organization.
    • Elicited IT's guiding principles to communicate the overall scope and time horizon for the strategy.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Step 1.2

    Business Goal Alignment

    Activities

    1.2.1 Intake identification and analysis

    1.2.2 Survey results analysis

    1.2.3 Goal brainstorming

    1.2.4 Goal association and analysis

    This step requires the following inputs:

    • Last year's accomplished project list
    • Business unit input source list
    • Goal list
    • In-flight initiatives list

    This step involves the following participants:

    • Business leadership
    • Project Management Office
    • Service Desk
    • Business Relationship Management
    • Solution or Enterprise Architecture
    • Roadmap team

    Outcomes of this step

    • Intake analysis
    • Goal list
    • Initiative-to-goal map

    Identify who is expecting what from the infrastructure

    "Typically, IT thinks in an IT first, business second, way: 'I have a list of problems and if I solve them, the business will benefit.' This is the wrong way of thinking. The business needs to be thought of first, then IT."

    – Fred Chagnon, Infrastructure Director,
    Info-Tech Research Group

    Info-Tech Insight

    If you're not soliciting input from or delivering on the needs of the various departments in your company, then who is? Be explicit and track how you communicate with each individual unit within your company.

    Mature project portfolio management and enterprise architecture practices are no substitute for understanding your business clientele.

    It may not be a democracy, but listening to everyone's voice is an essential step toward generating a useful roadmap.

    Building good infrastructure requires an understanding of how it will be used. Explicit consultation with stakeholders maximizes a roadmap's usefulness and holds the enterprise accountable in future roadmap iterations as goals change.

    Who are the customers for infrastructure?

    Internal customer examples:

    • Network Operations manager
    • IT Systems manager
    • Webmaster
    • Security manager

    External customer examples:

    • Director of Sales
    • Operations manager
    • Applications manager
    • Clients
    • Partners and consultants
    • Regulators/government

    1.2.1 Intake identification and analysis

    1 hour

    The humble checklist is the single most effective tool to ensure we don't forget someone or something:

    1. Have everyone write down their top five completed projects from last year – one project per sticky note.
    2. Organize everyone's sticky notes on a whiteboard according to input source – did these projects come from the PMO? Directly from a BRM? Service request? VP or LoB management?
    3. Make a MECE list of these sources on the left-hand side of a whiteboard.
    4. On the right-hand side list all the departments or functional business units within the company.
    5. Draw lines from right to left indicating which business units use which input source to request work.
    6. Optional: Rate the efficacy of each input channel – what is the success rate of projects per channel in terms of time, budget, and functionality?

    Discussion:

    1. How clearly do projects and initiatives arrive at infrastructure to be acted on? Do they follow the predictable formal process with all the needed information or is it more ad hoc?
    2. Can we validate that business units are using the correct input channel to request the appropriate work? Does infrastructure have to spend more time validating the requests of any one channel?
    3. Can we identify business units that are underserved? How about overserved? Infrastructure initiatives tend to be near universal in effect – are we forgetting anyone?
    4. Are all these methods passive (order taking), or is there a process for infrastructure to suggest an initiative or project?

    Input

    • Last year's accomplished project list

    Output

    • Work requested workflow and map

    Materials

    • Sticky notes
    • Whiteboard & markers

    Participants

    • Roadmap team

    Case Study

    Building IT governance and digital infrastructure for tech-enabled student experiences

    INDUSTRY: Education
    COMPANY: Collegis Education

    Challenge

    In 2019, Saint Francis University decided to expand its online program offering to reach students outside of its market.

    It had to first transform its operations to deliver a high-quality, technology-enabled student experience on and off campus. The remote location of the campus posed power outages, Wi-Fi issues, and challenges in attracting and retaining the right staff to help the university achieve its goals.

    It began working with an IT consulting firm to build a long-term strategic roadmap.

    Solution

    The consultant designed a strategic multi-year roadmap for digital transformation that would prioritize developing infrastructure to immediately improve the student experience and ultimately enable the university to scale its online programs. The consultant worked with school leadership to establish a virtual CIO to oversee the IT department's strategy and operations. The virtual CIO quickly became a key advisor to the president and board, identifying gaps between technology initiatives and enrollment and revenue targets. St. Francis staff also transitioned to the consultant's technology team, allowing the university to alleviate its talent acquisition and retention challenges.

    Results

    • $200,000 in funds reallocated to help with upgrades due to streamlined technology infrastructure
    • Updated card access system for campus staff and students
    • Active directory implementation for a secure and strong authentication technology
    • An uninterruptible power supply (UPS) backup is installed to ensure power continues in the event of a power outage
    • Upgrade to a reliable, campus-wide Wi-Fi network
    • Behind-the-scenes upgrades like state-of-the-art data centers to stabilize aging technology for greater reliability

    Track your annual activity by business unit – not by input source

    A simple graph showing the breakdown of projects by business unit is an excellent visualization of who is getting the most from infrastructure services.

    Show everyone in the organization that the best way to get anything done is by availing themselves of the roadmap process.

    An image of two bar graphs, # of initiatives requested
by customer; # of initiatives proposed to customer.

    Enable technology staff to engage in business storytelling by documenting known goals in a framework

    Without a goal framework

    Technology-focused IT staff are notoriously disconnected from the business process and are therefore often unable to explain the outcomes of their projects in terms that are meaningful to the business.

    With a goal framework

    When business, IT, and infrastructure goals are aligned, the business story writes itself as you follow the path of cascading goals upward.

    Info-Tech Best Practice

    So many organizations we speak with don't have goals written down. This rarely means that the goals aren't known, rather that they're not clearly communicated.

    When goals aren't clear, personal agendas can take precedence. This is what often leads to the disconnect between what the business wants and what IT is delivering.

    1.2.2 Survey and results analysis

    1 hour

    Infrastructure succeeds by effectively scaling shared resources for the common good. Sometimes that is a matter of aggregating similarities, sometimes by recognizing where specialization is required.

    1. Have every business unit provide their top three to five current goals or objectives for their department. Emphasize that you are requesting their operational objectives, not just the ones they think IT may be able to help them with.
    2. Put each goal on a sticky note (optional: use a unique sticky note or marker color for each department) and place them on a whiteboard.
    3. Group the sticky notes according to common themes.
    4. Rank each grouping according to number of occurrences.

    Discussion:

    1. This is very democratic. Do certain departments' goals carry more weight more than others?
    2. What is the current business prioritization process? Do the results of our activity match with the current published output of this process?
    3. Consider each business goal in the context of infrastructure activity or technology feature or capability. As infrastructure is a lift function existing only to serve the business, it is important to understand our world in context.

    Examples: The VP of Operations is looking to reduce office rental costs over the next three years. The VP of Sales is focused on increasing the number of face-to-face customer interactions. Both can potentially be served by IT activities and technologies that increase mobility.

    Input

    • Business unit input source list

    Output

    • Prioritized list of business goals

    Materials

    • Sticky notes
    • Whiteboard & markers

    Participants

    • Roadmap team

    1.2.3 Goal brainstorming – Affinity diagramming exercise

    1 hour

    Clarify how well you understand what the business wants.

    1. Ask each participant to consider: "What are the top three priorities of the company [this period]?" They should consider not what they think the priorities should be, but their understanding of what business leadership's priorities actually are.
    2. Have each participant write down their three priorities on sticky notes – one per note.
    3. Select a moderator from the group – not the infrastructure leader or the CIO. The moderator will begin by placing (and explaining) their sticky notes on the whiteboard.
    4. Have each participant place and explain their sticky notes on the whiteboard.
    5. The moderator will assist each participant in grouping sticky notes together based on theme.
    6. Groups that become overly large may be broken into smaller, more precise themes.
    7. Once everyone has placed their sticky notes, and the groups have been arranged and rearranged, you should have a visual representation of infrastructure's understanding of the business' priorities.
    8. Let the infrastructure leader and/or CIO place their sticky notes last.

    Discussion:

    Is there a lot of agreement within the group? What does it mean if there are 10 or 15 groups with equal numbers of sticky notes? What does it mean if there are a few top groups and dozens of small outliers?

    How does the group's understanding compare with that of the Director and/or CIO?

    What mechanisms are in place for the business to communicate their goals to infrastructure? Are they effective? Does the team take the time to reimagine those goals and internalize them?

    What does it mean if infrastructure's understanding differs from the business?

    Input

    • Business unit input source list

    Output

    • Prioritized list of business goals

    Materials

    • Sticky notes
    • Whiteboard & markers

    Participants

    • Roadmap team

    Additional Activity

    Now that infrastructure has a consensus on what it thinks the business' goals are, suggest a meeting with leadership to validate this understanding. Once the first picture is drawn, a 30-minute meeting can help clear up any misconceptions.

    Build your own framework or start with these three root value drivers

    With a framework of cascading goals in place, a roadmap is a Rosetta Stone. Being able to map activities back to governance objectives allows you to demonstrate value regardless of the audience you are addressing.

    An image of the framework for developing a roadmap using three root value drivers.

    (Info-Tech, Build a Business-Aligned IT Strategy 2022)

    1.2.4 Goal association exercise and analysis

    1 hour

    Wherever possible use the language of your customers to avoid confusion, but at least ensure that everyone in infrastructure is using a common language.

    1. Take your business strategy or IT strategy or survey response (Activity 1.2.3) or Info-Tech's fundamental goals list (strategic agility, improved cash flow, innovate product, safety, standardize end-user experience) and write them across the top of a whiteboard.
    2. Have everyone write, on a sticky note, their current in-flight initiatives – one per sticky note.
    3. Have each participant then place each of their sticky notes on the whiteboard and draw a line from the initiative to the goal it supports.
    4. The rest of the group should challenge any relationships that seem unsupported or questionable.

    Discussion:

    1. How many goals are you supporting? Are there too many? Are you doing enough to support the right goals?
    2. Is there a shared understanding of the business goals among the infrastructure staff? Or, do questions about meaning keep coming up?
    3. Do you have initiatives that are difficult to express in terms of business goals? Do you have a lot of them or just a few?

    Input

    • Goal list
    • In-flight initiatives list

    Output

    • Initiatives-to-goals map

    Materials

    • Whiteboard & markers

    Participants

    • Roadmap team

    Summary of Accomplishment

    Review performance from last fiscal year.

    • Analyzed and communicated the benefits and value realized from IT's strategic initiatives in the past fiscal year.
    • Analyzed and prioritized diagnostic data insights to communicate IT success stories.
    • Elicited important retrospective information such as KPIs, financials, etc. to build IT's credibility as a strategic business partner.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Phase 2

    Envision Future and Analyze Constraints

    Phase 1

    Phase 2

    Phase 3

    Phase 4

    1.1 Infrastructure strategy

    1.2 Goal alignment

    2.1 Define your future

    2.2 Conduct constraints analysis

    3.1 Drive business alignment

    3.2. Build the roadmap

    4.1 Identify the audience

    4.2 Process improvement

    and measurements

    This phase will walk you through the following activities:

    • Determine from a greenfield perspective what the future state looks like.
    • Do SWOT analysis on technology you may plan to use in the future.
    • Complete a time study.

    This phase involves the following participants:

    • Roadmap team

    Step 2.1

    Define the future state

    Activities

    2.1.1 Define your future infrastructure vision

    2.1.2 Document desired future state

    2.1.3 Develop a new technology identification process

    2.1.4 Conduct a SWOT analysis

    This step requires the following inputs:

    • Emerging technology interest

    This step involves the following participants:

    • Roadmap team
    • External SMEs

    Outcomes of this step

    • Technology discovery process
    • Technology assessment process
    • Future state vision document

    Future state discussion

    "Very few of us are lucky enough to be one of the first few employees in a new organization. Those of you who get to plan the infrastructure with a blank slate and can focus all of your efforts on doing things right the first time."

    BMC, 2018

    "A company's future state is ultimately defined as the greater vision for the business. It's where you want to be, your long-term goal in terms of the ever-changing state of technology and how that applies to your present-day business."
    "Without a definitive future state, a company will often find themselves lacking direction, making it harder to make pivotal decisions, causing misalignment amongst executives, and ultimately hindering the progression and growth of a company's mission."
    Source: Third Stage Consulting

    "When working with digital technologies, it is imperative to consider how such technologies can enhance the solution. The future state should communicate the vision of how digital technologies will enhance the solutions, deliver value, and enable further development toward even greater value creation."
    Source: F. Milani

    Info-Tech Insight

    Define your infrastructure roadmap as if you had a blank slate – no constraints, no technical debt, and no financial limitations. Imagine your future infrastructure and let that vision drive your roadmap.

    Expertise is not innate; it requires effort and research

    Evaluating new enterprise technology is a process of defining it, analyzing it, and sourcing it.

    • Understand what a technology is in order to have a common frame of reference for discussion. Just as important, understand what it is not.
    • Conduct an internal and external analysis of the technology including an adoption case study.
    • Provide an overview of the vendor landscape, identifying the leading players in the market and how they differentiate their offerings.

    This is not intended to be a thesis grade research project, nor an onerous duty. Most infrastructure practitioners came to the field because of an innate excitement about technology! Harness that excitement and give them four to eight hours to indulge themselves.

    An output of approximately four slides per technology candidate should be sufficient to decided if moving to PoC or pilot is warranted.

    Including this material in the roadmap helps you control the technology conversation with your audience.

    Info-Tech Best Practices

    Don't start from scratch. Recall the original sources from your technology watchlist. Leverage vendors and analyst firms (such as Info-Tech) to give the broad context, letting you focus instead on the specifics relevant to your business.

    Channel emerging technologies to ensure the rising tide floats all boats rather than capsizing your business

    Adopting the wrong new technology can be even more dangerous than failing to adopt any new technology.

    Implementing every new promising technology would cost prodigious amounts of money and time. Know the costs before choosing what to invest in.

    The risk of a new technology failing is acceptable. The risk of that failure disrupting adjacent core functions is unacceptable. Vet potential technologies to ensure they can be safely integrated.

    Best practices for new technologies are nonexistent, standards are in flux, and use cases are fuzzy. Be aware of the unforeseen that will negatively affect your chances of a successful implementation.

    "Like early pioneers crossing the American plains, first movers have to create their own wagon trails, but later movers can follow in the ruts."
    Harper Business, 2014

    Info-Tech Insight

    The right technology for someone else can easily be the wrong technology for your business.

    Even with a mature Enterprise Architecture practice, wrong technology bets can happen. Minimize the chance of this occurrence by making selection an infrastructure-wide activity. Leverage the practical knowledge of the day-to-day operators.

    First Mover

    47% failure rate

    Fast Follower

    8% failure rate

    2.1.1 Create your future infrastructure vision

    1 hour

    Objective: Help teams define their future infrastructure state (assuming zero constraints or limitations).

    1. Ask each participant to ponder the question: "How would the infrastructure look if there were no limitations?" They should consider all aspects of their infrastructure but keep in mind the infrastructure vision and mission statements from phase one, as well as the business goals.
    2. Have each participant write down their ideas on sticky notes – one per note.
    3. Select a moderator and a scribe from the group – not the infrastructure leader or the CIO. The moderator will begin by placing (and explaining) their sticky notes on the whiteboard. The scribe will summarize the results in short statements at the end.
    4. Have each participant place and explain their sticky notes on the whiteboard.
    5. The moderator will assist each participant in grouping sticky notes together based on theme.
    6. Once everyone has placed their sticky notes and groups have been arranged and rearranged, you should have a visual representation of infrastructure's understanding of the business' priorities.
    7. Let the infrastructure leader and/or CIO place their sticky notes last.

    Discussion:

    1. Assume a blank slate as a starting point. No technical debt or financial constraints; nothing holding you back.
    2. Can SaaS, PaaS, or other cloud-based offerings play a role in this future utopia?
    3. Do vendors play a larger or smaller role in your future infrastructure vision?

    Download the IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.

    Input

    • Thoughts and ideas about how the future infrastructure should look.

    Output

    • Future state vision

    Materials

    • Sticky notes
    • Whiteboard & markers

    Participants

    • Roadmap team

    2.1.1 Document your future state vision (cont'd)

    Objective: Help teams define their future infrastructure state (assuming zero constraints or limitations).

    1 hour

    Steps:

    1. The scribe will take the groups of suggestions and summarize them in a statement or two, briefly describing the infrastructure in that group.
    2. The statements should be recorded on Tab 2 of the Infrastructure Strategy and Roadmap Tool.

    Discussion:

    • Should the points be listed in any specific order?
    • Include all suggestions in the summary. Remember this is a blank slate with no constraints, and no idea is higher or lower in weight at this stage.
    Infrastructure Future State Vision
    Item Focus Area Future Vision
    1 Email Residing on Microsoft 365
    2 Servers Hosted in cloud - nothing on prem.
    3 Endpoints virtual desktops on Microsoft Azure
    4 Endpoint hardware Chromebooks
    5 Network internet only
    6 Backups cloud based but stored in multiple cloud services
    7

    Download Info-Tech's Infrastructure Strategy and Roadmap Tool and document your future state vision in the Infrastructure Future State tab.

    Input

    • Thoughts and ideas about how the future infrastructure should look.

    Output

    • Future state vision

    Materials

    • Sticky notes
    • Whiteboard & markers

    Participants

    • Roadmap team

    2.1.2 Identification and association exercise

    1 hour

    Formalize what is likely an ad hoc process.

    1. Brainstorm with the group a list of external sources they are currently using to stay abreast of the market.
    2. Organize this list on the left-hand side of a whiteboard, in vendor and vendor-neutral groups.
      1. For each item in the list ask a series of questions:
      2. Is this a push or pull source?
      3. Is this source suited to individual or group consumption?
      4. What is the frequency of this source?
    3. What is the cost of this source to the company?
    4. On the right-hand side of the whiteboard brainstorm a list of internal mechanisms for sharing new technology information. Ask about the audience, distribution mode, and frequency for each of those mechanisms.
    5. Map which of the external sources make it over to internal distribution.

    Discussion:

    1. Are we getting the most value out of our high-cost conferences? Does that information make it from the attendees to the rest of the team?
    2. Do we share information only within our domains? Or across the whole infrastructure practice?
    3. Do we have sufficient diversity of sources? Are we in danger of believing one vendor's particular market interpretation?
    4. How do we select new technologies to explore further? Make it fun – upvotes, for example.

    Input

    • Team knowledge
    • Conference notes
    • Expense reports

    Output

    • Internal socialization process
    • Tech briefings & repository

    Materials

    • Whiteboard & markers

    Participants

    • Roadmap team

    Info-Tech Best Practices

    It is impractical for everyone to present their tech briefing at the monthly meeting. But you want to avoid a one-to-many exercise. Keep the presenter a secret until called on. Those who do not present live can still contribute their material to the technology watchlist database.

    Analyze new technologies for your future state

    Four to eight hours of research per technology can uncover a wealth of relevant information and prepare the infrastructure team for a robust discussion. Key research elements include:

    • Précis: A single page or slide that describes the technology, outlines some of the vendors, and explores the value proposition.
    • SWOT Analysis:
      • Strengths and weaknesses: What does the technology inherently do well (e.g. lots of features) and what does it do poorly (e.g. steep learning curve)?
      • Opportunities and threats: What capabilities can the technology enable (e.g. build PCs faster, remote sensing)? Why would we not want to exploit this technology (e.g. market volatility, M&As)

    a series of four screenshots from the IT Infrastructure Strategy and Roadmap Report Template

    Download the IT Infrastructure Strategy and Roadmap Report Template slides 21, 22, 23 for sample output.

    Position infrastructure as the go-to source for information about new technology

    One way or another, tech always seems to finds its way into infrastructure's lap. Better to stay in front and act as stewards rather than cleanup crew.

    Beware airline magazine syndrome!

    Symptoms

    Pathology
    • Leadership speaking in tech buzzwords
    • Urgent meetings to discuss vaguely defined topics
    • Fervent exclamations of "I don't care how – just get it done!"
    • Management showing up on at your doorstep needing help with their new toy

    Outbreaks tend to occur in close proximity to

    • Industry trade shows
    • Excessive executive travel
    • Vendor BRM luncheons or retreats with leadership
    • Executive golf outings with old college roommates

    Effective treatment options

    1. Targeted regular communication with a technology portfolio analysis customized to the specific goals of the business.
    2. Ongoing PoC and piloting efforts with detailed results reporting.

    While no permanent cure exists, regular treatment makes this chronic syndrome manageable.

    Keep your roadmap horizon in mind

    Technology doesn't have to be bleeding edge. New-to-you can have plenty of value.

    You want to present a curated landscape of technologies, demonstrating that you are actively maintaining expertise in your chosen field.

    Most enterprise IT shops buy rather than develop their technology, which means they want to focus effort on what is market available. The outcome is that infrastructure sponsors and delivers new technologies whose capabilities and features will help the business achieve its goals on this roadmap.

    If you want to think more like a business disruptor or innovator, we suggest working through the blueprint Exploit Disruptive Infrastructure Technology.
    Explore technology five to ten years into the future!

    a quadrant analysis comparing innovation and transformation, as well as two images from Exploit Disruptive Infrastructure Technology.

    Info-Tech Insight

    The ROI of any individual effort is difficult to justify – in aggregate, however, the enterprise always wins!
    Money spent on Google Glass in 2013 seemed like vanity. Certainly, this wasn't enterprise-ready technology. But those early experiences positioned some visionary firms to quickly take advantage of augmented reality in 2018. Creative research tends to pay off in unexpected and unpredictable ways.
    .

    2.1.3 Working session, presentation, and feedback

    1 hour

    Complete a SWOT analysis with future state technology.

    The best research hasn't been done in isolation since the days of da Vinci.

    1. Divide the participants into small groups of at least four people.
    2. Further split those groups into two teams – the red team and the white team.
    3. Assign a technology candidate from the last exercise to each group. Ideally the group should have some initial familiarity with the technology and/or space.
    4. The red team from each group will focus on the weaknesses and threats of the technology. The white team will focus on the strengths and opportunities of the technology.
    5. Set a timer and spend the next 30-40 minutes completing the SWOT analysis.
    6. Have each group present their analysis to the larger team. Encourage conversation and debate. Capture and refine the understanding of the analysis.
    7. Reset with the next technology candidate. Have the participants switch teams within their groups.
    8. Continue until you've exhausted your technology candidates.

    Discussion:

    1. Does working in a group make for better research? Why?
    2. Do you need specific expertise in order to evaluate a technology? Is an outsider (non-expert) view sometimes valuable?
    3. Is it easier to think of the positive or the negative qualities of a technology? What about the internal or external implications?

    Input

    • Technology candidates

    Output

    • Technology analysis including SWOT

    Materials

    • Projector
    • Templates
    • Laptops & internet

    Participants

    • Roadmap team

    Step 2.2

    Constraints analysis

    Activities

    2.2.1 Historical spend analysis

    2.2.2 Conduct a time study

    2.2.3 Identify roadblocks

    This step requires the following inputs:

    • Historical spend and staff numbers
    • Organizational design identification and thought experiment
    • Time study
    • Roadblock brainstorming session
    • Prioritization exercise

    This step involves the following participants:

    • Financial leader
    • HR Leader
    • Roadmap team

    Outcomes of this step

    • OpEx, CapEx, and staffing trends
    • Domain time study
    • Prioritized roadblock list

    2.2.1 Historical spend analysis

    "A Budget is telling your money where to go, instead of wondering where it went."
    -David Ramsay

    "Don't tell me where your priorities are. Show me where you spend your money and I'll tell you what they are"
    -James Frick, Due.com

    Annual IT budgeting aligns with business goals
    a circle showing 68%, broken down into 50% and 18%

    50% of businesses surveyed see that improvements are necessary for IT budgets to align to business goals, while 18% feel they require significant improvements to align to business goals
    Source: ITRG Diagnostics 2022

    Challenges in IT spend visibility

    68%

    Visibility of all spend data for on-prem, SaaS and cloud environments
    Source: Flexera

    The challenges that keep IT leaders up at night

    47%

    Lack of visibility in resource usage and cost
    Source: BMC, 2021

    2.2.1 Build a picture of your financial spending and staffing trends

    Follow the steps below to generate a visualization so you can start the conversation:

    1 hour

    1. Open the Info-Tech Infrastructure Roadmap Financial Spend Analysis Tool.
    2. The Instructions tab will provide guidance, or you can follow the instructions below.
    3. Insert values into the appropriate uncolored blocks in the first 4 rows of the Spend Record Entry tab to reflect the amount spent on IT OpEx, IT CapEx, or staff numbers for the present year (budgeted) as well as the previous five years.
    4. Data input populates cells in subsequent rows to quickly reveal spending ratios.

    an image of the timeline table from the Infrastructure Roadmap Financial Analysis Tool

    Download the Infrastructure Roadmap Financial Analysis Tool
    ( additional Deep Dive available if required)

    Input

    • Historical spend and staff numbers

    Output

    • OpEx, CapEx, and staffing trends for your organization

    Materials

    • Info-Tech's Infrastructure Roadmap Financial Spend Analysis Tool

    Participants

    • Infrastructure leader
    • Financial leader
    • HR leader

    2.2.1 Build a picture of your financial spending and staffing trends (cont'd)

    Continue with the steps below to generate a visualization so you can start the conversation.

    1 hour

    1. Select tab 3 (Results) to reveal a graphical analysis of your data.
    2. Trends are shown in graphs for OpEx, CapEx, and staffing levels as well as comparative graphs to show broader trends between multiple spend and staffing areas.
    3. Some observations worth noting may include the following:
      • Is OpEx spending increasing over time or decreasing?
      • Is CapEx increasing or decreasing?
      • Are OpEx and CapEx moving in the same directions?
      • Are IT staff to total staff ratios increasing or decreasing?
      • Trends will continue in the same direction unless changes are made.

    Download the Infrastructure Roadmap Financial Analysis Tool
    ( additional Deep Dive available if required)

    Input

    • Historical spend and staff numbers

    Output

    • OpEx, CapEx, and staffing trends for your organization

    Materials

    • Info-Tech's Infrastructure Roadmap Financial Spend Analysis Tool

    Participants

    • Infrastructure leader
    • Financial leader
    • HR leader

    Consider perceptions held by the enterprise when dividing infrastructure into domains

    2.2.2 Conduct a time study

    Internal divisions that seem important to infrastructure may have little or even negative value when it comes to users accessing their services.

    Domains are the logical divisions of work within an infrastructure practice. Historically, the organization was based around physical assets: servers, storage, networking, and end-user devices. Staff had skills they applied according to specific best practices using physical objects that provided functionality (computing power, persistence, connectivity, and interface).

    Modern enterprises may find it more effective to divide according to activity (analytics, programming, operations, and security) or function (customer relations, learning platform, content management, and core IT). As a rule, look to your organizational chart; managers responsible for buying, building, deploying, or supporting technologies should each be responsible for their own domain.

    Regardless of structure, poor organization leads to silos of marginally interoperable efforts working against each other, without focus on a common goal. Clearly defined domains ensure responsibility and allow for rapid, accurate, and confident decision making.

    • Server
    • Network
    • Storage
    • End User
    • DevOps
    • Analytics
    • Core IT
    • Security

    Info-Tech Insight

    The medium is the message. Do stakeholders talk about switches or storage or services? Organizing infrastructure to match its external perception can increase communication effectiveness and improve alignment.

    Case Study

    IT infrastructure that makes employees happier

    INDUSTRY: Services
    SOURCE: Network Doctor

    Challenge

    Atlas Electric's IT infrastructure was very old and urgently needed to be refreshed. Its existing server hardware was about nine years old and was becoming unstable. The server was running Windows 2008 R2 server operating systems that was no longer supported by Microsoft; security updates and patches were no longer available. They also experienced slowdowns on many older PCs.

    Recommendations for an upgrade were not approved due to budgetary constraints. Recommendations for upgrading to virtual servers were approved following a harmful phishing attack.

    Solution

    The following improvements to their infrastructure were implemented.

    • Installing a new physical host server running VMWare ESXi virtualization software and hosting four virtual servers.
    • Migration of data and applications to new virtual servers.
    • Upgrading networking equipment and deploying new relays, switches, battery backups, and network management.
    • New server racks to host new hardware.

    Results

    Virtualization, consolidating servers, and desktops have made assets more flexible and simpler to manage.

    Improved levels of efficiency, reliability, and productivity.

    Enhanced security level.

    An upgraded backup and disaster recovery system has improved risk management.

    Optimize where you spend your time by doing a time study

    Infrastructure activity is limited generally by only two variables: money and time. Money is in the hands of the CFO, which leaves us a single variable to optimize.

    Not all time is spent equally, nor is it equally valuable. Analysis lets us communicate with others and gives us a shared framework to decide where our priorities lie.

    There are lots of frameworks to help categorize our activities. Stephen Covey (Seven Habits of Highly Effective People) describes a four-quadrant system along the axes of importance and urgency. Gene Kim, through his character Erik in The Phoenix Project,speaks instead of business projects, internal IT projects, changes, and unplanned work.

    We propose a similar four-category system.

    Project Maintenance

    Administrative

    Reactive

    Planned activity spent pursuing a business objective

    Planned activity spent on the upkeep of existing IT systems

    Planned activity required as a condition of employment

    Unplanned activity requiring immediate response

    This is why we are valuable to our company

    We have it in our power to work to reduce these three in order to maximize our time available for projects

    Survey and analysis

    Perform a quick time study.

    Verifiable data sources are always preferred but large groups can hold each other's inherent biases in check to get a reasonable estimate.

    1 hour

    1. Organize the participants into the domain groups established earlier.
    2. On an index card have each participant independently write down the percentage of time they think their entire domain (not themselves personally) spends during the average month, quarter, or year on:
      1. Admin
      2. Reactive work
      3. Maintenance
    3. Draw a matrix on the whiteboard; collect the index cards and transcribe the results from participants into the matrix.
    4. Add up the three reported time estimates and subtract from 100 – the result is the percentage of time available for/spent on project work.

    Discussion

    1. Certain domains should have higher percentages of reactive work (think Service Desk and Network Operations Center) – can we shift work around to optimize resources?
    2. Why is reactive work the least desirable type? Could we reduce our reactive work by increasing our maintenance work?
    3. From a planning perspective, what are the implications of only having x% of time available for project work?
    4. Does it feel like backing into the project work from adding the other three together provides a reasonable assessment?

    Input

    • Domain groups

    Output

    • Time study

    Materials

    • Whiteboard & markers
    • Index cards

    Participants

    • Roadmap team

    Quickly and easily evaluate all your infrastructure

    Strategic Infrastructure Roadmap Tool, Tab 2, Capacity Analysis

    In order to quickly and easily build some visualizations for the eventual final report, Info-Tech has developed the Strategic Infrastructure Roadmap Tool.

    • Up to five infrastructure domains are supported.
      • For practices that cannot be reasonably collapsed into five domains, multiple copies of the tool can be used and manually stitched together.
    • The tool can be used in either an absolute (total number) or relative mode (percentage of available).
    • By design we specifically don't ask for a project work figure but rather calculate it based on other values.
    • For everything but miscellaneous duties, hard data sources can (and where appropriate should) be leveraged.
      • Reactive work – service desk tool
      • Project work – project management tool
      • Maintenance work – logs or ITSM tool
    • Individual domains' values are calculated, as well as the overall breakdown for the infrastructure practice.
    • Even these rough estimates will be useful during the planning steps throughout the rest of the roadmap process.

    an image of the source capacity analysis page from tab 2 of the Strategic Infrastructure Roadmap Tool

    Please note that this tool requires Microsoft's Power Pivot add-in to be installed if you are using Excel 2010 or 2013. The scatter plot labels on tabs 5 and 8 may not function correctly in Excel 2010.

    Build your roadmap from both the top and the bottom for best results

    Strong IT strategy favors top-down: activities enabling clearly dictated goals. The bottom-up approach aggregates ongoing activities into goals.

    Systematic approach

    External stakeholders prioritize a list of goals requiring IT initiatives to achieve.

    Roadblocks:

    • Multitudes of goals easily overwhelm scant IT resources.
    • Unglamorous yet vital maintenance activities get overlooked.
    • Goals are set without awareness of IT capacity or capabilities.

    Organic approach

    Practitioners aggregate initiatives into logical groups and seek to align them to one or more business goals.

    Roadblocks:

    • Pet initiatives can be perpetuated based on cult of personality rather than alignment to business goals.
    • Funding requests can fall flat when competing against other business units for executive support.

    A successful roadmap respects both approaches.

    an image of two arrows, intersecting with the words Infrastructure Roadmap with the top arrow labeled Systematic, and the bottom arrow being labeled Organic.

    Info-Tech Insight

    Perfection is anathema to practicality. Draw the first picture and not only expect but welcome conflicting feedback! Socialize it and drive the conversation forward to a consensus.

    2.2.3 Brainstorming – Affinity diagramming

    Identify the systemic roadblocks to executing infrastructure projects

    1 hour

    Affinity diagramming is a form of structured brainstorming that works well with larger groups and provokes discussion.

    1. Have each participant write down their top five impediments to executing their projects from last year – one roadblock per sticky note.
    2. Once everyone has written their top five, select a moderator from the group. The moderator will begin by placing (and explaining) their five sticky notes on the whiteboard.
    3. Have each participant then place and explain their sticky notes on the whiteboard.
    4. The moderator will assist participants in grouping sticky notes together based on theme.
    5. Groups that have become overly large may be broken into smaller, more precise themes.
    6. Once everyone has placed their sticky notes, you should be able to visually identify the greatest or most common roadblocks the group perceives.

    Discussion

    Categorize each roadblock identified as either internal or external to infrastructure's control.

    Attempt to understand the root cause of each roadblock. What would you need to ask for in order to remove the roadblock?

    Additional Research

    Also called the KJ Method (after its inventor, Jiro Kawakita, a 1960s Japanese anthropologist), this activity helps organize large amounts of data into groupings based on natural relationships while reducing many social biases.

    Input

    • Last years initiatives and their roadblocks

    Output

    • List of refined Roadblocks

    Materials

    • Sticky notes
    • Whiteboard & markers

    Participants

    • Roadmap team

    2.2.4 Prioritization exercise – Card sorting

    Choose your priorities wisely.

    Which roadblocks do you need to work on? How do you establish a group sense of these priorities? This exercise helps establish priorities while reducing individual bias.

    1 hour

    1. Distribute index cards that have been prepopulated with the roadblocks identified in the previous activity – one full set of cards to each participant.
    2. Have each participant sort their set-in order of perceived priority, highest on top.
    3. Where n=number of cards in the stack, take the n-3 lowest priority cards and put a tick mark in the upper-right-hand corner. Pass these cards to the person on the left, who should incorporate them into their pile (if you start with eight cards you're ticking and passing five cards). Variation: On the first pass, allow everyone to take the most important and least important cards, write "0th" and "NIL" on them, respectively, and set them aside.
    4. Repeat steps 2 and 3 for a total of n times. Treat duplicates as a single card in your hand.
    5. After the final pass, ask each participant to write the priority in the upper-left-hand corner of their top three cards.
    6. Collect all the cards, group by roadblock, count the number of ticks, and take note of the final priority.

    Discussion

    Total the number of passes (ticks) for each roadblock. A large number indicates a notionally low priority. No passes indicates a high priority.

    Are the internal or external roadblocks of highest priority? Were there similarities among participants' 0th and NILs compared to each other or to the final results?

    Input

    • Roadblock list

    Output

    • Prioritized roadblocks

    Materials

    • Index cards

    Participants

    • Roadmap team

    Summary of Accomplishment

    Review performance from last fiscal year

    • Analyzed and communicated the benefits and value realized from IT's strategic initiatives in the past fiscal year.
    • Analyzed and prioritized diagnostic data insights to communicate IT success stories.
    • Elicited important retrospective information such as KPIs, financials, etc. to build IT's credibility as a strategic business partner.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Phase 3

    Align and Build the Roadmap

    Phase 1

    Phase 2

    Phase 3

    Phase 4

    1.1 Infrastructure strategy

    1.2 Goal alignment

    2.1 Define your future

    2.2 Conduct constraints analysis

    3.1 Drive business alignment

    3.2. Build the roadmap

    4.1 Identify the audience

    4.2 Process improvement

    and measurements

    This phase will walk you through the following activities:

    • Elicit business context from the CIO & IT team
    • Identify key initiatives that support the business
    • Identify key initiatives that enable IT excellence
    • Identify initiatives that drive technology innovation
    • Build initiative profiles
    • Construct your strategy roadmap

    This phase involves the following participants:

    • Roadmap Team

    Step 3.1

    Drive business alignment

    Activities

    3.1.1 Develop a risk framework

    3.1.2 Evaluate technical debt

    This step requires the following inputs:

    • Intake identification and analysis
    • Survey results analysis
    • Goal brainstorming
    • Goal association and analysis

    This step involves the following participants:

    • Business leadership
    • Project Management Office
    • Service Desk
    • Business Relationship Management
    • Solution or Enterprise Architecture
    • Roadmap team

    Outcomes of this step

    • Intake analysis
    • Goal list
    • Initiative-to-goal map

    Speak for those with no voice – regularly review your existing portfolio of IT assets and services

    A chain is only as strong as its weakest link; while you'll receive no accolades for keeping the lights on, you'll certainly hear about it if you don't!

    Time has been a traditional method for assessing the fitness of infrastructure assets – servers are replaced every five years, core switches every seven, laptops and desktops every three. While quick, this framework of assessment is overly simplistic for most modern organizations.

    Building one that is instead based on the likelihood of asset failure plotted against the business impact of that failure is not overly burdensome and yields more practical results. Infrastructure focuses on its strength (assessing IT risk) and validates an understanding with the business regarding the criticality of the service(s) enabled by any given asset.

    Rather than fight on every asset individually, agree on a framework with the business that enables data-driven decision making.

    IT Risk Factors
    Age, Reliability, Serviceability, Conformity, Skill Set

    Business Risk Factors
    Suitability, Capacity, Safety, Criticality

    Info-Tech Insight

    Infrastructure in a cloud-enabled world: As infrastructure operations evolve it is important to keep current with the definition of an asset. Software platforms such as hypervisors and server OS are just as much an asset under the care and control of infrastructure as are cloud services, managed services from third-party providers, and traditional racks and switches.

    3.1.1 Develop a risk framework – Classification exercise

    While it's not necessary for each infrastructure domain to view IT risk identically, any differences should be intensely scrutinized.

    1 hour

    1. Divide the whiteboard along the axes of IT Risk and
      Business Risk (criticality) into quadrants:
      1. High IT Risk & High Biz Risk (upper right)
      2. Low IT Risk & Low Biz Risk (bottom left)
      3. Low IT Risk & High Biz Risk (bottom right)
      4. High IT Risk & Low Biz Risk (upper left)
    2. Have each participant write the names of two or three infrastructure assets or services they are responsible or accountable for – one name per sticky note.
    3. Have each participant come one-at-a-time and place their sticky notes in one quadrant.
    4. As each additional sticky note is placed, verify with the group that the relative positioning of the others is still accurate.

    Discussion:

    1. Most assets should end up in the lower-right quadrant, indicating that IT has lowered the risk of failure commensurate to the business consequences of a failure. What does this imply about assets in the other three quadrants?
    2. Infrastructure is foundational; do we properly document and communicate all dependencies for business-critical services?
    3. What actions can infrastructure take to adjust the risk profile of any given asset?

    Input

    • List of infrastructure assets

    Output

    • Notional risk analysis

    Materials

    • Whiteboard & markers
    • Sticky notes

    Participants

    • Roadmap team

    3.1.2 Brainstorming and prioritization exercise

    Identify the key elements that make up risk in order to refine your framework.

    A shared notional understanding is good, but in order to bring the business onside a documented defensible framework is better.

    1 hour

    1. Brainstorm (possibly using the affinity diagramming technique) the component elements of IT risk.
    2. Ensure you have a non-overlapping set of risk elements. Ensure that all the participants are comfortable with the definitions of each element. Write them on a whiteboard.
    3. Give each participant an equal number (three to five) of voting dots.
    4. As a group have the participants go the whiteboard and use their dots to cast their votes for what they consider to be the most important risk element(s). Participants are free to place any number of their dots on a single element.
    5. Based on the votes cast select a reasonable number of elements with which to proceed.
    6. For each element selected, brainstorm up to six tiers of the risk scale. You can use numbers or words, whichever is most compelling.
      • E.g. Reliability: no failures, >1 incident per year, >1 incident per quarter, >1 incident per month, frequent issues, unreliable.
    7. Repeat the above except with the components of business risk. Alternately, rely on existing business risk documentation, possibly from a disaster recovery or business continuity plan.

    Discussion
    How difficult was it to agree on the definitions of the IT risk elements? What about selecting the scale? What was the voting distribution like? Were there tiers of popular elements or did most of the dots end up on a limited number of elements? What are the implications of having more elements in the analysis?

    Input

    • Notional risk analysis

    Output

    • Risk elements
    • Scale dimensions

    Materials

    • Whiteboard & markers
    • Voting dots

    Participants

    • Roadmap team

    3.1.3 Forced ranking exercise

    Alternate: Identify the key elements that make up risk in order to refine your framework

    A shared notional understanding is good, but in order to bring the business onside a documented defensible framework is better.

    1 hour

    1. Brainstorm (possibly using the affinity diagramming technique) the component elements of IT risk.
    2. Ensure you have a non-overlapping set of risk elements. Ensure that all the participants are comfortable with the definitions of each element. Write them on a whiteboard.
    3. Distribute index cards (one per participant) with the risk elements written down one side.
    4. Ask the participants to rank the elements in order of importance, with 1 being the most important.
    5. Collect the cards and write the ranking results on the whiteboard.
    6. Look for elements with high variability. Also look for the distribution of 1, 2, and 3 ranks.
    7. Based on the results select a reasonable number of elements with which to proceed.
    8. Follow the rest of the procedure from the previous activity.

    Discussion:

    What was the total number of elements required in order to contain the full set of every participant's first-, second-, and third-ranked risks? Does this seem a reasonable number?

    Why did some elements contain both the lowest and highest rankings? Was one (or more) participant thinking consistently different from the rest of the group? Are they seeing something the rest of the group is overlooking?

    This technique automatically puts the focus on a smaller number of elements – is this effective? Or is it overly simplistic and reductionist?

    Input

    • Notional risk analysis

    Output

    • Risk elements

    Materials

    • Whiteboard & markers
    • Index cards

    Participants

    • Roadmap team

    3.1.4 Consensus weighting

    Use your previous notional assessment to inform your risk weightings:

    1 hour

    1. Distribute index cards that have been prepopulated with the risk elements from the previous activity.
    2. Have the participants independently assign a weighting to each element. The assigned weights must add up to 100.
    3. Collect the cards and transcribe the results into a matrix on the whiteboard.
    4. Look for elements with high variability in the responses.
    5. Discuss and come to a consensus figure for each element's weighting.
    6. Select a variety of assets and services from the notional assessment exercise. Ensure that you have representation from all four quadrants.
    7. Using your newly defined risk elements and associated scales, evaluate as a group the values you'd suggest for each asset. Aim for a plurality of opinion rather than full consensus.
    8. Use Info-Tech's Strategic Infrastructure Roadmap Tool to document the elements, weightings, scales, and asset analysis.
    9. Compare the output generated by the tool (Tab 4) with the initial notional assessment.

    Discussion:

    How much framework is too much? Complexity and granularity do not guarantee accuracy. What is the right balance between effort and result?

    Does your granular assessment match your notional assessment? Why or why not? Do you need to go back and change weightings? Or reduce complexity?

    Is this a more reasonable and valuable way of periodically evaluating your infrastructure?

    Input

    • Notional risk analysis

    Output

    • Weighted risk framework

    Materials

    • Whiteboard & markers
    • Index cards
    • Strategic Infrastructure Roadmap Tool

    Participants

    • Roadmap team

    3.1.5 Platform assessment set-up

    Hard work up front allows for year-over-year comparisons

    The value of a risk framework is that once the heavy lifting work of building it is done, the analysis and assessment can proceed very quickly. Once built, the framework can be tweaked as necessary, rather than recreated every year.

    • Open Info-Tech's Strategic Infrastructure Roadmap Tool, Tab 3.
    • Up to eight elements each of IT and business risk can be captured.
      • IT risk elements of end-of-life and dependencies are mandatory and do not count against the eight customizable elements.
    • Every element can have up to six scale descriptors. Populate them from left to right in increasing magnitude of risk.
      • Scale descriptors must be input as string values and not numeric.
    • Each element's scale can be customized from linear to a risk-adverse or risk-seeking curve. We recommend linear.

    an image of the Platform Assessment Setup Page from Info-Tech's Strategic Infrastructure Roadmap Tool,

    IT platform assessment

    Quickly and easily evaluate all your infrastructure.

    Once configured, individual domain teams can spend surprisingly little time answering reasonably simple questions to assess their assets. The common framework lets results be compared between teams and produces a valuable visualization to communication with the business.

    • Open the Strategic Infrastructure Roadmap Tool, Tab 4.
    • The tool has been tested successfully with up to 2,000 asset items. Don't necessarily list every asset; rather, think of the logical groups of assets you'd cycle in or out of your environment.
    • Each asset must be associated with one and only one infrastructure domain and have a defined End of Service Life date.
    • With extreme numbers of assets an additional filter can be useful – the Grouping field allows you to set any number of additional tags to make sorting and filtering easier.
    • Drop-down menus for each risk element are prepopulated with the scale descriptors from Tab 3. Unused elements are greyed out.
    • Each asset can be deemed dependent on up to four additional assets or services. Use this to highlight obscure or undervalued relationships between assets. It is generally not useful to be reminded that everything relies on Cat 6 cabling.

    A series of screenshots from the IT Platform Assessment.

    Prioritized upgrades

    Validate and tweak your framework with the business

    Once the grunt work of inputting all the assets and the associated risk data has been completed, you can tweak the risk profile and sort the data to whatever the business may require.

    • Open Info-Tech's Strategic Infrastructure Roadmap Tool, Tab 5.
    • IT platforms in the upper-right quadrant have an abundance of IT risk and are critical to the business.
    • The visualization can be sorted by selecting the slicers on the left. Sort by:
      • Infrastructure domain
      • Customized grouping tag
      • Top overall risk platforms
    • With extreme numbers of assets an additional filter can be useful. The Grouping field allows you to set any number of additional tags to make sorting and filtering easier.
    • Risk weightings can be individually adjusted to reflect changing business priorities or shared infrastructure understanding of predictive power.
      • In order to make year-over-year comparisons valuable it is recommended that changing IT risk elements should be avoided unless absolutely necessary.

    An image of a scatter plot graph titled Prioritized Upgrades.

    Step 3.2

    Build the roadmap

    Activities

    3.2.1 Build templates and visualize

    3.2.2 Generate new initiatives

    3.2.3 Repatriate shadow IT initiatives

    3.2.4 Finalize initiative candidates

    This step requires the following inputs:

    • Develop an initiative template
    • Restate the existing initiatives with the template
    • Visualize the existing initiatives
    • Brainstorm new initiatives
    • Initiative ranking
    • Solicit, evaluate, and refine shadow IT initiatives
    • Resource estimation

    This step involves the following participants:

    • Roadmap team

    Outcomes of this step

    • Initiative communication template
    • Roadmap visualization diagram

    Tell them what they really need to know

    Templates transform many disparate sources of data into easy-to-produce, easy-to-consume, business-ready documents.

    Develop a high-level document that travels with the initiative from inception through executive inquiry and project management, and finally to execution. Understand an initiative's key elements that both IT and the business need defined and that are relatively static over its lifecycle.

    Initiatives are the waypoints along a roadmap leading to the eventual destination, each bringing you one step closer. Like steps, initiatives need to be discrete: able to be conceptualized and discussed as a single largely independent item. Each initiative must have two characteristics:

    • Specific outcome: Describe an explicit change in the people, processes, or technology of the enterprise.
    • Target end date: When the described outcome will be in effect.

    "Learn a new skill"– not an effective initiative statement.

    "Be proficient in the new skill by the end of the year" – better.

    "Use the new skill to complete a project and present it at a conference by Dec 15" – best!

    Info-Tech Insight

    Bundle your initiatives for clarity and manageability.
    Ruthlessly evaluate if an initiative should stand alone or can be rolled up with another. Fewer initiatives increases focus and alignment, allowing for better communication.

    3.2.1 Develop impactful templates to sell your initiative upstream

    Step 1: Open Info-Tech's Strategic Roadmap Initiative Template. Determine and describe the goals that the initiative is enabling or supporting.
    Step 2: State the current pain points from the end-user or business perspective. Do not list IT-specific pain points here, such as management complexity.
    Step 3: List both the tangible (quantitative) and ancillary (qualitative) benefits of executing the project. These can be pain relievers derived from the pain points, or any IT-specific benefit not captured in Step 1.
    Step 4: List any enabled capability that will come as an output of the project. Avoid technical capabilities like "Application-aware network monitoring." Instead, shoot for business outcomes like "Ability to filter network traffic based on application type."

    An image of the Move to Office 365, with the numbers 1-4 superimposed over the image.  These correspond to steps 1-4 above.

    Info-Tech Insight

    Sell the project to the mailroom clerk! You need to be able to explain the outcome of the project in terms that non-IT workers can appreciate. This is done by walking as far up the goals cascade as you have defined, which gets to the underlying business outcome that the initiative supports.

    Develop impactful templates to sell your initiative upstream (cont'd)

    Strategic Roadmap Initiative Template, p. 2

    Step 5: State the risks to the business for not executing the project (and avoid restating the pain points).
    Step 6: List any known or anticipated roadblocks that may come before, during, or after executing the project. Consider all aspects of people, process, and technology.
    Step 7: List any measurable objectives that can be used to gauge the success of the projects. Avoid technical metrics like "number of IOPS." Instead think of business metrics such as "increased orders per hour."
    Step 8: The abstract is a short 50-word project description. Best to leave it as the final step after all the other aspects of the project (risks and rewards) have been fully fleshed out. The abstract acts as an executive summary – written last, read first.

    An image of the Move to Office 365, with the numbers 5-8 superimposed over the image.  These correspond to steps 5-8 above.

    Info-Tech Insight

    Every piece of information that is not directly relevant to the interests of the audience is a distraction from the value proposition.

    Working session, presentation, and feedback

    Rewrite your in-flight initiatives to ensure you're capturing all the required information:

    1 hour

    1. Have each participant select an initiative they are responsible or accountable for.
    2. Introduce the template and discuss any immediate questions they might have.
    3. Take 15-20 minutes and have each participant attempt to fill out the template for their initiative.
    4. Have each participant present their initiative to the group.
    5. The group should imagine themselves business leaders and push back with questions or clarification when IT jargon is used.
    6. Look to IT leadership in the room for cues as to what hot button items they've encountered from the business executives.
    7. Debate the merits of each section in the template. Adjust and customize as appropriate.

    Discussion:
    Did everyone use the goal framework adopted earlier? Why not?
    Are there recurring topics or issues that business leaders always seem concerned about?
    Of all the information available, what consistently seems to be the talking points when discussing an initiative?

    Input

    • In-flight initiatives

    Output

    • Completed initiatives templates

    Materials

    • Templates
    • Laptops & internet

    Participants

    • Roadmap team

    3.2.2 Visual representations are more compelling than text alone

    Being able to quickly sort and filter data allows you to customize the visualization and focus on what matters to your audience. Any data that is not immediately relevant to them risks becoming a distraction.

    1. Open the Strategic Infrastructure Roadmap Tool, Tabs 6 and 7.
    2. Up to ten goals can be supported. Input the goals into column F of the tool. Be explicit but brief.
    3. Initiatives and Obstacles can be independently defined, and the tool supports up to five subdivisions of each. Initiative by origin source makes for an interesting analysis but initially we recommend simplicity.
    4. Every Initiative and Obstacle must be given a unique name in column H. Context-sensitive drop-downs let you define the subtype and responsible infrastructure domain.
    5. Three pieces of data are captured for each initiative: Business Impact is the qualitative value to the business; Risk is the qualitative likelihood of failure – entirely or partially (e.g. significantly over budget or delayed); and Effort is a relative measure of magnitude ($ or time). Only the value for Effort must be specified.
    6. Every initiative can claim to support one or many goals by placing an "x" in the appropriate column(s).
    7. On Tab 7 you must select the initiative end date (go-live date). You can also document start date, owner, and manager if required. Remember, though, that the tool does not replace proper project management tools.

    A series of screenshots of tables, labeled A-F

    Decoding your visualization

    Strategic Infrastructure Roadmap Tool, Tab 8, "Roadmap"

    Visuals aren't always as clear as we assume them to be.

    An example of a roadmap visualization found in the Strategic Infrastructure Roadmap Tool

    If you could suggest one thing, what would it be?

    The roadmap is likely the best and most direct way to showcase our ideas to business leadership – take advantage of it.

    We've spent an awful lot of time setting the stage, deciding on frameworks so we agree on what is important. We know how to have an effective conversation – now what do we want to say?

    an image of a roadmap, including inputs passing through infrastructure & Operations; to the Move to Office 365 images found earlier in this blueprint.

    Creative thinking, presentation, and feedback

    Since we're so smart – how could we do it better?

    1 hour

    1. Introduce the Roadmap Initiative Template and discuss any immediate questions the participants might have.
    2. Take 15-20 minutes and have each participant attempt to fill out the template for their initiative candidate.
    3. Have each author present their initiative to the group.
    4. The group should imagine themselves business leaders and push back with questions or clarification when IT jargon is used.
    5. Look to IT leadership in the room for cues as to what hot button items they've encountered from the business executives
    6. Debate the merits of each section in the template. Adjust and customize as appropriate.

    Discussion:
    Did everyone use the goal framework adopted earlier? Why not?
    Do we think we can find business buy-in or sponsorship? Why or why not?
    Are our initiatives at odds with or complementary to the ones proposed through the normal channels?

    Input

    • Everything we know

    Output

    • Initiative candidates

    Materials

    • Info-Tech's Infrastructure Roadmap Initiatives Template
    • Laptops & internet

    Participants

    • Roadmap team

    Forced Ranking Exercise

    Showcase only your best and brightest ideas:

    1 hour

    1. Write the initiative titles from the previous exercise across the top of a whiteboard.
    2. Distribute index cards (one per participant) with the initiative titles written down one side.
    3. Ask each participant to rank the initiatives in order of importance, with 1 being the most important.
    4. Collect the cards and write the ranking results on the whiteboard.
    5. Look at the results with an eye toward high variability. Also look for the distribution of 1, 2, and 3 ranks.
    6. Based on the results, select (through democratic vote or authoritarian fiat – Director or CIO) a reasonable number of initiatives.
    7. Refine the selected initiative templates for inclusion in the roadmap.

    Discussion:
    Do participants tend to think their idea is the best and rank it accordingly?
    If so, then is it better to look at the second, third, and fourth rankings for consensus instead?
    What is a reasonable number of initiatives to suggest? How do we limit ourselves?

    Input

    • Infrastructure initiative candidates

    Output

    • Infrastructure initiatives

    Materials

    • Index cards

    Participants

    • Roadmap team

    Who else might be using technology to solve business problems?

    Shadow IT operates outside of the governance and control structure of Enterprise IT and so is, by definition, a problem. an opportunity!

    Except for that one thing they do wrong, that one small technicality, they may well do everything else right.

    Consider:

    1. Shadow IT evolves to solve a problem or enable an activity for a specific group of users.
    2. This infers that because stakeholders spend their own resources resolving a problem or enabling an action, it is a priority.
    3. The technology choices they've made have been based solely on functionality for value, unrestrained by any legacy of previous decisions.
    4. Staffing demands and procedural issues must be modest or nonexistent.
    5. The users must be engaged, receptive to change, and tolerant of stutter steps toward a goal.

    In short, shadow IT can provide fully vetted infrastructure initiatives that with a little effort can be turned into easy wins on the roadmap.

    Info-Tech Insight

    Shadow IT can include business-ready initiatives, needing only minor tweaking to align with infrastructure's best practices.

    3.2.3 Survey and hack-a-thon

    Negotiate amnesty with shadow IT by evaluating their "hacks" for inclusion on the roadmap.

    1 hour

    1. Put out an open call for submissions across the enterprise. Ask "How do you think technology could help you solve one of your pain points?" Be specific.
    2. Gather the responses into a presentable format and assemble the roadmap team.
    3. Use voting dots (three per person) to filter out a shortlist.
    4. Invite the original author to come in and work with a roadmap team member to complete the template.
    5. Reassemble the roadmap team and use the forced ranking exercise to select initiatives to move forward.

    Discussion:
    Did you learn anything from working directly with in-the-trenches staff? Can those learnings be used elsewhere in infrastructure? Or in larger IT?

    Input

    • End-user ideas

    Output

    • Roadmap initiatives

    Materials

    • Whiteboard & markers
    • Voting dots
    • Index cards
    • Templates

    Participants

    • Enthusiastic end users
    • Roadmap team
    • Infrastructure leader

    3.2.4 Consensus estimation

    Exploit the wisdom of groups to develop reasonable estimates.

    1 hour

    Also called scrum poker (in Agile software circles), this method reduces anchoring bias by requiring all participants to formulate and submit their estimates independently and simultaneously.

    Equipment: A typical scrum deck shows the Fibonacci sequence of numbers, or similar progression, with the added values of ∞ (project too big and needs to be subdivided), and a coffee cup (need a break). Use of the (mostly) Fibonacci sequence helps capture the notional uncertainty in estimating larger values.

    1. The infrastructure leader, who will not play, moderates the activity. A "currency" of estimation is selected. This could be person, days, or weeks, or a dollar value in the thousands or tens of thousands – whatever the group feels they can speak to authoritatively.
    2. The author of each initiative gives a short overview, and the participants are given the chance to ask questions and clarify assumptions and risks.
    3. Participants lay a card representing their estimate face down on the table. Estimates are revealed simultaneously.
    4. Participants with the highest and lowest estimates are given a soapbox to offer justification. The author is expected to provide clarifications. The moderator drives the conversation.
    5. The process is repeated until consensus is reached (decided by the moderator).
    6. To structure discussion, the moderator can impose time limits between rounds.

    Discussion:

    How often was the story unclear? How often did participants have to ask for additional information to make their estimate? How many rounds were required to reach consensus?
    Does number of person, days, or weeks, make more sense than dollars? Should we estimate both independently?
    Source: Scrum Poker

    Input

    • Initiative candidates from previous activity

    Output

    • Resourcing estimates

    Materials

    • Scrum poker deck

    Participants

    • Roadmap team

    Hard work up front allows for year-over-year comparisons

    Open the Strategic Infrastructure Roadmap Tool, Tab 6, "Initiatives & Goals" and Tab 7, "Timeline"

    Add your ideas to the visualization.

    • An initiative subtype can be useful here to differentiate infrastructure-sponsored initiatives from traditional ones.
    • Goal alignment is as important as always – ideally you want your sponsored initiatives to fill gaps or support the highest-priority business goals.
    • The longer-term roadmap is an excellent parking lot for ideas, especially ones the business didn't even know they wanted. Make sure to pull those ideas forward, though, as you repeat the process periodically.

    An image containing three screenshots of timeline tables from the Strategic Infrastructure Roadmap Tool

    Pulling it all together – the published report

    We started with eight simple questions. Logically, the answers suggest sections for a published report. Developing those answers in didactic method is effective and popular among technologists as answers build upon each other. Business leaders and journalists, however, know never to bury the lead.

    Report Section Title Roadmap Activity or Step
    Sunshine diagram Visualization
    Priorities Understand business goals
    Who we help Evaluate intake process
    How we can help Create initiatives
    What we're working on Review initiatives
    How you can help us Assess roadblocks
    What is new Assess new technology
    How we spend our day Conduct a time study
    What we have Assess IT platform
    We can do better! Identify process optimizations

    Summary of Accomplishment

    Review performance from last fiscal year

    • Analyzed and communicated the benefits and value realized from IT's strategic initiatives in the past fiscal year.
    • Analyzed and prioritized diagnostic data insights to communicate IT success stories.
    • Elicited important retrospective information such as KPIs, financials, etc. to build IT's credibility as a strategic business partner.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Phase 4

    Communicate and Improve the Process

    Phase 1

    Phase 2

    Phase 3

    Phase 4

    1.1 Infrastructure strategy

    1.2 Goal alignment

    2.1 Define your future

    2.2 Conduct constraints analysis

    3.1 Drive business alignment

    3.2. Build the roadmap

    4.1 Identify the audience

    4.2 Process improvement

    and measurements

    This phase will walk you through the following activities:

    • Identify authors and target audiences
    • Understand the planning process
    • Identify if the process outputs have value
    • Set up realistic KPIs

    This phase involves the following participants:

    • CIO
    • Roadmap team

    Step 4.1

    Identify the audience

    Activities

    4.1.1 Identify required authors and target audiences

    4.1.2 Planning the process

    4.1.3 Identifying supporters and blockers

    This step requires the following inputs:

    • Identify required authors and target audiences
    • Plan the process
    • Identify supporters and blockers

    This step involves the following participants:

    • CIO
    • Roadmap team

    Outcomes of this step

    • Process schedule
    • Communication strategy

    Again! Again!

    And you thought we were done. The roadmap is a process. Set a schedule and pattern to the individual steps.

    Publishing an infrastructure roadmap once a year as a lead into budget discussion is common practice. But this is just the last in a long series of steps and activities. Balance the effort of each activity against its results to decide on a frequency. Ensure that the frequency is sufficient to allow you to act on the results if required. Work backwards from publication to develop the schedule.

    an image of a circle of questions around the Infrastructure roadmap.

    A lot of work has gone into creating this final document. Does a single audience make sense? Who else may be interested in your promises to the business? Look back at the people you've asked for input. They probably want to know what this has all been about. Publish your roadmap broadly to ensure greater participation in subsequent years.

    4.1.1 Identify required authors and target audiences

    1 hour

    Identification and association

    Who needs to hear (and more importantly believe) your message? Who do you need to hear from? Build a communications plan to get the most from your roadmap effort.

    1. Write your eight roadmap section titles in the middle of a whiteboard.
    2. Make a list of everyone who answered your questions during the creation of this roadmap. Write these names on a single color of sticky notes and place them on the left side.
    3. Make a list of everyone who would be (or should be) interested in what you have to say. Write these names on a different single color of sticky notes and place them on the right side.
    4. Draw lines between the stickies and the relevant section of the roadmap. Solid lines indicate a must have communication while dashed lines indicate a nice-to-have communication.
    5. Come to a consensus.

    Discussion:

    How many people appear in both lists? What are the implications of that?

    Input

    • Roadmap sections

    Output

    • Roadmap audience and contributors list

    Materials

    • Whiteboard & markers
    • Sticky notes

    Participants

    • Roadmap team

    4.1.2 Planning the process and scheduling

    The right conversation at the right time

    Due Date (t) Freq Mode Participants Infrastructure Owner
    Update & Publish

    Start of Budget Planning

    Once

    Report

    IT Steering Committee

    Infrastructure Leader or CIO

    Evaluate Intakes

    (t) - 2 months

    (t) - 8 months

    Biannually

    Review

    PMO

    Service Desk

    Domain Heads

    Assess Roadblocks

    (t) - 2 months

    (t) - 5 months

    (t) - 8 months

    (t) - 11 months

    Quarterly

    Brainstorming & Consensus

    Domain Heads

    Infrastructure Leader

    Time Study

    (t) - 1 month

    (t) - 4 months

    (t) - 7 months

    (t) - 10 months

    Quarterly

    Assessment

    Domain Staff

    Domain Heads

    Inventory Assessment

    (t) - 2 months

    Annually

    Assessment

    Domain Staff

    Domain Heads

    Business Goals

    (t) - 1 month

    Annually

    Survey

    Line of Business Managers

    Infrastructure Leader or CIO

    New Technology Assessment

    monthly

    (t) - 2 months

    Monthly/Annually

    Process

    Domain Staff

    Infrastructure Leader

    Initiative Review

    (t) - 1 month

    (t) - 4 months

    (t) - 7 months

    (t) - 10 months

    Quarterly

    Review

    PMO

    Domain Heads

    Infrastructure Leader

    Initiative Creation

    (t) - 1 month

    Annually

    Brainstorming & Consensus

    Roadmap Team

    Infrastructure Leader

    The roadmap report is just a point-in-time snapshot, but to be most valuable it needs to come at the end of a full process cycle. Know your due date, work backwards, and assign responsibility.

    Discussion:

    1. Do each of the steps make sense? Is the outcome clear and does it flow naturally to where it will be useful?
    2. Is the effort required for each step commensurate with its value? Are we doing to much for not enough return?
    3. Are we acting on the information we're gathering? Is it informing or changing decisions throughout the year or period?

    Input

    • Roadmap sections

    Output

    • Roadmap process milestones

    Materials

    • Whiteboard & markers
    • Template

    Participants

    • Roadmap team

    Tailor your messaging to secure stakeholders' involvement and support

    If your stakeholders aren't on board, you're in serious trouble.

    Certain stakeholders will not only be highly involved and accountable in the process but may also be responsible for approving the roadmap and budget, so it's essential that you get their buy-in upfront.

    an image of a quadrant analysis, comparing levels of influence and support.

    an image of a quadrant analysis, comparing levels of influence and support.

    4.1.3 Identifying supporters and blockers

    Classification and Strategy

    1 hour

    You may want to restrict participation to senior members of the roadmap team only.

    This activity requires a considerable degree of candor in order to be effective. It is effectively a political conversation and as such can be sensitive.

    Steps:

    1. Review your sticky notes from the earlier activity (list of input and output names).
    2. Place each name in the corresponding quadrant of a 2x2 matrix like the one on the right.
    3. Come to a consensus on the placement of each sticky note.

    Input

    • Roadmap audience and contributors list

    Output

    • Communications strategy & plan

    Materials

    • Whiteboard & markers
    • Sticky notes

    Participants

    • Senior roadmap team

    Step 4.2

    Process improvement

    Activities

    4.2.1 Evaluating the value of each process output

    4.2.2 Brainstorming improvements

    4.2.3 Setting realistic measures

    This step requires the following inputs:

    • Evaluating the efficacy of each process output
    • Brainstorming improvements
    • Setting realistic measures

    This step involves the following participants:

    • Roadmap team

    Outcomes of this step

    • Process map
    • Process improvement plan

    Continual improvement

    Not just for the DevOps hipsters!

    You started with a desire – greater satisfaction with infrastructure from the business. All of the inputs, processes, and outputs exist only, and are designed solely, to serve the attainment of that outcome.

    The process outlined is not dogma; no element is sacrosanct. Ruthlessly evaluate the effectiveness of your efforts so you can do better next time.

    You would do no less after a server migration, network upgrade, or EUC rollout.

    Consider these four factors to help make your infrastructure roadmap effort more successful.

    Leadership
    If infrastructure leaders aren't committed, then this will quickly become an exercise of box-checking rather than candid communication.

    Data
    Quantitative or qualitative – always try to go where the data leads. Reduce unconscious bias and be surprised by the insight uncovered.

    Metrics
    Measurement allows management but if you measure the wrong thing you can game the system, cheating yourself out of the ultimate prize.

    Focus
    Less is sometimes more.

    4.2.1 Evaluating the value of each process output

    Understanding why and how individual steps are effective (or not) is how we improve the outcome of any process.

    1 hour

    1. List each of the nine roadmap steps on the left-hand side of a whiteboard.
    2. Ask the participants "Why was this step included? Did it accomplish its objective?" Consider using a reduced scale affinity diagramming exercise for this step.
    3. Consider the priority characteristics of each step; try to be as universal as possible (every characteristic will ideally apply to each step).
    4. Include two columns at the far right: "Improvement" and "Expected Change."
    5. Populate the table. If this is your first time, brainstorm reasonable objectives for your left-hand columns. Otherwise, document the reality of last year and focus on brainstorming the right-hand columns.
    6. Optional: Conduct a thought experiment and brainstorm tension metrics to establish whether the process is driving the outcomes we desire.
    7. Optional: Consider Info-Tech's assertion about the four things a roadmap can do. Brainstorm KPIs that you can measure yearly. What else would you want the roadmap to be able to do?

    Discussion:

    Did the group agree on the intended outcome of each step? Did the group think the step was effective? Was the outcome clear and did it flow naturally to where it was useful?
    Is the effort required for each step commensurate with its value? Are we doing too much for not enough return?
    Are we acting on the information we're gathering? Is it informing or changing decisions throughout the year or period?

    Input

    • Roadmap process steps

    Output

    • Process map
    • Improvement targets & metrics

    Materials

    • Whiteboard & markers
    • Sticky notes
    • Process Map Template (see next slide)

    Participants

    • Roadmap team

    Process map template

    Replace the included example text with your inputs.

    Freq.MethodMeasuresSuccess criteria

    Areas for improvement

    Expected change

    Evaluate intakesBiannuallyPMO Intake & Service RequestsProjects or Initiatives% of departments engaged

    Actively reach out to underrepresented depts.

    +10% engagement

    Assess roadblocksQuarterlyIT All-Staff MeetingRoadblocks% of identified that have been resolved

    Define expected outcomes of removing roadblock

    Measurable improvements

    Time studyQuarterly IT All-Staff MeetingTimeConfidence value of data

    Real data sources (time sheets, tools, etc.)

    85% of sources defensible

    Legacy asset assessmentAnnuallyDomain effortAsset Inventory Completeness of Inventory
    • Compare against Asset Management database
    • Track business activity by enabling asset(s)
    • > 95% accuracy/
      completeness
    • Easier business risk framework conversations
    Understand business goalsAnnuallyRoadmap MeetingGoal listGoal specificity

    Survey or interview leadership directly

    66% directly attributable participation

    New technology assessmentMonthly/AnnuallyTeam/Roadmap MeetingTechnologies Reviewed IT staff participation/# SWOTs

    Increase participation from junior members

    50% presentations from junior members

    Initiative review

    Quarterly

    IT All-Staff Meeting

    • Status Review
    • Template usage
    • Action taken upon review
    • Template uptake
    • Identify predictive factors
    • Improve template
    • 25% of yellow lights to green
    • -50% requests for additional info

    Initiative creation

    Annually Roadmap MeetingInitiatives# of initiatives proposedBusiness uptake+25% sponsorship in 6 months (biz)

    Update and publish

    AnnuallyPDF reportRoadmap Final ReportLeadership engagement Improve audience reach+15% of LoB managers have read the report

    Establish baseline metrics

    Baseline metrics will improve through:

    1. Increased communication. More information being shared to more people who need it.
    2. Better planning. More accurate information being shared.
    3. Reduced lead times. Less due diligence or discovery work required as part of project implementations.
    4. Faster delivery times. Less less-valuable work, freeing up more time to project work.
    Metric description Current metric Future goal
    # of critical incidents resulting from equipment failure per month
    # of service provisioning delays due to resource (non-labor) shortages
    # of projects that involve standing up untested (no prior infrastructure PoC) technologies
    # of PoCs conducted each year
    # of initiatives proposed by infrastructure
    # of initiatives proposed that find business sponsorship in >1yr
    % of long-term projects reviewed as per goal framework
    # of initiatives proposed that are the only ones supporting a business goal
    # of technologies deployed being used by more than the original business sponsor
    # of PMO delays due to resource contention

    Insight Summary

    Insight 1

    Draw the first picture.

    Highly engaged and effective team members are proactive rather than reactive. Instead of waiting for clear inputs from the higher ups, take what you do know, make some educated guesses about the rest, and present that to leadership. Where thinking diverges will be crystal clear and the necessary adjustments will be obvious.

    Insight 2

    Infrastructure must position itself as the broker for new technologies.

    No man is an island; no technology is a silo. Infrastructure's must ensure that everyone in the company benefits from what can be shared, ensure those benefits are delivered securely and reliably, and prevent the uninitiated from making costly technological mistakes. It is easier to lead from the front, so infrastructure must stay on top of available technology.

    Insight 3

    The roadmap is a process that is business driven and not a document.

    In an ever-changing world the process of change itself changes. We know the value of any specific roadmap output diminishes quickly over time, but don't forget to challenge the process itself from time to time. Striving for perfection is a fool's game; embrace constant updates and incremental improvement.

    Insight 4

    Focus on the framework, not the output.

    There usually is no one right answer. Instead make sure both the business and infrastructure are considering common relevant elements and are working from a shared set of priorities. Data then, rather than hierarchical positioning or a d20 Charisma roll, becomes the most compelling factor in making a decision. But since your audience is in hierarchical ascendency over you, make the effort to become familiar with their language.

    4.2.3 Track metrics throughout the project to keep stakeholders informed

    An effective strategic infrastructure roadmap should help to:

    1. Initiate a schedule of infrastructure projects to achieve business goals.
    2. Adapt to feedback from executives on changing business priorities.
    3. Curate a portfolio of enabling technologies that align to the business whether growing or stabilizing.
    4. Manage the lifecycle of aging equipment in order to meet capacity demands.
    Metric description

    Metric goal

    Checkpoint 1

    Checkpoint 2

    Checkpoint 3

    # of critical incidents resulting from equipment failure per month >1
    # of service provisioning delays due to resource (non-labor) shortages >5
    # of projects that involve standing up untested (no prior infrastructure PoC) technologies >10%
    # of PoCs conducted each year 4
    # of initiatives proposed by infrastructure 4
    # of initiatives proposed that find business sponsorship in >1 year 1
    # of initiatives proposed that are the only ones supporting a business goal 1
    % of long-term projects reviewed as per goal framework 100%

    Summary of Accomplishment

    Review performance from last fiscal year

    • Analyzed and communicated the benefits and value realized from IT's strategic initiatives in the past fiscal year.
    • Analyzed and prioritized diagnostic data insights to communicate IT success stories.
    • Elicited important retrospective information such as KPIs, financials, etc. to build IT's credibility as a strategic business partner.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Related Info-Tech Research

    Build a Business-Aligned IT Strategy
    Success depends on IT initiatives clearly aligned to business goals, IT excellence, and driving technology innovation.

    Document your Cloud Strategy
    A cloud strategy might seem like a big project, but it's just a series of smaller conversations. The methodology presented here is designed to facilitate those conversations using a curated list of topics, prompts, participant lists, and sample outcomes. We have divided the strategy into four key areas.

    Develop an IT Asset Management Strategy
    ITAM is a foundational IT service that provides accurate, accessible, actionable data on IT assets. But there's no value in data for data's sake. Enable collaboration between IT asset managers, business leaders, and IT leaders to develop an ITAM strategy that maximizes the value they can deliver as service provider.

    Infrastructure & Operations Research Center
    Practical insights, tools, and methodologies to systematically improve IT Infrastructure & Operations.

    Summary of Accomplishment

    Knowledge gained

    • Deeper understanding of business goals and priorities
    • Key data the business requires for any given initiative
    • Quantification of risk
    • Leading criteria for successful technology adoption

    Processes optimized

    • Infrastructure roadmap
    • Initiative creation, estimation, evaluation, and prioritization
    • Inventory assessment for legacy infrastructure debt
    • Technology adoption

    Deliverables completed

    • Domain time study
    • Initiative intake analysis
    • Prioritized roadblock list
    • Goal listing
    • IT and business risk frameworks
    • Infrastructure inventory assessment
    • New technology analyzes
    • Initiative templates
    • Initiative candidates
    • Roadmap visualization
    • Process schedule
    • Communications strategy
    • Process map
    • Roadmap report

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Bibliography

    "10 Essential KPIs for the IT Strategic Planning Process." Apptio Inc, Dec. 2021. Accessed Nov. 2022.
    Amos, Justin. "8 areas your 2022 IT Infrastructure roadmap should cover." Soma, 24 Jan 2022 Accessed Nov. 2022
    Ahmed, Anam. "Importance of Mission Vision in Organizational Strategy." Chron, 14 March 2019. Accessed 10 May 2021. ."
    Barker, Joel A. "Joel A Barker Quote about Vision." Joel A Barker.com. Accessed 10 Nov 2022
    Bhagwat, Swapnil ."Top IT Infrastructure Management Strategies For 2023 , Atlas Systems, 23 Oct 2022. Accessed Nov. 2022.
    Blank, Steve. "You're Better Off Being A Fast Follower Than An Originator." Business Insider. 5 Oct. 2010. Web.
    Bridges, Jennifer . "IT Risk Management Strategies and Best Practices." Project Manager, 6 Dec 2019. Accessed Nov. 2022.
    "Building a Technology Roadmap That Stabilizes and Transforms." Collegis Education. Accessed Dec 2022.
    Collins, Gavin. "WHY AN IT INFRASTRUCTURE ROAD MAP?." Fifth Step, Date unknown. Accessed Nov. 2022.
    "Define the Business Context Needed to Complete Strategic IT Initiatives: 2018 Blueprint - ResearchAndMarkets.com." Business Wire, 1 Feb. 2018. Accessed 9 June 2021.
    De Vos, Colton. “Well-Developed IT Strategic Plan Example." Resolute Tech Solutions, 6 Jan 2020. Accessed Nov. 2022.
    Gray, Dave. "Post-Up." Gamestorming, 15 Oct. 2010. Accessed 10 Nov 2022
    Helm, Clay. "Majority of Surveyed Companies are Not Prepared for IT Needs of the Future." IBM Study, 4 Jan 2021. Accessed Nov. 2022.
    Hertvik, Joe. "8 Components of A Great IT Strategy, BMC Blogs, 29 May. 2020. Accessed Nov. 2022.
    ISACA, "Effective governance at your Fingertips". COBIT Framework, Accessed Dec 2022
    "IT Guiding Principles." Office of Information Technology, NC State University, 2014-2020. Accessed 9 Nov 2022.
    ""IT Infrastructure That Makes Employees Happier." Network Doctor, 2021. Accessed Dec 2022
    "IT Road mapping Helps Dura Remain at the Forefront of Auto Manufacturing." Performance Improvement Partners, ND. Accessed Dec 2022.
    ITtoolkit.com. "The IT Vision: A Strategic Path to Lasting IT Business Alignment." ITtoolkit Magazine, 2020. Accessed 9 June 2021.
    Kark, Khalid. "Survey: CIOs Are CEOs' Top Strategic Partner." CIO Journal, The Wall Street Journal, 22 May 2020. Accessed 11 May 2021.
    Kimberling, Eric. "What is "Future State" and Why is it Important?" Third Stage Consulting, 11 June 2021. Accessed Nov. 2022.
    Kishore. "The True Cost of Keeping the Lights On." Optanix, 1 Feb. 2017. Accessed Nov. 2022.
    Lakein, Alan. Libquotes.
    Mindsight. "THE ULTIMATE GUIDE TO CREATING A TECHNOLOGY ROADMAP" Mind sight, 12 Dec 2021. Accessed Nov. 2022.
    Milani, F. (2019). Future State Analysis. In: Digital Business Analysis. Springer, Cham. https://doi.org/10.1007/978-3-030-05719-0_13
    Newberry, Dennis. "Meeting the Challenges of Optimizing IT Cost and Capacity Management." BMC, 2021, Accessed 12 Nov 2022.
    Peek, Sean. "What Is a Vision Statement?" Business News Daily, 7 May 2020. Accessed 10 Nov 2022.
    Ramos, Diana. "Infrastructure Management 101: A Beginner's Guide to IT Infrastructure Management." Smartsheet.com. 30 Nov 2021. Accessed 09 Dec 2022.
    Ramsey, Dave. "Dave Rant: How to Finally Take Control of Your Money." Ramseysolutions. 26 Aug 2021. Accessed 10 Nov 2022.
    Richards-Gustafson, Flora. "5 Core Operational Strategies." Chron, 8 Mar 2019. Accessed 9 June 2021.
    Richardson, Nigel. "What are the differences between current and future state maps?." Nexus, 18 Oct 2022. Accessed Nov. 2022.
    Roush, Joe. "IT Infrastructure Planning: How To Get Started." BMC. 05 January, 2018. Accessed 24 Jan 2023.
    Shields, Corey. "A Complete Guide to IT Infrastructure Management." Ntiva, 15 Sept. 2020. Accessed 28 Nov. 2022.
    Snow, Shane. "Smartcuts: How Hackers, Innovators, and Icons Accelerate Success." Harper Business, 2014.
    Strohlein, Marc. "The CIO's Guide to Aligning IT Strategy with the Business." IDC, 2019. Accessed Nov 2022.
    Sull, Sull, and Yoder. "No One Knows Your Strategy — Not Even Your Top Leaders." MIT Sloan. 12 Feb 2018. Accessed 26 Jan 2023.
    "Team Purpose & Culture." Hyper Island. Accessed 10 Nov. 2022
    "Tech Spend Pulse, 2022." Flexera, Jan 2022, Accessed 15 Nov 2022
    "Tech Spend Pulse." Flexera, Dec. 2022. Accessed Nov. 2022.
    "The Definitive Guide to Developing an IT Strategy and Roadmap" CIO Pages.com , 5 Aug 13 2022. Accessed 30 Nov. 2022.
    Wei, Jessica. "Don't Tell Me Where Your Priorities Are – James W. Frick." Due.com, 21 Mar 2022. Accessed 23 Nov 2022.
    Zhu, Pearl. "How to Set Guiding Principles for an IT Organization." Future of CIO, 1 July 2013. Accessed 9 June 2021.

    AI Trends 2023

    • Buy Link or Shortcode: {j2store}207|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Business Intelligence Strategy
    • Parent Category Link: /business-intelligence-strategy

    As AI technologies are constantly evolving, organizations are looking for AI trends and research developments to understand the future applications of AI in their industries.

    Our Advice

    Critical Insight

    • Understanding trends and the focus of current and future AI research helps to define how AI will drive an organization’s new strategic opportunities.
    • Understanding the potential application of AI and its promise can help plan the future investments in AI-powered technologies and systems.

    Impact and Result

    Understanding AI trends and developments enables an organization’s competitive advantage.

    AI Trends 2023 Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. AI Trends 2023 – An overview of trends that will continue to drive AI innovation.

    • AI Trends Report 2023
    [infographic]

    Further reading

    AI Trends Report 2023

    The eight trends:

    1. Design for AI
    2. Event-Based Insights
    3. Synthetic Data
    4. Edge AI
    5. AI in Science and Engineering
    6. AI Reasoning
    7. Digital Twin
    8. Combinatorial Optimization
    Challenges that slowed the adoption of AI

    To overcome the challenges, enterprises adopted different strategies

    Data Readiness

    • Lack of unified systems and unified data
    • Data quality issues
    • Lack of the right data required for machine learning
    • Improve data management capabilities, including data governance and data initiatives
    • Create data catalogs
    • Document data and information architecture
    • Solve data-related problems including data quality, privacy, and ethics

    ML Operations Capabilities

    • Lack of tools, technologies, and methodologies to operationalize models created by data scientists
    • Increase availability of cloud platforms, tools, and capabilities
    • Develop and grow machine learning operations (MLOps) tools, platforms, and methodologies to enable model operationalizing and monitoring in production

    Understanding of AI Role and Its Business Value

    • Lack of understanding of AI use cases – how AI/ML can be applied to solve specific business problems
    • Lack of understanding how to define the business value of AI investments
    • Identify AI C-suite toolkits (for example, Empowering AI Leadership from the World Economic Forum, 2022)
    • Document industry use cases
    • Use frameworks and tools to define business value for AI investments

    Design for AI

    Sustainable AI system design needs to consider several aspects: the business application of the system, data, software and hardware, governance, privacy, and security.

    It is important to define from the beginning how AI will be used by and for the application to clearly articulate business value, manage expectations, and set goals for the implementation.

    Design for AI will change how we store and manage data and how we approach the use of data for development and operation of AI systems.

    An AI system design approach should cover all stages of AI lifecycle, from design to maintenance. It should also support and enable iterative development of an AI system.

    To take advantage of different tools and technologies for AI system development, deployment, and monitoring, the design of an AI system should consider software and hardware needs and design for seamless and efficient integrations of all components of the system and with other existing systems within the enterprise.

    AI in Science and Engineering

    AI helps sequence genomes to identify variants in a person’s DNA that indicate genetic disorders. It allows researchers to model and calculate complicated physics processes, to forecast the genesis of the universe’s structure, and to understand planet ecosystem to help advance the climate research. AI drives advances in drug discovery and can assist with molecule synthesis and molecular property identification.

    AI finds application in all areas of science and engineering. The role of AI in science will grow and allow scientists to innovate faster.

    AI will further contribute to scientific understanding by assisting scientists in deriving new insights, generating new ideas and connections, generalizing scientific concepts, and transferring them between areas of scientific research.

    Using synthetic data and combining physical and machine learning models and other advances of AI/ML – such as graphs, use of unstructured data (language models), and computer vision – will accelerate the use of AI in science and engineering.

    Event- and Scenario-Driven AI

    AI-driven signal-gathering systems analyze a continuous stream of data to generate insights and predictions that enable strategic decision modeling and scenario planning by providing understanding of how and what areas of business might be impacted by certain events.

    AI enables the scenario-based approach to drive insights through pattern identification in addition to familiar pattern recognition, helping to understand how events are related.

    A system with anticipatory capabilities requires an event-driven architecture that enables gathering and analyzing different types of data (text, video, images) across multiple channels (social media, transactional systems, news feeds, etc.) for event-driven and event-sequencing modeling.

    ML simulation-based training of the model using advanced techniques under the umbrella of Reinforcement Learning in conjunction with statistically robust Bayesian probabilistic framework will aid in setting up future trends in AI.

    AI Reasoning

    Most of the applications of machine learning and AI today is about predicting future behaviors based on historical data and past behaviors. We can predict what product the customer would most likely buy or the price of a house when it goes on sale.

    Most of the current algorithms use the correlation between different parameters to make a prediction, for example, the correlation between the event and the outcome can look like “When X occurs, we can predict that Y will occur.” This, however, does not translate into “Y occurred because of X.”

    The development of a causal AI that uses causal inference to reason and identify the root cause and the causal relationships between variables without mistaking correlation and causation is still in its early stages but rapidly evolving.

    Some of the algorithms that the researchers are working with are casual graph models and algorithms that are at the intersection of causal inference with decision making and reinforcement learning (Causal Artificial Intelligence Lab, 2022).

    Synthetic Data

    Synthetic data is artificially generated data that mimics the structure of real-life data. It should also have the same mathematical and statistical properties as the real-world data that it is created to replicate.

    Synthetic data is used to train machine learning models when there is not enough real data or the existing data does not meet specific needs. It allows users to remove contextual bias from data sets containing personal data, prevent privacy concerns, and ensure compliance with privacy laws and regulations.

    Another application of synthetic data is solving data-sharing challenges.

    Researchers learned that quite often synthetic data sets outperform real-world data. Recently, a team of researchers at MIT built a synthetic data set of 150,000 video clips capturing human actions and used that data set to train the model. The researchers found that “the synthetically trained models performed even better than models trained on real data for videos that have fewer background objects” (MIT News Office, 2022).

    Today, synthetic data is used in language systems, in training self-driving cars, in improving fraud detection, and in clinical research, just to name a few examples.

    Synthetic data opens the doors for innovation across all industries and applications of AI by enabling access to data for any scenario and technology and business needs.

    Digital Twins

    Digital twins (DT) are virtual replicas of physical objects, devices, people, places, processes, and systems. In Manufacturing, almost every product and manufacturing process can have a complete digital replica of itself thanks to IoT, streaming data, and cheap cloud storage.

    All this data has allowed for complex simulations of, for example, how a piece of equipment will perform over time to predict future failures before they happen, reducing costly maintenance and extending equipment lifetime.

    In addition to predictive maintenance, DT and AI technologies have enabled organizations to design and digitally test complex equipment such as aircraft engines, trains, offshore oil platforms, and wind turbines before physically manufacturing them. This helps to improve product and process quality, manufacturing efficiency, and costs. DT technology also finds applications in architecture, construction, energy, infrastructure industries, and even retail.

    Digital twins combined with the metaverse provide a collaborative and interactive environment with immersive experience and real-time physics capabilities (as an example, Siemens presented an Immersive Digital Twin of a Plant at the Collision 2022 conference).

    Future trends include enabling autonomous behavior of a DT. An advanced DT can replicate itself as it moves into several devices, hence requiring the autonomous property. Such autonomous behavior of the DT will in turn influence the growth and further advancement of AI.

    Edge AI

    A simple definition for edge AI: A combination of edge computing and artificial intelligence, it enables the deployment of AI applications in devices of the physical world, in the field, where the data is located, such as IoT devices, devices on the manufacturing floor, healthcare devices, or a self-driving car.

    Edge AI integrates AI into edge computing devices for quicker and improved data processing and smart automation.

    The main benefits of edge AI include:

    • Real-time data processing capabilities to reduce latency and enable near real-time analytics and insights.
    • Reduced cost and bandwidth requirements as there is no need to transfer data to the cloud for computing.
    • Increased data security as the data is processed locally, on the device, reducing the risk of loss of sensitive data.
    • Improved automation by training machines to perform automated tasks.

    Edge AI is already used in a variety of applications and use cases including computer vision, geospatial intelligence, object detection, drones, and health monitoring devices.

    Combinatorial Optimization

    “Combinatorial optimization is a subfield of mathematical optimization that consists of finding an optimal object from a finite set of objects” (Wikipedia, retrieved December 2022).

    Applications of combinatorial optimization include:

    • Supply chain optimization
    • Scheduling and logistics, for example, vehicle routing where the trucks are making stops for pickup and deliveries
    • Operations optimization

    Classical combinatorial optimization (CO) techniques were widely used in operations research and played a major role in earlier developments of AI.

    The introduction of deep learning algorithms in recent years allowed researchers to combine neural network and conventional optimization algorithms; for example, incorporating neural combinatorial optimization algorithms in the conventional optimization framework. Researchers confirmed that certain combinations of these frameworks and algorithms can provide significant performance improvements.

    The research in this space continues and we look forward to learning how machine learning and AI (backtracking algorithms, reinforcement learning, deep learning, graph attention networks, and others) will be used for solving challenging combinatorial and decision-making problems.

    References

    “AI Can Power Scenario Planning for Real-Time Strategic Insights.” The Wall Street Journal, CFO Journal, content by Deloitte, 7 June 2021. Accessed 11 Dec. 2022.
    Ali Fdal, Omar. “Synthetic Data: 4 Use Cases in Modern Enterprises.” DATAVERSITY, 5 May 2022. Accessed
    11 Dec. 2022.
    Andrews, Gerard. “What Is Synthetic Data?” NVIDIA, 8 June 2021. Accessed 11 Dec. 2022.
    Bareinboim, Elias. “Causal Reinforcement Learning.” Causal AI, 2020. Accessed 11 Dec. 2022.
    Bengio, Yoshua, Andrea Lodi, and Antoine Prouvost. “Machine learning for combinatorial optimization: A methodological tour d’horizon.” European Journal of Operational Research, vol. 290, no. 2, 2021, pp. 405-421, https://doi.org/10.1016/j.ejor.2020.07.063. Accessed 11 Dec. 2022.
    Benjamins, Richard. “Four design principles for developing sustainable AI applications.” Telefónica S.A., 10 Sept. 2018. Accessed on 11 Dec. 2022.
    Blades, Robin. “AI Generates Hypotheses Human Scientists Have Not Thought Of.” Scientific American, 28 October 2021. Accessed 11 Dec. 2022.
    “Combinatorial Optimization.” Wikipedia article, Accessed 11 Dec. 2022.
    Cronholm, Stefan, and Hannes Göbel. “Design Principles for Human-Centred Artificial Intelligence.” University of Borås, Sweden, 11 Aug. 2022. Accessed on 11 Dec. 2022
    Devaux, Elise. “Types of synthetic data and 4 real-life examples.” Statice, 29 May 2022. Accessed 11 Dec. 2022.
    Emmental, Russell. “A Guide to Causal AI.” ITBriefcase, 30 March 2022. Accessed 11 Dec. 2022.
    “Empowering AI Leadership: AI C-Suite Toolkit.” World Economic Forum, 12 Jan. 2022. Accessed 11 Dec 2022.
    Falk, Dan. “How Artificial Intelligence Is Changing Science.” Quanta Magazine, 11 March 2019. Accessed 11 Dec. 2022.
    Fritschle, Matthew J. “The Principles of Designing AI for Humans.” Aumcore, 17 Aug. 2018. Accessed 8 Dec. 2022.
    Garmendia, Andoni I., et al. Neural Combinatorial Optimization: a New Player in the Field.” IEEE, arXiv:2205.01356v1, 3 May 2022. Accessed 11 Dec. 2022.
    Gülen, Kerem. “AI Is Revolutionizing Every Field and Science is no Exception.” Dataconomy Media GmbH, 9 Nov. 9, 2022. Accessed 11 Dec. 2022
    Krenn, Mario, et al. “On scientific understanding with artificial intelligence.” Nature Reviews Physics, vol. 4, 11 Oct. 2022, pp. 761–769. https://doi.org/10.1038/s42254-022-00518-3. Accessed 11 Dec. 2022.
    Laboratory for Information and Decision Systems. “The real promise of synthetic data.” MIT News, 16 Oct. 2020. Accessed 11 Dec. 2022.
    Lecca, Paola. “Machine Learning for Causal Inference in Biological Networks: Perspectives of This Challenge.” Frontiers, 22 Sept. 2021. Accessed 11 Dec. 2022. Mirabella, Lucia. “Digital Twin x Metaverse: real and virtual made easy.” Siemens presentation at Collision 2022 conference, Toronto, Ontario. Accessed 11 Dec. 2022. Mitchum, Rob, and Louise Lerner. “How AI could change science.” University of Chicago News, 1 Oct. 2019. Accessed 11 Dec. 2022.
    Okeke, Franklin. “The benefits of edge AI.” TechRepublic, 22 Sept. 2022, Accessed 11 Dec. 2022.
    Perlmutter, Nathan. “Machine Learning and Combinatorial Optimization Problems.” Crater Labs, 31 July 31, 2019. Accessed 11 Dec. 2022.
    Sampson, Ovetta. “Design Principles for a New AI World.” UX Magazine, 6 Jan. 2022. Accessed 11 Dec. 2022.
    Sgaier, Sema K., Vincent Huang, and Grace Charles. “The Case for Causal AI.” Stanford Social Innovation Review, Summer 2020. Accessed 11 Dec. 2022.
    “Synthetic Data.” Wikipedia article, Accessed 11 Dec. 2022.
    Take, Marius, et al. “Software Design Patterns for AI-Systems.” EMISA Workshop 2021, CEUR-WS.org, Proceedings 30. Accessed 11 Dec. 2022.
    Toews, Rob. “Synthetic Data Is About To Transform Artificial Intelligence.” Forbes, 12 June 2022. Accessed
    11 Dec. 2022.
    Zewe, Adam. “In machine learning, synthetic data can offer real performance improvements.” MIT News Office, 3 Nov. 2022. Accessed 11 Dec. 2022.
    Zhang, Junzhe, and Elias Bareinboim. “Can Humans Be out of the Loop?” Technical Report, Department of Computer Science, Columbia University, NY, June 2022. Accessed 11 Dec. 2022.

    Contributors

    Irina Sedenko Anu Ganesh Amir Feizpour David Glazer Delina Ivanova

    Irina Sedenko

    Advisory Director

    Info-Tech

    Anu Ganesh

    Technical Counselor

    Info-Tech

    Amir Feizpour

    Co-Founder & CEO

    Aggregate Intellect Inc.

    David Glazer

    VP of Analytics

    Kroll

    Delina Ivanova

    Associate Director, Data & Analytics

    HelloFresh

    Usman Lakhani

    DevOps

    WeCloudData

    Gain Control of Cloud Integration Strategies Before they Float Away

    • Buy Link or Shortcode: {j2store}362|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Enterprise Integration
    • Parent Category Link: /enterprise-integration
    • IT is typically backlogged with tasks while the business waits to implement key solutions to remain competitive. In this competitive space, Cloud solutions offer attractive benefits to business stakeholders especially around agility and cost.
    • Moving to the Cloud involves more than outsourcing a component of the technology stack. Roles, processes, and authentication technologies need to be redefined to fit a distributed stack where parts of the IT solution space reside on-premise while the rest are in the Cloud.
    • Cloud integration means accepting loss of control in product development. A Cloud vendor will address the needs of most constituents and any high degree of customization which counteracts their business model. This makes integration a complex initiative involving two separate parties trying to align.

    Our Advice

    Critical Insight

    • Cloud integration is a fundamental commitment to change within the organization as it deeply impacts roles, processes, and technologies.
    • Be prepared to lose some degree of control of SLA management. IT will have to manage multiple Cloud SLAs and deliver a lowest common approach to the business. This may mean lowering the SLA standards previously set with on-premise solutions.
    • Cloud integration isn’t just about the technology. It is a dedication to establish solid relationships with the Cloud vendor. Understanding where the cloud solution is moving and what issues are being addressed are critical to creating an organizational road map for the future.

    Impact and Result

    • Develop a Cloud integration strategy by proactively understanding the impact of Cloud integration efforts to the organization.
    • Realize that Cloud integration will be an ongoing process of collaboration with the business, and that the initial implementation does not constitute an end.
    • Implement an integrated support structure that includes on-premise and cloud stacks.

    Gain Control of Cloud Integration Strategies Before they Float Away Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Understand the impacts of Cloud computing on Data, Application, Access, and Service Level Agreement integration

    Assess your current level of Cloud adoption and integration, focusing on solutions that are emerging in the market and the applicability to your IT environment.

    • Storyboard: Gain Control of Cloud Integration Strategies Before they Float Away
    • Cloud Integration Checklist
    • None
    [infographic]

    Create an Agile-Friendly Project Gating and Governance Approach

    • Buy Link or Shortcode: {j2store}162|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $33,499 Average $ Saved
    • member rating average days saved: 57 Average Days Saved
    • Parent Category Name: Development
    • Parent Category Link: /development
    • Organizations often apply gating and governance to IT projects to ensure resources are being used efficiently and effectively.
    • Agile project teams often complain that traditional project gating and governance interfere with their ability to delivery because traditional gating and governance were designed for Waterfall delivery methods.

    Our Advice

    Critical Insight

    Imposing a traditional gating and governance approach on an Agile project can eliminate the advantages that Agile delivery methods offer. Make sure to rework your traditional project gating and governance approach to be Agile friendly.

    Impact and Result

    • Create a project gating and governance approach that is Agile friendly and helps your organization realize the most benefit from its Agile transformation.
    • Oversee your Agile projects with confidence by adjusting the level of support and oversight they receive based on their Agilometer score.
    • Define a revised set of project gating artifacts that support Agile delivery methods.
    • Adopt a “trust but verify” approach to Agile project gating that will reduce risk and help ensure value delivery.

    Create an Agile-Friendly Project Gating and Governance Approach Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Create an Agile-Friendly Project Gating and Governance Approach Deck – A step-by-step guide to creating an Agile-friendly project gating and governance approach that will support Agile delivery methods in your organization.

    This deck is a guide to creating your own Agile-friendly project gating and governance approach using Info-Tech’s Agile Gating Framework.

    • Create an Agile-Friendly Project Gating and Governance Approach – Phases 1-3

    2. Your Gates 3 and 3A Checklists – The Gates 3 and 3A Checklists are used to determine when a project is ready to enter and exit the Risk Reduction & Value Confirmation phase.

    Modify Info-Tech’s Gates 3 and 3A Checklists to meet your organization’s needs, and then use them to determine when Agile projects are ready to enter and exit the RRVC phase.

    • Gates 3 and 3A Checklists

    3. Your Agilometer – The Agilometer is used to determine a project’s readiness to use an Agile delivery method.

    Modify Info-Tech’s Agilometer to meet your organization’s needs, and then use it to determine the level of support and oversight the project will need.

    • Agilometer

    4. Your Agile Project Status Report – An Agile Status Report will be used to monitor project progress.

    Modify Info-Tech’s Agile Project Status Report to meet your organization’s needs, and then use it to monitor in-flight Agile projects.

    • Agile Project Status Report

    5. Project Burndown Chart – A tool to let you monitor project burndown over time.

    Use Info-Tech’s Project Burndown Chart to monitor the progress of your in-flight Agile projects.

    • Project Burndown Chart

    6. Traditional to Agile Gating Artifact Mapping – A tool to help you rework your project gating artifacts to be Agile-friendly.

    Use Info-Tech’s Traditional to Agile Gating Artifact Mapping tool to modify your gating artifacts for Agile projects.

    • Traditional to Agile Gating Artifact Mapping
    [infographic]

    Further reading

    Create an Agile-Friendly Project Gating and Governance Approach

    Use Info-Tech’s Agile Gating Framework as a guide to gating your Agile projects using a “trust but verify” approach.

    Table of Contents

    Analyst Perspective

    Executive Summary

    Phase 1: Establish Your Gating and Governance Purpose

    Phase 2: Understand and Adapt Info-Tech’s Agile Gating Framework

    Phase 3: Complete Your Agile Gating Framework

    Where Do I Go Next?

    Bibliography

    Facilitator Slides

    Analyst Perspective

    Make your gating and governance process Agile friendly by following a “trust but verify” approach

    Most project gating and governance approaches are designed for traditional (Waterfall) delivery methods. However, Agile delivery methods call for a different way of working that doesn’t align well with these approaches.

    Applying traditional project gating and governance to Agile projects is like trying to fit a square peg in a round hole. Not only will it make Agile project delivery less efficient, but in the extreme, it can lead to outright project failure and even derail your organization’s Agile transformation.

    If you want Agile to successfully take root in your organization, be prepared to rethink your current gating and governance practices. This document presents a framework that you can use to rework your approach to provide both effective oversight and support for your Agile projects.

    Photo of Alex Ciraco, Principal Research Director, Application Delivery and Management, Info-Tech Research Group. Alex Ciraco
    Principal Research Director,
    Application Delivery and Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge
    • Many government organizations are adopting Agile project delivery methods because they have proven to be more effective than traditional delivery approaches at responding to today’s fast pace of change.
    • Government organizations have an obligation to govern projects to ensure effective use of public resources, regardless of the delivery method being used.
    Common Obstacles
    • Most government gating and governance frameworks were designed around traditional (often called “Waterfall”) delivery methods.
    • Agile and Waterfall work in completely different ways, so imposing traditional gating and governance frameworks on Agile projects will stifle progress and can even lead to project failure.
    • Government organizations must adjust their gating and governance frameworks to accommodate Agile delivery methods.
    Info-Tech’s Approach
    • Begin by understanding the fundamental purpose of project gating and governance.
    • Next, understand the major differences between Agile and Waterfall delivery methods.
    • Then, armed with this knowledge, use Info-Tech’s Agile Gating Framework to redefine your gating and governance approach to be Agile friendly.
    Info-Tech Insight

    Imposing a traditional governance approach on an Agile project can eliminate the advantages that Agile delivery methods offer. Make sure to rework your project gating and governance approach to be Agile friendly.

    Info-Tech’s methodology for Creating an Agile-Friendly Project Gating and Governance Approach

    1. Establish Your Gating and Governance Purpose 2. Understand and Adapt Info-Tech’s Agile Gating Framework 3. Complete your Agile Gating Framework
    Phase Steps

    1.1 Understand How We Gate and Govern Projects

    1.2 Compare Traditional to Agile Delivery

    1.3 Realize What Traditional Gating Looks Like and Why

    2.1 Understand How Agile Manages Risk and Ensures Value Delivery

    2.2 Introducing Info-Tech’s Agile Gating Framework

    2.3 Create Your Agilometer

    2.4 Create an Agile-Friendly Project Status Report

    2.5 Select Your Agile Health Check Tool

    3.1 Map Your Traditional Gating Artifacts to Agile Delivery

    3.2 Determine Your Now, Next, Later Roadmap for Implementation

    Phase Outcomes
    1. Your gating/governance purpose statement
    2. A fundamental understanding of the difference between traditional and Agile delivery methods.
    1. An understanding of Info-Tech’s Agile Gating Framework
    2. Your Gates 3 and 3A checklists
    3. Your Agilometer tool
    4. Your Agile project status report template
    5. Your Agile health check tool
    1. Artifact map for your Agile gating framework
    2. Roadmap for Agile gating implementation

    Key Deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals, including:

    Agilometer Tool

    Create your customized Agilometer tool to determine project support and oversight needs.
    Sample of the 'Agilometer Tool' deliverable.

    Gates 3 and 3A Checklists

    Create your customized checklists for projects at Gates 3 and 3A.
    Sample of the 'Gates 3 and 3A Checklists' deliverable.

    Agile-Friendly Project Status Report

    Create your Agile-friendly project status report to monitor progress.
    Sample of the 'Agile-Friendly Project Status Report' deliverable.

    Artifact Mapping Tool

    Map your traditional gating artifacts to their Agile replacements.
    Sample of the 'Artifact Mapping Tool' deliverable.

    Create an Agile-Friendly Project Gating and Governance Approach

    Phase 1

    Establish your gating and governance purpose

    Phase 1

    1.1 Understand How We Gate and Govern Projects

    1.2 Compare Traditional to Agile Delivery

    1.3 Realize What Traditional Gating Looks Like And Why

    Phase 2

    2.1 Understand How Agile Manages Risk and Ensures Value Delivery

    2.2 Introducing Info-Tech’s Agile Gating Framework

    2.3 Create Your Agilometer

    2.4 Create Your Agile-Friendly Project Status Report

    2.5 Select Your Agile Health Check Tool

    Phase 3

    3.1 Map Your Traditional Gating Artifacts to Agile Delivery

    3.2 Determine Your Now, Next, Later Roadmap for Implementation

    This phase will walk you through the following activities:

    • Understand why gating and governance are so important to your organization.
    • Compare and contrast traditional to Agile delivery.
    • Identify what form traditional gating takes in your organization.

    This phase involves the following participants:

    • PMO/Gating Body
    • Delivery Managers
    • Delivery Teams
    • Other Interested Parties

    Agile gating–related facts and figures

    73% of organizations created their project gating framework before adopting or considering Agile delivery practices. (Athens Journal of Technology and Engineering)

    71% of survey respondents felt an Agile-friendly gating approach improves both productivity and product quality. (Athens Journal of Technology and Engineering)

    Moving to an Agile-friendly gating approach has many benefits:
    • Faster response to change
    • Improved productivity
    • Higher team morale
    • Better product quality
    • Faster releases
    (Journal of Product Innovation Management)

    Traditional gating approaches can undermine an Agile project

    • Most existing gating and governance frameworks (often referred to as phase-gate) impose requirements on projects that are anti-patterns to an Agile delivery approach
    • For example, any gating approach that requires a project to deliver a detailed requirements document before coding can begin will make it difficult or impossible for the project to use an Agile delivery method.
    • The same can be said for other common phase-gate requirements including:
      • Imposing a formal (and onerous) change control process on project requirements.
      • Requiring a detailed design document and/or detailed user acceptance test plan at the beginning of the project.
      • Asking the project to produce a detailed project plan.
    (DZone)
    Don’t make the mistake of asking an Agile project to follow a traditional phase-gate approach to project delivery!

    Before reworking your gating approach, you need to consider two important questions

    Answering these questions will help guide your new gating process to both be Agile friendly and meet your organization’s needs

    1. What is the fundamental purpose of gating? By examining the fundamental purpose of gating, you will be better able to adjust your approach to achieve the desired outcomes in an Agile context.
    2. How does Agile delivery differ from traditional? By understanding how Agile delivery differs from traditional, you will be better able to adjust your gating approach to support Agile delivery methods.

    Stock image of speech bubbles hanging on string with a question mark and lightbulb drawn on them.

    Build a Service Desk Consolidation Strategy

    • Buy Link or Shortcode: {j2store}479|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Service Desk
    • Parent Category Link: /service-desk
    • Incompatible technologies. Organizations with more than one service desk are likely to have many legacy IT service management (ITSM) solutions. These come with a higher support cost, costly skill-set maintenance, and the inability to negotiate volume licensing discounts.
    • Inconsistent processes. Organizations with more than one service desk often have incompatible processes, which can lead to inconsistent service support across departments, less staffing flexibility, and higher support costs.
    • Lack of data integration. Without a single system and consistent processes, IT leaders often have only a partial view of service support activities. This can lead to rigid IT silos, limit the ability to troubleshoot problems, and streamline process workflows.

    Our Advice

    Critical Insight

    • Every step should put people first. It’s tempting to focus the strategy on designing processes and technologies for the target architecture. However, the most common barrier to success is workforce resistance to change.
    • A consolidated service desk is an investment, not a cost-reduction program. Focus on efficiency, customer service, and end-user satisfaction. There will be many cost savings, but viewing them as an indirect consequence of the pursuit of efficiency and customer service is the best approach.

    Impact and Result

    • Conduct a comprehensive assessment of existing service desk people, processes, and technology.
    • Identify and retire resources and processes that are no longer meeting business needs, and consolidate and modernize resources and processes that are worth keeping.
    • Identify logistic and cost considerations and create a roadmap of consolidation initiatives.
    • Communicate the change and garner support for the consolidation initiative.

    Build a Service Desk Consolidation Strategy Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build a service desk consolidation strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Develop a shared vision

    Engage stakeholders to develop a vision for the project and perform a comprehensive assessment of existing service desks.

    • Build a Service Desk Consolidation Strategy – Phase 1: Develop a Shared Vision
    • Stakeholder Engagement Workbook
    • Consolidate Service Desk Executive Presentation
    • Consolidate Service Desk Assessment Tool
    • IT Skills Inventory and Gap Assessment Tool

    2. Design the consolidated service desk

    Outline the target state of the consolidated service desk and assess logistics and cost of consolidation.

    • Build a Service Desk Consolidation Strategy – Phase 2: Design the Consolidated Service Desk
    • Consolidate Service Desk Scorecard Tool
    • Consolidated Service Desk SOP Template
    • Service Desk Efficiency Calculator
    • Service Desk Consolidation TCO Comparison Tool

    3. Plan the transition

    Build a project roadmap and communication plan.

    • Build a Service Desk Consolidation Strategy – Phase 3: Plan the Transition
    • Service Desk Consolidation Roadmap
    • Service Desk Consolidation Communications and Training Plan Template
    • Service Desk Consolidation News Bulletin & FAQ Template
    [infographic]

    Workshop: Build a Service Desk Consolidation Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Engage Stakeholders to Develop a Vision for the Service Desk

    The Purpose

    Identify and engage key stakeholders.

    Conduct an executive visioning session to define the scope and goals of the consolidation.

    Key Benefits Achieved

    A list of key stakeholders and an engagement plan to identify needs and garner support for the change.

    A common vision for the consolidation initiative with clearly defined goals and objectives.

    Activities

    1.1 Identify key stakeholders and develop an engagement plan.

    1.2 Brainstorm desired service desk attributes.

    1.3 Conduct an executive visioning session to craft a vision for the consolidated service desk.

    1.4 Define project goals, principles, and KPIs.

    Outputs

    Stakeholder Engagement Workbook

    Executive Presentation

    2 Conduct a Full Assessment of Each Service Desk

    The Purpose

    Assess the overall maturity, structure, organizational design, and performance of each service desk.

    Assess current ITSM tools and how well they are meeting needs.

    Key Benefits Achieved

    A robust current state assessment of each service desk.

    An understanding of agent skills, satisfaction, roles, and responsibilities.

    An evaluation of existing ITSM tools and technology.

    Activities

    2.1 Review the results of diagnostics programs.

    2.2 Map organizational structure and roles for each service desk.

    2.3 Assess overall maturity and environment of each service desk.

    2.4 Assess current information system environment.

    Outputs

    Consolidate Service Desk Assessment Tool

    3 Design Target Consolidated Service Desk

    The Purpose

    Define the target state for consolidated service desk.

    Identify requirements for the service desk and a supporting solution.

    Key Benefits Achieved

    Detailed requirements and vision for the consolidated service desk.

    Gap analysis of current vs. target state.

    Documented standardized processes and procedures.

    Activities

    3.1 Identify requirements for target consolidated service desk.

    3.2 Build requirements document and shortlist for ITSM tool.

    3.3 Use the scorecard comparison tool to assess the gap between existing service desks and target state.

    3.4 Document standardized processes for new service desk.

    Outputs

    Consolidate Service Desk Scorecard Tool

    Consolidated Service Desk SOP

    4 Plan for the Transition

    The Purpose

    Break down the consolidation project into specific initiatives with a detailed timeline and assigned responsibilities.

    Plan the logistics and cost of the consolidation for process, technology, and facilities.

    Develop a communications plan.

    Key Benefits Achieved

    Initial analysis of the logistics and cost considerations to achieve the target.

    A detailed project roadmap to migrate to a consolidated service desk.

    A communications plan with responses to anticipated questions and objections.

    Activities

    4.1 Plan the logistics of the transition.

    4.2 Assess the cost and savings of consolidation to refine business case.

    4.3 Identify initiatives and develop a project roadmap.

    4.4 Plan communications for each stakeholder group.

    Outputs

    Consolidation TCO Tool

    Consolidation Roadmap

    Executive Presentation

    Communications Plan

    News Bulletin & FAQ Template

    Further reading

    Build a Service Desk Consolidation Strategy

    Manage the dark side of growth.

    ANALYST PERSPECTIVE

    A successful service desk consolidation begins and ends with people.

    "It’s tempting to focus strategic planning on the processes and technology that will underpin the consolidated service desk. Consistent processes and a reliable tool will cement the consolidation, but they are not what will hold you back.

    The most common barrier to a successful consolidation is workforce resistance to change. Cultural difference, perceived risks, and organizational inertia can hinder data gathering, deter collaboration, and impede progress from the start.

    Building a consolidated service desk is first and foremost an exercise in organizational change. Garner executive support for the project, enlist a team of volunteers to lead the change, and communicate with key stakeholders early and often. The key is to create a shared vision for the project and engage those who will be most affected."

    Sandi Conrad

    Senior Director, Infrastructure Practice

    Info-Tech Research Group

    Our understanding of the problem

    This Research is Designed For:

    • CIOs who need to reduce support costs and improve customer service.
    • IT leaders tasked with the merger of two or more IT organizations.
    • Service managers implementing a shared service desk tool.
    • Organizations rationalizing IT service management (ITSM) processes.

    This Research Will Help You:

    • Develop a shared vision for the consolidated service desk.
    • Assess key metrics and report on existing service desk architecture.
    • Design a target service desk architecture and assess how to meet the new requirements.
    • Deploy a strategic roadmap to build the consolidated service desk architecture.

    Executive summary

    Situation

    Every organization must grow to survive. Good growth makes an organization more agile, responsive, and competitive, which leads to further growth.

    The proliferation of service desks is a hallmark of good growth when it empowers the service of diverse end users, geographies, or technologies.

    Complication

    Growth has its dark side. Bad growth within a business can hinder agility, responsiveness, and competitiveness, leading to stagnation.

    Supporting a large number of service desks can be costly and inefficient, and produce poor or inconsistent customer service, especially when each service desk uses different ITSM processes and technologies.

    Resolution

    Manage the dark side of growth. Consolidating service desks can help standardize ITSM processes, improve customer service, improve service desk efficiency, and reduce total support costs. A consolidation is a highly visible and mission critical project, and one that will change the public face of IT. Organizations need to get it right.

    Building a consolidated service desk is an exercise in organizational change. The success of the project will hinge on how well the organization engages those who will be most affected by the change. Build a guiding coalition for the project, create a shared vision, enlist a team of volunteers to lead the change, and communicate with key stakeholders early and often.

    Use a structured approach to facilitate the development of a shared strategic vision, design a detailed consolidated architecture, and anticipate resistance to change to ensure the organization reaps project benefits.

    Info-Tech Insight

    1. Every step should put people first. It’s tempting to focus the strategy on designing processes and technologies for the target architecture. However, the most common barrier to success is workforce resistance to change.
    2. A consolidated service desk is an investment, not a cost-reduction program. Focus on efficiency, customer service, and end-user satisfaction. Cost savings, and there will be many, should be seen as an indirect consequence of the pursuit of efficiency and customer service.

    Focus the service desk consolidation project on improving customer service to overcome resistance to change

    Emphasizing cost reduction as the most important motivation for the consolidation project is risky.

    End-user satisfaction is a more reliable measure of a successful consolidation.

    • Too many variables affect the impact of the consolidation on the operating costs of the service desk to predict the outcome reliably.
    • Potential reductions in costs are unlikely to overcome organizational resistance to change.
    • Successful service desk consolidations can increase ticket volume as agents capture tickets more consistently and increase customer service.

    The project will generate many cost savings, but they will take time to manifest, and are best seen as an indirect consequence of the pursuit of customer service.

    Info-Tech Insight

    Business units facing a service desk consolidation are often concerned that the project will lead to a loss of access to IT resources. Focus on building a customer-focused consolidated service desk to assuage those fears and earn their support.

    End users, IT leaders, and process owners recognize the importance of the service desk.

    2nd out of 45

    On average, IT leaders and process owners rank the service desk 2nd in terms of importance out of 45 core IT processes. Source: Info-Tech Research Group, Management and Governance Diagnostic (2015, n = 486)

    42.1%

    On average, end users who were satisfied with service desk effectiveness rated all other IT services 42.1% higher than dissatisfied end users. Source: Info-Tech Research Group, End-User Satisfaction Survey 2015, n = 133)

    38.0%

    On average, end users who were satisfied with service desk timeliness rated all other IT services 38.0% higher than dissatisfied end users. Source: Info-Tech Research Group, End-User Satisfaction Survey (2015, n = 133)

    Overcome the perceived barriers from differing service unit cultures to pursue a consolidated service desk (CSD)

    In most organizations, the greatest hurdles that consolidation projects face are related to people rather than process or technology.

    In a survey of 168 service delivery organizations without a consolidated service desk, the Service Desk Institute found that the largest internal barrier to putting in place a consolidated service desk was organizational resistance to change.

    Specifically, more than 56% of respondents reported that the different cultures of each service unit would hinder the level of collaboration such an initiative would require.

    The image is a graph titled Island cultures are the largest barrier to consolidation. The graph lists Perceived Internal Barriers to CSD by percentage. The greatest % barrier is Island cultures, with executive resistance the next highest.

    Service Desk Institute (n = 168, 2007)

    Info-Tech Insight

    Use a phased approach to overcome resistance to change. Focus on quick-win implementations that bring two or three service desks together in a short time frame and add additional service desks over time.

    Avoid the costly proliferation of service desks that can come with organizational growth

    Good and bad growth

    Every organization must grow to survive, and relies heavily on its IT infrastructure to do that. Good growth makes an organization more agile, responsive, and competitive, and leads to further growth.

    However, growth has its dark side. Bad growth hobbles agility, responsiveness, and competitiveness, and leads to stagnation.

    As organizations grow organically and through mergers, their IT functions create multiple service desks across the enterprise to support:

    • Large, diverse user constituencies.
    • Rapidly increasing call volumes.
    • Broader geographic coverage.
    • A growing range of products and services.

    A hallmark of bad growth is the proliferation of redundant and often incompatible ITSM services and processes.

    Project triggers:

    • Organizational mergers
    • ITSM tool purchase
    • Service quality or cost-reduction initiatives
    Challenges arising from service desk proliferation:
    Challenge Impact
    Incompatible Technologies
    • Inability to negotiate volume discounts.
    • Costly skill set maintenance.
    • Increased support costs.
    • Increased shadow IT.
    Inconsistent Processes
    • Low efficiency.
    • High support costs.
    • Inconsistent support quality.
    • Less staffing flexibility.
    Lack of Data Integration
    • Only partial view of IT.
    • Inefficient workflows.
    • Limited troubleshooting ability.
    Low Customer Satisfaction
    • Fewer IT supporters.
    • Lack of organizational support.

    Consolidate service desks to integrate the resources, processes, and technology of your support ecosystem

    What project benefits can you anticipate?

    • Consolidated Service Desk
      • End-user group #1
      • End-user group #2
      • End-user group #3
      • End-user group #4

    A successful consolidation can significantly reduce cost per transaction, speed up service delivery, and improve the customer experience through:

    • Single point of contact for end users.
    • Integrated ITSM solution where it makes sense.
    • Standardized processes.
    • Staffing integration.
    Project Outcome

    Expected Benefit

    Integrated information The capacity to produce quick, accurate, and segmented reports of service levels across the organization.
    Integrated staffing Flexible management of resources that better responds to organizational needs.
    Integrated technology Reduced tool procurement costs, improved data integration, and increased information security.
    Standardized processes Efficient and timely customer service and a more consistent customer experience.

    Standardized and consolidated service desks will optimize infrastructure, services, and resources benefits

    • To set up a functioning service desk, the organization will need to invest resources to build and integrate tier 1, tier 2, and tier 3 capabilities to manage incidents and requests.
    • The typical service desk (Figure 1) can address a certain number of tickets from all three tiers. If your tickets in a given tier are less than that number, you are paying for 100% of service costs but consuming only a portion of it.
    • The consolidated model (Figure 2) reduces the service cost by reducing unused capacity.
    • Benefits of consolidation include a single service desk solution, a single point of contact for the business, data integration, process standardization, and consolidated administration, reporting, and management.

    The image is a graphic showing 2 figures. The first shows ring graphs labelled Service Desk 1 and Service Desk 2, with the caption Service provisioning with distinct service desks. Figure 2 shows one graphic, captioned Service provisioning with Consolidated service providers. At the bottom of the image, there is a legend.

    Info-Tech’s approach to service desk consolidation draws on key metrics to establish a baseline and a target state

    The foundation of a successful service desk consolidation initiative is a robust current state assessment. Given the project’s complexity, however, determining the right level of detail to include in the evaluation of existing service desks can be challenging.

    The Info-Tech approach to service desk consolidation includes:

    • Envisioning exercises to set project scope and garner executive support.
    • Surveys and interviews to identify the current state of people, processes, technologies, and service level agreements (SLAs) in each service desk, and to establish a baseline for the consolidated service desk.
    • Service desk comparison tools to gather the results of the current state assessment for analysis and identify current best practices for migration to the consolidated service desk.
    • Case studies to illustrate the full scope of the project and identify how different organizations deal with key challenges.

    The project blueprint walks through a method that helps identify which processes and technologies from each service desk work best, and it draws on them to build a target state for the consolidated service desk.

    Inspiring your target state from internal tools and best practices is much more efficient than developing new tools and processes from scratch.

    Info-Tech Insight

    The two key hurdles that a successful service desk consolidation must overcome are organizational complexity and resistance to change.

    Effective planning during the current state assessment can overcome these challenges.

    Identify existing best practices for migration to the consolidated service desk to foster agent engagement and get the consolidated service desk up quickly.

    A consolidation project should include the following steps and may involve multiple transition phases to complete

    Phase 1: Develop a Shared Vision

    • Identify stakeholders
    • Develop vision
    • Measure baseline

    Phase 2: Design the Consolidation

    • Design target state
    • Assess gaps to reach target
    • Assess logistics and cost

    Phase 3: Plan the Transition

    • Develop project plan and roadmap
    • Communicate changes
    • Make the transition
      • Evaluate and prepare for next transition phase (if applicable)
      • Evaluate and stabilize
        • CSI

    Whether or not your project requires multiple transition waves to complete the consolidation depends on the complexity of the environment.

    For a more detailed breakdown of this project’s steps and deliverables, see the next section.

    Follow Info-Tech’s methodology to develop a service desk consolidation strategy

    Phases Phase 1: Develop a Shared Vision Phase 2: Design the Consolidated Service Desk Phase 3: Plan the Transition
    Steps 1.1 - Identify and engage key stakeholders 2.1 - Design target consolidated service desk 3.1 - Build the project roadmap
    1.2 - Develop a vision to give the project direction
    1.3 - Conduct a full assessment of each service desk 2.2 - Assess logistics and cost of consolidation 3.2 - Communicate the change
    Tools & Templates Executive Presentation Consolidate Service Desk Scorecard Tool Service Desk Consolidation Roadmap
    Consolidate Service Desk Assessment Tool Consolidated Service Desk SOP Communications and Training Plan Template
    Service Desk Efficiency Calculator News Bulletin & FAQ Template
    Service Desk Consolidation TCO Comparison Tool

    Service desk consolidation is the first of several optimization projects focused on building essential best practices

    Info-Tech’s Service Desk Methodology aligns with the ITIL framework

    Extend

    Facilitate the extension of service management best practices to other business functions to improve productivity and position IT as a strategic partner.

    Standardize

    Build essential incident, service request, and knowledge management processes to create a sustainable service desk that meets business needs.

    Improve

    Build a continual improvement plan for the service desk to review and evaluate key processes and services, and manage the progress of improvement initiatives.

    Adopt Lean

    Build essential incident, service request, and knowledge management processes to create a sustainable service desk that boosts business value.

    Select and Implement

    Review mid-market and enterprise service desk tools, select an ITSM solution, and build an implementation plan to ensure your investment meets your needs.

    Consolidate

    Build a strategic roadmap to consolidate service desks to reduce end-user support costs and sustain end-user satisfaction.

    Our Approach to the Service Desk

    Service desk optimization goes beyond the blind adoption of best practices.

    Info-Tech’s approach focuses on controlling support costs and making the most of IT’s service management expertise to improve productivity.

    Complete the projects sequentially or in any order.

    Info-Tech draws on the COBIT framework, which focuses on consistent delivery of IT services across the organization

    The image shows Info-Tech's IT Management & Governance Framework. It is a grid of boxes, which are colour-coded by category. The framework includes multiple connected categories of research, including Infrastructure & Operations, where Service Desk is highlighted.

    Oxford University IT Service Desk successfully undertook a consolidation project to merge five help desks into one

    CASE STUDY

    Industry: Higher Education

    Source: Oxford University, IT Services

    Background

    Until 2011, three disparate information technology organizations offered IT services, while each college had local IT officers responsible for purchasing and IT management.

    ITS Service Desk Consolidation Project

    Oxford merged the administration of these three IT organizations into IT Services (ITS) in 2012, and began planning for the consolidation of five independent help desks into a single robust service desk.

    Complication

    The relative autonomy of the five service desks had led to the proliferation of different tools and processes, licensing headaches, and confusion from end users about where to acquire IT service.

    Oxford University IT at a Glance

    • One of the world’s oldest and most prestigious universities.
    • 36 colleges with 100+ departments.
    • Over 40,000 IT end users.
    • Roughly 350 ITS staff in 40 teams.
    • 300 more distributed IT staff.
    • Offers more than 80 services.

    Help Desks:

    • Processes → Business Services & Projects
    • Processes → Computing Services
    • Processes → ICT Support Team

    "IT Services are aiming to provide a consolidated service which provides a unified and coherent experience for users. The aim is to deliver a ‘joined-up’ customer experience when users are asking for any form of help from IT Services. It will be easier for users to obtain support for their IT – whatever the need, service or system." – Oxford University, IT Services

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Build a Service Desk Consolidation Strategy – project overview

    1. Develop shared vision 2. Design consolidation 3. Plan transition
    Best-Practice Toolkit

    1.1 Identify and engage key stakeholders

    1.2 Develop a vision to give the project direction

    1.3 Conduct a full assessment of each service desk

    2.1 Design target consolidated service desk

    2.2 Assess logistics and cost of consolidation

    3.1 Build project roadmap

    3.2 Communicate the change

    Guided Implementations
    • Build the project team and define their roles and responsibilities, then identify key stakeholders and formulate an engagement plan
    • Develop an executive visioning session plan to formulate and get buy-in for the goals and vision of the consolidation
    • Use diagnostics results and the service desk assessment tool to evaluate the maturity and environment of each service desk
    • Define the target state of the consolidated service desk in detail
    • Identify requirements for the consolidation, broken down by people, process, technology and by short- vs. long-term needs
    • Plan the logistics of the consolidation for process, technology, and facilities, and evaluate the cost and cost savings of consolidation with a TCO tool
    • Identify specific initiatives for the consolidation project and evaluate the risks and dependencies for each, then plot initiatives on a detailed project roadmap
    • Brainstorm potential objections and questions and develop a communications plan with targeted messaging for each stakeholder group
    Onsite Workshop

    Module 1: Engage stakeholders to develop a vision for the service desk

    Module 2: Conduct a full assessment of each service desk

    Module 3: Design target consolidated service desk Module 4: Plan for the transition

    Phase 1 Outcomes:

    • Stakeholder engagement and executive buy-in
    • Vision for the consolidation
    • Comprehensive assessment of each service desk’s performance

    Phase 2 Outcomes:

    • Defined requirements, logistics plan, and target state for the consolidated service desk
    • TCO comparison

    Phase 3 Outcomes:

    • Detailed consolidation project roadmap
    • Communications plan and FAQs

    Info-Tech delivers: Use our tools and templates to accelerate your project to completion

    • Service Desk Assessment Tool (Excel)
    • Executive Presentation (PowerPoint)
    • Service Desk Scorecard Comparison Tool (Excel)
    • Service Desk Efficiency Calculator (Excel)
    • Service Desk Consolidation Roadmap (Excel)
    • Service Desk Consolidation TCO Tool (Excel)
    • Communications and Training Plan (Word)
    • Consolidation News Bulletin & FAQ Template (PowerPoint)

    Measured value for Guided Implementations (GIs)

    Engaging in GIs doesn’t just offer valuable project advice, it also results in significant cost savings.

    GI Measured Value
    Phase 1:
    • Time, value, and resources saved by using Info-Tech’s methodology to engage stakeholders, develop a project vision, and assess your current state.
    • For example, 2 FTEs * 10 days * $80,000/year = $6,200
    Phase 2:
    • Time, value, and resources saved by using Info-Tech’s tools and templates to design the consolidated service desk and evaluate cost and logistics.
    • For example, 2 FTEs * 5 days * $80,000/year = $3,100
    Phase 3:
    • Time, value, and resources saved by following Info-Tech’s tools and methodology to build a project roadmap and communications plan.
    • For example, 1 FTE * 5 days * $80,000/year = $1,500
    Total savings $10,800

    Workshop overview

    Contact your account representative or email Workshops@InfoTech.com for more information.

    Pre-Workshop Workshop Day 1 Workshop Day 2 Workshop Day 3 Workshop Day 4
    Activities

    Module 0: Gather relevant data

    0.1 Conduct CIO Business Vision Survey

    0.2 Conduct End-User Satisfaction Survey

    0.3 Measure Agent Satisfaction

    Module 1: Engage stakeholders to develop a vision for the service desk

    1.1 Identify key stakeholders and develop an engagement plan

    1.2 Brainstorm desired service desk attributes

    1.3 Conduct an executive visioning session to craft a vision for the consolidated service desk

    1.4 Define project goals, principles, and KPIs

    Module 2: Conduct a full assessment of each service desk

    2.1 Review the results of diagnostic programs

    2.2 Map organizational structure and roles for each service desk

    2.3 Assess overall maturity and environment of each service desk

    2.4 Assess current information system environment

    Module 3: Design target consolidated service desk

    3.1 Identify requirements for target consolidated service desk

    3.2 Build requirements document and shortlist for ITSM tool

    3.3 Use the scorecard comparison tool to assess the gap between existing service desks and target state

    3.4 Document standardized processes for new service desk

    Module 4: Plan for the transition

    4.1 Plan the logistics of the transition

    4.2 Assess the cost and savings of consolidation to refine business case

    4.3 Identify initiatives and develop a project roadmap

    4.4 Plan communications for each stakeholder group

    Deliverables
    1. CIO Business Vision Survey Diagnostic Results
    2. End-User Satisfaction Survey Diagnostic Results
    1. Stakeholder Engagement Workbook
    2. Executive Presentation
    1. Consolidate Service Desk Assessment Tool
    1. Consolidate Service Desk Scorecard Tool
    2. Consolidated Service Desk SOP
    1. Consolidation TCO Tool
    2. Executive Presentation
    3. Consolidation Roadmap
    4. Communications Plan
    5. News Bulletin & FAQ Template

    Insight breakdown

    Phase 1 Insight

    Don’t get bogged down in the details. A detailed current state assessment is a necessary first step for a consolidation project, but determining the right level of detail to include in the evaluation can be challenging. Gather enough data to establish a baseline and make an informed decision about how to consolidate, but don’t waste time collecting and evaluating unnecessary information that will only distract and slow down the project, losing management interest and buy-in.

    How we can help

    Leverage the Consolidate Service Desk Assessment Tool to gather the data you need to evaluate your existing service desks.

    Phase 2 Insight

    Select the target state that is right for your organization. Don’t feel pressured to move to a complete consolidation with a single point of contact if it wouldn’t be compatible with your organization’s needs and abilities, or if it wouldn’t be adopted by your end users. Design an appropriate level of standardization and centralization for the service desk and reinforce and improve processes moving forward.

    How we can help

    Leverage the Consolidate Service Desk Scorecard Tool to analyze the gap between your existing processes and your target state.

    Phase 3 Insight

    Getting people on board is key to the success of the consolidation, and a communication plan is essential to do so. Develop targeted messaging for each stakeholder group, keeping in mind that your end users are just as critical to success as your staff. Know your audience, communicate to them often and openly, and ensure that every communication has a purpose.

    How we can help

    Leverage the Communications Plan and Consolidation News Bulletin & FAQ Template to plan your communications.

    Phase 1

    Develop a Shared Vision

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 1: Develop shared vision

    Proposed Time to Completion (in weeks): 4-8

    Step 1.1: Identify and engage key stakeholders

    Discuss with an analyst:

    • Build the project team and define their roles and responsibilities
    • Identify key stakeholders and formulate an engagement plan

    Then complete these activities…

    • Assign project roles and responsibilities
    • Identify key stakeholders
    • Formalize an engagement plan and conduct interviews

    With these tools & templates:

    Stakeholder Engagement Workbook

    Step 1.2: Develop a vision to give the project direction

    Discuss with an analyst:

    • Develop an executive visioning session plan to formulate and get buy-in for the goals and vision of the consolidation

    Then complete these activities…

    • Host an executive visioning exercise to define the scope and goals of the consolidation

    With these tools & templates:

    Consolidate Service Desk Executive Presentation

    Step 1.3: Conduct a full assessment of each service desk

    Discuss with an analyst:

    • Use diagnostics results and the service desk assessment tool to evaluate the maturity and environment of each service desk
    • Assess agent skills, satisfaction, roles and responsibilities

    Then complete these activities…

    • Analyze organizational structure
    • Assess maturity and environment of each service desk
    • Assess agent skills and satisfaction

    With these tools & templates:

    Consolidate Service Desk Assessment Tool

    IT Skills Inventory and Gap Assessment Tool

    Phase 1 Outcome:

    • A common vision for the consolidation initiative, an analysis of existing service desk architectures, and an inventory of existing best practices.

    Step 1.1: Get buy-in from key stakeholders

    Phase 1

    Develop a shared vision

    1.1 Identify and engage key stakeholders

    1.2 Develop a vision to give the project direction

    1.3 Conduct a full assessment of each service desk

    This step will walk you through the following activities:
    • 1.1.1 Assign roles and responsibilities
    • 1.1.2 Identify key stakeholders for the consolidation
    • 1.1.3 Conduct stakeholder interviews to understand needs in more depth, if necessary
    This step involves the following participants:
    • Project Sponsor
    • CIO or IT Director
    • Project Manager
    • IT Managers and Service Desk Manager(s)
    Step Outcomes:
    • A project team with clearly defined roles and responsibilities
    • A list of key stakeholders and an engagement plan to identify needs and garner support for the change

    Oxford consulted with people at all levels to ensure continuous improvement and new insights

    CASE STUDY

    Industry: Higher Education

    Source: Oxford University, IT Services

    Motivation

    The merging of Oxford’s disparate IT organizations was motivated primarily to improve end-user service and efficiency.

    Similarly, ITS positioned the SDCP as an “operational change,” not to save costs, but to provide better service to their customers.

    "The University is quite unique in the current climate in that reduction in costs was not one of the key drivers behind the project. The goal was to deliver improved efficiencies and offer a single point of contact for their user base." – Peter Hubbard, ITSM Consultant Pink Elephant

    Development

    Oxford recognized early that they needed an open and collaborative environment to succeed.

    Key IT and business personnel participated in a “vision workshop” to determine long- and short-term objectives, and to decide priorities for the consolidated service desk.

    "Without key support at this stage many projects fail to deliver the expected outcomes. The workshop involved the key stakeholders of the project and was deemed a successful and positive exercise, delivering value to this stage of the project by clarifying the future desired state of the Service Desk." – John Ireland, Director of Customer Service & Project Sponsor

    Deployment

    IT Services introduced a Service Desk Consolidation Project Blog very early into the project, to keep everyone up-to-date and maintain key stakeholder buy-in.

    Constant consultation with people at all levels led to continuous improvement and new insights.

    "We also became aware that staff are facing different changes depending on the nature of their work and which toolset they use (i.e. RT, Altiris, ITSM). Everyone will have to change the way they do things at least a little – but the changes depend on where you are starting from!" – Jonathan Marks, Project Manager

    Understand and validate the consolidation before embarking on the project

    Define what consolidation would mean in the context of your organization to help validate and frame the scope of the project before proceeding.

    What is service desk consolidation?

    Service desk consolidation means combining multiple service desks into one centralized, single point of contact.

    • Physical consolidation = personnel and assets are combined into a single location
    • Virtual consolidation = service desks are combined electronically

    Consolidation must include people, process, and technology:

    1. Consolidation of some or all staff into one location
    2. Consolidation of processes into a single set of standardized processes
    3. One consolidated technology platform or ITSM tool

    Consolidation can take the form of:

    1. Merging multiple desks into one
    2. Collapsing multiple desks into one
    3. Connecting multiple desks into a virtual desk
    4. Moving all desks to one connected platform

    Service Desk 1 - Service Desk 2 - Service Desk 3

    Consolidated Service Desk

    Info-Tech Insight

    Consolidation isn’t for everyone.

    Before you embark on the project, think about unique requirements for your organization that may necessitate more than one service desk, such as location-specific language. Ask yourself if consolidation makes sense for your organization and would achieve a benefit for the organization, before proceeding.

    1.1 Organize and build the project team to launch the project

    Solidify strong support for the consolidation and get the right individuals involved from the beginning to give the project the commitment and direction it requires.

    Project Sponsor
    • Has direct accountability to the executive team and provides leadership to the project team.
    • Legitimatizes the consolidation and provides necessary resources to implement the project.
    • Is credible, enthusiastic, and understands the organization’s culture and values.
    Steering Committee
    • Oversees the effort.
    • Ensures there is proper support from the organization and provides resources where required.
    • Resolves any conflicts.
    Core Project Team
    • Full-time employees drawn from roles that are critical to the service desk, and who would have a strong understanding of the consolidation goals and requirements.
    • Ideal size: 6-10 full-time employees.
    • May include roles defined in the next section.

    Involve the right people to drive and facilitate the consolidation

    Service desk consolidations require broad support and capabilities beyond only those affected in order to deal with unforeseen risks and barriers.

    • Project manager: Has primary accountability for the success of the consolidation project.
    • Senior executive project sponsor: Needed to “open doors” and signal organization’s commitment to the consolidation.
    • Technology SMEs and architects: Responsible for determining and communicating requirements and risks of the technology being implemented or changed, especially the ITSM tool.
    • Business unit leads: Responsible for identifying and communicating impact on business functions, approving changes, and helping champion change.
    • Product/process owners: Responsible for identifying and communicating impact on business functions, approving changes, and helping champion change.
    • HR specialists: Most valuable when roles and organizational design are affected, i.e. the consolidation requires staff redeployment or substantial training (not just using a new system or tool but acquiring new skills and responsibilities) or termination.
    • Training specialists: If you have full-time training staff in the organization, you will eventually need them to develop training courses and material. Consulting them early will help with scoping, scheduling, and identifying the best resources and channels to deliver the training.
    • Communications specialists (internal): Valuable in crafting communications plan, required if communications function owns internal communications.

    Use a RACI table (e.g. in the following section) to clarify who is to be accountable, responsible, consulted, and informed.

    Info-Tech Insight

    The more transformational the change, the more it will affect the organizational chart – not just after the implementation but through the transition.

    Take time early in the project to define the reporting structure for the project/transition team, as well as any teams and roles supporting the transition.

    Assign roles and responsibilities

    1.1.1 Use a RACI chart to assign overarching project responsibilities

    Participants
    • Project Sponsor
    • IT Director, CIO
    • Project Manager
    • IT Managers and Service Desk Manager(s)
    What You'll Need
    • RACI chart

    RACI = Responsible, Accountable, Consulted, Informed

    The RACI chart will provide clarity for overarching roles and responsibilities during the consolidation.

    1. Confirm and modify the columns to match the stakeholders in your organization.
    2. Confirm and modify the roles listed as rows if there are obvious gaps or opportunities to consolidate rows.
    3. Carefully analyze and document the roles as a group.
    Task Project Sponsor Project Manager Sr. Executives SMEs Business Lead Service Desk Managers HR Trainers Communications
    Meeting project objectives A R A R R
    Identifying risks and opportunities R A A C C C C I I
    Assessing current state I A I R C R
    Defining target state I A I C C R
    Planning logistics I A I R R C R
    Building the action plan I A C R R R R R R
    Planning and delivering communications I A C C C C R R A
    Planning and delivering training I A C C C C R R C
    Gathering and analyzing feedback and KPIs I A C C C C C R R

    Identify key stakeholders to gather input from the business, get buy-in for the project, and plan communications

    Identify the key stakeholders for the consolidation to identify the impact consolidation will have on them and ensure their concerns don’t get lost.

    1. Use a stakeholder analysis to identify the people that can help ensure the success of your project.
    2. Identify an Executive Sponsor
      • A senior-level project sponsor is someone who will champion the consolidation project and help sell the concept to other stakeholders. They can also ensure that necessary financial and human resources will be made available to help secure the success of the project. This leader should be someone who is credible, tactful, and accessible, and one who will not only confirm the project direction but also advocate for the project.

    Why is a stakeholder analysis essential?

    • Ignoring key stakeholders is an important cause of failed consolidations.
    • You can use the opinions of the most influential stakeholders to shape the project at an early stage.
    • Their support will secure resources for the project and improve the quality of the consolidation.
    • Communicating with key stakeholders early and often will ensure they fully understand the benefits of your project.
    • You can anticipate the reaction of key stakeholders to your project and plan steps to win their support.

    Info-Tech Insight

    Be diverse and aware. When identifying key stakeholders for the project, make sure to include a rich diversity of stakeholder expertise, geography, and tactics. Also, step back and add silent members to your list. The loudest voices and heaviest campaigners are not necessarily your key stakeholders.

    Identify key stakeholders for the consolidation

    1.1.2 Identify project stakeholders, particularly project champions

    Participants
    • CIO/IT Director
    • Project Sponsor
    • Project Manager
    • IT Managers
    What You’ll Need
    • Whiteboard or flip chart and markers

    Goal: Create a prioritized list of people who are affected or can affect your project so you can plan stakeholder engagement and communication.

    • Use an influence/commitment matrix to determine where your stakeholders lie.
    • High influence, high commitment individuals should be used in conjunction with your efforts to help bring others on board. Identify these individuals and engage with them immediately.
    • Beware of the high influence, low commitment individuals. They should be the first priority for engagement.
    • High commitment, low influence individuals can be used to help influence the low influence, low commitment individuals. Designate a few of these individuals as “champions” to help drive engagement on the front lines.

    Outcome: A list of key stakeholders to include on your steering committee and your project team, and to communicate with throughout the project.

    The image is a matrix, with Influence on the Y-axis and Commitment to change on the X-axis. It is a blank template.

    Overcome the value gap by gathering stakeholder concerns

    Simply identifying and engaging your stakeholders is not enough. There needs to be feedback: talk to your end users to ensure their concerns are heard and determine the impact that consolidation will have on them. Otherwise, you risk leaving value on the table.

    • Talk to the business end users who will be supported by the consolidated service desk.
    • What are their concerns about consolidation?
    • Which functions and services are most important to them? You need to make sure these won't get lost.
    • Try to determine what impact consolidation will have on them.

    According to the Project Management Institute, only 25% of individuals fully commit to change. The remaining 75% either resist or simply accept the change. Gathering stakeholder concerns is a powerful way to gain buy-in.

    The image is a graph with Business Value on the Y-Axis and Time on the X-Axis. Inside the graph, there is a line moving horizontally, separated into segments: Installation, Implementation, and Target Value. The line inclines during the first two segments, and is flat during the last. Emerging from the space between Installation and Implementation is a second line marked Actual realized value. The space between the target value line and the actual realized value line is labelled: Value gap.

    Collect relevant quantitative and qualitative data to assess key stakeholders’ perceptions of IT across the organization

    Don’t base your consolidation on a hunch. Gather reliable data to assess the current state of IT.

    Solicit direct feedback from the organization to gain critical insights into their perceptions of IT.

    • CIO Business Vision: Understanding the needs of your stakeholders is the first and most important step in building a consolidation strategy. Use the results of this survey to assess the satisfaction and importance of different IT services.
    • End-User Satisfaction: Solicit targeted department feedback on core IT service capabilities, IT communications, and business enablement. Use the results to assess the satisfaction of end users with each service broken down by department and seniority level.

    We recommend completing at least the End-User Satisfaction survey as part of your service desk consolidation assessment and planning. An analyst will help you set up the diagnostic and walk through the report with you.

    To book a diagnostic, or get a copy of our questions to inform your own survey, visit Info-Tech’s Benchmarking Tools, contact your account manager, or call toll-free 1-888-670-8889 (US) or 1-844-618-3192 (CAN).

    Data-Driven Diagnostics:

    End-User Satisfaction Survey

    CIO Business Vision

    Review the results of your diagnostics in step 1.3

    Formalize an engagement plan to cultivate support for the change from key stakeholders

    Use Info-Tech’s Stakeholder Engagement Workbook to formalize an engagement strategy

    If a more formal engagement plan is required for this project, use Info-Tech’s Stakeholder Engagement Workbook to document an engagement strategy to ensure buy-in for the consolidation.

    The engagement plan is a structured and documented approach for gathering requirements by eliciting input and validating plans for change and cultivating sponsorship and support from key stakeholders early in the project lifecycle.

    The Stakeholder Engagement Workbook situates stakeholders on a grid that identifies which ones have the most interest in and influence on your project, to assist you in developing a tailored engagement strategy.

    You can also use this analysis to help develop a communications plan for each type of stakeholder in step 3.2.

    Conduct stakeholder interviews to understand needs in more depth, if necessary

    1.1.3 Interview key stakeholders to identify needs

    • If the consolidation will be a large and complex project and there is a need to understand requirements in more depth, conduct stakeholder interviews with “high-value targets” who can help generate requirements and promote communication around requirements at a later point.
    • Choose the interview method that is most appropriate based on available resources.
    Method Description Assessment and Best Practices Stakeholder Effort Business Analyst Effort
    Structured One-on-One Interview In a structured one-on-one interview, the business analyst has a fixed list of questions to ask the stakeholder and follows up where necessary. Structured interviews provide the opportunity to quickly hone in on areas of concern that were identified during process mapping or group elicitation techniques. They should be employed with purpose – to receive specific stakeholder feedback on proposed requirements or help identify systemic constraints. Generally speaking, they should be 30 minutes or less. Low

    Medium

    Unstructured One-on-One Interview In an unstructured one-on-one interview, the business analyst allows the conversation to flow freely. The BA may have broad themes to touch on, but does not run down a specific question list. Unstructured interviews are most useful for initial elicitation, when brainstorming a draft list of potential requirements is paramount. Unstructured interviews work best with senior stakeholders (sponsors or power users), since they can be time consuming if they’re applied to a large sample size. It’s important for BAs not to stifle open dialog and allow the participants to speak openly. They should be 60 minutes or less. Medium Low

    Step 1.2: Develop a vision to give the project direction

    Phase 1

    Develop a shared vision

    1.1 Get buy-in from key stakeholders

    1.2 Develop a vision to give the project direction

    1.3 Conduct a full assessment of each service desk

    This step will walk you through the following activities:
    • 1.2.1 Brainstorm desired attributes for the consolidated service desk to start formulating a vision
    • 1.2.2 Develop a compelling vision and story of change
    • 1.2.3 Create a vision for the consolidated service desk
    • 1.2.4 Identify the purpose, goals, and guiding principles of the consolidation project
    • 1.2.5 Identify anticipated benefits and associated KPIs
    • 1.2.6 Conduct a SWOT analysis on the business
    This step involves the following participants:
    • Project Sponsor
    • IT Director, CIO
    • IT Managers and Service Desk Manager(s)
    • Business Executives
    Step outcomes

    A shared vision for the consolidated service desk that:

    • Defines the scope of the consolidation
    • Encompasses the goals and guiding principles of the project
    • Identifies key attributes of the consolidated service desk and anticipated benefits it will bring
    • Is documented in an executive presentation

    Hold an executive visioning session to kick off the project

    A major change such as service desk consolidation requires a compelling vision to engage staff and motivate them to comprehend and support the change.

    After identifying key stakeholders, gather them in a visioning session or workshop to establish a clear direction for the project.

    An executive visioning session can take up to two days of focused effort and activities with the purpose of defining the short and long-term view, objectives, and priorities for the new consolidated service desk.

    The session should include the following participants:

    • Key stakeholders identified in step 1.1, including:
      • IT management and CIO
      • Project sponsor
      • Business executives interested in the project

    The session should include the following tasks:

    • Identify and prioritize the desired outcome for the project
    • Detail the scope and definition of the consolidation
    • Identify and assess key problems and opportunities
    • Surface and challenge project assumptions
    • Clarify the future desired state of the service desk
    • Determine how processes, functions, and systems are to be included in a consolidation analysis
    • Establish a degree of ownership by senior management

    The activities throughout this step are designed to be included as part of the visioning session

    Choose the attributes of your desired consolidated service desk

    Understand what a model consolidated service desk should look like before envisioning your target consolidated service desk.

    A consolidated service desk should include the following aspects:

    • Handles all customer contacts – including internal and external users – across all locations and business units
    • Provides a single point of contact for end users to submit requests for help
    • Handles both incidents and service requests, as well as any additional relevant ITIL modules such as problem, change, or asset management
    • Consistent, standardized processes and workflows
    • Single ITSM tool with workflows for ticket handling, prioritization, and escalations
    • Central data repository so that staff have access to all information needed to resolve issues quickly and deliver high-quality service, including:
      • IT infrastructure information (such as assets and support contracts)
      • End-user information (including central AD, assets and products owned, and prior interactions)
      • Knowledgebase containing known resolutions and workarounds

    Consolidated Service Desk

    • Service Desk 1
    • Service Desk 2
    • Service Desk 3
    • Consolidated staff
    • Consolidated ITSM tool
    • Consolidated data repository

    Brainstorm desired attributes for the consolidated service desk to start formulating a vision

    1.2.1 Identify the type of consolidation and desired service desk attributes

    Participants
    • Project Sponsor
    • IT Director, CIO
    • IT Managers and Service Desk Manager(s)
    • Other interested business executives
    What You'll Need
    • Whiteboard or flip chart and markers
    Document

    Document in the Consolidate Service Desk Executive Presentation, slide 6.

    Brainstorm the model and attributes of the target consolidated service desk. You will use this to formulate a vision and define more specific requirements later on.
    1. Identify the type of consolidation: virtual, physical, or hybrid (both)
    2. Identify the level of consolidation: partial (some service desks consolidated) or complete (all service desks consolidated)
    Consolidated Service Desk Model Level of Consolidation
    Partial Complete
    Type of Consolidation Virtual
    Physical
    Hybrid

    3. As a group, brainstorm and document a list of attributes that the consolidated service desk should have.

    Examples:

    • Single point of contact for all users
    • One ITSM tool with consistent built-in automated workflows
    • Well-developed knowledgebase
    • Self-serve portal for end users with ability to submit and track tickets
    • Service catalog

    Develop a compelling vision and story of change

    1.2.2 Use a vision table to begin crafting the consolidation vision

    Participants
    • Project Sponsor
    • IT Director, CIO
    • IT Managers and Service Desk Manager(s)
    • Other interested business executives
    What You'll Need
    • Whiteboard or flip chart and markers
    Document

    Document in the Consolidate Service Desk Executive Presentation, slide 7.

    Build desire for change.

    In addition to standard high-level scope elements, consolidation projects that require organizational change also need a compelling story or vision to influence groups of stakeholders.

    Use the vision table below to begin developing a compelling vision and story of change.

    Why is there a need to consolidate service desks?
    How will consolidation benefit the organization? The stakeholders?
    How did we determine this is the right change?
    What would happen if we didn’t consolidate?
    How will we measure success?

    Develop a vision to inspire and sustain leadership and commitment

    Vision can be powerful but is difficult to craft. As a result, vision statements often end up being ineffective (but harmless) platitudes.

    A service desk consolidation project requires a compelling vision to energize staff and stakeholders toward a unified goal over a sustained period of time.

    Great visions:

    • Tell a story. They describe a journey with a beginning (who we are and how we got here) and a destination (our goals and expected success in the future).
    • Convey an intuitive sense of direction (or “spirit of change”) that helps people act appropriately without being explicitly told what to do.
    • Appeal to both emotion and reason to make people want to be part of the change.
    • Balance abstract ideas with concrete facts. Without concrete images and facts, the vision will be meaninglessly vague. Without abstract ideas and principles, the vision will lack power to unite people and inspire broad support.
    • Are concise enough to be easy to communicate and remember in any situation.

    Info-Tech Insight

    Tell a story. Stories pack a lot of information into few words. They are easy to write, remember, and most importantly – share. It’s worth spending a little extra time to get the details right.

    Create a vision for the consolidated service desk

    1.2.3 Tell a story to describe the consolidated service desk vision

    Participants
    • Project Sponsor
    • IT Director, CIO
    • IT Managers and Service Desk Manager(s)
    What You'll Need
    • Whiteboard or flip chart and markers
    • Document in the Executive Presentation, slide 8.

    Craft a vision of the future state of the service desk.

    Tell a story.

    Stories serve to give the consolidation real-world context by describing what the future state will mean for both staff and users of the service desk. The story should sum up the core of the experience of using the consolidated service desk and reflect how the service desk will fit into the life of the user.

    Stories should include:

    • Action describing the way things happen.
    • Contextual detail that helps readers relate to the person in the story.
    • Challenging ideas that contradict common belief and may be disruptive, but help suggest new directions.
    Example:

    Imagine if…

    … users could access one single online service that allows them to submit a ticket through a self-service portal and service catalog, view the status of their ticket, and receive updates about organization-wide outages and announcements. They never have to guess who to contact for help with a particular type of issue or how to contact them as there is only one point of contact for all types of incidents and service requests.

    … all users receive consistent service delivery regardless of their location, and never try to circumvent the help desk or go straight to a particular technician for help as there is only one way to get help by submitting a ticket through a single service desk.

    … tickets from any location could be easily tracked, prioritized, and escalated using standardized definitions and workflows to ensure consistent service delivery and allow for one set of SLAs to be defined and met across the organization.

    Discuss the drivers of the consolidation to identify the goals the project must achieve

    Identifying the reasons behind the consolidation will help formulate the vision for the consolidated service desk and the goals it should achieve.

    The image is a graph, titled Deployment Drivers for Those Planning a Consolidated Service Desk. From highest to lowest, they are: Improved Service Delivery/Increased Productivity; Drive on Operational Costs; and Perceived Best Practice.

    Service Desk Institute (n = 20, 2007)

    A survey of 233 service desks considering consolidation found that of the 20 organizations that were in the planning stages of consolidation, the biggest driver was to improve service delivery and/or increase productivity.

    This is in line with the recommendation that improved service quality should be the main consolidation driver over reducing costs.

    This image is a graph titled Drivers Among Those Who Have Implemented a Consolidated Service Desk. From highest to lowest, they are: Improved Service Delivery/Increased Productivity; Best Practice; Drive on Operational Costs; Internal vs Outsourcing; and Legacy.

    Service Desk Institute (n = 43, 2007)

    The drivers were similar among the 43 organizations that had already implemented a consolidated service desk, with improved service delivery and increased productivity again the primary driver.

    Aligning with best practice was the second most cited driver.

    Identify the purpose, goals, and guiding principles of the consolidation project

    1.2.4 Document goals of the project

    Participants
    • Project Sponsor
    • IT Director, CIO
    • IT Managers and Service Desk Manager(s)
    What You'll Need
    • Whiteboard or flip chart and markers
    • Document in the Executive Presentation, slide 9.

    Use the results of your stakeholder analysis and interviews to facilitate a discussion among recommended participants and document the purpose of the consolidation project, the goals the project aims to achieve, and the guiding principles that must be followed.

    Use the following example to guide your discussion:

    Purpose The purpose of consolidating service desks is to improve service delivery to end users and free up more time and resources to achieve the organization’s core mission.
    Goals
    • Align IT resources with business strategies and priorities
    • Provide uniform quality and consistent levels of service across all locations
    • Improve the end-user experience by reducing confusion about where to get help
    • Standardize service desk processes to create efficiencies
    • Identify and eliminate redundant functions or processes
    • Combine existing resources to create economies of scale
    • Improve organizational structure, realign staff with appropriate job duties, and improve career paths
    Guiding Principles

    The consolidated service desk must:

    1. Provide benefit to the organization without interfering with the core mission of the business
    2. Balance cost savings with service quality
    3. Increase service efficiency without sacrificing service quality
    4. Not interfere with service delivery or the experience of end users
    5. Be designed with input from key stakeholders

    Identify the anticipated benefits of the consolidation to weigh them against risks and plan future communications

    The primary driver for consolidation of service desks is improved service delivery and increased productivity. This should relate to the primary benefits delivered by the consolidation, most importantly, improved end-user satisfaction.

    A survey of 43 organizations that have implemented a consolidated service desk identified the key benefits delivered by the consolidation (see chart at right).

    The image is a bar graph titled Benefits Delivered by Consolidated Service Desk. The benefits, from highest to lowest are: Increased Customer Satisfaction; Optimised Resourcing; Cost Reduction; Increased Productivity/Revenue; Team Visibility/Ownership; Reporting/Accountability.

    Source: Service Desk Institute (n = 43, 2007)

    Info-Tech Insight

    Cost reduction may be an important benefit delivered by the consolidation effort, but it should not be the most valuable benefit delivered. Focus communications on anticipated benefits for improved service delivery and end-user satisfaction to gain buy-in for the project.

    Identify anticipated outcomes and benefits of consolidation

    1.2.5 Use a “stop, start, continue” exercise to identify KPIs

    What You'll Need
    • Whiteboard or flip chart and markers
    Participants
    • Project Sponsor
    • IT Director, CIO
    • IT Managers and Service Desk Manager(s)
    Document

    Document in the Executive Presentation, slide 10

    1. Divide the whiteboard into 3 columns: stop, start, and continue
    2. Identify components of your service desk that:
    • Are problematic and should be phased out (stop)
    • Provide value but are not in place yet (start)
    • Are effective and should be sustained, if not improved (continue)
  • For each category, identify initiatives or outcomes that will support the desired goals and anticipated benefits of consolidation.
  • Stop Start Continue
    • Escalating incidents without following proper protocol
    • Allowing shoulder taps
    • Focusing solely on FCR as a measure of success
    • Producing monthly ticket trend reports
    • Creating a self-serve portal
    • Communicating performance to the business
    • Writing knowledgebase articles
    • Improving average TTR
    • Holding weekly meetings with team members

    Use a SWOT analysis to assess the service desk

    • A SWOT analysis is a structured planning method that organizations can use to evaluate the strengths, weaknesses, opportunities, and threats involved in a project or business venture.
    • Use a SWOT analysis to identify the organization’s current IT capabilities and classify potential disruptive technologies as the first step toward preparing for them.
    Review these questions...
    Strengths (Internal) Weaknesses (Internal)
    • What Service Desk processes provide value?
    • How does the Service Desk align with corporate/IT strategy?
    • How does your Service Desk benefit end users?
    • Does the Service Desk produce reports or data that benefit the business?
    • Does your Service Desk culture offer an advantage?
    • What areas of your service desk require improvement?
    • Are there gaps in capabilities?
    • Do you have budgetary limitations?
    • Are there leadership gaps (succession, poor management, etc.)?
    • Are there reputational issues with the business?
    Opportunities (External) Threats (External)
    • Are end users adopting hardware or software that requires training and education for either themselves or the Service Desk staff?
    • Can efficiencies be gained by consolidating our Service Desks?
    • What is the most cost-effective way to solve the user's technology problems and get them back to work?
    • How can we automate Service Desk processes?
    • Are there obstacles that the Service Desk must face?
    • Are there issues with respect to sourcing of staff or technologies?
    • Could the existing Service Desk metrics be affected?
    • Will the management team need changes to their reporting?
    • Will SLAs need to be adjusted?

    …to help you conduct your SWOT analysis on the service desk.

    Strengths (Internal) Weaknesses (Internal)
    • End user satisfaction >80%
    • Comprehensive knowledgebase
    • Clearly defined tiers
    • TTR on tickets is <1 day
    • No defined critical incident workflow
    • High cost to solve issues
    • Separate toolsets create disjointed data
    • No root cause analysis
    • Ineffective demand planning
    • No clear ticket categories
    Opportunities (External) Threats (External)
    • Service catalog
    • Ticket Templates
    • Ticket trend analysis
    • Single POC through the use of one tool
    • Low stakeholder buy-in
    • Fear over potential job loss
    • Logistics of the move
    • End user alienation over process change

    Conduct a SWOT analysis on the business

    1.2.6 Conduct SWOT analysis

    Participants
    • Project Sponsor
    • IT Director, CIO
    • IT Managers and Service Desk Manager(s)
    What You'll Need
    • Whiteboard or flip chart and markers
    Document
    • Document in the Executive Presentation, slide 11
    1. Break the group into two teams:
    • Assign team A strengths and weaknesses.
    • Assign team B opportunities and threats.
  • Have the teams brainstorm items that fit in their assigned areas.
    • Refer to the questions on the previous slide to help guide discussion
  • Choose someone from each group to fill in the grid on the whiteboard.
  • Conduct a group discussion about the items on the list.
  • Helpful to achieving the objective Harmful to achieving the objective
    Internal origin attributes of the organization Strengths Weaknesses

    External Origin attributes of the environment

    Opportunities Threats

    Frame your project in terms of people, process, technology

    A framework should be used to guide the consolidation effort and provide a standardized basis of comparison between the current and target state.

    Frame the project in terms of the change and impact it will have on:

    • People
    • Process
    • Technology

    Service desk consolidation will likely have a significant impact in all three categories by standardizing processes, implementing a single service management tool, and reallocating resources. Framing the project in this way will ensure that no aspect goes forgotten.

    For each of the three categories, you will identify:

    • Current state
    • Target state
    • Gap and actions required
    • Impact, risks, and benefits
    • Communication and training requirements
    • How to measure progress/success

    People

    • Tier 1 support
    • Tier 2 support
    • Tier 3 support
    • Vendors

    Process

    • Incident management
    • Service request management
    • SLAs

    Technology

    • ITSM tools
    • Knowledgebase
    • CMDB and other databases
    • Technology supported

    Complete the Consolidate Service Desk Executive Presentation

    Complete an executive presentation using the decisions made throughout this step

    Use the Consolidate Service Desk Executive Presentation to deliver the outputs of your project planning to the business and gain buy-in for the project.

    1. Use the results of the activities throughout step 1.2 to produce the key takeaways for your executive presentation.
    2. At the end of the presentation, include 1-2 slides summarizing any additional information specific to your organization.
    3. Once complete, pitch the consolidation project to the project sponsor and executive stakeholders.
      • This presentation needs to cement buy-in for the project before any other progress is made.

    Step 1.3: Conduct a full assessment of each service desk

    Phase 1

    Develop a shared vision

    1.1 Get buy-in from key stakeholders

    1.2 Develop a vision to give the project direction

    1.3 Conduct a full assessment of each service desk

    This step will walk you through the following activities:
    • 1.3.1 Review the results of your diagnostic programs
    • 1.3.2 Analyze the organizational structure of each service desk
    • 1.3.3 Assess the overall maturity of each service desk
    • 1.3.4 Map out roles and responsibilities of each service desk using organizational charts
    • 1.3.5 Assess and document current information system environment
    This step involves the following participants:
    • CIO
    • IT Directors
    • Service Desk Managers
    • Service Desk Technicians
    Step outcomes
    • A robust current state assessment of each service desk, including overall maturity, processes, organizational structure, agent skills, roles and responsibilities, agent satisfaction, technology and ITSM tools.

    Oxford saved time and effort by sticking with a tested process that works

    CASE STUDY

    Industry: Higher Education

    Source: Oxford University, IT Services

    Oxford ITS instigated the service desk consolidation project in the fall of 2012.

    A new ITSM solution was formally acquired in the spring 2014, and amalgamated workflows designed.

    Throughout this period, at least 3 detailed process analyses occurred in close consultation with the affected IT units.

    Responsibility for understanding each existing process (incident, services, change management, etc.) were assigned to members of the project team.

    They determined which of the existing processes were most effective, and these served as the baseline – saving time and effort in the long run by sticking with tested processes that work.

    Reach out early and often.

    Almost from day one, the Oxford consolidation team made sure to consult closely with each relevant ITS team about their processes and the tools they used to manage their workflows.

    This was done both in structured interviews during the visioning stage and informally at periodic points throughout the project.

    The result was the discovery of many underlying similarities. This information was then instrumental to determining a realistic baseline from which to design the new consolidated service desk.

    "We may give our activities different names or use different tools to manage our work but in all cases common sense has prevailed and it’s perhaps not so surprising that we have common challenges that we choose to tackle in similar ways." – Andrew Goff, Change Management at Oxford ITS

    Review the results of your diagnostic programs to inform your current state assessment

    1.3.1 Understand satisfaction with the service desk

    Participants
    • CIO/IT Director
    • IT Manager
    • Service Manager(s)
    Document
    1. Set up an analyst call through your account manager to review the results of your diagnostic.
    • Whatever survey you choose, ask the analyst to review the data and comments concerning:
      • Assessments of service desk timeliness/effectiveness
      • IT business enablement
      • IT innovation leadership
  • Book a meeting with recommended participants. Go over the results of your diagnostic survey.
  • Facilitate a discussion of the results. Focus on the first few summary slides and the overall department results slide.
    • What is the level of IT support?
    • What are stakeholders’ perceptions of IT performance?
    • How satisfied are stakeholders with IT?
    • Does the department understand and act on business needs?
    • What are the business priorities and how well are you doing in meeting these priorities?
    • How can the consolidation project assist the business in achieving goals?
    • How could the consolidation improve end-user satisfaction and business satisfaction?
  • A robust current state assessment is the foundation of a successful consolidation

    You can’t determine where you’re going without a clear idea of where you are now.

    Before you begin planning for the consolidation, make sure you have a clear picture of the magnitude of what you plan on consolidating.

    Evaluate the current state of each help desk being considered for consolidation. This should include an inventory of:

    • Process:
      • Processes and workflows
      • Metrics and SLAs
    • People:
      • Organizational structure
      • Agent workload and skills
      • Facility layout and design
    • Technology:
      • Technologies and end users supported
      • Technologies and tools used by the service desk

    Info-Tech Insight

    A detailed current state assessment is a necessary first step for a consolidation project, but determining the right level of detail to include in the evaluation can be challenging. Gather enough data to establish a baseline and make an informed decision about how to consolidate, but don’t waste time collecting unnecessary information that will only distract and slow down the project.

    Review ticket handling processes for each service desk to identify best practices

    Use documentation, reports, and metrics to evaluate existing processes followed by each service desk before working toward standardized processes.

    Poor Processes vs. Optimized Processes

    Inconsistent or poor processes affect the business through:

    • Low business satisfaction
    • Low end-user satisfaction
    • High cost to resolve
    • Delayed progress on project work
    • Lack of data for reporting due to ineffective ticket categorization, tools, and logged tickets
    • No root cause analysis leads to a reactive vs. proactive service desk
    • Lack of cross-training and knowledge sharing result in time wasted troubleshooting recurring issues
    • Lack of trend analysis limits the effectiveness of demand planning

    Standardized service desk processes increase user and technician satisfaction and lower costs to support through:

    • Improved business satisfaction Improved end-user satisfaction Incidents prioritized and escalated accurately and efficiently
    • Decreased recurring issues due to root cause analysis and trends
    • Increased self-sufficiency of end users
    • Strengthened team and consistent delivery through cross-training and knowledge sharing
    • Enhanced demand planning through trend analysis and reporting

    The image is a graphic of a pyramid, with categories as follows (from bottom): FAQ/Knowledgebase; Users; Tier 1-75-80%; Tier 2-15%; Tier 3 - 5%. On the right side of the pyramid is written Resolution, with arrows extending from each of the higher sections down to Users. On the left is written Escalation, with arrows from each lower category up to the next highest. Inside the pyramid are arrows extending from the bottom to each level and vice versa.

    Analyze the organizational structure of each service desk

    1.3.2 Discuss the structure of each service desk

    Participants
    • CIO
    • Service Desk Manager(s)
    • Service Desk Technicians
    What You'll Need
    • Consolidate Service Desk Assessment Tool

    1. Facilitate a discussion among recommended participants to discuss the structure of each service desk. Decide which model best describes each service desk:

    • The Gatekeeper Model: All calls are routed through a central call group whose sole responsibility is to link the customer to the right individual or group.
    • The Call Sorting Model: All calls are sorted into categories using technology and forwarded to the right 2nd level specialist group.
    • Tiered Structure (Specialist Model): All calls are sorted through a single specialist group, such as desktop support. Their job is to log the interaction, attempt resolution, and escalate when the problem is beyond their ability to resolve.
    • Tiered Structure (Generalist Model): All calls are sorted through a single generalist group, whose responsibility is to log the interaction, attempt a first resolution, and escalate when the problem is beyond their ability to resolve.

    2. Use a flip chart or whiteboard to draw the architecture of each service desk, using the example on the right as a guide.

    The image is a graphic depicting the organizational structure of a service desk, from Users to Vendor. The graphic shows how a user request can move through tiers of service, and the ways that Tiers 2 and 3 of the service desk are broken down into areas of specialization.

    Assess the current state of each service desk using the Consolidate Service Desk Assessment Tool

    Assess the current state of each service desk

    The Consolidate Service Desk Assessment Tool will provide insight into the overall health of each existing service desk along two vectors:

    1. Process Maturity (calculated on the basis of a comprehensive survey)
    2. Metrics (calculated on the basis of entered ticket and demographic data)

    Together these answers offer a snapshot of the health, efficiency, performance, and perceived value of each service desk under evaluation.

    This tool will assist you through the current state assessment process, which should follow these steps:

    1. Send a copy of this tool to the Service Desk Manager (or other designated party) of each service desk that may be considered as part of the consolidation effort.
      • This will collect key metrics and landscape data and assess process maturity
    2. Analyze the data and discuss as a group
    3. Ask follow-up questions
    4. Use the information to compare the health of each service desk using the scorecard tool

    These activities will be described in more detail throughout this step of the project.

    Gather relevant data to assess the environment of each service desk

    Assess each service desk’s environment using the assessment tool

    Send a copy of the Consolidate Service Desk Assessment Tool to the Service Desk Manager (or other designated party) of each service desk that will be considered as part of the consolidation.

    Instruct them to complete tab 2 of the tool, the Environment Survey:

    • Enter Profile, Demographic, Satisfaction, Technology, and Ticket data into the appropriate fields as accurately as possible. Satisfaction data should be entered as percentages.
    • Notes can be entered next to each field to indicate the source of the data, to note missing or inaccurate data, or to explain odd or otherwise confusing data.

    This assessment will provide an overview of key metrics to assess the performance of each service desk, including:

    • Service desk staffing for each tier
    • Average ticket volume and distribution per month
    • # staff in IT
    • # service desk staff
    • # supported devices (PC, laptops, mobiles, etc.)
    • # desktop images

    Assess the overall maturity of each service desk

    1.3.3 Use the assessment tool to measure the maturity of each service desk

    Participants
    • CIO
    • Service Desk Manager(s)
    • Service Desk Technicians
    What You'll Need
    • Consolidate Service Desk Assessment Tool
    1. Assemble the relevant team for each service desk: process owners, functional managers, service desk manager, and relevant staff and technicians who work with the processes to be assessed. Each service desk team should meet to complete the maturity assessment together as a group.
    2. Go to tab 3 (Service Desk Maturity Survey) of the Consolidate Service Desk Assessment Tool and respond to the questions in the following categories:
    • Prerequisites (general questions)
    • People
    • Process
    • Technology
    • SLAs
  • Rate each element. Be honest. The goal is to end up with as close a representation as possible to what really exists. Only then can you identify realistic improvement opportunities. Use the maturity definitions as guides.
  • Evaluate resource utilization and satisfaction to allocate resources effectively

    Include people as part of your current state assessment to evaluate whether your resources are appropriately allocated to maximize effectiveness and agent satisfaction.

    Skills Inventory

    Use the IT Skills Inventory and Gap Assessment Tool to assess agent skills and identify gaps or overlaps.

    Agent Satisfaction

    Measure employee satisfaction and engagement to identify strong teams.

    Roles and Responsibilities

    Gather a clear picture of each service desk’s organizational hierarchy, roles, and responsibilities.

    Agent Utilization

    Obtain a snapshot of service desk productivity by calculating the average amount of time an agent is handling calls, divided by the average amount of time an agent is at work.

    Conduct a skills inventory for each service desk

    Evaluate agent skills across service desks

    After evaluating processes, evaluate the skill sets of the agents tasked with following these processes to identify gaps or overlap.

    Send the Skills Coverage Tool tab to each Service Desk Manager, who will either send it to the individuals who make up their service desk with instructions to rate themselves, or complete the assessment together with individuals as part of one-on-one meetings for discussing development plans.

    IT Skills Inventory and Gap Assessment Tool will enable you to:

    • List skills required to support the organization.
    • Document and rate the skills of the existing IT staffing contingent.
    • Assess the gaps to help determine hiring or training needs, or even where to pare back.
    • Build a strategy for knowledge sharing, transfer, and training through the consolidation project.

    Map out roles and responsibilities of each service desk using organizational charts

    1.3.4 Obtain or draw organizational charts for each location

    Clearly document service desk roles and responsibilities to rationalize service desk architecture.
    Participants
    • CIO, IT Director
    • Service Desk Manager(s)
    • Tier/Specialist Manager(s)
    What You’ll Need
    • Org. charts
    • Flip chart or whiteboard and markers
    1. Obtain or draw (on a whiteboard or flip chart) the organizational chart for each service desk to get a clear picture of the roles that fulfill each service desk. If there is any uncertainty or disagreement, discuss as a group to come to a resolution.
    2. Discuss the roles and reporting relationships within the service desk and across the organization to establish if/where inefficiencies exist and how these might be addressed through consolidation.
    3. If an up-to-date organizational chart is not in place, use this time to define the organizational structure as-is and consider future state.
    IT Director
    Service Desk Manager
    Tier 1 Help Desk Lead Tier 2 Help Desk Lead Tier 2 Apps Support Lead Tier 3 Specialist Support Lead
    Tier 1 Specialist Name Title Name Title Name Title
    Tier 1 Specialist Name Title Name Title Name Title
    Name Title Name Title Name Title
    Name Title Name Title

    Conduct an agent satisfaction survey to compare employee engagement across locations

    Evaluate agent satisfaction

    End-user satisfaction isn’t the only important satisfaction metric.

    Agent satisfaction forms a key metric within the Consolidate Service Desk Assessment Tool, and it can be evaluated in a variety of ways. Choose the approach that best suits your organization and time restraints for the project.

    Determine agent satisfaction on the basis of a robust (and anonymous) survey of service desk agents. Like the end-user satisfaction score, this measure is ideally computed as a percentage.

    There are several ways to measure agent satisfaction:

    1. If your organization runs an employee engagement survey, use the most recent survey results, separating them by location and converting them to a percentage.
    2. If your organization does not currently measure employee engagement or satisfaction, consider one of Info-Tech and McLean & Company’s two engagement diagnostics:
      • Full Engagement Diagnostic – 81 questions that provide a comprehensive view into your organization's engagement levels
      • McLean & Company’s Pulse Survey – 15 questions designed to give a high-level view of employee engagement
    3. For smaller organizations, a survey may not be feasible or make sense. In this case, consider gathering informal engagement data through one-on-one meetings.
    4. Be sure to discuss and document any reasons for dissatisfaction, including pain points with the current tools or processes.
    Document
    • Document on tab 2 of the Consolidate Service Desk Assessment Tool

    Assess the service management tools supporting your service desks

    Identify the different tools being used to support each service desk in order to assess whether and how they can be consolidated into one service management tool.

    Ideally, your service desks are already on the same ITSM platform, but if not, a comprehensive assessment of current tools is the first step toward a single, consolidated solution.

    Include the following in your tools assessment:

    • All automated ITSM solutions being used to log and track incidents and service requests
    • Any manual or other methods of tracking tickets (e.g. Excel spreadsheets)
    • Configurations and any customizations that have been made to the tools
    • How configuration items are maintained and how mature the configuration management databases (CMDB) are
    • Pricing and licensing agreements for tools
    • Any unique functions or limitations of the tools

    Info-Tech Insight

    Document not only the service management tools that are used but also any of their unique and necessary functions and configurations that users may have come to rely upon, such as remote support, self-serve, or chat support, in order to inform requirements in the next phase.

    Assess the IT environment your service desks support

    Even if you don’t do any formal asset management, take this opportunity for discovery and inventory to gain a complete understanding of your IT environment and the range of devices your service desks support.

    Inventory your IT environment, including:

    User Devices

    • Device counts by category Equipment/resources by user

    Servers

    • Server hardware, CPU, memory
    • Applications residing on servers

    Data centers

    • Including location and setup

    In addition to identifying the range of devices you currently support, assess:

    • Any future devices, hardware, or software that the service desk will need to support (e.g. BYOD, mobile)
    • How well each service desk is currently able to support these devices
    • Any unique or location-specific technology or devices that could limit a consolidation

    Info-Tech Insight

    The capabilities and configuration of your existing infrastructure and applications could limit your consolidation plans. A comprehensive technology assessment of not only the service desk tools but also the range of devices and applications your service desks supports will help you to prepare for any potential limitations or obstacles a consolidated service desk may present.

    Assess and document current information system environment

    1.3.5 Identify specific technology and tool requirements

    Participants
    • CIO
    • Service Desk Manager(s)
    • Service Desk Technicians
    What You'll Need
    • Consolidate Service Desk Assessment Tool, tab 2.
    Document

    Document information on number of devices supported and number of desktop images associated with each service desk in the section on “Technology Data” of the Consolidate Service Desk Assessment Tool.

    1. Identify and document the service management tools that are used by each service desk.
    2. For each tool, identify and document any of the following that apply:
    • Integrations
    • Configurations that were made during implementation
    • Customizations that were made during implementation
    • Version, licenses, cost
  • For each service desk, document any location-specific or unique technology requirements or differences that could impact consolidation, including:
    • Devices and technology supported
    • Databases and configuration items
    • Differing applications or hardware needs
  • If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    1.1.1 Assign roles and responsibilities

    Use a RACI chart to assign overarching responsibilities for the consolidation project.

    1.3.2 Analyze the organizational structure of each service desk

    Map out the organizational structure and flow of each service desk and discuss the model that best describes each.

    Phase 2

    Design the Consolidated Service Desk

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 2: Design consolidated service desk

    Proposed Time to Completion (in weeks): 2-4

    Step 2.1: Model target consolidated service desk

    Start with an analyst kick-off call:

    • Define the target state of the consolidated service desk in detail
    • Identify requirements for the consolidation, broken down by people, process, technology and by short- vs. long-term needs

    Then complete these activities…

    • Set project metrics to measure success of the consolidation
    • Brainstorm people, process, technology requirements for the service desk
    • Build requirements documents and RFP for a new tool
    • Review results of the scorecard comparison tool

    With these tools & templates:

    Consolidate Service Desk Scorecard Tool

    Step 2.2: Assess logistics and cost of consolidation

    Review findings with analyst:

    • Plan the logistics of the consolidation for process, technology, and facilities
    • Evaluate the cost and cost savings of consolidation using a TCO tool

    Then complete these activities…

    • Plan logistics for process, technology, facilities, and resource allocation
    • Review the results of the Service Desk Efficiency Calculator to refine the business case for the consolidation project

    With these tools & templates:

    Service Desk Efficiency Calculator

    Service Desk Consolidation TCO Comparison Tool

    Phase 2 Results:

    • Detailed requirements and vision for the consolidated service desk, gap analysis of current vs. target state, and an initial analysis of the logistical considerations to achieve target.

    Step 2.1: Model target consolidated state

    Phase 2

    Design consolidation

    2.1 Design target consolidated service desk

    2.2 Assess logistics and cost of consolidation

    This step will walk you through the following activities:
    • 2.1.1 Determine metrics to measure the value of the project
    • 2.1.2 Set targets for each metric to measure progress and success of the consolidation
    • 2.1.3 Brainstorm process requirements for consolidated service desk
    • 2.1.4 Brainstorm people requirements for consolidated service desk
    • 2.1.5 Brainstorm technology requirements for consolidated service desk
    • 2.1.6 Build a requirements document for the service desk tool
    • 2.1.7 Evaluate alternative tools, build a shortlist for RFPs, and arrange web demonstrations or evaluation copies
    • 2.1.8 Set targets for key metrics to identify high performing service desks
    • 2.1.9 Review the results of the scorecard to identify best practices
    This step involves the following participants:
    • CIO
    • IT Director
    • Service Desk Managers
    • Service Desk Technicians
    Step Outcomes
    • A list of people, process, and technology requirements for the new consolidated service desk
    • A clear vision of the target state
    • An analysis of the gaps between existing and target service desks

    Ensure the right people and methods are in place to anticipate implementation hurdles

    CASE STUDY

    Industry: Higher Education

    Source: Oxford University, IT Services

    "Since our last update, a review and re-planning exercise has reassessed the project approach, milestones, and time scales. This has highlighted some significant hurdles to transition which needed to be addressed, resulting primarily from the size of the project and the importance to the department of a smooth and well-planned transition to the new processes and toolset." – John Ireland, Director of Customer Service & Project Sponsor

    Initial hurdles led to a partial reorganization of the project in Fall 2014

    Despite careful planning and its ultimate success, Oxford’s consolidation effort still encountered some significant hurdles along the way – deadlines were sometimes missed and important processes overlooked.

    These bumps can be mitigated by building flexibility into your plan:

    • Adopt an Agile methodology – review and revise groups of tasks as the project progresses, rather than waiting until near the end of the project to get approval for the complete implementation.
    • Your Tiger Team or Project Steering Group must include the right people – the project team should not just include senior or high-level management; members of each affected IT group should be consulted, and junior-level employees can provide valuable insight into existing and potential processes and workflows.

    Info-Tech Insight

    Ensure that the project lead is someone conversant in ITSM, so that they are equipped to understand and react to the unique challenges and expectations of a consolidation and can easily communicate with process owners.

    Use the consolidation vision to define the target service desk in more detail

    Use your baseline assessment and your consolidation vision as a guide to figure out exactly where you’re going before planning how to get there.

    With approval for the project established and a clear idea of the current state of each service desk, narrow down the vision for the consolidated service desk into a specific picture of the target state.

    The target state should provide answers to the following types of questions:

    Process:

    • Will there be one set of SLAs across the organization?
    • What are the target SLAs?
    • How will ticket categories be defined?
    • How will users submit and track their tickets?
    • How will tickets be prioritized and escalated?
    • Will a knowledgebase be maintained and accessible by both service desk and end users?

    People:

    • How will staff be reorganized?
    • What will the roles and responsibilities look like?
    • How will tiers be structured?
    • What will the career path look like within the service desk?

    Technology:

    • Will there be one single ITSM tool to support the service desk?
    • Will an existing tool be used or will a new tool be selected?
    • If a new tool is needed, what are the requirements?

    Info-Tech Insight

    Select the target state that is right for your organization. Don’t feel pressured to select the highest target state or a complete consolidation. Instead select the target state that is most compatible with your organization’s current needs and capabilities.

    Determine metrics to measure the value of the project

    2.1.1 Identify KPIs to measure the success of the consolidation

    Participants
    • CIO
    • Service Desk Manager(s)
    • Service Desk Technicians
    What You’ll Need
    • Whiteboard or flip chart and markers

    Identify three primary categories where the consolidation project is expected to yield benefits to the business. Use the example on the right to guide your discussion.

    Efficiency and effectiveness are standard benefits for this project, but the third category may depend on your organization.

    • Examples include: improved resourcing, security, asset management, strategic alignment, end-user experience, employee experience

    Identify 1-3 key performance indicators (KPIs) associated with each benefit category, which will be used to measure the success of the consolidation project. Ensure that each has a baseline measure that can be reassessed after the consolidation.

    Efficiency

    Streamlined processes to reduce duplication of efforts

    • Reduced IT spend and cost of delivery
    • One ITSM tool Improved reliability of service
    • Improved response time

    Resourcing

    Improved allocation of human and financial resources

    • Improved resource sharing
    • Improved organizational structure of service desk

    Effectiveness

    Service delivery will be more accessible and standardized

    • Improved responsive-ness to incidents and service requests
    • Improved resolution time
    • Single point of contact for end users
    • Improved reporting

    Set targets for each metric to measure progress and success of the consolidation

    2.1.2 Identify specific metrics for each KPI and targets for each

    Participants
    • IT Director
    • Service Desk Manager(s)
    • Service Desk Technicians
    What You’ll Need
    • KPIs from previous step
    • Whiteboard or flip chart and markers
    1. Select one core KPI for each critical success factor, which will be used to measure progress and success of the consolidation effort down the road.
    2. For each KPI, document the average baseline metric the organization is achieving (averaged across all service desks).
    3. Discuss and document a target metric that the project will aim to reach through the single consolidated service desk.
    4. Set a short and long-term target for each metric to encourage continuous improvement. Examples:
    Efficiency
    Business Value KPI Current Metric Short-Term (6 month) Target Long-Term (1 year) Target
    Streamlined processes to reduce duplication of efforts Improved response time 2 hours 1 hour 30 minutes
    Effectiveness
    Business Value KPI Current Metric Short-Term (6 month) Target Long-Term (1 year) Target
    Service delivery will be more accessible and standardized Improved first call resolution (% resolved at Tier 1) 50% 60% 70%

    If poor processes were in place, take the opportunity to start fresh with the consolidation

    If each service desk’s existing processes were subpar, it may be easier to build a new service desk from the basics rather than trying to adapt existing processes.

    You should have these service management essentials in place:

    Service Requests:

    • Standardize process to verify, approve, and fulfill service requests.
    • Assign priority according to business criticality and service agreements.
    • Think about ways to manage service requests to better serve the business long term.

    Incident Management:

    • Set standards to define and record incidents.
    • Define incident response actions and communications.

    Knowledgebase:

    • Define standards for knowledgebase.
    • Introduce creation of knowledgebase articles.
    • Create a knowledge-sharing and cross-training culture.

    Reporting:

    • Select appropriate metrics.
    • Generate relevant insights that shed light on the value that IT creates for the organization.

    The image is a circle comprised of 3 concentric circles. At the centre is a circle labelled Standardized Service Desk. The ring outside of it is split into 4 sections: Incident Management; Service Requests; Structure and Reporting; and Knowledgebase. The outer circle is split into 3 sections: People, Process, Technologies.

    Evaluate how your processes compare with the best practices defined here. If you need further guidance on how to standardize these processes after planning the consolidation, follow Info-Tech’s blueprint, Standardize the Service Desk.

    Even optimized processes will need to be redefined for the target consolidated state

    Your target state doesn’t have to be perfect. Model a short-term, achievable target state that can demonstrate immediate value.

    Consider the following elements when designing service desk processes:
    • Ticket input (i.e. how can tickets be submitted?)
    • Ticket classification (i.e. how will tickets be categorized?)
    • Ticket prioritization (i.e. how will critical incidents be defined?)
    • Ticket escalation (i.e. how and at what point will tickets be assigned to a more specialized resource?)
    • Ticket resolution (i.e. how will resolution be defined and how will users be notified?)
    • Communication with end users (i.e. how and how often will users be notified about the status of their ticket or of other incidents and outages?)

    Consider the following unique process considerations for consolidation:

    • How will knowledge sharing be enabled in order for all technicians to quickly access known errors and resolve problems?
    • How can first contact resolution levels be maintained through the transition?
    • How will procedures be clearly documented so that tickets are escalated properly?
    • Will ticket classification and prioritization schemes need to change?
    • Will new services such as self-serve be introduced to end users and how will this be communicated?

    Info-Tech Insight

    Don’t do it all at once. Consolidation will lead to some level of standardization. It will be reinforced and improved later through ongoing reengineering and process improvement efforts (continual improvement management).

    Brainstorm process requirements for consolidated service desk

    2.1.3 Identify process-related requirements for short and long term

    Participants
    • CIO
    • Service Desk Manager(s)
    • Service Desk Technicians
    What You'll Need
    • Whiteboard, sticky notes, markers
    • Vision and goals for the consolidation from step 1.2
    Document
    • Document internally, or leave on a whiteboard for workshop participants to return to when documenting tasks in the roadmap tool.
    1. Review the questions in the previous section to frame a discussion on process considerations and best practices for the target consolidated service desk.
    2. Use your responses to the questions to brainstorm a list of process requirements or desired characteristics for the target state, particularly around incident management and service request management.
    3. Write each requirement onto a sticky note and categorize it as one of the following:
      1. Immediate requirement for consolidated service desk
      2. Implement within 6 months
      3. Implement within 1 year

    Example:

    Whiteboard:

    • Immediate
      • Clearly defined ticket prioritization scheme
      • Critical incident process workflow
    • 6 months
      • Clearly defined SOP, policies, and procedures
      • Transactional end-user satisfaction surveys
    • 1 year
      • Change mgmt.
      • Problem mgmt.

    Define the target resource distribution and utilization for the consolidated service desk

    Consolidation can sound scary to staff wondering if there will be layoffs. Reduce that by repurposing local staff and maximizing resource utilization in your organizational design.

    Consider the following people-related elements when designing your target state:

    • How will roles and responsibilities be defined for service desk staff?
    • How many agents will be required to deal with ticket demand?
    • What is the target agent utilization rate?
    • How will staff be distributed among tiers?
    • What will responsibilities be at each tier?
    • Will performance goals and rewards be established or standardized?

    Consider the following unique people considerations for consolidation:

    • Will staffing levels change?
    • Will job titles or roles change for certain individuals?
    • How will staff be reorganized?
    • Will staff need to be relocated to one location?
    • Will reporting relationships change?
    • How will this be managed?
    • How will performance measurements be consolidated across teams and departments to focus on the business goals?
    • Will there be a change to career paths?
    • What will consolidation do to morale, job interest, job opportunities?

    Info-Tech Insight

    Identify SMEs and individuals who are knowledgeable about a particular location, end-user base, technology, or service offering. They may be able to take on a different, greater role due to the reorganization that would make better use of their skills and capabilities and improve morale.

    Brainstorm people requirements for consolidated service desk

    2.1.4 Identify people-related requirements for short and long term

    Participants
    • CIO
    • Service Desk Manager(s)
    • Service Desk Technicians
    What You'll Need
    • Whiteboard, sticky notes, markers
    • Vision and goals for the consolidation from step 1.2
    Document

    Document internally, or leave on a whiteboard for workshop participants to return to when documenting tasks in the roadmap tool.

    1. Review the questions in the previous section to frame a discussion on people considerations and best practices for the target consolidated service desk.
    2. Use your responses to the questions to brainstorm a list of requirements for the allocation and distribution of resources, including roles, responsibilities, and organizational structure.
    3. When thinking about people, consider requirements for both your staff and your end users.
    4. Write each requirement onto a sticky note and categorize it as one of the following:
      1. Immediate requirement for consolidated service desk
      2. Implement within 6 months
      3. Implement within 1 year

    Example:

    Whiteboard:

    • Immediate
      • Three tier structure with SMEs at Tier 2 and 3
      • All staff working together in one visible location
    • 6 months
      • Roles and responsibilities well defined and documented
      • Appropriate training and certifications available to staff
    • 1 year
      • Agent satisfaction above 80%
      • End-user satisfaction above 75%

    Identify the tools that will support the service desk and those the service desk will support

    One of the biggest technology-related decisions you need to make is whether you need a new ITSM tool. Consider how it will be used by a single service desk to support the entire organization.

    Consider the following technology elements when designing your target state:
    • What tool will be used to support the service desk?
    • What processes or ITIL modules can the tool support?
    • How will reports be produced? What types of reports will be needed for particular audiences?
    • Will a self-service tool be in place for end users to allow for password resets or searches for solutions?
    • Will the tool integrate with tools for change, configuration, problem, and asset management?
    • Will the majority of manual processes be automated?
    Consider the following unique technology considerations for consolidation:
    • Is an existing service management tool extensible?
    • If so, can it integrate with essential non-IT systems?
    • Can the tool support a wider user base?
    • Can the tool support all areas, departments, and technologies it will need to after consolidation?
    • How will data from existing tools be migrated to the new tool?
    • What implementation or configuration needs and costs must be considered?
    • What training will be required for the tool?
    • What other new tools and technologies will be required to support the consolidated service desk?

    Info-Tech Insight

    Talk to staff at each service desk to ask about their tool needs and requirements to support their work. Invite them to demonstrate how they use their tools to learn about customization, configuration, and functionality in place and to help inform requirements. Engaging staff in the process will ensure that the new consolidated tool will be supported and adopted by staff.

    Brainstorm technology requirements for consolidated service desk

    2.1.5 Identify technology-related requirements for short and long term

    Participants
    • CIO
    • Service Desk Manager(s)
    • Service Desk Technicians
    What You’ll Need
    • Whiteboard, sticky notes, markers
    • Vision and goals for the consolidation from step 1.2
    Document

    Document internally, or leave on a whiteboard for workshop participants to return to when documenting tasks in the roadmap tool.

    1. Review the questions in the previous section to frame a discussion on technology considerations and best practices for the target consolidated service desk.
    2. Use your responses to the questions to brainstorm a list of requirements for the tools to support the consolidated service desk, along with any other technology requirements for the target state.
    3. Write each requirement onto a sticky note and categorize it as one of the following:
      1. Immediate requirement for consolidated service desk
      2. Implement within 6 months
      3. Implement within 1 year

    Example:

    Whiteboard:

    • Immediate
      • Single ITSM tool
      • Remote desktop support
    • 6 months
      • Self-service portal
      • Regular reports are produced accurately
    • 1 year
      • Mobile portal
      • Chat integration

    Identify specific requirements for a tool if you will be selecting a new ITSM solution

    Service desk software needs to address both business and technological needs. Assess these needs to identify core capabilities required from the solution.

    Features Description
    Modules
    • Do workflows integrate seamlessly between functions such as incident management, change management, asset management, desktop and network management?

    Self-Serve

    • Does the existing tool support self-serve in the form of web forms for incident reporting, forms for service requests, as well as FAQs for self-solve?
    • Is a service catalog available or can one be integrated painlessly?
    Enterprise Service Management Needs
    • Integration of solution to all of IT, Human Resources, Finance, and Facilities for workflows and financial data can yield great benefits but comes at a higher cost and greater complexity. Weigh the costs and benefits.
    Workflow Automation
    • If IT has advanced beyond simple workflows, or if extending these workflows beyond the department, more power may be necessary.
    • Full business process management (BPM) is part of a number of more advanced service desk/service management solutions.
    License Maintenance Costs
    • Are license and maintenance costs still reasonable and appropriate for the value of the tool?
    • Will the vendor renegotiate?
    • Are there better tools out there for the same or better price?
    Configuration Costs
    • Templates, forms, workflows, and reports all take time and skills but bring big benefits. Can these changes be done in-house? How much does it cost to maintain and improve?
    Speed / Performance
    • Data growth and volume may have reached levels beyond the current solution’s ability to cope, despite database tuning.
    Vendor Support
    • Is the vendor still supporting the solution and developing the roadmap? Has it been acquired? Is the level of support still meeting your needs?

    Build a requirements document for the service desk tool

    2.1.6 Create a requirements list and demo script for an ITSM tool (optional)

    Participants
    • CIO/IT Director
    • Service Desk Manager(s)
    • Service Desk Technicians
    What You'll Need
    • Flip charts and markers
    • Templates:
      • IT Service Management Demo Script Template
      • Service Desk Software and RFP Evaluation Tool

    Create a requirements list for the service desk tool.

    1. Break the group into smaller functional groups.
    2. Brainstorm features that would be important to improving efficiencies, services to users, and visibility to data.
    3. Document on flip chart paper, labelling each page with the functional group name.
    4. Prioritize into must-have and nice-to-have items.
    5. Reconvene and discuss each list with the group.
    6. Info-Tech’s Service Desk Software and RFP Evaluation Tool can also be used to document requirements for an RFI.

    Create a demo script:

    Using information from the requirements list, determine which features will be important for the team to see during a demo. Focus on areas where usability is a concern, for example:

    • End-user experience
    • Workflow creation and modification
    • Creating templates
    • Creating service catalog items
    • Knowledgebase

    Evaluate alternative tools, build a shortlist for RFPs, and arrange web demonstrations or evaluation copies

    2.1.7 Identify an alternative tool and build an RFP (optional)

    Participants
    • CIO (optional)
    • Service Desk Manager
    • Service Desk Technician(s)
    • Service Desk Tool Administrator
    What You'll Need
    • Whiteboard or flip chart and markers
    • Service Desk RFP Template

    Evaluate current tool:

    • Investigate to determine if these features are present and just not in use.
    • Contact the vendor if necessary.
    • If enough features are present, determine if additional training is required.
    • If tool is proven to be inadequate, investigate options.

    Consider alternatives:

    Use Info-Tech’s blueprints for further guidance on selecting and implementing an ITSM tool

    1. Select a tool

    Info-Tech regularly evaluates ITSM solution providers and ranks each in terms of functionality and affordability. The results are published in the Enterprise and Mid-Market Service Desk Software Vendor Landscapes.

    2. Implement the tool

    After selecting a solution, follow the Build an ITSM Tool Implementation Plan project to develop an implementation plan to ensure the tool is appropriately designed, installed, and tested and that technicians are sufficiently trained to ensure successful deployment and adoption of the tool.

    Compare your existing service desks with the Consolidate Service Desk Scorecard Tool

    Complete the scorecard tool along with the activities of the next step

    The Consolidate Service Desk Scorecard Tool will allow you to compare metrics and maturity results across your service desks to identify weak and poor performers and processes.

    The purpose of this tool is to organize the data from up to six service desks that are part of a service desk consolidation initiative. Displaying this data in an organized fashion, while offering a robust comparative analysis, should facilitate the process of establishing a new baseline for the consolidated service desk.

    Use the results on tab 4 of the Consolidate Service Desk Assessment Tool. Enter the data from each service desk into tab “2. InfoCards” of the Consolidate Service Desk Scorecard Tool.

    Data from up to six service desks (up to six copies of the assessment tool) can be entered into this tool for comparison.

    Set targets for key metrics to identify high performing service desks

    2.1.8 Use the scorecard tool to set target metrics against which to compare service desks

    Participants
    • CIO or IT Director
    • Service Desk Manager(s)
    What You’ll Need
    • Consolidate Service Desk Scorecard Tool
    1. Review the explanations of the six core metrics identified from the service desk assessment tool. These are detailed on tab 3 of the Consolidate Service Desk Scorecard Tool.
      1. End-user satisfaction
      2. Agent satisfaction
      3. Cost per ticket
      4. Agent utilization rate
      5. First contact resolution rate
      6. First tier resolution rate
    2. For each metric (except agent utilization), define a “worst” and “best” target number. These numbers should be realistic and determined only after some consideration.
    • Service desks scoring at or above the “best” threshold for a particular metric will receive 100% on that metric; while service desks scoring at or below the “worst” threshold for a particular metric will receive 0% on that metric.
    • For agent utilization, only a “best” target number is entered. Service desks hitting this target number exactly will receive 100%, with scores decreasing as a service desk’s agent utilization gets further away from this target.
  • Identify the importance of each metric and vary the values in the “weighting” column accordingly.
  • The values entered on this tab will be used in calculating the overall metric score for each service desk, allowing you to compare the performance of existing service desks against each other and against your target state.

    Review the results of the scorecard to identify best practices

    2.1.9 Discuss the results of the scorecard tool

    Participants
    • CIO or IT Director (optional)
    • Service Desk Manager(s)
    What You'll Need
    • Consolidate Service Desk Scorecard Tool
    1. Facilitate a discussion on the results of the scorecard tool on tabs 4 (Overall Results), 5 (Maturity Results), and 6 (Metrics Results).
    2. Identify the top performing service desks(s) (SD Champions) as identified by the average of their metric and maturity scores.
    3. Identify the top performing service desk by maturity level (tab 5; Level 3 – Integrated or Optimized), paying particular attention to high scorers on process maturity and maturity in incident & service request management.
    4. Identify the top performing service desk by metric score (tab 6), paying particular attention to the metrics that tie into your KPIs.
    5. For those service desks, review their processes and identify what they are doing well to glean best practices.
      1. Incorporate best practices from existing high performing service desks into your target state.
      2. If one service desk is already performing well in all areas, you may choose to model your consolidated service desk after it.

    Document processes and procedures in an SOP

    Define the standard operating procedures for the consolidated service desk

    Develop one set of standard operating procedures to ensure consistent service delivery across locations.

    One set of standard operating procedures for the new service desk is essential for a successful consolidation.

    Info-Tech’s Consolidated Service Desk SOP Template provides a detailed example of documenting procedures for service delivery, roles and responsibilities, escalation and prioritization rules, workflows for incidents and service requests, and resolution targets to help ensure consistent service expectations across locations.

    Use this template as a guide to develop or refine your SOP and define the processes for the consolidated service desk.

    Step 2.2: Assess logistics and cost of consolidation

    Phase 2

    Design consolidation

    2.1 Design target consolidated state

    2.2 Assess logistics and cost

    This step will walk you through the following activities:
    • 2.2.1 Plan logistics for process, technology, and facilities
    • 2.2.2 Plan logistics around resource allocation
    • 2.2.3 Review the results of the Service Desk Efficiency Calculator to refine the business case for the consolidation project
    This step involves the following participants:
    • CIO or IT Director
    • Project Manager
    • Service Desk Manager(s)
    Step outcomes
    • An understanding and list of tasks to accomplish to ensure all logistical considerations for the consolidation are accounted for
    • An analysis of the impact on staffing and service levels using the Service Desk Efficiency Calculator
    • An assessment of the cost of consolidation and the cost savings of a consolidated service desk using a TCO tool

    The United States Coast Guard’s consolidation saved $20 million in infrastructure and support costs

    CASE STUDY

    Industry: US Coast Guard

    Source: CIO Rear Adm. Robert E. Day, Jr. (retired)

    Challenges

    The US Coast Guard was providing internal IT support for 42,000 members on active duty from 11 distinct regional IT service centers around the US.

    Pain Points

    1. Maintaining 11 disparate IT architectures was costly and time consuming.
    2. Staffing inefficiencies limited the USCG’s global IT service operations to providing IT support from 8am to 4pm.
    3. Individual sites were unable to offload peak volume during heavier call loads to other facilities.
    4. Enforcing adherence to standard delivery processes, procedures, and methods was nearly impossible.
    5. Personnel didn’t have a single point of contact for IT support.
    6. Leadership has limited access to consolidated analytics.

    Outcomes

    • Significant reduction in infrastructure, maintenance, and support costs.
    • Reduced risk through comprehensive disaster recovery.
    • Streamlined processes and procedures improved speed of incident resolution.
    • Increased staffing efficiencies.
    • Deeper analytical insight into service desk performance.

    Admiral Day was the CIO from 2009 to 2014. In 2011, he lead an initiative to consolidate USCG service desks.

    Selecting a new location communicated the national mandate of the consolidated service desk

    Site Selection - Decision Procedures

    • Determine location criteria, including:
      • Access to airports, trains, and highways
      • Workforce availability and education
      • Cost of land, real estate, taxes
      • Building availability Financial incentives
    • Review space requirements (i.e. amount and type of space).
    • Identify potential locations and analyze with defined criteria.
    • Develop cost models for various alternatives.
    • Narrow selection to 2-3 sites. Analyze for fit and costs.
    • Conduct site visits to evaluate each option.
    • Make a choice and arrange for securing the site.
    • Remember to compare the cost to retrofit existing space with the cost of creating a space for the consolidated service desk.

    Key Decision

    Relocating to a new location involved potentially higher implementation costs, which was a significant disadvantage.

    Ultimately, the relocation reinforced the national mandate of the consolidated service desk. The new organization would act as a single point of contact for the support of all 42,000 members of the US Coast Guard.

    "Before our regional desks tended to take on different flavors and processes. Today, users get the same experience whether they’re in Alaska or Maryland by calling one number: (855) CG-FIX IT." – Rear Adm. Robert E. Day, Jr. (retired)

    Plan the logistics of the consolidation to inform the project roadmap and cost assessment

    Before proceeding, validate that the target state is achievable by evaluating the logistics of the consolidation itself.

    A detailed project roadmap will help break down the project into manageable tasks to reach the target state, but there is no value to this if the target state is not achievable or realistic.

    Don’t forget to assess the logistics of the consolidation that can be overlooked during the planning phase:

    • Service desk size
    • Location of the service desk
    • Proximity to company management and facilities
    • Unique applications, platforms, or configurations in each location/region
    • Distribution of end-user population and varying end-user needs
    • Load balancing
    • Call routing across locations
    • Special ergonomic or accessibility requirements by location
    • Language requirements

    Info-Tech Insight

    Language barriers can form significant hurdles or even roadblocks for the consolidation project. Don’t overlook the importance of unique language requirements and ensure the consolidated service desk will be able to support end-user needs.

    Plan logistics for process, technology, and facilities

    2.2.1 Assess logistical and cost considerations around processes, technology, and facilities

    Participants
    • CIO or IT Director
    • Project Manager
    • Service Desk Manager(s)
    What You'll Need
    • Whiteboard or flip chart and markers
    • Consolidate roadmap
    Document

    Identify tasks that should form part of the roadmap and document in the roadmap tool.

    Identify costs that should be included in the TCO assessment and document in the TCO tool.

    Discuss and identify any logistic and cost considerations that will need to form part of the consolidation plan and roadmap. Examples are highlighted below.

    Logistic considerations

    • Impact of ticket intake process changes on end users
    • Process change impact on SLAs and productivity standards
    • Call routing changes and improvements
    • Workstations and workspace – is there enough and what will it look like for each agent?
    • Physical access to the service desk – will walk-ups be permitted? Is it accessible?
    • Security or authorization requirements for specific agents that may be impacted by relocation
    • Layout and design of new location, if applicable
    • Hardware, platform, network, and server implications
    • Licensing and contract limitations of the service desk tool

    Cost considerations

    • Cost savings from ITSM tool consolidation
    • Cost of new ITSM tool purchase, if applicable
    • Efficiencies gained from process simplification
    • New hardware or software purchases
    • Cost per square foot of new physical location, if applicable

    Develop a staffing plan that leverages the strengths you currently have and supplement where your needs require

    Your staff are your greatest assets; be sensitive to their concerns as you plan the consolidation.

    Keep in mind that if your target state involves reorganization of resources and the creation of resources, there will be additional staffing tasks that should form part of the consolidation plan. These include:

    • Develop job descriptions and reporting relationships
    • Evaluate current competencies Identify training and hiring needs
    • Develop migration strategy (including severance and migration packages)

    If new positions will be created, follow these steps to mitigate risks:

    1. Conduct skills assessments (a skills inventory should have been completed in phase 1)
    2. Re-interview existing staff for open positions before considering hiring outside staff
    3. Hire staff from outside if necessary

    For more guidance on hiring help desk staff, see Info-Tech’s blueprint, Manage Help Desk Staffing.

    Be sensitive to employee concerns.

    Develop guiding principles for the consolidation to ensure that employee satisfaction remains a priority throughout the consolidation.

    Examples include:

    1. Reconcile existing silos and avoid creating new silos
    2. Keep current systems where it makes sense to avoid staff having to learn multiple new systems to do their jobs and to reduce costs
    3. Repurpose staff and allocate according to their knowledge and expertise as much as possible
    4. Remain open and transparent about all changes and communicate change regularly

    Info-Tech Insight

    The most talented employees can be lost in the migration to a consolidated service desk, resulting in organizational loss of core knowledge. Mitigate this risk using measurement strategies, competency modeling, and knowledge sharing to reduce ambiguity and discomfort of affected employees.

    Plan logistics around resource allocation

    2.2.2 Assess logistical and cost considerations around people

    Participants
    • CIO or IT Director
    • Project Manager
    • Service Desk Manager(s)
    What You’ll Need
    • Whiteboard or flip chart and markers
    • Consolidate roadmap
    Document

    Identify tasks that should form part of the roadmap and document in the roadmap tool.

    Identify costs that should be included in the TCO assessment and document in the TCO tool.

    Discuss and identify any logistic and cost considerations surrounding resources and staffing that will need to form part of the consolidation plan and roadmap. Examples are highlighted below.

    Logistic considerations

    • Specialized training requirements for staff moving to new roles
    • Enablement of knowledge sharing across agents
    • Potential attrition of staff who do not wish to relocate or be reallocated
    • Relocation of staff – will staff have to move and will there be incentives for moving?
    • Skills requirements, recruitment needs, job descriptions, and postings for hiring

    Cost considerations

    • Existing and future salaries for employees
    • Potential attrition of employees
    • Retention costs and salary increases to keep employees
    • Hiring costs
    • Training needs and costs

    Assess impact on staffing with the Service Desk Efficiency Calculator

    How do organizations calculate the staffing implications of a service desk consolidation?

    The Service Desk Efficiency Calculator uses the ITIL Gross Staffing Model to think through the impact of consolidating service desk processes.

    To estimate the impact of the consolidation on staffing levels, estimate what will happen to three variables:

    • Ticket volume
    • Average call resolution
    • Spare capacity

    All things being equal, a reduction in ticket volume (through outsourcing or the implementation of self-serve options, for example), will reduce your staffing requirements (all things being equal). The same goes for a reduction in the average call resolution rate.

    Constraints:

    Spare capacity: Many organizations are motivated to consolidate service desks by potential reductions in staffing costs. However, this is only true if your service desk agents have spare capacity to take on the consolidated ticket volume. If they don’t, you will still need the same number of agents to do the work at the consolidated service desk.

    Agent capabilities: If your agents have specialised skills that you need to maintain the same level of service, you won’t be able to reduce staffing until agents are cross-trained.

    Review the results of the Service Desk Efficiency Calculator to refine the business case for the consolidation project

    2.2.3 Discuss the results of the efficiency calculator in the context of consolidation

    Participants
    • CIO or IT Director
    • Service Desk Manager(s)
    What You’ll Need
    • Completed Service Desk Efficiency Calculator

    The third tab of the Service Desk Efficiency Calculator will quantify:

    • Service Desk Staffing: The impact of different ticket distribution on service desk staffing levels.
    • Service Desk Ticket Resolution Cost: The impact of different ticket distributions on ticket resolution costs.
    • Service Management Efficiency: The business impact of service management initiatives, specifically, the time lost or captured in service management processes relative to an average full-time employee equivalent.

    Facilitate a discussion around the results.

    Evaluate where you are now and where you hope to be. Focus on the efficiency gains expected from the outsourcing project. Review the expected gains in average resolution time, the expected impact on service desk ticket volume, and the associated productivity gains.

    Use this information to refine the business case and project plan for the consolidation, if needed.

    Assess consolidation costs and cost savings to refine the business case

    While cost savings should not be the primary driver of consolidation, they should be a key outcome of the project in order to deliver value.

    Typical cost savings for a service desk consolidation are highlighted below:

    People 10-20% savings (through resource pooling and reallocation)

    Process 5-10% savings (through process simplification and efficiencies gained)

    Technology 10-15% savings (through improved call routing and ITSM tool consolidation)

    Facilities 5-10% savings (through site selection and redesign)

    Cost savings should be balanced against the costs of the consolidation itself (including hiring for consolidation project managers or consultants, moving expenses, legal fees, etc.)

    Evaluate consolidation costs using the TCO Comparison Tool described in the next section.

    Analyze resourcing and budgeting to create a realistic TCO and evaluate the benefits of consolidation

    Use the TCO tool to assess the cost and cost savings of consolidation

    • The tool compares the cost of operating two service desks vs. one consolidated service desk, along with the cost of consolidation.
    • If your consolidation effort involves more than two facilities, then use multiple copies of the tool.
      • E.g. If you are consolidating four service desks (A, B, C, and D) into one service desk (X), then use two copies of the tool. We encourage you to book an analyst call to help you get the most out of this tool and process.

    Service Desk Consolidation TCO Comparison Tool

    Refine the business case and update the executive presentation

    Check in with executives and project sponsor before moving forward with the transition

    Since completing the executive visioning session in step 1.2, you should have completed the following activities:

    • Current state assessment
    • Detailed target state and metrics
    • Gap analysis between current and target state
    • Assessment of logistics and cost of consolidation

    The next step will be to develop a project roadmap to achieve the consolidation vision.

    Before doing this, check back in with the project sponsor and business executives to refine the business case, obtain necessary approvals, and secure buy-in.

    If necessary, add to the executive presentation you completed in step 1.2, copying results of the deliverables you have completed since:

    • Consolidate Service Desk Assessment Tool (current state assessment)
    • Consolidate Service Desk Scorecard Tool
    • Service Desk Consolidation TCO Comparison Tool

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    2.1.3 Brainstorm process requirements for consolidated service desk

    Identify process requirements and desired characteristics for the target consolidated service desk.

    2.1.9 Review the results of the scorecard to identify best practices

    Review the results of the Consolidate Service Desk Scorecard Tool to identify top performing service desks and glean best practices.

    Phase 3

    Plan the Transition

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 3: Plan the transition

    Proposed Time to Completion (in weeks): 2-4

    Step 3.1: Build project roadmap

    Discuss with an analyst:

    • Identify specific initiatives for the consolidation project and evaluate the risks and dependencies for each
    • Plot initiatives on a detailed project roadmap with assigned responsibilities

    Then complete these activities…

    • Break the consolidation project down into specific initiatives
    • Identify and document risks and dependencies
    • Plot your initiatives onto a detailed project roadmap
    • Select transition date for consolidation

    With these tools & templates:

    Service Desk Consolidation Roadmap

    Step 3.2: Communicate the change

    Discuss with an analyst:

    • Identify the goals of communication, then develop a communications plan with targeted messaging for each stakeholder group to achieve those goals
    • Brainstorm potential objections and questions as well as responses to each

    Then complete these activities…

    • Build the communications delivery plan
    • Brainstorm potential objections and questions and prepare responses
    • Complete the news bulletin to distribute to your end users

    With these tools & templates:

    Service Desk Consolidation Communications and Training Plan Template

    Service Desk Consolidation News Bulletin & FAQ Template

    Phase 3 Results:
    • A detailed project roadmap toward consolidation and a communications plan to ensure stakeholders are on board

    Step 3.1: Build the project roadmap

    Phase 3

    Plan the consolidation

    3.1 Build the project roadmap

    3.2 Communicate the change

    This step will walk you through the following activities:
    • 3.1.1 Break the consolidation project down into a series of specific initiatives
    • 3.1.2 Identify and document risks and dependencies
    • 3.1.3 Plot your initiatives onto a detailed project roadmap
    • 3.1.4 Select transition date based on business cycles
    This step involves the following participants:
    • CIO
    • IT Directors
    • Service Desk Managers
    • Consolidation Project Manager
    • Service Desk Technicians
    Step outcomes

    A detailed roadmap to migrate to a single, consolidated service desk, including:

    • A breakdown of specific tasks groups by people, process, and technology
    • Identified risks and dependencies for each task
    • A timeline for completion of each task and the overall consolidation
    • Assigned responsibility for task completion

    Failure to engage stakeholders led to the failure of a large healthcare organization’s consolidation

    CASE STUDY

    Industry: Healthcare

    Source: Organizational insider

    A large US healthcare facilities organization implemented a service desk consolidation initiative in early 2013. Only 18 months later, they reluctantly decided to return to their previous service desk model.

    Why did this consolidation effort fail?

    1. Management failed to communicate the changes to service-level staff, leading to agent confusion and pushback. Initially, each desk became part of the other’s overflow queue with no mention of the consolidation effort. Next, the independent desks began to share a basic request queue. Finally, there was a complete virtual consolidation – which came as a shock to service agents.
    2. The processes and workflows of the original service desks were not integrated, requiring service agents to consult different processes and use different workflows when engaging with end users from different facilities, even though all calls were part of the same queue.
    3. Staff at the different service centers did not have a consistent level of expertise or technical ability, even though they all became part of the same queue. This led to a perceived drop in end-user satisfaction – end users were used to getting a certain level of service and were suddenly confronted with less experienced agents.

    Before Consolidation

    Two disparate service desks:

    • With distinct geographic locations.
    • Servicing several healthcare facilities in their respective regions.
    • With distinct staff, end users, processes, and workflows.

    After Consolidation

    One virtually-consolidated service desk servicing many facilities spread geographically over two distinct locations.

    The main feature of the new virtual service desk was a single, pooled ticket queue drawn from all the end users and facilities in the new geographic regions.

    Break the consolidation project down into a series of specific initiatives

    3.1.1 Create a list of specific tasks that will form the consolidation project

    Participants
    • CIO or IT Director
    • Project Manager
    • Service Desk Manager(s)
    What You’ll Need
    • Whiteboard and markers
    • List of prioritized target state requirements
    • Consolidation roadmap
    Document

    Document the list of initiatives in the Service Desk Consolidation Roadmap.

    In order to translate your newly made decisions regarding the target state and logistical considerations into a successful consolidation strategy, create an exhaustive list of all the steps and sub-steps that will lead you from your current state to your target state.

    Use the next few steps to finish brainstorming the initiative list, identify risks and dependencies, and construct a detailed timeline populated with specific project steps.

    Instructions

    Start with the list you have been curating throughout the current and future state assessments. If you are completing this project as a workshop, add to the initiative list you have been developing on the whiteboard.

    Try to organize your initiatives into groups of related tasks. Begin arranging your initiatives into people, process, technology, or other categories.

    Whiteboard People Process Technology Other

    Evaluate the impact of potential risks and develop a backup plan for high risk initiatives

    A service desk consolidation has a high potential for risks. Have a backup plan prepared for when events don’t go as planned.

    • A consolidation project requires careful planning as it is high risk and not performed often.
    • Apply the same due diligence to the consolidation plan as you do in preparing your disaster recovery plan. Establish predetermined resolutions to realistic risks so that the team can think of solutions quickly during the consolidation.

    Potential Sources of Risk

    • Service desk tool or phone line downtime prevents ability to submit tickets
    • Unable to meet SLAs through the transition
    • Equipment failure or damage through the physical move
    • Lost data through tool migration
    • Lost knowledge from employee attrition
    Risk - degree of impact if activities do not go as planned High

    A – High Risk, Low Frequency

    Tasks that are rarely done and are high risk. Focus attention here with careful planning (e.g. consolidation)

    B – High Risk, High Frequency

    Tasks that are performed regularly and must be watched closely each time (e.g. security authorizations)

    C – Low Risk, Low Frequency

    Tasks that are performed regularly with limited impact or risk (e.g. server upgrades)

    D – Low Risk, High Frequency

    Tasks that are done all the time and are not risky (e.g. password resets)

    Low High
    Frequency - how often the activity has been performed

    Service desk consolidations fit in category A

    Identify risks for people, processes, tools, or data to ensure the project plan will include appropriate mitigations

    Each element of the consolidation has an inherent risk associated with it as the daily service flow is interrupted. Prepare in advance by anticipating these risks.

    The project manager, service desk managers, and subject matter experts (SMEs) of different areas, departments, or locations should identify risks for each of the processes, tools, resource groups (people), and any data exchanges and moves that will be part of the project or impacted by the project.

    Process - For each process, validate that workflows can remain intact throughout the consolidation project. If any gaps may occur in the process flows, develop a plan to be implemented in parallel with the consolidation to ensure service isn’t interrupted.

    Technology - For a tool consolidation, upgrade, or replacement, verify that there is a plan in place to ensure continuation of service delivery processes throughout the change.

    Make a plan for if and how data from the old tool(s) will be migrated to the new tool, and how the new tool will be installed and configured.

    People - For movement of staff, particularly with termination, identify any risks that may occur and involve your HR and legal departments to ensure all movement is compliant with larger processes within the organization.

    Info-Tech Insight

    Don’t overlook the little things. Sometimes the most minor-seeming components of the consolidation can cause the greatest difficulty. For example, don’t assume that the service desk phone number can simply roll over to a new location and support the call load of a combined service desk. Verify it.

    Identify and document risks and dependencies

    3.1.2 Risks, challenges, and dependencies exercise - Estimated Time: 60 minutes

    Participants
    • CIO or IT Director
    • Project Manager
    • Service Desk Manager(s)
    • SMEs
    What You'll Need
    • Whiteboard and markers
    • List of initiatives identified in previous activities
    • Consolidation roadmap
    Document

    Use the outcome of this activity to complete your consolidation roadmap.

    Instructions
    • Document risks and challenges, as well as dependencies associated with the initiatives identified earlier, using a different color sticky note from your initiatives.
    • See example below.
    Combine Related Initiatives
    • Look for initiatives that are highly similar, dependent on each other, or occurring at the same time. Consolidate these initiatives into a single initiative with several sub-steps in order to better organize your roadmap and reduce redundancy.
    • Create hierarchies for dependent initiatives that could affect the scheduling of initiatives on a roadmap, and reorganize the whiteboard where necessary.
    Optional:
    • Use a scoring method to categorize risks. E.g.:
      • High: will stop or delay operations, radically increase cost, or significantly reduce consolidation benefits
      • Medium: would cause some delay, cost increase, or performance shortfall, but would not threaten project viability
      • Low: could impact the project to a limited extent, causing minor delays or cost increases
    • Develop contingency plans for high risks or adjust to avoid the problem entirely
    Implement new ISTM tool:
    • Need to transition from existing tools
    • Users must be trained
    • Data and open tickets must be migrated

    Plot your initiatives onto a detailed project roadmap

    3.1.3 Estimated Time: 45 minutes

    Participants
    • CIO or IT Director
    • Project Manager
    • Service Desk Manager(s)
    Document

    Document your initiatives on tab 2 of the Service Desk Consolidation Roadmap or map it out on a whiteboard.

    Determine the sequence of initiatives, identify milestones, and assign dates.
    • The purpose of this exercise is to define a timeline and commit to initiatives to reach your goals.
    • Determine the order in which previously identified consolidation initiatives will be implemented, document previously identified risks and dependencies, assign ownership for each task, and assign dates for pilots and launch.

    Select transition date based on business cycles

    3.1.4

    Participants
    • CIO or IT Director
    • Project Manager
    • Service Desk Manager(s)
    What You'll Need
    • Consolidation roadmap
    Document

    Adjust initiatives in the consolidation roadmap if necessary.

    The transition date will be used in communications in the next step.

    1. Review the initiatives in the roadmap and the resulting sunshine diagram on tab 3.
    2. Verify that the initiatives will be possible within the determined time frame and adjust if necessary.
    3. Based on the results of the roadmap, select a target transition date for the consolidation by determining:
      1. Whether there are dates when a major effort of this kind should not be scheduled.
      2. Whether there are merger and acquisition requirements that dictate a specific date for the service desk merger.
    4. Select multiple measurable checkpoints to alert the team that something is awry and mitigate risks.
    5. Verify that stakeholders are aware of the risks and the proposed steps necessary to mitigate them, and assign the necessary resources to them.
    6. Document or adjust the target transition date in the roadmap.

    Info-Tech Insight

    Consolidating service desks doesn’t have to be done in one shot, replacing all your help desks, tools, and moving staff all at the same time. You can take a phased approach to consolidating, moving one location, department, or tool at a time to ease the transition.

    Step 3.2: Communicate the change

    Phase 3

    Design consolidation

    3.1 Build the project roadmap

    3.2 Communicate the change

    This step will walk you through the following activities:
    • 3.2.1 Build the communications delivery plan
    • 3.2.2 Brainstorm potential objections and questions and prepare responses
    This step involves the following participants:
    • IT Director
    • Project Manager
    • Service Desk Manager(s)
    • Service Desk Agents
    Step outcomes
    • A detailed communications plan with key messages, delivery timeline, and spokesperson responsibility for each key stakeholder audience
    • A set of agreed-upon responses to anticipated objections and questions to ensure consistent message delivery
    • A news bulletin and list of FAQs to distribute to end users to prepare them for the change

    Create your communication plan with everyone in mind, from the CIO to end users

    CASE STUDY

    Industry: Higher Education

    Source: Oxford University, IT Services

    Oxford implemented extremely innovative initiatives as part of its robust communications plan.

    ITS ran a one-day ITSM “business simulation” for the CIO and direct reports, increasing executive buy-in.

    The business simulation was incredibly effective as a way of getting management buy-in – it really showed what we are driving at. It’s a way of making it real, bringing people on board. ” – John Ireland, Director of Customer Service

    Detailed use cases were envisioned referencing particular ITIL processes as the backbone of the process framework.

    The use cases were very helpful, they were used […] in getting a broad engagement from teams across our department and getting buy-in from the distributed IT staff who we work with across the wider University. ” – John Ireland, Director of Customer Service

    The Oxford ITS SDCP blog was accessible to everyone.

    • Oxford’s SDCP blog acted as a project touchstone not only to communicate updates quickly, but also to collect feedback, enable collaboration, and set a project tone.
    • An informal tone and accessible format facilitated the difficult cultural shifts required of the consolidation effort.

    We in the project team would love to hear your view on this project and service management in general, so please feel free to comment on this blog post, contact us using the project email address […] or, for further information visit the project SharePoint site […] ” – Oxford ITS SDCP blog post

    Plan for targeted and timely communications to all stakeholders

    Develop a plan to keep all affected stakeholders informed about the changes consolidation will bring, and more importantly, how they will affect them.

    All stakeholders must be kept informed of the project plan and status as the consolidation progresses.
    • Management requires frequent communication with the core project group to evaluate the success of the project in meeting its goals.
    • End users should be informed about changes that are happening and how these changes will affect them.

    A communications plan should address three elements:

    1. The audience and their communication needs
    2. The most effective means of communicating with this audience
    3. Who should deliver the message

    Goals of communication:

    1. Create awareness and understanding of the consolidation and what it means for each role, department, or user group
    2. Gain commitment to the change from all stakeholders
    3. Reduce and address any concerns about the consolidation and be transparent in responding to any questions
    4. Communicate potential risks and mitigation plan
    5. Set expectations for service levels throughout and after the consolidation

    Plan the method of delivery for your communications carefully

    Plan the message, test it with a small audience, then deliver to your employees and stakeholders in person to avoid message avoidance or confusion.

    Message Format

    Email and Newsletters

    Email and newsletters are convenient and can be transmitted to large audiences easily, but most users are inundated with email already and may not notice or read the message.

    • Use email to make large announcements or invite people to meetings but not as the sole medium of communication.

    Face-to-Face Communication

    Face-to-face communication helps to ensure that users are receiving and understanding a clear message, and allows them to voice their concerns and clarify any confusion or questions.

    • Use one-on-ones for key stakeholders and team meetings for groups.

    Internal Website/Drive

    Internal sites help sustain change by making knowledge available after the consolidation, but won’t be retained beforehand.

    • Use for storing policies, how-to-guides, and SOPs.
    Message Delivery
    1. Plan your message
      1. Emphasize what the audience really needs to know, that is, how the change will impact them.
    2. Test your message
      1. Run focus groups or test your communications with a small audience (2-3 people) first to get feedback and adjust messages before delivering them more broadly.
    3. Deliver and repeat your message
      1. “Tell them what you’re going to tell them, then tell them, then tell them what you told them.”
    4. Gather feedback and evaluate communications
      1. Evaluate the effectiveness of the communications (through surveys, focus groups, stakeholder interviews, or metrics) to ensure the message was delivered and received successfully and communication goals were met.

    Address the specific concerns of the business vs. employees

    Focus on alleviating concerns from both sides of the communication equation: the business units and employees.

    Business units:

    Be attentive to the concerns of business unit management about loss of power. Appease worries about the potential risk of reduced service quality and support responsiveness that may have been experienced in prior corporate consolidation efforts.

    Make the value of the consolidation clear, and involve business unit management in the organizational change process.

    Focus on producing a customer-focused consolidated service desk. It will assuage fears over the loss of control and influence. Business units may be relinquishing control of their service desk, but they should retain the same level of influence.

    Employees:

    Employees are often fearful of the impact of a consolidation on their jobs. These fears should be addressed and alleviated as soon as possible.

    Design a communication plan outlining the changes and the reasons motivating it.

    Put support programs in place for displaced and surviving employees.

    Motivate employees during the transition and increase employee involvement in the change.

    Educate and train employees who make the transition to the new structure and new job demands.

    Info-Tech Insight

    Know your audience. Be wary of using technical jargon or acronyms that may seem like common knowledge within your department but would not be part of the vocabulary of non-technical audiences. Ensure your communications are suitable for the audience. If you need to use jargon or acronyms, explain what you mean.

    Build the communications delivery plan

    3.2.1 Develop a plan to deliver targeted messages to key stakeholder groups

    Participants
    • CIO or IT Director
    • Project Manager
    • Service Desk Manager(s)
    What You'll Need
    • Communications plan template
    • Whiteboard and markers
    Document

    Document your decisions in the communications plan template

    1. Define the goals of the communications in section 1 of the Service Desk Consolidation Communications and Training Plan Template.
    2. Determine when communication milestones/activities need to be delivered by completing the Communications Schedule in section 2.
    3. Determine the key stakeholder groups or audiences to whom you will need to deliver communications.
    4. Identify the content of the key messages that need to be delivered and select the most appropriate delivery method for each (i.e. email, team meeting, individual meetings). Designate who will be responsible for delivering the messages.
    5. Document a plan for gathering feedback and evaluating the effectiveness of the communications in section 5 (i.e. stakeholder interviews and surveys).

    Section 4 of the communications plan on objections and question handling will be completed in activity 3.2.2.

    Optional Activity

    If you completed the Stakeholder Engagement Workbook in step 1.1, you may also complete the Communications tab in that workbook to further develop your plan to engage stakeholders.

    Effectively manage the consolidation by implementing change management processes

    Implement change management processes to ensure that the consolidation runs smoothly with limited impact on IT infrastructure.

    Communicate and track changes: Identify and communicate changes to all stakeholders affected by the change to ensure they are aware of any downtime and can plan their own activities accordingly.

    Isolate testing: Test changes within a safe non-production environment to eliminate the risk of system outages that result from defects discovered during testing.

    Document back-out plans: Documented back-out/backup plans enable quick recovery in the event that the change fails.

    The image is a horizontal bar graph, titled Unplanned downtime due to change versus change management maturity. The graph shows that for a Change Management Maturity that is Informal, the % Experiencing Unplanned Downtime due to Failed Change is 41%; for Defined, it is 25%; and for Optimized, it is 19%.

    Organizations that have more mature and defined change management processes experience less unplanned downtime when implementing change across the organization.

    Sustain changes by adapting people, processes, and technologies to accept the transition

    Verify that people, process, and technologies are prepared for the consolidation before going live with the transition.

    What?

    1. Adapt people to the change

    • Add/change roles and responsibilities.
    • Move people to different roles/teams.
    • Change compensation and incentive structures to reinforce new goals, if applicable.

    2. Adapt processes to the change

    • Add/change supporting processes.
    • Eliminate or consolidate legacy processes.
    • Add/change standard operating procedures.

    3. Adapt technologies to the change

    • Add/change/update supporting technologies.
    • Eliminate or consolidate legacy technologies
    How? Work with HR on any changes involving job design, personnel changes, or compensation. Work with enterprise architects or business analysts to manage significant changes to processes that may impact the business and service levels.

    See Info-Tech’s Optimize the Change Management Processblueprint to use a disciplined change control process for technology changes.

    Info-Tech Insight

    Organizational change management (OCM) is widely recognized as a key component of project success, yet many organizations struggle to get adoption for new tools, policies, and procedures. Use Info-Tech’s blueprint on driving organizational change to develop a strategy and toolkit to achieve project success.

    Manage people by addressing their specific concerns based on their attitude toward change

    Avoid high turnover and resistance to change by engaging both the enthusiasts and the skeptics with targeted messaging.

    • Clearly articulate and strongly champion the changes that will result from the consolidation for those willing to adapt to the change.
    • Make change management practices integral to the entire project.
    • Provide training workshops on new processes, new goals or metrics, new technologies and tools, and teamwork as early as possible after consolidation.
    1. Enthusiasts - Empower them to stay motivated and promote the change
    2. Fence-Sitters/Indifferent - Continually motivate them by example but give them time to adapt to the change
    3. Skeptics - Engage them early and address their concerns and doubts to convert them to enthusiasts
    4. Saboteurs - Prevent them from spreading dissent and rumors, thus undermining the project, by counteracting negative claims early

    Leverage the Stakeholder Engagement Workbook from step 1.1 as well as Info-Tech’s blueprint on driving organizational change for more tactics on change management, particularly managing and engaging various personas.

    Prepare ahead of time for questions that various stakeholder groups may have

    Anticipate questions that will arise about the consolidation so you can prepare and distribute responses to frequently asked questions. Sample questions from various stakeholders are provided below.

    General
    1. Why is the organization moving to a consolidated service desk?
    2. Where is the consolidated service desk going to be located?
    3. Are all or only some service desks consolidating?
    4. When is the consolidation happening?
    5. What are the anticipated benefits of consolidation?

    Business

    1. What is the budget for the project?
    2. What are the anticipated cost savings and return on investment?
    3. When will the proposed savings be realized?
    4. Will there be job losses from the consolidation and when will these occur?
    5. Will the organization subsidize moving costs?

    Employees

    1. Will my job function be changing?
    2. Will my job location be changing?
    3. What will happen if I can’t relocate?
    4. Will my pay and benefits be the same?
    5. Will reporting relationships change?
    6. Will performance expectations and metrics change?

    End Users

    1. How do I get help with IT issues?
    2. How do I submit a ticket?
    3. How will I be notified of ticket status, outages?
    4. Where will the physical service desk be located?
    5. Will I be able to get help in my language?
    6. Will there be changes for levels of service?

    Brainstorm likely objections/questions to prepare responses

    3.2.2 Prepare responses to likely questions to ensure consistent messaging

    Participants
    • IT Director
    • Project Manager
    • Service Desk Manager(s)
    • Service Desk Agents
    Document

    Document your questions and responses in section 4 of the communications plan template. This should be continually updated.

    1. Brainstorm anticipated objections and questions you may hear from various stakeholder groups: service desk employees, end users, and management or executives.
    2. For each objection or question, prepare a response that will be delivered to ensure consistent messaging. Use a table like the example below.
    Group Objection/Question Response
    Service desk staff I’m comfortable with the service desk tool we’ve been using here and won’t know how to use the new one. We carefully evaluated the new solution against our requirements and selected it as the one that will provide the best service to our users and be user friendly. We tested the solution through user-acceptance testing to ensure staff will be comfortable using it, and we will provide comprehensive training to all users of the tool before launching it.
    End user I’m used to going to my favorite technician for help. How will I get service now? We are initiating a single point of contact so that you will know exactly where to go to get help quickly and easily, so that we can more quickly escalate your issue to the appropriate technician, and so that we can resolve it and notify you as soon as possible. This will make our service more effective and efficient than you having to find one individual who may be tied up with other work or unavailable.

    Keep the following in mind when formulating your responses:

    • Lead with the benefits
    • Be transparent and honest
    • Avoid acronyms, jargon, and technical terms
    • Appeal to both emotion and reason
    • Be concise and straightforward
    • Don’t be afraid to be repetitive; people need repetition to remember the message
    • Use concrete facts and images wherever possible

    Complete the Service Desk Consolidation News Bulletin & FAQ Template to distribute to your end users

    Customize the template or use as a guide to develop your own

    The Service Desk Consolidation News Bulletin & FAQ Template is intended to be an example that you can follow or modify for your own organization. It provides a summary of how the consolidation project will change how end users interact with the service desk.

    1. What the change means to end users
    2. When they should contact the service desk (examples)
    3. How to contact the service desk (include all means of contact and ticket submission)
    4. Answers to questions they may have
    5. Links to more information

    The bulletin is targeted for mass distribution to end users. A similar letter may be developed for service desk staff, though face-to-face communication is recommended.

    Instructions:

    1. Use the template as a guide to develop your own FAQ news bulletin and adjust any sections or wording as you see fit.
    2. You may wish to develop separate letters for each location, referring more specifically to their location and where the new service desk will be located.
    3. Save the file as a PDF for print or email distribution at the time determined in your communications plan.

    Keeping people a priority throughout the project ensured success

    CASE STUDY

    Industry: Higher Education

    Source: Oxford University, IT Services

    Oxford’s new consolidated service desk went live April 20, 2015.

    They moved from 3 distinct tools and 5 disparate help desks to a single service desk with one robust ITSM solution, all grounded by a unified set of processes and an integrated workflow.

    The success of this project hinged upon:

    • A bold vision, formulated early and in collaboration with all stakeholders.
    • Willingness to take time to understand the unique perspective of each role and help desk, then carefully studying existing processes and workflows to build upon what works.
    • Constant collaboration, communication, and the desire to listen to feedback from all interested parties.

    "We have had a few teething issues to deal with, but overall this has been a very smooth transition given the scale of it." – ICTF Trinity Term 2015 IT Services Report

    Beyond the initial consolidation.
    • Over the summer of 2015, ITS moved to full 24/7 support coverage.
    • Oxford’s ongoing proposition with regard to support services is to extend the new consolidated service desk beyond its current IT role:
      • Academic Admissions
      • Case Management
      • IT Purchasing
    • To gradually integrate those IT departments/colleges/faculties that remain independent at the present time.
    • Info-Tech can facilitate these goals in your organization with our research blueprint, Extend the Service Desk to Enterprise.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    3.1.1 Break the consolidation project down into a series of specific initiatives

    Create a list of specific tasks that will form the consolidation project on sticky notes and organize into people, process, technology, and other categories to inform the roadmap.

    3.2.2 Brainstorm likely objections/questions to prepare responses

    Brainstorm anticipated questions and objections that will arise from various stakeholder groups and prepare consistent responses to each.

    Related Info-Tech research

    Standardize the Service Desk - Provide timely and effective responses to user requests and resolutions of all incidents.

    Extend the Service Desk to the Enterprise - Position IT as an innovator.

    Build a Continual Improvement Plan for the Service Desk - Teach your old service desk new tricks.

    Adopt Lean IT to Streamline the Service Desk - Turn your service desk into a Lean, keen, value-creating machine.

    Vendor Landscape: Enterprise Service Desk Software - Move past tickets to proactive, integrated service.

    Vendor Landscape: Mid-Market Service Desk Software - Ensure the productivity of the help desk with the right platform.

    Build an ITSM Tool Implementation Plan - Nail your ITSM tool implementation from the outset.

    Drive Organizational Change from the PMO - Don’t let bad change happen to good projects.

    Research contributors and experts

    Stacey Keener - IT Manager for the Human Health and Performance Directorate, Johnson Space Center, NASA

    Umar Reed - Director of IT Support Services US Denton US LLP

    Maurice Pryce - IT Manager City of Roswell, Georgia

    Ian Goodhart - Senior Business Analyst Allegis Group

    Gerry Veugelaers - Service Delivery Manager New Zealand Defence Force

    Alisa Salley Rogers - Senior Service Desk Analyst HCA IT&S Central/West Texas Division

    Eddie Vidal - IS Service Desk Managers University of Miami

    John Conklin - Chief Information Officer Helen of Troy LP

    Russ Coles - Senior Manager, Computer Applications York Region District Schoolboard

    John Seddon - Principal Vanguard Consulting

    Ryan van Biljon - Director, Technical Services Samanage

    Rear Admiral Robert E. Day Jr. (ret.) - Chief Information Officer United States Coast Guard

    George Bartha - Manager of Information Technology Unifrax

    Peter Hubbard - IT Service Management Consultant Pink Elephant

    Andre Gaudreau - Manager of School Technology Operations York Region District School Board

    Craig Nekola - Manager, Information Technology Anoka County

    Bibliography and Further Reading

    Hoen, Jim. “The Single Point of Contact: Driving Support Process Improvements with a Consolidated IT Help-Desk Approach.” TechTeam Global Inc. September 2005.

    Hubbard, Peter. “Leading University embarks on IT transformation programme to deliver improved levels of service excellence.” Pink Elephant. http://pinkelephant.co.uk/about/case-studies/service-management-case-study/

    IBM Global Services. “Service Desk: Consolidation, Relocation, Status Quo.” IBM. June 2005.

    Keener, Stacey. “Help Desks: a Problem of Astronomical Proportions.” Government CIO Magazine. 1 February 2015.

    McKaughan, Jeff. “Efficiency Driver.” U.S. Coast Guard Forum Jul. 2013. Web. http://www.intergraphgovsolutions.com/documents/CoastGuardForumJuly2013.pdf

    Numara Footprints. “The Top 10 Reasons for Implementing a Consolidated Service Desk.” Numara Software.

    Roy, Gerry, and Frederieke Winkler Prins. “How to Improve Service Quality through Service Desk Consolidation.” BMC Software.

    Smith, Andrew. “The Consolidated Service Desk – An Achievable Goal?” The Service Desk Institute.

    Wolfe, Brandon. “Is it Time for IT Service Desk Consolidation?” Samanage. 4 August 2015.

    Master the Secrets of Adobe’s Creative Cloud Contracts to Right-Size Your Adobe Spend

    • Buy Link or Shortcode: {j2store}139|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $63,667 Average $ Saved
    • member rating average days saved: 110 Average Days Saved
    • Parent Category Name: Licensing
    • Parent Category Link: /licensing
    • Adobe operates in its own niche in the creative space, and Adobe users have grown accustomed to their products, making switching very difficult.
    • With Adobe’s transition to a cloud-based subscription model, it’s important for organizations to actively manage licenses, software provisioning, and consumption.
    • Without a detailed understanding of Adobe’s various purchasing models, overspending often occurs.
    • Organizations have experienced issues in identifying commercial licensed packages with their install files, making it difficult to track and assign licenses.

    Our Advice

    Critical Insight

    • Focus on user needs first. Examine which products are truly needed versus nice to have to prevent overspending on the Creative Cloud suite.
    • Examine what has been deployed. Knowing what has been deployed and what is being used will greatly aid in completing your true-up.
    • Compliance is not automatic with products that are in the cloud. Shared logins or computers that have desktop installs that can be access by multiple users can cause noncompliance.

    Impact and Result

    • Visibility into license deployments and needs
    • Compliance with internal audits

    Master the Secrets of Adobe’s Creative Cloud Contracts to Right-Size Your Adobe Spend Research & Tools

    Start here – read the Executive Brief

    Procuring Adobe software is not the same game as it was just a few years ago. Adopt a comprehensive approach to understanding Adobe licensing to avoid overspending and to maximize negotiation leverage.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Manage your Adobe agreements

    Use Info-Tech’s licensing best practices to avoid overspending on Adobe licensing and to remain compliant in case of audit.

    • Adobe ETLA vs. VIP Pricing Table
    • Adobe ETLA Forecasted Costs and Benefits
    • Adobe ETLA Deployment Forecast
    [infographic]

    Further reading

    Master the Secrets of Adobe’s Creative Cloud Contracts to Right-Size Your Adobe Spend

    Learn the essential steps to avoid overspending and to maximize negotiation leverage with Adobe.

    ANALYST PERSPECTIVE

    Only 18% of Adobe licenses are genuine copies: are yours?

    "Adobe has designed and executed the most comprehensive evolution to the subscription model of pre-cloud software publishers with Creative Cloud. Adobe's release of Document Cloud (replacement for the Acrobat series of software) is the final nail in the coffin for legacy licensing for Adobe. Technology procurement functions have run out of time in which to act while they still retain leverage, with the exception of some late adopter organizations that were able to run on legacy versions (e.g. CS6) for the past five years. Procuring Adobe software is not the same game as it was just a few years ago. Adopt a comprehensive approach to understanding Adobe licensing, contract, and delivery models in order to accurately forecast your software needs, transact against the optimal purchase plan, and maximize negotiation leverage. "

    Scott Bickley

    Research Lead, Vendor Practice

    Info-Tech Research Group

    Our understanding of the problem

    This Research is Designed For:

    • IT managers scoping their Adobe licensing requirements and compliance position.
    • CIOs, CTOs, CPOs, and IT directors negotiating licensing agreements in search of cost savings.
    • ITAM/Software asset managers responsible for tracking and managing Adobe licensing.
    • IT and business leaders seeking to better understand Adobe licensing options (Creative Cloud).
    • Vendor management offices in the process of a contract renewal.

    This Research Will Help You:

    • Understand and simplify licensing per product to help optimize spend.
    • Ensure agreement type is aligned to needs.
    • Navigate the purchase process to negotiate from a position of strength.
    • Manage licenses more effectively to avoid compliance issues, audits, and unnecessary purchases.

    This Research Will Also Assist:

    • CFOs and the finance department
    • Enterprise architects
    • ITAM/SAM team
    • Network and IT architects
    • Legal
    • Procurement and sourcing

    This Research Will Help Them:

    • Understand licensing methods in order to make educated and informed decisions.
    • Understand the future of the cloud in your Adobe licensing roadmap.

    Executive summary

    Situation

    • Adobe’s dominant market position and ownership of the creative software market is forcing customers to refocus the software acquisition process to ensure a positive ROI on every license.
    • In early 2017, Adobe announced it would stop selling perpetual Creative Suite 6 products, forcing future purchases to be transitioned to the cloud.

    Complication

    • Adobe operates in its own niche in the creative space, and Adobe users have grown accustomed to their products, making switching very difficult.
    • With transition to a cloud-based subscription model, organizations need to actively manage licenses, software provisioning, and consumption.
    • Without a detailed understanding of Adobe’s various purchasing models, overspending often occurs.
    • Organizations have experienced issues in identifying commercial licensed packages with their install files, making it difficult to track and assign licenses.

    Resolution

    • Gain visibility into license deployments and needs with a strong SAM program/tool; this will go a long way toward optimizing spend.
      • Number of users versus number of installs are not the same, and confusing the two can result in overspending. Device-based licensing historically would have required two licenses, but now only one may be required.
    • Ensure compliance with internal audits. Adobe has a very high rate of piracy stemming from issues such as license overuse, misunderstanding of contract language, using cracks/keygens, virtualized environments, indirect access, and sharing of accounts.
    • A handful of products are still sold as perpetual – Acrobat Standard/Pro, Captivate, ColdFusion, Photoshop, and Premiere Elements – but be aware of what is being purchased and used in the organization.
      • Beware of products deployed on server, where the number of users accessing that product cannot easily be counted.

    Info-Tech Insight

    1. Your user-need analysis has shifted in the new subscription-based model. Determine which products are needed versus nice to have to prevent overspending on the Creative Cloud suite.
    2. Examine what you need, not what you have. You can no longer mix and match applications.
    3. Compliance is not automatic with products that are in the cloud. Shared logins or computers with desktop installs that can be accessed by multiple users can cause noncompliance.

    The aim of this blueprint is to provide a foundational understanding of Adobe

    Why Adobe

    In 2011 Adobe took the strategic but radical move toward converting its legacy on-premises licensing to a cloud-based subscription model, in spite of material pushback from its customer base. While revenues initially dipped, Adobe’s resolve paid off; the transition is mostly complete and revenues have doubled. This was the first enterprise software offering to effect the transition to the cloud in a holistic manner. It now serves as a case study for those following suit, such as Microsoft, Autodesk, and Oracle.

    What to know

    Adobe elected to make this market pivot in a dramatic fashion, foregoing a gradual transition process. Enterprise clients were temporarily allowed to survive on legacy on-premises editions of Adobe software; however, as the Adobe Creative Cloud functionality was quickly enhanced and new applications were launched, customer capitulation to the new subscription model was assured.

    The Future

    Adobe is now leveraging the power of connected customers, the availability of massive data streams, and the ongoing digitalization trend globally to supplement the core Creative Cloud products with online services and analytics in the areas of Creative Cloud for content, Marketing Cloud for marketers, and Document Cloud for document management and workflows. This blueprint focuses on Adobe's Creative Cloud and Document Cloud solutions and the enterprise term license agreement (ETLA).

    Info-Tech Insight

    Beware of your contract being auto-renewed and getting locked into the quantities and product subset that you have in your current agreement. Determining the number of licenses you need is critical. If you overestimate, you're locked in for three years. If you underestimate, you have to pay a big premium in the true-up process.

    Learn the “Adobe way,” whether you are reviewing existing spend or considering the purchase of new products

    1. Legacy on-premises Adobe Creative Suite products used to be available in multiple package configurations, enabling right-sized spend with functionality. Adobe’s support for legacy Creative Suites CS6 products ended in May 2017.
    2. While early ETLAs allowed customer application packaging at a lower price than the full Creative Cloud suite, this practice has been discontinued. Now, the only purchasing options are the full suite or single-application subscriptions.
    3. Buyers must now assess alternative Adobe products as an option for non-power users. For example, QuarkXPress, Corel PaintShop Pro, CorelDRAW, Bloom, and Affinity Designer are possible replacements for some Creative Cloud applications.
    4. Document Cloud, Adobe’s latest step in creating an Acrobat-focused subscription model, limits the ability to reduce costs with an extended upgrade cycle. These changes go beyond the licensing model.
    5. Organizations need to perform a cost-benefit analysis of single app purchases vs. the full suite to right-size spend with functionality.

    As Adobe’s dominance continues to grow, organizations must find new ways to maintain a value-added relationship

    Adobe estimates the total addressable market for creative and document cloud to be $21 billion. With no sign of growth slowing down, Adobe customers must learn how to work within the current design monopoly.

    The image contains two pie graphs. The first is labelled FY2014 Revenue Mix, and the second graph is titled FY2017E Revenue Mix.

    Source: Adobe, 2017

    "Adobe is not only witnessing a steady increase in Creative Cloud subscriptions, but it also gained more visibility into customers’ product usage, which enables it to consistently push out software updates relevant to user needs. The company also successfully transformed its sales organization to support the recurring revenue model."

    – Omid Razavi, Global Head of Success, ServiceNow

    Consider your route forward

    Consider your route forward, as ETLA contract commitments, scope, and mechanisms differ in structure to the perpetual models previously utilized. The new model shortchanges technology procurement leaders in their expectations of cost-usage alignment and opex flexibility (White, 2016).

    ☑ Implement a user profile to assign licenses by version and limit expenditures. Alternatives can include existing legacy perpetual and Acrobat classic versions that may already be owned by the organization.

    ☑ Examine the suitability and/or dependency on Document Cloud functions, such as existing business workflows and e-signature integration.

    ☑ Involve stakeholders in the evaluation of alternate products for use cases where dependency on Acrobat-specific functionality is limited.

    ☑ Identify not just the installs and active use of the applications but also the depth and breadth of use across the various features so that the appropriate products can be selected.

    The image contains a screenshot of a diagram listing the adobe toolkit. The toolkit includes: Adobe ETLA Deployment Forecast Tool, Adobe ETLA Forecasted Cost and Benefits, Adobe ETLA vs. VIP Pricing Table.

    Use Info-Tech’s Adobe toolkit to prepare for your new purchases or contract renewal

    Info-Tech Insight

    IT asset management (ITAM) and software asset management (SAM) are critical! An error made in a true-up can cost the organization for the remaining years of the ETLA. Info-Tech worked with one client that incurred a $600k error in the true-up that they were not able to recoup from Adobe.

    Apply licensing best practices and examine the potential for cost savings through an unbiased third-party perspective

    Establish Licensing Requirements

    • Understand Adobe’s product landscape and transition to cloud.
    • Analyze users and match to correct Adobe SKU.
    • Conduct an internal software assessment.
    • Build an effective licensing position.

    Evaluate Licensing Options

    • Value Incentive Plan (VIP)
    • Cumulative Licensing Program (CLP)
    • Transactional Licensing Program (TLP)
    • Enterprise Term License Agreement (ETLA)

    Evaluate Agreement Options

    • Price
    • Discounts
    • Price protection
    • Terms and conditions

    Purchase and Manage Licenses

    • Learn negotiation tactics to enhance your current strategy.
    • Control the flow of communication.
    • Assign the right people to manage the environment.

    Preventive practices can help find measured value ($)

    Time and resource disruption to business if audited

    Lost estimated synergies in M&A

    Cost of new licensing

    Cost of software audit, penalties, and back support

    Lost resource allocation and time

    Third party, legal/SAM partners

    Cost of poor negotiation tactics

    Lost discount percentage

    Terms and conditions improved

    Explore Adobe licensing and optimize spend – project overview

    Establish Licensing Requirements

    Evaluate Licensing Options

    Evaluate Agreement Options

    Purchase and Manage Licenses

    Best-Practice Toolkit

    • Assess current state and align goals; review business feedback.
    • Interview key stakeholders to define business objectives and drivers.
    • Review licensing options.
    • Review licensing rules.
    • Determine the ideal contract type.
    • Review final contract.
    • Discuss negotiation points.
    • License management.
    • Future licensing strategy.

    Guided Implementations

    • Engage in a scoping call.
    • Assess the current state.
    • Determine licensing position.
    • Review product options.
    • Review licensing rules.
    • Review contract option types.
    • Determine negotiation points.
    • Finalize the contract.
    • Discuss license management.
    • Evaluate and develop a roadmap for future licensing.

    PHASE 1

    Manage Your Adobe Agreements

    Phase 1 outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 1: Managing Adobe Contracts

    Proposed Time to Completion: 3-6 weeks

    Step 1.1: Establish Licensing Requirements

    Start with a kick-off call:

    • Assess the current state.
    • Determine licensing position.

    Then complete these activities…

    • Complete a deployment count, needs analysis, and internal audit.

    With these tools & templates:

    Adobe ETLA Deployment Forecast

    Step 1.2: Determine Licensing Options

    Review findings with analyst:

    • Review licensing options.
    • Review licensing rules.
    • Review contract option types.

    Then complete these activities…

    • Select licensing option.
    • Document forecasted costs and benefits.

    With these tools & templates:

    Adobe ETLA vs. VIP Pricing Table

    Adobe ETLA Forecasted Costs and Benefits

    Step 1.3: Purchase and Manage Licenses

    Review findings with analyst:

    • Review final contract.
    • Discuss negotiation points.
    • Plan a roadmap for SAM.

    Then complete these activities…

    • Negotiate final contract.
    • Evaluate and develop a roadmap for SAM.

    With these tools & templates:

    Adobe ETLA Deployment Forecast

    Adobe’s Cloud – Snapshot of what has changed

    1. Since Adobe has limited the procurement and licensing options with the introduction of Creative Cloud, there are three main choices:
      1. Direct online purchase at Adobe.com
      2. Value Incentive Plan (VIP): Creative Cloud for teams–based purchase with a volume discount (minimal, usually ~10%); may have some incentives or promotional pricing
      3. Enterprise Term License Agreement (ETLA): Creative Cloud for Enterprise (CCE)
    2. Adobe has discontinued support for legacy perpetual licenses, with the latest version being CS6, which is steering organizations to prioritize their options for products in the creative and document management space.
    3. Document Cloud (DC) is the cloud product replacing the Acrobat perpetual licensing model. DC extends the subscription-based model further and limits options to extend the lifespan of legacy on-premises licenses through a protracted upgrade process.
    4. The subscription model, coupled with limited discount options on transactional purchases, forces enterprises to consider the ETLA option. The ETLA brings with it unique term commitments, new pricing structures, and true-up mechanisms and inserts the "land and expand" model vs. license reassignment.

    Info-Tech Insight

    Adobe’s move from a perpetual license to a per-user subscription model can be positive in some scenarios for organizations that experienced challenges with deployment, management of named users vs. devices, and license tracking.

    Core concepts of Adobe agreements: Discounting, pricing, and bundling

    ETLA

    Adobe has been systematically reducing discounts on ETLAs as they enter the second renewal cycle of the original three-year terms.

    Adobe Cloud Bundling

    Adobe cloud services are being bundled with ETLAs with a mandate that companies that do not accept the services at the proposed cost have Adobe management’s approval to unbundle the deal, generally with no price relief.

    Custom Bundling

    The option for custom bundling of legacy Creative Suite component applications has been removed, effectively raising the price across the board for licensees that require more than two Adobe applications who must now purchase the full Creative Cloud suite.

    Higher and Public Education

    Higher education/public education agreements have been revamped over the past couple of years, increasing prices for campus-wide agreements by double-digit percentages (~10-30%+). While they still receive an 80% discount over list price, IT departments in this industry are not prepared to absorb the budget increase.

    Info-Tech Insight

    Adobe has moved to an all-or-one bundle model. If you need more than two application products, you will likely need to purchase the full Creative Cloud suite. Therefore, it is important to focus on creating accurate user profiles to identify usage needs.

    Use Info-Tech’s Adobe deployment tool for SAM: Track deployment and needs

    The image contains a screenshot of Info-Tech's Adobe deployment tool for SAM: Track deployment and needs.

    Use Info-Tech’s Adobe deployment tool for SAM: Audit

    The image contains a screenshot of the Adobe Deployment Tool for SAM, specifically the Audit tab.

    Use Info-Tech’s Adobe deployment tool for SAM: Cost

    The image contains a screenshot of the Adobe Deployment Tool for SAM, specifically the Cost tab.

    Use Info-Tech’s tools to compare ETLA vs. VIP and to document forecasted costs and benefits

    Is the ETLA or VIP option better for your organization?

    Use Info-Tech’s Adobe ETLA vs. VIP Pricing Table tool to compare ETLA costs against VIP costs.

    The image contains a screenshot of Info-Tech's Adobe ETLA vs. VIP Pricing Table.

    Your ETLA contains multiple products and is a multi-year agreement.

    Use Info-Tech’s ETLA Forecasted Costs and Benefits tool to forecast your ETLA costs and document benefits.

    The image contains a screenshot of Info-Tech's ETLA Forecasted Costs and Benefits.

    Adobe’s Creative Cloud Complete offering provides access to all Adobe creative products and ongoing upgrades

    Why subscription model?

    The subscription model forces customers to an annuity-based pricing model, so Adobe has recurring revenue from a subscription-based product. This increases customer lifetime value (CLTV) for Adobe while providing ongoing functionality updates that are not version/edition dependent.

    Key Characteristics:

    • Available as a month-to-month or annual subscription license
    • Can be purchased for one user, for a team, or for an enterprise
    • Subject to annual payment and true-up of license fees
    • Can only true-up during lifespan of contract; quantities cannot be reduced until renewal
    • May contain auto-renewal clauses – beware!

    Key things to know:

    1. Applications can be purchased individually if users require only one specific product. A few products continue to have on-premises licensing options, but most are offered by per-user subscriptions.
    2. At the end of the subscription period, the organization no longer has any rights to the software and would have to return to a previously owned version.
    3. True-downs are not possible (in contrast to Microsoft’s Office 365).
    4. Downgrade rights are not included or are limited by default.

    Which products are in the Creative Cloud bundle?

    Adobe Acrobat® XI Pro

    Adobe After Effects® CC

    Adobe Audition® CC

    Adobe Digital Publishing Suite, Single Edition

    Adobe InDesign® CC

    Adobe Dreamweaver® CC

    Adobe Edge Animate

    Adobe Edge Code preview

    Adobe Edge Inspect

    Adobe Photoshop CC

    Adobe Edge Reflow preview

    Adobe Edge Web Fonts

    Adobe Extension Manager

    ExtendScript Toolkit

    Adobe Fireworks® CS6

    Adobe Flash® Builder® 4.7 Premium Edition

    Adobe Flash Professional CC

    Adobe Illustrator® CC

    Adobe Prelude® CC

    Adobe Premiere® Pro CC

    Adobe Scout

    Adobe SpeedGrade® CC

    Adobe Muse CC

    Adobe Photoshop Lightroom 6

    Adobe offers different solutions for teams vs. enterprise licensing

    Evaluate the various options for Creative Cloud, as they can be purchased individually, for teams, or for enterprise.

    Bundle Name

    Target Customer

    Included Applications

    Features

    CC (for Individuals)

    Individual users

    The individual chooses

    • Sync, store, and share assets
    • Adobe Portfolio website
    • Adobe Typekit font collection
    • Microsoft Teams integration
    • Can only be purchased through credit card

    CC for Teams (CCT)

    Small to midsize organizations with a small number of Adobe users who are all within the same team

    Depends on your team’s requirements. You can select all applications or specific applications.

    Everything that CC (for individuals) does, plus

    • One license per user; can reassign CC licenses
    • Web-based admin console
    • Centralized deployment
    • Usage tracking and reporting
    • 100GB of storage per user
    • Volume discounts for 10+ seats

    CC for Enterprise (CCE)

    Large organizations with users who regularly use multiple Adobe products on multiple machines

    All applications including Adobe Stock for images and Adobe Enterprise Dashboard for managing user accounts

    Everything that CCT does, plus

    • Employees can activate a second copy of software on another device (e.g. home computer) as long as they share the same Adobe ID and are not used simultaneously
    • Ability to reassign licenses from old users to new users
    • Custom storage options
    • Greater integration with other Adobe products
    • Larger volume discounts with more seats

    For further information on specific functionality differences, reference Adobe’s comparison table.

    A Cloud-ish solution: Considerations and implications for IT organizations

    ☑ True cloud products are typically service-based, scalable and elastic, shared resources, have usage metering, and rely upon internet technologies. Currently, Adobe’s Creative Cloud and Document Cloud products lack these characteristics. In fact, the core products are still downloaded and physically installed on endpoint devices, then anchored to the cloud provisioning system, where the software can be automatically updated and continuously verified for compliance by ensuring the subscription is active.

    ☑ Adobe Cloud allows Adobe to increase end-user productivity by releasing new features and products to market faster, but the customer will increase lock-in to the Adobe product suite. The fast-release approach poses a different challenge for IT departments, as they must prepare to test and support new functionality and ensure compatibility with endpoint devices.

    ☑ There are options at the enterprise level that enable IT to exert more granular control over new feature releases, but these are tied to the ETLA and the provided enterprise portal and are not available on other subscription plans. This is another mechanism by which Adobe has been able to spur ETLA adoption.

    Not all CIOs consider SaaS/subscription applications their first choice, but the Adobe’s dominant position in the content and document management marketplace is forcing the shift regardless. It is significant that Adobe bypassed the typical hybrid transition model by effectively disrupting the ability to continue with perpetual licensing without falling behind the functionality curve.

    VIP plans do allow for annual terms and payment, but you lose the price elasticity that comes with multi-year terms.

    Download Info-Tech’s Adobe ETLA vs. VIP Pricing Table tool to compare ETLA costs against VIP costs.

    When moving to Adobe cloud, validate that license requirements meet organizational needs, not a sales quota

    Follow these steps in your transition to Creative Cloud.

    Step 1: Make sure you have a software asset management (SAM) tool to determine Adobe installs and usage within your environment.

    Step 2: Look at the current Adobe install base and usage. We recommend reviewing three months’ worth of reliable usage data to decide which users should have which licenses going forward.

    Step 3: Understand the changes in Adobe packages for Creative Cloud (CC). Also, take into account that the license types are based on users, not devices.

    Step 4: Identify those users who only need a single license for a single application (e.g. Photoshop, InDesign, Muse).

    Step 5: Identify the users who require CC suites. Look at their usage of previous Adobe suites to get an idea of which CC suite they require. Did they have Design Suite Standard installed but only use one or two elements? This is a good way to ensure you do not overspend on Adobe licenses.

    Source: The ITAM Review

    Download Info-Tech’s Adobe ETLA Deployment Forecast tool to track Adobe installs within your environment and to determine usage needs.

    Acquiring Adobe Software

    Adobe offers four common licensing methods, which are reviewed in detail in the following slides.

    Most common purchasing models

    Points for consideration

    • Value Incentive Plan (VIP)
    • Cumulative Licensing Program (CLP)
    • Transactional Licensing Program (TLP)
    • Enterprise Term License Agreement (ETLA)
    • Adobe, as with many other large software providers, includes special benefits and rights when its products are purchased through volume licensing channels.
    • Businesses should typically refrain from purchasing individual OEM (shrink wrap) licenses or those meant for personal use.
    • Purchase record history is available online, making it easier for your organization to manage entitlements in the case of an audit.

    "Customers are not even obliged to manage all the licenses themselves. The reseller partners have access to the cloud console and can manage licenses on behalf of their customers. Even better, they can seize cross and upsell opportunities and provide good insight into the environment. Additionally, Adobe itself provides optimization services."

    B-lay

    CLP and TLP

    The CLP and TLP are transactional agreements generally used for the purchase of perpetual licenses. For example, they could be used for making Acrobat purchases if Creative Suite products are purchased on the ETLA.

    The image contains a screenshot of a table comparing CLP and TLP.

    Source: “Adobe Buying Programs Comparison Guide for Commercial and Government Organizations”

    VIP and ETLA

    The Value Incentive Plan is aimed at small- to medium-sized organizations with no minimum quantity required. However, there is limited flexibility to reduce licenses and limited price protection for future purchases. The ETLA is aimed at large organizations who wish to have new functionality as it comes out, license management portal, services, and security/IT control aspects.

    The image contains a screenshot of a table comparing VIP and ETLA.

    Source: “Adobe Buying Programs Comparison Guide for Commercial and Government Organizations”

    ETLA commitments risk creating “shelfware-as-a-service”

    The Adobe ETLA’s rigid contract parameters, true-up process, and unique deployment/provisioning mechanisms give technology/IT procurement leaders fewer options to maximize cost-usage alignment and to streamline opex costs.

    ☑ No ETLA price book is publicly published; pricing is controlled by the Adobe enterprise sales team.

    ☑ Adobe's retail pricing is a good starting point for negotiating discounted pricing.

    ☑ ETLA commitments are usually for three years, and the lack of a true-down option increases the risk involved in overbuying licenses should the organization encounter a business downturn or adverse event.

    ☑ Pricing discounts are the highest at the initial ETLA signing for the upfront volume commitment. The true-up pricing is discounted from retail but still higher than the signing cost per license.

    ☑ Technical support is included in the ETLA.

    ☑ While purchases typically go through value-added resellers (VARs), procurement can negotiate directly with Adobe.

    "For cloud products, it is less complex when it comes to purchasing and pricing. If larger quantities are purchased on a longer term, the discount may reach up to 15%. As soon as you enroll in the VIP program, you can control all your licenses from an ‘admin console’. Any updates or new functionalities are included in the original price. When the licenses expire, you may choose to renew your subscriptions or remove them. Partial renewal is also accepted. Of course, you can also re-negotiate your price if more subscriptions are added to your console."

    B-lay

    ETLA recommendations

    1. Assess the end-user requirements with a high degree of scrutiny. Perform an analysis that matches the licensee with the correct Adobe product SKU to reduce the risk of overspending.
    • Leverage metering data that identifies actual usage and lack thereof, match to user profile functional requirements, and then determine end users’ actual license requirements.
  • Build in time to evaluate alternative products where possible and position the organization to leverage a Plan B vendor to replace or mitigate growth on the Adobe platform. Re-evaluate options well in advance of the ETLA renewal.
  • Secure price protection through negotiating a price cap or an extended ETLA term beyond the standard three-year term. Short of obtaining an escalation cap, which Adobe is strongly resisting, build in price increases for the ETLA renewal years.
    • Demand price transparency and granularity in the proposal process.
    • Validate that volume discounts are appropriate and show through to the true-up line item pricing.
  • Negotiate a true-down mechanism upfront with Adobe if usage decline is inevitable or expected due to a merger or acquisition, divestiture, or material restructuring event.
  • INFO-TECH TIP: For further guidance on ETLAs and pricing, contact your Info-Tech representative to set up a call with an analyst.

    Use Info-Tech’s Adobe ETLA Deployment Forecast tool to match licensees with Adobe product SKUs.

    Prepare for Adobe’s true-up process

    How the true-up process works

    When adding a license, the true-up price will be prorated to 50% of the license cost for previous year’s usage plus 100% of the license cost for the next year. This back-charging adds up to 150% of the overall true-up license cost. In some rare cases, Adobe has provided an “unlimited” quantity for certain SKUs; these Unlimited ETLAs generally align with FTE counts and limit FTE increases to about 5%. Procurement must monitor and work with SAM/ITAM and stakeholder groups to restrain unnecessary growth during the term of an Unlimited ETLA to avoid the risk of cost escalation at renewal time.

    Higher-education specific

    Higher-education clients can license under the ETLA based on a prescribed number of user and classroom/lab devices and/or on a FTE basis. In these cases, the combination of Creative Cloud and Acrobat Pro volume must equal the FTE total, creating an enterprise footprint. FTE calculations establish the full-time faculty plus one-third of part-time faculty plus one-half of part-time staff.

    Info-Tech Insight

    Compliance takes a different form in terms of the ETLA true-up process. The completion of Adobe's transition to cloud-based licensing and verification has improved compliance rates via phone home telemetry such that pirated software is less available and more easily detected. Adobe has actually decommissioned its audit arm in the Americas and EMEA.

    Audits and software asset management with Adobe

    Watch out for:

    • Virtual desktops, freeware, and test and trial licenses
    • Adobe products that may be bundled into a suite; a manual check will be needed to ensure the suite isn’t recognized as a standalone license
    • Pirated licenses with a “crack” built into the software

    Simplify your process – from start to finish – with these steps:

    Determine License Entitlements

    Obtain documentation from internal records and Adobe to track licenses and upgrades to determine what licenses you own and have the right to use.

    Gather Deployment Information

    Leverage a software asset management tool or process to determine what software is deployed and what is/is not being used.

    Determine Effective License Position

    Compare license entitlements with deployment data to uncover surpluses and deficits in licensing. Look for opportunities.

    Plan Changes to License Position

    Meet with IT stakeholders to discuss the enterprise license program (ELP), short- and long-term project plans, and budget allocation. Plan and document licensing requirements.

    Adobe Genuine Software Integrity Service

    • This service was started in 2014 to combat non-genuine software sold by non-authorized resellers.
    • The service works hand in hand with the cloud movement to reduce piracy.
    • Every Adobe product now contains an executable file that will scan your machine for non-genuine software.
    • If non-genuine software is detected, the user will be notified and directed to the official Adobe website for next steps.

    Detailed list of Adobe licensing contract types

    The table below describes Adobe contract types beyond the four typical purchasing models explained in the previous slides:

    Option

    What is it?

    What’s included?

    For

    Term

    CLP (Cumulative Licensing Program)

    10,000 plus points, support and maintenance optional

    Select Adobe perpetual desktop products

    Business

    2 years

    EA (Adobe Enterprise Agreement)

    100 licenses plus maintenance and support for eligible Adobe products

    All applications

    100+ users requirement

    3 years

    EEA (Adobe Enterprise Education Agreement)

    Creative Cloud enterprise agreement for education establishments

    Creative Cloud applications without services

    Education

    1 or 2 years

    ETLA (Enterprise Term License Agreement)

    Licensing program designed for Adobe’s top commercial, government, and education customers

    All Creative Cloud applications

    Large enterprise companies

    3 years

    K-12 – Enterprise Agreement

    Enterprise agreement for primary and secondary schools

    Creative Cloud applications without services

    Education

    1 year

    K-12 – School Site License

    Allows a school to install a Creative Cloud on up to 500 school-owned computers regardless of school size

    Creative Cloud applications without services

    Education

    1 year

    TLP (Transactional Licensing Program)

    Agreement for SMBs that want volume licensing bonuses

    Perpetual desktop products only

    Aimed at SMBs, but Enterprise customers can use the TLP for smaller requirements

    N/A

    Upgrade Plan

    Insurance program for software purchased under a perpetual license program such as CLP or TLP for Creative Cloud upgrade

    Dependent on the existing perpetual estate

    Anyone

    N/A

    VIP (Value Incentive Plan)

    VIP allows customers to purchase, deploy, and manage software through a term-based subscription license model

    Creative Cloud of teams

    Business, government, and education

    Insight breakdown

    Insight 1

    Adobe operates in its own niche in the creative space, and Adobe users have grown accustomed to their products, making switching very difficult.

    Insight 2

    Adobe has transitioned the vast majority of its software offerings to the cloud-based subscription model. Active management of licenses, software provisioning, and consumption of cloud services is now an ongoing job.

    Insight 3

    With the vendor lock-in process nearly complete via the transition to a SaaS subscription model, Adobe is raising prices on an annual basis. Advance planning and strategic use of the ETLA is key to avoid budget-breaking surprises.

    Summary of accomplishment

    Knowledge Gained

    • The key pieces of licensing information that should be gathered about the current state of your own organization.
    • An in-depth understanding of the required licenses across all of your products.
    • Clear methodology for selecting the most effective contract type.
    • Development of measurable, relevant metrics to help track future project success and identify areas of strength and weakness within your licensing program.

    Processes Optimized

    • Understanding of the importance of licensing in relation to business objectives.
    • Understanding of the various licensing considerations that need to be made.
    • Contract negotiation.

    Deliverables Completed

    • Adobe ETLA Deployment Forecast
    • Adobe ETLA Forecasted Cost and Benefits
    • Adobe ETLA vs. VIP Pricing Table

    Related Info-Tech Research

    Take Control of Microsoft Licensing and Optimize Spend

    Create an Effective Plan to Implement IT Asset Management

    Establish an Effective System of Internal IT Controls to Mitigate Risks

    Optimize Software Asset Management

    Take Control of Compliance Improvement to Conquer Every Audit

    Cut PCI Compliance and Audit Costs in Half

    Bibliography

    “Adobe Buying Programs: At-a-glance comparison guide for Commercial and government organizations.” Adobe Systems Incorporated, 2014. Web. 1 Feb. 2018.

    “Adobe Buying Programs Comparison Guide for Commercial and Government Organizations.” Adobe Systems Incorporated, 2018. Web.

    “Adobe Buying Programs Comparison Guide for Education.” Adobe Systems Incorporated, 2018. Web. 1 Feb 2018.

    “Adobe Education Enterprise Agreement: Give your school access to the latest industry-leading creative tools.” Adobe Systems Incorporated, 2014. Web. 1 Feb. 2018.

    “Adobe Enterprise Term License Agreement for commercial and government organizations.” Adobe Systems Incorporated, 2016. Web. 1 Feb. 2018.

    Adobe Investor Presentation – October 2017. Adobe Systems Incorporated, 2017. Web. 1 Feb. 2018.

    Cabral, Amanda. “Students react to end of UConn-Adobe contract.” The Daily Campus (Uconn), 5 April 2017. Web. 1 Feb. 2018.

    de Veer, Patrick and Alecsandra Vintilescu. “Quick Guide to Adobe Licensing.” B-lay, Web. 1 Feb. 2018.

    “Find the best program for your organization.” Adobe, Web. 1 Feb 2018.

    Foxen, David. “Adobe Upgrade Simplified.” Snow Software, 7 Oct. 2016. Web.

    Frazer, Bryant. “Adobe Stops Reporting Subscription Figures for Creative Cloud.” Studio Daily. Access Intelligence, LLC. 17 March 2016. Web.

    “Give your students the power to create bright futures.” Adobe, Web. 1 Feb 2018.

    Jones, Noah. “Adobe changes subscription prices, colleges forced to pay more.” BG Falcon Media. Bowling Green State University, 18 Feb. 2015. Web. 1 Feb. 2018.

    Mansfield, Adam. “Is Your Organization Prepared for Adobe’s Enterprise Term License Agreements (ETLA)?” UpperEdge,30 April 2013. Web. 1 Feb. 2018.

    Murray, Corey. “6 Things Every School Should Know About Adobe’s Move to Creative Cloud.” EdTech: Focus on K-12. CDW LLC, 10 June 2013. Web.

    “Navigating an Adobe Software Audit: Tips for Emerging Unscathed.” Nitro, Web. 1 Feb. 2018.

    Razavi, Omid. “Challenges of Traditional Software Companies Transitioning to SaaS.” Sand Hill, 12 May 2015. Web. 1 Feb. 2018.

    Rivard, Ry. “Confusion in the Cloud.” Inside Higher Ed. 22 May 2013. Web. 1 Feb. 2018.

    Sharwood, Simon. “Adobe stops software licence audits in Americas, Europe.” The Register. Situation Publishing. 12 Aug. 2016. Web. 1 Feb. 2018.

    “Software Licensing Challenges Faced In The Cloud: How Can The Cloud Benefit You?” The ITAM Review. Enterprise Opinions Limited. 20 Nov. 2015. Web.

    White, Stephen. “Understanding the Impacts of Adobe’s Cloud Strategy and Subscriptions Before Negotiating an ETLA.” Gartner, 22 Feb. 2016. Web.

    Analyze Your Service Desk Ticket Data

    • Buy Link or Shortcode: {j2store}483|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $6,499 Average $ Saved
    • member rating average days saved: 3 Average Days Saved
    • Parent Category Name: Service Desk
    • Parent Category Link: /service-desk
    • Leverage your service desk ticket data to gain insights for your service desk strategy.

    Our Advice

    Critical Insight

    • Properly analyzing ticket data is challenging for the following reasons:
      • Poor ticket hygiene and unclear ticket handling means the data is often inaccurate or incomplete.
      • Service desk personnel are not sure where to start with analysis.
      • Too many metrics are tracked to parse actionable data from the noise.
    • Ticket data won’t give you a silver bullet, but it can help point you in the right direction.

    Impact and Result

    • Create an iterative framework for tracking metrics, keeping data clean, and actioning your data on day-to-day and month-to-month timelines.

    Analyze Your Service Desk Ticket Data Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should analyze your service desk ticket data, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Import your ticket data

    Enter your data into our tool. Compare your own ITSM ticket fields to improve ticket data moving forward.

    • Service Desk Ticket Analysis Tool

    2. Analyze your ticket data

    Use the ticket analysis tool as a guide to build your own operational dashboards to measure metrics over time. Gain actionable insights from your data.

    • Ticket Analysis Report

    3. Action your ticket data

    Use the data to communicate your findings to the business and leadership using the Ticket Analysis Report.

    [infographic]

    Further reading

    INFO-TECH RESEARCH GROUP

    Analyze Your Service Desk Ticket Data

    Take a data-driven approach to service desk optimization.

    EXECUTIVE BRIEF

    Analyst Perspective

    Photo of Benedict Chang, Research Analyst, Infrastructure & Operations, Info-Tech Research Group

    Benedict Chang
    Research Analyst, Infrastructure & Operations
    Info-Tech Research Group

    Photo of Ken Weston ITIL MP, PMP, Cert.APM, SMC, Research Director, Infrastructure & Operations, Info-Tech Research Group

    Ken Weston ITIL MP, PMP, Cert.APM, SMC
    Research Director, Infrastructure & Operations
    Info-Tech Research Group

    The perfect time to start analyzing your ticket data is now

    Service desks improve their services by leveraging ticket data to inform their actions. However, many organizations don’t know where to start. It’s tempting to wait for perfect data, but there’s a lot of value in analyzing your ticket data as it exists today.

    Start small. Track key tension metrics based on the out-of-the-box functionality in your tool. Review the metrics regularly to stay on track.

    By reviewing your ticket data, you’re going to get better organically. You’re going to learn about the state of your environment, the health of your processes, and the quality of your services. Regularly analyze your data to drive improvements.

    Make ticket analysis a weekly habit. Every week, you should be evaluating how the past week went. Every month, you should be looking for patterns and trends.

    Executive Summary

    Your Situation

    Leverage your service desk ticket data to gain insights for improving your operations:

    1. Use a data-based approach to allocate service desk resources.
    2. Design appropriate SLOs and SLAs to better service end users.
    3. Gain efficiencies for your shift-left strategy.
    4. Communicate the current and future value of the service desk to the business.

    Common Obstacles

    Properly analyzing ticket data is challenging for the following reasons:

    • Poor ticket hygiene and unclear ticket handling guidelines can lead to untrustworthy results.
    • Undocumented tickets from various intake channels prevents you from seeing the whole picture.
    • Service desk personnel are not sure where to start with analysis and are too busy to find time.
    • Too many metrics are tracked to parse actionable insights from the noise.

    Info-Tech’s Approach

    Info-Tech’s approach to improvement:

    • To reduce the noise, standardize your ticket data in a format that will ease analysis.
    • Start with common analyses using the cleaned data set.
    • Identify action items based on your ticket data.

    Analyze your ticket data to help continually improve your service desk.

    Slow down. Give yourself time.

    Give yourself time to observe the new metrics and draw enough insights to make recommendations for improvement. Then, execute on those recommendations. Slow and steady improvement of the service desk only adds business value and will have a positive impact on customer satisfaction.

    Your challenge

    This research is designed to help service desk managers analyze their ticket data

    Analyzing ticket data involves:

    • Collecting ticket data and keeping it clean. Based on the metrics you’re analyzing, define ticket expectations and keep the data up to date.
    • Showing the value of the service desk. SLAs are meaningless if they are not met consistently. The prerequisite to implementing proper SLAs is fully understanding the workload of the service desk.
    • Understanding – and improving – the user experience. You cannot improve the user experience without meaningful metrics that allow you to understand the user experience. Different user groups will have different needs and different expectations of the level of service. Your metrics should reflect those needs and expectations.

    36% of organizations are prioritizing ticket handling in IT for 2021 (Source: SDI, 2021)

    12% of organizations are focusing directly on service desk improvement (Source: SDI, 2021)

    Common obstacles

    Many organizations face these barriers to analyzing their ticket data:

    • Finding time to properly analyze ticket data is a challenge. Not knowing where to start can lead to not analyzing the proper data. Service desks end up either tracking too much data or not tracking the proper metrics.
    • Data, even if clean, can be housed in various tools and databases. It’s difficult to aggregate data if the data is stored throughout various tools. Comparisons may also be difficult if the data sets aren’t consistent.
    • Shifting left to move tickets toward self-service is difficult when there is no visibility into which tickets should be shifted left.

    What your peers are saying about why they can’t start analyzing their ticket data:

    • “My technicians do not consistently update and close tickets.”
    • “My ITSM doesn’t have the capabilities I need to make informed decisions on shifting tickets left.”
    • “My tickets are always missing data”
    • “I’m constantly firefighting. I have no time for ticket data analysis.”
    • “I have no idea where to start with the amount of data I have.”
    (Source: Info-Tech survey, 2021; N=20.)

    Common obstacles that prevent effective ticket analysis

    We asked IT service desk managers and teams about their biggest hurdles

    Missing or Inaccurate Information
    • Lack of information in the ticket
    • Categories are too general/specific to draw insights
    • Poor ticket hygiene
    Missing Updates
    • Tickets aren’t updated while being resolved
    Correlating Tickets to Identify Trends
    • Not sure where to start with all the data at hand
    No Time
    • No time to figure out the tool or analyze the data properly
    Ineffective Categorization Schemes
    • Reduces the power of ticket data
    Tool Limitations
    • Can’t be easily customized
    • Too customized to be effective
    • Desired dashboards unavailable
    (Source: Info-Tech survey, 2021; N=20)

    Info-Tech’s approach

    Repeat this analysis every business cycle:

    • Gather Your Data
      Collect your ticket data OR start measuring the right metrics.
    • Extract & Analyze
      Organize and visualize your data to extract insights
    • Action the Results
      Implement low-effort improvements and celebrate quick successes.
    • Implement Larger Changes
      Reference your ticket data while implementing process, tooling, and other changes.
    • Communicate the Results
      Use your data to show the value of your effort.

    Measure the value of this blueprint

    Track these metrics as you improve

    Use the data to tell you which aspects of IT need to be shifted left and which need to be automated

    Your data will show you where you can improve.

    As you act on your data, you should see:

    • Lower costs per ticket
    • Decreased average time to resolve
    • Increased end-user satisfaction
    • Fewer tickets escalated beyond Tier 1

    An illustration of the 'Shift Left Strategy' using three line graphs arranged in a table with the same axes but representing different metrics. The header row is 'Metrics,' then values of the x-axes are 'Auto-Fix,' 'User,' 'Tier 1,' 'Tier2/Tier3,' and 'Vendor.' Under 'Metrics' we see 'Cost,' 'Time,' and 'Satisfaction.' The 'Cost' graph begins 'Low' at 'Auto-Fix' and gradually moves to 'High' at 'Vendor.' The 'Time' graph begins 'Low' at 'Auto-Fix' and gradually moves to 'High' at 'Vendor.' The 'Satisfaction' graph begins 'High' at 'Auto-Fix' and gradually moves to 'Low' at 'Vendor.' Below is an arrow directing us away from the 'Vendor' option and toward the 'Auto-Fix' option, 'Shift Ticket Resolution Left.'

    See Info-Tech’s blueprint Optimize the Service Desk With a Shift-Left Strategy.

    Info-Tech’s methodology for analyzing service desk tickets

    1. Import Your Ticket Data 2. Analyze Your Ticket Data 3. Communicate Your Insights
    Phase Steps
    1. Import Your Ticket Data
    1. Analyze High-Level Ticket Data
    2. Analyze Incidents, Service Requests, and Ticket Categories
    1. Build Recommendations
    2. Action and Communicate Your Ticket Data
    Phase Outcomes Enter your data into our tool. Compare your own ITSM ticket fields to improve ticket data moving forward. Use the Service Desk Ticket Analysis Tool as a guide to build your own operational dashboards to measure metrics over time. Gain actionable insights from your data. Use the data to communicate your findings to the business and leadership using the Ticket Analysis Report.

    Insight summary

    Slow down. Give yourself time.

    Give yourself time to observe the new metrics and draw enough insights to make recommendations for improvement. Then, execute on those recommendations. Slow and steady improvement of the service desk only adds business value and will have a positive impact on customer satisfaction.

    Iterate on what to track rather than trying to get it right the first time.

    Tracking the right data in your ticket can be challenging if you don’t know what you’re looking for. Start with standardized fields and iterate on your data analysis to figure out your gaps and needs.

    If you don’t know where to go, ticket data can point you in the right direction.

    If you have service desk challenges, you will need to allocate time to process improvement. However, prioritizing your initiatives is easier if you have the ticket data to point you in the right direction.

    Start with data from one business cycle.

    Service desks don’t need three years’ worth of data. Focus on gathering data for one business cycle (e.g. three months). That will give you enough information to start generating value.

    Let the data do the talking.

    Leverage the data to drive organizational and process change in your organization by tracking meaningful metrics. Choose those metrics using business-aligned goals.

    Paint the whole picture.

    Single metrics in isolation, even if measured over time, may not tell the whole story. Make sure you design tension metrics where necessary to get a holistic view of your service desk.

    Blueprint deliverables

    This blueprint’s key deliverable is a ticket analysis tool. Many of the activities throughout this blueprint will direct you to complete and interpret this tool. The other main deliverable is a stakeholder presentation template to help you document the outcomes of the project.
    Service Desk Ticket Analysis Tool Ticket Analysis Report
    Use this tool to identify trends and patterns in your ticket data to action improvement initiatives.

    Sample of the Service Desk Ticket Analysis Tool blueprint deliverable.

    Use this template to document the justification for addressing service desk improvement, the results of your analysis, and your next steps.

    Sample of the Ticket Analysis Report blueprint deliverable.

    Blueprint benefits

    IT Benefits

    • Discover and implement the proper metrics to improve your service desk
    • Use a data-based approach to improve your customer service and operational goals
    • Increase visibility with the business and other IT departments using a structured presentation

    Business Benefits

    • Quicker resolutions to incidents and service requests
    • Better expectations for the service desk and IT
    • Better visibility into the current state, challenges, and goals of the service desk
    • More effective support when contacting the service desk

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 3-4 calls over the course of 2-3 months.

    What does a typical GI on this topic look like?

      Phase 1

    • Call #1: Scope requirements, objectives, and your specific challenges. Enter your data into the tool.
    • Phase 2

    • Call #2: Assess the current state across the different dashboards.
    • Phase 3

    • Call #3: Identify improvements and insights to include in the communication report.
    • Call #4: Review the service desk ticket analysis report.

    PHASE 1

    Import Your Ticket Data

    This phase will walk you through the following activities:

    • 1.1.1 Define your objectives for analyzing ticket data
    • 1.1.2 Identify success metrics
    • 1.1.3 Import your ticket data into the tool
    • 1.1.4 Update your ticket fields for future analysis

    This phase involves the following participants:

    • Service Desk Manager
    • ITSM Manager
    • Service Desk Technician

    1.1.1 Define your objectives for analyzing ticket data

    Input: Understanding of current service desk process and ticket routing

    Output: Defined objectives for the project

    Materials: Whiteboard/flip charts, Ticket Analysis Report

    Participants: Service Desk Staff, Service Desk Manager, IT Director, CIO

    Use the discussion questions below as a guide
    1. Identify your main objective for analyzing ticket data. Use these three sample objectives as a starting point:
      • Demonstrate value to the business by improving customer service.
      • Improve service desk operations.
      • Reduce the number of recurring incidents.
    2. Answer the following questions as a group:
      • What challenges do you have getting accurate data for this objective?
      • What data is missing for supporting this objective?
      • What kind of issues must be solved for us to make progress on achieving this objective?
      • What decisions are held up from a lack of data?
      • How can better ticket data help us to more effectively manage our services and operations?

    Document in the Ticket Analysis Report.

    1.1.2 Identify success metrics

    Select metrics that will track your progress on meeting the objective identified in Activity 1.1.1.

    Input: Understanding of current service desk process and ticket routing

    Output: Defined objectives for the project

    Materials: Whiteboard/flip charts, Ticket Analysis Report

    Participants: Service Desk Manager, IT Director, CIO

    Use these sample metrics as a starting point:
    Demonstrate value to the business by improving customer service
    Ticket trends by category by month # tickets by business department % SLAs met by IT teams
    Average customer satisfaction rating % incident tickets closed in one day Service request SLAs met by % Annual IT satisfaction survey result
    Improve service desk operations
    Incident tickets assigned, sorted by age and priority Scheduled requests for today and tomorrow Knowledgebase articles due for renewal this month Top 5-10 tickets for the quarter
    Unassigned tickets by age # incident tickets assigned by tech Open tickets by category Backlog summary by age
    Reducing the number of recurring incidents
    # incidents by category and resolution code Number of problem tickets opened and resolved Correlation of ticket volume trends to events Reduction of volume of recurring tickets
    Use of knowledgebase by users Use of self-service for ticket creation Use of service catalog Use of automated features (e.g. password resets)
    Average call hold time % calls abandoned Average resolution time Number of tickets reopened

    Document in the Ticket Analysis Report.

    Inefficient ticket-handling processes lead to SLA breaches and unplanned downtime

    Analyze the ticket data to catch mismanaged or lost tickets that lead to unnecessary escalations and impact business profitability

    • Ticket Category – Are your tickets categorized by type of asset? By service?
    • Average Ticket Times – How long does it take to resolve or fulfill tickets?
    • Ticket Priority – What is the impact and urgency of the ticket?
    • SLA/OLA Violations – Did we meet our SLA objectives? If not, why?
    • Ticket Channel – How was the issue reported or ticket received?
    • Response and Fulfillment – Did we complete first contact resolution? How many times was it transferred?
    • Associated Tasks and Tickets – Is this incident associated with any other tasks like change tickets or problem tickets?

    Encourage proper ticket-handling procedures to enable data quality

    Ensure everyone understands the expectations and the value created from having ticket data that follows these expectations

    • Create and update tickets, but not at the expense of good customer service. Agents can start the ticket but shouldn’t spend five minutes creating the ticket when they should be troubleshooting the problem.
    • Update the ticket when the issue is resolved or needs to be escalated. If agents are escalating, they should make sure all relevant information is passed along within the ticket to the next technician.
    • Update user of ETA if issue cannot be resolved quickly.
    • Ticket templates for common incidents can lead to fast creation, data input, and categorizations. Templates can reduce the time it takes to create tickets from two minutes to 30 seconds.
    • Update categories to reflect the actual issue and resolution.
    • Reference or link to the knowledgebase article as the documented steps taken to resolve the incident.
    • Validate with the client that the incident is resolved; automate this process with ticket closure after a certain time.
    • Close or resolve the ticket on time.

    Info-Tech Insight

    Ticket handling ensures clean handovers, whether it is to higher tiers or back to the customer. When filling the ticket out with information intended for another party, ensure the information is written for their benefit and from their point of view.

    Service Desk Ticket Analysis Tool overview

    The Service Desk Ticket Analysis Tool will help you standardize your ticket data in a meaningful format that will allow you to apply common analyses to identify the actions you need to take to improve service desk operations

    TABS 1 & 2
    INSTRUCTIONS & DATA ENTRY
    TAB 3 : TICKET SUMMARY
    TICKET SUMMARY DASHBOARDS
    TABS 4 to 8: DASHBOARDS
    INCIDENT SERVICE REQUEST CATEGORY
    Sample of the Service Desk Ticket Analysis Tool, tabs 1 & 2.
    Input at least three months of your exported ticket data into the corresponding columns in the tool to feed into the common analysis graphs in the other tabs.
    Sample of the Service Desk Ticket Analysis Tool, tab 3.
    This tab contains multiple dashboards analyzing how tickets come in, who requests them, who resolves them, and how long it takes to resolve them.
    Sample of the Service Desk Ticket Analysis Tool, tabs 4 to 8.
    These tabs each have dashboards outlining analysis on incidents and service requests. The category tab will allow you to dive deeper on commonly reported issues.

    1.1.3 Import your data into our Service Desk Ticket Analysis Tool

    You can still leverage your current data, but use this opportunity to improve your service desk ticket fields down the line

    Input: ITSM data log

    Output: Populated Service Desk Ticket Data Analysis Tool

    Materials: Whiteboard/flip charts, Service Desk Ticket Analysis Tool

    Participants: Service Desk Manager, Service Desk Technicians

    Start here:

    • Extract your ticket data from your ITSM tool in an Excel or text format.
    • Look at the fields on the data entry tab of the Service Desk Ticket Analysis Tool.
    • Fill the fields with your ticket data by copying and pasting relevant sections. It is okay if you don’t have all the fields, but take note of the fields you are missing.
    • With the list of the fields you are missing, run through the following activity to decide if you will need to adopt or add fields to your own service desk ticket tool.
    Fields Captured
    Ticket Number Open Date
    Open Time Closed Date
    Closed Time Intake Channel
    Time to Resolve Site Location
    First Contact Resolution Resolution Code
    Category (I, II, III) Ticket Type (Request or Incident)
    Status of Ticket Resolved by Tier
    Ticket Priority Requestor/Department
    SLA Fulfilled Subject
    Technician

    When entering your data, pay close attention to the following fields:

    • Time to Resolve: This is automatically calculated using data in the Open Date, Open Time, Close Date, and Close Time fields. You have three options for entering your data in these fields:
      1. Enter your data as the fields describe. Ensure your data contain only the field description (e.g. Open Date separated from Open Time). If your data contain Open Date AND Open Time, Excel will not show both.
      2. Enter your data only in Open Date and Close Date. If your ITSM does not separate date and time, you can keep the data in a single cell and enter it in the column. The formula in Time to Resolve will still be accurate.
      3. If your ITSM outputs Time to Resolve, overwrite the formula in the Time to Resolve column.
    • SLA: If your ITSM outputs SLA fulfilled: Y/N, enter that directly into the SLA Fulfilled column.
    • Blank Columns: If you do not have data for all the columns, that is okay. Continue with the following activity. Note that some stock dashboards will be empty if that is the case.
    • Incidents vs. Service Requests: If you separate incidents and service requests, be sure to capture that in the SR/Incident for Tabs 4 and 5. If you do not separate the two, then you will only need to analyze Tab 3.
    Fields Captured
    Ticket Number Open Date
    Open Time Closed Date
    Closed Time Intake Channel
    Time to Resolve Site Location
    First Contact Resolution Resolution Code
    Category (I, II, III) Ticket Type (Request or Incident)
    Status of Ticket Resolved by Tier
    Ticket Priority Requestor/Department
    SLA Fulfilled Subject
    Technician

    Use Info-Tech’s tool instead of building your own. Download the Service Desk Ticket Analysis Tool.

    1.1.4 Update your ticket fields for future analysis

    Input: Populated Service Desk Ticket Data Analysis Tool

    Output: New ticket fields to track

    Materials: Whiteboard/flip charts, Service Desk Ticket Analysis Tool

    Participants: Service Desk Manager, Service Desk Technicians

    As a group, pay attention to the ticket fields populated in the tool as well as the ticket fields that you were not able to populate. Use the example “Fields Captured” table to the right, which lists all fields present in the ticket analysis tool.

    Discuss the following questions:

    1. Consider the fields not captured. Would it be valuable to start capturing that data for future analysis?
    2. If so, does your ITSM support that field?
    3. Can you make the change in-house or do you have to bring in an external ITSM administrator to make the change?
    4. Capture the results in the Ticket Analysis Report.
    Example: Fields Captured - Fields Not Captured
    Ticket Number Open Date
    Open Time Closed Date
    Closed Time Intake Channel
    Time to Resolve Site Location
    First Contact Resolution Resolution Code
    Category (I, II, III) Ticket Type (Request or Incident)
    Status of Ticket Resolved by Tier
    Ticket Priority Requestor/Department
    SLA Fulfilled Subject
    Technician

    Document in the Ticket Analysis Report.

    Info-Tech Insight

    Don’t wait for your ticket quality to be perfect. You can still draw actions from your ticket data. They will likely be process improvements initially, but the exercise of pulling the data is a necessary first step.

    Common ticket fields tracked by your peers

    Which of these metrics do you track and action?

    • Remember you don’t have to track every metric. Only track metrics that are actionable.

    For each metric that you end up tracking:

    • Look for trends over time.
    • Brainstorm reasons why the metric could rise or fall.

    Associate a metric with each improvement you execute.

    • Performing this step will allow you to better see the value from your team’s efforts.
    • It will also give you a quicker response than waiting for spikes in your data.

    A bar chart of 'Metrics tracked by other organizations' with the x-axis populated by different metrics and the y-axis as '% organizations who track the metric'. The highest percentage of businesses track 'Ticket volume', then 'Ticket trends by category', then 'Tickets by business units'. The lowest three shown are 'Reopened tickets', 'Cost per ticket', and 'Other'.(Source: Info-Tech survey, 2021; N=20)

    PHASE 2

    Analyze Your Ticket Data

    This phase will walk you through the following activities:

    • 2.1.1 Review high-level ticket dashboards
    • 2.2.1 Review incident, service request, and ticket category dashboards

    This phase involves the following participants:

    • Service Desk Manager
    • Service Desk Technicians
    • IT Managers

    Visualize your ticket data as a first step to analysis

    Identifying trends is easier when looking at diagrams, graphs, and figures

    Start your analysis with common visuals employed by other service desk professionals

    • Phase 2 will walk you through visualizing your data to get a better understanding of your ticket intake, incident management, and service request management.
    • Each step will walk you through:
      • Common visualizations used by service desks
      • Patterns to look for in your visualizations
      • Actions to take to address negative patterns and to continue positive trends
    • Share diagrams that underscore both the value being provided by the service desk as well as the scope of the pain points. Use Info-Tech’s Ticket Analysis Report template as a starting point.

    “Being able to tell stories with data is a skill that’s becoming ever more important in our world of increasing data and desire for data-driven decision making. An effective data visualization can mean the difference between success and failure when it comes to communicating the findings of your study, raising money for your nonprofit, presenting to your board, or simply getting your point across to your audience.” - Cole Knaflic, Founder and CEO, Storytelling with Data: A Data Visualization Guide for Business Professionals

    Use the detailed dashboards to determine the next steps for improvement

    A single number doesn’t tell the whole picture

    Analyze trends over time:

    • Analyze trends by day, by week, by month, and by year to determine:
      • When are the busy periods? (E.g. Do tickets tend to spike every morning, every Monday, or every September?)
      • When are the slow periods? (E.g. Do tickets drop at the end of the day, at midday, on Fridays, or over the summer?)
    • Are spikes or drops in volume consistent trends or one-time anomalies?

    Then build a plan to address them:

    • How will you handle volume spikes, if they’re consistent?
    • What can your resources work on during slow times, if they are consistent?
    • If you assume no shrinkage, can you handle the peaks in volume if you make all FTEs available to work on tickets at a certain time of day?

    Sample of a bar chart comparing tickets that were 'Backlog versus Closed by Month Opened'.

    Look for seasonal trends. In this example, we see high ticket volumes in May and January, with lower ticket volumes in June and July when many staff are taking holidays. However, also be careful to look at the big picture of how you pulled the data. August through October sees a high volume of open tickets because the data set is pulled in November, not because there’s a seasonal spike on tickets not closing at the end of the fiscal year.

    Track ticket data over time

    Make low-effort adjustments before major changes

    Don’t rush to a decision based off the first numbers you see

    Review ticket summary dashboard

    Ideally, you should track ticket patterns over an entire year to get a full sense of trends within each month of the year. At minimum, track for 30 days, then 60, then 90, and see if anything changes. The longer you can track ticket patterns, the more accurate your picture will be.

    Review additional dashboards

    If you separate incidents and service requests, and you have accurate ticket categories, then you can use these dashboards to further break down the data to identify ticket trends.

    The output of the ticket analysis will only be as accurate as its input.
    To get the most accurate results, first ensure your data is accurate, then analyze it over as much time as possible. Aggregating with accurate data will give you a better picture of the trends in demand that your service desk sees.

    Not separating incidents and service requests? Need to fix your ticket categories? Visit Standardize the Service Desk to get started.

    Analyze incidents and requests separately

    Each type has its own set of customer experiences and expectations

    • Different ticket types are associated with radically different prioritization, routing, and service levels. For instance, most incidents are resolved within a business day, but requests take longer to implement.
    • If you fail to distinguish between ticket types, your metrics will obscure service desk performance.
    • From a ticket analysis standpoint, separating ticket types prior to analysis or, better yet, at intake allows for cleaner data. In turn, this means more structured analyses, better insights, and more meaningful actions. Not separating ticket types may still get you to the same conclusions, but it will be much more difficult to sift through the data.

    Incident

    An unanticipated interruption of a service.
    The goal of incident management is to restore the service as soon as possible, even if the resolution involves a workaround.

    Request

    A generic description for a small change or service access.
    Requests are small, frequent, and low risk. They are best handled by a process distinct from incident, change, and project management.

    Not separating incidents and service requests? Need to fix your ticket categories? Visit Standardize the Service Desk to get started.

    Step 2.1

    Analyze Your High-Level Ticket Data

    Dashboards
    • Ticket Volume
    • Ticket Intake
    • Ticket Handling and Resolution
    • Ticket Categorization

    This step will walk you through the following activities:

    Visualize the current state of your service desk.

    This step involves the following participants:

    • Service Desk Manager
    • Service Desk Technicians
    • IT Managers

    Outcomes of this step

    Build your metrics baseline to compare with future metric results.

    Dashboards: Ticket Volume

    Example of a dashboard for ticket volume with two bar charts, one breaking down volume by month, and the other marking certain days or weeks in each month.

    Analyze your data for insights

    • Analyze volume trends by day, by week, by month, and by year to determine:
      • When are the busy periods? (E.g. Do tickets tend to spike every morning, every Monday, or every September?)
      • When are slow periods? (E.g. Do tickets drop at the end of the day, at midday, on Fridays, or over the summer?)
    • Are spikes or drops in volume consistent trends or one-time anomalies?
    • What can your resources be working on during slow times? Are you able to address ticket backlog?

    Dashboards: Ticket Intake

    Example of a dashboard for ticket intake with three bar charts, one breaking it down by 'Intake Channel', one by 'Requestor/Department', and one by 'Location'.

    Analyze your data for insights

    • Determine how to drive intake to the most appropriate solution for your organization:
      • A web portal is the most efficient intake method, but it must be user friendly to increase its adoption.
      • The phone should be available for urgent requests or incidents. Encourage those who call with a request to submit a ticket through the portal.
      • Discourage use of email if it is unstructured, as users don’t provide enough detail, and often two or three transactions are required for triage.
      • If walk-ups are encouraged, structure and formalize the support so it can be resourced and managed rather than interrupt-driven.

    Dashboard: Ticket Handling and Resolution

    Example of a dashboard for ticket handling and resolution with three bar charts, one breaking down 'Tickets Resolved by Technician', one by 'Tier', and one by 'Average Time to Resolve (Hours)'.

    Analyze your data for insights

    • Look at your ticket load by technician and by tier. This is an essential step to set your baseline to measure your shift-left initiatives. If you are focusing on self-service or Tier 1 training, the ticket load from higher tiers should decrease over time.
    • If Tiers 2 and 3 are handling the majority of the tickets, this could be a red flag indicating tickets are inappropriately escalated or Tier 1 could use more training and support.
    • For average time to resolve and average time to resolve by tier, are you meeting your SLAs? If not, are your SLAs too aggressive? Are tickets left open and not properly closed?

    Dashboard: Ticket Categorization

    Analyze your data for insights

    • Ticket categorization is critical to clean data. Having a categorization scheme with categories that are miscellaneous, too specific, or too general easily leads to inaccurate reporting or confusing workflows for technicians.
    • When looking at your ticket categories, first look for duplicate categories that could be collapsed into one.
    • Also look at your top five to seven categories and see if they make sense. Are these good candidates in your organization for automation or shift-left?
    • Compare your Tier 1 categories. The level of specificity for these categories should be comparable to easily run reports. If they are not, assess the need for a category redesign.

    Example of a dashboard for ticket categorization with one horizontal bar chart, 'Incident Ticket Volume by Level 1 Category'.

    Step 2.2

    Analyze Incidents, Service Requests, and Ticket Categories

    Dashboards
    • Incidents
    • Service Requests
    • Volume by Ticket Category
    • Resolution Times by Priority and/or Category
    • Tabs for More Granular Investigation and Reporting

    This step will walk you through the following activities:

    Visualize your incident and service request ticket load and analyze trends. Use this information and cross reference data sets to gain a holistic view of how the service desk interacts with IT and the business.

    This step involves the following participants:

    • Service Desk Manager
    • Service Desk Technicians
    • IT Managers

    Outcomes of this step

    Gain actionable, data-driven improvements based on your incident and service request data. Show the value of the service desk and highlight improvements needed.

    Incident and Service Requests Dashboard: Priority and SLA

    Example of an Incident and Service Requests dashboard for priority and SLA with three charts, one breaking down 'Incident Priority', one 'Average time to resolve (in hours) by priority', and one '% of SLA met'.

    Analyze your data for insights

    • Your ticket priority distribution for overall load and time to resolve (TTR) should look something like above with low-priority tickets having higher load and TTR and high/critical-priority tickets having a lower load and lower TTR. If it is reversed, that is a good indication that the service desk is too reactive or isn’t properly prioritizing its work.
    • If your SLA has a high failure rate, consider reassessing your targets with SLOs that you can meet before publishing them as achievable SLAs.

    Incident and Service Requests Dashboard: Priority and SLA

    Example of an Incident and Service Requests dashboard for resolution and close with three bar charts, one breaking down 'Incident Volume by Resolution Code', one 'Incidents Resolved by Tier', and one 'Average time to resolve (in hours) by Resolution Code'.

    Analyze your data for insights

    • Examine your ticket handling by looking at ticket status and resolution codes.
      • If you have a lot of blanks, then tickets are not properly handled. Consider reinforcing your standards for close codes and statuses.
      • Alternatively, if tickets are left open, you may have to build follow-ups on stale tickets into your process or introduce proper auto-close processes.

    Category, Resolution Time, and Resolution Code Dashboards

    These PivotCharts allow you to dig deeper

    Investigate whether there are trends in ticket volume and resolution times within specific categories and subcategories

    Tab 6, Category Dashboard; tab 7, Resolution Time Dashboard; and tab 8, Resolution Code Dashboard are PivotCharts. Use these tabs to investigate whether there are trends in ticket volume, resolution times, and resolution codes within specific categories and subcategories.

    Start with the charts that are available. The +/- buttons will allow you to show more granular information. By default, this granularity will be into the levels of the ticket categorization scheme.

    For most categorization schemes, there will be too many categories to properly graph. You can apply a filter to investigate specific categories by clicking on the drop-down buttons.

    Example of dashboards featured on next slide

    Use these tabs for more granular investigation and reporting

    TAB 6
    CATEGORY DASHBOARD
    TAB 7
    RESOLUTION TIME DASHBOARD
    TAB 8
    RESOLUTION TIME DASHBOARD
    Sample of the 'Ticket Volume by Second, Third Level Category' dashboard tab.
    Investigate ticket distributions in first, second, and third levels. Are certain categories overcrowded, suggesting they can be split? Are certain categories not being used?
    Sample of the 'Average Resolution Times' dashboard tab.
    Do average resolution times match your service level agreements? Do certain categories have significantly different resolution times? Are there areas that can benefit from shift-left?
    Sample of the 'Volume of Resolution Codes' dashboard tab.
    Are resolution codes being accurately used? Are there trends in resolution codes? Are these codes providing sufficient information for problem management?

    PHASE 3

    Communicate Your Insights

    This phase will walk you through the following activities:

    • 3.1.1 Review common recommendations
    • 3.2.1 Review ticket reports daily
    • 3.2.2 Incorporate ticket data into retrospectives and team updates
    • 3.2.3 Regularly review trends with business leaders
    • 3.2.4 Tell a story with your data

    This phase involves the following participants:

    • Service Desk Manager
    • Service Desk Technicians
    • IT Managers

    Step 3.1

    Build Recommendations Based on Your Ticket Data

    Activities
    • 3.1.1 Review common recommendations

    This step will walk you through the following activities:

    Review common recommendations as a first step to extracting insights from your own data.

    This step involves the following participants:

    • Service Desk Manager
    • Service Desk Technicians

    Outcomes of this step

    You will gain an understanding of the common challenges with service desks and ticket analysis in general. See which ones apply to you to inform your ticket data analysis moving forward.

    Review these common recommendations

    1. Fix your ticket categories
      Organize your ticket categorization scheme for proper routing and reporting.
    2. Focus more on self-service
      Self-service is essential to enable shift-left strategies. Focus on knowledgebase processes and portal ease of use.
    3. Update your service catalog
      Improve your service catalog, if necessary, to make it easy for end users to request services and for the service desk to provide those services.
    4. Direct volume toward other channels
      Walk-ups make it more difficult to properly log tickets and assign service desk resources. Drive volume to other channels to improve your ticket quality.
    5. Crosstrain Tier 1 on certain topics
      Tier 1 breadth of knowledge is essential to drive up first contact resolution.
    6. Build more automation
      Identify bottlenecks and challenges with your ticket data to streamline ticket handling and resolution.
    7. Revisit service level agreements
      Update your SLAs and/or SLOs to prioritize expectation management for your end users.
    8. Improve your data quality
      You can only analyze data that exists. Revisit your ticket-handling guidelines and more regularly check tickets to ensure they comply with those standards.

    Optimize your processes and look for opportunities for automation

    Leverage Info-Tech research to improve service desk processes

    Review your service desk processes and tools for optimization opportunities:

    • Clearly establish ticket-handling guidelines.
    • Use ticket templates to reduce time spent entering tickets.
    • Document incident management and service request fulfillment workflows and eliminate any unnecessary steps.
    • Automate manual tasks wherever possible.
    • Build or improve a self-service portal with a knowledgebase to allow users to resolve their own issues, reducing incoming ticket volume to the service desk.
    • Optimize your internal knowledgebase to reduce time spent troubleshooting recurring issues.
    • Leverage AI capabilities to speed up ticket processing and resolution.

    Standardize the Service Desk

    This project will help you build and improve essential service desk processes, including incident management, request fulfillment, and knowledge management.

    Optimize the Service Desk With a Shift-Left Strategy

    This project will help you build a strategy to shift service support left to optimize your service desk operations and increase end-user satisfaction.

    Step 3.2

    Action and Communicate Your Ticket Data

    Activities
    • 3.2.1 Review your ticket queues daily
    • 3.2.2 Incorporate ticket data into retrospectives and team status updates
    • 3.2.3 Regularly review trends with business leaders
    • 3.2.4 Tell a story with your data

    This step will walk you through the following activities:

    Organize your scrums to report on the metrics that will inform daily and monthly operations.

    This step involves the following participants:

    • Service Desk Manager
    • Service Desk Technicians
    • IT Managers

    Outcomes of this step

    Use the dashboards and data to inform your daily and monthly scrums.

    3.2.1 Review your ticket queues daily

    Clean data is still useless if not used properly

    • The metrics you’ve chosen to measure and visualize in the previous step are useful for informing your day-to-day, week-to-week, and month-to-month strategies for the service desk and IT. Conduct scrums daily to action your dashboard data to help clear ticket queues.
    • Reference your dashboards daily with each IT team.
    • You need to have a dashboard of open tickets assigned to each team.

    Review Daily

    • Ticket volume over the last day (look for spikes)
    • SLA breach risks/SLA breaches
    • Recurring incidents
    • Tickets open
    • Tickets handed over (confirmation of handover)

    3.2.2 Incorporate ticket data into retrospectives and team status updates

    Explain your metric spikes and trends

    • Hold weekly or monthly meetings to review the ticket trends selected during Phases 1 and 2 of this blueprint.
    • Review ticket spikes, identify seasonal trends, and discuss root causes (e.g. projects/changes going live, onboarding blitz).
    • Discuss any actions associated with spikes and seasonal trends (e.g. resource allocation, hiring, training).
    • You can incorporate other IT leaders or departments in this meeting as needed to discuss action items for improvement, quality assurance concerns, customer service concerns, and/or operating level agreement concerns.

    Review Weekly/Monthly

    • Ticket volume
    • Ticket category by priority level over time
    • Tickets from different business groups, VIP groups, and different vertical levels
    • Tickets escalated, tickets that didn’t need to be escalated, tickets that were incorrectly escalated
    • Ticket priority levels over time
    • Most requested services
    • Tickets resolved by which group over time
    • Ability to meet SLAs and OLAs over time by different groups

    3.2.3 Regularly review trends with business leaders

    Use your data to help improve business relationships

    Review the following with business leaders:

    • Volume of work done this past time cycle for the leader’s group
    • Trends and spikes in the data and possible explanations for them (note: get their input on the potential causes of trends)
    • Improvements you plan to execute within the service desk
    • Action items you need from the business leader

    Use your data to show the value you provide to the group. Schedule quarterly meetings with the heads of different business groups to discuss the work that the service desk does for each group.

    Show trends in incidents and service requests: “I see you have a spike in CRM tickets. I’ve been working with the CRM team to address this issue.”

    3.2.4 Tell a story with your data

    Effectively communicate with the business and leadership

    • With your visualized metrics, organize your story into a presentation for different stakeholder groups. You can use the Ticket Analysis Report as a starting point to provide data about:
      • Value provided by the service desk
      • Successes
      • Opportunities for Improvements
      • Current state of KPIs
    • Include information about the causes of data trends and actions you will take in response to the data.
    • For each of these themes, look at the metrics you’ve chosen to track and see which ones fit to tell the story. Let the data do the talking.
    • Consider supplementing the ticket data with data from other systems. For example, you can include data on transactional customer satisfaction surveys, knowledgebase utilization, and self-service utilization.

    Sample of the Ticket Analysis Report.

    Download the Ticket Analysis Report.

    Ticket Analysis Report

    Include the following information as you build your ticket analysis report:

    • Value Provided by the Service Desk
      Start with the value provided by the service desk to different areas of the business. Include information about first contact resolution, average resolution times, ticket volume (e.g. by category, priority, location, requestor).
    • Successes
      Successes is a general field that can include how process improvements have impacted the service desk or how initiatives have enhanced shift-left opportunities. Highlight any positive trends over time.
    • Opportunities for Improvement
      Let the data guide the conversation to where improvements can be made. Day-to-day ops, self-service tools, shifting work left from Tier 2, Tier 3, standardizing a non-standard service, and staffing adjustments are possibilities for this section.
    • Current State of KPIs
      Mean time to resolve, FCR, ticket volume, and end-user satisfaction are great KPIs to include as a starting point.

    Sample of the Ticket Analysis Report.

    Download the Ticket Analysis Report.

    Summary of Accomplishment

    Problem Solved

    You now have a better understanding of how to action your service desk ticket data, including improvements to your current ticket templates for incidents and service requests.

    You also have the data to craft a story to different stakeholder groups to celebrate the successes of the service desk and highlight possible improvements. Continue this exercise iteratively to continue improving the service desk.

    Remember, ticket analysis is not a single event but an ongoing initiative. As you track, analyze, and action more data, you will find more improvements.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Photo of Benedict Chang.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team. Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Sample of dashboards we saw earlier. Sample of the 'Ticket Analysis Report'.
    Analyze your dashboards
    An analyst will walk through the ticket data and dashboards with you and your team to help interpret the data and tailor improvements
    Populate your ticket data report
    Given the action items from this solution set, an analyst will help you craft a report to celebrate the successes and highlight needed improvements in the service desk.

    Related Info-Tech Research

    Optimize the Service Desk With a Shift-Left Strategy

    The best type of service desk ticket is the one that doesn’t exist.

    Incident & Problem Management

    Don’t let persistent problems govern your department.

    Design & Build a User-Facing Service Catalog

    Improve user satisfaction with IT with a convenient menu-like catalog.

    Bibliography

    Bayes, Scarlett. “ITSM: 2021 & Beyond.” Service Desk Institute, 2021. Web.

    “Benchmarking Report v.9.” Service Desk Institute, 17 Jan. 2020. Web.

    Bennett, Micah. “The 9 Help Desk Metrics That Should Guide Your Customer Support.” Zapier, 3 Dec. 2015. Web.

    “Global State of Customer Service: The transformation of customer service from 2015 to present day.” Microsoft Dynamics 365, Microsoft, 2020. Web.

    Goodey, Ben. “How to Manually Analyze Support Tickets.” SentiSum, 26 July 2021. Web.

    Jadhav, Megha. “Four Metrics to Analyze When Using Ticketing Software.” Vision Helpdesk Blog, 21 Mar. 2016. Web.

    Knaflic, Cole Nussbaumer. Storytelling with Data: A Data Visualization Guide for Business Professionals. Wiley, 2015.

    Li, Ta Hsin, et al. “Incident Ticket Analytics for IT Application Management Services.” 2014 IEEE International Conference on Services Computing, 2014. Web.

    Olson, Sarah. “10 Help Desk Metrics for Service Desks and Internal Help Desks.” Zendesk Blog, Sept. 2021. Web.

    Paramesh, S.P., et al. “Classifying the Unstructured IT Service Desk Tickets Using Ensemble of Classifiers.” 2018 3rd International Conference on Computational Systems and Information Technology for Sustainable Solutions (CSITSS), 2018. Web.

    Volini, Erica, et al. “2021 Global Human Capital Trends: Special Report.” Deloitte Insights, 21 July 2021. Web.

    “What Kind of Analysis You Can Perform on a Ticket Management System.” Commence, 3 Dec. 2019. Web.

    INFO-TECH RESEARCH GROUP

    Define Your Cloud Vision

    • Buy Link or Shortcode: {j2store}448|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $182,333 Average $ Saved
    • member rating average days saved: 28 Average Days Saved
    • Parent Category Name: Cloud Strategy
    • Parent Category Link: /cloud-strategy

    The cloud permeates the enterprise technology discussion. It can be difficult to separate the hype from the value. Should everything go to the cloud, or is that sentiment stoked by vendors looking to boost their bottom lines? Not everything should go to the cloud, but coming up with a systematic way to determine what belongs where is increasingly difficult as offerings get more complex.

    Our Advice

    Critical Insight

    Don’t think about the cloud as an inevitable next step for all workloads. The cloud is merely another tool in the toolbox, ready to be used when appropriate and put away when it’s not needed. Cloud-first isn’t always the way to go.

    Impact and Result

    • Evaluate workloads’ suitability for the cloud using Info-Tech’s methodology to select the optimal migration (or non-migration) path based on the value of cloud characteristics.
    • Codify risks tied to workloads’ cloud suitability and plan mitigations.
    • Build a roadmap of initiatives for actions by workload and risk mitigation.
    • Define a cloud vision to share with stakeholders.

    Define Your Cloud Vision Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define Your Cloud Vision – A step-by-step guide to generating, validating, and formalizing your cloud vision.

    The cloud vision storyboard walks readers through the process of generating, validating and formalizing a cloud vision, providing a framework and tools to assess workloads for their cloud suitability and risk.

    • Define Your Cloud Vision – Phases 1-4

    2. Cloud Vision Executive Presentation – A document that captures the results of the exercises, articulating use cases for cloud/non-cloud, risks, challenges, and high-level initiative items.

    The executive summary captures the results of the vision exercise, including decision criteria for moving to the cloud, risks, roadblocks, and mitigations.

    • Cloud Vision Executive Presentation

    3. Cloud Vision Workbook – A tool that facilitates the assessment of workloads for appropriate service model, delivery model, support model, and risks and roadblocks.

    The cloud vision workbook comprises several assessments that will help you understand what service model, delivery model, support model, and risks and roadblocks you can expect to encounter at the workload level.

    • Cloud Vision Workbook
    [infographic]

    Workshop: Define Your Cloud Vision

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand the Cloud

    The Purpose

    Align organizational goals to cloud characteristics.

    Key Benefits Achieved

    An understanding of how the characteristics particular to cloud can support organizational goals.

    Activities

    1.1 Generate corporate goals and cloud drivers.

    1.2 Identify success indicators.

    1.3 Explore cloud characteristics.

    1.4 Explore cloud service and delivery models.

    1.5 Define cloud support models and strategy components.

    1.6 Create state summaries for the different service and delivery models.

    1.7 Select workloads for further analysis.

    Outputs

    Corporate cloud goals and drivers

    Success indicators

    Current state summaries

    List of workloads for further analysis

    2 Assess Workloads

    The Purpose

    Evaluate workloads for cloud value and action plan.

    Key Benefits Achieved

    Action plan for each workload.

    Activities

    2.1 Conduct workload assessment using the Cloud Strategy Workbook tool.

    2.2 Discuss assessments and make preliminary determinations about the workloads.

    Outputs

    Completed workload assessments

    Workload summary statements

    3 Identify and Mitigate Risks

    The Purpose

    Identify and plan to mitigate potential risks in the cloud project.

    Key Benefits Achieved

    A list of potential risks and plans to mitigate them.

    Activities

    3.1 Generate a list of risks and potential roadblocks associated with the cloud.

    3.2 Sort risks and roadblocks and define categories.

    3.3 Identify mitigations for each identified risk and roadblock

    3.4 Generate initiatives from the mitigations.

    Outputs

    List of risks and roadblocks, categorized

    List of mitigations

    List of initiatives

    4 Bridge the Gap and Create the Strategy

    The Purpose

    Clarify your vision of how the organization can best make use of cloud and build a project roadmap.

    Key Benefits Achieved

    A clear vision and a concrete action plan to move forward with the project.

    Activities

    4.1 Review and assign work items.

    4.2 Finalize the decision framework for each of the following areas: service model, delivery model, and support model.

    4.3 Create a cloud vision statement

    Outputs

    Cloud roadmap

    Finalized task list

    Formal cloud decision rubric

    Cloud vision statement

    5 Next Steps and Wrap-Up

    The Purpose

    Complete your cloud vision by building a compelling executive-facing presentation.

    Key Benefits Achieved

    Simple, straightforward communication of your cloud vision to key stakeholders.

    Activities

    5.1 Build the Cloud Vision Executive Presentation

    Outputs

    Completed cloud strategy executive presentation

    Completed Cloud Vision Workbook.

    Further reading

    Define Your Cloud Vision

    Define your cloud vision before it defines you

    Analyst perspective

    Use the cloud’s strengths. Mitigate its weaknesses.

    The cloud isn’t magic. It’s not necessarily cheaper, better, or even available for the thing you want it to do. It’s not mysterious or a cure-all, and it does take a bit of effort to systematize your approach and make consistent, defensible decisions about your cloud services. That’s where this blueprint comes in.

    Your cloud vision is the culmination of this effort all boiled down into a single statement: “This is how we want to use the cloud.” That simple statement should, of course, be representative of – and built from – a broader, contextual strategy discussion that answers the following questions: What should go to the cloud? What kind of cloud makes sense? Should the cloud deployment be public, private, or hybrid? What does a migration look like? What risks and roadblocks need to be considered when exploring your cloud migration options? What are the “day 2” activities that you will need to undertake after you’ve gotten the ball rolling?

    Taken as a whole, answering these questions is difficult task. But with the framework provided here, it’s as easy as – well, let’s just say it’s easier.

    Jeremy Roberts

    Research Director, Infrastructure and Operations

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • You are both extrinsically motivated to move to the cloud (e.g. by vendors) and intrinsically motivated by internal digital transformation initiatives.
    • You need to define the cloud’s true value proposition for your organization without assuming it is an outsourcing opportunity or will save you money.
    • Your industry, once cloud-averse, is now normalizing the use of cloud services, but you have not established a basic cloud vision from which to develop a strategy at a later point.

    Common Obstacles

    • Organizations jump to the cloud before defining their cloud vision and without any clear plan for realizing the cloud’s benefits.
    • Many organizations have a foot in the cloud already, but these decisions have been made in an ad hoc rather than systematic fashion.
    • You lack a consistent framework to assess your workloads’ suitability for the cloud.

    Info-Tech's Approach

    • Evaluate workloads’ suitability for the cloud using Info-Tech’s methodology to select the optimal migration (or non-migration) path based on the value of cloud characteristics.
    • Codify risks tied to workloads’ cloud suitability and plan mitigations.
    • Build a roadmap of initiatives for actions by workload and risk mitigation.
    • Define a cloud vision to share with stakeholders.

    Info-Tech Insight: 1) Base migration decisions on cloud characteristics. If your justification for the migration is simply getting your workload out of the data center, think again. 2) Address the risks up front in your migration plan. 3) The cloud changes roles and calls for different skill sets, but Ops is here to stay.

    Your challenge

    This research is designed to help organizations who need to:

    • Identify workloads that are good candidates for the cloud.
    • Develop a consistent, cost-effective approach to cloud services.
    • Outline and mitigate risks.
    • Define your organization’s cloud archetype.
    • Map initiatives on a roadmap.
    • Communicate your cloud vision to stakeholders so they can understand the reasons behind a cloud decision and differentiate between different cloud service and deployment models.
    • Understand the risks, roadblocks, and limitations of the cloud.

    “We’re moving from a world where companies like Oracle and Microsoft and HP and Dell were all critically important to a world where Microsoft is still important, but Amazon is now really important, and Google also matters. The technology has changed, but most of the major vendors they’re betting their business on have also changed. And that’s super hard for people..” –David Chappell, Author and Speaker

    Common obstacles

    These barriers make this challenge difficult to address for many organizations:

    • Organizations jump to the cloud before defining their cloud vision and without any clear plan for realizing the cloud’s benefits.
    • Many organizations already have a foot in the cloud, but the choice to explore these solutions was made in an ad hoc rather than systematic fashion. The cloud just sort of happened.
    • The lack of a consistent assessment framework means that some workloads that probably belong in the cloud are kept on premises or with hosted services providers – and vice versa.
    • Securing cloud expertise is remarkably difficult – especially in a labor market roiled by the global pandemic and the increasing importance of cloud services.

    Standard cloud challenges

    30% of all cloud spend is self-reported as waste. Many workloads that end up in the cloud don’t belong there. Many workloads that do belong in the cloud aren’t properly migrated. (Flexera, 2021)

    44% of respondents report themselves as under-skilled in the cloud management space. (Pluralsight, 2021)

    Info-Tech’s approach

    Goals and drivers

    • Service model
      • What type of cloud makes the most sense for workload archetypes? When does it make sense to pick SaaS over IaaS, for example?
    • Delivery model
      • Will services be delivered over the public cloud, a private cloud, or a hybrid cloud? What challenges accompany this decision?
    • Migration Path
      • What does the migration path look like? What does the transition to the cloud look like, and how much effort will be required? Amazon’s 6Rs framework captures migration options: rehosting, repurchasing, replatforming, and refactoring, along with retaining and retiring. Each workload should be assessed for its suitability for one or more of these paths.
    • Support model
      • How will services be provided? Will staff be trained, new staff hired, a service provider retained for ongoing operations, or will a consultant with cloud expertise be brought on board for a defined period? The appropriate support model is highly dependent on goals along with expected outcomes for different workloads.

    Highlight risks and roadblocks

    Formalize cloud vision

    Document your cloud strategy

    The Info-Tech difference:

    1. Determine the hypothesized value of cloud for your organization.
    2. Evaluate workloads with 6Rs framework.
    3. Identify and mitigate risks.
    4. Identify cloud archetype.
    5. Plot initiatives on a roadmap.
    6. Write action plan statement and goal statement.

    What is the cloud, how is it deployed, and how is service provided?

    Cloud Characteristics

    1. On-demand self-service: the ability to access reosurces instantly without vendor interaction
    2. Broad network access: all services delivered over the network
    3. Resource pooling: multi-tenant environment (shared)
    4. Rapid elasticity: the ability to expand and retract capabilities as needed
    5. Measured service: transparent metering

    Service Model:

    1. Software-as-a-Service: all but the most minor configuration is done by the vendor
    2. Platform-as-a-Service: customer builds the application using tools provided by the provider
    3. Infrastructure-as-a-Service: the customer manages OS, storage, and the application

    Delivery Model

    1. Public cloud: accessible to anyone over the internet; multi-tenant environment
    2. Private cloud: provisioned for a single organization with multiple units
    3. Hybrid cloud: two or more connected clouds; data is portage across them
    4. Community cloud: provisioned for a specific group of organizations

    (National Institute of Standards and Technology)

    A workload-first approach will allow you to take full advantage of the cloud’s strengths

    • Under all but the most exceptional circumstances, good cloud strategies will incorporate different service models. Very few organizations are “IaaS shops” or “SaaS shops,” even if they lean heavily in one direction.
    • These different service models (including non-cloud options like colocation and on-premises infrastructure) each have different strengths. Part of your cloud strategy should involve determining which of the services makes the most sense for you.
    • Own the cloud by understanding which cloud (or non-cloud!) offering makes the most sense for you given your unique context.

    Migration paths

    In a 2016 blog post, Amazon introduced a framework for understanding cloud migration strategies. The framework presented here is slightly modified – including a “relocate” component rather than a “retire” component – but otherwise hews close to the standard.

    These migration paths reflect organizational capabilities and desired outcomes in terms of service models – cloud or otherwise. Retention means keeping the workload where it is, in a datacenter or a colocation service, or relocating to a colocation or hosted software environment. These represent the “non-cloud” migration paths.

    In the graphic on the right, the paths within the red box lead to the cloud. Rehosting means lifting and shifting to an infrastructure environment. Migrating a virtual machine from your VMware environment on premises to Azure Virtual machines is a quick way to realize some benefits from the cloud. Migrating from SQL Server on premises to a cloud-based SQL solution looks a bit more like changing platforms (replatforming). It involves basic infrastructure modification without a substantial architectural component.

    Refactoring is the most expensive of the options and involves engaging the software development lifecycle to build a custom solution, fundamentally rewriting the solution to be cloud native and take advantage of cloud-native architectures. This can result in a PaaS or an IaaS solution.

    Finally, repurchasing means simply going to market and procuring a new solution. This may involve migrating data, but it does not require the migration of components.

    Migration Paths

    Retain (Revisit)

    • Keep the application in its current form, at least for now. This doesn’t preclude revisiting it in the future.

    Relocate

    • Move the workload between datacenters or to a hosted software/colocation provider.

    Rehost

    • Move the application to the cloud (IaaS) and continue to run it in more or less the same form as it currently runs.

    Replatform

    • Move the application to the cloud and perform a few changes for cloud optimizations.

    Refactor

    • Rewrite the application, taking advantage of cloud-native architectures.

    Repurchase

    • Replace with an alternative, cloud-native application and migrate the data.

    Support model

    Support models by characteristic

    Duration of engagement Specialization Flexibility
    Internal IT Indefinite Varies based on nature of business Fixed, permanent staff
    Managed Service Provider Contractually defined General, some specialization Standard offering
    Consultant Project-based Specific, domain-based Entirely negotiable

    IT services, including cloud services, can be delivered and managed in multiple ways depending on the nature of the workload and the organization’s intended path forward. Three high-level options are presented here and may be more or less valuable based on the duration of the expected engagement with the service (temporary or permanent), the skills specialization required, and the flexibility necessary to complete the job.

    By way of example, a highly technical, short-term project with significant flexibility requirements might be a good fit for an expensive consultant, whereas post-implementation maintenance of a cloud email system requires relatively little specialization and flexibility and would therefore be a better fit for internal management.

    There is no universally applicable rule here, but there are some workloads that are generally a good fit for the cloud and others that are not as effective, with that fit being conditional on the appropriate support model being employed.

    Risks, roadblocks, and strategy components

    No two cloud strategies are exactly alike, but all should address 14 key areas. A key step in defining your cloud vision is an assessment of these strategy components. Lower maturity does not preclude an aggressive cloud strategy, but it does indicate that higher effort will be required to make the transition.

    Component Description Component Description
    Monitoring What will system owners/administrators need visibility into? How will they achieve this? Vendor Management What practices must change to ensure effective management of cloud vendors?
    Provisioning Who will be responsible for deploying cloud workloads? What governance will this process be subject to? Finance Management How will costs be managed with the transition away from capital expenditure?
    Migration How will cloud migrations be conducted? What best practices/standards must be employed? Security What steps must be taken to ensure that cloud services meet security requirements?
    Operations management What is the process for managing operations as they change in the cloud? Data Controls How will data residency, compliance, and protection requirements be met in the cloud?
    Architecture What general principles must apply in the cloud environment? Skills and roles What skills become necessary in the cloud? What steps must be taken to acquire those skills?
    Integration and interoperability How will services be integrated? What standards must apply? Culture and adoption Is there a cultural aversion to the cloud? What steps must be taken to ensure broad cloud acceptance?
    Portfolio Management Who will be responsible for managing the growth of the cloud portfolio? Governing bodies What formal governance must be put in place? Who will be responsible for setting standards?

    Cloud archetypes – a cloud vision component

    Once you understand the value of the cloud, your workloads’ general suitability for cloud, and your proposed risks and mitigations, the next step is to define your cloud archetype.

    Your organization’s cloud archetype is the strategic posture that IT adopts to best support the organization’s goals. Info-Tech’s model recognizes seven archetypes, divided into three high-level archetypes.

    After consultation with your stakeholders, and based on the results of the suitability and risk assessment activities, define your archetype. The archetype feeds into the overall cloud vision and provides simple insight into the cloud future state for all stakeholders.

    The cloud vision itself is captured in a “vision statement,” a short summary of the overall approach that includes the overall cloud archetype.

    We can best support the organization's goals by:

    More Cloud

    Less Cloud

    Cloud Focused Cloud-Centric Providing all workloads through cloud delivery.
    Cloud-First Using the cloud as our default deployment model. For each workload, we should ask “why NOT cloud?”
    Cloud Opportunistic Hybrid Enabling the ability to transition seamlessly between on-premises and cloud resources for many workloads.
    Integrated Combining cloud and traditional infrastructure resources, integrating data and applications through APIs or middleware.
    Split Using the cloud for some workloads and traditional infrastructure resources for others.
    Cloud Averse Cloud-Light Using traditional infrastructure resources and limiting our use of the cloud to when it is absolutely necessary.
    Anti-Cloud Using traditional infrastructure resources and avoiding use of the cloud wherever possible.

    Info-Tech’s methodology for defining your cloud vision

    1. Understand the Cloud 2. Assess Workloads 3. Identify and Mitigate Risks 4. Bridge the Gap and Create the Vision
    Phase Steps
    1. Generate goals and drivers
    2. Explore cloud characteristics
    3. Create a current state summary
    4. Select workloads for analysis
    1. Conduct workload assessments
    2. Determine workload future state
    1. Generate risks and roadblocks
    2. Mitigate risks and roadblocks
    3. Define roadmap initiatives
    1. Review and assign work items
    2. Finalize cloud decision framework
    3. Create cloud vision
    Phase Outcomes
    1. List of goals and drivers
    2. Shared understanding of cloud terms
    3. Current state of cloud in the organization
    4. List of workloads to be assessed
    1. Completed workload assessments
    2. Defined workload future state
    1. List of risks and roadblocks
    2. List of mitigations
    3. Defined roadmap initiatives
    1. Cloud roadmap
    2. Cloud decision framework
    3. Completed Cloud Vision Executive Presentation

    Insight summary

    The cloud may not be right for you – and that’s okay!

    Don’t think about the cloud as an inevitable next step for all workloads. The cloud is merely another tool in the toolbox, ready to be used when appropriate and put away when it’s not needed. Cloud first isn’t always the way to go.

    Not all clouds are equal

    It’s not “should I go to the cloud?” but “what service and delivery models make sense based on my needs and risk tolerance?” Thinking about the cloud as a binary can force workloads into the cloud that don’t belong (and vice versa).

    Bottom-up is best

    A workload assessment is the only way to truly understand the cloud’s value. Work from the bottom up, not the top down, understand what characteristics make a workload cloud suitable, and strategize on that basis.

    Your accountability doesn’t change

    You are still accountable for maintaining available, secure, functional applications and services. Cloud providers share some responsibility, but the buck stops where it always has: with you.

    Don’t customize for the sake of customization

    SaaS providers make money selling the same thing to everyone. When migrating a workload to SaaS, work with stakeholders to pursue standardization around a selected platform and avoid customization where possible.

    Best of both worlds, worst of both worlds

    Hybrid clouds are in fashion, but true hybridity comes with additional cost, administration, and other constraints. A convoy moves at the speed of its slowest member.

    The journey matters as much as the destination

    How you get there is as important as what “there” actually is. Any strategy that focuses solely on the destination misses out on a key part of the value conversation: the migration strategy.

    Blueprint benefits

    Cloud Vision Executive Presentation

    This presentation captures the results of the exercises and presents a complete vision to stakeholders including a desired target state, a rubric for decision making, the results of the workload assessments, and an overall risk profile.

    Cloud Vision Workbook

    This workbook includes the standard cloud workload assessment questionnaire along with the results of the assessment. It also includes the milestone timeline for the implementation of the cloud vision.

    Blueprint benefits

    IT Benefits

    • A consistent approach to the cloud takes the guesswork out of deployment decisions and makes it easier for IT to move on to the execution stage.
    • When properly incorporated, cloud services come with many benefits, including automation, elasticity, and alternative architectures (micro-services, containers). The cloud vision project will help IT readers articulate expected benefits and work towards achieving them.
    • A clear framework for incorporating organizational goals into cloud plans.

    Business benefits

    • Simple, well-governed access to high-quality IT resources.
    • Access to the latest and greatest in technology to facilitate remote work.
    • Framework for cost management in the cloud that incorporates OpEx and chargebacks/showbacks. A clear understanding of expected changes to cost modeling is also a benefit of a cloud vision.
    • Clarity for stakeholders about IT’s response (and contribution to) IT strategic initiatives.

    Measure the value of this blueprint

    Don’t take our word for it:

    • The cloud vision material in various forms has been offered for several years, and members have generally benefited substantially, both from cloud vision workshops and from guided implementations led by analysts.
    • After each engagement, we send a survey that asks members how they benefited from the experience. Of 30 responses, the cloud vision research has received an average score of 9.8/10. Real members have found significant value in the process.
    • Additionally, members reported saving between 2 and 120 days (for an average of 17), and financial savings ranged from $1,920 all the way up to $1.27 million, for an average of $170,577.90! If we drop outliers on both ends, the average reported value of a cloud vision engagement is $37, 613.
    • Measure the value by calculating the time saved from using Info-Tech’s framework vs. a home-brewed cloud strategy alternative and by comparing the overall cost of a guided implementation or workshop with the equivalent offering from another firm. We’re confident you’ll come out ahead.

    9.8/10 Average reported satisfaction

    17 Days Average reported time savings

    $37, 613 Average cost savings (adj.)

    Executive Brief Case Study

    Industry: Financial

    Source: Info-Tech workshop

    Anonymous financial institution

    A small East Coast financial institution was required to develop a cloud strategy. This strategy had to meet several important requirements, including alignment with strategic priorities and best practices, along with regulatory compliance, including with the Office of the Comptroller of the Currency.

    The bank already had a significant cloud footprint and was looking to organize and formalize the strategy going forward.

    Leadership needed a comprehensive strategy that touched on key areas including the delivery model, service models, individual workload assessments, cost management, risk management and governance. The output had to be consumable by a variety of audiences with varying levels of technical expertise and had to speak to IT’s role in the broader strategic goals articulated earlier in the year.

    Results

    The bank engaged Info-Tech for a cloud vision workshop and worked through four days of exercises with various IT team members. The bank ultimately decided on a multi-cloud strategy that prioritized SaaS while also allowing for PaaS and IaaS solutions, along with some non-cloud hosted solutions, based on organizational circumstances.

    Bank cloud vision

    [Bank] will provide innovative financial and related services by taking advantage of the multiplicity of best-of-breed solutions available in the cloud. These solutions make it possible to benefit from industry-level innovations, while ensuring efficiency, redundancy, and enhanced security.

    Bank cloud decision workflow

    • SaaS
      • Platform?
        • Yes
          • PaaS
        • No
          • Hosted
        • IaaS
          • Other

    Non-cloud

    Cloud

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this crticial project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off imediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge the take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

    Phase 1

    • Call #1: Discuss current state, challenges, etc.
    • Call #2: Goals, drivers, and current state.

    Phase 2

    • Call #3: Conduct cloud suitability assessment for selected workloads.

    Phase 3

    • Call #4: Generate and categorize risks.
    • Call #5: Begin the risk mitigation conversation.

    Phase 4

    • Call #6: Complete the risk mitigation process
    • Call #7: Finalize vision statement and cloud decision framework.

    Workshop Overview

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Offsite day
    Understand the cloud Assess workloads Identify and mitigate risks Bridge the gap and create the strategy Next steps and wrap-up (offsite)
    Activities

    1.1 Introduction

    1.2 Generate corporate goals and cloud drivers

    1.3 Identify success indicators

    1.4 Explore cloud characteristics

    1.5 Explore cloud service and delivery models

    1.6 Define cloud support models and strategy components

    1.7 Create current state summaries for the different service and delivery models

    1.8 Select workloads for further analysis

    2.1 Conduct workload assessments using the cloud strategy workbook tool

    2.2 Discuss assessments and make preliminary determinations about workloads

    3.1 Generate a list of risks and potential roadblocks associated with the cloud

    3.2 Sort risks and roadblocks and define categories

    3.3 Identify mitigations for each identified risk and roadblock

    3.4 Generate initiatives from the mitigations

    4.1 Review and assign work items

    4.2 Finalize the decision framework for each of the following areas:

    • Service model
    • Delivery model
    • Support model

    4.3 Create a cloud vision statement

    5.1 Build the Cloud Vision Executive Presentation
    Deliverables
    1. Corporate goals and cloud drivers
    2. Success indicators
    3. Current state summaries
    4. List of workloads for further analysis
    1. Completed workload assessments
    2. Workload summary statements
    1. List of risks and roadblocks, categorized
    2. List of mitigations
    3. List of initiatives
    1. Finalized task list
    2. Formal cloud decision rubric
    3. Cloud vision statement
    1. Completed cloud strategy executive presentation
    2. Completed cloud vision workbook

    Understand the cloud

    Build the foundations of your cloud vision

    Phase 1

    Phase 1

    Understand the Cloud

    Phase 1

    1.1 Generate goals and drivers

    1.2 Explore cloud characteristics

    1.3 Create a current state summary

    1.4 Select workloads for analysis

    Phase 2

    2.1 Conduct workload assessments

    2.2 Determine workload future states

    Phase 3

    3.1 Generate risks and roadblocks

    3.2 Mitigate risks and roadblocks

    3.3 Define roadmap initiatives

    Phase 4

    4.1 Review and assign work items

    4.2 Finalize cloud decision framework

    4.3 Create cloud vision

    This phase will walk you through the following activities:

    1.1.1 Generate organizational goals

    1.1.2 Define cloud drivers

    1.1.3 Define success indicators

    1.3.1 Record your current state

    1.4.1 Select workloads for further assessment

    This phase involves the following participants:

    IT management, the core working group, security, infrastructure, operations, architecture, engineering, applications, non-IT stakeholders.

    It starts with shared understanding

    Stakeholders must agree on overall goals and what “cloud” means

    The cloud is a nebulous term that can reasonably describe services ranging from infrastructure as a service as delivered by providers like Amazon Web Services and Microsoft through its Azure platform, right up to software as a service solutions like Jira or Salesforce. These solutions solve different problems – just because your CRM would be a good fit for a migration to Salesforce doesn’t mean the same system would make sense in Azure or AWS.

    This is important because the language we use to talk about the cloud can color our approach to cloud services. A “cloud-first” strategy will mean something different to a CEO with a concept of the cloud rooted in Salesforce than it will to a system administrator who interprets it to mean a transition to cloud-hosted virtual machines.

    Add to this the fact that not all cloud services are hosted externally by providers (public clouds) and the fact that multiple delivery models can be engaged at once through hybrid or multi-cloud approaches, and it’s apparent that a shared understanding of the cloud is necessary for a coherent strategy to take form.

    This phase proceeds in four steps, each governed by the principle of shared understanding. The first requires a shared understanding of corporate goals and drivers. Step 2 involves coming to a shared understanding of the cloud’s unique characteristics. Step 3 requires a review of the current state. Finally, in Step 4, participants will identify workloads that are suitable for analysis as candidates for the cloud.

    Step 1.1

    Generate goals and drivers

    Activities

    1.1.1 Define organizational goals

    1.1.2 Define cloud drivers

    1.1.3 Define success indicators

    Generate goals and drivers

    Explore cloud characteristics

    Create a current state summary

    Select workloads for analysis

    This step involves the following participants:

    • IT management
    • Core working group
    • Security
    • Applications
    • Infrastructure
    • Service management
    • Leadership

    Outcomes of this step

    • List of organizational goals
    • List of cloud drivers
    • Defined success indicators

    What can the cloud do for you?

    The cloud is not valuable for its own sake, and not all users derive the same value

    • The cloud is characterized by on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. Any or all of those characteristics might be enough to make the cloud appealing, but in most cases, there is an overriding driver.
    • Multiple paths may lead to the cloud. Consider an organization with a need to control costs by showing back to business units, or perhaps by reducing capital expenditure – the cloud may be the most appropriate way to effect these changes. Conversely, an organization expanding rapidly and with a need to access the latest and greatest technology might benefit from the elasticity and pooled resources that major cloud providers can offer.
    • In these cases, the destination might be the same (a cloud solution) but the delivery model – public, private, or hybrid – and the decisions made around the key strategy components, including architecture, provisioning, and cost management, will almost certainly be different.
    • Defining goals, understanding cloud drivers, and – crucially – understanding what success means, are all therefore essential elements of the cloud vision process.

    1.1.1 Generate organizational goals

    1-3 hours

    Input

    • Strategy documentation

    Output

    • Organizational goals

    Materials

    • Whiteboard (digital/physical)

    Participants

    • IT leadership
    • Infrastructure
    • Applications
    • Security
    1. As a group, brainstorm organizational goals, ideally based on existing documentation
      • Review relevant corporate and IT strategies.
      • If you do not have access to internal documentation, review the standard goals on the next slide and select those that are most relevant for you.
    2. Record the most important business goals in the Cloud Vision Executive Presentation. Include descriptions where possible to ensure wide readability.
    3. Make note of these goals. They should inform the answers to prompts offered in the Cloud Vision Workbook and should be a consistent presence in the remainder of the visioning exercise. If you’re conducting the session in person, leave the goals up on a whiteboard and make reference to them throughout the workshop.

    Cloud Vision Executive Presentation

    Standard COBIT 19 enterprise goals

    1. Portfolio of competitive products and services
    2. Managed business risk
    3. Compliance with external laws and regulations
    4. Quality of financial information
    5. Customer-oriented service culture
    6. Business service continuity and availability
    7. Quality of management information
    8. Optimization of internal business process functionality
    9. Optimization of business process costs
    10. Staff skills, motivation, and productivity
    11. Compliance with internal policies
    12. Managed digital transformation programs
    13. Product and business innovation

    1.1.2 Define cloud drivers

    30-60 minutes

    Input

    • Organizational goals
    • Strategy documentation
    • Management/staff perspective

    Output

    • List of cloud drivers

    Materials

    • Sticky notes
    • Whiteboard
    • Markers

    Participants

    • IT leadership
    • Infrastructure
    • Applications
    • Security
    1. Cloud drivers sit at a level of abstraction below organizational goals. Keeping your organizational goals in mind, have each participant in the session write down how they expect to benefit from the cloud on a sticky note.
    2. Solicit input one at a time and group similar responses. Encourage participants to bring forward their cloud goals even if similar goals have been mentioned previously. The number of mentions is a useful way to gauge the relative weight of the drivers.
    3. Once this is done, you should have a few groups of similar drivers. Work with the group to name each category. This name will be the driver reported in the documentation.
    4. Input the results of the exercise into the Cloud Vision Executive Presentation, and include descriptions based on the constituent drivers. For example, if a driver is titled “do more valuable work,” the constituent drivers might be “build cloud skills,” “focus on core products,” and “avoid administration work where possible.” The description would be based on these components.

    Cloud Vision Executive Presentation

    1.1.3 Define success indicators

    1 hour

    Input

    • Cloud drivers
    • Organizational goals

    Output

    • List of cloud driver success indicators

    Materials

    • Whiteboard
    • Markers

    Participants

    • IT leadership
    • Infrastructure
    • Applications
    • Security
    1. On a whiteboard, draw a table with each of the cloud drivers (identified in 1.1.2) across the top.
    2. Work collectively to generate success indicators for each cloud driver. In this case, a success indicator is some way you can report your progress with the stated driver. It is a real-world proxy for the sometimes abstract phenomena that make up your drivers. Think about what would be true if your driver was realized.
      1. For example, if your driver is “faster access to resources,” you might consider indicators like developer satisfaction, project completion time, average time to provision, etc.
    3. Once you are satisfied with your list of indicators, populate the slide in the Cloud Vision Executive Presentation for validation from stakeholders.

    Cloud Vision Executive Presentation

    Step 1.2

    Explore cloud characteristics

    Activities

    Understand the value of the cloud:

    • Review delivery models
    • Review support models
    • Review service models
    • Review migration paths

    Understand the Cloud

    Generate goals and drivers

    Explore cloud characteristics

    Create a current state summary

    Select workloads for analysis

    This step involves the following participants:

    • Core working group
    • Architecture
    • Engineering
    • Security

    Outcomes of this step

    • Understanding of cloud service models and value

    Defining the cloud

    Per NIST, the cloud has five fundamental characteristics. All clouds have these characteristics, even if they are executed in somewhat different ways between delivery models, service models, and even individual providers.

    Cloud characteristics

    On-demand self-service

    Cloud customers are capable of provisioning cloud resources without human interaction (e.g. contacting sales), generally through a web console.

    Broad network access

    Capabilities are designed to be delivered over a network and are generally intended for access by a wide variety of platform types (cloud services are generally device-agnostic).

    Resource pooling

    Multiple customers (internal, in the case of private clouds) make use of a highly abstracted shared infrastructure managed by the cloud provider.

    Rapid elasticity

    Customers are capable of provisioning additional resources as required, pulling from a functionally infinite pool of capacity. Cloud resources can be spun-down when no longer needed.

    Measured service

    Consumption is metered based on an appropriate unit of analysis (number of licenses, storage used, compute cycles, etc.) and billing is transparent and granular.

    Cloud delivery models

    The NIST definition of cloud computing outlines four cloud delivery models: public, private, hybrid, and community clouds. A community cloud is like a private cloud, but it is provisioned for the exclusive use of a like-minded group of organizations, usually in a mutually beneficial, non-competitive arrangement. Universities and hospitals are examples of organizations that can pool their resources in this way without impacting competitiveness. The Info-Tech model covers three key delivery models – public, private, and hybrid, and an overarching model (multi-cloud) that can comprise more than one of the other models – public + public, public + hybrid, etc.

    Public

    The cloud service is provisioned for access by the general public (customers).

    Private

    A private cloud has the five key characteristics, but is provisioned for use by a single entity, like a company or organization.

    Hybrid

    Hybridity essentially refers to interoperability between multiple cloud delivery models (public +private).

    Multi

    A multi-cloud deployment requires only that multiple clouds are used without any necessary interoperability (Nutanix, 2019).

    Public cloud

    This is what people generally think about when they talk about cloud

    • The public cloud is, well, public! Anyone can make use of its resources, and in the case of the major providers, capacity is functionally unlimited. Need to store exabytes of data in the cloud? No problem! Amazon will drive a modified shipping container to your datacenter, load it up, and “migrate” it to a datacenter.
    • Public clouds offer significant variety on the infrastructure side. Major IaaS providers, like Microsoft and Amazon, offer dozens of services across many different categories including compute, networking, and storage, but also identity, containers, machine learning, virtual desktops, and much, much more. (See a list from Microsoft here, and Amazon here)
    • There are undoubtedly strengths to the public cloud model. Providers offer the “latest and greatest” and customers need not worry about the details, including managing infrastructure and physical locations. Providers offer built-in redundancy, multi-regional deployments, automation tools, management and governance solutions, and a variety of leading-edge technologies that would not be feasible for organizations to run in-house, like high performance compute, blockchain, or quantum computing.
    • Of course, the public cloud is not all sunshine and rainbows – there are downsides as well. It can be expensive; it can introduce regulatory complications to have to trust another entity with your key information. Additionally, there can be performance hiccups, and with SaaS products, it can be difficult to monitor at the appropriate (per-transaction) level.

    Prominent examples include:

    AWS

    Microsoft

    Azure

    Salesforce.com

    Workday

    SAP

    Private cloud

    A lower-risk cloud for cloud-averse customers?

    • A cloud is a cloud, no matter how small. Some IT shops deploy private clouds that make use of the five key cloud characteristics but provisioned for the exclusive use of a single entity, like a corporation.
    • Private clouds have numerous benefits. Some potential cloud customers might be uncomfortable with the shared responsibility that is inherent in the public cloud. Private clouds allow customers to deliver flexible, measured services without having to surrender control, but they require significant overhead, capital expenditure, administrative effort, and technical expertise.
    • According to the 2021 State of the Cloud Report, private cloud use is common, and the most frequently cited toolset is VMware vSphere, followed by Azure Stack, OpenStack, and AWS Outposts. Private cloud deployments are more common in larger organizations, which makes sense given the overhead required to manage such an environment.

    Private cloud adoption

    The images shows a graph titled Private Cloud Adoption for Enterprises. It is a horizontal bar graph, with three segments in each bar: dark blue marking currently use; mid blue marking experimenting; and light blue marking plan to use.

    VMware and Microsoft lead the pack among private cloud customers, with Amazon and Red Hat also substantially present across private cloud environments.

    Hybrid cloud

    The best of both worlds?

    Hybrid cloud architectures combine multiple cloud delivery models and facilitate some level of interoperability. NIST suggests bursting and load balancing as examples of hybrid cloud use cases. Note: it is not sufficient to simply have multiple clouds running in parallel – there must be a toolset that allows for an element of cross-cloud functionality.

    This delivery model is attractive because it allows users to take advantage of the strengths of multiple service models using a single management pane. Bursting across clouds to take advantage of additional capacity or disaster recovery capabilities are two obvious use cases that appeal to hybrid cloud users.

    But while hybridity is all the rage (especially given the impact Covid-19 has had on the workplace), the reality is that any hybrid cloud user must take the good with the bad. Multiple clouds and a management layer can be technically complex, expensive, and require maintaining a physical infrastructure that is not especially valuable (“I thought we were moving to the cloud to get out of the datacenter!”).

    Before selecting a hybrid approach through services like VMware Cloud on AWS or Microsoft’s Azure Stack, consider the cost, complexity, and actual expected benefit.

    Amazon, Microsoft, and Google dominate public cloud IaaS, but IBM is betting big on hybrid cloud:

    The image is a screencap of a tweet from IBM News. The tweet reads: IBM CEO Ginni Rometty: Hybrid cloud is a trillion dollar market and we'll be number one #Think2019.

    With its acquisition of Red Hat in 2019 for $34 billion, Big Blue put its money where its mouth is and acquired a substantial hybrid cloud business. At the time of the acquisition, Red Hat’s CEO, Jim Whitehurst, spoke about the benefit IBM expected to receive:

    “Joining forces with IBM gives Red Hat the opportunity to bring more open source innovation to an even broader range of organizations and will enable us to scale to meet the need for hybrid cloud solutions that deliver true choice and agility” (Red Hat, 2019).

    Multi-cloud

    For most organizations, the multi-cloud is the most realistic option.

    Multi-cloud is popular!

    The image shows a graph titled Multi-Cloud Architectures Used, % of all Respondents. The largest percentage is Apps siloed on different clouds, followed by DAta integration between clouds.

    Multi-cloud solutions exist at a different layer of abstraction from public, private, and even hybrid cloud delivery models. A multi-cloud architecture, as the name suggests, requires the user to be a customer of more than one cloud provider, and it can certainly include a hybrid cloud deployment, but it is not bound by the same rules of interoperability.

    Many organizations – especially those with fewer resources or a lack of a use case for a private cloud – rely on a multi-cloud architecture to build applications where they belong, and they manage each environment separately (or occasionally with the help of cloud management platforms).

    If your data team wants to work in AWS and your enterprise services run on basic virtual machines in Azure, that might be the most effective architecture. As the Flexera 2021 State of the Cloud Report suggests, this architecture is far more common than the more complicated bursting or brokering architectures characteristic of hybrid clouds.

    NIST cloud service models

    Software as a service

    SaaS has exploded in popularity with consumers who wish to avail themselves of the cloud’s benefits without having to manage underlying infrastructure components. SaaS is simple, generally billed per-user per-month, and is almost entirely provider-managed.

    Platform as a service

    PaaS providers offer a toolset for their customers to run custom applications and services without the requirement to manage underlying infrastructure components. This service model is ideal for custom applications/services that don’t benefit from highly granular infrastructure control.

    Infrastructure as a service

    IaaS represents the sale of components. Instead of a service, IaaS providers sell access to components, like compute, storage, and networking, allowing for customers to build anything they want on top of the providers’ infrastructure.

    Cloud service models

    • This research focuses on five key service models, each of which has its own strengths and weaknesses. Moving right from “on-prem,” customers gradually give up more control over their environments to cloud service providers.
    • An entirely premises-based environment means that the customer is responsible for everything ranging from the dirt under the datacenter to application-level configurations. Conversely, in a SaaS environment, the provider is responsible for everything but those top-level application configurations.
    • A managed service provider or other third party can manage any or of the components of the infrastructure stack. A service provider may, for example, build a SaaS solution on top of another provider’s IaaS, or might offer configuration assistance with a commercially available SaaS.

    Info-Tech Insight

    Not all workloads fit well in the cloud. Many environments will mix service models (e.g. SaaS for some workloads, some in IaaS, some on-premises), and this can be perfectly effective. It must be consistent and intentional, however.

    On-prem Co-Lo IaaS PaaS SaaS
    Application Application Application Application Application
    Database Database Database Database Database
    Runtime/ Middleware Runtime/ Middleware Runtime/ Middleware Runtime/ Middleware Runtime/ Middleware
    OS OS OS OS OS
    Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor
    Server Network Storage Server Network Storage Server Network Storage Server Network Storage Server Network Storage
    Facilities Facilities Facilities Facilities Facilities

    Organization has control

    Organization or vendor may control

    Vendor has control

    Analytics folly

    SaaS is good, but it’s not a panacea

    Industry: Healthcare

    Source: Info-Tech workshop

    Situation

    A healthcare analytics provider had already moved a significant number of “non-core workloads” to the cloud, including email, HRIS, and related services.

    The company CEO was satisfied with the reduced effort required by IT to manage SaaS-based workloads and sought to extend the same benefits to the core analytics platform where there was an opportunity to reduce overhead.

    Complication

    Many components of the health analytics service were designed to run specifically in a datacenter and were not ready to be migrated to the cloud without significant effort/refactoring. SaaS was not an option because this was a core platform – a SaaS provider would have been the competition.

    That left IaaS, which was expensive and would not bring the expected benefits (reduced overhead).

    Results

    The organization determined that there were no short-term gains from migrating to the cloud. Due to the nature of the application (its extensive customization, the fact that it was a core product sold by the company) any steps to reduce operational overhead were not feasible.

    The CEO recognized that the analytics platform was not a good candidate for the cloud and what distinguished the analytics platform from more suitable workloads.

    Migration paths

    In a 2016 blog post, Amazon Web Services articulated a framework for cloud migration that incorporates elements of the journey as well as the destination. If workload owners do not choose to retain or retire their workloads, there are four alternatives. These alternatives all stack up differently along five key dimensions:

    1. Value: does the workload stand to benefit from unique cloud characteristics? To what degree?
    2. Effort: how much work would be required to make the transition?
    3. Cost: how much money is the migration expected to cost?
    4. Time: how long will the migration take?
    5. Skills: what skills must be brought to bear to complete the migration?

    Not all migration paths can lead to all destinations. Rehosting generally means IaaS, while repurchasing leads to SaaS. Refactoring and replatforming have some variety of outcomes, and it becomes possible to take advantage of new IaaS architectures or migrate workloads over fully to SaaS.

    As part of the workload assessment process, use the five dimensions (expanded upon on the next slide) to determine what migration path makes sense. Preferred migration paths form an important part of the overall cloud vision process.

    Retain (Revisit)

    • Keep the application in its current form, at least for now. This doesn’t preclude revisiting it in the future.

    Retire

    • Get rid of the application completely.

    Rehost

    • Move the application to the cloud (IaaS) and continue to run it in more or less the same form as it currently runs.

    Replatform

    • Move the application to the cloud and perform a few changes for cloud optimizations.

    Refactor

    • Rewrite the application, taking advantage of cloud native architectures.

    Repurchase

    • Replace with an alternative, cloud-native application and migrate the data.

    Migration paths – relative value

    Migration path Value Effort Cost Time Skills
    Retain No real change in the absolute value of the workload if it is retained. No effort beyond ongoing workload maintenance. No immediate hard dollar costs, but opportunity costs and technical debt abound. No time required! (At least not right away…) Retaining requires the same skills it has always required (which may be more difficult to acquire in the future).
    Rehire A retired workload can provide no value, but it is not a drain! Spinning a service down requires engaging that part of the lifecycle. N/A Retiring the service may be simple or complicated depending on its current role. N/A
    Rehost Some value comes with rehosting, but generally components stay the same (VM here vs. a VM there). Minimal effort required, especially with automated tools. The effort will depend on the environment being migrated. Relatively cheap compared to other options. Rehosting infrastructure is the simplest cloud migration path and is useful for anyone in a hurry. Rehosting is the simplest cloud migration path for most workloads, but it does require basic familiarity with cloud IaaS.

    Replatform

    Replatformed workloads can take advantage of cloud-native services (SQL vs. SQLaaS). Replatforming is more effortful than rehosting, but less effortful than refactoring. Moderate cost – does not require fundamental rearchitecture, just some tweaking. Relatively more complicated than a simple rehost, but less demanding than a refactor. Platform and workload expertise is required; more substantial than a simple rehost.
    Refactor A fully formed, customized cloud-based workload that can take advantage of cloud-native architectures is generally quite valuable. Significant effort required based on the requirement to engage the full SDLC. Significant cost required to engage SDLC and rebuild the application/service. The most complicated and time-consuming. The most complicated and time-consuming.
    Repurchase Repurchasing is the quickest way to achieve cloud-native value. There are compromises, however (high cost, vendor-lock-in). Repurchasing is the quickest way to achieve cloud-native value. There are compromises, however (high cost, vendor-lock-in). Repurchasing is the quickest way to achieve cloud-native value. There are compromises, however (high cost, vendor-lock-in). Configuration – especially for massive projects – can be time consuming, but in general repurchasing can be quite fast. Buying software does require knowledge of requirements and integrations, but is otherwise quite simple.

    Where should you get your cloud skills?

    Cloud skills are certainly top of mind right now. With the great upheaval in both work patterns and in the labor market more generally, expertise in cloud-related areas is simultaneously more valuable and more difficult to procure. According to Pluralsight’s 2021 “State of Upskilling” report, 44% of respondents report themselves under-skilled in the cloud management area, making cloud management the most significant skill gap reported on the survey.

    Everyone left the office. Work as we know it is fundamentally altered for a generation or more. Cloud services shot up in popularity by enabling the transition. And yet there is a gap – a prominent gap – in skilling up for this critically important future. What is the cloud manager to do?

    Per the framework presented here, that manager has three essential options. They may take somewhat different forms depending on specific requirements and the quirks of the local market, but the options are:

    1. Train or hire internal resources: This might be easier said than done, especially for more niche skills, but makes sense for workloads that are critical to operations for the long term.
    2. Engage a managed service provider: MSPs are often engaged to manage services where internal IT lacks bandwidth or expertise.
    3. Hire a consultant: Consultants are great for time-bound implementation projects where highly specific expertise is required, such as a migration or implementation project.

    Each model makes sense to some degree. When evaluating individual workloads for cloud suitability, it is critical to consider the support model – both immediate and long term. What makes sense from a value perspective?

    Cloud decisions – summary

    A key component of the Info-Tech cloud vision model is that it is multi-layered. Not every decision must be made at every level. At the workload level, it makes sense to select service models that make sense, but each workload does not need its own defined vision. Workload-level decisions should be guided by an overall strategy but applied tactically, based on individual workload characteristics and circumstances.

    Conversely, some decisions will inevitably be applied at the environment level. With some exceptions, it is unlikely that cloud customers will build an entire private/hybrid cloud environment around a single solution; instead, they will define a broader strategy and fit individual workloads into that strategy.

    Some considerations exist at both the workload and environment levels. Risks and roadblocks, as well as the preferred support model, are concerns that exist at both the environment level and at the workload level.

    The image is a Venn diagram, with the left side titled Workload level, and the right side titled Environment Level. In the left section are: service model and migration path. On the right section are: Overall vision and Delivery model. In the centre section are: support model and Risks and roadblocks.

    Step 1.3

    Create a current state summary

    Activities

    1.3.1 Record your current state

    Understand the Cloud

    Generate goals and drivers

    Explore cloud characteristics

    Create a current state summary

    Select workloads for analysis

    This step involves the following participants: Core working group

    Outcomes of this step

    • Current state summary of cloud solutions

    1.3.1 Record your current state

    30 minutes

    Input

    • Knowledge of existing cloud workloads

    Output

    • Current state cloud summary for service, delivery, and support models

    Materials

    • Whiteboard

    Participants

    • Core working group
    • Infrastructure team
    • Service owners
    1. On a whiteboard (real or virtual) draw a table with each of the cloud service models across the top. Leave a cell below each to list examples.
    2. Under each service model, record examples present in your environment. The purpose of the exercise is to illustrate the existence of cloud services in your environment or the lack thereof, so there is no need to be exhaustive. Complete this in turn for each service model until you are satisfied that you have created an effective picture of your current cloud SaaS state, IaaS state, etc.
    3. Input the results into their own slide titled “current state summary” in the Cloud Vision Executive Presentation.
    4. Repeat for the cloud delivery models and support models and include the results of those exercises as well.
    5. Create a short summary statement (“We are primarily a public cloud consumer with a large SaaS footprint and minimal presence in PaaS and IaaS. We retain an MSP to manage our hosted telephony solution; otherwise, everything is handled in house.”

    Cloud Vision Executive Presentation

    Step 1.4

    Select workloads for current analysis

    Activities

    1.4.1 Select workloads for assessment

    This step involves the following participants:

    • Core working group

    Outcomes of this step

    • List of workloads for assessment

    Understand the cloud

    Generate goals and drivers

    Explore cloud characteristics

    Create a current state summary

    Select workloads for analysis

    1.4.1 Select workloads for assessment

    30 minutes

    Input

    • Knowledge of existing cloud workloads

    Output

    • List of workloads to be assessed

    Materials

    • Whiteboard
    • Cloud Vision Workbook

    Participants

    • Core working group
    • IT management
    1. In many cases, the cloud project is inspired by a desire to move a particular workload or set of workloads. Solicit feedback from the core working group about what these workloads might be. Ask everyone in the meeting to suggest a workload and record each one on a sticky note or white board (virtual or physical).
    2. Discuss the results with the group and begin grouping similar workloads together. They will be subject to the assessments in the Cloud Vision Workbook, so try to avoid selecting too many workloads that will produce similar answers. It might not be obvious, but try to think about workloads that have similar usage patterns, risk levels, and performance requirements, and select a representative group.
    3. You should embrace counterintuition by selecting a workload that you think is unlikely to be a good fit for the cloud if you can and subjecting it to the assessment as well for validation purposes.
    4. When you have a list of 4-6 workloads, record them on tab 2 of the Cloud Vision Workbook.

    Cloud Vision Workbook

    Assess your cloud workloads

    Build the foundations of your cloud vision

    Phase 2

    Phase 2

    Evaluate Cloud Workloads

    Phase 1

    1.1 Generate goals and drivers

    1.2 Explore cloud characteristics

    1.3 Create a current state summary

    1.4 Select workloads for analysis

    Phase 2

    2.1 Conduct workload assessments

    2.2 Determine workload future states

    Phase 3

    3.1 Generate risks and roadblocks

    3.2 Mitigate risks and roadblocks

    3.3 Define roadmap initiatives

    Phase 4

    4.1 Review and assign work items

    4.2 Finalize cloud decision framework

    4.3 Create cloud vision

    This phase will walk you through the following activities:

    • Conduct workload assessments
    • Determine workload future state

    This phase involves the following participants:

    • Subject matter experts
    • Core working group
    • IT management

    Define Your Cloud Vision

    Work from the bottom up and assess your workloads

    A workload-first approach will help you create a realistic vision.

    The concept of a cloud vision should unquestionably be informed by the nature of the workloads that IT is expected to provide for the wider organization. The overall cloud vision is no greater than the sum of its parts. You cannot migrate to the cloud in the abstract. Workloads need to go – and not all workloads are equally suitable for the transition.

    It is therefore imperative to understand which workloads are a good fit for the cloud, which cloud service models make the most sense, how to execute the migration, what support should look like, and what risks and roadblocks you are likely to encounter as part of the process.

    That’s where the Cloud Vision Workbook comes into play. You can use this tool to assess as many workloads as you’d like – most people get the idea after about four – and by the end of the exercise, you should have a pretty good idea about where your workloads belong, and you’ll have a tool to assess any net new or previously unconsidered workloads.

    It’s not so much about the results of the assessment – though these are undeniably important – but about the learnings gleaned from the collaborative assessment exercise. While you can certainly fill out the assessment without any additional input, this exercise is most effective when completed as part of a group.

    Introducing the Cloud Vision Workbook

    • The Cloud Vision Workbook is an Excel tool that answers the age old question: “What should I do with my workloads?”
    • It is divided into eight tabs, each of which offers unique value. Start by reading the introduction and inputting your list of workloads. Work your way through tabs 3-6, completing the suitability, migration, management, and risk and roadblock assessments, and review the results on tab 7.
    • If you choose to go through the full battery of assessments for each workload, expect to answer and weight 111 unique questions across the four assessments. This is an intensive exercise, so carefully consider which assessments are valuable to you, and what workloads you have time to assess.
    • Tab 8 hosts the milestone timeline and captures the results of the phase 3 risk and mitigation exercise.

    Understand Cloud Vision Workbook outputs

    The image shows a graphic with several graphs and lists on it, with sections highlighted with notes. At the top, there's the title Database with the note Workload title (populated from tab 2). Below that, there is a graph with the note Relative suitability of the five service models. The Risks and roadblocks section includes the note: The strategy components – the risks and roadblocks – are captured relative to one another to highlight key focus areas. To the left of that, there is a Notes section with the note Notes populated based on post-assessment discussion. At the bottom, there is a section titled Where should skills be procured?, with the note The radar diagram captures the recommended support model relative to the others (MSP, consultant, internal IT). To the right of that, there is a section titled Migration path, with the note that Ordered list of migration paths. Note: a disconnect here with the suggested service model may indicate an unrealistic goal state.

    Step 2.1

    Conduct workload assessments

    Activities

    2.1.1 Conduct workload assessments

    2.1.2 Interpret your results

    Phase Title

    Conduct workload assessments

    Determine workload future state

    This step involves the following participants:

    • Core working group
    • Workload subject matter experts

    Outcomes of this step

    • Completed workload assessments

    2.1.1 Conduct workload assessments

    2 hours per workload

    Input

    • List of workloads to be assessed

    Output

    • Completed cloud vision assessments

    Materials

    • Cloud Vision Workbook

    Participants

    • Core working group
    • Service owners/workload SMEs
    1. The Cloud Vision Workbook is your one stop shop for all things workload assessment. Open the tool to tab 2 and review the workloads you identified at the end of phase 1. Ensure that these are correct. Once satisfied, project the tool (virtually, if necessary) so that all participants can see the assessment questions.
    2. Work through tabs 3-6, answering the questions and assigning a multiplier for each one. A higher multiplier increases the relative weight of the question, giving it a greater impact on the overall outcome.
    3. Do your best to induce participants to offer opinions. Consensus is not absolutely necessary, but it is a good goal. Ask your participants if they agree with initial responses and occasionally take the opposite position (“I’m surprised you said agree – I would have thought we didn’t care about CapEx vs. OpEx”). Stimulate discussion.
    4. Highlight any questions that you will need to return to or run by someone not present. Include a placeholder answer, as the tool requires all cells to be filled for computation.

    Cloud Vision Workbook

    2.1.2 Interpret your results

    10 minutes

    Input

    • Completed cloud vision assessments

    Output

    • Shared understanding of implications

    Materials

    • Cloud Vision Workbook

    Participants

    • Core working group
    • Service owners/workload SMEs
    1. Once you’ve completed all 111 questions for each workload, you can review your results on tab 7. On tab 7, you will see four populated graphics: cloud suitability, migration path, “where should skills be procured?”, and risks and roadblocks. These represent the components of the overall cloud vision that you will present to stakeholders.
    2. The “cloud suitability” chart captures the service model that the assessment judges to be most suitable for the workload. Ask those present if any are surprised by the output. If there is any disagreement, discuss the source of the surprise and what a more realistic outcome would be. Revisit the assessment if necessary.
    3. Conduct a similar exercise with each of the other outputs. Does it make sense to refactor the workload based on its cloud suitability? Does the fact that we scored so highly on the “consultant” support model indicate something about how we handle upskilling internally? Does the profile of risks and roadblocks identified here align with expectations? What should be ranked higher? What about lower?
    4. Once everyone is generally satisfied with the results, close the tool and take a break! You’ve earned it.

    Cloud Vision Workbook

    Understand the cloud strategy components

    Each cloud strategy will take a slightly different form, but all should contain echoes of each of these components. This process will help you define your vision and direction, but you will need to take steps to execute on that vision. The remainder of the cloud strategy, covered in the related blueprint Document Your Cloud Strategy comprises these fourteen topics divided across three categories: people, governance, and technology. The workload assessment covers these under risks and roadblocks and highlights areas that may require specific additional attention. When interpreting the results, think of these areas as comprising things that you will need to do to make your vision a reality.

    People

    • Skills and roles
    • Culture and adoption
    • Governing bodies

    Governance

    • Architecture
    • Integration and interoperability
    • Operations management
    • Cloud portfolio management
    • Cloud vendor management
    • Finance management
    • Security
    • Data controls

    Technology

    • Monitoring
    • Provisioning
    • Migration

    Strategy component: People

    People form the core of any good strategy. As part of your cloud vision, you will need to understand the implications a cloud transition will have on your staff and users, whether those users are internal or external.

    Component Description Challenges
    Skills and roles The move to the cloud will require staff to learn how to handle new technology and new operational processes. The cloud is a different way of procuring IT resources and may require the definition of new roles to handle things like cost management and provisioning. Staff may not have the necessary experience to migrate to a cloud environment or to effectively manage resources once the cloud transition is made. Cloud skills are difficult to hire for, and with the ever-changing nature of the platforms themselves, this shows no sign of abating. Redefining roles can also be politically challenging and should be done with due care and consideration.
    Culture and adoption If you build it, they will come…right? It is not always the case that a new service immediately attracts users. Ensuring that organizational culture aligns with the cloud vision is a critical success factor. Equally important is ensuring that cloud resources are used as intended. Those unfamiliar with cloud resources may be less willing to learn to use them. If alternatives exist (e.g. a legacy service that has not been shut down), or if those detractors are influential, this resistance may impede your cloud execution. Also, if the cloud transition involves significant effort or a fundamental rework (e.g. a DevOps transition) this role redefinition could cause some internal turmoil.
    Governing bodies A large-scale cloud deployment requires formal governance. Formal governance requires a governing body that is ultimately responsible for designing the said governance. This could take the form of a “center of excellence” or may rest with a single cloud architect in a smaller, less complicated environment. Governance is difficult. Defining responsibilities in a way that includes all relevant stakeholders without paralyzing the decision-making process is difficult. Implementing suggestions is a challenge. Navigating the changing nature of service provision (who can provision their own instances or assign licenses?) can be difficult as well. All these concerns must be addressed in a cloud strategy.

    Strategy component: Governance

    Without guardrails, the cloud deployment will grow organically. This has strengths (people tend to adopt solutions that they select and deploy themselves), but these are more than balanced out by the drawbacks that come with inconsistency, poor administration, duplication of services, suboptimal costing, and any number of other unique challenges. The solution is to develop and deploy governance. The following list captures some of the necessary governance-related components of a cloud strategy.

    Component Description Challenges
    Architecture Enterprise architecture is an important function in any environment with more than one interacting workload component (read: any environment). The cloud strategy should include an approach to defining and implementing a standard cloud architecture and should assign responsibility to an individual or group. Sometimes the cloud transition is inspired by the desire to rearchitect. The necessary skills and knowledge may not be readily available to design and transition to a microservices-based environment, for example, vs. a traditional monolithic application architecture. The appropriateness of a serverless environment may not be well understood, and it may be the case that architects are unfamiliar with cloud best practices and reference architectures.
    Integration and interoperability Many services are only highly functional when integrated with other services. What is a database without its front-end? What is an analytics platform without its data lake? For the cloud vision to be properly implemented, a strategy for handling integration and interoperability must be developed. It may be as simple as “all SaaS apps must be compatible with Okta” but it must be there. Migration to the cloud may require a fundamentally new approach to integration, moving away from a point-to-point integrations and towards an ESB or data lake. In many cases, this is easier said than done. Centralization of management may be appealing, but legacy applications – or those acquired informally in a one-off fashion – might not be so easy to integrate into a central management platform.
    Operations management Service management (ITIL processes) must be aligned with your overall cloud strategy. Migrating to the cloud (where applicable) will require refining these processes, including incident, problem, request, change, and configuration management, to make them more suitable for the cloud environment. Operations management doesn’t go away in the cloud, but it does change in line with the transition to shared responsibility. Responding to incidents may be more difficult on the cloud when troubleshooting is a vendor’s responsibility. Change management in a SaaS environment may be more receptive than staff are used to as cloud providers push changes out that cannot be rolled back.

    Strategy component: Governance (cont.)

    Component Description Challenges
    Cloud portfolio management This component refers to the act of managing the portfolio of cloud services that is available to IT and to business users. What requirements must a SaaS service meet to be onboarded into the environment? How do we account for exceptions to our IaaS policy? What about services that are only available from a certain provider? Rationalizing services offers administrative benefits, but may make some tasks more difficult for end users who have learned things a certain way or rely on niche toolsets. Managing access through a service catalog can also be challenging based on buy-in and ongoing administration. It is necessary to develop and implement policy.
    Cloud vendor management Who owns the vendor management function, and what do their duties entail? What contract language must be standard? What does due diligence look like? How should negotiations be conducted? What does a severing of the relationship look like? Cloud service models are generally different from traditional hosted software and even from each other (e.g. SaaS vs. PaaS). There is a bit of a learning curve when it comes to dealing with vendors. Also relevant: the skills that it takes to build and maintain a system are not necessarily the same as those required to coherently interact with a cloud vendor.
    Finance management Cloud services are, by definition, subject to a kind of granular, operational billing that many shops might not be used to. Someone will need to accurately project and allocate costs, while ensuring that services are monitored for cost abnormalities. Cloud cost challenges often relate to overall expense (“the cloud is more expensive than an alternative solution”), expense variability (“I don’t know what my budget needs to be this quarter”), and cost complexity (“I don’t understand what I’m paying for – what’s an Elastic Beanstalk?”).
    Security The cloud is not inherently more or less secure than a premises-based alternative, though the risk profile can be different. Applying appropriate security governance to ensure workloads are compliant with security requirements is an essential component of the strategy.

    Technical security architecture can be a challenge, as well as navigating the shared responsibility that comes with a cloud transition. There are also a plethora of cloud-specific security tools like cloud access security brokers (CASBs), cloud security posture management (CSPM) solutions, and even secure access services edge (SASE) technology.

    Data controls Data residency, classification, quality, and protection are important considerations for any cloud strategy. With cloud providers taking on outsized responsibility, understanding and governing data is essential. Cloud providers like to abstract away from the end user, and while some may be able to guarantee residency, others may not. Additionally, regulations may prevent some data from going to the cloud, and you may need to develop a new organizational backup strategy to account for the cloud.

    Strategy component: Technology

    Good technology will never replace good people and effective process, but it remains important in its own right. A migration that neglects the undeniable technical components of a solid cloud strategy is doomed to mediocrity at best and failure at worst. Understanding the technical implications of the cloud vision – particularly in terms of monitoring, provisioning, and migration – makes all the difference. You can interpret the results of the cloud workload assessments by reviewing the details presented here.

    Component Description Challenges
    Monitoring The cloud must be monitored in line with performance requirements. Staff must ensure that appropriate tools are in place to properly monitor cloud workloads and that they are capturing adequate and relevant data. Defining requirements for monitoring a potentially unfamiliar environment can be difficult, as can consolidating on a monitoring solution that both meets requirements and covers all relevant areas. There may be some upskilling and integration work required to ensure that monitoring works as required.
    Provisioning How will provisioning be done? Who will be responsible for ensuring the right people have access to the right resources? What tooling must be deployed to support provisioning goals? What technical steps must be taken to ensure that the provisioning is as seamless as possible? There is the inevitable challenge of assigning responsibility and accountability in a changing infrastructure and operations environment, especially if the changes are substantial (e.g. a fundamental operating model shift, reoriented around the cloud). Staff may also need to familiarize themselves with cloud-based provisioning tools like Ansible, Terraform, or even CloudFormation.
    Migration The act of migrating is important as well. In some cases, the migration is as simple as configuring the new environment and turning it up (e.g. with a net new SaaS service). In other cases, the migration itself can be a substantial undertaking, involving large amounts of data, a complicated replatforming/refactoring, and/or a significant configuration exercise.

    Not all migration journeys are created equal, and challenges include a general lack of understanding of the requirements of a migration, the techniques that might be necessary to migrate to a particular cloud (there are many) and the disruption/risk associated with moving large amounts of data. All of these challenges must be considered as part of the overall cloud strategy, whether in terms of architectural principles or skill acquisition (or both!).

    Step 2.2

    Determine workload future state

    Activities

    2.2.1 Determine workload future state

    Conduct workload assessments

    Determine workload future state

    This step involves the following participants:

    • IT management
    • Core working group

    Outcomes of this step

    • Completed workload assessments
    • Defined workload future state

    2.2.1 Determine workload future state

    1-3 hours

    Input

    • Completed workload assessments

    Output

    • Preliminary future state outputs

    Materials

    • Cloud Vision Workbook
    • Cloud Vision Executive Presentation

    Participants

    • Core working group
    • Service owners
    • IT management
    1. After you’ve had a chance to validate your results, refer to tab 7 of the tool, where you will find a blank notes section.
    2. With the working group, capture your answers to each of the following questions:
      1. What service model is the most suitable for the workload? Why?
      2. How will we conduct the migration? Which of the six models makes the most sense? Do we have a backup plan if our primary plan doesn’t work out?
      3. What should the support model look like?
      4. What are some workload-specific risks and considerations that must be taken into account for the workload?
    3. Once you’ve got answers to each of these questions for each of the workloads, include your summary in the “notes” section of tab 7.

    Cloud Vision Executive Presentation

    Paste the output into the Cloud Vision Executive Presentation

    • The Cloud Vision Workbook output is a compact, consumable summary of each workload’s planned future state. Paste each assessment in as necessary.
    • There is no absolutely correct way to present the information, but the output is a good place to start. Do note that, while the presentation is designed to lead with the vision statement, because the process is workload-first, the assessments are populated prior to the overall vision in a bottom-up manner.
    • Be sure to anticipate the questions you are likely to receive from any stakeholders. You may consider preparing for questions like: “What other workloads fit this profile?” “What do we expect the impact on the budget to be?” “How long will this take?” Keep these and other questions in mind as you progress through the vision definition process.

    The image shows the Cloud Vision Workbook output, which was described in an annotated version in an earlier section.

    Info-Tech Insight

    Keep your audience in mind. You may want to include some additional context in the presentation if the results are going to be presented to non-technical stakeholders or those who are not familiar with the terms or how to interpret the outputs.

    Identify and Mitigate Risks

    Build the foundations of your cloud vision

    PHASE 3

    Phase 3

    Identify and Mitigate Risks

    Phase 1

    1.1 Generate goals and drivers

    1.2 Explore cloud characteristics

    1.3 Create a current state summary

    1.4 Select workloads for analysis

    Phase 2

    2.1 Conduct workload assessments

    2.2 Determine workload future states

    Phase 3

    3.1 Generate risks and roadblocks

    3.2 Mitigate risks and roadblocks

    3.3 Define roadmap initiatives

    Phase 4

    4.1 Review and assign work items

    4.2 Finalize cloud decision framework

    4.3 Create cloud vision

    This phase will walk you through the following activities:

    • Generate risks and roadblocks
    • Mitigate risks and roadblocks
    • Define roadmap initiatives

    This phase involves the following participants:

    • Core working group
    • Workload subject matter experts

    You know what you want to do, but what do you have to do?

    What questions remain unanswered?

    There are workload-level risks and roadblocks, and there are environment-level risks. This phase is focused primarily on environment-level risks and roadblocks, or those that are likely to span multiple workloads (but this is not hard and fast rule – anything that you deem worth discussing is worth discussing). The framework here calls for an open forum where all stakeholders – technical and non-technical, pro-cloud and anti-cloud, management and individual contributor – have an opportunity to articulate their concerns, however specific or general, and receive feedback and possible mitigation.

    Start by soliciting feedback. You can do this over time or in a single session. Encourage anyone with an opinion to share it. Focus on those who are likely to have a perspective that will become relevant at some point during the creation of the cloud strategy and the execution of any migration. Explain the preliminary direction; highlight any major changes that you foresee. Remind participants that you are not looking for solutions (yet), but that you want to make sure you hear any and every concern as early as possible. You will get feedback and it will all be valuable.

    Before cutting your participants loose, remind them that, as with all business decisions, the cloud comes with trade-offs. Not everyone will have every wish fulfilled, and in some cases, significant effort may be needed to get around a roadblock, risks may need to be accepted, and workloads that looked like promising candidates for one service model or another may not be able to realize that potential. This is a normal and expected part of the cloud vision process.

    Once the risks and roadblocks conversation is complete, it is the core working group’s job to propose and validate mitigations. Not every risk can be completely resolved, but the cloud has been around for decades – chances are someone else has faced a similar challenge and made it through relatively unscathed. That work will inevitably result in initiatives for immediate execution. Those initiatives will form the core of the initiative roadmap that accompanies the completed Cloud Vision Executive Presentation.

    Step 3.1

    Generate risks and roadblocks

    Activities

    3.1.1 Generate risks and roadblocks

    3.1.2 Generate mitigations

    Identify and mitigate risks

    Generate risks and roadblocks

    Mitigate risks and roadblocks

    Define roadmap initiatives

    This step involves the following participants:

    • Core working group
    • IT management
    • Infrastructure
    • Applications
    • Security
    • Architecture

    Outcomes of this step

    • List of risks and roadblocks

    Understand risks and roadblocks

    Risk

    • Something that could potentially go wrong.
    • You can respond to risks by mitigating them:
      • Eliminate: take action to prevent the risk from causing issues.
      • Reduce: take action to minimize the likelihood/severity of the risk.
      • Transfer: shift responsibility for the risk away from IT, towards another division of the company.
      • Accept: where the likelihood or severity is low, it may be prudent to accept that the risk could come to fruition.

    Roadblock

    • There are things that aren’t “risks” that we care about when migrating to the cloud.
    • We know, for example, that a complicated integration situation will create work items for any migration – this is not an “unknown.”
    • We respond to roadblocks by generating work items.

    3.1.1 Generate risks and roadblocks

    1.5 hours

    Input

    • Completed cloud vision assessments

    Output

    • List of risks and roadblocks

    Materials

    • Whiteboard
    • Sticky notes

    Participants

    • Core working group
    • Service owners/workload SMEs
    • Anyone with concerns about the cloud
    1. Gather your core working group – and really anyone with an intelligent opinion on the cloud – into a single meeting space. Give the group 5-10 minutes to list anything they think could present a difficulty in transitioning workloads to the cloud. Write each risk/roadblock on its own sticky note. You will never be 100% exhaustive, but don’t let anything your users care about go unaddressed.
    2. Once everyone has had time to write down their risks and roadblocks, have everyone share one by one. Make sure you get them all. Overlap in risks and roadblocks is okay! Group similar concerns together to give a sort of heat map of what your participants are concerned about. (This is called “affinity diagramming.”)
    3. Assign names to these categories. Many of these categories will align with the strategy components discussed in the previous phase (governance, security, etc.) but some will be specific whether by nature or by degree.
    4. Sort each of the individual risks into its respective category, collapsing any exact duplicates, and leaving room for notes and mitigations (see the next slide for a visual).

    Understand risks and roadblocks

    The image is two columns--on the left, the column is titled Affinity Diagramming. Below the title, there are many colored blocks, randomly arranged. There is an arrow pointing right, to the same coloured blocks, now sorted by colour. In the right column--titled Categorization--each colour has been assigned a category, with subcategories.

    Step 3.2

    Mitigate risks and roadblocks

    Activities

    3.2.1 Generate mitigations

    Identify and mitigate risks

    Generate risks and roadblocks

    Mitigate risks and roadblocks

    Define roadmap initiatives

    This step involves the following participants:

    • Core working group

    Outcomes of this step

    • List of mitigations

    Is the public cloud less secure?

    This is the key risk-related question that most cloud customers will have to answer at some point: does migrating to the cloud for some services increase their exposure and create a security problem?

    As with all good questions, the answer is “it depends.” But what does it depend on? Consider these cloud risks and potential mitigations:

    1. Misconfiguration: An error grants access to unauthorized parties (as happened to Capital One in 2019). This can be mitigated by careful configuration management and third-party tooling.
    2. Unauthorized access by cloud provider/partner employees: Though rare, it is possible that a cloud provider or partner can be a vector for a breach. Careful contract language, choosing to own your own encryption keys, and a hybrid approach (storing data on-premises) are some possible ways to address this problem.
    3. Unauthorized access to systems: Cloud services are designed to be accessed from anywhere and may be accessed by malicious actors. Possible mitigations include risk-based conditional access, careful identity access management, and logging and detection.

    “The cloud is definitely more secure in that you have much more control, you have much more security tooling, much more visibility, and much more automation. So it is more secure. The caveat is that there is more risk. It is easier to accidentally expose data in the cloud than it is on-premises, but, especially for security, the amount of tooling and visibility you get in cloud is much more than anything we’ve had in our careers on-premises, and that’s why I think cloud in general is more secure.” –Abdul Kittana, Founder, ASecureCloud

    Breach bests bank

    No cloud provider can protect against every misconfiguration

    Industry: Finance

    Source: The New York Times, CNET

    Background

    Capital One is a major Amazon Web Services customer and is even featured on Amazon’s site as a case study. That case study emphasizes the bank’s commitment to the cloud and highlights how central security and compliance were. From the CTO: “Before we moved a single workload, we engaged groups from across the company to build a risk framework for the cloud that met the same high bar for security and compliance that we meet in our on-premises environments. AWS worked with us every step of the way.”

    Complication

    The cloud migration was humming along until July 2019, when the bank suffered a serious breach at the hands of a hacker. That hacker was able to steal millions of credit card applications and hundreds of thousands of Social Security numbers, bank account numbers, and Canadian social insurance numbers.

    According to investigators and to AWS, the breach was caused by an open reverse proxy attack against a misconfigured web app firewall, not by an underlying vulnerability in the cloud infrastructure.

    Results

    Capital One reported that the breach was expected to cost it $150 million, and AWS fervently denied any blame. The US Senate got involved, as did national media, and Capital One’s CEO issued a public apology, writing, “I sincerely apologize for the understandable worry this incident must be causing those affected, and I am committed to making it right.”

    It was a bad few months for IT at Capital One.

    3.2.1 Generate mitigations

    3-4.5 hours

    Input

    • Completed cloud vision assessments

    Output

    • List of risks and roadblocks

    Materials

    • Whiteboard
    • Sticky notes

    Participants

    • Core working group
    • Service owners/workload SMEs
    • Anyone with concerns about the cloud
    1. Recall the four mitigation strategies: eliminate, reduce, transfer, or accept. Keep these in mind as you work through the list of risks and roadblocks with the core working group. For every individual risk or roadblock raised in the initial generation session, suggest a specific mitigation. If the concern is “SaaS providers having access to confidential information,” a mitigation might be encryption, specific contract language, or proof of certifications (or all the above).
    2. Work through this for each of the risks and roadblocks, identifying the steps you need to take that would satisfy your requirements as you understand them.
    3. Once you have gone through the whole list – ideally with input from SMEs in particular areas like security, engineering, and compliance/legal – populate the Cloud Vision Workbook (tab 8) with the risks, roadblocks, and mitigations (sorted by category). Review tab 8 for an example of the output of this exercise.

    Cloud Vision Workbook

    Cloud Vision Workbook – mitigations

    The image shows a large chart titled Risks, roadblocks, and mitigations, which has been annotated with notes.

    Step 3.3

    Define roadmap initiatives

    Activities

    3.3.1 Generate roadmap initiatives

    Identify and mitigate risks

    Generate risks and roadblocks

    Mitigate risks and roadblocks

    Define roadmap initiatives

    This step involves the following participants:

    • Core working group

    Outcomes of this step

    • Defined roadmap initiatives

    3.3.1 Generate roadmap initiatives

    1 hour

    Input

    • List of risk and roadblock mitigations

    Output

    • List of cloud initiatives

    Materials

    • Cloud Vision Workbook

    Participants

    • Core working group
    1. Executing on your cloud vision will likely require you to undertake some key initiatives, many of which have already been identified as part of your mitigation exercise. On tab 8 of the Cloud Vision Workbook, review the mitigations you created in response to the risks and roadblocks identified. Initiatives should generally be assignable to a party and should have a defined scope/duration. For example, “assess all net new applications for cloud suitability” might not be counted as an initiative, but “design a cloud application assessment” would likely be.
    2. Design a timeline appropriate for your specific needs. Generally short-term (less than 3 months), medium-term (3-6 months), and long-term (greater than 6 months) will work, but this is entirely based on preference.
    3. Review and validate the parameters with the working group. Consider creating additional color-coding (highlighting certain tasks that might be dependent on a decision or have ongoing components).

    Cloud Vision Workbook

    Bridge the gap and create the vision

    Build the foundations of your cloud vision

    Phase 4

    Phase 4

    Bridge the Gap and Create the Vision

    Phase 1

    1.1 Generate goals and drivers

    1.2 Explore cloud characteristics

    1.3 Create a current state summary

    1.4 Select workloads for analysis

    Phase 2

    2.1 Conduct workload assessments

    2.2 Determine workload future states

    Phase 3

    3.1 Generate risks and roadblocks

    3.2 Mitigate risks and roadblocks

    3.3 Define roadmap initiatives

    Phase 4

    4.1 Review and assign work items

    4.2 Finalize cloud decision framework

    4.3 Create cloud vision

    This phase will walk you through the following activities:

    • Assign initiatives and propose timelines
    • Build a delivery model rubric
    • Build a service model rubric
    • Built a support model rubric
    • Create a cloud vision statement
    • Map cloud workloads
    • Complete the Cloud Vision presentation

    This phase involves the following participants:

    • IT management, the core working group, security, infrastructure, operations, architecture, engineering, applications, non-IT stakeholders

    Step 4.1

    Review and assign work items

    Activities

    4.1.1 Assign initiatives and propose timelines

    Bridge the gap and create the vision

    Review and assign work items

    Finalize cloud decision framework

    Create cloud vision

    This step involves the following participants:

    • Core working group
    • IT management

    Outcomes of this step

    • Populated cloud vision roadmap

    4.1.1 Assign initiatives and propose timelines

    1 hour

    Input

    • List of cloud initiatives

    Output

    • Initiatives assigned by responsibility and timeline

    Materials

    • Cloud Vision Workbook

    Participants

    • Core working group
    1. Once the list is populated, begin assigning responsibility for execution. This is not a RACI exercise, so focus on the functional responsibility. Once you have determined who is responsible, assign a timeline and include any notes. This will form the basis of a more formal project plan.
    2. To assign the initiative to a party, consider 1) who will be responsible for execution and 2) if that responsibility will be shared. Be as specific as possible, but be sure to be consistent to make it easier for you to sort responsibility later on.
    3. When assigning timelines, we suggest including the end date (when you expect the project to be complete) rather than the start date, though whatever you choose, be sure to be consistent. Make use of the notes column to record anything that you think any other readers will need to be aware of in the future, or details that may not be possible to commit to memory.

    Cloud Vision Workbook

    Step 4.2

    Finalize cloud decision framework

    Activities

    4.2.1 Build a delivery model rubric

    4.2.2 Build a service model rubric

    4.2.3 Build a support model rubric

    Bridge the gap and create the vision

    Review and assign work items

    Finalize cloud decision framework

    Create cloud vision

    This step involves the following participants:

    • Core working group

    Outcomes of this step

    • Cloud decision framework

    4.2.1 Build a delivery model rubric

    1 hour

    Input

    • List of cloud initiatives

    Output

    • Initiatives assigned by responsibility and timeline

    Materials

    Participants

    • Core working group
    1. Now that we have a good understanding of the cloud’s key characteristics, the relative suitability of different workloads for the cloud, and a good understanding of some of the risks and roadblocks that may need to be overcome if a cloud transition is to take place, it is time to formalize a delivery model rubric. Start by listing the delivery models on a white board vertically – public, private, hybrid, and multi-cloud. Include a community cloud option as well if that is feasible for you. Strike any models that do not figure into your vision.
    2. Create a table style rubric for each delivery model. Confer with the working group to determine what characteristics best define workloads suitable for each model. If you have a hybrid cloud option, you may consider workloads that are highly dynamic; a private cloud hosted on-premises may be more suitable for workloads that have extensive regulatory requirements.
    3. Once the table is complete, include it in the Cloud Vision Executive Presentation.

    Cloud Vision Executive Presentation

    Vision for the cloud future state (example)

    Delivery model Decision criteria
    Public cloud
    • Public cloud is the primary destination for all workloads as the goal is to eliminate facilities and infrastructure management
    • Offers features, broad accessibility, and managed updates along with provider-managed facilities and hardware
    Legacy datacenter
    • Any workload that is not a good fit for the public cloud
    • Dependency (like a USB key for license validation)
    • Performance requirements (e.g. workloads highly sensitive to transaction thresholds)
    • Local infrastructure components (firewall, switches, NVR)

    Summary statement: Everything must go! Public cloud is a top priority. Anything that is not compatible (for whatever reason) with a public cloud deployment will be retained in a premises-based server closet (downgraded from a full datacenter). The private cloud does not align with the overall organizational vision, nor does a hybrid solution.

    4.2.2 Build a service model rubric

    1 hour

    Input

    • Output of workload assessments
    • Output of risk and mitigation exercise

    Output

    • Service model rubric

    Materials

    • Whiteboard
    • Cloud Vision Executive Presentation

    Participants

    • Core working group
    1. This next activity is like the delivery model activity, but covers the relevant cloud service models. On a whiteboard, make a vertical list of the cloud service models (SaaS, PaaS, IaaS, etc.) that will be considered for workloads. If you have an order of preference, place your most preferred at the top, your least preferred at the bottom.
    2. Describe the circumstances under which you would select each service model. Do your best to focus on differentiators. If a decision criterion appears for multiple service models, consider refining or excluding it. (For additional information, check out Info-Tech’s Reimagine IT Operations for a Cloud-First World blueprint.)
    3. Create a summary statement to capture your overall service model position. See the next slide for an example. Note: this can be incorporated into your cloud vision statement, so be sure that it reflects your genuine cloud preferences.
    4. Record the results in the Cloud Vision Executive Presentation.

    Cloud Vision Executive Presentation

    Vision for the cloud future state (example)

    Service model Decision criteria
    SaaS

    SaaS first; opt for SaaS when:

    • A SaaS option exists that meets all key business requirements
    • There is a strong desire to have someone else (the vendor) manage infrastructure components/the platform
    • Not particularly sensitive to performance thresholds
    • The goal is to transition management of the workload outside of IT
    • SaaS is the only feasible way to consume the desired service
    PaaS
    • Highly customized service/workload – SaaS not feasible
    • Still preferable to offload as much management as possible to third parties
    • Customization required, but not at the platform level
    • The workload is built using a standard framework
    • We have the time/resources to replatform
    IaaS
    • Service needs to be lifted and shifted out of the datacenter quickly
    • Customization is required at the platform level/there is value in managing components
    • There is no need to manage facilities
    • Performance is not impacted by hosting the workload offsite
    • There is value in right-sizing the workload over time
    On-premises Anything that does not fit in the cloud for performance or other reasons (e.g. licensing key)

    Summary statement: SaaS will be the primary service model. All workloads will migrate to the public cloud where possible. Anything that cannot be migrated to SaaS will be migrated to PaaS. IaaS is a transitory step.

    4.2.3 Build a support model rubric

    1 hour

    Input

    • Results of the cloud workload assessments

    Output

    • Support model rubric

    Materials

    • Whiteboard
    • Cloud Vision Executive Presentation

    Participants

    • Core working group
    1. The final rubric covered here is that for the support model. Where will you procure the skills necessary to ensure the vision’s proper execution? Much like the other rubric activities, write the three support models vertically (in order of preference, if you have one) on a whiteboard.
    2. Next to each model, describe the circumstances under which you would select each support model. Focus on the dimensions: the duration of the engagement, specialization required, and flexibility required. If you have existing rules/practices around hiring consultants/MSPs, consider those as well.
    3. Once you have a good list of decision criteria, form a summary statement. This should encapsulate your position on support models and should mention any notable criteria that will contribute to most decisions.
    4. Record the results in the Cloud Vision Executive Presentation.

    Cloud Vision Executive Presentation

    Vision for the cloud future state (example)

    Support model Decision criteria
    Internal IT

    The primary support model will be internal IT going forward

    • Chosen where the primary work required is administrative
    • Where existing staff can manage the service in the cloud easily and effectively
    • Where the chosen solution fits the SaaS service model
    Consultant
    • Where the work required is time-bound (e.g. a migration/refactoring exercise)
    • Where the skills do not exist in house, and where the skills cannot easily be procured (specific technical expertise required in areas of the cloud unfamiliar to staff)
    • Where opportunities for staff to learn from consultant SMEs are valuable
    • Where ongoing management and maintenance can be handled in house
    MSP
    • Where an ongoing relationship is valued
    • Where ongoing administration and maintenance are disproportionately burdensome on IT staff (or where this administration and maintenance is likely to be burdensome)
    • Where the managed services model has already been proven out
    • Where specific expertise in an area of technology is required but this does not rise to the need to hire an FTE (e.g. telephony)

    Summary statement: Most workloads will be managed in house. A consultant will be employed to facilitate the transition to micro-services in a cloud container environment, but this will be transitioned to in-house staff. An MSP will continue to manage backups and telephony.

    Step 4.3

    Create cloud vision

    Activities

    4.3.1 Create a cloud vision statement

    4.3.2 Map cloud workloads

    4.3.3 Complete the Cloud Vision Presentation

    Review and assign work items

    Finalize cloud decision framework

    Create cloud vision

    This step involves the following participants:

    • Core working group
    • IT management

    Outcomes of this step

    Completed Cloud Vision Executive Presentation

    4.3.1 Create a cloud vision statement

    1 hour

    Input

    • List of cloud initiatives

    Output

    • Initiatives assigned by responsibility and timeline

    Materials

    • Cloud Vision Workbook

    Participants

    • Core working group
    1. Now that you know what service models are appropriate, it’s time to summarize your cloud vision in a succinct, consumable way. A good vision statement should have three components:
      • Scope: Which parts of the organization will the strategy impact?
      • Goal: What is the strategy intended to accomplish?
      • Key differentiator: What makes the new strategy special?
    2. On a whiteboard, make a chart with three columns (one column for each of the features of a good mission statement). Have the group generate a list of words to describe each of the categories. Ideally, the group will produce multiple answers for each category.
    3. Once you’ve gathered a few different responses for each category, have the team put their heads down and generate pithy mission statements that capture the sentiments underlying each category.
    4. Have participants read their vision statements in front of the group. Use the rest of the session to produce a final statement. Record the results in the Cloud Strategy Executive Presentation.

    Example vision statement outputs

    “IT at ACME Corp. hereby commits to providing clients and end users with an unparalleled, productivity-enabling technology experience, leveraging, insofar as it is possible and practical, cloud-based services.”

    “At ACME Corp. our employees and customers are our first priority. Using new, agile cloud services, IT is devoted to eliminating inefficiency, providing cutting-edge solutions for a fast-paced world, and making a positive difference in the lives of our colleagues and the people we serve.”

    As a global leader in technology, ACME Corp. is committed to taking full advantage of new cloud services, looking first to agile cloud options to optimize internal processes wherever efficiency gaps exist. Improved efficiency will allow associates to spend more time on ACME’s core mission: providing an unrivalled customer experience.”

    Scope

    Goal

    Key differentiator

    4.3.2 Map cloud workloads

    1 hour

    Input

    • List of workloads
    • List of acceptable service models
    • List of acceptable migration paths

    Output

    • Workloads mapped by service model/migration path

    Materials

    • Whiteboard
    • Sticky notes

    Participants

    • Core working group
    1. Now that you have defined your overall cloud vision as well as your service model options, consider aligning your service model preferences with your migration path preferences. Draw a table with your expected migration strategies across the top (retain, retire, rehost, replatform, refactor, repurchase, or some of these) and your expected service models across the side.
    2. On individual sticky notes, write a list of workloads in your environment. In a smaller environment, this list can be exhaustive. Otherwise take advantage of the list you created as part of phase 1 along with any additional workloads that warrant discussion.
    3. As a group, go through the list, placing the sticky notes first in the appropriate row based on their characteristics and the decision criteria that have already been defined, and then in the appropriate column based on the appropriate migration path. (See the next slide for an example of what this looks like.)
    4. Record the results in the Cloud Vision Executive Presentation. Note: not every cell will be filled; some migration path/service model combinations are impossible or otherwise undesirable.

    Cloud Vision Executive Presentation

    Example cloud workload map

    Repurchase Replatform Rehost Retain
    SaaS

    Office suite

    AD

    PaaS SQL Database
    IaaS File Storage DR environment
    Other

    CCTV

    Door access

    4.3.3 Complete the Cloud Vision Presentation

    1 hour

    Input

    • List of cloud initiatives

    Output

    • Initiatives assigned by responsibility and timeline

    Materials

    • Cloud Vision Workbook

    Participants

    • Core working group
    1. Open the Cloud Vision Executive Presentation to the second slide and review the templated executive brief. This comprises several sections (see the next slide). Populate each one:
      • Summary of the exercise
      • The cloud vision statement
      • Key cloud drivers
      • Risks and roadblocks
      • Top initiatives and next steps
    2. Review the remainder of the presentation. Be sure to elaborate on any significant initiatives and changes (where applicable) and to delete any slides that you no longer require.

    Cloud Vision Workbook

    Sample cloud vision executive summary

    • From [date to date], a cross-functional group representing IT and its constituents met to discuss the cloud.
    • Over the course of the week, the group identified drivers for cloud computing and developed a shared vision, evaluated several workloads through an assessment framework, identified risks, roadblocks, and mitigations, and finally generated initiatives and next steps.
    • From the process, the group produced a summary and a cloud suitability assessment framework that can be applied at the level of the workload.

    Cloud Vision Statement

    [Organization] will leverage public cloud solutions and retire existing datacenter and colocation facilities. This transition will simplify infrastructure administration, support, and security, while modernizing legacy infrastructure and reducing the need for additional capital expenditure.

    Cloud Drivers Retire the datacenter Do more valuable work
    Right-size the environment Reduce CapEx
    Facilitate ease of mgmt. Work from anywhere
    Reduce capital expenditure Take advantage of elasticity
    Performance and availability Governance Risks and roadblocks
    Security Rationalization
    Cost Skills
    Migration Remaining premises resources
    BC, backup, and DR Control

    Initiatives and next steps

    • Close the datacenter and colocation site in favor of a SaaS-first cloud approach.
    • Some workloads will migrate to infrastructure-as-a-service in the short term with the assistance of third-party consultants.

    Document your cloud strategy

    You did it!

    Congratulations! If you’ve made it this far, you’ve successfully articulated a cloud vision, assessed workloads, developed an understanding (shared with your team and stakeholders) of cloud concepts, and mitigated risks and roadblocks that you may encounter along your cloud journey. From this exercise, you should understand your mission and vision, how your cloud plans will interact with any other relevant strategic plans, and what successful execution looks like, as well as developing a good understanding of overall guiding principles. These are several components of your overall strategy, but they do not comprise the strategy in its entirety.

    How do you fix this?

    First, validate the results of the vision exercise with your stakeholders. Socialize it and collect feedback. Make changes where you think changes should be made. This will become a key foundational piece. The next step is to formally document your cloud strategy. This is a separate project and is covered in the Info-Tech blueprint Document Your Cloud Strategy.

    The vision exercise tells you where you want to go and offers some clues as to how to get there. The formal strategy exercise is a formal documentation of the target state, but also captures in detail the steps you’ll need to take, the processes you’ll need to refine, and the people you’ll need to hire.

    A cloud strategy should comprise your organizational stance on how the cloud will change your approach to people and human resources, technology, and governance. Once you are confident that you can make and enforce decisions in these areas, you should consider moving on to Document Your Cloud Strategy. This blueprint, Define Your Cloud Vision, often serves as a prerequisite for the strategy documentation conversation(s).

    Appendix

    Summary of Accomplishment

    Additional Support

    Research Contributors

    Related Info-Tech Research

    Vendor Resources

    Bibliography

    Summary of Accomplishment

    Problem Solved

    You have now documented what you want from the cloud, what you mean when you say “cloud,” and some preliminary steps you can take to make your vision a reality.

    You now have at your disposal a framework for identifying and evaluating candidates for their cloud suitability, as well as a series of techniques for generating risks and mitigations associated with your cloud journey. The next step is to formalize your cloud strategy using the takeaways from this exercise. You’re well on your way to a completed cloud strategy!

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com

    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Generate drivers for cloud adoption

    Work with stakeholders to understand the expected benefits of the cloud migration and how these drivers will impact the overall vision.

    Conduct workload assessments

    Assess your individual cloud workloads for their suitability as candidates for the cloud migration.

    Bibliography

    “2021 State of the Cloud Report.” Flexera, 2021. Web.

    “2021 State of Upskilling Report.” Pluralsight, 2021. Web.

    “AWS Snowmobile.” Amazon Web Services, n.d. Web.

    “Azure products.” Microsoft, n.d. Web.

    “Azure Migrate Documentation.” Microsoft, n.d. Web.

    Bell, Harold. “Multi-Cloud vs. Hybrid Cloud: What’s the Difference?” Nutanix, 2019. Web.

    “Cloud Products.” Amazon Web Services, n.d. Web.

    “COBIT 2019 Framework: Introduction and Methodology.” ISACA, 2019. Web.

    Edmead, Mark T. “Using COBIT 2019 to Plan and Execute an Organization’s Transformation Strategy.” ISACA, 2020. Web.

    Flitter, Emily, and Karen Weise. “Capital One Data Breach Compromises Data of Over 100 Million.” The New York Times, 29 July 2019. Web.

    Gillis, Alexander S. “Cloud Security Posture Management (CSPM).” TechTarget, 2021. Web.

    “’How to Cloud’ with Capital One.” Amazon Web Services, n.d. Web.

    “IBM Closes Landmark Acquisition of Red Hat for $34 Billion; Defines Open, Hybrid Cloud Future.” Red Hat, 9 July 2019. Web.

    Mell, Peter, and Timothy Grance. “The NIST Definition of Cloud Computing.” National Institute of Standards and Technology, Sept. 2011. Web.

    Ng, Alfred. “Amazon Tells Senators it Isn't to Blame for Capital One Breach.” CNET, 2019. Web.

    Orban, Stephen. “6 Strategies for Migrating Applications to the Cloud.” Amazon Web Services, 2016. Web.

    Sullivan, Dan. “Cloud Access Security Broker (CASB).” TechTarget, 2021. Web.

    “What Is Secure Access Service Edge (SASE)?” Cisco, n.d. Web.

    Asset Management

    • Buy Link or Shortcode: {j2store}1|cart{/j2store}
    • Related Products: {j2store}1|crosssells{/j2store}
    • Up-Sell: {j2store}1|upsells{/j2store}
    • Download01-Title: Asset Management Executive Brief
    • Download-01: Visit Link
    • member rating overall impact (scale of 10): 9.1/10
    • member rating average dollars saved: $16,518
    • member rating average days saved: 19
    • Parent Category Name: Infra and Operations
    • Parent Category Link: /infra-and-operations
    Asset management has a clear impact on the financials of your company. Clear insights are essential to keep your spending at the right level.

    Asset Management

    Build Your Data Quality Program

    • Buy Link or Shortcode: {j2store}127|cart{/j2store}
    • member rating overall impact (scale of 10): 9.1/10 Overall Impact
    • member rating average dollars saved: $40,241 Average $ Saved
    • member rating average days saved: 33 Average Days Saved
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management
    • Experiencing the pitfalls of poor data quality and failing to benefit from good data quality, including:
      • Unreliable data and unfavorable output.
      • Inefficiencies and costly remedies.
      • Dissatisfied stakeholders.
    • The chances of successful decision-making capabilities are hindered with poor data quality.

    Our Advice

    Critical Insight

    • Address the root causes of your data quality issues and form a viable data quality program.
      • Be familiar with your organization’s data environment and business landscape.
      • Prioritize business use cases for data quality fixes.
      • Fix data quality issues at the root cause to ensure proper foundation for your data to flow.
    • It is important to sustain best practices and grow your data quality program.

    Impact and Result

    • Implement a set of data quality initiatives that are aligned with overall business objectives and aimed at addressing data practices and the data itself.
    • Develop a prioritized data quality improvement project roadmap and long-term improvement strategy.
    • Build related practices such as artificial intelligence and analytics with more confidence and less risk after achieving an appropriate level of data quality.

    Build Your Data Quality Program Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should establish a data quality program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define your organization’s data environment and business landscape

    Learn about what causes data quality issues, how to measure data quality, what makes a good data quality practice in relation to your data and business environments.

    • Business Capability Map Template

    2. Analyze your priorities for data quality fixes

    Determine your business unit priorities to create data quality improvement projects.

    • Data Quality Problem Statement Template
    • Data Quality Practice Assessment and Project Planning Tool

    3. Establish your organization’s data quality program

    Revisit the root causes of data quality issues and identify the relevant root causes to the highest priority business unit, then determine a strategy for fixing those issues.

    • Data Lineage Diagram Template
    • Data Quality Improvement Plan Template

    4. Grow and sustain your data quality practices

    Identify strategies for continuously monitoring and improving data quality at the organization.

    Infographic

    Workshop: Build Your Data Quality Program

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Your Organization’s Data Environment and Business Landscape

    The Purpose

    Evaluate the maturity of the existing data quality practice and activities.

    Assess how data quality is embedded into related data management practices.

    Envision a target state for the data quality practice.

    Key Benefits Achieved

    Understanding of the current data quality landscape

    Gaps, inefficiencies, and opportunities in the data quality practice are identified

    Target state for the data quality practice is defined

    Activities

    1.1 Explain approach and value proposition

    1.2 Detail business vision, objectives, and drivers

    1.3 Discuss data quality barriers, needs, and principles

    1.4 Assess current enterprise-wide data quality capabilities

    1.5 Identify data quality practice future state

    1.6 Analyze gaps in data quality practice

    Outputs

    Data Quality Management Primer

    Business Capability Map Template

    Data Culture Diagnostic

    Data Quality Diagnostic

    Data Quality Problem Statement Template

    2 Create a Strategy for Data Quality Project 1

    The Purpose

    Define improvement initiatives

    Define a data quality improvement strategy and roadmap

    Key Benefits Achieved

    Improvement initiatives are defined

    Improvement initiatives are evaluated and prioritized to develop an improvement strategy

    A roadmap is defined to depict when and how to tackle the improvement initiatives

    Activities

    2.1 Create business unit prioritization roadmap

    2.2 Develop subject areas project scope

    2.3 By subject area 1 data lineage analysis, root cause analysis, impact assessment, and business analysis

    Outputs

    Business Unit Prioritization Roadmap

    Subject area scope

    Data Lineage Diagram

    3 Create a Strategy for Data Quality Project 2

    The Purpose

    Define improvement initiatives

    Define a data quality improvement strategy and roadmap

    Key Benefits Achieved

    Improvement initiatives are defined

    Improvement initiatives are evaluated and prioritized to develop an improvement strategy

    A roadmap is defined to depict when and how to tackle the improvement initiatives

    Activities

    3.1 Understand how data quality management fits in with the organization’s data governance and data management programs

    3.2 By subject area 2 data lineage analysis, root cause analysis, impact assessment, and business analysis

    Outputs

    Data Lineage Diagram

    Root Cause Analysis

    Impact Analysis

    4 Create a Strategy for Data Quality Project 3

    The Purpose

    Determine a strategy for fixing data quality issues for the highest priority business unit

    Key Benefits Achieved

    Strategy defined for fixing data quality issues for highest priority business unit

    Activities

    4.1 Formulate strategies and actions to achieve data quality practice future state

    4.2 Formulate a data quality resolution plan for the defined subject area

    4.3 By subject area 3 data lineage analysis, root cause analysis, impact assessment, and business analysis

    Outputs

    Data Quality Improvement Plan

    Data Lineage Diagram

    5 Create a Plan for Sustaining Data Quality

    The Purpose

    Plan for continuous improvement in data quality

    Incorporate data quality management into the organization’s existing data management and governance programs

    Key Benefits Achieved

    Sustained and communicated data quality program

    Activities

    5.1 Formulate metrics for continuous tracking of data quality and monitoring the success of the data quality improvement initiative

    5.2 Workshop Debrief with Project Sponsor

    5.3 Meet with project sponsor/manager to discuss results and action items

    5.4 Wrap up outstanding items from the workshop, deliverables expectations, GIs

    Outputs

    Data Quality Practice Improvement Roadmap

    Data Quality Improvement Plan (for defined subject areas)

    Further reading

    Build Your Data Quality Program

    Quality Data Drives Quality Business Decisions

    Executive Brief

    Analyst Perspective

    Get ahead of the data curve by conquering data quality challenges.

    Regardless of the driving business strategy or focus, organizations are turning to data to leverage key insights and help improve the organization’s ability to realize its vision, key goals, and objectives.

    Poor quality data, however, can negatively affect time-to-insight and can undermine an organization’s customer experience efforts, product or service innovation, operational efficiency, or risk and compliance management. If you are looking to draw insights from your data for decision making, the quality of those insights is only as good as the quality of the data feeding or fueling them.

    Improving data quality means having a data quality management practice that is sustainably successful and appropriate to the use of the data, while evolving to keep pace with or get ahead of changing business and data landscapes. It is not a matter of fixing one data set at a time, which is resource and time intensive, but instead identifying where data quality consistently goes off the rails, and creating a program to improve the data processes at the source.

    Crystal Singh

    Research Director, Data and Analytics

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Your organization is experiencing the pitfalls of poor data quality, including:

    • Unreliable data and unfavorable output.
    • Inefficiencies and costly remedies.
    • Dissatisfied stakeholders.

    Poor data quality hinders successful decision making.

    Common Obstacles

    Not understanding the purpose and execution of data quality causes some disorientation with your data.

    • Failure to realize the importance/value of data quality.
    • Unsure of where to start with data quality.
    • Lack of investment in data quality.

    Organizations tend to adopt a project mentality when it comes to data quality instead of taking the strategic approach that would be all-around more beneficial in the long term.

    Info-Tech’s Approach

    Address the root causes of your data quality issues by forming a viable data quality program.

    • Be familiar with your organization’s data environment and business landscape.
    • Prioritize business use cases for data quality fixes.
    • Fixing data quality issues at the root cause to ensure a proper foundation for your data to flow.

    It is important to sustain best practices and grow your data quality program.

    Info-Tech Insight

    Fix data quality issues as close as possible to the source of data while understanding that business use cases will each have different requirements and expectations from data quality.

    Data is the foundation of your organization’s knowledge

    Data enables your organization to make decisions.

    Reliable data is needed to facilitate data consumers at all levels of the enterprise.

    Insights, knowledge, and information are needed to inform operational, tactical, and strategic decision-making processes. Data and information are needed to manage the business and empower business processes such as billing, customer touchpoints, and fulfillment.

    Raw Data

    Business Information

    Actionable Insights

    Data should be at the foundation of your organization’s evolution. The transformational insights that executives are constantly seeking can be uncovered with a data quality practice that makes high-quality, trustworthy information readily available to the business users who need it.

    98% of companies use data to improve customer experience. (Experian Data Quality, 2019)

    High-Level Data Architecture

    The image is a graphic, which at the top shows different stages of data, and in the lower part of the graphic shows the data processes.

    Build Your Data Quality Program

    1. Data Quality & Data Culture Diagnostics Business Landscape Exercise
    2. Business Strategy & Use Cases
    3. Prioritize Use Cases With Poor Quality

    Info-Tech Insight

    As data is ingested, integrated, and maintained in the various streams of the organization's system and application architecture, there are multiple points where the quality of the data can degrade.

    1. Understand the organization's data culture and data quality environment across the business landscape.
    2. Prioritize business use cases with poor data quality.
    3. For each use case, identify data quality issues and requirements throughout the data pipeline.
    4. Fix data quality issues at the root cause.
    5. As data flow through quality assurance monitoring checkpoints, monitor data to ensure good quality output.

    Insight:

    Proper application of data quality dimensions throughout the data pipeline will result in superior business decisions.

    Data quality issues can occur at any stage of the data flow.

    The image shows the flow of data through various stages: Data Creation; Data Ingestion; Data Accumulation and Engineering; Data Delivery; and Reporting & Analytics. At the bottom, there are two bars: the left one labelled Fix data quality root causes here...; and the right reads: ...to prevent expensive cures here.

    The image is a legend that accompanies the data flow graphic. It indicates that a white and green square icon indicates Data quality dimensions; a red cube indicates a potential point of data quality degradation; the pink square indicates Root cause of poor data quality; and a green flag indicates Quality Assurance Monitoring.

    Prevent the domino effect of poor data quality

    Data is the foundation of decisions made at data-driven organizations.

    Therefore, if there are problems with the organization’s underlying data, this can have a domino effect on many downstream business functions.

    Let’s use an example to illustrate the domino effect of poor data quality.

    Organization X is looking to migrate their data to a single platform, System Y. After the migration, it has become apparent that reports generated from this platform are inconsistent and often seem wrong. What is the effect of this?

    1. Time must be spent on identifying the data quality issues, and often manual data quality fixes are employed. This will extend the time to deliver the project that depends on system Y by X months.
    2. To repair these issues, the business needs to contract two additional resources to complete the unforeseen work. The new resources cost $X each, as well as additional infrastructure and hardware costs.
    3. Now, the strategic objectives of the business are at risk and there is a feeling of mistrust in the new system Y.

    Three key challenges impacting the ability to deliver excellent customer experience

    30% Poor data quality

    30% Method of interaction changing

    30% Legacy systems or lack of new technology

    95% Of organizations indicated that poor data quality undermines business performance.

    (Source: Experian Data Quality, 2019)

    Maintaining quality data will support more informed decisions and strategic insight

    Improving your organization’s data quality will help the business realize the following benefits:

    Data-Driven Decision Making

    Business decisions should be made with a strong rationale. Data can provide insight into key business questions, such as, “How can I provide better customer satisfaction?”

    89% Of CIOs surveyed say lack of quality data is an obstacle to good decision making. (Larry Dignan, CIOs juggling digital transformation pace, bad data, cloud lock0in and business alignment, 2020)

    Customer Intimacy

    Improve marketing and the customer experience by using the right data from the system of record to analyze complete customer views of transactions, sentiments, and interactions.

    94% Percentage of senior IT leaders who say that poor data quality impinges business outcomes. (Clint Boulton, Disconnect between CIOs and LOB managers weakens data quality, 2016)

    Innovation Leadership

    Gain insights on your products, services, usage trends, industry directions, and competitor results to support decisions on innovations, new products, services, and pricing.

    20% Businesses lose as much as 20% of revenue due to poor data quality. (RingLead Data Management Solutions, 10 Stats About Data Quality I Bet You Didn’t Know)

    Operational Excellence

    Make sure the right solution is delivered rapidly and consistently to the right parties for the right price and cost structure. Automate processes by using the right data to drive process improvements.

    10-20% The implementation of data quality initiatives can lead to reductions in corporate budget of up to 20%. (HaloBI, 2015)

    However, maintaining data quality is difficult

    Avoid these pitfalls to get the true value out of your data.

    1. Data debt drags down ROI – a high degree of data debt will hinder you from attaining the ROI you’re expecting.
    2. Lack of trust means lack of usage – a lack of confidence in data results in a lack of data usage in your organization, which negatively effects strategic planning, KPIs, and business outcomes.
    3. Strategic assets become a liability – bad data puts your business at risk of failing compliance standards, which could result in you paying millions in fines.
    4. Increased costs and inefficiency – time spent fixing bad data means less workload capacity for your important initiatives and the inability to make data-based decisions.
    5. Barrier to adopting data-driven tech – emerging technologies, such as predictive analytics and artificial intelligence, rely on quality data. Inaccurate, incomplete, or irrelevant data will result in delays or a lack of ROI.
    6. Bad customer experience – Running your business on bad data can hinder your ability to deliver to your customers, growing their frustration, which negatively impacts your ability to maintain your customer base.

    Info-Tech Insight

    Data quality suffers most at the point of entry. This is one of the causes of the domino effect of data quality – and can be one of the most costly forms of data quality errors due to the error propagation. In other words, fix data ingestion, whether through improving your application and database design or improving your data ingestion policy, and you will fix a large majority of data quality issues.

    Follow Our Data & Analytics Journey

    Data Quality is laced into Data Strategy, Data Management, and Data Governance.

    • Data Strategy
      • Data Management
        • Data Quality
        • Data Governance
          • Data Architecture
            • MDM
            • Data Integration
            • Enterprise Content Management
            • Information Lifecycle Management
              • Data Warehouse/Lake/Lakehouse
                • Reporting and Analytics
                • AI

    Data quality is rooted in data management

    Extract Maximum Benefit Out of Your Data Quality Management.

    • Data management is the planning, execution, and oversight of policies, practices, and projects that acquire, control, protect, deliver, and enhance the value of data and information assets (DAMA, 2009).
    • In other words, getting the right information, to the right people, at the right time.
    • Data quality management exists within each of the data practices, information dimensions, business resources, and subject areas that comprise the data management framework.
    • Within this framework, an effective data quality practice will replace ad hoc processes with standardized practices.
    • An effective data quality practice cannot succeed without proper alignment and collaboration across this framework.
    • Alignment ensures that the data quality practice is fit for purpose to the business.

    The DAMA DMBOK2 Data Management Framework

    • Data Governance
      • Data Quality
      • Data Architecture
      • Data Modeling & Design
      • Data Storage & Operations
      • Data Security
      • Data Integration & Interoperability
      • Documents & Content
      • Reference & Master Data
      • Data Warehousing & Business Intelligence
      • Meta-data

    (Source: DAMA International)

    Related Info-Tech Research

    Build a Robust and Comprehensive Data Strategy

    • People often think that the main problems they need to fix first are related to data quality when the issues transpire at a much larger level. This blueprint is the key to building and fostering a data-driven culture.

    Create a Data Management Roadmap

    • Refer to this blueprint to understand data quality in the context of data disciplines and methods for improving your data management capabilities.

    Establish Data Governance

    • Define an effective data governance strategy and ensure the strategy integrates well with data quality with this blueprint.

    Info-Tech’s methodology for Data Quality

    Phase Steps 1. Define Your Organization’s Data Environment and Business Landscape 2. Analyze Your Priorities for Data Quality Fixes 3. Establish Your Organization’s Data Quality Program 4. Grow and Sustain Your Data Quality Practice
    Phase Outcomes This step identifies the foundational understanding of your data and business landscape, the essential concepts around data quality, as well as the core capabilities and competencies that IT needs to effectively improve data quality. To begin addressing specific, business-driven data quality projects, you must identify and prioritize the data-driven business units. This will ensure that data improvement initiatives are aligned to business goals and priorities. After determining whose data is going to be fixed based on priority, determine the specific problems that they are facing with data quality, and implement an improvement plan to fix it. Now that you have put an improvement plan into action, make sure that the data quality issues don’t keep cropping up. Integrate data quality management with data governance practices into your organization and look to grow your organization’s overall data maturity.

    Info-Tech Insight

    “Data Quality is in the eyes of the beholder.”– Igor Ikonnikov, Research Director

    Data quality means tolerance, not perfection

    Data from Info-Tech’s CIO Business Vision Diagnostic, which represents over 400 business stakeholders, shows that data quality is very important when satisfaction with data quality is low.

    However, when data quality satisfaction hit a threshold, it became less important.

    The image is a line graph, with the X-axis labelled Satisfaction with Data Quality, and the Y axis labelled Rated Importance for Data Quality. The line begins high, and then descends. There is text inside the graph, which is transcribed below.

    Respondents were asked “How satisfied are you with the quality, reliability, and effectiveness of the data you use to manage your group?” as well as to rank how important data quality was to their organization.

    When the business satisfaction of data quality reached a threshold value of 71-80%, the rated importance reached its lowest value.

    Info-Tech Insight

    Data needs to be good, but truly spectacular data may go unnoticed.

    Provide the right level of data quality, with the appropriate effort, for the correct usage. This blueprint will help you to determine what “the right level of data quality” means, as well as create a plan to achieve that goal for the business.

    Data Roles and Responsibilities

    Data quality occurs through three main layers across the data lifecycle

    Data Strategy

    Data Strategy should contain Data Quality as a standard component.

    ← Data Quality issues can occur throughout at any stage of the data flow →

    DQ Dimensions

    Timeliness – Representation – Usability – Consistency – Completeness – Uniqueness – Entry Quality – Validity – Confidence – Importance

    Source System Layer

    • Data Resource Manager/Collector: Enters data into a database and ensures that data collection sources are accurate

    Data Transformation Layer

    • ETL Developer: Designs data storage systems
    • Data Engineer: Oversees data integrations, data warehouses and data lakes, data pipelines
    • Database Administrator: Manages database systems, ensures they meet SLAs, performances, backups
    • Data Quality Engineer: Finds and cleanses bad data in data sources, creates processes to prevent data quality problems

    Consumption Layer

    • Data Scientist: Gathers and analyses data from databases and other sources, runs models, and creates data visualizations for users
    • BI Analyst: Evaluates and mines complex data and transforms it into insights that drive business value. Uses BI software and tools to analyze industry trends and create visualizations for business users
    • Data Analyst: Extracts data from business systems, analyzes it, and creates reports and dashboards for users
    • BI Engineer: Documents business needs on data analysis and reporting and develops BI systems, reports, and dashboards to support them
    Data Creation → [SLA] Data Ingestion [ QA] →Data Accumulation & Engineering → [SLA] Data Delivery [QA] →Reporting & Analytics
    Fix Data Quality root causes here… to prevent expensive cures here.

    Executive Brief Case Study

    Industry: Healthcare

    Source: Primary Info-Tech Research

    Align source systems to maximize business output.

    A healthcare insurance agency faced data quality issues in which a key business use case was impacted negatively. Business rules were not well defined, and default values instead of real value caused a concern. When dealing with multiple addresses, data was coming from different source systems.

    The challenge was to identify the most accurate address, as some were incomplete, and some lacked currency and were not up to date. This especially challenged a key business unit, marketing, to derive business value in performing key activities by being unable to reach out to existing customers to advertise any additional products.

    For this initiative, this insurance agency took an economic approach by addressing those data quality issues using internal resources.

    Results

    Without having any MDM tools or having a master record or any specific technology relating to data quality, this insurance agency used in-house development to tackle those particular issues at the source system. Data quality capabilities such as data profiling were used to uncover those issues and address them.

    “Data quality is subjective; you have to be selective in terms of targeting the data that matters the most. When getting business tools right, most issues will be fixed and lead to achieving the most value.” – Asif Mumtaz, Data & Solution Architect

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostic and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3 Phase 4
    • Call #1: Learn about the concepts of data quality and the common root causes of poor data quality.
    • Call #2: Identify the core capabilities of IT for improving data quality on an enterprise scale.
    • Call #3: Determine which business units use data and require data quality remediation.
    • Call #4: Create a plan for addressing business unit data quality issues according to priority of the business units based on value and impact of data.
    • Call #5: Revisit the root causes of data quality issues and identify the relevant root causes to the highest priority business unit.
    • Call #6: Determine a strategy for fixing data quality issues for the highest priority business unit.
    • Call #7: Identify strategies for continuously monitoring and improving data quality at the organization.
    • Call #8: Learn how to incorporate data quality practices in the organization’s larger data management and data governance frameworks.
    • Call #9: Summarize results and plan next steps on how to evolve your data landscape.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between eight to twelve calls over the course of four to six months.

    Workshop Overview

    Contact your account representative for more information. workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Day 5
    Define Your Organization’s Data Environment and Business Landscape Create a Strategy for Data Quality Project 1 Create a Strategy for Data Quality Project 2 Create a Strategy for Data Quality Project 3 Create a Plan for Sustaining Data Quality
    Activities
    1. Explain approach and value proposition.
    2. Detail business vision, objectives, and drivers.
    3. Discuss data quality barriers, needs, and principles.
    4. Assess current enterprise-wide data quality capabilities.
    5. Identify data quality practice future state.
    6. Analyze gaps in data quality practice.
    1. Create business unit prioritization roadmap.
    2. Develop subject areas project scope.
    3. By subject area 1:
    • Data lineage analysis
    • Root cause analysis
    • Impact assessment
    • Business analysis
    1. Understand how data quality management fits in with the organization’s data governance and data management programs.
    2. By subject area 2:
    • Data lineage analysis
    • Root cause analysis
    • Impact assessment
    • Business analysis
    1. Formulate strategies and actions to achieve data quality practice future state.
    2. Formulate data quality resolution plan for defined subject area.
    3. By subject area 3:
    • Data lineage analysis
    • Root cause analysis
    • Impact assessment
    • Business analysis
    1. Formulate metrics for continuous tracking of data quality and monitoring the success of the data quality improvement initiative.
    2. Workshop Debrief with Project Sponsor.
    • Meet with project sponsor/manager to discuss results and action items.
    • Wrap up outstanding items from the workshop, deliverables expectations, GIs.
    Deliverables
    1. Data Quality Management Primer
    2. Business Capability Map Template
    3. Data Culture Diagnostic
    4. Data Quality Diagnostic
    5. Data Quality Problem Statement Template
    1. Business Unit Prioritization Roadmap
    2. Subject area scope
    3. Data Lineage Diagram
    1. Data Lineage Diagram
    2. Root Cause Analysis
    3. Impact Analysis
    1. Data Lineage Diagram
    2. Data Quality Improvement Plan
    1. Data Quality Practice Improvement Roadmap
    2. Data Quality Improvement Plan (for defined subject areas)

    Phase 1

    Define Your Organization’s Data Environment and Business Landscape

    Build Your Data Quality Program

    Data quality is a methodology and must be treated as such

    A comprehensive data quality practice includes appropriate business requirements gathering, planning, governance, and oversight capabilities, as well as empowering technologies for properly trained staff, and ongoing development processes.

    Some common examples of appropriate data management methodologies for data quality are:

    • The data quality team has the necessary competencies and resources to perform the outlined workload.
    • There are processes that exist for continuously evaluating data quality performance capabilities.
    • Improvement strategies are designed to increase data quality performance capabilities.
    • Policies and procedures that govern data quality are well-documented, communicated, followed, and updated.
    • Change controls exist for revising policies and procedures, including communication of updates and changes.
    • Self-auditing techniques are used to ensure business-IT alignment when designing or recalibrating strategies.

    Effective data quality practices coordinate with other overarching data disciplines, related data practices, and strategic business objectives.

    “You don’t solve data quality with a Band-Aid; you solve it with a methodology.” – Diraj Goel, Growth Advisor, BC Tech

    Data quality can be defined by four key quality indicators

    Similar to measuring the acidity of a substance with a litmus test, the quality of your data can be measured using a simple indicator test. As you learn about common root causes of data quality problems in the following slides, think about these four quality indicators to assess the quality of your data:

    • Completeness – Closeness to the correct value. Encompasses accuracy, consistency, and comparability to other databases.
    • Usability – The degree to which data meets current user needs. To measure this, you must determine if the user is satisfied with the data they are using to complete their business functions.
    • Timeliness – Length of time between creation and availability of data.
    • Accessibility – How easily a user can access and understand the data (including data definitions and context). Interpretability can also be used to describe this indicator.

    Info-Tech Insight

    Quality is a relative term. Data quality is measured in terms of tolerance. Perfect data quality is both impossible and a waste of time and effort.

    How to get investment for your data quality program

    Follow these steps to convince leadership of the value of data quality:

    “You have to level with people, you cannot just start talking with the language of data and expect them to understand when the other language is money and numbers.” – Izabela Edmunds, Information Architect at Mott MacDonald

    1. Perform Phases 0 & 1 of this blueprint as this will offer value in carrying out the following steps.
    2. Build credibility. Show them your understanding of data and how it aligns to the business.
    3. Provide tangible evidence of how significant business use cases are impacted by poor quality data.
    4. Present the ROI of fixing the data quality issues you have prioritized.
    5. Explain how the data quality program will be established, implemented, and sustained.
    6. Prove the importance of fixing data quality issues at the source and how it is the most efficient, effective, and cost-friendly solution.

    Phase 1 deliverables

    Each of these deliverables serve as inputs to detect key outcomes about your organization and to help complete this blueprint:

    1. Data Culture Diagnostic

    Use this report to understand where your organization lies across areas relating to data culture.

    While the Quality & Trust area of the report might be most prevalent to this blueprint, this diagnostic may point out other areas demanding more attention.

    Please speak to your account manager for access

    2. Business Capability Map Template

    Perform this process to understand the capabilities that enable specific value streams. The output of this deliverable is a high-level view of your organization’s defined business capabilities.

    Download this tool

    Info-Tech Insight

    Understanding your data culture and business capabilities are foundational to starting the journey of data quality improvement.

    Key deliverable:

    3. Data Quality Diagnostic

    The Data Quality Report is designed to help you understand, assess, and improve key organizational data quality issues. This is where respondents across various areas in the organization can assess Data Quality across various dimensions.

    Download this tool

    Data Quality Diagnostic Value

    Prioritize business use cases with our data quality dimensions.

    • Complete this diagnostic for each major business use case. The output from the Data Culture Diagnostic and the Business Capability Map should help you understand which use cases to address.
    • Involve all key stakeholders involved in the business use case. There may be multiple business units involved in a single use case.
    • Prioritize the business use cases that need the most attention pertaining to data quality by comparing the scores of the Importance and Confidence data quality dimensions.

    If there are data elements that are considered of high importance and low confidence, then they must be prioritized.

    Sample Scorecard

    The image shows a screen capture of a scorecard, with sample information filled in.

    The image shows a screen capture of a scorecard, with sample information filled in.

    Poor data quality develops due to multiple root causes

    After you get to know the properties of good quality data, understand the underlying causes of why those indicators can point to poor data quality.

    If you notice that the usability, completeness, timeliness, or accessibility of the organization’s data is suffering, one or more of the following root causes are likely plaguing your data:

    Common root causes of poor data quality, through the lens of Info-Tech’s Five-Tier Data Architecture:

    The image shows a graphic of Info-Tech's Five-Tier Data Architecture, with root causes of poor data quality identified. In the data creation and ingestion stages, the root causes are identified as Poor system/application design, Poor database design, Inadequate enterprise integration. The root causes identified in the latter stages are: Absence of data quality policies, procedures, and standards, and Incomplete/suboptimal business processes

    These root causes of poor data quality are difficult to avoid, not only because they are often generated at an organization’s beginning stages, but also because change can be difficult. This means that the root causes are often propagated through stale or outdated business processes.

    Data quality problems root cause #1:

    Poor system or application design

    Application design plays one of the largest roles in the quality of the organization’s data. The proper design of applications can prevent data quality issues that can snowball into larger issues downstream.

    Proper ingestion is 90% of the battle. An ounce of prevention is worth a pound of cure. This is true in many different topics, and data quality is one of them. Designing an application so that data gets entered properly, whether by internal staff or external customers, is the single most effective way to prevent data quality issues.

    Some common causes of data quality problems at the application/system level include:

    • Too many open fields (free-form text fields that accept a variety of inputs).
    • There are no lookup capabilities present. Reference data should be looked up instead of entered.
    • Mandatory fields are not defined, resulting in blank fields.
    • No validation of data entries before writing to the underlying database.
    • Manual data entry encourages human error. This can be compounded by poor application design that facilitates the incorrect data entry.

    Data quality problems root cause #2:

    Poor database design

    Database design also affects data quality. How a database is designed to handle incoming data, including the schema and key identification, can impact the integrity of the data used for reporting and analytics.

    The most common type of database is the relational database. Therefore, we will focus on this type of database.

    When working with and designing relational databases, there are some important concepts that must be considered.

    Referential integrity is a term that is important for the design of relational database schema, and indicates that table relationships must always be consistent.

    For table relationships to be consistent, primary keys (unique value for each row) must uniquely identify entities in columns of the table. Foreign keys (field that is defined in a second table but refers to the primary key in the first table) must agree with the primary key that is referenced by the foreign key. To maintain referential integrity, any updates must be propagated to the primary parent key.

    Info-Tech Insight

    Other types of databases, including databases with unstructured data, need data quality consideration. However, unstructured data may have different levels of quality tolerance.

    At the database level, some common root causes include:

    1. Lack of referential integrity.
    2. Lack of unique keys.
    3. Don’t have restricted data range.
    4. Incorrect datatype, string fields that can hold too many characters.
    5. Orphaned records.

    Databases and People:

    Even though database design is a technology issue, don’t forget about the people.

    A lack of training employees on database permissions for updating/entering data into the physical databases is a common problem for data quality.

    Data quality problems root cause #3:

    Improper integration and synchronization of enterprise data

    Data ingestion is another category of data-quality-issue root causes. When moving data in Tier 2, whether it is through ETL, ESB, point-to-point integration, etc., the integrity of the data during movement and/or transformation needs to be maintained.

    Tier 2 (the data ingestion layer) serves to move data for one of two main purposes:

    • To move data from originating systems to downstream systems to support integrated business processes.
    • To move data to Tier 3 where data rests for other purposes. This movement of data in its purest form means we move raw data to storage locations in an overall data warehouse environment reflecting any security, compliance and other standards in our choices for how to store. Also, it is where data is transformed for unique business purpose that will also be moved to a place of rest or a place of specific use. Data cleansing and matching and other data-related blending tasks occur at this layer.

    This ensures the data is pristine throughout the process and improves trustworthiness of outcomes and speed to task completion.

    At the integration layer, some common root causes of data quality problems include:

    1. No data mask. For example, zip code should have a mask of five numeric characters.
    2. Questionable aggregation, transformation process, or incorrect logic.
    3. Unsynchronized data refresh process in an integrated environment.
    4. Lack of a data matching tool.
    5. Lack of a data quality tool.
    6. Don’t have data profiling capability.
    7. Errors with data conversion or migration processes – when migrating, decommissioning, or converting systems – movement of data sets.
    8. Incorrect data mapping between data sources and targets.

    Data quality problems root cause #4:

    Insufficient and ineffective data quality policies and procedures

    Data policies and procedures are necessary for establishing standards around data and represent another category of data-quality-issue root causes. This issue spans across all five of the 5 Tier Architecture.

    Data policies are short statements that seek to manage the creation, acquisition, integrity, security, compliance, and quality of data. These policies vary amongst organizations, depending on your specific data needs.

    • Policies describe what to do, while standards and procedures describe how to do something.
    • There should be few data policies, and they should be brief and direct. Policies are living documents and should be continuously updated to respond to the organization’s data needs.
    • The data policies should highlight who is responsible for the data under various scenarios and rules around how to manage it effectively.

    Some common root causes of data quality issues related to policies and procedures include:

    1. Policies are absent or out of date.
    2. Employees are largely unaware of policies in effect.
    3. Policies are unmonitored and unenforced.
    4. Policies are in multiple locations.
    5. Multiple versions of the same policy exist.
    6. Policies are managed inconsistently across different silos.
    7. Policies are written poorly by untrained authors.
    8. Inadequate policy training program.
    9. Draft policies stall and lose momentum.
    10. Weak policy support from senior management.

    Data quality problems root cause #5:

    Inefficient or ineffective business processes

    Some common root causes of data quality issues related to business processes include:

    1. Multiple entries of the same record leads to duplicate records proliferating in the database.
    2. Many business definitions of data.
    3. Failure to document data manipulations when presenting data.
    4. Failure to train people on how to understand data.
    5. Manually intensive processes can result in duplication of effort (creates room for errors).
    6. No clear delineation of dependencies of business processes within or between departments, which leads to a siloed approach to business processes, rather than a coordinated and aligned approach.

    Business processes can impact data quality. How data is entered into systems, as well as employee training and knowledge about the correct data definitions, can impact the quality of your organization’s data.

    These problematic business process root causes can lead to:

    Duplicate records

    Incomplete data

    Improper use of data

    Wrong data entered into fields

    These data quality issues will result in costly and inefficient manual fixes, wasting valuable time and resources.

    Phase 1 Summary

    1. Data Quality Understanding

    • Understanding that data quality is a methodology and should be treated as such.
    • Data quality can be defined by four key indicators which are completeness, usability, timeliness, and accessibility.
    • Explained how to get investment for your data quality program and showcasing its value to leadership.

    2. Phase 0 Deliverables

    Introduced foundational tools to help you throughout this blueprint:

    • Complete the Data Culture Diagnostic and Business Capability Map Template as they are foundational in understanding your data culture and business capabilities to start the journey of data quality improvement.
    • Involve key relevant stakeholders when completing the Data Quality Diagnostic for each major business use case. Use the Importance and Confidence dimensions to help you prioritize which use case to address.

    3. Common Root Causes

    Addressed where multiple root causes can occur throughout the flow of your data.

    Analyzed the following common root causes of data quality:

    1. Poor system or application design
    2. Poor database design
    3. Improper integration and synchronization of enterprise data
    4. Insufficient and ineffective data quality policies and procedures
    5. Inefficient or ineffective business processes

    Phase 2

    Analyze Your Priorities for Data Quality Fixes

    Build Your Data Quality Program

    Business Context & Data Quality

    Establish the business context of data quality improvement projects at the business unit level to find common goals.

    • To ensure the data improvement strategy is business driven, start your data quality project evaluation by understanding the business context. You will then determine which business units use data and create a roadmap for prioritizing business units for data quality repairs.
    • Your business context is represented by your corporate business vision, mission, goals and objectives, differentiators, and drivers. Collectively, they provide essential information on what is important to your organization, and some hints on how to achieve that. In this step, you will gather important information about your business view and interpret the business view to establish a data view.

    Business Vision

    Business Goals

    Business Drivers

    Business Differentiators

    Not every business unit uses data to the same extent

    A data flow diagram can provide value by allowing an organization to adopt a proactive approach to data quality. Save time by knowing where the entry points are and where to look for data flaws.

    Understanding where data lives can be challenging as it is often in motion and rarely resides in one place. There are multiple benefits that come from taking the time to create a data flow diagram.

    • Mapping out the flow of data can help provide clarity on where the data lives and how it moves through the enterprise systems.
    • Having a visual of where and when data moves helps to understand who is using data and how it is being manipulated at different points.
    • A data flow diagram will allow you to elicit how data is used in a different use case.

    Info-Tech’s Four-Column Model of Data will help you to identify the essential aspects of your data:

    Business Use Case →Used by→Business Unit →Housed in→Systems→Used for→Usage of the Data

    Not every business unit requires the same standard of data quality

    To prioritize your business units for data quality improvement projects, you must analyze the relative importance of the data they use to the business. The more important the data is to the business, the higher the priority is of fixing that data. There are two measures for determining the importance of data: business value and business impact.

    Business Value of Data

    Business value of data can be evaluated by thinking about its ties to revenue generation for the organization, as well as how it is used for productivity and operations at the organization.

    The business value of data is assessed by asking what would happen to the following parameters if the data is not usable (due to poor quality, for example):

    • Loss of Revenue
    • Loss of Productivity
    • Increased Operating Costs

    Business Impact of Data

    Business impact of data should take into account the effects of poor data on both internal and external parties.

    The business impact of data is assessed by asking what the impact would be of bad data on the following parameters:

    • Impact on Customers
    • Impact on Internal Staff
    • Impact on Business Partners

    Value + Impact = Data Priority Score

    Ensure that the project starts on the right foot by completing Info-Tech’s Data Quality Problem Statement Template

    Before you can identify a solution, you must identify the problem with the business unit’s data.

    Download this tool

    Use Info-Tech’s Data Quality Problem Statement Template to identify the symptoms of poor data quality and articulate the problem.

    Info-Tech’s Data Quality Problem Statement Template will walk you through a step-by-step approach to identifying and describing the problems that the business unit feels regarding its data quality.

    Before articulating the problem, it helps to identify the symptoms of the problem. The following W’s will help you to describe the symptoms of the data quality issues:

    What

    Define the symptoms and feelings produced by poor data quality in the business unit.

    Where

    Define the location of the data that are causing data quality issues.

    When

    Define how severe the data quality issues are in frequency and duration.

    Who

    Define who is affected by the data quality problems and who works with the data.

    Info-Tech Best Practice

    Symptoms vs. Problems. Often, people will identify a list of symptoms of a problem and mistake those for the problem. Identifying the symptoms helps to define the problem, but symptoms do not help to identify the solution. The problem statement helps you to create solutions.

    Define the project problem to articulate the purpose

    1 hour

    Input

    • Symptoms of data quality issues in the business unit

    Output

    • Refined problem description

    Materials

    • Data Quality Problem Statement Template

    Participants

    • Data Quality Improvement Project team
    • Business line representatives

    A defined problem helps you to create clear goals, as well as lead your thinking to determine solutions to the problem.

    A problem statement consists of one or two sentences that summarize a condition or issue that a quality improvement team is meant to address. For the improvement team to fix the problem, the problem statement therefore has to be specific and concise.

    Instructions

    1. Gather the Data Quality Improvement Project Team in a room and start with an issue that is believed to be related to data quality.
    2. Ask what are the attributes and symptoms of that reality today; do this with the people impacted by the issue. This should be an IT and business collaboration.
    3. Draw your conclusions of what it all means: what have you collectively learned?
    4. Consider the implications of your conclusions and other considerations that must be taken into account such as regulatory needs, compliance, policy, and targets.
    5. Develop solutions – Contain the problem to something that can be solved in a realistic timeframe, such as three months.

    Download the Data Quality Problem Statement Template

    Case Study

    A strategic roadmap rooted in business requirements primes a data quality improvement plan for success.

    MathWorks

    Industry

    Software Development

    Source

    Primary Info-Tech Research

    As part of moving to a formalized data quality practice, MathWorks leveraged an incremental approach that took its time investigating business cases to support improvement actions. Establishing realistic goals for improvement in the form of a roadmap was a central component for gaining executive approval to push the project forward.

    Roadmap Creation

    In constructing a comprehensive roadmap that incorporated findings from business process and data analyses, MathWorks opted to document five-year and three-year overall goals, with one-year objectives that supported each goal. This approach ensured that the tactical actions taken were directed by long-term strategic objectives.

    Results – Business Alignment

    In presenting their roadmap for executive approval, MathWorks placed emphasis on communicating the progression and impact of their initiatives in terms that would engage business users. They focused on maintaining continual lines of communication with business stakeholders to demonstrate the value of the initiatives and also to gradually shift the corporate culture to one that is invested in an effective data quality practice.

    “Don’t jump at the first opportunity, because you may be putting out a fire with a cup of water where a fire truck is needed.” – Executive Advisor, IT Research and Advisory Firm

    Use Info-Tech’s Practice Assessment and Project Planning Tool to create your strategy for improving data quality

    Assess IT’s capabilities and competencies around data quality and plan to build these as the organization’s data quality practice develops. Before you can fix data quality, make sure you have the necessary skills and abilities to fix data quality correctly.

    The following IT capabilities are developed on an ongoing basis and are necessary for standardizing and structuring a data quality practice:

    • Meeting Business Needs
    • Services and Projects
    • Policies, Procedures, and Standards
    • Roles and Organizational Structure
    • Oversight and Communication
    • Data Quality of Different Data Types

    Download this Tool

    Data Handling and Remediation Competencies:

    • Data Standardization: Formatting values into consistent standards based on industry standards and business rules.
    • Data Cleansing: Modification of values to meet domain restrictions, integrity constraints, or other business rules for sufficient data quality for the organization.
    • Data Matching: Identification, linking, and merging related entries in or across sets of data.
    • Data Validation: Checking for correctness of the data.

    After these capabilities and competencies are assessed for a current and desired target state, the Data Quality Practice Assessment and Project Planning Tool will suggest improvement actions that should be followed in order to build your data quality practice. In addition, a roadmap will be generated after target dates are set to create your data quality practice development strategy.

    Benchmark current and identify target capabilities for your data quality practice

    1 hour

    Input

    • Current and desired data quality practices in the organization

    Output

    • Assessment of where the gaps lie in your data quality practice

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Data Quality Project Lead
    • Business Line Representatives
    • Business Architects

    Use the Data Quality Practice Assessment and Project Planning Tool to evaluate the baseline and target capabilities of your practice in terms of how data quality is approached and executed.

    Download this Tool

    Instructions

    1. Invite the appropriate stakeholders to participate in this exercise. Examples:
      1. Business executives will have input in Tab 2
      2. Unique stakeholders: communications expert or executive advisors may have input
    2. On Tab 2: Practice Components, assess the current and target states of each capability on a scale of 1–5. Note: “Ad hoc” implies a capability is completed, but randomly, informally, and without a standardized method.

    These results will set the baseline against which you will monitor performance progress and keep track of improvements over time.

    Info-Tech Insight

    Focus on early alignment. Assessing capabilities within specific people’s job functions can naturally result in disagreement or debate, especially between business and IT people. Remind everyone that data quality should ultimately serve business needs wherever possible.

    Visualization improves the holistic understanding of where gaps exist in your data quality practice

    To enable deeper analysis on the results of your practice assessment, Tab 3: Data Quality Practice Scorecard in the Data Quality Practice Assessment and Project Planning Tool creates visualizations of the gaps identified in each of your practice capabilities and related data management practices. These diagrams serve as analysis summaries.

    Gap assessment of “Meeting Business Needs” capabilities

    The image shows a screen capture of the Gap assessment of 
“Meeting Business Needs” capabilities, with sample information filled in.

    Visualization of gap assessment of data quality practice capabilities

    The image shows a bar graph titled Data Quality Capabilities.

    1. Enhance your gap analyses by forming a relative comparison of total gaps in key practice capability areas, which will help in determining priorities.
    • Example: In Tab 2 compare your capabilities within “Policies, Procedures, and Standards.” Then in Tab 3, compare your overall capabilities in “Policies, Procedures, and Standards” versus “Empowering Technologies.”
  • Put these up on display to improve discussion in the gap analyses and prioritization sessions.
  • Improve the clarity and flow of your strategy template, final presentations, and summary documents by copying and pasting the gap assessment diagrams.
  • Before engaging in the data quality improvement project plan, receive signoff from IT regarding feasibility

    The final piece of the puzzle is to gain sign-off from IT.

    Hofstadter's law: It always takes longer than you expect, even when you take into account Hofstadter’s Law.

    This means that before engaging IT in data quality projects to fix the business units’ data in Phase 2, IT must assess feasibility of the data quality improvement plan. A feasibility analysis is typically used to review the strengths and weaknesses of the projects, as well as the availability of required skills and technologies needed to complete them. Use the following workflow to guide you in performing a feasibility analysis:

    Project evaluation process:

    Present capabilities

    • Operational Capabilities
    • System Capabilities
    • Schedule Capabilities
      • Summary of Evaluation Results
        • Recommendations/ modifications to the project plan

    Info-Tech Best Practice

    While the PMO identifies and coordinates projects, IT must determine how long and for how much.

    Conduct gap analysis sessions to review and prioritize the capability gaps

    1 hour

    Input

    • Current and Target State Assessment

    Output

    • Documented initiatives to help you get to the target state

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Data Quality team
    • IT representatives

    Instructions

    • Analyze Gap Analysis Results – As a group, discuss the high-level results on Tab 3: Data Quality Practice Score. Discuss the implications of the gaps identified.
    • Do a line-item review of the gaps between current and target levels for each assessed capability by using Tab 2: Practice Components.
    • Brainstorm Alignment Strategies – Brainstorm the effort and activities that will be necessary to support the practice in building its capabilities to the desired target level. Ask the following questions:
      • What activities must occur to enable this capability?
      • What changes/additions to resources, process, technology, business involvement, and communication must occur?
    • Document Data Quality Initiatives – Turn activities into initiatives by documenting them in Tab 4. Data Quality Practice Roadmap. Review the initiatives and estimate the start and end dates of each one.
    • Continue to evaluate the assessment results in order to create a comprehensive set of data quality initiatives that support your practice in building capabilities.

    Download this Tool

    Create the organization’s data quality improvement strategy roadmap

    1 hour

    Input

    • Data quality practice gaps and improvement actions

    Output

    • Data quality practice improvement roadmap

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Data Quality Project Lead
    • Business Executives
    • IT Executives
    • Business Architects

    Generating Your Roadmap

    1. Plan the sequence, starting time, and length of each initiative in the Data Quality Practice Assessment and Project Planning Tool.
    2. The tool will generate a Gantt chart based on the start and length of your initiatives.
    3. The Gantt chart is generated in Tab 4: Data Quality Practice Roadmap, and can be used to organize and ensure that all of the essential aspects of data quality are addressed.

    Use the Practice Roadmap to plan and improve data quality capabilities

    Download this Tool

    Info-Tech Best Practice

    To help get you started, Info-Tech has provided an extensive list of data quality improvement initiatives that are commonly undertaken by organizations looking to improve their data quality.

    Establish Baseline Metrics

    Baseline metrics will be improved through:

    2 hours

    Create practice-level metrics to monitor your data quality practice.

    Instructions:

    1. Establish metrics for both the business and IT that will be used to determine if the data quality practice development is effective.
    2. Set targets for each metric.
    3. Collect current data to calculate the metrics and establish a baseline.
    4. Assign an owner for tracking each metric to be accountable for performance.
    Metric Current Goal
    Usage (% of trained users using the data warehouse)
    Performance (response time)
    Performance (response time)
    Resource utilization (memory usage, number of machine cycles)
    User satisfaction (quarterly user surveys)
    Data quality (% values outside valid values, % fields missing, wrong data type, data outside acceptable range, data that violates business rules. Some aspects of data quality can be automatically tracked and reported)
    Costs (initial installation and ongoing, Total Cost of Ownership including servers, software licenses, support staff)
    Security (security violations detected, where violations are coming from, breaches)
    Patterns that are used
    Reduction in time to market for the data
    Completeness of data that is available
    How many "standard" data models are being used
    What is the extra business value from the data governance program?
    How much time is spent for data prep by BI & analytics team?

    Phase 2 summary

    As you improve your data quality practice and move from reactive to stable, don’t rest and assume that you can let data quality keep going by itself. Rapidly changing consumer requirements or other pains will catch up to your organization and you will fall behind again. By moving to the proactive and predictive end of the maturity scale, you can stay ahead of the curve. By following the methodology laid out in Phase 1, the data quality practices at your organization will improve over time, leading to the following results:

    Chaotic

    Before Data Quality Practice Improvements

    • No standards to data quality

    Reactive

    Year 1

    • Processes defined
    • Data cleansing approach to data quality

    Stable

    Year 2

    • Business rules/ stewardship in place
    • Education and training

    Proactive

    Year 3

    • Data quality practices fully in place and embedded in the culture
    • Trusted and intelligent enterprise

    (Global Data Excellence, Data Excellence Maturity Model)

    Phase 3

    Establish Your Organization’s Data Quality Program

    Build Your Data Quality Program

    Create a data lineage diagram to map the data journey and identify the data subject areas to be targeted for fixes

    It is important to understand the various data that exist in the business unit, as well as which data are essential to business function and require the highest degree of quality efforts.

    Visualize your databases and the flow of data. A data lineage diagram can help you and the Data Quality Improvement Team visualize where data issues lie. Keeping the five-tier architecture in mind, build your data lineage diagram.

    Reminder: Five-Tier Architecture

    The image shows the Five-Tier Architecture graphic.

    Use the following icons to represent your various data systems and databases.

    The image shows four icons. They are: the image of a square and a computer monitor, labelled Application; the image of two sheets of paper, labelled Desktop documents; the image of a green circle next to a computer monitor, labelled Web Application; and a blue cylinder labelled Database.

    Use Info-Tech’s Data Lineage Diagram to document the data sources and applications used by the business unit

    2 hours

    Input

    • Data sources and applications used by the business unit

    Output

    • Data lineage diagram

    Materials

    • Data Lineage Diagram Template

    Participants

    • Business Unit Head/Data Owner
    • Business Unit SMEs
    • Data Analysts/Architects

    Map the flow and location of data within a business unit by creating a system context diagram.

    Gain an accurate view of data locations and uses: Engage business users and representatives with a wide breadth of knowledge-related business processes and the use of data by related business operations.

    1. Sit down with key business representatives of the business unit.
    2. Document the sources of data and processes in which they’re involved, and get IT confirmation that the sources of the data are correct.
    3. Map out the sources and processes in a system context diagram.

    Download this Tool

    Sample Data Lineage Diagram

    The image shows a sample data lineage diagram, split into External Applications and Internal Applications, and showing the processes involved in each.

    Leverage Info-Tech’s Data Quality Practice Assessment and Project Planning Tool to document business context

    1 hour

    Input

    • Business vision, goals, and drivers

    Output

    • Business context for the data quality improvement project

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Data Quality project lead
    • Business line representatives
    • IT executives

    Develop goals and align them with specific objectives to set the framework for your data quality initiatives.

    In the context of achieving business vision, mission, goals, and objectives and sustaining differentiators and key drivers, think about where and how data quality is a barrier. Then brainstorm data quality improvement objectives that map to these barriers. Document your list of objectives in Tab 5. Prioritize business units of the Data Quality Practice Assessment and Project Planning Tool.

    Establishing Business Context Example

    Healthcare Industry

    Vision To improve member services and make service provider experience more effective through improving data quality and data collection, aggregation, and accessibility for all the members.
    Goals

    Establish meaningful metrics that guide to the improvement of healthcare for member effectiveness of health care providers:

    • Data collection
    • Data harmonization
    • Data accessibility and trust by all constituents.
    Differentiator Connect service consumers with service providers, that comply with established regulations by delivering data that is accurate, trusted, timely, and easy to understand to connect service providers and eliminate bureaucracy and save money and time.
    Key Driver Seamlessly provide a healthcare for members.

    Download this Tool

    Document the identified business units and their associated data

    30 minutes

    Input

    • Business units

    Output

    • Documented business units to begin prioritization

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Project Manager

    Instructions

    1. Using Tab 5: Prioritize Business Units of the Data Quality Practice Assessment and Project Planning Tool, document the business units that use data in the organization. This will likely be all business units in the organization.
    2. Next, document the primary data used by those business units.
    3. These inputs will then be used to assess business unit priority to generate a data quality improvement project roadmap.

    The image shows a screen capture of Tab 5: Prioritize Business Units, with sample information inputted.

    Reminder – Not every business unit requires the same standard of data quality

    To prioritize your business units for data quality improvement projects, you must analyze the relative importance of the data they use to the business. The more important the data is to the business, the higher the priority is of fixing that data. There are two measures for determining the importance of data: business value and business impact.

    Business Value of Data

    Business value of data can be evaluated by thinking about its ties to revenue generation for the organization, as well as how it is used for productivity and operations at the organization.

    The business value of data is assessed by asking what would happen to the following parameters if the data is not usable (due to poor quality, for example):

    • Loss of Revenue
    • Loss of Productivity
    • Increased Operating Costs

    Business Impact of Data

    Business impact of data should take into account the effects of poor data on both internal and external parties.

    The business impact of data is assessed by asking what the impact would be of bad data on the following parameters:

    • Impact on Customers
    • Impact on Internal Staff
    • Impact on Business Partners

    Value + Impact = Data Priority Score

    Assess the business unit priority order for data quality improvements

    2 hours

    Input

    • Assessment of value and impact of business unit data

    Output

    • Prioritization list for data quality improvement projects

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Project Manager
    • Data owners

    Instructions

    Instructions In Tab 5: Prioritize Business Units of the Data Quality Practice Assessment and Project Planning Tool, assess business value and business impact of the data within each documented business unit.

    Use the ratings High, Medium, and Low to measure the financial, productivity, and efficiency value and impact of each business unit’s data.

    In addition to these ratings, assess the number of help desk tickets that are submitted to IT regarding data quality issues. This parameter is an indicator that the business unit’s data is high priority for data quality fixes.

    Download this Tool

    Create a business unit order roadmap for your data quality improvement projects

    1 hour

    Input

    • Rating of importance of data for each business unit

    Output

    • Roadmap for data quality improvement projects

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Project Manager
    • Product Manager
    • Business line representatives

    Instructions

    After assessing the business units for the business value and business impact of their data, the Data Quality Practice Assessment and Project Planning Tool automatically assesses the prioritization of the business units based on your ratings. These prioritizations are then summarized in a roadmap on Tab 6: Data Quality Project Roadmap. The following is an example of a project roadmap:

    The image shows an example of a project roadmap, with three business units listed vertically along the left hand side, and a Gantt chart showing the time periods in which each Business Unit would work. At the bottom, a table shows the Length of the Project in days (100), and the start date for the first project.

    On Tab 6, insert the timeline for your data quality improvement projects, as well as the starting date of your first data quality project. The roadmap will automatically update with the chosen timing and dates.

    Download this Tool

    Identify metrics at the business unit level to track data quality improvements

    As you improve the data quality for specific business units, measuring the benefits of data quality improvements will help you demonstrate the value of the projects to the business.

    Use the following table to guide you in creating business-aligned metrics:

    Business Unit Driver Metrics Goal
    Sales Customer Intimacy Accuracy of customer data. Percent of missing or incomplete records. 10% decrease in customer record errors.

    Marketing

    Customer Intimacy Accuracy of customer data. Percent of missing or incomplete records. 10% decrease in customer record errors.
    Finance Operational Excellence Relevance of financial reports. Decrease in report inaccuracy complaints.
    HR Risk Management Accuracy of employee data. 10% decrease in employee record errors.
    Shipping Operational Excellence Timeliness of invoice data. 10% decrease in time to report.

    Info-Tech Insight

    Relating data governance success metrics to overall business benefits keeps executive management and executive sponsors engaged because they are seeing actionable results. Review metrics on an ongoing basis with those data owners/stewards who are accountable, the data governance steering committee, and the executive sponsors.

    Case Study

    Address data quality with the right approach to maximize the ROI

    EDC

    Industry: Government

    Source: Environment Development of Canada (EDC)

    Challenge

    Environment Development Canada (EDC) would initially identify data elements that are important to the business purely based on their business instinct.

    Leadership attempted to tackle the enterprise’s data issues by bringing a set of different tools into the organization.

    It didn’t work out because the fundamental foundational layer, which is the data and infrastructure, was not right – they didn't have the foundational capabilities to enable those tools.

    Solution

    Leadership listened to the need for one single team to be responsible for the data persistence.

    Therefore, the data platform team was granted that mandate to extensively execute the data quality program across the enterprise.

    A data quality team was formed under the Data & Analytics COE. They had the mandate to profile the data and to understand what quality of data needed to be achieved. They worked constantly with the business to build the data quality rules.

    Results

    EDC tackled the source of their data quality issues through initially performing a data quality management assessment with business stakeholders.

    From then on, EDC was able to establish their data quality program and carry out other key initiatives that prove the ROI on data quality.

    Begin your data quality improvement project starting with the highest priority business unit

    Now that you have a prioritized list for your data quality improvement projects, identify the highest priority business unit. This is the business unit you will work through Phase 3 with to fix their data quality issues.

    Once you have initiated and identified solutions for the first business unit, tackle data quality for the next business unit in the prioritized list.

    The image is a graphic labelled as Phase 2. On the left, there is a vertical arrow pointing upward labelled Priority of Business Units. Next to it, there are three boxes, with downward pointing arrows between them, each box labelled as each Business Unit's Data Quality Improvement Project. From there an arrow points right to a circle. Inside the circle are the steps necessary to complete the data quality improvement project.

    Create and document your data quality improvement team

    1 hour

    Input

    • Individuals who fit the data quality improvement plan team roles

    Output

    • Project team

    Materials

    • Data Quality Improvement Plan Template

    Participants

    • Data owner
    • Project Manager
    • Product Manager

    The Data Quality Improvement Plan is a concise document that should be created for each data quality project (i.e. for each business unit) to keep track of the project.

    Instructions

    1. Meet with the data owner of the business unit identified for the data quality improvement project.
    2. Identify individuals who fit the data quality improvement plan team roles.
    3. Using the Data Quality Improvement Plan Template to document the roles and individuals who will fit those roles.
    4. Have an introductory meeting with the Improvement team to clarify roles and responsibilities for the project.

    Download this Tool

    Team role Assigned to
    Data Owner [Name]
    Project Manager [Name]
    Business Analyst/BRM [Name]
    Data Steward [Name]
    Data Analyst [Name]

    Document the business context of the Data Quality Improvement Plan

    1 hour

    Input

    • Project team
    • Identified data attributes

    Output

    • Business context for the data quality improvement plan

    Materials

    • Data Quality Improvement Plan Template

    Participants

    • Data owner
    • Project Sponsor
    • Product owner

    Data quality initiatives have to be relevant to the business, and the business context will be used to provide inputs to the data improvement strategy. The context can then be used to determine exactly where the root causes of data quality issues are, which will inform your solutions.

    Instructions

    The business context of the data quality improvement plan includes documenting from previous activities:

    1. The Data Quality Improvement Team.
    2. Your Data Lineage Diagram.
    3. Your Data Quality Problem Statement.

    Info-Tech Best Practice

    While many organizations adopt data quality principles, not all organizations express them along the same terms. Have multiple perspectives within your organization outline principles that fit your unique data quality agenda. Anyone interested in resolving the day-to-day data quality issues that they face can be helpful for creating the context around the project.

    Download this tool

    Now that you have a defined problem, revisit the root causes of poor data quality

    You previously fleshed out the problem with data quality present in the business unit chosen as highest priority. Now it is time to figure out what is causing those problems.

    In the table below, you will find some of the common categories of causes of data quality issues, as well as some specific root causes.

    Category Description
    1. System/Application Design Ineffective, insufficient, or even incorrect system/application design accepts incorrect and missing data elements to the source applications and databases. The data records in those source systems may propagate into systems in tiers 2, 3, 4, and 5 of the 5-tier architecture, creating domino and ripple effects.
    2. Database design Database is created and modeled in an incorrect manner so that the management of the data records is incorrect, resulting in duplicated and orphaned records, and records that are missing data elements or records that contain incorrect data elements. Poor operational data in databases often leads to issues in tiers 2, 3, 4, and 5.
    3. Enterprise Integration Data or information is improperly integrated, transformed, masked, and aggregated in tier 2. In addition, some data integration tasks might not be timely, resulting in out-of-date data or even data that contradicts with other data. Enterprise integration is a precursor of loading a data warehouse and data marts. Issues in this layer affect tier 3, 4 and 5 on the 5-tier architecture.
    4. Policies and Procedures Policies and procedures are not effectively used to reinforce data quality. In some situations, policy gaps are found. In others, policies are overlapped and duplicated. Policies may also be out-of-date or too complex, affecting the users’ ability to interpret the policy objectives. Policies affect all tiers in the 5-tier architecture.
    5. Business Processes Improper business process design introduces poor data into the data systems. Failure to create processes around approving data changes, failure to document key data elements, and failure to train employees on the proper uses of data make data quality a burning problem.

    Leverage a root cause analysis approach to pinpoint the origins of your data issues

    A root cause analysis is a systematic approach to decompose a problem into its components. Use fishbone diagrams to help reveal the root causes of data issues.

    The image shows a fishbone diagram on the left, which starts with Process on the left, and then leads to Application and Integration, and then Database and Policies. This section is titled Root causes. The right hand section is titled Lead to problems with data... and includes 4 circles with the word or in between each. The circles are labelled: Completeness; Usability; Timeliness; Accessibility.

    Info-Tech recommends five root cause categories for assessing data quality issues:

    Application Design. Is the issue caused by human error at the application level? Consider internal employees, external partners/suppliers, and customers.

    Database Design. Is the issue caused by a particular database and stems from inadequacies in its design?

    Integration. Data integration tools may not be fully leveraged, or data matching rules may be poorly designed.

    Policies and Procedures. Do the issues take place because of lack of governance?

    Business Processes. Do the issues take place due to insufficient processes?

    For Example:

    When performing a deeper analysis of your data issues related to the accuracy of the business unit’s data, you would perform a root cause analysis by assessing the contribution of each of the five categories of data quality problem root causes:

    The image shows another fishbone diagram, with example information filled in. The first section on the left is titled Application Design, and includes the text: Data entry problems lead to incorrect accounting entries. The second is Integration, and includes the text: Data integration tools are not fully leveraged. The third section is Policies, and includes the text: No policy on standardizing name and address. The last section is Database design, with text that reads: Databases do not contain unique keys. The diagram ends with an arrow pointing right to a blue circle with Accuracy in it.

    Leverage a combination of data analysis techniques to identify and quantify root causes

    Info-Tech Insight

    Including all attributes of the key subject area in your data profiling activities may produce too much information to make sense of. Conduct data profiling primarily at the table level and undergo attribute profiling only if you are able to narrow down your scope sufficiently.

    Data Profiling Tool

    Data profiling extracts a sample of the target data set and runs it through multiple levels of analysis. The end result is a detailed report of statistics about a variety of data quality criteria (duplicate data, incomplete data, stale data, etc.).

    Many data profiling tools have built-in templates and reports to help you uncover data issues. In addition, they quantify the occurrences of the data issues.

    E-Discovery Tool

    This supplements a profiling tool. For Example, use a BI tool to create a custom grouping of all the invalid states (e.g. “CAL,” “AZN,” etc.) and visualize the percentage of invalid states compared to all states.

    SQL Queries

    This supplements a profiling tool. For example, use a SQL statement to group the customer data by customer segment and then by state to identify which segment–state combinations contain poor data.

    Identify the data issues for the particular business unit under consideration

    2 hours

    Input

    • Issues with data quality felt by the business unit
    • Data lineage diagram

    Output

    • Categorized data quality issues

    Materials

    • Whiteboard, markers, sticky notes
    • Data Quality Improvement Plan Template

    Participants

    • Data quality improvement project team
    • Business line representatives

    Instructions

    1. Gather the data quality improvement project team in a room, along with sticky notes and a whiteboard.
    2. Display your previously created data lineage diagram on the whiteboard.
    3. Using color-coded sticky notes, attach issues to each component of the data lineage diagram that team members can identify. Use different colors for the four quality attributes: Completeness, Usability, Timeliness, and Accessibility.

    Example:

    The image shows the data lineage diagram that has been shown in previous sections. In addition, the image shows 4 post-its arranges around the diagram, labelled: Usability; Completeness; Timeliness; and Accessibility.

    Map the data issues on fishbone diagrams to identify root causes

    1 hour

    Input

    • Categorized data quality issues

    Output

    • Completed fishbone diagrams

    Materials

    • Whiteboard, markers, sticky notes
    • Data Quality Improvement Plan Template

    Participants

    • Data quality improvement project team

    Now that you have data quality issues classified according to the data quality attributes, map these issues onto four fishbone diagrams.

    The image shows a fishbone diagram, which is titled Example: Root cause analysis diagram for data accuracy.

    Download this Tool

    Get to know the root causes behind system/application design mistakes

    Suboptimal system/application design provides entry points for bad data.

    Business Process
    Usually found in → Tier 1 Tier 2 Tier 3 Tier 4 Tier 5
    Issue Root Causes Usability Completeness Timeliness Accessibility
    Insufficient data mask No data mask is defined for a free-form text field in a user interface. E.g. North American phone number should have 4 masks – country code (1-digit), area code (3-digit), and local number (7-digit). X X
    Too many free-form text fields Incorrect use of free-form text fields (fields that accept a variety of inputs). E.g. Use a free-form text field for zip code instead of a backend look up. X X
    Lack of value lookup Reference data is not looked up from a reference list. E.g. State abbreviation is entered instead of being looked up from a standard list of states. X X
    Lack of mandatory field definitions Mandatory fields are not identified and reinforced. Resulting data records with many missing data elements. E.g. Some users may fill up 2 or 3 fields in a UI that has 20 non-mandatory fields. X

    The image shows a fishbone diagram, with the following sections, from left to right: Application Design; Integration; Processes; Policies; Database Design; Data Quality Measure. The Application Design section is highlighted.

    Get to know the root causes behind common database design mistakes

    Improper database design allows incorrect data to be stored and propagated.

    Business Process
    Usually found in → Tier 1 Tier 2 Tier 3 Tier 4 Tier 5
    Issue Root Causes Usability Completeness Timeliness Accessibility
    Incorrect referential integrity Referential integrity constraints are absent or incorrectly implemented, resulting in child records without parent records, or related records are updated or deleted in a cascading manner. E.g. An invoice line item is created before an invoice is created. X X
    Lack of unique keys Lack of unique keys creating scenarios where record uniqueness cannot be guaranteed. E.g. Customer records with the same customer_ID. X X
    Data range Fail to define a data range for incoming data, resulting in data values that are out of range. E.g. The age field is able to store an age of 999. X X
    Incorrect data type Incorrect data types are used to store data fields. E.g. A string field is used to store zip codes. Some users use that to store phone numbers, birthdays, etc. X X

    The image shows a fishbone diagram, with the following sections, from left to right: Application Design; Integration; Processes; Policies; Database Design; Data Quality Measure. The Database Design section is highlighted

    Get to know the root causes behind enterprise integration mistakes

    Improper data integration or synchronization may create poor analytical data.

    Business Process
    Usually found in → Tier 1 Tier 2 Tier 3 Tier 4 Tier 5
    Issue Root Causes Usability Completeness Timeliness Accessibility
    Incorrect transformation Transformation is done incorrectly. A wrong formula may have been used, transformation is done at the wrong data granularity, or aggregation logic is incorrect. E.g. Aggregation is done for all customers instead of just active customers. X X
    Data refresh is out of sync Data is synchronized at different intervals, resulting in a data warehouse where data domains are out of sync. E.g. Customer transactions are refreshed to reflect the latest activities but the account balance is not yet refreshed. X X
    Data is matched incorrectly Fail to match records from disparate systems, resulting in duplications and unmatched records. E.g. Unable to match customers from different systems because they have different cust_ID. X X
    Incorrect data mapping Fields from source systems are not properly matched with data warehouse fields. E.g. Status fields from different systems are mixed into one field. X X

    The image shows a fishbone diagram, with the following sections, from left to right: Application Design; Integration; Processes; Policies; Database Design; Data Quality Measure. The Integration section is highlighted

    Get to know the root causes behind policy and procedure mistakes

    Suboptimal policies and procedures undermine the effect of best practices.

    Business Process
    Usually found in → Tier 1 Tier 2 Tier 3 Tier 4 Tier 5
    Issue Root Causes Usability Completeness Timeliness Accessibility
    Policy Gaps There are gaps in the policy landscape in terms of some missing key policies or policies that are not refreshed to reflect the latest changes. E.g. A data entry policy is absent, leading to inconsistent data entry practices. X X
    Policy Communications Policies are in place but the policies are not communicated effectively to the organization, resulting in misinterpretation of policies and under-enforcement of policies. E.g. The data standard is created but very few developers are aware of its existence. X X
    Policy Enforcement Policies are in place but not proactively re-enforced and that leads to inconsistent application of policies and policy adoption. E.g. Policy adoption is dropping over time due to lack of reinforcement. X X
    Policy Quality Policies are written by untrained authors and they do not communicate the messages. E.g. A non-technical data user may find a policy that is loaded with technical terms confusing. X X

    The image shows a fishbone diagram, with the following sections, from left to right: Application Design; Integration; Processes; Policies; Database Design; Data Quality Measure. The Policies section is highlighted

    Get to know the root causes behind common business process mistakes

    Ineffective and inefficient business processes create entry points for poor data.

    Business Process
    Usually found in → Tier 1 Tier 2 Tier 3 Tier 4 Tier 5
    Issue Root Causes Usability Completeness Timeliness Accessibility
    Lack of training Key data personnel and business analysts are not trained in data quality and data governance, leading to lack of accountability. E.g. A data steward is not aware of downstream impact of a duplicated financial statement. X X
    Ineffective business process The same piece of information is entered into data systems two or more times. Or a piece of data is stalled in a data system for too long. E.g. A paper form is scanned multiple times to extract data into different data systems. X X
    Lack of documentation Fail to document the work flows of the key business processes. A lack of work flow results in sub-optimal use of data. E.g. Data is modeled incorrectly due to undocumented business logic. X X
    Lack of integration between business silos Business silos hold on to their own datasets resulting in data silos in which data is not shared and/or data is transferred with errors. E.g. Data from a unit is extracted as a data file and stored in a shared drive with little access. X X

    The image shows a fishbone diagram, with the following sections, from left to right: Application Design; Integration; Processes; Policies; Database Design; Data Quality Measure. The Processes section is highlighted

    Phase 3 Summary

    1. Data Lineage Diagram
    • Creating the data lineage diagram is recommended to help visualize the flow of your data and to map the data journey and identify the data subject areas to be targeted for fixes.
    • The data lineage diagram was leveraged multiple times throughout this Phase. For example, the data lineage diagram was used to document the data sources and applications used by the business unit
  • Business Context
    • Business context was documented through the Data Quality Practice Assessment and Project Planning Tool.
    • The same tool was used to document identified business units and their associated data.
    • Metrics were also identified at the business unit level to track data quality improvements.
  • Common Root Causes
    • Leverage a root cause analysis approach to pinpoint the origins of your data quality issues.
    • Analyzed and got to know the root causes behind the following:
      1. System/application design mistakes
      2. Common database design mistakes
      3. Enterprise integration mistakes
      4. Policies and procedures mistakes
      5. Common business processes mistakes
  • Phase 4

    Grow and Sustain Your Data Quality Program

    Build Your Data Quality Program

    For the identified root causes, determine the solutions for the problem

    As you worked through the previous step, you identified the root causes of your data quality problems within the business unit. Now, it is time to identify solutions.

    The following slides provide an overview of the solutions to common data quality issues. As you identify solutions that apply to the business unit being addressed, insert the solution tables in Section 4: Proposed Solutions of the Data Quality Improvement Plan Template.

    All data quality solutions have two components to them:

    • Technology
    • People

    For the next five data quality solution slides, look for the slider for the contributions of each category to the solution. Use this scale to guide you in creating solutions.

    When designing solutions, keep in mind that solutions to data quality problems are not mutually exclusive. In other words, an identified root cause may have multiple solutions that apply to it.

    For example, if an application is plagued with inaccurate data, the application design may be suboptimal, but also the process that leads to data being entered may need fixing.

    Data quality improvement strategy #1:

    Fix data quality issues by improving system/application design.

    Technology

    Application Interface Design

    Restrict field length – Capture only the characters you need for your application.

    Leverage data masks – Use data masks in standardized fields like zip code and phone number.

    Restrict the use of open text fields and use reference tables – Only present open text fields when there is a need. Use reference tables to limit data values.

    Provide options – Use radio buttons, drop-down lists, and multi-select instead of using open text fields.

    Data Validation at the Application Level

    Validate data before committing – Use simple validation to ensure the data entered is not random numbers and letters.

    Track history – Keep track of who entered what fields.

    Cannot submit twice – Only design for one-time submission.

    People

    Training

    Data-entry training – Training that is related to data entry, creating, or updating data records.

    Data resolution training – Training data stewards or other dedicated data personnel on how to resolve data records that are not entered properly.

    Continuous Improvement

    Standards – Develop application design principles and standards.

    Field testing – Field data entry with a few people to look for abnormalities and discrepancies.

    Detection and resolution – Abnormal data records should be isolated and resolved ASAP.

    Application Testing

    Thorough testing – Application design is your first line of defence against poor data. Test to ensure bad data is kept out of the systems.

    Case Study

    HMS

    Industry: Healthcare

    Source: Informatica

    Improve your data quality ingestion procedures to provide better customer intimacy for your users

    Healthcare Management Systems (HMS) provides cost containment services for healthcare sponsors and payers, and coordinates benefits services. This is to ensure that healthcare claims are paid correctly to both government agencies and individuals. To do so, HMS relies on data, and this data needs to be of high quality to ensure the correct decisions are made, the right people get the correct claims, and the appropriate parties pay out.

    To improve the integrity of HMS’s customer data, HMS put in place a framework that helped to standardize the collection of high volume and highly variable data.

    Results

    Working with a data quality platform vendor to establish a framework for data standardization, HMS was able to streamline data analysis and reduce new customer implementations from months to weeks.

    HMS data was plagued with a lack of standardization of data ingestion procedures.

    Before improving data quality processes After improving data quality processes
    Data Ingestion Data Ingestion
    Many standards of ingestion. Standardized data ingestion
    Data Storage Data Storage
    Lack of ability to match data, creating data quality errors.
    Data Analysis Data Analysis
    = =
    Slow Customer Implementation Time 50% Reduction in Customer Implementation Time

    Data quality improvement strategy #2:

    Fix data quality issues using proper database design.

    Technology

    Database Design Best Practices

    Referential integrity – Ensure parent/child relationships are maintained in terms of cascade creation, update, and deletion.

    Primary key definition – Ensure there is at least one key to guarantee the uniqueness of the data records, and primary key should not allow null.

    Validate data domain – Create triggers to check the data values entered in the database fields.

    Field type and length – Define the most suitable data type and length to hold field values.

    One-Time Data Fix (more on the next slide)

    Explore solutions – Where to fix the data issues? Is there a case to fix the issues?

    Running profiling tools to catch errors – Run scans on the database with defined criteria to identify occurrences of questionable data.

    Fix a sample before fixing all records – Use a proof-of-concept approach to explore fix options and evaluate impacts before fixing the full set.

    People

    The DBA Team

    Perform key tasks in pairs – Take a pair approach to perform key tasks so that validation and cross-check can happen.

    Skilled DBAs – DBAs should be certified and accredited.

    Competence – Assess DBA competency on an ongoing basis.

    Preparedness – Develop drills to stimulate data issues and train DBAs.

    Cross train – Cross train team members so that one DBA can cover another DBA.

    Data quality improvement strategy #3:

    Improve integration and synchronization of enterprise data.

    Technology

    Integration Architecture

    Info-Tech’s 5-Tier Architecture – When doing transformations, it is good practice to persist the integration results in tier 3 before the data is further refined and presented in tier 4.

    Timing, timing, and timing – Think of the sequence of events. You may need to perform some ETL tasks before other tasks to achieve synchronization and consistence.

    Historical changes – Ensure your tier 3 is robust enough to include historical data. You need to enable type 2 slowly, changing dimension to recreate the data at a point in time.

    Data Cleansing

    Standardize – Leverage data standardization to standardize name and address fields to improve matching and integration.

    Fuzzy matching – When there are no common keys between datasets. The datasets can only be matched by fuzzy matching. Fuzzy matching is not hard science; define a confidence level and think about a mechanism to deal with the unmatched.

    People

    Reporting and Documentations

    Business data glossary and data lineage – Define a business data glossary to enhance findability of key data elements. Document data mappings and ETL logics.

    Create data quality reports – Many ETL platforms provide canned data quality reports. Leverage those quality reports to monitor the data health.

    Code Review

    Create data quality reports – Many ETL platforms provide canned data quality reports. Leverage those quality reports to monitor the data health.

    ARB (architectural review board) – All ETL codes should be approved by the architectural review board to ensure alignment with the overall integration strategy.

    Data quality improvement strategy #4:

    Improve data quality policies and procedures.

    Technology

    Policy Reporting

    Data quality reports – Leverage canned data quality reports from the ETL platforms to monitor data quality on an on-going basis. When abnormalities are found, provoke the right policies to deal with the issues.

    Store policies in a central location that is well known and easy to find and access. A key way that technology can help communicate policies is by having them published on a centralized website.

    Make the repository searchable and easily navigable. myPolicies helps you do all this and more.

    myPolicies helps you do all this and more.

    Go to this link

    People

    Policy Review and Training

    Policy review – Create a schedule for reviewing policies on a regular basis – invite professional writers to ensure polices are understandable.

    Policy training – Policies are often unread and misread. Training users and stakeholders on policies is an effective way to make sure those users and stakeholders understand the rationale of the policies. It is also a good practice to include a few scenarios that are handled by the policies.

    Policy hotline/mailbox – To avoid misinterpretation of the policies, a policy hotline/mailbox should be set up to answer any data policy questions from the end users/stakeholders.

    Policy Communications

    Simplified communications – Create handy one-pagers and infographic posters to communicate the key messages of the polices.

    Policy briefing – Whenever a new data project is initiated, a briefing of data policies should be given to ensure the project team follows the policies from the very beginning.

    Data quality improvement strategy #5:

    Streamline and optimize business processes.

    Technology

    Requirements Gathering

    Data Lineage – Leverage a metadata management tool to construct and document data lineage for future reference.

    Documentations Repository – It is a best practice to document key project information and share that knowledge across the project team and with the stakeholder. An improvement understanding of the project helps to identify data quality issues early on in the project.

    “Automating creation of data would help data quality most. You have to look at existing processes and create data signatures. You can then derive data off those data codes.” – Patrick Bossey, Manager of Business Intelligence, Crawford and Company

    People

    Requirements Gathering

    Info-Tech’s 4-Column Model – The datasets may exist but the business units do not have an effective way of communicating the quality needs. Use our four-column model and the eleven supporting questions to better understand the quality needs. See subsequent slides.

    I don’t know what the data means so I think the quality is poor – It is not uncommon to see that the right data presented to the business but the business does not trust the data. They also do not understand the business logic done on the data. See our Business Data Glossary in subsequent slides.

    Understand the business workflow – Know the business workflow to understand the manual steps associated with the workflow. You may find steps in which data is entered, manipulated, or consumed inappropriately.

    “Do a shadow data exercise where you identify the human workflows of how data gets entered, and then you can identify where data entry can be automated.” – Diraj Goel, Growth Advisor, BC Tech

    Brainstorm solutions to your data quality issues

    4 hours

    Input

    • Data profiling results
    • Preliminary root cause analyses

    Output

    • Proposals for data fix
    • Fixed issues

    Materials

    • Data Quality Improvement Plan Template

    Participants

    • Business and Data Analysts
    • Data experts and stewards

    After walking through the best-practice solutions to data quality issues, propose solutions to fix your identified issues.

    Instructions

    1. Review Root Cause Analyses: Revisit the root cause analysis and data lineage diagram you have generated in Step 3.2. to understand the issues in greater details.
    2. Characterize Each Issue: You may need to generate a data profiling report to characterize the issue. The report can be generated by using data quality suites, BI platforms, or even SQL statements.
    3. Brainstorm the Solutions: As a group, discuss potential ways to fix the issue. You can tackle the issues by approaching from these areas:
    Solution Approaches
    Technology Approach
    People Approach

    X crossover with

    Problematic Areas
    Application/System Design
    Database Design
    Data Integration and Synchronization
    Policies and Procedures
    Business Processes
    1. Document and Communicate: Document the solutions to your data issues. You may need to reuse or refer to the solutions. Also brainstorm some ideas on how to communicate the results back to the business.

    Download this Tool

    Sustaining your data quality requires continuous oversight through a data governance practice

    Quality data is the ultimate outcome of data governance and data quality management. Data governance enables data quality by providing the necessary oversight and controls for business processes in order to maintain data quality. There are three primary groups (at right) that are involved in a mature governance practice. Data quality should be tightly integrated with all of them.

    Define an effective data governance strategy and ensure the strategy integrates well with data quality with Info-Tech’s Establish Data Governance blueprint.

    Visit this link

    Data Governance Council

    This council establishes data management practices that span across the organization. This should be comprised of senior management or C-suite executives that can represent the various departments and lines of business within the organization. The data governance council can help to promote the value of data governance, facilitate a culture that nurtures data quality, and ensure that the goals of the data governance program are well aligned with business objectives.

    Data Owners

    Identifying the data owner role within an organization helps to create a greater degree of accountability for data issues. They often oversee how the data is being generated as well as how it is being consumed. Data owners come from the business side and have legal rights and defined control over a data set. They ensure data is available to the right people within the organization.

    Data Stewards

    Conflict can occur within an organization’s data governance program when a data steward’s role is confused with that of the steering committee’s role. Data stewards exist to enforce decisions made about data governance and data management. Data stewards are often business analysts or power users of a particular system/dataset. Where a data owner is primarily responsible for access, a data steward is responsible for the quality of a dataset.

    Integrate the data quality management strategy with existing data governance committees

    Ongoing and regular data quality management is the responsibility of the data governance bodies of the organization.

    The oversight of ongoing data quality activities rests on the shoulders of the data governance committees that exist in the organization.

    There is no one-size-fits-all data governance structure. However, most organizations follow a similar pattern when establishing committees, councils, and cross-functional groups. They strive to identify roles and responsibilities at a strategic, tactical, and operational level:

    The image shows a pyramid, with Executive Sponsors at the top, with the following roles in descending order: DG Council; Steering Committee; Working Groups; Data Owners and Data Stewards; and Data Users. Along the left side of the pyramid, there are three labels, in ascending order: Operational, Tactical, and Strategic.

    The image is a flow chart showing project roles, in two sections: the top section is labelled Governing Bodies, and the lower section is labelled Data Quality Improvement Team. There is a note indicating that the Data Owner reports to and provides updates regarding the state of data quality and data quality initiatives.

    Create and update the organization’s Business Data Glossary to keep up with current data definitions

    2 hours

    Input

    • Metrics and goals for data quality

    Output

    • Regularly scheduled data quality checkups

    Materials

    • Business Data Glossary Template
    • Data Quality Dashboard

    Participants

    • Data steward

    A crucial aspect of data quality and governance is the Business Data Glossary. The Business Data Glossary helps to align the terminology of the business with the organization’s data assets. It allows the people who interact with the data to quickly identify the applications, processes, and stewardship associated with it, which will enhance the accuracy and efficiency of searches for organization data definitions and attributes, enabling better access to the data. This will, in turn, enhance the quality of the organization’s data because it will be more accurate, relevant, and accessible.

    Use the Business Data Glossary Template to document key aspects of the data, such as:

    • Definition
    • Source System
    • Possible Values
    • Data Steward
    • Data Sensitivity
    • Data Availability
    • Batch or Live
    • Retention

    Data Element

    • Mkt-Product
    • Fin-Product

    Info-Tech Insight

    The Business Data Glossary ensures that the crucial data that has key business use by key business systems and users is appropriately owned and defined. It also establishes rules that lead to proper data management and quality to be enforced by the data owners.

    Download this Tool

    Data Steward(s): Use the Data Quality Improvement Plan of the business unit for ongoing quality monitoring

    Integrating your data quality strategy into the organization’s data governance program requires passing the strategy over to members of the data governance program. The data steward role is responsible for data quality at the business unit level, and should have been involved with the creation and implementation of the data quality improvement project. After the data quality repairs have been made, it is the responsibility of the data steward to regularly monitor the quality of the business unit’s data.

    Create Improvement Plan ↓
    • Data Quality Improvement Team identifies root cause issues.
    • Brainstorm solutions.
    Implement Improvement Plan ↓
    • Data Quality Improvement Team works with IT.
    Sustain Improvement Plan
    • Data Steward should regularly monitor data quality.

    Download this tool

    See Info-Tech’s Data Steward Job Description Template for a detailed understanding of the roles and responsibilities of the data steward.

    Responsible for sustaining

    The image shows a screen capture of a document entitled Business Context & Subject Area Selection.

    Develop a business-facing data quality dashboard to show improvements or a sudden dip in data quality

    One tool that the data steward can take advantage of is the data quality dashboard. Initiatives that are implemented to address data quality must have metrics defined by business objectives in order to demonstrate the value of the data quality improvement projects. In addition, the data steward should have tools for tracking data quality in the business unit to report issues to the data owner and data governance steering committee.

    • Example 1: Marketing uses data for direct mail and e-marketing campaigns. They care about customer data in particular. Specifically, they require high data quality in attributes such as customer name, address, and product profile.
    • Example 2: Alternatively, Finance places emphasis on financial data, focusing on attributes like account balance, latency in payment, credit score, and billing date.

    The image is Business dashboard on Data Quality for Marketing. It features Data Quality metrics, listed in the left column, and numbers for each quarter over the course of one year, on the right.

    Notes on chart:

    General improvement in billing address quality

    Sudden drop in touchpoint accuracy may prompt business to ask for explanations

    Approach to creating a business-facing data quality dashboard:

    1. Schedule a meeting with the functional unit to discuss what key data quality metrics are essential to their business operations. You should consider the business context, functional area, and subject area analyses you completed in Phase 1 as a starting point.
    2. Discuss how to gather data for the key metrics and their associated calculations.
    3. Discuss and decide the reporting intervals.
    4. Discuss and decide the unit of measurement.
    5. Generate a dashboard similar to the example. Consider using a BI or analytics tool to develop the dashboard.

    Data quality management must be sustained for ongoing improvements to the organization’s data

    • Data quality is never truly complete; it is a set of ongoing processes and disciplines that requires a permanent plan for monitoring practices, reviewing processes, and maintaining consistent data standards.
    • Setting the expectation to stakeholders that a long-term commitment is required to maintain quality data within the organization is critical to the success of the program.
    • A data quality maintenance program will continually revise and fine-tune ongoing practices, processes, and procedures employed for organizational data management.

    Data quality is a program that requires continual care:

    →Maintain→Good Data →

    Data quality management is a long-term commitment that shifts how an organization views, manages, and utilizes its corporate data assets. Long-term buy-in from all involved is critical.

    “Data quality is a process. We are trying to constantly improve the quality over time. It is not a one-time fix.” – Akin Akinwumi, Manager of Data Governance, Startech.com

    Define a data quality review agenda for data quality sustainment

    2 hours

    Input

    • Metrics and goals for data quality

    Output

    • Regularly scheduled data quality checkups

    Materials

    • Data Quality Diagnostic
    • Data Quality Dashboard

    Participants

    • Data Steward

    As a data steward, you are responsible for ongoing data quality checks of the business unit’s data. Define an improvement agenda to organize the improvement activities. Organize the activities yearly and quarterly to ensure improvement is done year-round.

    Quarterly

    • Measure data quality metrics against milestones. Perform a regular data quality health check with Info-Tech’s Data Quality Diagnostic.
    • Review the business unit’s Business Data Glossary to ensure that it is up to date and comprehensive.
    • Assess progress of practice area initiatives (time, milestones, budget, benefits delivered).
    • Analyze overall data quality and report progress on key improvement projects and corrective actions in the executive dashboard.
    • Communicate overall status of data quality to oversight body.

    Annually

    • Calculate your current baseline and measure progress by comparing it to previous years.
    • Set/revise quality objectives for each practice area and inter-practice hand-off processes.
    • Re-evaluate/re-establish data quality objectives.
    • Set/review data quality metrics and tracking mechanisms.
    • Set data quality review milestones and timelines.
    • Revisit data quality training from an end-user perspective and from a practitioner perspective.

    Info-Tech Insight

    Do data quality diagnostic at the beginning of any improvement plan, then recheck health with the diagnostic at regular intervals to see if symptoms are coming back. This should be a monitoring activity, not a data quality fixing activity. If symptoms are bad enough, repeat the improvement plan process.

    Take the next step in your Data & Analytics Journey

    After establishing your data quality program, look to increase your data & analytics maturity.

    • Artificial Intelligence (AI) is a concept that many organizations strive to implement. AI can really help in areas such as data preparation. However, implementing AI solutions requires a level of maturity that many organizations are not at.
    • While a solid data quality foundation is essential for AI initiatives being successful, AI can also ensure high data quality.
    • An AI analytics solution can address data integrity issues at the earliest point of data processing, rapidly transforming these vast volumes of data into trusted business information. This can be done through Anomaly detection, which flags “bad” data, identifying suspicious anomalies that can impact data quality. By tracking and evaluating data, anomaly detection gives critical insights into data quality as data is processed. (Ira Cohen, The End to a Never-Ending Story? Improve Data Quality with AI Analytics, anodot, 2020)

    Consider… “Garbage in, garbage out.”

    Lay a solid foundation by addressing your data quality issues prior to investing heavily in an AI solution.

    Related Info-Tech Research

    Are You Ready for AI?

    • Use AI as a compelling event to expedite funding, resources, and project plans for your data-related initiatives. Check out this note to understand what it takes to be ready to implement AI solutions.

    Get Started With Artificial Intelligence

    • Current AI technology is data-enabled, automated, adaptive decision support. Once you believe you are ready for AI, check out this blueprint on how to get started.

    Build a Data Architecture Roadmap

    • The data lineage diagram was a key tool used in establishing your data quality program. Check out this blueprint and learn how to optimize your data architecture to provide greatest value from data.

    Create an Architecture for AI

    • Build your target state architecture from predefined best practice building blocks. This blueprint assists members first to assess if they have the maturity to embrace AI in their organization, and if so, which AI acquisition model fits them best.

    Phase 4 Summary

    1. Data Quality Improvement Strategy
    • Brainstorm solutions to your data quality issues using the following data quality improvement strategies as a guide:
      1. Fix data quality issues by improving system/application design
      2. Fix data quality issues using proper database design
      3. Improve integration and synchronization of enterprise data
      4. Improve data quality policies and procedures
      5. Streamline and optimize business processes
  • Sustain Your Data Quality Program
    • Quality data is the ultimate outcome of data governance and data quality management.
    • Sustaining your data quality requires continuous oversight through a data governance practice.
    • There are three primary groups (Data Governance Council, Data Owners, and Data Stewards) that are involved in a mature governance practice.
  • Grow Your Data & Analytics Maturity
    • After establishing your data quality program, take the next step in increasing your data & analytics maturity.
    • Good data quality is the foundation of pursuing different ways of maximizing the value of your data such as implementing AI solutions.
    • Continue your data & analytics journey by referring to Info-Tech’s quality research.
  • Research Contributors and Experts

    Izabela Edmunds

    Information Architect Mott MacDonald

    Akin Akinwumi

    Manager of Data Governance Startech.com

    Diraj Goel

    Growth Advisor BC Tech

    Sujay Deb

    Director of Data Analytics Technology and Platforms Export Development Canada

    Asif Mumtaz

    Data & Solution Architect Blue Cross Blue Shield Association

    Patrick Bossey

    Manager of Business Intelligence Crawford and Company

    Anonymous Contributors

    Ibrahim Abdel-Kader

    Research Specialist Info-Tech Research Group

    Ibrahim is a Research Specialist at Info-Tech Research Group. In his career to date he has assisted many clients using his knowledge in process design, knowledge management, SharePoint for ECM, and more. He is expanding his familiarity in many areas such as data and analytics, enterprise architecture, and CIO-related topics.

    Reddy Doddipalli

    Senior Workshop Director Info-Tech Research Group

    Reddy is a Senior Workshop Director at Info-Tech Research Group, focused on data management and specialized analytics applications. He has over 25 years of strong industry experience in IT leading and managing analytics suite of solutions, enterprise data management, enterprise architecture, and artificial intelligence–based complex expert systems.

    Andy Neill

    Practice Lead, Data & Analytics and Enterprise Architecture Info-Tech Research Group

    Andy leads the data and analytics and enterprise architecture practices at ITRG. He has over 15 years of experience in managing technical teams, information architecture, data modeling, and enterprise data strategy. He is an expert in enterprise data architecture, data integration, data standards, data strategy, big data, and development of industry standard data models.

    Crystal Singh

    Research Director, Data & Analytics Info-Tech Research Group

    Crystal is a Research Director at Info-Tech Research Group. She brings a diverse and global perspective to her role, drawing from her professional experiences in various industries and locations. Prior to joining Info-Tech, Crystal led the Enterprise Data Services function at Rogers Communications, one of Canada’s leading telecommunications companies.

    Igor Ikonnikov

    Research Director, Data & Analytics Info-Tech Research Group

    Igor is a Research Director at Info-Tech Research Group. He has extensive experience in strategy formation and execution in the information management domain, including master data management, data governance, knowledge management, enterprise content management, big data, and analytics.

    Andrea Malick

    Research Director, Data & Analytics Info-Tech Research Group

    Andrea Malick is a Research Director at Info-Tech Research Group, focused on building best practices knowledge in the enterprise information management domain, with corporate and consulting leadership in enterprise architecture and content management (ECM).

    Natalia Modjeska

    Research Director, Data & Analytics Info-Tech Research Group

    Natalia Modjeska is a Research Director at Info-Tech Research Group. She advises members on topics related to AI, machine learning, advanced analytics, and data science, including ethics and governance. Natalia has over 15 years of experience in developing, selling, and implementing analytical solutions.

    Rajesh Parab

    Research Director, Data & Analytics Info-Tech Research Group

    Rajesh Parab is a Research Director at Info-Tech Research Group. He has over 20 years of global experience and brings a unique mix of technology and business acumen. He has worked on many data-driven business applications. In his previous architecture roles, Rajesh created a number of product roadmaps, technology strategies, and models.

    Bibliography

    Amidon, Kirk. "Case Study: How Data Quality Has Evolved at MathWorks." The Fifth MIT Information Quality Industry Symposium. 13 July 2011. Web. 19 Aug. 2015.

    Boulton, Clint. “Disconnect between CIOs and LOB managers weakens data quality.” CIO. 05 February 2016. Accessed June 2020.

    COBIT 5: Enabling Information. Rolling Meadows, IL: ISACA, 2013. Web.

    Cohen, Ira. “The End to a Never-Ending Story? Improve Data Quality with AI Analytics.” anodot. 2020.

    “DAMA Guide to the Data Management Body of Knowledge (DAMA-DMBOK Guide).” First Edition. DAMA International. 2009. Digital. April 2014.

    "Data Profiling: Underpinning Data Quality Management." Pitney Bowes. Pitney Bowes - Group 1 Software, 2007. Web. 18 Aug. 2015.

    Data.com. “Data.com Clean.” Salesforce. 2016. Web. 18 Aug. 2015.

    “Dawn of the CDO." Experian Data Quality. 2015. Web. 18 Aug. 2015.

    Demirkan, Haluk, and Bulent Dal. "Why Do So Many Analytics Projects Fail?" The Data Economy: Why Do so Many Analytics Projects Fail? Analytics Magazine. July-Aug. 2014. Web.

    Dignan, Larry. “CIOs juggling digital transformation pace, bad data, cloud lock-in and business alignment.” ZDNet. 11 March 2020. Accessed July.

    Dumbleton, Janani, and Derek Munro. "Global Data Quality Research - Discussion Paper 2015." Experian Data Quality. 2015. Web. 18 Aug. 2015.

    Eckerson, Wayne W. "Data Quality and the Bottom Line - Achieving Business Success through a Commitment to High Quality Data." The Data Warehouse Institute. 2002. Web. 18 Aug. 2015.

    “Infographic: Data Quality in BI the Costs and Benefits.” HaloBI. 2015 Web.

    Lee, Y.W. and Strong, D.M. “Knowing-Why About Data Processes and Data Quality.” Journal of Management Information Systems. 2004.

    “Making Data Quality a Way of Life.” Cognizant. 2014. Web. 18 Aug. 2015.

    "Merck Serono Achieves Single Source of Truth with Comprehensive RIM Solutions." www.productlifegroup.com. ProductLife Group. 15 Apr. 2015. Web. 23 Nov. 2015.

    Myers, Dan. “List of Conformed Dimensions of Data Quality.” Conformed Dimensions of Data Quality (CDDQ). 2019. Web.

    Redman, Thomas C. “Make the Case for Better Data Quality.” Harvard Business Review. 24 Aug. 2012. Web. 19 Aug. 2015.

    RingLead Data Management Solutions. “10 Stats About Data Quality I Bet You Didn’t Know.” RingLead. Accessed 7 July 2020.

    Schwartzrock, Todd. "Chrysler's Data Quality Management Case Study." Online video clip. YouTube. 21 April. 2011. Web. 18 Aug. 2015

    “Taking control in the digital age.” Experian Data Quality. Jan 2019. Web.

    “The data-driven organization, a transformation in progress.” Experian Data Quality. 2020. Web.

    "The Data Quality Benchmark Report." Experian Data Quality. Jan. 2015. Web. 18 Aug. 2015.

    “The state of data quality.” Experian Data Quality. Sept. 2013. Web. 17 Aug. 2015.

    Vincent, Lanny. “Differentiating Competence, Capability and Capacity.” Innovation Management Services. Web. June 2008.

    “7 ways poor data quality is costing your business.” Experian Data Quality. July 2020. Web.

    Define a Sourcing Strategy for Your Development Team

    • Buy Link or Shortcode: {j2store}161|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Development
    • Parent Category Link: /development
    • Hiring quality development team resources is becoming increasingly difficult and costly in most domestic markets.
    • Firms are seeking to do more with less and increase their development team throughput.
    • Globalization and increased competition are driving a need for more innovation in your applications.
    • Firms want more cost certainty and tighter control of their development investment.

    Our Advice

    Critical Insight

    • Choosing the right sourcing strategy is not just a question of technical skills! Successful sourcing is based on matching your organization’s culture, knowledge, and experiences to the right choice of internal or external partnership.

    Impact and Result

    • We will help you build a sourcing strategy document for your application portfolio.
    • We will examine your portfolio and organization from three different perspectives to enable you to determine the right approach:
      • From a business perspective, reliance on the business, strategic value of the product, and maturity of product ownership are critical.
      • From an organizational perspective, you must examine your culture for communication processes, conflict resolution methods, vendor management skills, and geographic coverage.
      • From a technical perspective, consider integration complexity, environmental complexity, and testing processes.

    Define a Sourcing Strategy for Your Development Team Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define a Sourcing Strategy for Your Development Team Storyboard – A guide to help you choose the right resourcing strategy to keep pace with your rapidly changing application and development needs.

    This project will help you define a sourcing strategy for your application development team by assessing key factors about your products and your organization, including critical business, technical, and organizational factors. Use this analysis to select the optimal sourcing strategy for each situation.

    • Define a Sourcing Strategy for Your Development Team Storyboard

    2. Define a Sourcing Strategy Workbook – A tool to capture the results of activities to build your sourcing strategy.

    This workbook is designed to capture the results of the activities in the storyboard. Each worksheet corresponds with an activity from the deck. The workbook is also a living artifact that should be updated periodically as the needs of your team and organization change.

    • Define a Sourcing Strategy Workbook
    [infographic]

    Further reading

    Define a Sourcing Strategy for Your Development Team

    Choose the right resourcing strategy to keep pace with your rapidly changing application and development needs.

    Analyst Perspective

    Choosing the right sourcing strategy for your development team is about assessing your technical situation, your business needs, your organizational culture, and your ability to manage partners!

    Photo of Dr. Suneel Ghei, Principal Research Director, Application Development, Info-Tech Research Group

    Firms today are under continuous pressure to innovate and deliver new features to market faster while at the same time controlling costs. This has increased the need for higher throughput in their development teams along with a broadening of skills and knowledge. In the face of these challenges, there is a new focus on how firms source their development function. Should they continue to hire internally, offshore, or outsource? How do they decide which strategy is the right fit?

    Info-Tech’s research shows that the sourcing strategy considerations have evolved beyond technical skills and costs. Identifying the right strategy has become a function of the characteristics of the organization, its culture, its reliance on the business for knowledge, its strategic value of the application, its vendor management skills, and its ability to internalize external knowledge. By assessing these factors firms can identify the best sourcing mix for their development portfolios.

    Dr. Suneel Ghei
    Principal Research Director, Application Development
    Info-Tech Research Group

    Executive Summary

    Your Challenge
    • Hiring quality development team resources is becoming increasingly difficult and costly in most domestic markets.
    • Firms are seeking to do more with less and increase their development team throughput.
    • Globalization and increased competition is driving a need for more innovation in your applications.
    • Firms want more cost certainty and tighter control of their development investment.
    Common Obstacles
    • Development leaders are encouraged to manage contract terms and SLAs rather than build long-term relationships.
    • People believe that outsourcing means you will permanently lose the knowledge around solutions.
    • Moving work outside of the current team creates motivational and retention challenges that can be difficult to overcome.
    Info-Tech’s Approach
    • Looking at this from these three perspectives will enable you to determine the right approach:
      1. From a business perspective, reliance on the business, strategic value of the product, and maturity of product ownership are critical.
      2. From an organizational perspective, you must examine your culture for communication processes, conflict resolution methods, vendor management skills, and geographic coverage
      3. From a technical perspective, consider integration complexity, environment complexity, and testing processes.

    Info-Tech Insight

    Choosing the right sourcing strategy is not just a question of technical skills! Successful sourcing is based on matching your organization’s culture, knowledge, and experiences to the right choice of internal or external partnership.

    Define a sourcing strategy for your development team

    Business
    • Business knowledge/ expertise required
    • Product owner maturity
    Technical
    • Complexity and maturity of technical environment
    • Required level of integration
    Organizational
    • Company culture
    • Desired geographic proximity
    • Required vendor management skills
    1. Assess your current delivery posture for challenges and impediments.
    2. Decide whether to build or buy a solution.
    3. Select your desired sourcing strategy based on your current state and needs.
    Example sourcing strategy with initiatives like 'Client-Facing Apps' and 'ERP Software' assigned to 'Onshore Dev', 'Outsource Team', 'Offshore Dev', 'Outsource App (Buy)', 'Outsource Dev', or 'Outsource Roles'.

    Three Perspectives +

    Three Steps =

    Your Sourcing Strategy

    Diverse sourcing is used by many firms

    Many firms across all industries are making use of different sourcing strategies to drive innovation and solve business issues.

    According to a report by ReportLinker the global IT services outsourcing market reached US$413.8 billion in 2021.

    In a recent study of Canadian software firms, it was found that almost all firms take advantage of outside knowledge in their application development process. In most cases these firms also use outside resources to do development work, and about half the time they use externally built software packages in their products (Ghei, 2020)!

    Info-Tech Insight

    In today’s diverse global markets, firms that wish to stay competitive must have a defined ability to take advantage of external knowledge and to optimize their IT services spend.

    Modeling Absorptive Capacity for Open Innovation in the Canadian Software Industry (Source: Ghei, 2020; n=54.)

    56% of software development firms are sourcing applications instead of resources.

    68% of firms are sourcing external resources to develop software products.

    91% of firms are leveraging knowledge from external sources.

    Internal sourcing models

    Insourcing comes in three distinct flavors

    Geospatial map giving example locations for the three internal sourcing models. In this example, 'Head Office' is located in North America, 'Onshore' is 'Located in the same area or even office as your core business resources. Relative Cost: $$$', 'Near Shore' is 'Typically, within 1-3 time zones for ease of collaboration where more favorable resource costs exist. Relative Cost: $$', and 'Offshore' is 'Located in remote markets where significant labor cost savings can be realized. Relative Cost: $'.

    Info-Tech Insight

    Insourcing allows you to stay close to more strategic applications. But choosing the right model requires a strong look inside your organization and your ability to provide business knowledge support to developers who may have different skills and cultures and are in different geographies.

    Outsourcing models

    External sourcing can be done to different degrees

    Outsource Roles
    • Enables resource augmentation
    • Typically based on skills needs
    • Short-term outsourcing with eventual integration or dissolution
    Outsource Teams (or Projects)
    • Use of a full team or multiple teams of vendor resources
    • Meant to be temporary, with knowledge transfer at the end of the project
    Outsource Products
    • Use of a vendor to build, maintain, and support the full product
    • Requires a high degree of contract management skill

    Info-Tech Insight

    Outsourcing represents one of the most popular ways for organizations to source external knowledge and skills. The choice of model is a function of the organization’s ability to support the external resources and to absorb the knowledge back into the organization.

    Defining your sourcing strategy

    Follow the steps below to identify the best match for your organization

    Review Your Current Situation

    Review the issues and opportunities related to application development and categorize them based on the key factors.

    Arrow pointing right. Assess Build Versus Buy

    Before choosing a sourcing model you must assess whether a particular product or function should be bought as a package or developed.

    Arrow pointing right. Choose the Right Sourcing Strategy

    Based on the research, use the modeling tool to match the situation to the appropriate sourcing solution.

    Step 1.1

    Review Your Current Situation

    Activities
    • 1.1.1 Identify and categorize your challenges

    This step involves the following participants:

    • Product management team
    • Software development leadership team
    • Key stakeholders
    Outcomes of this step

    Review your current delivery posture for challenges and impediments.

    Define a Sourcing Strategy for Your Development Team
    Step 1.1 Step 1.2 Step 1.3

    Review your situation

    There are three key areas to examine in your current situation:

    Business Challenges
    • Do you need to gain new knowledge to drive innovation?
    • Does your business need to enhance its software to improve its ability to compete in the market?
    • Do you need to increase your speed of innovation?

    Technology Challenges

    • Are you being asked to take tighter control of your development budgets?
    • Does your team need to expand their skills and knowledge?
    • Do you need to increase your development speed and capacity?

    Market Challenges

    • Is your competition seen as more innovative?
    • Do you need new features to attract new clients?
    • Are you struggling to find highly skilled and knowledgeable development resources?
    Stock image of multi-colored arrows travelling in a line together before diverging.

    Info-Tech Insight

    Sourcing is a key tool to solve business and technical challenges and enhance market competitiveness when coupled with a robust definition of objectives and a way to measure success.

    1.1.1 Identify and categorize your challenges

    60 minutes

    Output: List of the key challenges in your software lifecycle. Breakdown of the list into categories to identify opportunities for sourcing

    Participants: Product management team, Software development leadership team, Key stakeholders

    1. What challenge is your firm is facing with respect to your software that you think sourcing can address? (20 minutes)
    2. Is the challenge related to a business outcome, development methodology, or technology challenge? (10 minutes)
    3. Is the challenge due to a skills gap, budget or resource challenge, throughput issue, or a broader organizational knowledge or process issue? (10 minutes)
    4. What is the specific objective for the team/leader in addressing this challenge? (15 minutes)
    5. How will you measure progress and achievement of this objective? (5 minutes)

    Document results in the Define a Sourcing Strategy Workbook

    Identify and categorize your challenges

    Sample table for identifying and categorizing challenges, with column groups 'Challenge' and 'Success Measures' containing headers 'Issue, 'Category', 'Breadth', and 'Stakeholder' in the former, and 'Objective' and 'Measurement' in the latter.

    Step 1.2

    Assess Build Versus Buy

    Activities
    • 1.2.1 Understand the benefits and drawbacks of build versus buy in your organizational context

    This step involves the following participants:

    • Product management team
    • Software development leadership team
    • Key stakeholders

    Outcomes of this step

    Understand in your context the benefits and drawbacks of build versus buy, leveraging Info-Tech’s recommended definitions as a starting point.

    Define a Sourcing Strategy for Your Development Team

    Step 1.1 Step 1.2 Step 1.3

    Look vertically across the IT hierarchy to assess the impact of your decision at every level

    IT Hierarchy with 'Enterprise' at the top, branching out to 'Portfolio', then to 'Solution' at the bottom. The top is 'Strategic', the bottom 'Operational'.

    Regardless of the industry, a common and challenging dilemma facing technology teams is to determine when they should build software or systems in-house versus when they should rely wholly on an outside vendor for delivering on their technology needs.

    The answer is not as cut and dried as one would expect. Any build versus buy decision may have an impact on strategic and operational plans. It touches every part of the organization, starting with individual projects and rolling up to the enterprise strategy.

    Info-Tech Insight

    Do not ignore the impact of a build or buy decision on the various management levels in an IT organization.

    Deciding whether to build or buy

    It is as much about what you gain as it is about what problem you choose to have

    BUILD BUY

    Multi-Source Best of Breed

    Integrate various technologies that provide subset(s) of the features needed for supporting the business functions.

    Vendor Add-Ons & Integrations

    Enhance an existing vendor’s offerings by using their system add-ons either as upgrades, new add-ons, or integrations.
    Pros
    • Flexibility in choice of tools
    • In some cases, cost may be lower
    • Easier to enhance with in-house teams
    Cons
    • Introduces tool sprawl
    • Requires resources to understand tools and how they integrate
    • Some of the tools necessary may not be compatible with one another
    Pros
    • Reduces tool sprawl
    • Supports consistent tool stack
    • Vendor support can make enhancement easier
    • Total cost of ownership may be lower
    Cons
    • Vendor lock-in
    • The processes to enhance may require tweaking to fit tool capability

    Multi-Source Custom

    Integrate systems built in-house with technologies developed by external organizations.

    Single Source

    Buy an application/system from one vendor only.
    Pros
    • Flexibility in choice of tools
    • In some cases, cost may be lower
    • Easier to enhance with in-house teams
    Cons
    • May introduce tool sprawl
    • Requires resources to have strong technical skills
    • Some of the tools necessary may not be compatible with one another
    Pros
    • Reduces tool sprawl
    • Supports consistent tool stack
    • Vendor support can make enhancement easier
    • Total cost of ownership may be lower
    Cons
    • Vendor lock-in
    • The processes to enhance may require tweaking to fit tool capability

    1.2.1 Understand the benefits and drawbacks of build versus buy in your organizational context

    30 minutes

    Output: A common understanding of the different approaches to build versus buy applied to your organizational context

    Participants: Product management team, Software development leadership team, Key stakeholders

    1. Look at the previous slide, Deciding whether to build or buy.
    2. Discuss the pros and cons listed for each approach.
      1. Do they apply in your context? Why or why not?
      2. Are there some approaches not applicable in terms of how you wish to work?
    3. Record the curated list of pros and cons for the different build/buy approaches.
    4. For each approach, arrange the pros and cons in order of importance.

    Document results in the Define a Sourcing Strategy Workbook

    Step 1.3

    Choose the Right Sourcing Strategy

    Activities
    • 1.3.1 Determine the right sourcing strategy for your needs

    This step involves the following participants:

    • Product management team
    • Software development leadership team
    • Key stakeholders

    Outcomes of this step

    Choose your desired sourcing strategy based on your current state and needs.

    Define a Sourcing Strategy for Your Development Team

    Step 1.1 Step 1.2 Step 1.3

    Choose the right sourcing strategy

    • Based on our research, finding the right sourcing strategy for a particular situation is a function of three key areas:
      • Business drivers
      • Organizational drivers
      • Technical drivers
    • Each area has key characteristics that must be assessed to confirm which strategy is best suited for the situation.
    • Once you have assessed the factors and ranked them from low to high, we can then match your results with the best-fit strategy.
    Business
    • Business knowledge/ expertise required
    • Product owner maturity

    Technical

    • Complexity and maturity of technical environment
    • Required level of integration

    Organizational

    • Your culture
    • Desired geographic proximity
    • Required vendor management skills

    Business drivers

    To choose the right sourcing strategy, you need to assess your key drivers of delivery

    Product Knowledge
    • The level of business involvement required to support the development team is a critical factor in determining the sourcing model.
    • Both the breadth and depth of involvement are critical factors.
    Strategic Value
    • The strategic value of the application to the company is also a critical component.
    • The more strategic the application is to the company, the closer the sourcing should be maintained.
    • Value can be assessed based on the revenue derived from the application and the depth of use of the application by the organization.
    Product Ownership Maturity
    • To support sourcing models that move further from organizational boundaries a strong product ownership function is required.
    • Product owners should ideally be fully allocated to the role and engaged with the development teams.
    • Product owners should be empowered to make decisions related to the product, its vision, and its roadmap.
    • The higher their allocation and empowerment, the higher the chances of success in external sourcing engagements.
    Stock image of a person running up a line with a positive trend.

    Case Study: The GoodLabs Studio Experience Logo for GoodLabs Studio.

    INDUSTRY: Software Development | SOURCE: Interview with Thomas Lo, Co-Founder, GoodLabs Studio
    Built to Outsource Development Teams
    • GoodLabs is an advanced software innovation studio that provides bespoke team extensions or turnkey digital product development with high-caliber software engineers.
    • Unlike other consulting firms, GoodLabs works very closely with its customers as a unified team to deliver the most significant impact on clients’ projects.
    • With this approach, it optimizes the delivery of strong software engineering skills with integrated product ownership from the client, enabling long-term and continued success for its clients.
    Results
    • GoodLabs is able to attract top engineering talent by focusing on a variety of complex projects that materially benefit from technical solutions, such as cybersecurity, fraud detection, and AI syndrome surveillance.
    • Taking a partnership approach with the clients has led to the successful delivery of many highly innovative and challenging projects for the customers.

    Organizational drivers

    To choose the right sourcing strategy for a particular problem you need to assess the organization’s key capabilities

    Stock photo of someone placing blocks with illustrated professionals one on top of the other. Vendor Management
    • Vendor management is a critical skill for effective external sourcing.
    • This can be assessed based on the organization’s ability to cultivate and grow long-term relationships of mutual value.
    • The longevity and growth of existing vendor relationships can be a good benchmark for future success.
    Absorptive Capacity
    • To effectively make use of external sourcing models, the organization must have a well-developed track record of absorbing outside knowledge.
    • This can be assessed by looking at past cases where external knowledge was sourced and internalized, such as past vendor development engagements or use of open-source code.
    Organizational Culture
    • Another factor in success of vendor engagements and long-term relationships is the matching of organizational cultures.
    • It is key to measure the organization’s current position on items like communication strategy, geographical dispersal, conflict resolution strategy, and hierarchical vs flat management.
    • These factors should be documented and matched with partners to determine the best fit.

    Case Study: WCIRB California Logo for WCIRB California.

    INDUSTRY: Workers Compensation Insurance | SOURCE: Interview with Roger Cottman, Senior VP and CIO, WCIRB California
    Trying to Find the Right Match
    • WCIRB is finding it difficult to hire local resources in California.
    • Its application is a niche product. Since no off-the-shelf alternatives exist, the organization will require a custom application.
    • WCIRB is in the early stages of a digital platform project and is looking to bring in a partner to provide a full development team, with the goal of ideally bringing the application back in-house once it is built.
    • The organization is looking for a local player that will be able to integrate well with the business.
    • It has engaged with two mid-sized players but both have been slow to respond, so it is now considering alternative approaches.
    Info-Tech’s Recommended Approach
    • WCIRB is finding that mid-sized players don’t fit its needs and is now looking for a larger player
    • Based on our research we have advised that WCIRB should ensure the partner is geographically close to its location and can be a strategic partner, not simply work on an individual project.

    Technical drivers

    To choose the right sourcing strategy for a particular problem you need to assess your technical situation and capabilities

    Environment Complexity
    • The complexity of your technical environment is a hurdle that must be overcome for external sourcing models.
    • The number of environments used in the development lifecycle and the location of environments (physical, virtual, on-premises, or cloud) are key indicators.
    Integration Requirements
    • The complexity of integration is another key technical driver.
    • The number of integrations required for the application is a good measuring stick. Will it require fewer than 5, 5-10, or more than 10?
    Testing Capabilities
    • Testing of the application is a key technical driver of success for external models.
    • Having well-defined test cases, processes, and shared execution with the business are all steps that help drive success of external sourcing models.
    • Test automation can also help facilitate success of external models.
    • Measure the percentage of test cases that are standardized, the level of business involvement, and the percentage of test cases that are automated.
    Stock image of pixelated light.

    Case Study: Management Control Systems (MC Systems) Logo for MC Systems.

    INDUSTRY: Technology Services | SOURCE: Interview with Kathryn Chin See, Business Development and Research Analyst, MC Systems
    Seeking to Outsource Innovation
    • MC Systems is seeking to outsource its innovation function to get budget certainty on innovation and reduce costs. It is looking for a player that has knowledge of the application areas it is looking to enhance and that would augment its own business knowledge.
    • In previous outsourcing experiences with skills augmentation and application development the organization had issues related to the business depth and product ownership it could provide. The collaborations did not lead to success as MC Systems lacked product ownership and the ability to reintegrate the outside knowledge.
    • The organization is concerned about testing of a vendor-built application and how the application will be supported.
    Info-Tech’s Recommended Approach
    • To date MC Systems has had success with its outsourcing approach when outsourcing specific work items.
    • It is now looking to expand to outsourcing an entire application.
    • Info-Tech’s recommendation is to seek partners who can take on development of the application.
    • MC Systems will still need resources to bring knowledge back in-house for testing and to provide operational support.

    Choosing the right model


    Legend for the table below using circles with quarters to represent Low (0 quarters) to High (4 quarters).
    Determinant Key Questions to Ask Onshore Nearshore Offshore Outsource Role(s) Outsource Team Outsource Product(s)
    Business Dependence How much do you rely on business resources during the development cycle? Circle with 4 quarters. Circle with 3 quarters. Circle with 1 quarter. Circle with 2 quarters. Circle with 1 quarter. Circle with 0 quarters.
    Absorptive Capacity How successful has the organization been at bringing outside knowledge back into the firm? Circle with 0 quarters. Circle with 1 quarter. Circle with 1 quarter. Circle with 2 quarters. Circle with 1 quarter. Circle with 4 quarters.
    Integration Complexity How many integrations are required for the product to function – fewer than 5, 5-10, or more than 10? Circle with 4 quarters. Circle with 3 quarters. Circle with 3 quarters. Circle with 2 quarters. Circle with 1 quarter. Circle with 0 quarters.
    Product Ownership Do you have full-time product owners in place for the products? Do product owners have control of their roadmaps? Circle with 1 quarter. Circle with 2 quarters. Circle with 3 quarters. Circle with 2 quarters. Circle with 4 quarters. Circle with 4 quarters.
    Organization Culture Fit What are your organization’s communication and conflict resolution strategies? Is your organization geographically dispersed? Circle with 1 quarter. Circle with 1 quarter. Circle with 3 quarters. Circle with 1 quarter. Circle with 3 quarters. Circle with 4 quarters.
    Vendor Mgmt Skills What is your skill level in vendor management? How long are your longest-standing vendor relationships? Circle with 0 quarters. Circle with 1 quarter. Circle with 1 quarter. Circle with 2 quarters. Circle with 3 quarters. Circle with 4 quarters.

    1.3.1 Determine the right sourcing strategy for your needs

    60 minutes

    Output: A scored matrix of the key drivers of the sourcing strategy

    Participants: Development leaders, Product management team, Key stakeholders

    Choose one of your products or product families and assess the factors below on a scale of None, Low, Medium, High, and Full.

    • 3.1 Assess the business factors that drive selection using these key criteria (20 minutes):
      • 3.1.1 Product knowledge
      • 3.1.2 Strategic value
      • 3.1.3 Product ownership
    • 3.2 Assess the organizational factors that drive selection using these key criteria (20 minutes):
      • 3.2.1 Vendor management
      • 3.2.2 Absorptive capacity
      • 3.2.3 Organization culture
    • 3.3 Assess the technical factors that drive selection using these key criteria (20 minutes):
      • 3.3.1 Environments
      • 3.3.2 Integration
      • 3.3.3 Testing

    Document results in the Define a Sourcing Strategy Workbook

    Things to Consider When Implementing

    Once you have built your strategy there are some additional things to consider

    Things to Consider Before Acting on Your Strategy

    By now you understand what goes into an effective sourcing strategy. Before implementing one, there are a few key items you need to consider:

    Example 'Sourcing Strategy for Your Portfolio' with initiatives like 'Client-Facing Apps' and 'ERP Software' assigned to 'Onshore Dev', 'Outsource Team', 'Offshore Dev', 'Outsource App (Buy)', 'Outsource Dev', or 'Outsource Roles'. Start with a pilot
    • Changing sourcing needs to start with one team.
    • Grow as skills develop to limit risk.
    Build an IT workforce plan Enhance your vendor management skills Involve the business early and often
    • The business should feel they are part of the discussion.
    • See our Agile/DevOps Research Center for more information on how the business and IT can better work together.
    Limit sourcing complexity
    • Having too many different partners and models creates confusion and will strain your ability to manage vendors effectively.

    Bibliography

    Apfel, Isabella, et al. “IT Project Member Turnover and Outsourcing Relationship Success: An Inverted-U Effect.” Developments, Opportunities and Challenges of Digitization, 2020. Web.

    Benamati, John, and Rajkumar, T.M. “The Application Development Outsourcing Decision: An Application of the Technology Acceptance Model.” Journal of Computer Information Systems, vol. 42, no. 4, 2008, pp. 35-43. Web.

    Benamati, John, and Rajkumar, T.M. “An Outsourcing Acceptance Model: An Application of TAM to Application Development Outsourcing Decisions.” Information Resources Management Journal, vol. 21, no. 2, pp. 80-102, 2008. Web.

    Broekhuizen, T. L. J., et al. “Digital Platform Openness: Drivers, Dimensions and Outcomes.” Journal of Business Research, vol. 122, July 2019, pp. 902-914. Web.

    Brook, Jacques W., and Albert Plugge. “Strategic Sourcing of R&D: The Determinants of Success.” Business Information Processing, vol. 55, Aug. 2010, pp. 26-42. Web.

    Delen, G. P A.J., et al. “Foundations for Measuring IT-Outsourcing Success and Failure.” Journal of Systems and Software, vol. 156, Oct. 2019, pp. 113-125. Web.

    Elnakeep, Eman, et al. “Models and Frameworks for IS Outsourcing Structure and Dimensions: A Holistic Study.” Lecture notes in Networks and Systems, 2019. Web.

    Ghei, Suneel. Modeling Absorptive Capacity for Open Innovation in the Software Industry. 2020. Faculty of Graduate Studies, Athabasca University, 2020. DBA Dissertation.

    “IT Outsourcing Market Research Report by Service Model, Organization Sizes, Deployment, Industry, Region – Global Forecast to 2027 – Cumulative Impact of COVID-19.” ReportLinker, April 2022. Web.

    Jeong, Jongkil Jay, et al. “Enhancing the Application and Measurement of Relationship Quality in Future IT Outsourcing Studies.” 26th European Conference on Information Systems: Beyond Digitization – Facets of Socio-Tehcnical Change: Proceedings of ECIS 2018, Portsmouth, UK, June 23-28, 2018. Edited by Peter Bednar, et al., 2018. Web.

    Könning, Michael. “Conceptualizing the Effect of Cultural Distance on IT Outsourcing Success.” Proceedings of Australasian Conference on Information Systems 2018, Sydney, Australia, Dec. 3-5, 2018. Edited by Matthew Noble, UTS ePress, 2018. Web.

    Lee, Jae-Nam, et al. “Holistic Archetypes of IT Outsourcing Strategy: A Contingency Fit and Configurational Approach.” MIS Quarterly, vol. 43, no. 4, Dec. 2019, pp. 1201-1225. Web.

    Loukis, Euripidis, et al. “Determinants of Software-as-a-Service Benefits and Impact on Firm Performance.” Decision Support Systems, vol. 117, Feb. 2019, pp. 38-47. Web.

    Martensson, Anders. “Patterns in Application Development Sourcing in the Financial Industry.” Proceedings of the 13th European Conference of Information Systems, 2004. Web.

    Martínez-Sánchez, Angel, et al. “The Relationship Between R&D, the Absorptive Capacity of Knowledge, Human Resource Flexibility and Innovation: Mediator Effects on Industrial Firms.” Journal of Business Research, vol. 118, Sept. 2020, pp. 431-440. Web.

    Moreno, Valter, et al. “Outsourcing of IT and Absorptive Capacity: A Multiple Case Study in the Brazilian Insurance Sector.” Brazilian Business Review, vol. 17, no. 1, Jan.-Feb. 2020, pp. 97-113. Web.

    Ozturk, Ebru. “The Impact of R&D Sourcing Strategies on Basic and Developmental R&D in Emerging Economies.” European Journal of Innovation Management, vol. 21, no. 7, May 2018, pp. 522-542. Web.

    Ribas, Imma, et al. “Multi-Step Process for Selecting Strategic Sourcing Options When Designing Supply Chains.” Journal of Industrial Engineering and Management, vol. 14, no. 3, 2021, pp. 477-495. Web.

    Striteska, Michaela Kotkova, and Viktor Prokop. “Dynamic Innovation Strategy Model in Practice of Innovation Leaders and Followers in CEE Countries – A Prerequisite for Building Innovative Ecosystems.” Sustainability, vol. 12, no. 9, May 2020. Web.

    Thakur-Wernz, Pooja, et al. “Antecedents and Relative Performance of Sourcing Choices for New Product Development Projects.” Technovation, 2020. Web.

    Marketing Management Suite Software Selection Guide

    • Buy Link or Shortcode: {j2store}552|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Marketing Solutions
    • Parent Category Link: /marketing-solutions
    • Selecting and implementing the right MMS platform – one that aligns with your requirements is a significant undertaking.
    • Despite the importance of selecting and implementing the right MMS platform, many organizations struggle to define an approach to picking the most appropriate vendor and rolling out the solution in an effective and cost-efficient manner.
    • IT often finds itself in the unenviable position of taking the fall for an MMS platform that doesn’t deliver on the promise of the MMS strategy.

    Our Advice

    Critical Insight

    • MMS platform selection must be driven by your overall customer experience management strategy. Link your MMS selection to your organization’s CXM framework.
    • Determine what exactly you require from your MMS platform; leverage use cases to help guide selection.
    • Ensure strong points of integration between your MMS and other software such as CRM and POS. Your MMS solution should not live in isolation; it must be part of a wider ecosystem.

    Impact and Result

    • An MMS platform that effectively meets business needs and delivers value.
    • Reduced costs during MMS vendor platform selection and faster time to results after implementation.

    Marketing Management Suite Software Selection Guide Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Marketing Management Suite Software Selection Guide – A deck that walks you through the process of building your business case and selecting the proper MMS platform.

    This blueprint will help you build a business case for selecting the right MMS platform, define key requirements, and conduct a thorough analysis and scan of the current state of the ever-evolving MMS market space.

    • Marketing Management Suite Software Selection Guide Storyboard
    [infographic]

    Further reading

    Marketing Management Suite Software Selection Guide

    Streamline your organizational approach to selecting a right-sized marketing management platform.

    Analyst perspective

    A robustly configured and comprehensive MMS platform is a crucial ingredient to help kick-start your organization's cross-channel and multichannel marketing management initiatives.

    Modern marketing management suites (MMS) are imperative given today's complex, multitiered, and often non-standardized marketing processes. Relying on isolated methods such as lead generation or email marketing techniques for executing key cross-channel and multichannel marketing initiatives is not enough to handle the complexity of contemporary marketing management activities.

    Organizations need to invest in highly customizable and functionally extensive MMS platforms to provide value alongside the marketing value chain and a 360-degree view of the consumer's marketing journey. IT needs to be rigorously involved with the sourcing and implementation of the new MMS tool, and the necessary business units also need to own the requirements and be involved from the initial stages of software selection.

    To succeed with MMS implementation, consider drafting a detailed roadmap that outlines milestone activities for configuration, security, points of integration, and data migration capabilities and provides for ongoing application maintenance and support.

    This is a picture of Yaz Palanichamy

    Yaz Palanichamy
    Senior Research Analyst, Customer Experience Strategy
    Info-Tech Research Group

    Executive summary

    Your Challenge

    • Many organizations struggle with taking a systematic and structured approach to selecting a right-sized marketing management suite (MMS) – an indispensable part of managing an organization's specific and nuanced marketing management needs.
    • Organizations must define a clear-cut strategic approach to investing in a new MMS platform. Exercising the appropriate selection and implementation rigor for a right-sized MMS tool is a critical step in delivering concrete business value to sustain various marketing value chains across the organization.

    Common Obstacles

    • An MMS vendor that is not well aligned to marketing requirements wastes resources and causes an endless cascade of end-user frustration.
    • The MMS market is rapidly evolving, making it difficult for vendors to retain a competitive foothold in the space.
    • IT managers and/or marketing professionals often find themselves in the unenviable position of taking the fall for MMS platforms that fail to deliver on the promise of the overarching marketing management strategy.

    Info-Tech's Approach

    • MMS platform selection must be driven by your overall marketing management strategy. Email marketing techniques, social marketing, and/or lead management strategies are often not enough to satisfy the more sophisticated use cases demanded by increasingly complex customer segmentation levels.
    • For organizations with a large audience or varied product offerings, a well-integrated MMS platform enables the management of various complex campaigns across many channels, product lines, customer segments, and marketing groups throughout the enterprise.

    Info-Tech Insight

    IT must collaborate with marketing professionals and other key stakeholder groups to define a unified vision and holistic outlook for a right-sized MMS platform.

    Info-Tech's methodology for selecting a right-sized marketing management suite platform

    1. Understand Core MMS Features

    2. Build the Business Case & Streamline Requirements

    3. Discover the MMS Market Space & Prepare for Implementation

    Phase Steps

    1. Define MMS Platforms
    2. Classify Table Stakes & Differentiating Capabilities
    3. Explore Trends
    1. Build the Business Case
    2. Streamline the Requirements Elicitation Process for a New MMS Platform
    3. Develop an Inclusive RFP Approach
    1. Discover Key Players in the Vendor Landscape
    2. Engage the Shortlist & Select Finalist
    3. Prepare for Implementation

    Phase Outcomes

    1. Consensus on scope of MMS and key MMS platform capabilities
    1. MMS platform selection business case
    2. Top-level use cases and requirements
    3. Procurement vehicle best practices
    1. Market analysis of MMS platforms
    2. Overview of shortlisted vendors
    3. Implementation considerations

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3

    Call #1: Understand what a marketing management suite is. Discuss core capabilities and key trends.

    Call #2: Build the business case
    to select a right-sized MMS.

    Call #3: Define your core
    MMS requirements.

    Call #4: Build and sustain procurement vehicle best practices.

    Call #5: Evaluate the MMS vendor landscape and short-list viable options.


    Call #6: Review implementation considerations.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    The MMS procurement process should be broken into segments:

    1. Create a vendor shortlist using this buyer's guide.
    2. Define a structured approach to selection.
    3. Review the contract.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    EXECUTIVE BRIEF

    What are marketing management suite platforms?

    Our Definition: Marketing management suite (MMS) platforms are core enterprise applications that provide a unified set of marketing processes for a given organization and, typically, the capability to coordinate key cross-channel marketing initiatives.

    Key product capabilities for sophisticated MMS platforms include but are not limited to:

    • Email marketing
    • Lead nurturing
    • Social media management
    • Content curation and distribution
    • Marketing reporting and analytics
    • Consistent brand messaging

    Using a robust and comprehensive MMS platform equips marketers with the appropriate tools needed to make more informed decisions around campaign execution, resulting in better targeting, acquisition, and customer retention initiatives. Moreover, such tools can help bolster effective revenue generation and ensure more viable growth initiatives for future marketing growth enablement strategies.

    Info-Tech Insight

    Feature sets are rapidly evolving over time as MMS offerings continue to proliferate in this market space. Ensure that you focus on core components such as customer conversion rates and new lead captures through maintaining well- integrated multichannel campaigns.

    Marketing Management Suite Software Selection Buyer's Guide

    Info-Tech Insight

    A right-sized MMS software selection and procurement decision should involve comprehensive requirements and needs analysis by not just Marketing but also other organizational units such as IT, in conjunction with input suppled from the internal vendor procurement team.

    MMS Software Selection & Vendor Procurement Journey. The three main steps are: Envision the Art of the Possible; Elicit Granular Requirements; Contextualize the MMS Vendor Market Space

    Phase 1

    Understand Core MMS Features

    Phase 1

    Phase 2

    Phase 3

    1.1 Define MMS Platforms

    1.2 Classify Table Stakes & Differentiating Capabilities

    1.3 Explore Trends

    2.1 Build the Business Case

    2.2 Streamline Requirements Elicitation

    2.3 Develop an Inclusive RFP Approach

    3.1 Discover Key Players in the Vendor Landscape

    3.2 Engage the Shortlist & Select Finalist

    3.3 Prepare for Implementation

    This phase will walk you through the following activities:

    • Level-set an understanding of MMS technology.
    • Define which MMS features are table stakes (standard) and which are key differentiating functionalities.
    • Identify the art of the possible in a modern MMS platform from sales, marketing, and service lenses.

    This phase involves the following participants:

    • CMO
    • Digital Marketing Project Manager
    • Marketing Data Analytics Analyst
    • Marketing Management Executive

    What are marketing management suite platforms?

    Our Definition: Marketing management suite (MMS) platforms are core enterprise applications that provide a unified set of marketing processes for a given organization and, typically, the capability to coordinate key cross-channel marketing initiatives.

    Key product capabilities for sophisticated MMS platforms include but are not limited to:

    • Email marketing
    • Lead nurturing
    • Social media management
    • Content curation and distribution
    • Marketing reporting and analytics
    • Consistent brand messaging

    Using a robust and comprehensive MMS platform equips marketers with the appropriate tools needed to make more informed decisions around campaign execution, resulting in better targeting, acquisition, and customer retention initiatives. Moreover, such tools can help bolster effective revenue generation and ensure more viable growth initiatives for future marketing growth enablement strategies.

    Info-Tech Insight

    Feature sets are rapidly evolving over time as MMS offerings continue to proliferate in this market space. Ensure that you focus on core components such as customer conversion rates and new lead captures through maintaining well- integrated multichannel campaigns.

    Marketing through the ages

    Tracing the foundational origins of marketing management practices

    Initial traction for marketing management strategies began with the need to holistically understand the effects of advertising efforts and how the media mix could be best optimized.

    1902

    1920s-1930s

    1942

    1952-1964

    1970s-1990s

    Recognizing the increasing need for focused and professional marketing efforts, the University of Pennsylvania offers the first marketing course, dubbed "The Marketing of Products."

    As broadcast media began to peak, marketers needed to manage a greater number of complex and interspersed marketing channels.

    The introduction of television ads in 1942 offered new opportunities for brands to reach consumers across a growing media landscape. To generate the highest ROI, marketers sought to understand the consumer and focus on more tailored messaging and product personalization. Thus, modern marketing practices were born.

    Following the introduction of broadcast media, marketers had to develop strategies beyond traditional spray-and-pray methods. The first modern marketing measurement concept, "marketing mix," was conceptualized in 1952 and popularized in 1964 by Neil Borden.

    This period marked the digital revolution and the new era of marketing. With the advent of new communications technology and the modern internet, marketing management strategies reached new heights of sophistication. During the early 1990s, search engines emerged to help users navigate the web, leading to early forms of search engine optimization and advertising.

    Where it's going: the future state of marketing management

    1. Increasing Complexity Driving Consumer Purchasing Decisions
      • "The main complexity is dealing with the increasing product variety and changing consumer demands, which is forcing marketers to abandon undifferentiated marketing strategies and even niche marketing strategies and to adopt a mass customization process interacting one-to-one with their customers." – Complexity, 2019
    2. Consumers Seeking More Tailored Brand Personalization
      • Financial Services marketers lead all other industries in AI application adoption, with 37% currently using them (Salesforce, 2019).
    3. The Inclusion of More AI-Enabled Marketing Strategies
      • According to a 2022 Nostro report, 70% of consumers say it is important that brands continue to offer personalized consumer experiences.
    4. Green Marketing
      • Recent studies have shown that up to 80% of all consumers are interested in green marketing strategies (Marketing Schools, 2020).

    Marketing management by the numbers

    Key trends

    6%

    As a continuously growing discipline, marketing management roles are predicted to grow faster than average, at a rate of 6% over the next decade.

    Source: U.S. Bureau of Labor Statistics, 2021

    17%

    While many marketing management vendors offer A/B testing, only 17% of marketers are actively using A/B testing on landing pages to increase conversion rates.

    Source: Oracle, 2022

    70%

    It is imperative that technology and SaaS companies begin to use marketing automation as a core component of their martech strategy to remain competitive. About 70% of technology and SaaS companies are employing integrated martech tools.

    Source: American Marketing Association, 2021

    Understand MMS table stakes features

    Organizations can expect nearly all MMS vendors to provide the following functionality

    Email Marketing

    Lead Nurturing

    Reporting, Analytics, and Marketing KPIs

    Marketing Campaign Management

    Integrational Catalog

    The use of email alongside marketing efforts to promote a business' products and services. Email marketing can be a powerful tool to maintain connections with your audience and ensure sustained brand promotion.

    The process of developing and nurturing relationships with key customer contacts at every major touchpoint in their customer journey. MMS platforms can use automated lead-nurturing functions that are triggered by customer behavior.

    The use of well-defined metrics to help curate, gather, and analyze marketing data to help track performance and improve the marketing department's future marketing decisions and strategies.

    Tools needed for the planning, execution, tracking, and analysis of direct marketing campaigns. Such tools are needed to help gauge your buyers' sentiments toward your company's product offerings and services.

    MMS platforms should generally have a comprehensive open API/integration catalog. Most MMS platforms should have dedicated integration points to interface with various tools across the marketing landscape (e.g. social media, email, SEO, CRM, CMS tools, etc.).

    Identify differentiating MMS features

    While not always deemed must-have functionality, these features may be the deciding factor when choosing between two MMS-focused vendors.

    Digital Asset Management (DAM)

    A DAM can help manage digital media asset files (e.g. photos, audio files, video).

    Customer Data Management

    Customer data management modules help your organization track essential customer information to maximize your marketing results.

    Text-Based Marketing

    Text-based marketing strategy is ideal for any organization primarily focused on coordinating structured and efficient marketing campaigns.

    Customer
    Journey Orchestration

    Customer journey orchestration enables users to orchestrate customer conversations and journeys across the entire marketing value chain.

    AI-Driven Workflows

    AI-powered workflows can help eliminate complexities and allow marketers to automate and optimize tasks across the marketing spectrum.

    Dynamic Segmentation

    Dynamic segmentation to target audience cohorts based on recent actions and stated preferences.

    Advanced Email Marketing

    These include capabilities such as A/B testing, spam filter testing, and detailed performance reporting.

    Ensure you understand the art of the possible across the MMS landscape

    Understanding the trending feature sets that encompass the broader MMS vendor landscape will best equip your organization with the knowledge needed to effectively match today's MMS platforms with your organization's marketing requirements.

    Holistically examine the potential of any MMS solution through three main lenses:

    Data-Driven
    Digital Advertising

    Adapt innovative techniques such as conversational marketing to help collect, analyze, and synthesize crucial audience information to improve the customer marketing experience and pre-screen prospects in a more conscientious manner.

    Next Best Action Marketing

    Next best action marketing (NBAM) is a customer-centric paradigm/marketing technique designed to capture specific information about customers and their individual preferences. Predicting customers' future actions by understanding their intent during their purchasing decisions stage will help improve conversion rates.

    AI-Driven Customer
    Segmentation

    The use of inclusive and innovative AI-based forecast modeling techniques can help more accurately analyze customer data to create more targeted segments. As such, marketing messages will be more accurately tailored to the customer that is reading them.

    Art of the possible: data-driven digital advertising

    CONVERSATIONAL MARKETING INTELLIGENCE

    Are you curious about the measures needed to boost engagement among your client base and other primary target audience groups? Conversational marketing intelligence metrics can help collect and disseminate key descriptive data points across a broader range of audience information.

    AI-DRIVEN CONVERSATIONAL MARKETING DEVICES

    Certain social media channels (e.g. LinkedIn and Facebook) like to take advantage of click-to-Messenger-style applications to help drive meaningful conversations with customers and learn more about their buying preferences. In addition, AI-driven chatbot applications can help the organization glean important information about the customer's persona by asking probing questions about their marketing purchase behaviors and preferences.

    METAVERSE- DRIVEN BRANDING AND ADVERTISING

    One of the newest phenomena in data-driven marketing technology and digital advertising techniques is the metaverse, where users can represent themselves and their brand via virtual avatars to further gamify their marketing strategies. Moreover, brands can create immersive experiences and engage with influencers and established communities and collect a wealth of information about their audience that can help drive customer retention and loyalty.

    Case study

    This is the logos for Gucci and Roblox.

    Metaverse marketing extends the potential for commercial brand development and representation: a deep dive into Gucci's metaverse practice

    INDUSTRY: Luxury Goods Apparel
    SOURCE: Vogue Business

    Challenge

    Beginning with a small, family-owned leather shop known as House of Gucci in Florence, Italy, businessman and fashion designer Guccio Gucci sold saddles, leather bags, and other accessories to horsemen during the 1920s. Over the years, Gucci's offerings have grown to include various other personal luxury goods.

    As consumer preferences have evolved over time, particularly with the younger generation, Gucci's professional marketing teams looked to invest in virtual technology environments to help build and sustain better brand awareness among younger consumer audiences.

    Solution

    In response to the increasing presence of metaverse-savvy gamers on the internet, Gucci began investing in developing its online metaverse presence to bolster its commercial marketing brand there.

    A recent collaboration with Roblox, an online gaming platform that offers virtual experiences, provided Gucci the means to showcase its fashion items using the Gucci Garden – a virtual art installation project for Generation Z consumers, powered by Roblox's VR technology. The Gucci Garden virtual system featured a French-styled garden environment where players could try on and buy Gucci virtual fashion items to dress up their blank avatars.

    Results

    Gucci's disruptive, innovative metaverse marketing campaign project with Roblox is proof of its commitment to tapping new marketing growth channels to showcase the brand to engage new and prospective consumers (e.g. Roblox's player base) across more unique sandboxed/simulation environments.

    The freedom and flexibility in the metaverse environments allows brands such as Gucci to execute a more flexible digital marketing approach and enables them to take advantage of innovative metaverse-driven technologies in the market to further drive their data-driven digital marketing campaigns.

    Art of the possible: next best action marketing (NBAM)

    NEXT BEST ACTION PREDICTIVE MODELING

    To improve conversion propensity, next best action techniques can use predictive modeling methods to help build a dynamic overview of the customer journey. With information sourced from actionable marketing intelligence data, MMS platforms can use NBAM techniques to identify customer needs based on their buying behavior, social media interactions, and other insights to determine what unique set of actions should be taken for each customer.

    MACHINE LEARNING–BASED RECOMMENDER SYSTEMS

    Rules-based recommender systems can help assign probabilities of purchasing behaviors based on the patterns in touchpoints of a customer's journey and interaction with your brand. For instance, a large grocery chain company such as Walmart or Whole Foods will use ML-based recommender systems to decide what coupons they should offer to their customers based on their purchasing history.

    Art of the possible: AI-driven customer segmentation

    MACHINE/DEEP LEARNING (ML/DL) ALGORITHMS

    The inclusion of AI in data analytics helps make customer targeting more accurate
    and meaningful. Organizations can analyze customer data more thoroughly and generate in-depth contextual and descriptive information about the targeted segments. In addition, they can use this information to automate the personalization of marketing campaigns for a specific target audience group.

    UNDERSTANDING CUSTOMER SENTIMENTS

    To greatly benefit from AI-powered customer segmentation, organizations must deploy specialized custom AI solutions to help organize qualitative comments into quantitative data. This approach requires companies to use custom AI models and tools that will analyze customer sentiments and experiences based on data extracted from various touchpoints (e.g. CRM systems, emails, chatbot logs).

    Phase 2

    Build the Business Case and Streamline Requirements

    Phase 1

    Phase 2

    Phase 3

    1.1 Define MMS Platforms

    1.2 Classify Table Stakes & Differentiating Capabilities

    1.3 Explore Trends

    2.1 Build the Business Case

    2.2 Streamline Requirements Elicitation

    2.3 Develop an Inclusive RFP Approach

    3.1 Discover Key Players in the Vendor Landscape

    3.2 Engage the Shortlist & Select Finalist

    3.3 Prepare for Implementation

    This phase will walk you through the following activities:

    • Define and build the business case for the selection of a right-sized MMS platform.
    • Elicit and prioritize granular requirements for your MMS platform.

    This phase involves the following participants:

    • CMO
    • Technical Marketing Analyst
    • Digital Marketing Project Manager
    • Marketing Data Analytics Analyst
    • Marketing Management Executive

    Software Selection Engagement

    5 Advisory Calls over a 5-Week Period to Accelerate Your Selection Process

    Expert analyst guidance over 5 weeks on average to select software and negotiate with the vendor.

    Save money, align stakeholders, speed up the process and make better decisions.

    Use a repeatable, formal methodology to improve your application selection process.

    Better, faster results, guaranteed, included in your membership.

    This is an image of the plan for five advisory calls over a five-week period.

    CLICK HERE to book your Selection Engagement

    Elicit and prioritize granular requirements for your marketing management suite (MMS) platform

    Understanding business needs through requirements gathering is the key to defining everything you need from your software. However, it is an area where people often make critical mistakes.

    Poorly scoped requirements

    Best practices

    • Fail to be comprehensive and miss certain areas of scope.
    • Focus on how the solution should work instead of what it must accomplish.
    • Have multiple levels of detail within the requirements, causing inconsistency and confusion.
    • Drill all the way down to system-level detail.
    • Add unnecessary constraints based on what is done today rather than focusing on what is needed for tomorrow.
    • Omit constraints or preferences that buyers think are obvious.
    • Get a clear understanding of what the system needs to do and what it is expected to produce.
    • Test against the principle of MECE – requirements should be "mutually exclusive and collectively exhaustive."
    • Explicitly state the obvious and assume nothing.
    • Investigate what is sold on the market and how it is sold. Use language that is consistent with that of the market and focus on key differentiators – not table stakes.
    • Contain the appropriate level of detail – the level should be suitable for procurement and sufficient for differentiating vendors.

    Info-Tech Insight
    Poor requirements are the number one reason projects fail. Review Info-Tech's Improve Requirements Gathering blueprint to learn how to improve your requirements analysis and get results that truly satisfy stakeholder needs.

    Info-Tech's approach

    Develop an inclusive and thorough approach to the RFP process

    Identity Need; Define Business requirements; Gain Business Authorization; Perform RFI/RFP; Negotiate Agreement; Purchase Goods and Services; Assess and Measure Performance.

    Info-Tech Insight

    Review Info-Tech's process and understand how you can prevent your organization from leaking negotiation leverage while preventing vendors from taking control of your RFP.

    The Info-Tech difference:

    1. The secret to managing an RFP is to make it as manageable and as thorough as possible. The RFP process should be like any other aspect of business – by developing a standard process. With a process in place, you are better able to handle whatever comes your way, because you know the steps you need to follow to produce a top-notch RFP.
    2. The business then identifies the need for more information about a product/service or determines that a purchase is required.
    3. A team of stakeholders from each area impacted gather all business, technical, legal, and risk requirements. What are the expectations of the vendor relationship post-RFP? How will the vendors be evaluated?
    4. Based on the predetermined requirements, either an RFI or an RFP is issued to vendors with a due date.

    Leverage Info-Tech's Contract Review Service to level the playing field with your shortlisted vendors

    You may be faced with multiple products, services, master service agreements, licensing models, service agreements, and more.
    Use Info-Tech's Contract Review Service to gain insights on your agreements:

    1. Are all key terms included?
    2. Are they applicable to your business?
    3. Can you trust that results will be delivered?
    4. What questions should you be asking from an IT perspective?

    Validate that a contract meets IT's and the business' needs by looking beyond the legal terminology. Use a practical set of questions, rules, and guidance to improve your value for dollar spent.

    This is an image of three screenshots from Info-Tech's Contract Review Service.

    CLICK to BOOK The Contract Review Service

    CLICK to DOWNLOAD Master Contract Review and Negotiation for Software Agreements

    Phase 3

    Discover the MMS Market Space and Prepare for Implementation

    Phase 1

    Phase 2

    Phase 3

    1.1 Define MMS Platforms

    1.2 Classify Table Stakes & Differentiating Capabilities

    1.3 Explore Trends

    2.1 Build the Business Case

    2.2 Streamline Requirements Elicitation

    2.3 Develop an Inclusive RFP Approach

    3.1 Discover Key Players in the Vendor Landscape

    3.2 Engage the Shortlist & Select Finalist

    3.3 Prepare for Implementation

    This phase will walk you through the following activities:

    • Dive into the key players of the MMS vendor landscape.
    • Understand best practices for building a vendor shortlist.
    • Understand key implementation considerations for MMS.

    This phase involves the following participants:

    • CMO
    • Marketing Management Executive
    • Applications Manager
    • Digital Marketing Project Manager
    • Sales Executive
    • Vendor Outreach and Partnerships Manager

    Review your use cases to start your shortlist

    Your Info-Tech analysts can help you narrow down the list of vendors that will meet your requirements.

    Next steps will include:

    1. Reviewing your requirements.
    2. Checking out SoftwareReviews.
    3. Shortlisting your vendors.
    4. Conducting demos and detailed proposal reviews.
    5. Selecting and contracting with a finalist!

    Get to know the key players in the MMS landscape

    The following slides provide a top-level overview of the popular players you will encounter in your MMS shortlisting process.

    This is a series of images of the logos for the companies which will be discussed later in this blueprint.

    Evaluate software category leaders through vendor rankings and awards

    SoftwareReviews

    This is an image of two screenshots from the Data Quadrant Report.

    The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.

    Vendors are ranked by their Composite Score, based on individual feature evaluations, user satisfaction rankings, vendor capability comparisons, and likeliness to recommend the platform.

    This is an image of two screenshots from the Emotional Footprint Report.

    The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.

    Vendors are ranked by their Customer Experience (CX) Score, which combines the overall Emotional Footprint rating with a measure of the value delivered by the solution.

    Speak with category experts to dive deeper into the vendor landscape

    SoftwareReviews

    • Fact-based reviews of business software from IT professionals.
    • Product and category reports with state-of-the-art data visualization.
    • Top-tier data quality backed by a rigorous quality assurance process.
    • User-experience insight that reveals the intangibles of working with a vendor.

    CLICK HERE to ACCESS

    Comprehensive software reviews
    to make better IT decisions

    We collect and analyze the most detailed reviews on enterprise software from real users to give you an unprecedented view into the product and vendor before you buy.

    SoftwareReviews is powered by Info-Tech

    Technology coverage is a priority for Info-Tech, and SoftwareReviews provides the most comprehensive unbiased data on today's technology. Combined with the insight of our expert analysts, our members receive unparalleled support in their buying journey.

    SoftwareReviews' Enterprise MMS Rankings

    Strengths:

    • Advanced Campaign Management
    • Email Marketing Automation
    • Multichannel Integration

    Areas to Improve:

    • Mobile Marketing Management
    • Advanced Data Segmentation
    • Pricing Sensitivity and Implementation Support Model

    This is an image of SoftwareReviews analysis for Adobe Experience Cloud.

    history

    This is the Logo for Adobe Experience Cloud

    "Adobe Experience Cloud (AEC), formerly Adobe Marketing Cloud (AMC), provides a host of innovative multichannel analytics, social, advertising, media optimization, and content management products (just to name a few). The Adobe Marketing Cloud package allows users with valid subscriptions to download the entire collection and use it directly on their computer with open access to online updates. Organizations that have a deeply ingrained Adobe footprint and have already reaped the benefits of Adobe's existing portfolio of cloud services products (e.g. Adobe Creative Cloud) will find the AEC suite a functionally robust and scalable fit for their marketing management and marketing automation needs.

    However, it is important to note that AEC's pricing model is expensive when compared to other competitors in the space (e.g. Sugar Market) and, therefore, is not as affordable for smaller or mid-sized organizations. Moreover, there is the expectation of a learning curve with the AEC platform. Newly onboarded users will need to spend some time learning how to navigate and work comfortably with AEC's marketing automaton modules. "
    - Yaz Palanichamy
    Senior Research Analyst, Info-Tech Research Group

    Adobe Experience Cloud Platform pricing is opaque.
    Request a demo.*

    *Info-Tech recommends reaching out to the vendor's internal sales management team for explicit details on individual pricing plans for the Adobe Marketing Cloud suite.

    2021

    Adobe Experience Platform Launch is integrated into the Adobe Experience Platform as a suite of data collection technologies (Experience League, Adobe).

    November 2020

    Adobe announces that it will spend $1.5 billion to acquire Workfront, a provider of marketing collaboration software (TechTarget, 2020).

    September 2018

    Adobe acquires marketing automation software company Marketo (CNBC, 2018).

    June 2018

    Adobe buys e-commerce services provider Magento Commerce from private equity firm Permira for $1.68 billion (TechCrunch, 2018).

    2011

    Adobe acquires DemDex, Inc. with the intention of adding DemDex's audience-optimization software to the Adobe Online Marketing Suite (Adobe News, 2011).

    2009

    Adobe acquires online marketing and web analytics company Omniture for $1.8 billion and integrates its products into the Adobe Marketing Cloud (Zippia, 2022).

    Adobe platform launches in December 1982.

    SoftwareReviews' Enterprise MMS Rankings

    Strengths:

    • Marketing Workflow Management
    • Advanced Data Segmentation
    • Marketing Operations Management

    Areas to Improve:

    • Email Marketing Automation
    • Marketing Asset Management
    • Process of Creating and/or Managing Marketing Lists

    This is an image of SoftwareReviews analysis for Dynamics 365

    history

    This is the logo for Dynamics 365

    2021

    Microsoft Dynamics 365 suite adds customer journey orchestration as a viable key feature (Tech Target, 2021)

    2019

    Microsoft begins adding to its Dynamics 365 suite in April 2019 with new functionalities such as virtual agents, fraud detection, new mixed reality (Microsoft Dynamics 365 Blog, 2019).

    2017

    Adobe and Microsoft expand key partnership between Adobe Experience Manager and Dynamics 365 integration (TechCrunch, 2017).

    2016

    Microsoft Dynamics CRM paid seats begin growing steadily at more than 2.5x year-over-year (TechCrunch, 2016).

    2016

    On-premises application, called Dynamics 365 Customer Engagement, contains the Dynamics 365 Marketing Management platform (Learn Microsoft, 2023).

    Microsoft Dynamics 365 product suite is released on November 1, 2016.

    "Microsoft Dynamics 365 for Marketing remains a viable option for organizations that require a range of innovative MMS tools that can provide a wealth of functional capabilities (e.g. AI-powered analytics to create targeted segments, A/B testing, personalizing engagement for each customer). Moreover, Microsoft Dynamics 365 for Marketing offers trial options to sandbox their platform for free for 30 days to help users familiarize themselves with the software before buying into the product suite.

    However, ensure that you have the time to effectively train users on implementing the MS Dynamics 365 platform. The platform does not score high on customizability in SoftwareReviews reports. Developers have only a limited ability to modify the core UI, so organizations need to be fully equipped with the knowledge needed to successfully navigate MS-based applications to take full advantage of the platform. For organizations deep in the Microsoft stack, D365 Marketing is a compelling option."
    Yaz Palanichamy
    Senior Research Analyst, Info-Tech Research Group

    Dynamics 365
    Marketing

    Dynamics 365
    Marketing (Attachment)

    • Starts from $1,500 per tenant/month*
    • Includes 10,000 contacts, 100,000 interactions, and 1,000 SMS messages
    • For organizations without any other Dynamics 365 application
    • Starts from $750 per tenant/month*
    • Includes 10,000 contacts, 100,000 interactions, and 1,000 SMS messages
    • For organizations with a qualifying Dynamics 365 application

    * Pricing correct as of October 2022. Listed in USD and absent discounts. See pricing on vendor's website for latest information.

    SoftwareReviews' Enterprise MMS Rankings

    Strengths:

    • Marketing Analytics
    • Marketing Workflow Management
    • Lead Nurturing

    Areas to Improve:

    • Advanced Campaign Management
    • Email Marketing Automation
    • Marketing Segmentation

    This is an image of SoftwareReviews analysis for HubSpot

    history

    This is an image of the Logo for HubSpot

    2022

    HubSpot Marketing Hub releases Campaigns 2.0 module for its Marketing Hub platform (HubSpot, 2022).

    2018


    HubSpot announces the launch of its Marketing Hub Starter platform, a new offering that aims to give growing teams the tools they need to start marketing right (HubSpot Company News, 2018).

    2014

    HubSpot celebrates its first initial public offering on the NYSE market (HubSpot Company News, 2014).

    2013

    HubSpot opens its first international office location in Dublin, Ireland
    (HubSpot News, 2013).

    2010

    Brian Halligan and Dharmesh Shah write "Inbound Marketing," a seminal book that focuses on inbound marketing principles (HubSpot, n.d.).

    HubSpot opens for business in Cambridge, MA, USA, in 2005.

    "HubSpot's Marketing Hub software ranks consistently high in scores across SoftwareReviews reports and remains a strong choice for organizations that want to run successful inbound marketing campaigns that make customers interested and engaged with their business. HubSpot Marketing Hub employs comprehensive feature sets, including the option to streamline ad tracking and management, perform various audience segmentation techniques, and build personalized and automated marketing campaigns.

    However, SoftwareReviews reports indicate end users are concerned that HubSpot Marketing Hub's platform may be slightly overpriced in recent years and not cost effective for smaller and mid-sized companies that are working with a limited budget. Moreover, when it comes to mobile user accessibility reports, HubSpot's Marketing Hub does not directly offer data usage reports in relation to how mobile users navigate various web pages on the customer's website."
    Yaz Palanichamy
    Senior Research Analyst, Info-Tech Research Group

    HubSpot Marketing Hub (Starter Package)

    HubSpot Marketing Hub (Professional Package)

    HubSpot Marketing Hub (Enterprise Package)

    • Starts from $50/month*
    • Includes 1,000 marketing contacts
    • All non-marketing contacts are free, up to a limit of 15 million overall contacts (marketing contacts + non-marketing contracts)
    • Starts from $890/month*
    • Includes 2,000 marketing contacts
    • Onboarding is required for a one-time fee of $3,000
    • Starts from $3600/month*
    • Includes 10,000 marketing contacts
    • Onboarding is required for a one-time fee of $6,000

    *Pricing correct as of October 2022. Listed in USD and absent discounts.
    See pricing on vendor's website for latest information.

    SoftwareReviews' Enterprise MMS Rankings

    Strengths:

    • Email Marketing Automation
    • Customer Journey Mapping
    • Contacts Management

    Areas to Improve:

    • Pricing Model Flexibility
    • Integrational API Support
    • Antiquated UI/CX Design Elements

    This is an image of SoftwareReviews analysis for Maropost

    history

    This is an image of the Logo for MAROPOST Marketing Cloud

    2022

    Maropost acquires Retail Express, leading retail POS software in Australia for $55M (PRWire, 2022).

    2018


    Maropost develops innovative product feature updates to its marketing cloud platform (e.g. automated social campaign management, event segmentation for mobile apps) (Maropost, 2019).

    2015

    US-based communications organization Success selects Maropost Marketing Cloud for marketing automation use cases (Apps Run The World, 2015).

    2017

    Maropost is on track to become one of Toronto's fastest-growing companies, generating $30M in annual revenue (MarTech Series, 2017).

    2015

    Maropost is ranked as a "High Performer" in the Email Marketing category in a G2 Crowd Grid Report (VentureBeat, 2015).

    Maropost is founded in 2011 as a customer-centric ESP platform.

    Maropost Marketing Cloud – Essential

    Maropost
    Marketing Cloud –Professional

    Maropost
    Marketing Cloud –Enterprise

    • Starts from $279/month*
    • Includes baseline features such as email campaigns, A/B campaigns, transactional emails, etc.
    • Starts from $849/month*
    • Includes additional system functionalities of interest (e.g. mobile keywords, more journeys for marketing automation use cases)
    • Starts from $1,699/month*
    • Includes unlimited number of journeys
    • Upper limit for custom contact fields is increased by 100-150

    *Pricing correct as of October 2022. Listed in USD and absent discounts.
    See pricing on vendor's website for latest information.

    SoftwareReviews' Enterprise MMS Rankings

    Strengths:

    • Advanced Data Segmentation
    • Marketing Analytics
    • Multichannel Integration

    Areas to Improve:

    • Marketing Operations
      Management
    • Marketing Asset Management
    • Community Marketing Management

    This is an image of SoftwareReviews analysis for Oracle Marketing Cloud.

    history

    This is an image of the Logo for Oracle Marketing Cloud

    2021

    New advanced intelligence capabilities within Oracle Eloqua Marketing Automation help deliver more targeted and personalized messages (Oracle, Marketing Automation documentation).

    2015


    Oracle revamps its marketing cloud with new feature sets, including Oracle ID Graph for cross-platform identification of customers, AppCloud Connect, etc. (Forbes, 2015).

    2014

    Oracle announces the launch of the Oracle Marketing Cloud (TechCrunch, 2014).

    2005

    Oracle acquires PeopleSoft, a company that produces human resource management systems, in 2005 for $10.3B (The Economic Times, 2016).

    1982

    Oracle becomes the first company to sell relational database management software (RDBMS). In 1982 it has revenue of $2.5M (Encyclopedia.com).

    Relational Software, Inc (RSI) – later renamed Oracle Corporation – is founded in 1977.

    "Oracle Marketing Cloud offers a comprehensive interwoven and integrated marketing management solution that can help end users launch cross-channel marketing programs and unify all prospect and customer marketing signals within one singular view. Oracle Marketing Cloud ranks consistently high across our SoftwareReviews reports and sustains top scores in overall customer experience rankings at a factor of 9.0. The emotional sentiment of users interacting with Oracle Marketing Cloud is also highly favorable, with Oracle's Emotional Footprint score at +93.

    Users should be aware that some of the reporting mechanisms and report-generation capabilities may not be as mature as those of some of its competitors in the MMS space (e.g. Salesforce, Adobe). Data exportability also presents a challenge in Oracle Marketing Cloud and requires a lot of internal tweaking between end users of the system to function properly. Finally, pricing sensitivity may be a concern for small and mid-sized organizations who may find Oracle's higher-tiered pricing plans to be out of reach. "
    Yaz Palanichamy
    Senior Research Analyst, Info-Tech Research Group

    Oracle Marketing Cloud pricing is opaque.
    Request a demo.*

    *Info-Tech recommends reaching out to the vendor's internal sales management team for explicit details on individual pricing plans for the Adobe Marketing Cloud suite.

    SoftwareReviews' Enterprise MMS Rankings

    Strengths:

    • Marketing Analytics
    • Advanced Campaign Management
    • Email Marketing Automation
    • Social Media Marketing Management

    Areas to Improve:

    • Community Marketing Management
    • Marketing Operations Management
    • Pricing Sensitivity and Vendor Support Model

    This is an image of SoftwareReviews analysis for Salesforce

    history

    This is an image of the Logo for Salesforce Marketing Cloud

    2022

    Salesforce announces sustainability as a core company value (Forbes, 2022).

    2012



    Salesforce unveils Salesforce Marketing Cloud during Dreamforce 2012, with 90,000 registered attendees (Dice, 2012).

    2009

    Salesforce launches Service Cloud, bringing customer service and support automation features to the market (TechCrunch, 2009).

    2003


    The first Dreamforce event is held at the Westin St. Francis hotel in downtown San Francisco
    (Salesforce, 2020).

    2001


    Salesforce delivers $22.4M in revenue for the fiscal year ending January 31, 2002 (Salesforce, 2020).

    Salesforce is founded in 1999.

    "Salesforce Marketing Cloud is a long-term juggernaut of the marketing management software space and is the subject of many Info-Tech member inquiries. It retains strong composite and customer experience (CX) scores in our SoftwareReviews reports. Some standout features of the platform include marketing analytics, advanced campaign management functionalities, email marketing automation, and customer journey management capabilities. In recent years Salesforce has made great strides in improving the overall user experience by investing in new product functionalities such as the Einstein What-If Analyzer, which helps test how your next email campaign will impact overall customer engagement, triggers personalized campaign messages based on an individual user's behavior, and uses powerful real-time segmentation and sophisticated AI to deliver contextually relevant experiences that inspire customers to act.

    On the downside, we commonly see Salesforce's solutions as costlier than competitors' offerings, and its commercial/sales teams tend to be overly aggressive in marketing its solutions without a distinct link to overarching business requirements. "
    Yaz Palanichamy
    Senior Research Analyst, Info-Tech Research Group

    Marketing Cloud Basics

    Marketing Cloud Pro

    Marketing Cloud Corporate

    Marketing Cloud Enterprise

    • Starts at $400*
    • Per org/month
    • Personalized promotional email marketing
    • Starts at $1,250*
    • Per org/month
    • Personalized marketing automation with email solutions
    • Starts at $3,750*
    • Per org/month
    • Personalized cross-channel strategic marketing solutions

    "Request a Quote"

    *Pricing correct as of October 2022. Listed in USD and absent discounts. See pricing on vendor's website for latest information.

    SoftwareReviews' Enterprise MMS Rankings

    Strengths:

    • Email Marketing Automation
    • Marketing Workflow Management
    • Marketing Analytics

    Areas to Improve:

    • Mobile Marketing Management
    • Marketing Operations Management
    • Advanced Data Segmentation

    This is an image of SoftwareReviews analysis for SAP

    history

    This is an image of the Logo for SAP

    2022

    SAP announces the second cycle of the 2022 SAP Customer Engagement Initiative. (SAP Community Blog, 2022).

    2020

    SAP acquires Austrian cloud marketing company Emarsys (TechCrunch, 2020).

    2015

    SAP Digital for Customer Engagement launches in May 2015 (SAP News, 2015).

    2009

    SAP begins branching out into three markets of the future (mobile technology, database technology, and cloud). SAP acquires some of its competitors (e.g. Ariba, SuccessFactors, Business Objects) to quickly establish itself as a key player in those areas (SAP, n.d.).

    1999

    SAP responds to the internet and new economy by launching its mysap.com strategy (SAP, n.d.).

    SAP is founded In 1972.

    "Over the years, SAP has positioned itself as one of the usual suspects across the enterprise applications market. While SAP has a broad range of capabilities within the CRM and customer experience space, it consistently underperforms in many of our user-driven SoftwareReviews reports for MMS and adjacent areas, ranking lower in MMS product feature capabilities such as email marketing automation and advanced campaign management than other mainstream MMS vendors, including Salesforce Marketing Cloud and Adobe Experience Cloud. The SAP Customer Engagement Marketing platform seems decidedly a secondary focus for SAP, behind its more compelling presence across the enterprise resource planning space.

    If you are approaching an MMS selection from a greenfield lens and with no legacy vendor baggage for SAP elsewhere, experience suggests that your needs will be better served by a vendor that places greater primacy on the MMS aspect of their portfolio."
    Yaz Palanichamy
    Senior Research Analyst, Info-Tech Research Group

    SAP Customer Engagement Marketing pricing is opaque:
    Request a demo.*

    *Info-Tech recommends reaching out to the vendor's internal sales management team for explicit details on individual pricing plans for the Adobe Marketing Cloud suite.

    SoftwareReviews' Enterprise MMS Rankings

    Strengths:

    • Social Media Automation
    • Email Marketing Automation
    • Marketing Analytics

    Areas to Improve:

    • Ease of Data Integration
    • Breadth of Features
    • Marketing Workflow Management

    b

    SoftwareReviews' Enterprise MMS Rankings

    Strengths:

    • Campaign Management
    • Segmentation
    • Email Delivery

    Areas to Improve:

    • Mobile Optimization
    • A/B Testing
    • Content Authoring

    This is an image of SoftwareReviews analysis for ZOHO Campaigns.

    history

    This is an image of the Logo for ZOHO Campaigns

    2021

    Zoho announces CRM-Campaigns sync (Zoho Campaigns Community Learning, 2021).

    2020

    Zoho reaches more than 50M customers in January ( Zippia, n.d.).

    2017

    Zoho launches Zoho One, a comprehensive suite of 40+ applications (Zoho Blog, 2017).

    2012

    Zoho releases Zoho Campaigns (Business Wire, 2012).

    2007

    Zoho expands into the collaboration space with the release of Zoho Docs and Zoho Meetings (Zoho, n.d.).

    2005

    Zoho CRM is released (Zoho, n.d.).

    Zoho platform is founded in 1996.

    "Zoho maintains a long-running repertoire of end-to-end software solutions for business development purposes. In addition to its flagship CRM product, the company also offers Zoho Campaigns, which is an email marketing software platform that enables contextually driven marketing techniques via dynamic personalization, email interactivity, A/B testing, etc. For organizations that already maintain a deep imprint of Zoho solutions, Zoho Campaigns will be a natural extension to their immediate software environment.

    Zoho Campaigns is a great ecosystem play in environments that have a material Zoho footprint. In the absence of an existing Zoho environment, it's prudent to consider other affordable products as well."
    Yaz Palanichamy
    Senior Research Analyst, Info-Tech Research Group

    Free Version

    Standard

    Professional

    • Starts at $0*
    • Per user/month billed annually
    • Up to 2,000 contacts
    • 6,000 emails/month
    • Starts at $3.75*
    • Per user/month billed annually
    • Up to 100,000 contacts
    • Advanced email templates
    • SMS marketing
    • Starts at $6*
    • Per user/month billed annually
    • Advanced segmentation
    • Dynamic content

    *Pricing correct as of October 2022. Listed in USD and absent discounts.

    See pricing on vendor's website for latest information.

    Leverage Info-Tech's research to plan and execute your MMS implementation

    Use Info-Tech's three-phase implementation process to guide your planning:

    1. Assess

    2. Prepare

    3. Govern & Course Correct

    Download Info-Tech's Governance and Management of Enterprise Software Implementation
    Establish and execute an end-to-end, agile framework to succeed with the implementation of a major enterprise application.

    Ensure your implementation team has a high degree of trust and communication

    If external partners are needed, dedicate an internal resource to managing the vendor and partner relationships.

    Communication

    Teams must have some type of communication strategy. This can be broken into:

    • Regularity: Having a set time each day to communicate progress and a set day to conduct retrospectives.
    • Ceremonies: Injecting awards and continually emphasizing delivery of value to encourage relationship building and constructive motivation.
    • Escalation: Voicing any concerns and having someone responsible for addressing them.

    Proximity

    Distributed teams create complexity as communication can break down. This can be mitigated by:

    • Location: Placing teams in proximity to eliminate the barrier of geographical distance and time zone differences.
    • Inclusion: Making a deliberate attempt to pull remote team members into discussions and ceremonies.
    • Communication Tools: Having the right technology (e.g. video conference) to help bring teams closer together virtually.

    Trust

    Members should trust other members are contributing to the project and completing their required tasks on time. Trust can be developed and maintained by:

    • Accountability: Having frequent quality reviews and feedback sessions. As work becomes more transparent, people become more accountable.
    • Role Clarity: Having a clear definition of what everyone's role is.

    Selecting a right-sized MMS platform

    This selection guide allows organizations to execute a structured methodology for picking an MMS platform that aligns with their needs. This includes:

    • Alignment and prioritization of key business and technology drivers for an MMS selection business case.
    • Identification of key use cases and requirements for a right-sized MMS platform.
    • A comprehensive market scan of key players in the MMS market space.

    This formal MMS selection initiative will drive business-IT alignment, identify pivotal sales and marketing automation priorities, and thereby allow for the rollout of a streamlined MMS platform that is highly likely to satisfy all stakeholder needs.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    contact your account representative for more information

    workshops@infotech.com

    1-888-670-8889

    Summary of accomplishment

    Knowledge Gained

    • What marketing management is
    • Historical origins of marketing management
    • The future of marketing management
    • Key trends in marketing management suites

    Processes Optimized

    • Requirements gathering
    • RFPs and contract reviews
    • Marketing management suite vendor selection
    • Marketing management platform implementation

    Marketing Management

    • Adobe Experience Cloud
    • Microsoft Dynamics 365 for Marketing
    • HubSpot Marketing Hub
    • Maropost Marketing Cloud
    • Oracle Marketing Cloud

    Vendors Analyzed

    • Salesforce Marketing Cloud
    • SAP
    • Sugar Market
    • Zoho Campaigns

    Related Info-Tech Research

    Select a Marketing Management Suite

    Many organizations struggle with taking a systematic approach to selection that pairs functional requirements with specific marketing workflows, and as a result they choose a marketing management suite (MMS) that is not well aligned to their needs, wasting resources and causing end-user frustration.

    Get the Most Out of Your CRM

    Customer relationship management (CRM) application portfolios are often messy,
    with multiple integration points, distributed data, and limited ongoing end-user training. A properly optimized CRM ecosystem will reduce costs and increase productivity.

    Customer Relationship Management Platform Selection Guide

    Speed up the process to build your business case and select your CRM solution. Despite the importance of CRM selection and implementation, many organizations struggle to define an approach to picking the right vendor and rolling out the solution in an effective and cost-efficient manner.

    Bibliography

    "16 Biggest Tech Acquisitions in History." The Economic Times, 28 July 2016. Web.
    "Adobe Acquires Demdex – Brings Audience Optimization to $109 Billion Global Online Ad Market." Adobe News, 18 Jan 2011. Accessed Nov 2022.
    "Adobe Company History Timeline." Zippia, 9 Sept 2022. Accessed Nov 2022.
    "Adobe to acquire Magento for $1.68B." TechCrunch, 21 May 2018. Accessed Dec 2022.
    Anderson, Meghan Keaney. "HubSpot Launches European Headquarters." HubSpot Company News, 3 Mar 2013.
    Arenas-Gaitán, Jorge, et al. "Complexity of Understanding Consumer Behavior from the Marketing Perspective." Journal of Complexity, vol. 2019, 8 Jan 2019. Accessed Sept 2022.
    Bureau of Labor Statistics. "Advertising, Promotions, and Marketing Managers." Occupational Outlook Handbook. U.S. Department of Labor, 8 Sept 2022. Accessed 1 Nov 2022.
    "Campaigns." Marketing Hub, HubSpot, n.d. Web.
    Conklin, Bob. "Adobe report reveals best marketing practices for B2B growth in 2023 and beyond." Adobe Experience Cloud Blog, 23 Sept 2022. Web.
    "Consumer Behavior Stats 2021: The Post-Pandemic Shift in Online Shopping Habit" Nosto.com, 7 April 2022. Accessed Oct 2022.
    "Data Collection Overview." Experience League, Adobe.com, n.d. Accessed Dec 2022.
    Duduskar, Avinash. "Interview with Tony Chen, CEO at Channel Factory." MarTech Series, 16 June 2017. Accessed Nov 2022.
    "Enhanced Release of SAP Digital for Customer Engagement Helps Anyone Go Beyond CRM." SAP News, 8 Dec. 2015. Press release.
    Fang, Mingyu. "A Deep Dive into Gucci's Metaverse Practice." Medium.com, 27 Feb 2022. Accessed Oct 2022.
    Flanagan, Ellie. "HubSpot Launches Marketing Hub Starter to Give Growing Businesses the Tools They Need to Start Marketing Right." HubSpot Company News, 17 July 2018. Web.
    Fleishman, Hannah. "HubStop Announces Pricing of Initial Public Offering." HubSpot Company News, 8 Oct. 204. Web.
    Fluckinger, Don. "Adobe to acquire Workfront for $1.5 billion." TechTarget, 10 Nov 2020. Accessed Nov 2022.
    Fluckinger, Don. "Microsoft Dynamics 365 adds customer journey orchestration." TechTarget, 2 March 2021. Accessed Nov 2022.
    Green Marketing: Explore the Strategy of Green Marketing." Marketing Schools, 19 Nov 2020. Accessed Oct 2022.
    Ha, Anthony. "Oracle Announces Its Cross-Platform Marketing Cloud." TechCrunch, 30 April 2014. Web.
    Heyd, Kathrin. "Partners Welcome – SAP Customer Engagement Initiative 2022-2 is open for your registration(s)!" SAP Community Blog, 21 June 2022. Accessed Nov 2022.
    HubSpot. "Our Story." HubSpot, n.d. Web.
    Jackson, Felicia. "Salesforce Tackles Net Zero Credibility As It Adds Sustainability As A Fifth Core Value." Forbes, 16 Feb. 2022. Web.
    Kolakowski, Nick. "Salesforce CEO Marc Benioff Talks Social Future." Dice, 19 Sept. 2012. Web.
    Lardinois, Frederic. "Microsoft's Q4 earnings beat Street with $22.6B in revenue, $0.69 EPS." TechCrunch, 19 July 2016. Web.
    Levine, Barry. "G2 Crowd report finds the two email marketing tools with the highest user satisfaction." Venture Beat, 30 July 2015. Accessed Nov 2022.
    Looking Back, Moving Forward: The Evolution of Maropost for Marketing." Maropost Blog, 21 May 2019. Accessed Oct 2022.
    Maher, Sarah. "What's new with HubSpot? Inbound 2022 Feature Releases." Six & Flow, 9 July 2022. Accessed Oct 2022.
    Marketing Automation Provider, Salesfusion, Continues to Help Marketers Achieve Their Goals With Enhanced User Interface and Powerful Email Designer Updates." Yahoo Finance, 10 Dec 2013. Accessed Oct 2022.
    "Maropost Acquires Retail Express for $55 Million+ as it Continues to Dominate the Global Commerce Space." Marapost Newsroom, PRWire.com, 19 Jan 2022. Accessed Nov 2022.
    McDowell, Maghan. "Inside Gucci and Roblox's new virtual world." Vogue Business, 17 May 2021. Web.
    Miller, Ron. "Adobe and Microsoft expand partnership with Adobe Experience Manager and Dynamics 265 Integration." TechCrunch, 3 Nov 2017. Accessed Nov 2022.
    Miller, Ron. "Adobe to acquire Magento for $1.68B" TechCrunch, 21 May 2018. Accessed Nov 2022.
    Miller, Ron. "SAP continues to build out customer experience business with Emarys acquisition." TechCrunch, 1 Oct. 2020. Web.
    Miller, Ron. "SugarCRM moves into marketing automation with Salesfusion acquisition." TechCrunch, 16 May 2019.
    Novet, Jordan. "Adobe confirms it's buying Marketo for $4.75 billion." CNBC, 20 Sept 2018. Accessed Dec 2022.
    "Oracle Corp." Encyclopedia.com, n.d. Web.
    Phillips, James. "April 2019 Release launches with new AI, mixed reality, and 350+ feature updates." Microsoft Dynamics 365 Blog. Microsoft, 2 April 2019. Web.
    S., Aravindhan. "Announcing an important update to Zoho CRM-Zoho Campaigns integration." Zoho Campaigns Community Learning, Zoho, 1 Dec. 2021. Web.
    Salesforce. "The History of Salesforce." Salesforce, 19 March 2020. Web.
    "Salesfusion Integrates With NetSuite CRM to Simplify Sales and Marketing Alignment" GlobeNewswire, 6 May 2016. Accessed Oct 2022. Press release.
    "Salesfusion Integrates With NetSuite CRM to Simplify Sales and Marketing Alignment." Marketwired, 6 May 2016. Web.
    "Salesfusion is Now Sugar Market: The Customer FAQ." SugarCRM Blog, 31 July 2019. Web.
    "Salesfusion's Marketing Automation Platform Drives Awareness and ROI for Education Technology Provider" GlobeNewswire, 25 June 2015. Accessed Nov 2022. Press release.
    SAP. "SAP History." SAP, n.d. Web.
    "State of Marketing." 5th Edition, Salesforce, 15 Jan 2019. Accessed Oct 2022.
    "Success selects Maropost Marketing Cloud for Marketing Automation." Apps Run The World, 10 Jan 2015. Accessed Nov 2022.
    "SugarCRM Acquires SaaS Marketing Automation Innovator Salesfusion." SugarCRM, 16 May 2019. Press release.
    Sundaram, Vijay. "Introducing Zoho One." Zoho Blog, 25 July 2017. Web.
    "The State of MarTech: Is you MarTech stack working for you?" American Marketing Association, 29 Nov 2021. Accessed Oct 2022.
    "Top Marketing Automation Statistics for 2022." Oracle, 15 Jan 2022. Accessed Oct 2022.
    Trefis Team. "Oracle Energizes Its Marketing Cloud With New Features." Forbes, 7 April 2015. Accessed Oct 2022.
    Vivek, Kumar, et al. "Microsoft Dynamics 365 Customer Engagement (on-premises) Help, version 9.x." Learn Dynamics 365, Microsoft, 9 Jan 2023. Web.
    "What's new with HubSpot? Inbound 2022 feature releases" Six and Flow, 9 July 2022. Accessed Nov 2022.
    Widman, Jeff. "Salesforce.com Launches The Service Cloud,, A Customer Service SaaS Application." TechCrunch, 15 Jan. 2009. Web.
    "Zoho History." Zippia, n.d. Web.
    "Zoho Launches Zoho Campaigns." Business Wire, 14 Aug. 2012. Press release.
    Zoho. "About Us." Zoho, n.d. Web.

    Need hands-on assistance?

    Engage Info-Tech for a Software Selection Workshop!

    40 Hours of Advisory Assistance Delivered On-Line or In-Person

    Select Better Software, Faster.

    40 Hours of Expert Analyst Guidance
    Project & Stakeholder Management Assistance
    Save money, align stakeholders, Speed up the process & make better decisions.
    Better, faster results, guaranteed, $25K standard engagement fee

    This is an image of the plan for five advisory calls over a five week period.

    CLICK HERE to book your Workshop Engagement

    Build a Roadmap for Service Management Agility

    • Buy Link or Shortcode: {j2store}280|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Service Management
    • Parent Category Link: /service-management
    • Business is moving faster than ever and IT is getting more demands at a faster pace.
    • Many IT organizations have traditional structures and approaches that have served them well in the past. However, these frameworks and approaches alone are no longer sufficient for today’s challenges and rapidly changing environment.
    • The inability to adaptively design and deliver services as requirements change has led to diminishing service quality and an increase in shadow IT.

    Our Advice

    Critical Insight

    • Being Agile is a mindset. It is not meant to be prescriptive, but to encourage you to leverage the best approaches, frameworks, and tools to meet your needs and get the job done now.
    • The goal of service management is to enable and drive value for the business. Service management practices have to be flexible and adaptable enough to manage and deliver the right service value at the right time at the right level of quality.

    Impact and Result

    • Understand Agile principles, how they align with service management principles, and what the optimal states for agility look like.
    • Use Info-Tech’s advice and tools to perform an assessment of your organization’s state of agility, identify the gaps, and create a custom roadmap to incorporate agility into your service management practice.
    • Increase business satisfaction. The ultimate outcome of having agility in your service delivery is satisfied customers.

    Build a Roadmap for Service Management Agility Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should create a roadmap for service management agility, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Understand the optimal state for agility

    Understand the components of agility and what the optimal states are for service management agility.

    • Build a Roadmap for Service Management Agility – Phase 1: Understand the Optimal States for Agility

    2. Assess your current state of agility

    Determine the current state of agility in the service management practice.

    • Build a Roadmap for Service Management Agility – Phase 2: Assess Your Current State of Agility
    • Service Management Agility Assessment Tool

    3. Build the roadmap

    Create a roadmap for service management agility and present it to key stakeholders to obtain their support.

    • Build a Roadmap for Service Management Agility – Phase 3: Build the Roadmap for Service Management Agility
    • Service Management Agility Roadmap Template
    • Building Agility Into Our Service Management Practice Stakeholders Presentation Template
    [infographic]

    Workshop: Build a Roadmap for Service Management Agility

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define the Optimal States for Agility in Service Management

    The Purpose

    Understand agility and how it can complement service management.

    Understand how the components of culture, structure, processes, and resources enable agility in service management.

    Key Benefits Achieved

    Clear understanding of Agile principles.

    Identifying opportunities for agility.

    Understanding of how Agile principles align with service management.

    Activities

    1.1 Understand agility.

    1.2 Understand how Agile methodologies can complement service management through culture, structure, processes, and resources.

    Outputs

    Summary of Agile principles.

    Summary of optimal components in culture, structure, processes, and resources that enable agility.

    2 Assess Your Current State of Agility in Service Management

    The Purpose

    Assess your current organizational agility with respect to culture, structure, processes, and resources.

    Identify your agility strengths and weaknesses with the agility score.

    Key Benefits Achieved

    Understand your organization’s current enablers and constraints for agility.

    Have metrics to identify strengths or weaknesses in culture, structure, processes, and resources.

    Activities

    2.1 Complete an agility assessment.

    Outputs

    Assessment score of current state of agility.

    3 Build the Roadmap for Service Management Agility

    The Purpose

    Determine the gaps between the current and optimal states for agility.

    Create a roadmap for service management agility.

    Create a stakeholders presentation.

    Key Benefits Achieved

    Have a completed custom roadmap that will help build sustainable agility into your service management practice.

    Present the roadmap to key stakeholders to communicate your plans and get organizational buy-in.

    Activities

    3.1 Create a custom roadmap for service management agility.

    3.2 Create a stakeholders presentation on service management agility.

    Outputs

    Completed roadmap for service management agility.

    Completed stakeholders presentation on service management agility.

    External audit company

    External IT audit of your company

    Based on experience
    Implementable advice
    human-based and people-oriented

    Do you seek an external expert to help you prepare for a thorough IT audit of your company? Tymans Group serves as a consulting company with extensive expertise in helping small and medium enterprises. Read on and learn more about how our consulting firm can help your company with an external IT audit.

    Why should you organize an external IT audit of your company?

    Regularly preparing for an IT audit of your company with the help of of an experienced consultancy company like Tymans Group is a great way to discover any weaknesses within your IT and data security management systems, as well as your applications and data architecture, before the real audits by your regulator happen After all, you can only tackle any possible issues when you know their exact nature and origin. Additionally, the sooner you are aware of any security threats in your company thanks to an external audit, the smaller the chances outside forces will be able to take advantage of these threats to harm your business.

    Security and risk management

    Our security and risk services

    Security strategy

    Security Strategy

    Embed security thinking through aligning your security strategy to business goals and values

    Read more

    Disaster Recovery Planning

    Disaster Recovery Planning

    Create a disaster recovey plan that is right for your company

    Read more

    Risk Management

    Risk Management

    Build your right-sized IT Risk Management Program

    Read more

    Check out all our services

    Receive practical solutions when using our guides to prepare you for an external audit.

    If you hire our consultancy firm to prepare for an external IT audit in your firm, our guides will allow you to thoroughly analyze your systems and protocols to discover flaws and threats. Based on this analysis, your firm will receive concrete advice and practical solutions on dealing with the findings of in advance of an external audit. Besides identifying threats, the findings of will also offer your business insights in possible optimizations and processes which could benefit from automation. As such, you benefit from our consultancy company’s extensive experience in corporate security management and IT.

    Book an appointment with our consultancy company to get ahead of an external audit.

    If you hire our consulting company to help you prepare for an IT audit of your firm, you will receive guides that enable you to make a critical analysis of your IT security, as well as practical solutions based on our holistic approach. We are happy to tell you more about our services for small and medium business and to offer insights into any issues you may be facing. Our help is available offline and online, through one-hour talks with our expert Gert Taeymans. Contact us to set up an appointment online or on-site now.

    Continue reading

    Select a Marketing Management Suite

    • Buy Link or Shortcode: {j2store}533|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $6,560 Average $ Saved
    • member rating average days saved: 50 Average Days Saved
    • Parent Category Name: Customer Relationship Management
    • Parent Category Link: /customer-relationship-management
    • Time, money, and effort are wasted on channels and campaigns that are not resonating with your customer base.
    • Email marketing, social marketing, and/or lead management alone are often not enough to meet more sophisticated marketing needs.
    • Many organizations struggle with taking a systematic approach to selection that pairs functional requirements with specific marketing workflows, and as a result they choose a marketing management suite (MMS) that is not well aligned to their needs, wasting resources and causing end-user frustration.
    • For IT managers or marketing professionals, the task to incorporate MMS technology into the organization requires not only receiving the buy-in for the MMS investment but also determining the vendor and solution that best fit the organization’s particular marketing management needs.

    Our Advice

    Critical Insight

    • An MMS enables complex campaigns across many channels, product lines, customer segments, and marketing groups throughout the enterprise.
    • Selecting an MMS has become increasingly difficult because the number of players in the marketplace has ballooned. Moreover, picking the wrong marketing solution has a direct impact on revenue.
    • Determine whether the investment in an MMS is worthwhile or the funds are better allocated elsewhere. For organizations with a large audience or varied product offerings, an MMS enables complex campaigns across many channels, product lines, customer segments, and marketing groups throughout the enterprise.

    Impact and Result

    • Maximize your success and credibility with a proposal that emphasizes the areas relevant to your situation.
    • Perform more effective customer targeting and campaign management. Having an MMS equips marketers with the tools they need to make informed decisions around campaign execution, resulting in better targeting, acquisition, and customer retention. This means more revenue.
    • Maximize marketing impact with analytics-based decision making. Understanding users’/customers’ behaviors and preferences will allow you to run effective marketing initiatives.

    Select a Marketing Management Suite Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how to approach selecting an MMS, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Launch the MMS project and collect requirements

    Assess the organization’s fit for MMS technology and structure the MMS selection project.

    • Select a Marketing Management Suite – Phase 1: Launch the MMS Project and Collect Requirements
    • MMS Readiness Assessment Checklist

    2. Shortlist marketing management suites

    Produce a vendor shortlist for your MMS.

    • Select a Marketing Management Suite – Phase 2: Shortlist Marketing Management Suites

    3. Select vendor and communicate decision to stakeholders

    Evaluate RFPs, conduct vendor demonstrations, and select an MMS.

    • Select a Marketing Management Suite – Phase 3: Select Vendor and Communicate Decision to Stakeholders
    • MMS Requirements Picklist Tool
    • MMS Request for Proposal Template
    • MMS Vendor Demo Script
    • MMS Selection Executive Presentation Template
    [infographic]

    Workshop: Select a Marketing Management Suite

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Launch the MMS Project and Collect Requirements

    The Purpose

    Determine a “right-size” approach to marketing enablement applications.

    Key Benefits Achieved

    Confirmation of the goals, objectives, and direction of the organization is marketing application strategy.

    Activities

    1.1 Assess the value and identify the organization’s fit for MMS technology.

    1.2 Understand the art of the possible.

    1.3 Understand CXM strategy and identify your fit for MMS technology.

    1.4 Build procurement team and project customer experience management (CXM) strategy.

    1.5 Identify your MMS requirements.

    Outputs

    Project team list.

    Preliminary requirements list.

    2 Shortlist Marketing Management Suites

    The Purpose

    Enumerate relevant marketing management suites and point solutions.

    Key Benefits Achieved

    List of marketing enablement applications based on requirements articulated in the preliminary requirements list strategy.

    Activities

    2.1 Identify relevant use cases.

    2.2 Discuss the vendor landscape.

    Outputs

    Vendor shortlist.

    3 Select Vendor and Communicate Decision to Stakeholders

    The Purpose

    Develop a rationale for selecting a specific MMS vendor.

    Key Benefits Achieved

    MMS Vendor decision.

    A template to communicate the decision to executives.

    Activities

    3.1 Create a procurement strategy.

    3.2 Discuss the executive presentation.

    3.3 Plan the procurement process.

    Outputs

    Executive/stakeholder PowerPoint presentation.

    Selection of an MMS.

    Further reading

    Select a Marketing Management Suite

    A best-fit solution balances needs, cost, and capability.

    Table of contents

    1. Project Rationale
    2. Execute the Project/DIY Guide
    3. Appendices

    ANALYST PERSPECTIVE

    Navigate the complexity of a vast ecosystem by taking a structured approach to marketing management suite (MMS) selection.

    Marketing applications are in high demand, but it is difficult to select a suite that is right for your organization. Market offerings have grown from 50 vendors to over 800 in the past five years. Much of the process of identifying an appropriate vendor is not about the vendor at all, but rather about having a comprehensive understanding of internal needs. There are instances where a smaller-point solution is necessary to satisfy requirements and a full marketing management suite is an overinvestment.

    Likewise, a partner with differentiating features such as AI-driven workflows and a mobile software development kit can act as a powerful extension of an overall customer experience management strategy. It is crucial to make the right decision; missing the mark on an MMS selection will have a direct impact on the business’ bottom line.

    Ben Dickie
    Research Director, Enterprise Applications
    Info-Tech Research Group

    Phase milestones

    Launch the MMS Project and Collect Requirements — Phase 1

    • Understand the MMS market space.
    • Assess organizational and project readiness for MMS selection.
    • Structure your MMS selection and implementation project by refining your MMS roadmap.
    • Align organizational use-case fit with market use cases.
    • Collect, prioritize, and document MMS requirements.

    Shortlist MMS Tool — Phase 2

    • Review MMS market leaders and players within your aligned use case.
    • Review MMS vendor profiles and capabilities.
    • Shortlist MMS vendors based on organizational fit.

    Select an MMS — Phase 3

    • Submit request for proposal (RFP) to shortlisted vendors.
    • Evaluate vendor responses and develop vendor demonstration scripts.
    • Score vendor demonstrations and select the final product.

    Stop! Are you ready for this project?

    This Research Is Designed For:
    • IT applications directors and business analysts supporting their marketing teams in selecting and implementing a robust marketing solution.
    • Any organization looking to procure an MMS tool that will allow it to automate its marketing processes or learn more about the MMS vendor landscape.
    This Research Will Help You:
    • Understand today’s MMS market, specific to marketing automation, marketing intelligence, and social marketing use-case scenarios.
    • Understand MMS functionality as well as marketing terminology.
    • Follow best practices to prepare for and execute on selection, including requirements gathering and vendor evaluation.
    This Research Will Also Assist:
    • Marketing managers, brand managers, and any marketing professional looking to build a cohesive marketing platform.
    • MMS project teams or working groups tasked with managing an RFP process for vendor selection.
    This Research Will Help Them
    • Assess organizational and project readiness for embarking on MMS selection.
    • Draft an RFP, manage the vendor and product review process, and select a vendor.

    Executive summary

    Situation

    The MMS market is a landscape of vendors offering campaign management, multichannel support, analytics, and publishing tools. Many vendors specialize in some of these areas but not all. Sometimes multiple products are necessary – but determining which feature sets the organization truly needs can be a challenging task. The right technology stack is critical in order to bring automation to marketing initiatives.

    Complication

    • The first challenge is deciding whether to implement a full marketing suite or a point solution.
    • The number of marketing suites and point solutions has increased from 50 to more than 800 just in the past five years.
    • IT is receiving a growing number of marketing analytics requests and must be prepared to speak intelligently about marketing management vendor selection.

    Resolution

    • Leverage Info-Tech’s comprehensive three-phase approach to MMS selection projects: assess your organization’s preparedness to go into the selection stage, move through technology selection, and present decisions to stakeholders.
    • Conduct an MMS project preparedness assessment to ensure you maximize the value of your time, effort, and spend.
    • Determine whether your organization’s needs will best be met by a marketing management suite or a point solution.
    • Determine which use case your organization fits into and review the relevant vendor landscape, common capability, and areas of product differentiation. Consult Info-Tech’s market analysis to shortlist vendors for your RFP process.
    • Take advantage of traceable and auditable selection tools to run an effective evaluation and selection process. Be prepared to answer the retroactive question “Why this MMS?” with documentation of your selection process and outputs.

    Info-Tech Insight

    1. The new MMS market. Selecting a marketing management solution has become increasingly difficult, with the number of players in the marketplace ballooning to meet buyer demand.
    2. Direct translation to revenue. Picking the wrong marketing solution has a direct impact on the bottom line. However, the right MMS can lead to a 7.3x greater year-over-year increase in annual revenue.
    3. Don’t buy best-of-breed; buy best-for-you. Base your vendor selection on your requirements and use case, not on the vendor’s overall performance.

    MMS is a key piece of the CRM puzzle

    In order to optimize cross-sell opportunities and marketing effectiveness, there needs to be a master customer database, which belongs in the customer relationship management (CRM) suite.

    When it comes to marketing automation capabilities, using CRM is like building a car from a kit. All the parts are there, but you need the time and skill to put it all together. Using marketing automation is like buying the car you want or need, with all the features you want already installed and some gas in the tank, ready to drive. In either case, you still need to know how to drive and where you want to go.” (Mac McIntosh, Marketo Inc.) 'CRM' surrounded by its components with 'MMS' highlighted. A master database – the central place where all up-to-the-minute data on a customer profile is stored – is essential for MMS success. This is particularly true for real-time capability effectiveness and to minimize customer fatigue.

    Understand what an MMS can do for you

    Take time to learn the capabilities of modern marketing applications. Understanding the “art of the possible” will help you to get the most out of your MMS.

    MMS helps marketers in two primary ways:
    1. It allows them to efficiently execute and manage campaigns across dozens of channels and products.
    2. It allows them to analyze the outcomes of campaigns.
    Marketing suites accomplish these tasks by:
    • Leveraging workflow automation to reduce the amount of time spent creating marketing campaigns
    • Using internal or third-party data to increase conversion effectiveness from customer databases across the organization
    A strong MMS provides marketers with the data they need for actionable insights about their customers.
    A marketing automation solution delivers essentially all the benefits of an email marketing solution along with integrated capabilities that would otherwise need to be cobbled together using various standalone technologies.” (Marketo Inc.)

    Review Info-Tech’s vendor profiles of the MMS market to identify vendors that meet your requirements

    Logos of multiple vendors including 'Hubspot', 'IBM', 'Salesforce marketing cloud', etc.

    Use Info-Tech’s MMS implementation methodology as a starting point for your organization’s MMS selection

    Info-Tech’s implementation methodology is not a step-by-step approach to vendor selection, but rather it highlights the pertinent considerations for MMS selection at each of the five steps outlined below.

    1

    2

    3

    4

    5

    Establish Resources Gather Requirements Write and Assemble RFP Exercise Due Diligence Evaluate Candidate Solutions
    • Determine work initiative dependencies and project milestones.
    • Establish the project timeline.
    • Designate project resources.
    • Prioritize rollout of functionality.
    • Link business goals with the MMS selection project.
    • Determine user roles and profiles.
    • Conduct stakeholder interviews.
    • Build communication and change management plan.
    • Draft an RFP.
    • Make a plan for soliciting feedback and publishing the RFP.
    • Customize a vendor demo script and scorecard.
    • Conduct vendor demos.
    • Speak with vendor references.
    • Evaluate nonfunctional requirements.
    • Understand upgrade schedules.
    • Define a vendor evaluation framework.
    • Prepare the final evaluation.
    • Prepare a presentation for management.

    Contact your account representative or email Workshops@InfoTech.com for more information.

    Professional services provider engages Info-Tech to guide it through its MMS selection journey

    CASE STUDY

    Industry: Professional Services | Source: Info-Tech Consulting

    Challenge

    A large professional services firm specializing in knowledge development was looking to modernize an outdated marketing services stack.

    Previous investments in marketing tools ranging from email automation to marketing analytics led to system fragmentation. As a result, there was no 360-degree overview of marketing operations and no way to run campaigns at scale.

    To satisfy the organization’s aspirations, a comprehensive marketing management suite had to be selected that met needs for the foreseeable future.

    Solution

    The Info-Tech consulting team was brought in to assist in the MMS selection process.

    After meeting with several stakeholders, MMS requirements were developed and weighted. An RFP was then created from these requirements.

    Following a market scan, four vendors were selected to complete the organization’s RFP. Demonstration scripts were then developed as the RFPs were completed by vendors.

    Shortlisted vendors progressed to the demonstration phase.

    Results

    Vendor scorecards were utilized during the two-day demonstrations with the core project team to score each vendor.

    During the scoring process the team also identified the need to replace the organization’s core customer repository (a legacy CRM).

    The decision was made to select a CRM before finalizing the MMS selection. Doing so ensured uniform system architecture and strong interoperability between the firm’s MMS and its CRM.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Select a Marketing Management Suite – project overview

    1. Launch the MMS Project and Collect Requirements 2. Shortlist Marketing Management Suites 3. Select Vendor and Communicate Decision to Stakeholders
    Supporting Tool icon

    Best-Practice Toolkit

    1.1 Assess the value and identify your organization’s fit for MMS technology.

    1.2 Build your procurement team and project customer experience management (CXM) strategy.

    1.3 Identify your MMS requirements.

    2.1 Produce your shortlist

    3.1 Select your MMS

    3.2 Present selection

    Guided Implementations

    • Understand CXM strategy and identify your fit for MMS technology.
    • Identify staffing needs.
    • Plan requirements gathering steps.
    • Discuss use-case fit assessment results.
    • Discuss vendor landscape.
    • Create a procurement strategy.
    • Discuss executive presentation.
    • Conduct a proposal review.
    Associated Activity icon

    Onsite Workshop

    Module 1:
    Launch Your MMS Selection Project
    Module 2:
    Analyze MMS Requirements and Shortlist Vendors
    Module 3:
    Plan Your Procurement Process
    Phase 1 Outcome:
    • Launch of MMS selection project
    Phase 2 Outcome:
    • Shortlist of vendors
    Phase 3 Outcome:
    • Selection of MMS

    Use these icons to help direct you as you navigate this research

    Use these icons to help guide you through each step of the blueprint and direct you to content related to the recommended activities.

    A small monochrome icon of a wrench and screwdriver creating an X.

    This icon denotes a slide where a supporting Info-Tech tool or template will help you perform the activity or step associated with the slide. Refer to the supporting tool or template to get the best results and proceed to the next step of the project.

    A small monochrome icon depicting a person in front of a blank slide.

    This icon denotes a slide with an associated activity. The activity can be performed either as part of your project or with the support of Info-Tech team members who will come onsite to facilitate a workshop for your organization.

    A small monochrome icon depicting a descending bar graph.

    This icon denotes a slide that pertains directly to the Info-Tech vendor profiles on marketing management technology. Use these slides to support and guide your evaluation of the MMS vendors included in the research.

    Select a Marketing Management Suite

    PHASE 1

    Launch the MMS Project and Collect Requirements

    Phase 1 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 1: Launch Your MMS Project and Collect Requirements

    Proposed Time to Completion: 3 weeks
    Step 1.2: Structure the Project Step 1.3: Gather Requirements
    Start with an analyst kick-off call:
    • Review readiness requirements for an MMS project.
    • Understand the work initiatives involved in MMS selection.
    Review findings with analyst:
    • Determine use case based on your organizational alignment.
    • Discuss core MMS requirements.
    Then complete these activities…
    • Conduct an organizational MMS readiness assessment.
    Then complete these activities…
    • Identify best-fit use case.
    • Elicit, capture, and prioritize requirements.
    With these tools & templates:
    • MMS Readiness Assessment Checklist
    With these tools & templates:
    • MMS Requirements Picklist Tool
    Phase 1 Results:
    • Completed readiness assessment.
    • Refined project plan to incorporate selection and implementation.

    Phase 1 milestones

    Launch the MMS Project and Collect Requirements — Phase 1

    • Understand the MMS market space.
    • Assess organizational and project readiness for MMS selection.
    • Structure your MMS selection and implementation project by refining your MMS roadmap.
    • Align organizational use-case fit with market use cases.
    • Collect, prioritize, and document MMS requirements.

    Shortlist MMS Tool — Phase 2

    • Review MMS market leaders and players within your aligned use case.
    • Review MMS vendor profiles and capabilities.
    • Shortlist MMS vendors based on organizational fit.

    Select an MMS — Phase 3

    • Submit request for proposal (RFP) to shortlisted vendors.
    • Evaluate vendor responses and develop vendor demonstration scripts.
    • Score vendor demonstrations and select the final product.

    Step 1.1: Understand the MMS market

    1.1

    1.2

    1.3

    Understand the MMS Market Structure the Project Gather MMS Requirements

    This step will walk you through the following activities:

    • MMS market overview

    This step involves the following participants:

    • Project team
    • Project manager
    • Project sponsor

    Outcomes of this step

    • An understanding of the evolution of the MMS market space and how it helps today’s organizations.
    • An evaluation of new and upcoming trends sought by MMS clients.
    • Verification of whether an MMS is a fit with your organization.

    Speak the same language as the marketing department to deliver the most business value

    Marketing Management Suite Glossary

    Analytics The practice of measuring marketing performance to improve return on investment (ROI). It is often carried out through the visualization of meaningful patterns in data as a result of marketing initiatives.
    Channels The different places where marketers can reach customers (e.g. social media, print mail, television).
    Click-through rate The percentage of individuals who proceed (click-through) from one part of a marketing campaign to the next.
    Content management Curating, creating, editing, and keeping track of content and client-facing assets.
    Customer relationship management (CRM) A core enterprise application that provides a broad feature set for supporting customer interaction processes. The CRM frequently serves as a core customer data repository.
    Customer experience management (CXM) The holistic management of customer interaction processes across marketing, sales, and customer service to create valuable, mutually beneficial customer experiences.
    Engagement rate A social media metric used to describe the amount of likes, comments, shares, etc., that a piece of content receives.
    Lead An individual or organization who has shown interest in the product or service being marketed.
    Omnichannel The portfolio of interaction channels you use.

    MMS is a key piece of the customer experience ecosystem

    Within the broader CXM ecosystem, an MMS typically lives within the CRM platform. Interfacing with the CRM’s master customer database allows an MMS to optimize cross-sell opportunities and marketing effectiveness.

    A master database – the central place where all up-to-the-minute data on a customer profile is stored – is essential for MMS success. This is particularly true for real-time capability effectiveness and to minimize customer fatigue.

    If you have customer records in multiple places, you risk missing customer opportunities and potentially upsetting clients. For example, if a client has communicated preferences or disinterest through one channel, and this is not effectively recorded throughout the organization, another representative is likely to contact them in the same method again – possibly alienating the customer for good.

    A master database requires automatic synchronization with all point solutions, POS, billing systems, agencies, etc. If you don’t have up-to-the-minute information, you can’t score prospects effectively and you lose out on the benefits of the MMS.

    'CRM' surrounded by its components with 'MMS' highlighted.
    Focus on the fundamentals before proceeding. Secure organizational readiness to reduce project risk using Info-Tech’s Build a Strong Technology Foundation for CXM and Select and Implement a CRM Platform blueprints.

    Understanding the “art of the possible”

    The world of marketing technology changes rapidly! Understand how modern marketing management suites are used in most organizations.

    An MMS helps marketers in two primary ways:

    1. It allows them to efficiently execute and manage campaigns across dozens of channels and products.
    2. It allows them to analyze the outcomes of campaigns.

    Marketing suites accomplish these tasks by:

    • Leveraging workflow automation to reduce the amount of time spent creating marketing campaigns.
    • Using internal or third-party data to increase conversion effectiveness from customer databases across the organization.

    A strong MMS provides marketers with the data they need for actionable insights about their customers.

    A marketing automation solution delivers essentially all the benefits of an email marketing solution along with integrated capabilities that would otherwise need to be cobbled together using various standalone technologies.” (Marketo Inc.)

    Inform your way of thinking by understanding the capabilities of modern marketing applications.

    A tree with icons related to knowledge.

    Expect the marketing department to drive suite adoption, but don’t count out the benefits MMS will also provide to IT

    MMS adoption is driven by the need for better campaign execution and marketing intelligence. MMS technologies are adopted to create faster, easier, more intelligent, and more measurable campaigns and make managing complex channels easy and repeatable.

    Top Drivers for Adopting Marketing Management Technologies

    Bar chart of top drivers for adopting marketing management technology. The first four bars are highlighted and the largest, they are labelled 'Campaign Measurement & Effectiveness', 'Execute Multi-channel Campaigns', 'Shorten Marketing Campaign Cycle', and 'Reduce Manual Campaign Creation'.
    (Source: Info-Tech Research Group; N=23)

    The key drivers for MMS are business-related, not IT-related. However, this does not mean that there are no benefits to IT. In fact, the IT department will see numerous benefits, including time and resource savings. Further, not having an MMS creates more work for your IT department. IT must serve as a valued partner for selection and implementation.

    Additional benefits to IT driven by MMS

    Marketing management suites are ideal for large organizations with multiple product lines in complex marketing environments. IT is often more centralized than its counterparts in the business, making it uniquely positioned to encourage greater coordination by helping the business units understand the shared goals and the benefits of working together to roll out suites for marketing workflow management, intelligence, and channel management.

    Cross-Segmentation Additional Revenue Generation Real-Time Capabilities Lead Growth/ Conversion Rate
    Business Value
    • Share resources between brands and product lines.
    • Increase database size with populated client data.
    • Track customer lifetime value.
    • Increase average deal size.
    • Decrease time to execute campaigns.
    • Decrease lead acquisition costs while collecting higher quality leads.
    • Improve retention rates.
    • Reduce cost to serve.
    • Increase customer retention due to effective service.
    • Higher campaign and response rates.
    • Track, measure, and prove the value of marketing activities.
    • Broaden reach through social channels.
    IT Value
    • Reduce reliance on IT for routine tasks such as list creation and data cleansing.
    • Free up IT resources for the sectors of the business where the ROI is greatest.
    • Reduce need for IT to cleanse, modify, or merge data lists because most suites include CRM connectors.
    • Reduce need for constant customization on status reports on lead value and campaign success.

    Info-Tech Insight

    Don’t forget that MMS technologies deliver on the overarching suite value proposition: a robust solution within one integrated offering. Without an MMS in play, organizations in need of this functionality are forced to piece together point solutions (or ad hoc management). This not only increases costs but also is an integration nightmare for IT.

    Step 1.2: Structure the project

    1.1

    1.2

    1.3

    Understand the MMS MarketStructure the ProjectGather MMS Requirements

    This step will walk you through the following activities:

    • Determine if you are ready to kick off the MMS selection project.
    • Align project goals with CXM strategy and business goals.

    This step involves the following participants:

    • Core project team
    • Project manager
    • Project sponsor

    Outcomes of this step

    • Assurance that you have completed adequate preparation, obtained stakeholder and sponsor buy-in, secured sufficient resources, and completed strategy and planning activities to move forward with selection.
    • An approach to remedy organizational readiness to prepare for MMS selection.
    • An understanding of stakeholder goals.

    Identify the scope and purpose of your MMS selection process

    Vendor Profiles icon

    Sample Project Overview

    [Organization] plans to select and implement a marketing management suite in order to introduce better campaign management to the business’ processes. This procurement and implementation of an MMS tool will enable the business to improve the efficiency and effectiveness of marketing campaign execution.

    This project will oversee the assessment and shortlisting of MMS vendors, selection of an MMS tool, the configuration of the solution, and the implementation of the technology into the business environment.

    Rationale Behind the Project

    Consider the business drivers behind the interest in MMS technology.

    Be specific to business units impacted and identify key considerations (both opportunities and risks).

    Business Drivers

    • Organizational productivity
    • Customer satisfaction
    • Marketing management costs
    • Risk management

    Info-Tech Insights

    Creating repeatable and streamlined marketing processes is a common overarching business objective that is driven by multiple factors. To ensure this objective is achieved, confirm that the primary drivers are following the implementation of the first automated marketing channels.

    Activity: Understand your business’ goals for MMS by parsing your formal CXM strategy

    Associated Activity icon 1.2.1 1 hour

    INPUT: Stakeholder user stories

    OUTPUT: Understanding of ideal outcomes from MMS implementation

    MATERIALS: Whiteboard and marker or sticky notes

    PARTICIPANTS: Project sponsor, Project stakeholders, Business analysts, Business unit reps

    Instructions

    1. Outline the purpose of the future MMS tool and the drivers behind this business decision with the project’s key stakeholders.
    2. Document plans to ensure that these drivers are taken into consideration and realized following implementation. Example:
      Improve Reduce/Eliminate KPIs
      Multichannel marketing Duplication of effort Number of customer interaction channels supported
      Social integration Process inefficiencies Number of social signals received (likes, shares, etc.)

    If you do not have a well-defined CXM strategy, leverage Info-Tech’s research to Build a Strong Technology Foundation for Customer Experience Management.

    Understanding marketing suites

    Vendor Profiles icon

    This blueprint focuses on complete, integrated marketing management suites

    An integrated suite is a single product that is designed to assist with multiple marketing processes. Information from these suites is deeply connected to the core CRM. Changing a piece of information for one process will update all affected.

    'MMS' surrounded by its integrated processes, including 'Marketing Operations Management', 'Breadth of Channel Support', 'Marketing Asset Management', etc.

    Understanding marketing point solutions

    Vendor Profiles icon

    A point solution typically interfaces with a single customer interaction channel with minimal CRM integration.

    Why use a marketing point solution?

    1. A marketing point solution is a standalone application used to manage a unique process.
    2. Point solutions can be implemented and updated relatively quickly.
    3. They cost less than full-feature, integrated marketing suites.
    4. Some point solutions integrate with CRM platforms or MMS platforms.

    Refer to Phase 2 for a bird’s-eye view of the point solution marketplace.

    Marketing Point Solutions

    • Twitter Analytics
    • Search Engine Optimization
    • Customer Portals
    • Livechat
    • Marketing Attribution
    • Demand Side Platform

    Determine if MMS is right for your organization

    Vendor Profiles icon

    Adopt an MMS if:

    1. Your organization is actively pursuing a multichannel marketing strategy, particularly if its marketing campaigns are complex and multifaceted, involving consumer-specific conditional messaging.
    2. Your enterprise serves a high volume of customers and marketing needs extend to formally managing budgets and resources, lead generation and segmentation, and measuring channel effectiveness.
    3. Your organizations has multiple product lines and is interested in increasing cross-sale opportunities.

    Bypass an MMS if:

    • Your organization does not participate in multichannel campaigns and is primarily using email or web channels to generate leads. You may find the advanced features and capabilities of an MMS to be overkill and should consider lead marketing automation (LMA) or email marketing services first.
    • You are a small to midsize business (SMB) with a limited budget or fewer than five marketing professionals. Don’t buy what you don’t need; organizations with fewer than five people in the marketing department are unlikely to need an MMS.
    • Sales generation is not a priority for the business or a primary goal for the marketing department.

    Info-Tech Insight

    Using an MMS is ideal for organizations with multiple brands and product portfolios (e.g. consumer packaged goods). Ad hoc management and email marketing services are best for small organizations with a client base that requires only bare bones engagement.

    Determine if you are ready to kick off your MMS selection and implementation project

    Supporting Tool icon 1.2.2 MMS Readiness Assessment Checklist
    Use Info-Tech’s MMS Readiness Assessment Checklist to determine if your organization has sufficient process and campaign maturity to warrant the investment in a consolidated marketing management suite.

    Sections of the Tool:

    1. Goals & Objectives
    2. Project Team
    3. Current State Understanding
    4. Future State Vision
    5. Business Process Improvement
    6. Project Metrics
    7. Executive Sponsorship
    8. Stakeholder Buy-In & Change Management
    9. Risk Management
    10. Cost & Budget

    INFO-TECH DELIVERABLE

    Sample of Info-Tech's MMS Readiness Assessment Checklist.

    Complete the MMS Readiness Assessment Checklist by following the instructions in Activity 1.2.3.

    Activity: Determine if you are ready to kick off your MMS selection project

    Associated Activity icon 1.2.3 30 minutes

    INPUT: MMS foundation, MMS strategy

    OUTPUT: Readiness remediation approach, Validation of MMS project readiness

    MATERIALS: Info-Tech’s MMS Readiness Assessment Checklist

    PARTICIPANTS: Project sponsor, Core project team

    Instructions

    1. Download the MMS Readiness Assessment Checklist.
    2. Review Section 1 of the checklist with the core project team and/or project sponsor, item by item. For completed items, tick the relative checkbox.
    3. Once the whole checklist has been reviewed, document all incomplete items in the table under Section 1 in the first table column (“Incomplete Readiness Item”).
    4. For each incomplete item, use your discretion to determine whether its completion is critical in preparation for MMS selection and implementation. This may vary given the complexity of your MMS project. If the item is critical to the project, indicate this with “Y” in the second column (“Criticality (Y/N)”).
    5. For each critical item, reflect on the barriers that have prevented or are preventing its completion. Possible barriers include incomplete task dependencies, low value-to-effort determination, lack of organizational knowledge or resources, pressure of deadlines, etc. Document these barriers in the third column (“Barriers to Completion”).
    6. Based on the barriers determined in Step 5, determine a remediation approach for each item. Document the approach in the fourth column (“Remediation Approach”).
    7. For each remediation activity, designate a due date and remediation owner. Document this in the fifth column (“Due Date & Owner”).
    8. Carry out the remediation of critical tasks and return to this blueprint to kickstart your selection and implementation project.

    Step 1.3: Gather MMS requirements

    1.1

    1.2

    1.3

    Understand the MMS MarketStructure the ProjectGather MMS Requirements

    This step will walk you through the following activities:

    • Understand your MMS use case.
    • Elicit and capture your MMS requirements.
    • Prioritize your solution requirements.

    This step involves the following participants:

    • Core project team
    • Project manager
    • Business analysts
    • Procurement subject-matter experts (SMEs)

    Outcomes of this step

    • Project alignment with MMS market use case.
    • Inventory of categorized and prioritized MMS business requirements.

    Understand the dominant use-case scenarios for MMS across organizations

    Vendor Profiles icon

    USE CASES

    While an organization may be product- or service-centric, most fall into one of the three use cases described on this slide.

    1) Marketing Automation

    Workflow Management

    Managing complex marketing campaigns and building and tracking marketing workflows are the mainstay responsibilities of brand managers and other senior marketing professionals. In this category, we evaluated vendors that provide marketers with comprehensive tools for marketing campaign automation, workflow building and tracking, lead management, and marketing resource planning for campaigns that need to reach a large segment of customers.

    Omnichannel Management

    The proliferation of marketing channels has created significant challenges for many organizations. In this use case, we executed a special evaluation of vendors that are well suited for the intricacies of juggling multiple channels, particularly mobile, social, and email marketing.

    2) Marketing Intelligence

    Sifting through data from a myriad of sources and coming up with actionable intelligence and insights remains a critical activity for marketing departments, particularly for market researchers. In this category, we evaluated solutions that aggregate, analyze, and visualize complex marketing data from multiple sources to allow decision makers to execute informed decisions.

    3) Social Marketing

    The proliferation of social networks, customer data, and use cases has made ad hoc social media management challenging. In this category we evaluated vendors that bring uniformity to an organization’s social media capabilities and contribute to a 360-degree customer view.

    Activity: Understand which type of MMS you need

    Associated Activity icon 1.3.1 30 minutes

    INPUT: Use-case breakdown

    OUTPUT: Project use-case alignments

    Materials: Whiteboard, markers

    Participants: Project manager, Core project team (optional)

    Instructions

    1. Familiarize your team with Info-Tech’s MMS use-case breakdown from the previous slide.
    2. Determine which use case is best aligned with your organization’s MMS project objectives. If you need assistance with this, consider the relevance of the cases studies and statements on the following slides.
    3. If your team agrees with most or all statements under a given use case, this indicates strong alignment towards that use case. It is possible for an organization to align with more than one use case. Your use-case alignment will guide you in creating a vendor shortlist later in this project.

    Use Info-Tech’s vendor research and use-case scenarios to support your organization’s vendor analysis

    The use-case view of vendor and product performance provides multiple opportunities for vendors to fit into your application architecture depending on their product and market performance. The use cases selected are based on market research and client demand.

    Determining your use case is crucial for:

    1. Selecting an application that is the right fit
    2. Establishing a business case for MMS

    The following slides illustrate how the three most common use cases (marketing automation, marketing intelligence, and social marketing) align with business needs. As shown by the case studies, the right MMS can result in great benefits to your organization.

    Use-case alignment and business need

    Vendor Profiles icon

    Marketing Automation

    Marketing Need Manage customer experience across multiple channels Manage multiple campaigns simultaneously Integrate web-enabled devices (IoT) into marketing campaigns Run and track email marketing campaigns
    A line of arrows pointing down.
    Corresponding Feature End-to-end management of email marketing Visual workflow editor Customer journey mapping Business rules engine A/B tracking

    The Portland Trail Blazers utilize an MMS to amplify their message with marketing automation technology

    CASE STUDY

    Industry: Entertainment | Source: Marketo

    Challenge

    The Portland Trail Blazers, an NBA franchise, were looking to expand their appeal beyond the city of Portland and into the greater Pacific Northwest Region.

    The team’s management group also wanted to showcase the full range of events that were hosted in the team’s multipurpose stadium.

    The Trail Blazers were looking to engage fans in a more targeted fashion than their CRM allowed for. Ultimately, they hoped to move from “batch and blast” email campaigns to an automated and targeted approach.

    Solution

    The Trail Blazers implemented an MMS that allowed it to rapidly build different types of campaigns. These campaigns could be executed across a variety of channels and target multiple demographics at various points in the fan journey.

    Contextual ads were implemented using the marketing suite’s automated customer journey mapping feature. Targeted ads were served based on a fan’s location in the journey and interactions with the Trail Blazers’ online collateral.

    Results

    The automated campaigns led to a 75% email open rate, which contributed to a 96% renewal rate for season ticket holders – a franchise record.

    Other benefits resulting from the improved conversion rate included an increased cohesion between the Trail Blazers’ marketing, analytics, and ticket sales operations.

    Use-case alignment and business need

    Vendor Profiles icon

    Marketing Intelligence

    Marketing Need Capture marketing- and customer-related data from multiple sources Analyze large quantities of marketing data Visualize marketing-related data in a manner that is easy for decision makers to consume Perform trend and predictive analysis
    A line of arrows pointing down.
    Corresponding Feature Integrate data across customer segments Analysis through machine learning Assign attributers to unstructured data Displays featuring data from external sources Create complex customer data visualizations

    Chico’s FAS uses marketing intelligence to drive customer loyalty

    CASE STUDY

    Industry: Retail | Source: SAS

    Challenge

    Women’s apparel retailer Chico’s FAS was looking to capitalize on customer data from in-store and online experiences.

    Chico’s hoped to consolidate customer data from multiple online and brick-and-mortar retail channels to get a complete view of the customer.

    Doing so would satisfy Chico’s need to create more highly segmented, cost-effective marketing campaigns

    Solution

    Chico’s selected an MMS with strong marketing intelligence, analysis, and data visualization capability.

    The MMS could consolidate and analyze customer and transactional information. The suite’s functionality enabled Chico’s marketing team to work directly with the data, without help from statisticians or IT staff.

    Results

    The approach to marketing indigence led to customers getting deals on products that were actually relevant to them, increasing sales and brand loyalty.

    Moreover, the time it took to perform data consolidation decreased dramatically, from 17 hours to two hours, allowing the process to be performed daily instead of weekly.

    Use-case alignment and business need

    Vendor Profiles icon

    Social Marketing

    Marketing Need Understand customers' likes and dislikes Manage and analyze social media channels like Facebook and Twitter Foster a conversation around specific products Engage international audiences through regional messaging apps
    A line of arrows pointing down.
    Corresponding Feature Social listening capabilities Tools for curating customer community content Ability to aggregate social data Integration with popular social networks Ability to conduct trend reporting

    Bayer leverages MMS technology to cultivate a social presence

    CASE STUDY

    Industry: Life Sciences | Source: Adobe

    Challenge

    Bayer, a Fortune 500 health and life sciences company, was looking for a new way to communicate its complex medical breakthroughs to the general public.

    The decision was made to share the science behind its products via social channels in order to generate excitement.

    Bayer needed tools to publish content across a variety of social media platforms while fostering conversations that were more focused on the science behind products.

    Solution

    Based on the requirements, Bayer decided that an MMS would be the best fit.

    After conducting a market scan, the company selected an MMS with a comprehensive social media suite.

    The suite included tools for social listening and moderation and tools to guide conversations initiated by both marketers and customers.

    Results

    The MMS provided Bayer with the toolkit to engage its audience.

    Bayer took control of the conversation about its products by serving potential customers with relevant video content on social media.

    Its social strategy coupled with advanced engagement tools resulted in new business opportunities and more than 65,000 views on YouTube and more than 87,000 Facebook views in a single month.

    Leverage Info-Tech’s requirements gathering framework to serve as the basis for capturing your MMS requirements

    An important step in selecting an MMS that will have widespread user adoption is creating archetypal customer personas. This will enable you to talk concretely about them as consumers of the application you select and allow you to build buyer scenarios around them.
    REQUIREMENTS GATHERING
    Info-Tech’s requirements gathering framework is a comprehensive approach to requirements management that can be scaled to any size of project or organization. This framework ensures that the application created will capture the needs of all stakeholders and deliver business value. Develop and right-size a proven standard operating procedure for requirements gathering with Info-Tech’s blueprint Build a Strong Approach to Business Requirements Gathering.
    Stock photo of a Jenga tower with title: Build a Strong Approach to Business Requirements Gathering
    KEY INPUTS TO MMS REQUIREMENTS GATHERING
    Requirements Gathering Methodology

    Sample of Requirements Gathering Blueprint.

    Requirements Gathering Blueprint Slide 25: Understand the best-practice framework for requirements gathering for enterprise applications projects.

    Requirements Gathering SOP

    Sample of Requirements Gathering Blueprint.

    Requirements Gathering Blueprint Activities 1.2.2-1.2.5, 2.1.1, 2.1.2, 3.1.1, 3.2.1, 4.1.1-4.1.3, 4.2.2: Consolidate outputs to right-size a best-practice SOP for your organization.

    Project Level Selection Tool

    Sample of Requirements Gathering Blueprint.

    Requirements Gathering Blueprint Activity 1.2.4: Determine project-level selection guidelines to inform the due diligence required in your MMS requirements gathering.

    Activity: Elicit and capture your MMS requirements

    Associated Activity icon 1.3.2 Varies

    INPUT: MMS tool user expertise, MMS Requirements Picklist Tool

    OUTPUT: A list of needs from the MMS tool user perspective

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: MMS users in the organization, MMS selection committee

    Instructions

    1. Identify stakeholders for the requirements gathering exercise. Consider holding one-on-one sessions or large focus groups with key stakeholders or the project sponsor to gather business requirements for an MMS.
    2. Use the MMS Requirements Picklist Tool as a starting point for conducting the requirements elicitation session(s).
    3. Begin by reading the instructions in the template and then move to the “Requirements” worksheet. Read each defined requirement in the worksheet and indicate in the “Requirement Status” column whether the requirement is a “Must,” “High,” or “Low.” Confirming the status is an important part of the exercise. The status will help filter vendors for final selection later on in the process.
    4. Decide whether additional requirements are necessary by asking the MMS tool users. If so, add the requirements to the bottom of the “Requirements” worksheet and indicate their “Requirement Status.”

    Download the MMS Requirements Picklist Tool to help with completing this activity.

    Show the measurable benefits of MMS with metrics

    The return on investment (ROI) and perceived value of the organization’s marketing solution will be a critical indication of the likelihood of success of the suite’s selection and implementation.

    EXAMPLE
    METRICS

    MMS and Technology Adoption

    Marketing Performance Metrics
    Average revenue gain per campaign Quantity and quality of marketing insights
    Average time to execute a campaign Customer acquisition rates
    Savings from automated processes Marketing cycle times
    User Adoption and Business Feedback Metrics
    User satisfaction feedback User satisfaction survey with the technology
    Business adoption rates Application overhead cost reduction

    Info-Tech Insight

    Even if marketing metrics are difficult to track right now, the implementation of an MMS brings access to valuable customer intelligence from data that was once kept in silos.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of an Info-Tech analyst.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    1.2.1

    Sample of activity 1.2.1 'Understand your business' goals for MMS by parsing your formal CXM strategy'. Align the CXM strategy value proposition to MMS capabilities

    Our facilitator will help your team identify the IT CXM strategy and marketing goals. The analyst will then work with the team to map the strategy to technological drivers available in the MMS market.

    1.3.2

    Sample of activity 1.3.2 'Elicit and capture your MMS requirements'. Define the needs of MMS users

    Our facilitator will work with your team to identify user requirements for the MMS Requirements Picklist Tool. The analyst will facilitate a discussion with your team to prioritize identified requirements.

    Select a Marketing Management Suite

    PHASE 2

    Shortlist Marketing Management Suites

    Phase 2 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 2: Shortlist Marketing Management Suites

    Proposed Time to Completion: 1-3 months
    Step 2.1: Analyze and Shortlist MMS Vendors
    Start with an analyst kick-off call:
    • Review requirements gathering findings.
    • Review the MMS market space.
    Then complete these activities…
    • Review vendor profiles and analysis.
    • Weigh the evaluation criteria’s importance in product capabilities and vendor characteristics.
    • Shortlist MMS vendors.
    With these tools & templates:
    Phase 2 Results:
    • Shortlist of MMS tools

    Phase 2 milestones

    Launch the MMS Project and Collect Requirements — Phase 1

    • Understand the MMS market space.
    • Assess organizational and project readiness for MMS selection.
    • Structure your MMS selection and implementation project by refining your MMS roadmap.
    • Align organizational use-case fit with market use cases.
    • Collect, prioritize, and document MMS requirements.

    Shortlist MMS Tool — Phase 2

    • Review MMS market leaders and players within your aligned use case.
    • Review MMS vendor profiles and capabilities.
    • Shortlist MMS vendors based on organizational fit.

    Select an MMS — Phase 3

    • Submit request for proposal (RFP) to shortlisted vendors.
    • Evaluate vendor responses and develop vendor demonstration scripts.
    • Score vendor demonstrations and select the final product.

    Step 2.1: Analyze and shortlist MMS vendors

    2.1

    Analyze and Shortlist MMS Vendors

    This step will walk you through the following activities:

    • Review MMS vendor landscape.
    • Take note of relevant point solutions.
    • Shortlist vendors for the RFP process.

    This step involves the following participants:

    • Core project team

    Outcomes of this step

    • Understanding of Info-Tech’s use-case scenarios for MMS: marketing automation, marketing intelligence, and social marketing.
    • Familiarity with the MMS vendor landscape.
    • Shortlist of MMS vendors for RFP process.

    Familiarize yourself with the MMS market: How it got here

    Vendor Profiles icon

    Loosely Tied Together

    Originally the sales and marketing enterprise application space was highly fragmented, with disparate best-of-breed point solutions patched together. Soon after, vendors in the late 1990s started bundling automation technologies into a single suite offering. Marketing capabilities of CRM suites were minimal at best and often restricted to web and email only.

    Limited to Large Enterprises

    Many vendors started to combine all marketing tools into a single, comprehensive marketing suite, but cost and complexity limited them to large enterprises and marketing agencies.

    Best-of-breed solutions targeting new channels and new goals, like closed-loop sales and marketing, continued driving new marketing software genres, like dedicated lead management suites.

    In today’s volatile business environment, judgment built from past experience is increasingly unreliable. With consumer behaviors in flux, once-valid assumptions (e.g. ‘older consumers don’t use Facebook or send text messages’) can quickly become outdated.” (SAS Magazine)

    Info-Tech Insight

    As the market evolves, capabilities that were once cutting edge become default and new functionality becomes differentiating. Some features, like basic CRM integration, have become table stakes capabilities. Focus on advanced analytics features and omnichannel integration capabilities to get the best fit for your requirements.

    Familiarize yourself with the MMS market: Where it’s going

    Vendor Profiles icon

    AI and Machine Learning

    Vendors are beginning to offer AI capabilities across MMS for data-driven customer engagement scoring and social listening insights. Machine learning capability is being leveraged to determine optimal customer journey and suggest next steps to users.

    Marketplace Fragmentation

    The number of players in the marketing application space has grown exponentially. The majority of these new vendors offer point solutions rather than full-blown marketing suites. Fragmentation is leading to tougher choices when looking to augment an existing platform with specific functionality.

    Improving Application Integration

    MMS vendors are fostering deeper integrations between their marketing products and core CRM products, leading to improved data hygiene. At the same time, vendors are improving flexibility in the marketing suite so that new channels can be added easily.

    Greater Self-Service

    Vendors have an increased emphasis on application usability. Their goal is to enable marketers to execute campaigns without relying on specialists.

    There’s a firehose of customer data coming at marketers today, and with more interconnected devices emerging (wearables, smart watches, etc.), cultivating a seamless customer experience is likely to grow even more challenging.

    Building out a data-driven marketing strategy and technology stack that enables you to capture behaviors across channels is key.” (IBM, Ideas for Exceeding Customer Expectations)

    Review Info-Tech’s vendor profiles of the MMS market to identify vendors that meet your requirements

    Vendors & Products Evaluated

    Vendor logos including 'Adobe', 'ORACLE', and 'IBM'.

    VENDOR PROFILES

    Review the MMS Vendor Evaluation

    Large icon of a descending bar graph for vendor profiles title page.

    Table stakes are the minimum standard; without these, a product doesn’t even get reviewed

    Vendor Profiles icon

    TABLE STAKES

    Feature Table Stake Functionality
    Basic Workflow Automation Simple automation of common marketing tasks (e.g. handling inbound leads).
    Basic Channel Integration Integration with minimum two or more marketing channels (e.g. email and direct mail).
    Customizable User Interface A user interface that can be changed and optimized to users’ preferences. This includes customizable dashboards for displaying relevant marketing metrics.
    Basic Mobile UX Accessible from a mobile device in some fashion.
    Cloud Compatibility Able to offer integration within pre-existing or proprietary cloud server. Many vendors only have SaaS products.

    What does this mean?

    The products assessed in these vendor profiles meet, at the very least, the requirements outlined as table stakes.

    Many of the vendors go above and beyond the outlined table stakes; some even do so in multiple categories. This section aims to highlight the products’ capabilities in excess of the criteria listed here.

    Info-Tech Insight

    If table stakes are all you need from your MMS, determine whether your existing CRM platform already satisfies your requirements. Otherwise, dig deeper to find the best price-to-value ratio for your needs.

    Take a holistic approach to vendor and product evaluation

    Almost – or equally – as important as evaluating vendor feature capabilities is the need to evaluate vendor viability and non-functional aspects of the MMS. Include an evaluation of the following criteria in your vendor scoring methodology:

    Vendor Attribute Description
    Vendor Stability and Variability The vendor’s proven ability to execute on constant product improvement, deliberate strategic direction, and overall commitment to research and development efforts in responding to emerging trends.
    Security Model The potential to integrate the application to existing security models and the vendor's approach to handling customer data.
    Deployment Style The choice to deploy a single or multi-tenant SaaS environment via a perpetual license.
    Ease of Customization The relative ease with which a system can be customized to accommodate niche or industry-specific business or functional needs.
    Vendor Support Options The availability of vendor support options, including selection consulting, application development resources, implementation assistance, and ongoing support resources.
    Size of Partner Ecosystem The quantity of enterprise applications and third-party add-ons that can be linked to the MMS, as well as the number of system integrators available.
    Ease of Data Integration The relative ease with which the system can be integrated with an organization’s existing application environment, including legacy systems, point solutions, and other large enterprise applications.

    Info-Tech Insight

    Evaluate vendor capabilities, not just product capabilities. An MMS is typically a long-term commitment; ensure that your organization is teaming up with a vendor or provider that you feel you can work well with and depend on.

    Advanced features are the capabilities that allow for granular differentiation of market players and use-case performance

    Vendor Profiles icon

    Evaluation Methodology

    These product features were assessed as part of the classification of vendors into use cases. In determining use-case leaders and players, select features were considered based on best alignment with the use case.

    Feature Advanced Functionality
    Advanced Campaign Management End-to-end marketing campaign management: customer journey mapping, campaign initiation, monitoring, and dynamic reporting and adjustment.
    Marketing Asset Management Content repository functionality (or tight ECM integration) for marketing assets and campaign collateral (static, multimedia, e-commerce–related, etc.).
    Marketing Analytics
    • Predictive analytics; machine learning; capabilities for data ingestion and visualization across various marketing research/marketing intelligence categories (demographic, psychographic, etc.).
    • Data segmentation; drill-down ability to assign attributes to unstructured data; ability to construct complex customer/competitive data visualizations from segmented data.
    Breadth of Channel Support Ability to support and manage a wide range of marketing channels (e-commerce, SEO/SEM, paid advertising, email, traditional [print, multimedia], etc.).
    Marketing Workflow Management Visual workflow editors and business rules engine creation.

    Advanced features are the capabilities that allow for granular differentiation of market players and use-case performance

    Vendor Profiles icon

    Evaluation Methodology

    These product features were assessed as part of the classification of vendors into use cases. In determining use-case leaders and players, select features were considered based on best alignment with the use case.

    Feature Advanced Functionality
    Community Marketing Management Branded customer communities (e.g. community support forums) and DMB/DSP.
    Email Marketing Automation End-to-end management of email marketing: email templates, email previews, spam testing, A/B tracking, multivariate testing, and email metrics tracking.
    Social Marketing Ability to integrate with popular social media networks and manage social properties and to aggregate and analyze social data for trend reporting.
    Mobile Marketing Ability to manage SMS, push, and mobile application marketing.
    Marketing Operations Management Project management tools for marketers (timelines, performance indicators, budgeting/resourcing tools, etc.).

    Use the information in the MMS vendor profiles to streamline your vendor analysis process

    Vendor Profiles icon This section includes profiles of the vendors evaluated against the previously outlined framework.
    Review the use-case scenarios relevant to your organization’s use case to identify a vendor’s fit to your organization’s MMS needs.
    • L = Use-case leader
    • P = Use-case player
    Three column headers: 'Marketing Automation', 'Marketing Intelligence', and 'Social Media Marketing'.
    Understand your organization’s size and whether it falls within the product’s market focus.
    • Large enterprise: 2,000+ employees and revenue of $250M+
    • Small-medium enterprise: 30-2,000 employees and revenue of $25M-$250M
    Column header 'MARKET FOCUS' with row headers 'Small-Medium' and 'Large Enterprise'.
    Review the differentiating features to identify where the application performs best. A list of features.
    Colors signify a feature’s performance. A key for color-coding: Blue - 'Best of Breed', Green - 'Present: Competitive Strength', Yellow-Green - 'Present: Competitive Parity', Yellow - 'Semi-Present', Grey - 'Absent'.

    Adobe Marketing Cloud

    Vendor Profiles icon
    Logo for Adobe. FUNCTIONAL SPOTLIGHT

    Creative Cloud Integration: To make for a more seamless cross-product experience, projects can be sent between Marketing Cloud and Creative Cloud apps such as Photoshop and After Effects.

    Sensei: Adobe has revamped its machine learning and AI platform in an effort to integrate AI into all of its marketing applications. Sensei includes data from Microsoft in a new partnership program.

    Anomaly Detection: Adobe’s Anomaly Detection contextualizes data and provides a statistical method to determine how a given metric has changed in relation to previous metrics.

    USE-CASE PERFORMANCE
    Marketing
    Automation
    Marketing
    Intelligence
    Social
    Marketing

    L

    L

    P

    MARKET FOCUS
    Small-Medium
    Large Enterprise
    Adobe’s goal with Marketing Cloud is to help businesses provide customers with cohesive, seamless experiences by surfacing customer profiles in relevant situations quickly. Adobe Marketing Cloud has traditionally been used in the B2C space but has seen an increase in B2C use cases driven by the finance and technology sectors. FEATURES
    Color-coded ranking of each feature for Adobe.
    Employees (2018): 17,000 Presence: Global Founded: 1982 NASDAQ: ADBE

    HubSpot

    Vendor Profiles icon

    Logo for Hubspot.FUNCTIONAL SPOTLIGHT

    Content Optimization System (COS): The fully integrated system stores assets and serves them to their designated channels at relevant times. The COS is integrated into HubSpot's marketing platform.

    Email Automation: HubSpot provides basic email that can be linked to a specific part of an organization’s marketing funnel. These emails can also be added to pre-existing automated workflows.

    Email Deliverability Tool: HubSpot identifies HTML or content that will be flagged by spam filters. It also validates links and minimizes email load times.

    USE-CASE PERFORMANCE
    Marketing
    Automation
    Marketing
    Intelligence
    Social
    Marketing

    P

    P

    P

    MARKET FOCUS
    Small-Medium
    Large Enterprise
    Hubspot’s primary focus has been on email marketing campaigns. It has put effort into developing solid “click not code” email marketing capabilities. Also, Hubspot has an official integration with Salesforce for expanded operations management and analytics capabilities. FEATURES
    Color-coded ranking of each feature for Hubspot.
    Employees (2018): 1,400 Presence: Global Founded: 2006 NYSE: HUBS

    IBM Marketing Cloud

    Vendor Profiles icon

    Logo for IBM.FUNCTIONAL SPOTLIGHT

    Watson: IBM is leveraging its popular Watson AI brand to generate marketing insights for automated campaigns.

    Weather Effects: Set campaign rules based on connections between weather conditions and customer behavior relative to zip code made by Watson.

    Real-Time Personalization: IBM has made efforts to remove campaign interaction latency and optimize live customer engagement by acting on information about what customers are doing in the current moment.

    USE-CASE PERFORMANCE
    Marketing
    Automation
    Marketing
    Intelligence
    Social
    Marketing

    L

    L

    P

    MARKET FOCUS
    Small-Medium
    Large Enterprise
    IBM has remained ahead of the curve by incorporating its well-known AI technology throughout Marketing Cloud. The application’s integration with the wide array of IBM products makes it a powerful tool for users already in the IBM ecosystem. FEATURES
    Color-coded ranking of each feature for IBM.
    Employees (2018): 380,000 Presence: Global Founded: 1911 NYSE: IBM

    Marketo

    Vendor Profiles icon

    Logo for Marketo.FUNCTIONAL SPOTLIGHT

    Content AI: Marketo has leveraged its investments in machine learning to intelligently fetch marketing assets and serve them to customers based on their interactions with a campaign.

    Email A/B Testing: To improve lead generation from email campaigns, Marketo features the ability to execute A/B testing for customized campaigns.

    Partnership with Google: Marketo is now hosted on Google’s cloud platform, enabling it to provide support for larger enterprise clients and improve GDPR compliance.

    USE-CASE PERFORMANCE
    Marketing
    Automation
    Marketing
    Intelligence
    Social
    Marketing

    P

    P

    P

    MARKET FOCUS
    Small-Medium
    Large Enterprise
    Marketo has strong capabilities for lead management but has recently bolstered its analytics capabilities. Marketo is hoping to capture some of the analytics application market share by offering tools with varying complexity and to cater to firms with a wide range of analytics needs. FEATURES
    Color-coded ranking of each feature for Marketo.
    Employees (2018): 1,000 Presence: Global Founded: 2006 Private Corporation

    Oracle Marketing Cloud

    Vendor Profiles icon

    Logo for Oracle.FUNCTIONAL SPOTLIGHT

    Data Visualization: To make for a more seamless cross-product experience, marketing projects can be sent between Marketing Cloud and Creative Cloud apps such as Dreamweaver.

    ID Graph: Use ID Graph to unite disparate data sources to form a singular profile of leads, making the personalization and contextualization of campaigns more efficient.

    Interest-Based Messaging: Pause a campaign to update a segment or content based on aggregated customer activity and interaction data.

    USE-CASE PERFORMANCE
    Marketing
    Automation
    Marketing
    Intelligence
    Social
    Marketing

    P

    P

    P

    MARKET FOCUS
    Small-Medium
    Large Enterprise
    Oracle Marketing Cloud is known for its balance between campaigns and analytics products. Oracle has taken the lead on expanding its marketing channel mix to include international options such as WeChat. Users already using Oracle’s CRM/CEM products will derive the most value from Marketing Cloud. FEATURES
    Color-coded ranking of each feature for Oracle.
    Employees (2018): 138,000 Presence: Global Founded: 1977 NYSE: ORCL

    Salesforce Marketing Cloud

    Vendor Profiles icon

    Logo for Salesforce Marketing Cloud.FUNCTIONAL SPOTLIGHT

    Einstein: Salesforce is putting effort into integrating AI into all of its applications. The Einstein AI platform provides marketers with predictive analytics and insights into customer behavior.

    Mobile Studio: Salesforce has a robust mobile marketing offering that encompasses SMS/MMS, in-app engagement, and group messaging platforms.

    Journey Builder: Salesforce created Journey Builder, which is a workflow automation tool. Its user-friendly drag-and-drop interface makes it easy to automate responses to customer actions.

    USE-CASE PERFORMANCE
    Marketing
    Automation
    Marketing
    Intelligence
    Social
    Marketing

    L

    P

    L

    MARKET FOCUS
    Small-Medium
    Large Enterprise
    Salesforce Marketing Cloud is primarily used by organizations in the B2C space. It has strong Sales Cloud CRM integration. Pardot is positioning itself as a tool for sales teams in addition to marketers. FEATURES
    Color-coded ranking of each feature for Salesforce Marketing Cloud.
    Employees (2018): 1,800 Presence: Global Founded: 2000 NYSE: CRM

    Salesforce Pardot

    Vendor Profiles icon

    Logo for Salesforce Pardot.FUNCTIONAL SPOTLIGHT

    Engagement Studio: Salesforce is putting marketing capabilities in the hands of sales reps by giving them access to a team email engagement platform.

    Einstein: Salesforce’s Einstein AI platform helps marketers and sales reps identify the right accounts to target with predictive lead scoring.

    Program Steps: Salesforce developed a distinct own workflow building tool for Pardot. Workflows are made of “Program Steps” that have the functionality to initiate campaigns based on insights from Einstein.

    USE-CASE PERFORMANCE
    Marketing
    Automation
    Marketing
    Intelligence
    Social
    Marketing

    P

    P

    -

    MARKET FOCUS
    Small-Medium
    Large Enterprise
    Pardot is Salesforce’s B2B marketing solution. Pardot has focused on developing tools that enable sales teams and marketers to work in lockstep in order to achieve lead-generation goals. Pardot has deep integration with Salesforce’s CRM and customer service management products. FEATURES
    Color-coded ranking of each feature for Salesforce Pardot.
    Employees (2018): 1,800 Presence: Global Founded: 2000 NYSE: CRM

    SAP Hybris Marketing

    Vendor Profiles icon

    Logo for SAP.FUNCTIONAL SPOTLIGHT

    CMO Dashboard: The specialized dashboard is aimed at providing overviews for the executive level. It includes the ability to coordinate marketing activities and project budgets, KPIs, and timelines.

    Loyalty Management: SAP features in-app tools to manage campaigns specifically geared toward customer loyalty with digital coupons and iBeacons.

    Customer Segmentation: SAP’s predictive capabilities dynamically suggest relevant customer profiles for new campaigns.

    USE-CASE PERFORMANCE
    Marketing
    Automation
    Marketing
    Intelligence
    Social
    Marketing

    P

    L

    P

    MARKET FOCUS
    Small-Medium
    Large Enterprise
    SAP Hybris Marketing Cloud optimizes marketing strategies in real time with accurate attribution and measurements. SAP’s operations management capabilities are robust, including the ability to view consolidated data streams from ongoing marketing plans, performance targets, and budgets. FEATURES
    Color-coded ranking of each feature for SAP.
    Employees (2018): 84,000 Presence: Global Founded: 1972 NYSE: SAP

    SAS Marketing Intelligence

    Vendor Profiles icon

    Logo for SAS.FUNCTIONAL SPOTLIGHT

    Activity Map: A user-friendly workflow builder that can be used to execute campaigns. Multiple activities can be simultaneously A/B tested within the Activity Map UI. The outcome of the test can automatically adjust the workflow.

    Spots: A native digital asset manager that can store property that is part of existing and future campaigns.

    Viya: A framework for fully integrating third-party data sources into SAS Marketing Intelligence. Viya assists with pairing on-premises databases with a cloud platform for use with the SAS suite.

    USE-CASE PERFORMANCE
    Marketing
    Automation
    Marketing
    Intelligence
    Social
    Marketing

    P

    L

    MARKET FOCUS
    Small-Medium
    Large Enterprise
    SAS has been a leading BI and analytics provider for more than 35 years. Rooted in statistical analysis of data, SAS products provide forward-looking strategic insights. Organizations that require extensive customer intelligence capabilities and the ability to “slice and dice” segments should have SAS on their shortlist. FEATURES
    Color-coded ranking of each feature for SAS.
    Employees (2018): 14,000 Presence: Global Founded: 1976 Private Corporation

    Consider alternative MMS vendors not included in Info-Tech’s vendor profiles

    Info-Tech evaluated only a portion of vendors in the MMS market. In order for a vendor to be included in this landscape, the company needed to meet three baseline criteria:
    1. Our clients must be talking about the solution.
    2. Our analysts must believe the solution will play well within the evaluation.
    3. The vendor must meet table stakes criteria.
    Below is a list of notable vendors in the space that did not meet all of Info-Tech’s inclusion requirements.

    Additional vendors in the MMS market:

    Logo for act-on. Logo for SharpSpring.

    See the next slides for suggested point solutions.

    Leverage Info-Tech’s WXM and SMMP vendor landscapes to select platforms that fit with your CXM strategy

    Web experience management (WXM) and social media management platforms (SMMP) act in concert with your MMS to execute complex campaigns.

    Social Media Management

    Info-Tech’s SMMP selection guide enables you to find a solution that satisfies your objectives across marketing, sales, public relations, HR, and customer service. Create a unified framework for driving successful implementation and adoption of your SMMP that fully addresses CRM and marketing automation integration, end-user adoption, and social analytics with Info-Tech’s blueprint Select and Implement a Social Media Management Platform.

    Stock image with the title Select and Implement a Social Media Management Platform.
    Web Experience Management

    Info-Tech’s approach to WXM ensures you have the right suite of tools for web content management, experience design, and web analytics. Put your best foot forward by conducting due diligence as the selection project advances. Ensure that your organization will see quick results with Info-Tech’s blueprint Select and Implement a Web Experience Management Solution.

    Stock image with the title Select and Implement a Web Experience Management Solution.

    POINT SOLUTION PROFILES

    Review this cursory list of point solutions by use case

    Consider point solutions if a full suite is not required

    Large icon of a target for point solution profiles title page.

    Consider point solutions if a full suite is not required

    Email Marketing

    Logos of companies for Email Marketing including MailChimp and emma.

    Consider point solutions if a full suite is not required

    Search Engine Optimization (SEO)

    Logos of companies for Search Engine Optimization including SpyFu and SerpStat.

    Consider point solutions if a full suite is not required

    Demand-Side Platform (DSP)

    Logos of companies for Demand-Side Platform including MediaMath and rocketfuel.

    Consider point solutions if a full suite is not required

    Customer Portal Software

    Logos of companies for Customer Portal Software including LifeRay and lithium.

    Select a Marketing Management Suite

    PHASE 3

    Select Vendor and Communicate Decision to Stakeholders

    Phase 3 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 3: Plan Your MMS Implementation

    Proposed Time to Completion: 2 weeks
    Step 3.1: Select Your MMS Step 3.2: Communicate the Decision to Stakeholders
    Start with an analyst kick-off call:
    • Review the MMS shortlist.
    • Discuss how to link RFP questions and demo script scenarios to gathered requirements.
    Review findings with analyst:
    • Review the alignment between MMS capability and the business’ CXM strategy.
    • Discuss how to present the decision to stakeholders.
    Then complete these activities…
    • Build a vendor response template.
    • Evaluate RFP responses from vendors.
    • Build demo scripts and set up product demonstrations.
    • Establish evaluation criteria.
    • Select MMS product and vendor.
    Then complete these activities…
    • Present decision rationale to stakeholders.
    With these tools & templates:
    • MMS Request for Proposal Template
    • MMS Vendor Demo Script
    With these tools & templates:
    • MMS Selection Executive Presentation Template
    Phase 3 Results
    • Select an MMS that meets requirements and is approved by stakeholders.

    Phase 3 milestones

    Launch the MMS Project and Collect Requirements — Phase 1

    • Understand the MMS market space.
    • Assess organizational and project readiness for MMS selection.
    • Structure your MMS selection and implementation project by refining your MMS roadmap.
    • Align organizational use-case fit with market use cases.
    • Collect, prioritize, and document MMS requirements.

    Shortlist MMS Tool — Phase 2

    • Review MMS market leaders and players within your aligned use case.
    • Review MMS vendor profiles and capabilities.
    • Shortlist MMS vendors based on organizational fit.

    Select an MMS — Phase 3

    • Submit request for proposal (RFP) to shortlisted vendors.
    • Evaluate vendor responses and develop vendor demonstration scripts.
    • Score vendor demonstrations and select the final product.

    Step 2.1: Analyze and shortlist MMS vendors

    3.1

    3.2

    Select Your MMS Communicate Decision to Stakeholders

    This step will walk you through the following activities:

    • Build a response template to standardize potential vendor responses and streamline your evaluation process.
    • Evaluate the RFPs you receive with a clear scoring process and evaluation framework.
    • Build a demo script to evaluate product demonstrations by vendors.
    • Select your solution.

    This step involves the following participants:

    • Core project team
    • Procurement SMEs
    • Project sponsor

    Outcomes of this step

    • Completed MMS RFP vendor response template
    • Completed MMS demo script(s)
    • Established product and vendor evaluation criteria
    • Final MMS selection

    Activity: Shortlist vendors for the RFP process

    Associated Activity icon 3.1.1 30 minutes

    INPUT: Organizational use-case fit

    OUTPUT: MMS vendor shortlist

    Materials: Info-Tech’s MMS use cases, Info-Tech’s vendor profiles, Whiteboard, markers

    Participants: Core project team

    Instructions

    1. Collectively with the core project team, determine any knock-out criteria for shortlisting MMS vendors. For example, if your team is executing on a strategy that favors mobile deployment, vendors who do not have a mobile offering may be off the table.
    2. Based on the results in Activity 1.3.2, write a longlist of vendors. In most cases, this list will consist of all the vendors that fall into your organization’s use-case scenario. If your organization fits into more than one use case (e.g. your organization has both product-centric and service-centric MMS needs), look for the overlap of vendors between the use cases.
    3. Review the profiles of the vendors that fall into your use-case scenario. Based on your knock-out criteria established in Step 1, eliminate any vendors as applicable.
    4. Finalize and record your shortlist of MMS vendors.

    Use Info-Tech’s MMS Request for Proposal Template to document and communicate your requirements to vendors

    Supporting Tool icon 3.1.2 MMS Request for Proposal Template

    Use the MMS Request for Proposal Template as a step-by-step guide on how to request interested vendors to submit written proposals that meet your set of requirements.

    If interested in bidding for your project, vendors will respond with a description of the techniques they would employ to address your organizational challenges and meet your requirements, along with a plan of work and detailed budget for the project.

    The RFP is an important piece of setting and aligning your expectations with the vendors’ product offerings. Make sure to address the following elements in the RFP:

    Sections of the Tool:

    1. Statement of work
    2. General information
    3. Proposal preparation instructions
    4. Scope of work, specifications, and requirements
    5. Vendor qualifications and references
    6. Budget and estimated pricing
    7. Additional terms and conditions
    8. Vendor certification

    INFO-TECH DELIVERABLE

    Sample of Info-Tech's MMS Request Proposal Template.

    Complete the MMS Request for Proposal Template by following the instructions in Activity 3.1.3.

    Activity: Create an RFP to submit to MMS vendors

    Associated Activity icon 3.1.3 1-2 hours

    INPUT: Business requirements document, Procurement procedures

    OUTPUT: MMS RFP

    Materials: Internal RFP tools or templates (if available), Info-Tech’s MMS Request for Proposal Template (optional)

    Participants: Procurement SMEs, Project manager, Core project team (optional)

    Instructions

    1. Download Info-Tech’s MMS Request for Proposal Template or prepare internal best-practice RFP tools.
    2. Build your RFP:
      1. Complete the statement of work and general information sections to provide organizational context to your longlisted vendors.
      2. Outline the organization’s procurement instructions for vendors, including due diligence, assessment criteria, and dates.
      3. Input the business requirements document as created in Activity 1.3.2.
      4. Create a scenario overview to provide vendors with an opportunity to give an estimate price.
    3. Obtain approval for your RFP. Each organization has a unique procurement process; follow your own organization’s process as you submit your RFPs to vendors. Ensure compliance with your organization’s standards and gain approval for submitting your RFP.

    Establish vendor evaluation criteria

    Vendor demonstrations are an integral part of the selection process. Having clearly defined selection criteria will help with setting up relevant demos as well as inform the vendor scorecards.

    EXAMPLE EVALUATION CRITERIAPie chart indicating the weight of each 'Vendor Evaluation Criteria': 'Functionality, 30%', 'Ease of Use, 25%', 'Cost, 15%', 'Vendor, 15%', and 'Technology, 15%'.
    Functionality (30%)
    • Breadth of capability
    • Tactical capability
    • Operational capability
    Ease of Use (25%)
    • End-user usability
    • Administrative usability
    • UI attractiveness
    • Self-service options
    Cost (15%)
    • Maintenance
    • Support
    • Licensing
    • Implementation (internal and external costs)
    Vendor (15%)
    • Support model
    • Customer base
    • Sustainability
    • Product roadmap
    • Proof of concept
    • Implementation model
    Technology (15%)
    • Configurability options
    • Customization requirements
    • Deployment options
    • Security and authentication
    • Integration environment
    • Ubiquity of access (mobile)

    Info-Tech Insight

    Base your vendor evaluations not on the capabilities of the solutions but instead on how the solutions align with your organization’s process automation requirements and considerations.

    Vendor demonstrations

    Examine how the vendor’s solution performs against your evaluation framework.

    What is the value of a vendor demonstration?

    Vendor demonstrations create a valuable opportunity for your organization to confirm that the vendor’s claims in the RFP are actually true.

    A display of the vendor’s functional capabilities and its execution of the scenarios given in your demo script will help to support your assessment of whether a vendor aligns with your MMS requirements.

    What should be included in a vendor demonstration?

    1. Vendor’s display of its solution for the scenarios provided in the demo script.
    2. Display of functional capabilities of the tool.
    3. Briefing on integration capabilities.

    Activity: Invite top performing vendors for product demonstrations

    Associated Activity icon 3.1.4 1-2 hours

    INPUT: Business requirements document, Logistical considerations, Usage scenarios by functional area

    OUTPUT: MMS demo script

    Materials: Info-Tech’s MMS Vendor Demo Script

    Participants: Procurement SMEs, Core project team

    Instructions

    1. Have your evaluation team (selected at the onset of the project) present to evaluate each vendor’s presentation. In some cases you may choose to bring in a subject matter expert (SME) to evaluate a specific area of the tool.
    2. Outline the logistics of the demonstration in the Introduction section of the template. Be sure to outline the total length of the demo and the amount of time that should be dedicated to the following:
      • Product demonstration in response to the demo script
      • Showcase of unique product elements, not reflective of the demo script
      • Question and answer session
      • Breaks and other potential interruptions
    3. Provide prompts for the vendor to display the capabilities by listing and describing usage scenarios by functional area. For example, when asking a vendor to demo financial and accounting management capabilities, you may break scenarios out by task (e.g. general ledger, accounts payable) or user role (e.g. finance manager, administrator).

    Info-Tech Insight

    Challenge vendor project teams during product demonstrations. Asking the vendor to make adjustments or customizations on the fly will allow you to get an authentic feel of product capability and flexibility, as well as of the degree of adaptability of the vendor project team. Ask the vendor to demonstrate how to do things not listed in your user scenarios, such as change system visualizations or design, change underlying data, add additional datasets, demonstrate analytics capabilities, or channel specific automation.

    Use Info-Tech’s MMS Vendor Demo Script template to set expectations for vendor product demonstration

    Vendor Profiles icon MMS Vendor Demo Script

    Customize and use Info-Tech’s MMS Vendor Demo Script to help identify how a vendor’s solution will fit your organization’s particular business capability needs.

    This tool assists with outlining logistical considerations for the demo itself and the scenarios with which the vendors should script their demonstration.

    Sections of the Tool:

    1. Introduction
    2. Demo scenarios by functional area

    Info-Tech Best Practice

    Avoid providing vendors with a rigid script for product demonstration; instead, provide user scenarios. Part of the value of a vendor demonstration is the opportunity to assess whether or not the vendor project team has a solid understanding of your organization’s MMS challenges and requirements and can work with your team to determine the best solution possible. A rigid script may result in your inability to assess whether the vendor will adjust for and scale with your project and organization as a technology partner.

    INFO-TECH DELIVERABLE

    Sample of Info-Tech's MMS Vendor Demo Script.

    Use the MMS Vendor Demo Script by following the instructions in Activity 3.1.4.

    Leverage Info-Tech’s vendor selection and negotiation models as the basis for a streamlined MMS selection process

    Design a procurement process that is robust, ruthless, and reasonable. Rooting out bias during negotiation is vital to making unbiased vendor selections.

    Vendor Selection

    Info-Tech’s approach to vendor selection gets you to design a procurement process that is robust, ruthless, and reasonable. This approach enables you to take control of vendor communications. Implement formal processes with an engaged team to achieve the right price, the right functionality, and the right fit for the organization with Info-Tech's blueprint Implement a Proactive and Consistent Vendor Selection Process.

    Stock image with the title Implement a Proactive and Consistent Vendor Selection Process.
    Vendor Negotiation

    Info-Tech’s SaaS negotiation strategy focuses on taking control of implementation from the beginning. The strategy allows you to work with your internal stakeholders to make sure they do not team up with the vendor instead of you. Reach an agreement with your vendor that takes into account both parties’ best interests with Info-Tech’s blueprint Negotiate SaaS Agreements That Are Built to Last.

    Stock image with the title Negotiate SaaS Agreements That Are Built to Last.

    Step 3.2: Communicate decision to stakeholders

    3.1

    3.2

    Select Your MMS Communicate Decision to Stakeholders

    This step will walk you through the following activities:

    • Collect project rationale documentation.
    • Create a presentation to communicate your selection decision to stakeholders.

    This step involves the following participants:

    • Core project team
    • Procurement SMEs
    • Project sponsor
    • Business stakeholders
    • Relevant management

    Outcomes of this step

    • Completed MMS Selection Executive Presentation Template
    • Affirmation of MMS selection by stakeholders

    Inform internal stakeholders of the final decision

    Ensure traceability from the selected tool to the needs identified in the first phase. Internal stakeholders must understand the reasoning behind the final selection and see the alignment to their defined requirements and needs.

    Document the selection process to show how the selected tool aligns to stakeholder needs:

    A large arrow labelled 'Application Benefits', underlaid beneath two smaller arrows labelled 'MMS stakeholder needs' and 'MMS technology needs', all pointing to the right.

    Documentation will assist with:

    1. Adopting the selected MMS.
    2. Demonstrating that proper due diligence was performed during the selection process.
    3. Providing direct traceability between the selected applications and internal stakeholder needs.

    Activity: Prepare a presentation deck to communicate the selection process and decision to internal stakeholders

    Associated Activity icon 3.2.1 1 week

    INPUT: MMS tool selection committee expertise

    OUTPUT: Decision to invest or not invest in an MMS tool

    Materials: Note-taking materials, Whiteboard or flip chart, markers

    Participants: MMS tool selection committee

    Instructions

    1. Download Info-Tech’s MMS Selection Executive Presentation Template.
    2. Read the instructions on slide 2 of the template. Then, on slide 3, decide if any portion of the selection process should be removed from the communication. Discuss with the team and make adjustments to slide 3 as necessary.
    3. Work with the MMS selection committee to populate the slides that remain after the adjustments. Follow the instructions on each slide to help complete the content.
    4. Refer to the square brackets on each slide (e.g. [X.X]) to identify the activity numbers in this storyboard that correspond to the slide in the MMS Selection Executive Presentation Template. Use the outputs produced from the corresponding activities in this deck and populate each slide in the MMS Selection Executive Presentation Template.
    5. Use the completed template to present to internal stakeholders.

    Info-Tech Insight

    Documenting the process of how the selection decision was made will avoid major headaches down the road. Without a documented process, internal stakeholders and even vendors can challenge and discredit the selection process.

    Vendor participation

    Vendors Who Briefed with Info-Tech Research Group

    Logos of vendors who participated in this blueprint: Salesforce Pardot, SAS, Adobe, Marketo, and Salesforce Marketing Cloud.

    Professionals Who Contributed to Our Evaluation and Research

    • Sara Camden, Digital Change Agent, Equifax
    • Caren Carrasco, Lifecycle Marketing and Automation, Benjamin David Group
    • 10 anonymous contributors participated in the vendor briefings

    Works cited

    Adobe Systems Incorporated. “Bayer builds understanding, socially.” Adobe.com, 2017. Web.

    IBM Corporation, “10 Key Marketing Trends for 2017.” IBM.com, 2017. Web.

    Marketo, Inc. “The Definitive Guide to Marketing Automation.” Marketo.com, 2013. Web.

    Marketo, Inc. “NBA franchise amplifies its message with help from Marketo’s marketing automation technology.” Marketo.com, 2017. Web.

    Salesforce Pardot. “Marketing Automation & Your CRM: The Dynamic Duo.” Pardot.com, 2017. Web.

    SAS Institute Inc. “Marketing Analytics: How, why and what’s next.” SAS Magazine, 2013. Web.

    SAS Institute Inc. “Give shoppers offers they’ll love.” SAS.com, 2017. Web.

    Understand and Apply Internet-of-Things Use Cases to Drive Organizational Success

    • Buy Link or Shortcode: {j2store}535|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Customer Relationship Management
    • Parent Category Link: /customer-relationship-management
    • The Internet of Things (IoT) is a rapidly proliferating technology – connected devices have experienced unabated growth over the last ten years.
    • The business wants to capitalize on the IoT and move the needle forward for proactive customer service and operational efficiency.
    • Moreover, IT wants to maintain its reputation as forward-thinking, and the business wants to be innovative.

    Our Advice

    Critical Insight

    • Leverage Info-Tech’s comprehensive three-phase approach to IoT projects: understand the fundamentals of IoT capabilities, assess where the IoT will drive value within the organization, and present findings to stakeholders.
    • Conduct a foundational IoT discussion with stakeholders to level set expectations about the technology’s capabilities.
    • Determine your organization’s approach to the IoT in terms of both hardware and software.
    • Determine which use case your organization fits into: three of the use cases highlighted in this report include predictive customer service, smart offices, and supply chain applications.

    Impact and Result

    • Our methodology addresses the possible issues by using a case-study approach to demonstrate the “Art of the Possible” for the IoT.
    • With an understanding of the IoT, it is possible to find applicable use cases for this emerging technology and get a leg up on competitors.

    Understand and Apply Internet-of-Things Use Cases to Drive Organizational Success Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why your organization should care about the IoT’s potential to transform the service and the workplace, and how Info-Tech will support you as you identify and build your IoT use cases.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Understand core IoT use cases

    Analyze the scope of the IoT and the three most prominent enterprise use cases.

    • Understand and Apply Internet-of-Things Use Cases to Drive Organizational Success – Phase 1: Understand Core IoT Use Cases

    2. Build the business case for IoT applications

    Develop and prioritize use cases for the IoT using Info-Tech’s IoT Initiative Framework.

    • Understand and Apply Internet-of-Things Use Cases to Drive Organizational Success – Phase 2: Build the Business Case for IoT Initiatives

    3. Present IoT initiatives to stakeholders

    Present the IoT initiative to stakeholders and understand the way forward for the IoT initiative.

    • Understand and Apply Internet-of-Things Use Cases to Drive Organizational Success – Phase 3: Present IoT Initiatives to Stakeholders
    • Internet of Things Stakeholder Presentation Template
    [infographic]

    Manage Your Chromebooks and MacBooks

    • Buy Link or Shortcode: {j2store}167|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: End-User Computing Devices
    • Parent Category Link: /end-user-computing-devices

    Windows is no longer the only option. MacBooks and Chromebooks are justified, but now you have to manage them.

    • If you have modernized your end-user computing strategy, you may have Windows 10 devices as well as MacBooks.
    • Virtual desktop infrastructure (VDI) and desktop as a service (DaaS) are becoming popular. Chromebooks may be ideal as a low-cost interface into DaaS for your employees.
    • Managing Chromebooks can be particularly challenging as they grow in popularity in the education sector.

    Our Advice

    Critical Insight

    Managing end-user devices may be accomplished with a variety of solutions, but many of those solutions advocate integration with a Microsoft-friendly solution to take advantage of features such as conditional access, security functionality, and data governance.

    Impact and Result

    • Many solutions are available to manage end-user devices, and they come with a long list of options and features. Clarify your needs and define your requirements before you purchase another endpoint management tool. Don’t purchase capabilities that you may never use.
    • Use the associated Endpoint Management Selection Tool spreadsheet to identify your desired endpoint solution features and compare vendor solution functionality based on your desired features.

    Manage Your Chromebooks and MacBooks Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Manage Your Chromebooks and MacBooks deck – MacBooks and Chromebooks are growing in popularity in enterprise and education environments, and now you have to manage them.

    Explore options, guidance and some best practices related to the management of Chromebooks and MacBooks in the enterprise environment and educational institutions. Our guidance will help you understand features and options available in a variety of solutions. We also provide guidance on selecting the best endpoint management solution for your own environment.

    • Manage Your Chromebooks and MacBooks Storyboard

    2. Endpoint Management Selection Tool – Select the best endpoint management tool for your environment. Build a table to compare endpoint management offerings in relation to the features and options desired by your organization.

    This tool will help you determine the features and options you want or need in an endpoint management solution.

    • Endpoint Management Selection Tool
    [infographic]

    Further reading

    Manage Your Chromebooks and MacBooks

    Financial constraints, strategy, and your user base dictate the need for Chromebooks and MacBooks – now you have to manage them in your environment.

    Analyst Perspective

    Managing MacBooks and Chromebooks is similar to managing Windows devices in many ways and different in others. The tools have many common features, yet they struggle to achieve the same goals.

    Until recently, Windows devices dominated the workplace globally. Computing devices were also rare in many industries such as education. Administrators and administrative staff may have used Windows-based devices, but Chromebooks were not yet in use. Most universities and colleges were Windows-based in offices with some flavor of Unix in other areas, and Apple devices were gaining some popularity in certain circles.

    That is a stark contrast compared to today, where Chromebooks dominate the classrooms and MacBooks and Chromebooks are making significant inroads into the enterprise environment. MacBooks are also a common sight on many university campuses. There is no doubt that while Windows may still be the dominant player, it is far from the only one in town.

    Now that Chromebooks and MacBooks are a notable, if not significant, part of the education and enterprise environments, they must be afforded the same considerations as Windows devices in those environments when it comes to management. The good news is that there is no lack of available solutions for managing these devices, and the endpoint management landscape is continually evolving and improving.

    This is a picture of P.J. Ryan, Research Director, Infrastructure & Operations, Info-Tech Research Group

    P.J. Ryan
    Research Director, Infrastructure & Operations
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • You modernized your end-user computing strategy and now have Windows 10 devices as well as MacBooks.
    • Virtual desktop infrastructure (VDI) and desktop as a service (DaaS) are becoming popular. Chromebooks would be ideal as a low-cost interface into DaaS for your employees.
    • You are responsible for the management of all the new Chromebooks in your educational district.
    • Windows is no longer the only option. MacBooks and Chromebooks are justified, but now you have to manage them.

    Common Obstacles

    • Endpoint management solutions typically do a great job at managing one category of devices, like Windows or MacBooks, but they struggle to fully manage alternative endpoints.
    • Multiple solutions to manage multiple devices will result in multiple dashboards. A single view would be better.
    • One solution may not fit all, but multiple solutions is not desirable either, especially if you have Windows devices, MacBooks, and Chromebooks.

    Info-Tech's Approach

    • Use the tools at your disposal first – don't needlessly spend money if you don't have to. Many solutions can already manage other types of devices to some degree.
    • Use the integration capabilities of endpoint management tools. Many of them can integrate with each other to give you a single interface to manage multiple types of devices while taking advantage of additional functionality.
    • Don't purchase capabilities you will never use. Using 80% of a less expensive tool is economically smarter than using 10% of a more expensive tool.

    Info-Tech Insight

    Managing end-user devices may be accomplished with a variety of solutions, but many of those solutions advocate integration with a Microsoft-friendly solution to take advantage of features such as conditional access, security functionality, and data governance.

    Insight Summary

    Insight 1

    Google Admin Console is necessary to manage Chromebooks, but it can be paired with other tools. Implementation partnerships provide solutions to track the device lifecycle, track the repair lifecycle, sync with Google Admin Console as well as PowerSchool to provide a more complete picture of the user and device, and facilitate reminders to return the device, pay fees if necessary, pick up a device when a repair is complete, and more.

    Insight 2

    The Google Admin Console allows admins to follow an organizational unit (OU) structure very similar to what they may have used in Microsoft's Active Directory environment. This familiarity makes the task of administering Chromebooks easier for admins.

    Insight 3

    Chromebook management goes beyond securing and manipulating the device. Controls to protect the students while online, such as Safe Search and Safe Browsing, should also be implemented.

    Insight 4

    Most companies choose to use a dedicated MacBook management tool. Many unified endpoint management (UEM) tools can manage MacBooks to some extent, but admins tend to agree that a MacBook-focused endpoint management tool is best for MacBooks while a Windows-based endpoint management tool is best for Windows devices.

    Insight 5

    Some MacBook management solutions advocate integration with Windows UEM solutions to take advantage of Microsoft features such as conditional access, security functionality, and data governance. This approach can also be applied to Chromebooks.

    Chromebooks

    Chromebooks had a respectable share of the education market before 2020, but the COVID-19 pandemic turbocharged the penetration of Chromebooks in the education industry.

    Chromebooks are also catching the attention of some decision makers in the enterprise environment.

    "In 2018, Chromebooks represented an incredible 60 percent of all laptop or tablet devices in K-12 -- up from zero percent when the first Chromebook launched during the summer break in 2011."
    – "Will Chromebooks Rule the Enterprise?" Computerworld

    "Chromebooks were the best performing PC products in Q3 2020, with shipment volume increasing to a record-high 9.4 million units, up a whopping 122% year-on-year."
    – Android Police

    "Until the pandemic, Chrome OS' success was largely limited to U.S. schools. Demand in 2020 appears to have expanded beyond that small but critical part of the U.S. PC market."
    – Geekwire

    "In addition to running a huge number of Chrome Extensions and Apps at once, Chromebooks also run Android, Linux and Windows apps."
    – "Will Chromebooks Rule the Enterprise?" Computerworld

    Managing Chromebooks

    Start with the Google Admin Console (GAC)

    GAC is necessary to initially manage Chrome OS devices.

    GAC gives you a centralized console that will allow you to:

    • Create organizational units
    • Add your Chromebook devices
    • Add users
    • Assign users to devices
    • Create groups
    • Create and assign policies
    • Plus more

    GAC can facilitate device management with features such as:

    • Control admin permissions
    • Encryption and update settings
    • App deployment, screen timeout settings
    • Perform a device wipe if required
    • Audit user activity on a device
    • Plus more

    Device and user addition, group and organizational unit creation and administration, applying policies to devices and users – does all this remind you of your Active Directory environment?

    GAC lets you administer users and devices with a similar approach.

    Managing Chromebooks

    Use Active Directory to manage Chromebooks.

    • Enable Active Directory (AD) management from within GAC and you will be able to integrate your Chromebook devices with your AD environment.
    • Devices will be visible in both the GAC and AD environment.
    • Use Windows Group Policy to manage devices and to push policies to users and devices.
    • Users can use their AD username and password to sign into Chromebook devices.
    • GAC can still be used for devices that are not synced with AD.

    Chromebooks can also be managed through these approved partners:

    • Cisco Meraki
    • Citrix XenMobile
    • IBM MaaS360
    • ManageEngine Mobile Device Manager Plus
    • VMware Workspace ONE

    Source: Google

    You must be running the Chrome Enterprise Upgrade and have any licenses required by the approved partner to take advantage of this management option. The partner admin policies supersede GAC.

    If you stop using the approved partner admin console to manage your devices, the polices and settings in GAC will immediately take over the devices.

    Microsoft still has the market share when it comes to device sales, and many administrators are already familiar with Microsoft's Active Directory. Google took advantage of that familiarity when it designed the Google Admin Console structure for users, groups, and organizational units.

    Chromebook Deployment

    Chromebook deployment becomes a challenge when device quantities grow. The enrollment process can be time consuming, and every device must be enrolled before it can be used by an employee or a student. Many admins enlist their full IT teams to assist in the short term. Some vendor partners may assist with distribution options if staffing levels permit. Recent developments from Google have opened additional options for device enrollment beyond the manual enrollment approach.

    Enrolling Chromebooks comes down to one of two approaches:

    1. Manually enrolling one device at a time
      • Users can assist by entering some identifying details during the enrollment if permitted.
      • Some third-party solutions exist, such as USB drives to reduce repetitive keystrokes or hubs to facilitate manually enrolling multiple Chromebooks simultaneously.
    2. Google's Chrome Enterprise Upgrade or the Chrome Education Upgrade
      • This allows you to let your users enroll devices after they accept the end-user license agreement.
      • You can take advantage of Google's vendor partner program and use a zero-touch deployment method where the Chromebook devices automatically receive the assigned policies, apps, and settings as soon as the device is powered on and an authorized user signs in.
      • The Enterprise Upgrade and the Education Upgrade do come with an annual cost per device, which is currently less than US$50.
      • The Enterprise and Education Upgrades come with other features as well, such as enhanced security.

    Chromebooks are automatically assigned to the top-level organizational unit (OU) when enrolled. Devices can be manually moved to another OU, but admins can also create enrollment policies to place newly enrolled devices in a specific OU or have the device locate itself in the same OU as the user.

    Chromebooks in Education

    GAC is also used with Education-licensed devices

    Most of the settings and features previously mentioned are also available for Education-licensed devices and users. Enterprise-specific features will not be available to Education licenses. (Active Directory integration with Education licenses, for example, is accomplished using a different approach)

    • Groups, policies, administrative controls, app deployment and management, adding devices and users, creating organizational units, and more features are all available to Education Admins to use.

    Education device policies and settings tend to focus more on protecting the students with controls such as:

    • Disable incognito mode
    • Disable location tracking
    • Disable external storage devices
    • Browser based protections such as Safe Search or Safe Browsing
    • URL blocking
    • Video input disable for websites
    • App installation prevention, auto re-install, and app blocking
    • Forced re-enrollment to your domain after a device is wiped
    • Disable Guest Mode
    • Restrict who can sign in
    • Audit user activity on a device

    When a student takes home a Chromebook assigned to them, that Chromebook may be the only computer in the household. Administrative polices and settings must take into account the fact that the device may have multiple users accessing many different sites and applications when the device is outside of the school environment.

    Chromebook Management Extended

    An online search for Chromebook management solutions will reveal several software solutions that augment the capabilities of the Google Admin Console. Many of these solutions are focused on the education sector and classroom and student options, although the features would be beneficial to enterprises and educational organizations alike.

    These solutions assist or augment Chromebook management with features such as:

    • Ability to sync with Google Admin Console
    • Ability to sync with student information systems, such as PowerSchool
    • Financial management, purchase details, and chargeback
    • Asset lifecycle management
    • 1:1 Chromebook distribution management
    • Repair programs and repair process management
    • Check-out/loan program management
    • Device distribution/allocation management, including barcode reader integration
    • Simple learning material distribution to the classroom for teachers
    • Facilitate GAC bulk operations
    • Manage inventory of non-IT assets such as projectors, TVs, and other educational assets
    • Plus more

    "There are many components to managing Chromebooks. Schools need to know which student has which device, which school has which device, and costs relating to repairs. Chromebook Management Software … facilitates these processes."
    – VIZOR

    MacBooks

    • MacBooks are gaining popularity in the Enterprise world.
    • Some admins claim MacBooks are less expensive in the long run over Windows-based PCs.
    • Users claim less issues when using a MacBook, and overall, companies report increased retention rates when users are using MacBooks.

    "Macs now make up 23% of endpoints in enterprises."
    – ComputerWeekly.com

    "When given the choice, no less than 72% of employees choose Macs over PCs."
    – "5 Reasons Mac is a must," Jamf

    "IBM says it is 3X more expensive to manage PCs than Macs."
    – Computerworld

    "74% of those who previously used a PC for work experienced fewer issues now that they use a Mac"
    – "Global Survey: Mac in the Enterprise," Jamf

    "When enterprise moves to Mac, staff retention rates improve by 20%. That's quite a boost! "
    – "5 Reasons Mac is a must," Jamf

    Managing MacBooks

    Can your existing UEM keep up?

    Many Windows unified endpoint management (UEM) tools can manage MacBooks, but most companies choose to use a dedicated MacBook management tool.

    • UEM tools that are primarily Windows focused do not typically go deep enough into the management capabilities of non-Windows devices.
    • Admins have noted limitations when it comes to using Windows UEM tools, and reasons they prefer a dedicated MacBook management solution include:
      • Easier to use
      • Faster response times when deploying settings and policies
      • Better control over notification settings and lock screen settings.
      • Easier Apple Business Manager (ABM) integration and provisioning.
    • Note that not every UEM will have the same limitations or advantages. Functionality is different between vendor products.

    Info-Tech Insight

    Most Windows UEM tools are constantly improving, and it is only a matter of time before they rival many of the dedicated MacBook management tools out there.

    Admins tend to agree that a Windows UEM is best for Windows while an Apple-based UEM is best for Apple devices.

    Managing MacBooks

    The market for "MacBook-first" management solutions includes a variety of players of varying ages such as:

    • Jamf
    • Kandji
    • Mosyle
    • SimpleMDM
    • Others

    MacBook-focused management tools can provide features such as:

    • Encryption and update settings
    • App deployment and lifecycle management
    • Remote device wipe, scan, shutdown, restart, and lock
    • Zero touch deployment and support
    • Location tracking
    • Browser content filtering
    • Enable, hide/block, or disable built-in features
    • Configure Wi-Fi, VPN, and certificate-based settings
    • Centralized dashboard with device and app listings as well as individual details
    • Data restrictions
    • Plus more

    Unified endpoint management (UEM) solutions that can provide MacBook management to some degree include (but are not limited to):

    • Intune
    • Ivanti
    • Endpoint Central
    • WorkspaceOne

    Dedicated solutions advocate integration with UEM solutions to take advantage of conditional access, security functionality, and data governance features.

    Jamf and Microsoft entered into a collaboration several years ago with the intention of making the MacBook management process easier and more secure.

    Microsoft Intune and Jamf Pro: Better together to manage and secure Macs
    Microsoft Conditional Access with Jamf Pro ensures that company data is only accessed by trusted users, on trusted devices, using trusted apps. Jamf extends this Enterprise Mobile + Security (EMS) functionality to Mac, iPhone and iPad.
    – "Microsoft Intune and Jamf Pro," Jamf

    Endpoint Management Selection Tool
    Activity

    There are many solutions available to manage end-user devices, and they come with a long list of options and features. Clarify your needs and define your requirements before you purchase another endpoint management tool. Don't purchase capabilities that you may never use.

    Use the Endpoint Management Selection Tool to identify your desired endpoint solution features and compare vendor solution functionality based on your desired features.

    1. List out the desired features you want in an endpoint solution for your devices and record those features in the first column. Use the features provided, or add your own and edit or delete the existing ones if necessary.
    2. List your selected endpoint management solution vendors in each of the columns in place of "Vendor 1," "Vendor 2," etc.
    3. Fill out the spreadsheet by changing the corresponding desired feature cell under each vendor to a "yes" or "no" based on your findings while investigating each vendor solution.
    4. When you have finished your investigation, review your spreadsheet to compare the various offerings and pros and cons of each vendor.
    5. Select your endpoint management solution.

    Endpoint Management Selection Tool

    In the first column, list out the desired features you want in an endpoint solution for your devices. Use the features provided if desired, or add your own and edit or delete the existing ones if necessary. As you look into various endpoint management solution vendors, list them in the columns in place of "Vendor 1," "Vendor 2," etc. Use the "Desired Feature" list as a checklist and change the values to "yes" or "no" in the corresponding box under the vendors' names. When complete, you will be able to look at all the features and compare vendors in a single table.

    Desired Feature Vendor 1 Vendor 2 Vendor 3
    Organizational unit creation Yes No Yes
    Group creation Yes Yes Yes
    Ability to assign users to devices No Yes Yes
    Control of administrative permissions Yes Yes Yes
    Conditional access No Yes Yes
    Security policies enforced Yes No Yes
    Asset management No Yes No
    Single sign-on Yes Yes Yes
    Auto-deployment No Yes No
    Repair lifecycle tracking No Yes No
    Application deployment Yes Yes No
    Device tracking Yes Yes Yes
    Ability to enable encryption Yes No Yes
    Device wipe Yes No Yes
    Ability to enable/disable device tracking No No Yes
    User activity audit No No No

    Related Info-Tech Research

    this is a screenshot from Info-Tech's Modernize and Transform Your End-User Computing Strategy.

    Modernize and Transform Your End-User Computing Strategy
    This project helps support the workforce of the future by answering the following questions: What types of computing devices, provisioning models, and operating systems should be offered to end users? How will IT support devices? What are the policies and governance surrounding how devices are used? What actions are we taking and when? How do end-user devices support larger corporate priorities and strategies?

    Best Unified Endpoint Management (UEM) Software 2022 | SoftwareReviews
    Compare and evaluate unified endpoint management vendors using the most in-depth and unbiased buyer reports available. Download free comprehensive 40+ page reports to select the best unified endpoint management software for your organization.

    Best Enterprise Mobile Management (EMM) Software 2022 | (softwarereviews.com)
    Compare and evaluate enterprise mobile management vendors using the most in-depth and unbiased buyer reports available. Download free comprehensive 40+ page reports to select the best enterprise mobile management software for your organization.

    Bibliography

    Bridge, Tom. "Macs in the enterprise – what you need to know". Computerweekly.com, TechTarget. 27 May 2022. Accessed 12 Aug. 2022.
    Copley-Woods, Haddayr. "5 reasons Mac is a must in the enterprise". Jamf.com, Jamf. 28 June 2022. Accessed 16 Aug. 2022.
    Duke, Kent. "Chromebook sales skyrocketed in Q3 2020 with online education fueling demand." androidpolice.com, Android Police. 16 Nov 2020. Accessed 10 Aug. 2022.
    Elgin, Mike. "Will Chromebooks Rule the Enterprise? (5 Reasons They May)". Computerworld.com, Computerworld. 30 Aug 2019. Accessed 10 Aug. 2022.
    Evans, Jonny. "IBM says it is 3X more expensive to manage PCs than Macs". Computerworld.com, Computerworld. 19 Oct 2016. Accessed 23 Aug. 2022.
    "Global Survey: Mac in the Enterprise". Jamf.com, Jamf. Accessed 16 Aug. 2022.
    "How to Manage Chromebooks Like a Pro." Vizor.cloud, VIZOR. Accessed 10 Aug. 2022.
    "Manage Chrome OS Devices with EMM Console". support.google.com, Google. Accessed 16 Aug. 2022.
    Protalinski, Emil. "Chromebooks outsold Macs worldwide in 2020, cutting into Windows market share". Geekwire.com, Geekwire. 16 Feb 2021. Accessed 22 Aug. 2022.
    Smith, Sean. "Microsoft Intune and Jamf Pro: Better together to manage and secure Macs". Jamf.com, Jamf. 20 April 2022. Accessed 16 Aug. 2022.

    Build a Strong Technology Foundation for Customer Experience Management

    • Buy Link or Shortcode: {j2store}526|cart{/j2store}
    • member rating overall impact (scale of 10): 8.6/10 Overall Impact
    • member rating average dollars saved: $340,152 Average $ Saved
    • member rating average days saved: 26 Average Days Saved
    • Parent Category Name: Customer Relationship Management
    • Parent Category Link: /customer-relationship-management
    • Technology is a fundamental enabler of an organization’s customer experience management (CXM) strategy. However, many IT departments fail to take a systematic approach when building a portfolio of applications for supporting marketing, sales, and customer service functions.
    • The result is a costly, ineffective, and piecemeal approach to CXM application deployment (including high-profile applications like CRM).

    Our Advice

    Critical Insight

    • IT must work in lockstep with their counterparts in marketing, sales, and customer service to define a unified vision and strategic requirements for enabling a strong CXM program.
    • To deploy applications that specifically align with the needs of the organization’s customers, IT leaders must work with the business to define and understand customer personas and common interaction scenarios. CXM applications are mission critical and failing to link them to customer needs can have a detrimental effect on customer satisfaction and ultimately, revenue.
    • IT must act as a valued partner to the business in creating a portfolio of CXM applications that are cost effective.
    • Organizations should create a repeatable framework for CXM application deployment that addresses critical issues, including the integration ecosystem, customer data quality, dashboards and analytics, and end-user adoption.

    Impact and Result

    • Establish strong application alignment to strategic requirements for CXM that is based on concrete customer personas.
    • Improve underlying business metrics across marketing, sales, and service, including customer acquisition, retention, and satisfaction metrics.
    • Better align IT with customer experience needs.

    Build a Strong Technology Foundation for Customer Experience Management Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build a strong technology foundation for CXM, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Drive value with CXM

    Understand the benefits of a robust CXM strategy.

    • Build a Strong Technology Foundation for Customer Experience Management – Phase 1: Drive Value with CXM
    • CXM Strategy Stakeholder Presentation Template
    • CXM Strategy Project Charter Template

    2. Create the framework

    Identify drivers and objectives for CXM using a persona-driven approach and deploy the right applications to meet those objectives.

    • Build a Strong Technology Foundation for Customer Experience Management – Phase 2: Create the Framework
    • CXM Business Process Shortlisting Tool
    • CXM Portfolio Designer

    3. Finalize the framework

    Complete the initiatives roadmap for CXM.

    • Build a Strong Technology Foundation for Customer Experience Management – Phase 3: Finalize the Framework
    [infographic]

    Workshop: Build a Strong Technology Foundation for Customer Experience Management

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Create the Vision for CXM Technology Enablement

    The Purpose

    Establish a consistent vision across IT, marketing, sales, and customer service for CXM technology enablement.

    Key Benefits Achieved

    A clear understanding of key business and technology drivers for CXM.

    Activities

    1.1 CXM fireside chat

    1.2 CXM business drivers

    1.3 CXM vision statement

    1.4 Project structure

    Outputs

    CXM vision statement

    CXM project charter

    2 Conduct the Environmental Scan and Internal Review

    The Purpose

    Create a set of strategic requirements for CXM based on a thorough external market scan and internal capabilities assessment.

    Key Benefits Achieved

    Well-defined technology requirements based on rigorous, multi-faceted analysis.

    Activities

    2.1 PEST analysis

    2.2 Competitive analysis

    2.3 Market and trend analysis

    2.4 SWOT analysis

    2.5 VRIO analysis

    2.6 Channel map

    Outputs

    Completed external analysis

    Strategic requirements (from external analysis)

    Completed internal review

    Channel interaction map

    3 Build Customer Personas and Scenarios

    The Purpose

    Augment strategic requirements through customer persona and scenario development.

    Key Benefits Achieved

    Functional requirements aligned to supporting steps in customer interaction scenarios.

    Activities

    3.1 Persona development

    3.2 Scenario development

    3.3 Requirements definition for CXM

    Outputs

    Personas and scenarios

    Strategic requirements (based on personas)

    4 Create the CXM Application Portfolio

    The Purpose

    Using the requirements identified in the preceding modules, build a future-state application inventory for CXM.

    Key Benefits Achieved

    A cohesive, rationalized portfolio of customer interaction applications that aligns with identified requirements and allows investment (or rationalization) decisions to be made.

    Activities

    4.1 Build business process maps

    4.2 Review application satisfaction

    4.3 Create the CXM application portfolio

    4.4 Prioritize applications

    Outputs

    Business process maps

    Application satisfaction diagnostic

    Prioritized CXM application portfolio

    5 Review Best Practices and Confirm Initiatives

    The Purpose

    Establish repeatable best practices for CXM applications in areas such as data management and end-user adoption.

    Key Benefits Achieved

    Best practices for rollout of new CXM applications.

    A prioritized initiatives roadmap.

    Activities

    5.1 Create data integration map

    5.2 Define adoption best practices

    5.3 Build initiatives roadmap

    5.4 Confirm initiatives roadmap

    Outputs

    Integration map for CXM

    End-user adoption plan

    Initiatives roadmap

    Further reading

    Build a Strong Technology Foundation for Customer Experience Management

    Design an end-to-end technology strategy to enhance marketing effectiveness, drive sales, and create compelling customer service experiences.

    ANALYST PERSPECTIVE

    Technology is the catalyst to create – and keep! – your customers.

    "Customers want to interact with your organization on their own terms, and in the channels of their choice (including social media, mobile applications, and connected devices). Regardless of your industry, your customers expect a frictionless experience across the customer lifecycle. They desire personalized and well-targeted marketing messages, straightforward transactions, and effortless service. Research shows that customers value – and will pay more for! – well-designed experiences.

    Strong technology enablement is critical for creating customer experiences that drive revenue. However, most organizations struggle with creating a cohesive technology strategy for customer experience management (CXM). IT leaders need to take a proactive approach to developing a strong portfolio of customer interaction applications that are in lockstep with the needs of their marketing, sales, and customer service teams. It is critical to incorporate the voice of the customer into this strategy.

    When developing a technology strategy for CXM, don’t just “pave the cow path,” but instead move the needle forward by providing capabilities for customer intelligence, omnichannel interactions, and predictive analytics. This blueprint will help you build an integrated CXM technology roadmap that drives top-line revenue while rationalizing application spend."

    Ben Dickie

    Research Director, Customer Experience Strategy

    Info-Tech Research Group

    Framing the CXM project

    This Research Is Designed For:

    • IT leaders who are responsible for crafting a technology strategy for customer experience management (CXM).
    • Applications managers who are involved with the selection and implementation of critical customer-centric applications, such as CRM platforms, marketing automation tools, customer intelligence suites, and customer service solutions.

    This Research Will Help You:

    • Clearly link your technology-enablement strategy for CXM to strategic business requirements and customer personas.
    • Build a rationalized portfolio of enterprise applications that will support customer interaction objectives.
    • Adopt standard operating procedures for CXM application deployment that address issues such as end-user adoption and data quality.

    This Research Will Also Assist:

    • Business leaders in marketing, sales, and customer service who want to deepen their understanding of CXM technologies, and apply best practices for using these technologies to drive competitive advantage.
    • Marketing, sales, and customer service managers involved with defining requirements and rolling out CXM applications.

    This Research Will Help Them:

    • Work hand-in-hand with counterparts in IT to deploy high-value business applications that will improve core customer-facing metrics.
    • Understand the changing CXM landscape and use the art of the possible to transform the internal technology ecosystem and drive meaningful customer experiences.

    Executive summary

    Situation

    • Customer expectations for personalization, channel preferences, and speed-to-resolution are at an all-time high.
    • Your customers are willing to pay more for high-value experiences, and having a strong customer CXM strategy is a proven path to creating sustainable value for the organization.

    Complication

    • Technology is a fundamental enabler of an organization’s CXM strategy. However, many IT departments fail to take a systematic approach to building a portfolio of applications to support Marketing, Sales, and Customer Service.
    • The result is a costly, ineffective, and piecemeal approach to CXM application deployment (including high profile applications like CRM).

    Resolution

    • IT must work in lockstep with their counterparts in marketing, sales, and customer service to define a unified vision, strategic requirements and roadmap for enabling strong customer experience capabilities.
    • In order to deploy applications that don’t simply follow previously established patterns but are aligned with the specific needs of the organization’s customers, IT leaders must work with the business to define and understand customer personas and common interaction scenarios. CXM applications are mission critical and failing to link them to customer needs can have a detrimental effect on customer satisfaction – and ultimately revenue.
    • IT must act as a valued partner to the business in creating a portfolio of CXM applications that are cost effective.
    • Organizations should create a repeatable framework for CXM application deployment that addresses critical issues, including the integration ecosystem, customer data quality, dashboards and analytics, and end-user adoption.

    Info-Tech Insight

    1. IT can’t hide behind the firewall. IT must understand the organization’s customers to properly support marketing, sales, and service efforts.
    2. IT – or Marketing – must not build the CXM strategy in a vacuum if they want to achieve a holistic, consistent, and seamless customer experience.
    3. IT must get ahead of shadow IT. To be seen as an innovator within the business, IT must be a leading enabler in building a rationalized and integrated CXM application portfolio.

    Guide to frequently used acronyms

    CXM - Customer Experience Management

    CX - Customer Experience

    CRM - Customer Relationship Management

    CSM - Customer Service Management

    MMS - Marketing Management System

    SMMP - Social Media Management Platform

    RFP - Request for Proposal

    SaaS - Software as a Service

    Customers’ expectations are on the rise: meet them!

    Today’s consumers expect speed, convenience, and tailored experiences at every stage of the customer lifecycle. Successful organizations strive to support these expectations.

    67% of end consumers will pay more for a world-class customer experience. 74% of business buyers will pay more for strong B2B experiences. (Salesforce, 2018)

    5 CORE CUSTOMER EXPECTATIONS

    1. More personalization
    2. More product options
    3. Constant contact
    4. Listen closely, respond quickly
    5. Give front-liners more control

    (Customer Experience Insight, 2016)

    Customers expect to interact with organizations through the channels of their choice. Now more than ever, you must enable your organization to provide tailored customer experiences.

    Realize measurable value by enabling CXM

    Providing a seamless customer experience increases the likelihood of cross-sell and up-sell opportunities and boosts customer loyalty and retention. IT can contribute to driving revenue and decreasing costs by providing the business with the right set of tools, applications, and technical support.

    Contribute to the bottom line

    Cross-sell, up-sell, and drive customer acquisition.

    67% of consumers are willing to pay more for an upgraded experience. (Salesforce, 2018)

    80%: The margin by which CX leaders outperformer laggards in the S&P 500.(Qualtrics, 2017)

    59% of customers say tailored engagement based on past interactions is very important to winning their business. (Salesforce, 2018)

    Enable cost savings

    Focus on customer retention as well as acquisition.

    It is 6-7x more costly to attract a new customer than it is to retain an existing customer. (Salesforce Blog, 2019)

    A 5% increase in customer retention has been found to increase profits by 25% to 95%. (Bain & Company, n.d.)

    Strategic CXM is gaining traction with your competition

    Organizations are prioritizing CXM capabilities (and associated technologies) as a strategic investment. Keep pace with the competition and gain a competitive advantage by creating a cohesive strategy that uses best practices to integrate marketing, sales, and customer support functions.

    87% of customers share great experiences they’ve had with a company. (Zendesk, n.d.)

    61% of organizations are investing in CXM. (CX Network, 2015)

    53% of organizations believe CXM provides a competitive advantage. (Harvard Business Review, 2014)

    Top Investment Priorities for Customer Experience

    1. Voice of the Customer
    2. Customer Insight Generation
    3. Customer Experience Governance
    4. Customer Journey Mapping
    5. Online Customer Experience
    6. Experience Personalization
    7. Emotional Engagement
    8. Multi-Channel Integration/Omnichannel
    9. Quality & Customer Satisfaction Management
    10. Customer/Channel Loyalty & Rewards Programs

    (CX Network 2015)

    Omnichannel is the way of the future: don’t be left behind

    Get ahead of the competition by doing omnichannel right. Devise a CXM strategy that allows you to create and maintain a consistent, seamless customer experience by optimizing operations within an omnichannel framework. Customers want to interact with you on their own terms, and it falls to IT to ensure that applications are in place to support and manage a wide range of interaction channels.

    Omnichannel is a “multi-channel approach to sales that seeks to provide the customer with a seamless transactional experience whether the customer is shopping online from a desktop or mobile device, by telephone, or in a bricks and mortar store.” (TechTarget, 2014)

    97% of companies say that they are investing in omnichannel. (Huffington Post, 2015)

    23% of companies are doing omnichannel well.

    CXM applications drive effective multi-channel customer interactions across marketing, sales, and customer service

    The success of your CXM strategy depends on the effective interaction of various marketing, sales, and customer support functions. To deliver on customer experience, organizations need to take a customer-centric approach to operations.

    From an application perspective, a CRM platform generally serves as the unifying repository of customer information, supported by adjacent solutions as warranted by your CXM objectives.

    CXM ECOSYSTEM

    Customer Relationship Management Platform

    • Web Experience Management Platform
    • E-Commerce & Point of Sale Solutions
    • Social Media Management Platform
    • Customer Intelligence Platform
    • Customer Service Management Tools
    • Marketing Management Suite

    Application spotlight: Customer experience platforms

    Description

    CXM solutions are a broad range of tools that provide comprehensive feature sets for supporting customer interaction processes. These suites supplant more basic applications for customer interaction management. Popular solutions that fall under the umbrella of CXM include CRM suites, marketing automation tools, and customer service applications.

    Features and Capabilities

    • Manage sales pipelines, provide quotes, and track client deliverables.
    • View all opportunities organized by their current stage in the sales process.
    • View all interactions that have occurred between employees and the customer, including purchase order history.
    • Manage outbound marketing campaigns via multiple channels (email, phone, social, mobile).
    • Build visual workflows with automated trigger points and business rules engine.
    • Generate in-depth customer insights, audience segmentation, predictive analytics, and contextual analytics.
    • Provide case management, ticketing, and escalation capabilities for customer service.

    Highlighted Vendors

    Microsoft Dynamics

    Adobe

    Marketo

    sprinklr

    Salesforce

    SugarCRM

    Application spotlight: Customer experience platforms

    Key Trends

    • CXM applications have decreased their focus on departmental silos to make it easier to share information across the organization as departments demand more data.
    • Vendors are developing deeper support of newer channels for customer interaction. This includes providing support for social media channels, native mobile applications, and SMS or text-based services like WhatsApp and Facebook Messenger.
    • Predictive campaigns and channel blending are becoming more feasible as vendors integrate machine learning and artificial intelligence into their applications.
    • Content blocks are being placed on top of scripting languages to allow for user-friendly interfaces. There is a focus on alleviating bottlenecks where content would have previously needed to go through a specialist.
    • Many vendors of CXM applications are placing increased emphasis on strong application integration both within and beyond their portfolios, with systems like ERP and order fulfillment.

    Link to Digital Strategy

    • For many organizations that are building out a digital strategy, improving customer experience is often a driving factor: CXM apps enable this goal.
    • As part of a digital strategy, create a comprehensive CXM application portfolio by leveraging both core CRM suites and point solutions.
    • Ensure that a point solution aligns with the digital strategy’s technology drivers and user personas.

    CXM KPIs

    Strong CXM applications can improve:

    • Lead Intake Volume
    • Lead Conversion Rate
    • Average Time to Resolution
    • First-Contact Resolution Rate
    • Customer Satisfaction Rate
    • Share-of-Mind
    • Share-of-Wallet
    • Customer Lifetime Value
    • Aggregate Reach/Impressions

    IT is critical to the success of your CXM strategy

    Technology is the key enabler of building strong customer experiences: IT must stand shoulder-to-shoulder with the business to develop a technology framework for CXM.

    Top 5 Challenges with CXM for Marketing

    1. Maximizing customer experience ROI
    2. Achieving a single view of the customer
    3. Building new customer experiences
    4. Cultivating a customer-focused culture
    5. Measuring CX investments to business outcomes

    Top 5 Obstacles to Enabling CXM for IT

    1. Systems integration
    2. Multichannel complexity
    3. Organizational structure
    4. Data-related issues
    5. Lack of strategy

    (Harvard Business Review, 2014)

    Only 19% of organizations have a customer experience team tasked with bridging gaps between departments. (Genesys, 2018)

    IT and Marketing can only tackle CXM with the full support of each other. The cooperation of the departments is crucial when trying to improve CXM technology capabilities and customer interaction and drive a strong revenue mandate.

    CXM failure: Blockbuster

    CASE STUDY

    Industry Entertainment

    Source Forbes, 2014

    Blockbuster

    As the leader of the video retail industry, Blockbuster had thousands of retail locations internationally and millions of customers. Blockbuster’s massive marketing budget and efficient operations allowed it to dominate the competition for years.

    Situation

    Trends in Blockbuster’s consumer market changed in terms of distribution channels and customer experience. As the digital age emerged and developed, consumers were looking for immediacy and convenience. This threatened Blockbuster’s traditional, brick-and-mortar B2C operating model.

    The Competition

    Netflix entered the video retail market, making itself accessible through non-traditional channels (direct mail, and eventually, the internet).

    Results

    Despite long-term relationships with customers and competitive standing in the market, Blockbuster’s inability to understand and respond to changing technology trends and customer demands led to its demise. The organization did not effectively leverage internal or external networks or technology to adapt to customer demands. Blockbuster went bankrupt in 2010.

    Customer Relationship Management

    • Web Experience Management Platform
    • E-Commerce & Point of Sale Solutions
    • Social Media Management
    • Customer Intelligence
    • Customer Service
    • Marketing Management

    Blockbuster did not leverage emerging technologies to effectively respond to trends in its consumer network. It did not optimize organizational effectiveness around customer experience.

    CXM success: Netflix

    CASE STUDY

    Industry Entertainment

    Source Forbes, 2014

    Netflix

    Beginning as a mail-out service, Netflix offered subscribers a catalog of videos to select from and have mailed to them directly. Customers no longer had to go to a retail store to rent a video. However, the lack of immediacy of direct mail as the distribution channel resulted in slow adoption.

    The Situation

    In response to the increasing presence of tech-savvy consumers on the internet, Netflix invested in developing its online platform as its primary distribution channel. The benefit of doing so was two-fold: passive brand advertising (by being present on the internet) and meeting customer demands for immediacy and convenience. Netflix also recognized the rising demand for personalized service and created an unprecedented, tailored customer experience.

    The Competition

    Blockbuster was the industry leader in video retail but was lagging in its response to industry, consumer, and technology trends around customer experience.

    Results

    Netflix’s disruptive innovation is built on the foundation of great CXM. Netflix is now a $28 billion company, which is tenfold what Blockbuster was worth.

    Customer Relationship Management Platform

    • Web Experience Management Platform
    • E-Commerce & Point of Sale Solutions
    • Social Media Management Platform
    • Customer Intelligence Platform
    • Customer Service Management Tools
    • Marketing Management Suite

    Netflix used disruptive technologies to innovatively build a customer experience that put it ahead of the long-time, video rental industry leader, Blockbuster.

    Leverage Info-Tech’s approach to succeed with CXM

    Creating an end-to-end technology-enablement strategy for CXM requires a concerted, dedicated effort: Info-Tech can help with our proven approach.

    Build the CXM Project Charter

    Conduct a Thorough Environmental Scan

    Build Customer Personas and Scenarios

    Draft Strategic CXM Requirements

    Build the CXM Application Portfolio

    Implement Operational Best Practices

    Why Info-Tech’s Approach?

    Info-Tech draws on best-practice research and the experiences of our global member base to develop a methodology for CXM that is driven by rigorous customer-centric analysis.

    Our approach uses a unique combination of techniques to ensure that your team has done its due diligence in crafting a forward-thinking technology-enablement strategy for CXM that creates measurable value.

    A global professional services firm drives measurable value for CXM by using persona design and scenario development

    CASE STUDY

    Industry Professionals Services

    Source Info-Tech Workshop

    The Situation

    A global professional services firm in the B2B space was experiencing a fragmented approach to customer engagement, particularly in the pre-sales funnel. Legacy applications weren’t keeping pace with an increased demand for lead evaluation and routing technology. Web experience management was also an area of significant concern, with a lack of ongoing customer engagement through the existing web portal.

    The Approach

    Working with a team of Info-Tech facilitators, the company was able to develop several internal and external customer personas. These personas formed the basis of strategic requirements for a new CXM application stack, which involved dedicated platforms for core CRM, lead automation, web content management, and site analytics.

    Results

    Customer “stickiness” metrics increased, and Sales reported significantly higher turnaround times in lead evaluations, resulting in improved rep productivity and faster cycle times.

    Components of a persona
    Name Name personas to reflect a key attribute such as the persona’s primary role or motivation.
    Demographic Include basic descriptors of the persona (e.g. age, geographic location, preferred language, education, job, employer, household income, etc.)
    Wants, needs, pain points Identify surface-level motivations for buying habits.
    Psychographic/behavioral traits Observe persona traits that are representative of the customers’ behaviors (e.g. attitudes, buying patterns, etc.).

    Follow Info-Tech’s approach to build your CXM foundation

    Create the Project Vision

    • Identify business and IT drivers
    • Outputs:
      • CXM Strategy Guiding Principles

    Structure the Project

    • Identify goals and objectives for CXM project
    • Form Project Team
    • Establish timeline
    • Obtain project sponsorship
    • Outputs:
      • CXM Strategy Project Charter

    Scan the External Environment

    • Create CXM operating model
    • Conduct external analysis
    • Create customer personas
    • Outputs:
      • CXM Operating Model
    • Conduct PEST analysis
    • Create persona scenarios
    • Outputs:
      • CXM Strategic Requirements

    Assess the Current State of CXM

    • Conduct SWOT analysis
    • Assess application usage and satisfaction
    • Conduct VRIO analysis
    • Outputs:
      • CXM Strategic Requirements

    Create an Application Portfolio

    • Map current processes
    • Assign business process owners
    • Create channel map
    • Build CXM application portfolio
    • Outputs:
      • CXM Application Portfolio Map

    Develop Deployment Best Practices

    • Develop CXM integration map
    • Create mitigation plan for poor data quality
    • Outputs:
      • Data Quality Preservation Map

    Create an Initiative Rollout Plan

    • Create risk management plan
    • Identify work initiative dependencies
    • Create roadmap
    • Outputs:
      • CXM Initiative Roadmap

    Confirm and Finalize the CXM Blueprint

    • Identify success metrics
    • Create stakeholder communication plan
    • Present CXM strategy to stakeholders
    • Outputs:
      • Stakeholder Presentation

    Info-Tech offers various levels of support to suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Build a Strong Technology Foundation for CXM – project overview

    1. Drive Value With CXM 2. Create the Framework 3. Finalize the Framework
    Best-Practice Toolkit

    1.1 Create the Project Vision

    1.2 Structure the CXM Project

    2.1 Scan the External Environment

    2.2 Assess the Current State of CXM

    2.3 Create an Application Portfolio

    2.4 Develop Deployment Best Practices

    3.1 Create an Initiative Rollout Plan

    3.2 Confirm and Finalize the CXM Blueprint

    Guided Implementations
    • Determine project vision for CXM.
    • Review CXM project charter.
    • Review environmental scan.
    • Review application portfolio for CXM.
    • Confirm deployment best practices.
    • Review initiatives rollout plan.
    • Confirm CXM roadmap.
    Onsite Workshop Module 1: Drive Measurable Value with a World-Class CXM Program Module 2: Create the Strategic Framework for CXM Module 3: Finalize the CXM Framework

    Phase 1 Outcome:

    • Completed drivers
    • Completed project charter

    Phase 2 Outcome:

    • Completed personas and scenarios
    • CXM application portfolio

    Phase 3 Outcome:

    • Strategic summary blueprint

    Workshop overview

    Contact your account representative or email Workshops@InfoTech.com for more information.

    Workshop Day 1 Workshop Day 2 Workshop Day 3 Workshop Day 4 Workshop Day 5
    Activities

    Create the Vision for CXM Enablement

    1.1 CXM Fireside Chat

    1.2 CXM Business Drivers

    1.3 CXM Vision Statement

    1.4 Project Structure

    Conduct the Environmental Scan and Internal Review

    2.1 PEST Analysis

    2.2 Competitive Analysis

    2.3 Market and Trend Analysis

    2.4 SWOT Analysis

    2.5 VRIO Analysis

    2.6 Channel Mapping

    Build Personas and Scenarios

    3.1 Persona Development

    3.2 Scenario Development

    3.3 Requirements Definition for CXM

    Create the CXM Application Portfolio

    4.1 Build Business Process Maps

    4.2 Review Application Satisfaction

    4.3 Create the CXM Application Portfolio

    4.4 Prioritize Applications

    Review Best Practices and Confirm Initiatives

    5.1 Create Data Integration Map

    5.2 Define Adoption Best Practices

    5.3 Build Initiatives Roadmap

    5.4 Confirm Initiatives Roadmap

    Deliverables
    1. CXM Vision Statement
    2. CXM Project Charter
    1. Completed External Analysis
    2. Completed Internal Review
    3. Channel Interaction Map
    4. Strategic Requirements (from External Analysis)
    1. Personas and Scenarios
    2. Strategic Requirements (based on personas)
    1. Business Process Maps
    2. Application Satisfaction Diagnostic
    3. Prioritized CXM Application Portfolio
    1. Integration Map for CXM
    2. End-User Adoption Plan
    3. Initiatives Roadmap

    Phase 1

    Drive Measurable Value With a World-Class CXM Program

    Build a Strong Technology Foundation for Customer Experience Management

    Phase 1 outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 1: Drive Measurable Value With a World-Class CXM Program

    Proposed Time to Completion: 2 weeks

    Step 1.1: Create the Project Vision

    Start with an analyst kick-off call:

    • Review key drivers from a technology and business perspective for CXM
    • Discuss benefits of strong technology enablement for CXM

    Then complete these activities…

    • CXM Fireside Chat
    • CXM Business and Technology Driver Assessment
    • CXM Vision Statement

    With these tools & templates:

    • CXM Strategy Stakeholder Presentation Template

    Step 1.2: Structure the Project

    Review findings with analyst:

    • Assess the CXM vision statement for competitive differentiators
    • Determine current alignment disposition of IT with different business units

    Then complete these activities…

    • Team Composition and Responsibilities
    • Metrics Definition

    With these tools & templates:

    • CXM Strategy Project Charter Template

    Phase 1 Results & Insights:

    • Defined value of strong technology enablement for CXM
    • Completed CXM project charter

    Step 1.1: Create the Project Vision

    Phase 1

    1.1 Create the Project Vision

    1.2 Structure the Project

    Phase 2

    2.1 Scan the External Environment

    2.2 Assess the Current State of CXM

    2.3 Create an Application Portfolio

    2.4 Develop Deployment Best Practices

    Phase 3

    3.1 Create an Initiative Rollout Plan

    3.2 Confirm and Finalize the CXM Blueprint

    Activities:

    • Fireside Chat: Discuss past challenges and successes with CXM
    • Identify business and IT drivers to establish guiding principles for CXM

    Outcomes:

    • Business benefits of a rationalized technology strategy to support CXM
    • Shared lessons learned
    • Guiding principles for providing technology enablement for CXM

    Building a technology strategy to support customer experience isn’t an option – it’s a mission-critical activity

    • Customer-facing departments supply the lifeblood of a company: revenue. In today’s fast-paced and interconnected world, it’s becoming increasingly imperative to enable customer experience processes with a wide range of technologies, from lead automation to social relationship management. CXM is the holistic management of customer interaction processes across marketing, sales, and customer service to create valuable, mutually beneficial customer experiences. Technology is a critical building block for enabling CXM.
    • The parallel progress of technology and process improvement is essential to an efficient and effective CXM program. While many executives prefer to remain at the status quo, new technologies have caused major shifts in the CXM environment. If you stay with the status quo, you will fall behind the competition.
    • However, many IT departments are struggling to keep up with the pace of change and find themselves more of a firefighter than a strategic partner to marketing, sales, and service teams. This not only hurts the business, but it also tarnishes IT’s reputation.

    An aligned, optimized CX strategy is:

    Rapid: to intentionally and strategically respond to quickly-changing opportunities and issues.

    Outcome-based: to make key decisions based on strong business cases, data, and analytics in addition to intuition and judgment.

    Rigorous: to bring discipline and science to bear; to improve operations and results.

    Collaborative: to conduct activities in a broader ecosystem of partners, suppliers, vendors, co-developers, and even competitors.

    (The Wall Street Journal, 2013)

    Info-Tech Insight

    If IT fails to adequately support marketing, sales, and customer service teams, the organization’s revenue will be in direct jeopardy. As a result, CIOs and Applications Directors must work with their counterparts in these departments to craft a cohesive and comprehensive strategy for using technology to create meaningful (and profitable) customer experiences.

    Fireside Chat, Part 1: When was technology an impediment to customer experience at your organization?

    1.1.1 30 minutes

    Input

    • Past experiences of the team

    Output

    • Lessons learned

    Materials

    • Whiteboard
    • Markers

    Participants

    • Core Team

    Instructions

    1. Think about a time when technology was an impediment to a positive customer experience at your organization. Reflect on the following:
      • What frustrations did the application or the technology cause to your customers? What was their reaction?
      • How did IT (and the business) identify the challenge in the first place?
      • What steps were taken to mitigate the impact of the problem? Were these steps successful?
      • What were the key lessons learned as part of the challenge?

    Fireside Chat, Part 2: What customer success stories has your organization created by using new technologies?

    1.1.2 30 minutes

    Input

    • Past experiences of the team

    Output

    • Lessons learned

    Materials

    • Whiteboard
    • Markers

    Participants

    • Core Team

    Instructions

    1. Think about a time when your organization successfully leveraged a new application or new technology to enhance the experience it provided to customers. Reflect on this experience and consider:
      • What were the organizational drivers for rolling out the new application or solution?
      • What obstacles had to be overcome in order to successfully deploy the solution?
      • How did the application positively impact the customer experience? What metrics improved?
      • What were the key lessons learned as part of the deployment? If you had to do it all over again, what would you do differently?

    Develop a cohesive, consistent, and forward-looking roadmap that supports each stage of the customer lifecycle

    When creating your roadmap, consider the pitfalls you’ll likely encounter in building the IT strategy to provide technology enablement for customer experience.

    There’s no silver bullet for developing a strategy. You can encounter pitfalls at a myriad of different points including not involving the right stakeholders from the business, not staying abreast of recent trends in the external environment, and not aligning sales, marketing, and support initiatives with a focus on the delivery of value to prospects and customers.

    Common Pitfalls When Creating a Technology-Enablement Strategy for CXM

    Senior management is not involved in strategy development.

    Not paying attention to the “art of the possible.”

    “Paving the cow path” rather than focusing on revising core processes.

    Misalignment between objectives and financial/personnel resources.

    Inexperienced team on either the business or IT side.

    Not paying attention to the actions of competitors.

    Entrenched management preferences for legacy systems.

    Sales culture that downplays the potential value of technology or new applications.

    IT is only one or two degrees of separation from the end customer: so take a customer-centric approach

    IT →Marketing, Sales, and Service →External Customers

    Internal-Facing Applications

    • IT enables, supports, and maintains the applications used by the organization to market to, sell to, and service customers. IT provides the infrastructural and technical foundation to operate the function.

    Customer-Facing Applications

    • IT supports customer-facing interfaces and channels for customer interaction.
    • Channel examples include web pages, mobile device applications and optimization, and interactive voice response for callers.

    Info-Tech Insight

    IT often overlooks direct customer considerations when devising a technology strategy for CXM. Instead, IT leaders rely on other business stakeholders to simply pass on requirements. By sitting down with their counterparts in marketing and sales, and fully understanding business drivers and customer personas, IT will be much better positioned to roll out supporting applications that drive customer engagement.

    A well-aligned CXM strategy recognizes a clear delineation of responsibilities between IT, sales, marketing, and service

    • When thinking about CXM, IT must recognize that it is responsible for being a trusted partner for technology enablement. This means that IT has a duty to:
      • Develop an in-depth understanding of strategic business requirements for CXM. Base your understanding of these business requirements on a clear conception of the internal and external environment, customer personas, and business processes in marketing, sales, and customer service.
      • Assist with shortlisting and supporting different channels for customer interaction (including email, telephony, web presence, and social media).
      • Create a rationalized, cohesive application portfolio for CXM that blends different enabling technologies together to support strategic business requirements.
      • Provide support for vendor shortlisting, selection, and implementation of CXM applications.
      • Assist with end-user adoption of CXM applications (i.e. training and ongoing support).
      • Provide initiatives that assist with technical excellence for CXM (such as data quality, integration, analytics, and application maintenance).
    • The business (marketing, sales, customer service) owns the business requirements and must be responsible for setting top-level objectives for customer interaction (e.g. product and pricing decisions, marketing collateral, territory management, etc.). IT should not take over decisions on customer experience strategy. However, IT should be working in lockstep with its counterparts in the business to assist with understanding business requirements through a customer-facing lens. For example, persona development is best done in cross-functional teams between IT and Marketing.

    Activity: Identify the business drivers for CXM to establish the strategy’s guiding principles

    1.1.3 30 minutes

    Input

    • Business drivers for CXM

    Output

    • Guiding principles for CXM strategy

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Define the assumptions and business drivers that have an impact on technology enablement for CXM. What is driving the current marketing, sales, and service strategy on the business side?
    Business Driver Name Driver Assumptions, Capabilities, and Constraints Impact on CXM Strategy
    High degree of customer-centric solution selling A technically complex product means that solution selling approaches are employed – sales cycles are long. There is a strong need for applications and data quality processes that support longer-term customer relationships rather than transactional selling.
    High desire to increase scalability of sales processes Although sales cycles are long, the organization wishes to increase the effectiveness of rep time via marketing automation where possible. Sales is always looking for new ways to leverage their reps for face-to-face solution selling while leaving low-level tasks to automation. Marketing wants to support these tasks.
    Highly remote sales team and unusual hours are the norm Not based around core hours – significant overtime or remote working occurs frequently. Misalignment between IT working only core hours and after-hours teams leads to lag times that can delay work. Scheduling of preventative sales maintenance must typically be done on weekends rather than weekday evenings.

    Activity: Identify the IT drivers for CXM to establish the strategy’s guiding principles

    1.1.4 30 minutes

    Input

    • IT drivers for CXM

    Output

    • Guiding principles for CXM strategy

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Define the assumptions and IT drivers that have an impact on technology enablement for CXM. What is driving the current IT strategy for supporting marketing, sales, and service initiatives?
    IT Driver Name Driver Assumptions, Capabilities, and Constraints Impact on CXM Strategy
    Sales Application Procurement Methodology Strong preference for on-premise COTS deployments over homebrewed applications. IT may not be able to support cloud-based sales applications due to security requirements for on premise.
    Vendor Relations Minimal vendor relationships; SLAs not drafted internally but used as part of standard agreement. IT may want to investigate tightening up SLAs with vendors to ensure more timely support is available for their sales teams.
    Development Methodology Agile methodology employed, some pockets of Waterfall employed for large-scale deployments. Agile development means more perfective maintenance requests come in, but it leads to greater responsiveness for making urgent corrective changes to non-COTS products.
    Data Quality Approach IT sees as Sales’ responsibility IT is not standing as a strategic partner for helping to keep data clean, causing dissatisfaction from customer-facing departments.
    Staffing Availability Limited to 9–5 Execution of sales support takes place during core hours only, limiting response times and access for on-the-road sales personnel.

    Activity: Use IT and business drivers to create guiding principles for your CXM technology-enablement project

    1.1.5 30 minutes

    Input

    • Business drivers and IT drivers from 1.1.3 and 1.1.4

    Output

    • CXM mission statement

    Materials

    • Whiteboard
    • Markers

    Participants

    • Core Team

    Instructions

    1. Based on the IT and business drivers identified, craft guiding principles for CXM technology enablement. Keep guiding principles in mind throughout the project and ensure they support (or reconcile) the business and IT drivers.

    Guiding Principle Description
    Sales processes must be scalable. Our sales processes must be able to reach a high number of target customers in a short time without straining systems or personnel.
    Marketing processes must be high touch. Processes must be oriented to support technically sophisticated, solution-selling methodologies.

    2. Summarize the guiding principles above by creating a CXM mission statement. See below for an example.

    Example: CXM Mission Statement

    To ensure our marketing, sales and service team is equipped with tools that will allow them to reach out to a large volume of contacts while still providing a solution-selling approach. This will be done with secure, on-premise systems to safeguard customer data.

    Ensure that now is the right time to take a step back and develop the CXM strategy

    Determine if now is the right time to move forward with building (or overhauling) your technology-enablement strategy for CXM.

    Not all organizations will be able to proceed immediately to optimize their CXM technology enablement. Determine if the organizational willingness, backbone, and resources are present to commit to overhauling the existing strategy. If you’re not ready to proceed, consider waiting to begin this project until you can procure the right resources.

    Do not proceed if:

    • Your current strategy for supporting marketing, sales, and service is working well and IT is already viewed as a strategic partner by these groups. Your current strategy is well aligned with customer preferences.
    • The current strategy is not working well, but there is no consensus or support from senior management for improving it.
    • You cannot secure the resources or time to devote to thoroughly examining the current state and selecting improvement initiatives.
    • The strategy has been approved, but there is no budget in place to support it at this time.

    Proceed if:

    • Senior management has agreed that technology support for CXM should be improved.
    • Sub-divisions within IT, sales, marketing, and service are on the same page about the need to improve alignment.
    • You have an approximate budget to work with for the project and believe you can secure additional funding to execute at least some improvement initiatives.
    • You understand how improving CXM alignment will fit into the broader customer interaction ecosystem in your organization.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    1.1.3; 1.1.4; 1.1.5 - Identify business and IT drivers to create CXM guiding principles

    The facilitator will work with stakeholders from both the business and IT to identify implicit or explicit strategic drivers that will support (or pose constraints on) the technology-enablement framework for the CXM strategy. In doing so, guiding principles will be established for the project.

    Step 1.2: Structure the Project

    Phase 1

    1.1 Create the Project Vision

    1.2 Structure the Project

    Phase 2

    2.1 Scan the External Environment

    2.2 Assess the Current State of CXM

    2.3 Create an Application Portfolio

    2.4 Develop Deployment Best Practices

    Phase 3

    3.1 Create an Initiative Rollout Plan

    3.2 Confirm and Finalize the CXM Blueprint

    Activities:

    • Define the project purpose, objectives, and business metrics
    • Define the scope of the CXM strategy
    • Create the project team
    • Build a RACI chart
    • Develop a timeline with project milestones
    • Identify risks and create mitigation strategies
    • Complete the strategy project charter and obtain approval

    Outcomes:

    CXM Strategy Project Charter Template

    • Purpose, objectives, metrics
    • Scope
    • Project team & RACI
    • Timeline
    • Risks & mitigation strategies
    • Project sponsorship

    Use Info-Tech’s CXM Strategy Project Charter Template to outline critical components of the CXM project

    1.2.1 CXM Strategy Project Charter Template

    Having a project charter is the first step for any project: it specifies how the project will be resourced from a people, process, and technology perspective, and it clearly outlines major project milestones and timelines for strategy development. CXM technology enablement crosses many organizational boundaries, so a project charter is a very useful tool for ensuring everyone is on the same page.

    Sections of the document:

    1. Project Drivers, Rationale, and Context
    2. Project Objectives, Metrics, and Purpose
    3. Project Scope Definition
    4. Project Team Roles and Responsibilities (RACI)
    5. Project Timeline
    6. Risk Mitigation Strategy
    7. Project Metrics
    8. Project Review & Approvals

    INFO-TECH DELIVERABLE

    CXM Strategy Project Charter Template

    Populate the relevant sections of your project charter as you complete activities 1.2.2-1.2.8.

    Understand the roles necessary to complete your CXM technology-enablement strategy

    Understand the role of each player within your project structure. Look for listed participants on the activities slides to determine when each player should be involved.

    Title Role Within Project Structure
    Project Sponsor
    • Owns the project at the management/C-suite level
    • Responsible for breaking down barriers and ensuring alignment with organizational strategy
    • CIO, CMO, VP of Sales, VP of Customer Care, or similar
    Project Manager
    • The IT individual(s) that will oversee day-to-day project operations
    • Responsible for preparing and managing the project plan and monitoring the project team’s progress
    • Applications or other IT Manager, Business Analyst, Business Process Owner, or similar
    Business Lead
    • Works alongside the IT PM to ensure that the strategy is aligned with business needs
    • In this case, likely to be a marketing, sales, or customer service lead
    • Sales Director, Marketing Director, Customer Care Director, or similar
    Project Team
    • Comprised of individuals whose knowledge and skills are crucial to project success
    • Responsible for driving day-to-day activities, coordinating communication, and making process and design decisions. Can assist with persona and scenario development for CXM.
    • Project Manager, Business Lead, CRM Manager, Integration Manager, Application SMEs, Developers, Business Process Architects, and/or similar SMEs
    Steering Committee
    • Comprised of C-suite/management level individuals that act as the project’s decision makers
    • Responsible for validating goals and priorities, defining the project scope, enabling adequate resourcing, and managing change
    • Project Sponsor, Project Manager, Business Lead, CFO, Business Unit SMEs and similar

    Info-Tech Insight

    Do not limit project input or participation to the aforementioned roles. Include subject matter experts and internal stakeholders at particular stages within the project. Such inputs can be solicited on a one-off basis as needed. This ensures you take a holistic approach to creating your CXM technology-enablement strategy.

    Activity: Kick-off the CXM project by defining the project purpose, project objectives, and business metrics

    1.2.2 30 minutes

    Input

    • Activities 1.1.1 to 1.1.5

    Output

    • Drivers & rationale
    • Purpose statement
    • Business goals
    • Business metrics
    • CXM Strategy Project Charter Template, sections 1.0, 2.0, and 2.1

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Sponsor
    • Project Manager
    • Business Lead
    • Steering Committee

    Instructions

    Hold a meeting with IT, Marketing, Sales, Service, Operations, and any other impacted business stakeholders that have input into CXM to accomplish the following:

    1. Discuss the drivers and rationale behind embarking on a CXM strategy.
    2. Develop and concede on objectives for the CXM project, metrics that will gauge its success, and goals for each metric.
    3. Create a project purpose statement that is informed by decided-upon objectives and metrics from the steps above. When establishing a project purpose, ask the question, “what are we trying to accomplish?”
    • Example: Project Purpose Statement
      • The organization is creating a CXM strategy to gather high-level requirements from the business, IT, and Marketing, Sales, and Service, to ensure that the selection and deployment of the CXM meets the needs of the broader organization and provides the greatest return on investment.
  • Document your project drivers and rationale, purpose statement, project objectives, and business metrics in Info-Tech’s CXM Strategy Project Charter Template in sections 1.0 and 2.0.
  • Info-Tech Insight

    Going forward, set up a quarterly review process to understand changing needs. It is rare that organizations never change their marketing and sales strategy. This will change the way the CXM will be utilized.

    Establish baseline metrics for customer engagement

    In order to gauge the effectiveness of CXM technology enablement, establish core metrics:

    1. Marketing Metrics: pertaining to share of voice, share of wallet, market share, lead generation, etc.
    2. Sales Metrics: pertaining to overall revenue, average deal size, number of accounts, MCV, lead warmth, etc.
    3. Customer Service Metrics: pertaining to call volumes, average time to resolution, first contact resolution, customer satisfaction, etc.
    4. IT Metrics: pertaining to end-user satisfaction with CXM applications, number of tickets, contract value, etc.
    Metric Description Current Metric Future Goal
    Market Share 25% 35%
    Share of Voice (All Channels) 40% 50%
    Average Deal Size $10,500 $12,000
    Account Volume 1,400 1,800
    Average Time to Resolution 32 min 25 min
    First Contact Resolution 15% 35%
    Web Traffic per Month (Unique Visitors) 10,000 15,000
    End-User Satisfaction 62% 85%+
    Other metric
    Other metric
    Other metric

    Understand the importance of setting project expectations with a scope statement

    Be sure to understand what is in scope for a CXM strategy project. Prevent too wide of a scope to avoid scope creep – for example, we aren’t tackling ERP or BI under CXM.

    In Scope

    Establishing the parameters of the project in a scope statement helps define expectations and provides a baseline for resource allocation and planning. Future decisions about the strategic direction of CXM will be based on the scope statement.

    Scope Creep

    Well-executed requirements gathering will help you avoid expanding project parameters, drawing on your resources, and contributing to cost overruns and project delays. Avoid scope creep by gathering high-level requirements that lead to the selection of category-level application solutions (e.g. CRM, MMS, SMMP, etc.), rather than granular requirements that would lead to vendor application selection (e.g. Salesforce, Marketo, Hootsuite, etc.).

    Out of Scope

    Out-of-scope items should also be defined to alleviate ambiguity, reduce assumptions, and further clarify expectations for stakeholders. Out-of-scope items can be placed in a backlog for later consideration. For example, fulfilment and logistics management is out of scope as it pertains to CXM.

    In Scope
    Strategy
    High-Level CXM Application Requirements CXM Strategic Direction Category Level Application Solutions (e.g. CRM, MMS, etc.)
    Out of Scope
    Software Selection
    Vendor Application Review Vendor Application Selection Granular Application System Requirements

    Activity: Define the scope of the CXM strategy

    1.2.3 30 minutes

    Input

    • N/A

    Output

    • Project scope and parameters
    • CXM Strategy Project Charter Template, section 3.0

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Sponsor
    • Project Manager
    • Business Lead

    Instructions

    1. Formulate a scope statement. Decide which people, processes, and functions the CXM strategy will address. Generally, the aim of this project is to develop strategic requirements for the CXM application portfolio – not to select individual vendors.
    2. Document your scope statement in Info-Tech’s CXM Strategy Project Charter Template in section 3.0.

    To form your scope statement, ask the following questions:

    • What are the major coverage points?
    • Who will be using the systems?
    • How will different users interact with the systems?
    • What are the objectives that need to be addressed?
    • Where do we start?
    • Where do we draw the line?

    Identify the right stakeholders to include on your project team

    Consider the core team functions when composing the project team. Form a cross-functional team (i.e. across IT, Marketing, Sales, Service, Operations) to create a well-aligned CXM strategy.

    Required Skills/Knowledge Suggested Project Team Members
    IT
    • Application development
    • Enterprise integration
    • Business processes
    • Data management
    • CRM Application Manager
    • Business Process Manager
    • Integration Manager
    • Application Developer
    • Data Stewards
    Business
    • Understanding of the customer
    • Departmental processes
    • Sales Manager
    • Marketing Manager
    • Customer Service Manager
    Other
    • Operations
    • Administrative
    • Change management
    • Operations Manager
    • CFO
    • Change Management Manager

    Info-Tech Insight

    Don’t let your project team become too large when trying to include all relevant stakeholders. Carefully limiting the size of the project team will enable effective decision making while still including functional business units such as marketing, sales, service, and finance, as well as IT.

    Activity: Create the project team

    1.2.4 45 minutes

    Input

    • Scope Statement (output of Activity 1.2.3).

    Output

    • Project Team
    • CXM Strategy Project Charter Template, section 4.0

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Manager
    • Business Lead

    Instructions

    1. Review your scope statement. Have a discussion to generate a complete list of key stakeholders that are needed to achieve the scope of work.
    2. Using the previously generated list, identify a candidate for each role and determine their responsibilities and expected time commitment for the CXM strategy project.
    3. Document the project team in Info-Tech’s CXM Strategy Project Charter Template in section 4.0.

    Define project roles and responsibilities to improve progress tracking

    Build a list of the core CXM strategy team members, and then structure a RACI chart with the relevant categories and roles for the overall project.

    Responsible - Conducts work to achieve the task

    Accountable - Answerable for completeness of task

    Consulted - Provides input for the task

    Informed - Receives updates on the task

    Info-Tech Insight

    Avoid missed tasks between inter-functional communications by defining roles and responsibilities for the project as early as possible.

    Benefits of Assigning RACI Early:

    • Improve project quality by assigning the right people to the right tasks.
    • Improve chances of project task completion by assigning clear accountabilities.
    • Improve project buy-in by ensuring that stakeholders are kept informed of project progress, risks, and successes.

    Activity: Build a RACI chart

    1.2.5 30 minutes

    Input

    • Project Team (output of Activity 1.2.4)

    Output

    • RACI chart
    • CXM Strategy Project Charter Template, section 4.2

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Manager
    • Business Lead

    Instructions

    1. Identify the key stakeholder teams that should be involved in the CXM strategy project. You should have a cross-functional team that encompasses both IT (various units) and the business.
    2. Determine whether each stakeholder should be responsible, accountable, consulted, and/or informed with respect to each overarching project step.
    3. Confirm and communicate the results to relevant stakeholders and obtain their approval.
    4. Document the RACI chart in Info-Tech’s CXM Strategy Project Charter Template in section 4.2.
    Example: RACI Chart Project Sponsor (e.g. CMO) Project Manager (e.g. Applications Manager) Business Lead (e.g. Marketing Director) Steering Committee (e.g. PM, CMO, CFO…) Project Team (e.g. PM, BL, SMEs…)
    Assess Project Value I C A R C
    Conduct a Current State Assessment I I A C R
    Design Application Portfolio I C A R I
    Create CXM Roadmap R R A I I
    ... ... ... ... ... ...

    Activity: Develop a timeline in order to specify concrete project milestones

    1.2.6 30 minutes

    Input

    • N/A

    Output

    • Project timeline
    • CXM Strategy Project Charter Template, section 5.0

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Manager
    • Business Lead

    Instructions

    1. Assign responsibilities, accountabilities, and other project involvement to each project team role using a RACI chart. Remember to consider dependencies when creating the schedule and identifying appropriate subtasks.
    2. Document the timeline in Info-Tech’s CXM Strategy Project Charter Template in section 5.0.
    Key Activities Start Date End Date Target Status Resource(s)
    Structure the Project and Build the Project Team
    Articulate Business Objectives and Define Vision for Future State
    Document Current State and Assess Gaps
    Identify CXM Technology Solutions
    Build the Strategy for CXM
    Implement the Strategy

    Assess project-associated risk by understanding common barriers and enablers

    Common Internal Risk Factors

    Management Support Change Management IT Readiness
    Definition The degree of understanding and acceptance of CXM as a concept and necessary portfolio of technologies. The degree to which employees are ready to accept change and the organization is ready to manage it. The degree to which the organization is equipped with IT resources to handle new systems and processes.
    Assessment Outcomes
    • Is CXM enablement recognized as a top priority?
    • Will management commit time to the project?
    • Are employees resistant to change?
    • Is there an organizational awareness of the importance of customer experience?
    • Who are the owners of process and content?
    • Is there strong technical expertise?
    • Is there strong infrastructure?
    • What are the important integration points throughout the business?
    Risk
    • Low management buy-in
    • Lack of funding
    • Lack of resources
    • Low employee motivation
    • Lack of ownership
    • Low user adoption
    • Poor implementation
    • Reliance on consultants

    Activity: Identify the risks and create mitigation strategies

    1.2.7 45 minutes

    Input

    • N/A

    Output

    • Risk mitigation strategy
    • CXM Strategy Project Charter Template, section 6.0

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Manager
    • Business Lead
    • Project Team

    Instructions

    1. Brainstorm a list of possible risks that may impede the progress of your CXM project.
    2. Classify risks as strategy based (related to planning) or systems based (related to technology).
    3. Brainstorm mitigation strategies to overcome each risk.
    4. On a scale of 1 to 3, determine the impact of each risk on project success and the likelihood of each risk occurring.
    5. Document your findings in Info-Tech’s CXM Strategy Project Charter Template in section 6.0.

    Likelihood:

    1 - High/Needs Focus

    2 - Can Be Mitigated

    3 - Unlikely

    Impact

    1 - High Impact

    2 - Moderate Impact

    3 - Minimal Impact

    Example: Risk Register and Mitigation Tactics

    Risk Impact Likelihood Mitigation Effort
    Cost of time and implementation: designing a robust portfolio of CXM applications can be a time consuming task, representing a heavy investment for the organization 1 1
    • Have a clear strategic plan and a defined time frame
    • Know your end-user requirements
    • Put together an effective and diverse strategy project team
    Availability of resources: lack of in-house resources (e.g. infrastructure, CXM application developers) may result in the need to insource or outsource resources 1 2
    • Prepare a plan to insource talent by hiring or transferring talent from other departments – e.g. marketing and customer service

    Activity: Complete the project charter and obtain approval

    1.2.8 45 minutes

    Input

    • N/A

    Output

    • Project approval
    • CXM Strategy Project Charter Template, section 8.0

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Manager
    • Business Lead
    • Project Team

    Instructions

    Before beginning to develop the CXM strategy, validate the project charter and metrics with senior sponsors or stakeholders and receive their approval to proceed.

    1. Schedule a 30-60 minute meeting with senior stakeholders and conduct a live review of your CXM strategy project charter.
    2. Obtain stakeholder approval to ensure there are no miscommunications or misunderstandings around the scope of the work that needs to be done to reach a successful project outcome. Final sign-off should only take place when mutual consensus has been reached.
      • Obtaining approval should be an iterative process; if senior management has concerns over certain aspects of the plan, revise and review again.

    Info-Tech Insight

    In most circumstances, you should have your CXM strategy project charter validated with the following stakeholders:

    • Chief Information Officer
    • IT Applications Director
    • CFO or Comptroller (for budget approval)
    • Chief Marketing Office or Head of Marketing
    • Chief Revenue Officer or VP of Sales
    • VP Customer Service

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    1.2.2 Define project purpose, objectives, and business metrics

    Through an in-depth discussion, an analyst will help you prioritize corporate objectives and organizational drivers to establish a distinct project purpose.

    1.2.3 Define the scope of the CXM strategy

    An analyst will facilitate a discussion to address critical questions to understand your distinct business needs. These questions include: What are the major coverage points? Who will be using the system?

    1.2.4; 1.2.5; 1.2.6 Create the CXM project team, build a RACI chart, and establish a timeline

    Our analysts will guide you through how to create a designated project team to ensure the success of your CXM strategy and suite selection initiative, including project milestones and team composition, as well as designated duties and responsibilities.

    Phase 2

    Create a Strategic Framework for CXM Technology Enablement

    Build a Strong Technology Foundation for Customer Experience Management

    Phase 2 outline: Steps 2.1 and 2.2

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 2: Create a Strategic Framework for CXM Technology Enablement

    Proposed Time to Completion: 4 weeks

    Step 2.1: Scan the External Environment

    Start with an analyst kick-off call:

    • Discuss external drivers
    • Assess competitive environment
    • Review persona development
    • Review scenarios

    Then complete these activities…

    • Build the CXM operating model
    • Conduct a competitive analysis
    • Conduct a PEST analysis
    • Build personas and scenarios

    With these tools & templates:

    CXM Strategy Stakeholder Presentation Template

    Step 2.2: Assess the Current State for CRM

    Review findings with analyst:

    • Review SWOT analysis
    • Review VRIO analysis
    • Discuss strategic requirements for CXM

    Then complete these activities…

    • Conduct a SWOT analysis
    • Conduct a VRIO analysis
    • Inventory existing applications

    With these tools & templates:

    CXM Strategy Stakeholder Presentation Template

    Phase 2 outline: Steps 2.3 and 2.4

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 2: Create a Strategic Framework for CXM Technology Enablement

    Proposed Time to Completion: 4 weeks

    Step 2.3: Create an Application Portfolio

    Start with an analyst kick-off call:

    • Discuss possible business process maps
    • Discuss strategic requirements
    • Review application portfolio results

    Then complete these activities…

    • Build business maps
    • Execute application mapping

    With these tools & templates:

    CXM Portfolio Designer

    CXM Strategy Stakeholder Presentation Template

    CXM Business Process Shortlisting Tool

    Step 2.4: Develop Deployment Best Practices

    Review findings with analyst:

    • Review possible integration maps
    • Discuss best practices for end-user adoption
    • Discuss best practices for customer data quality

    Then complete these activities…

    • Create CXM integration ecosystem
    • Develop adoption game plan
    • Create data quality standards

    With these tools & templates:

    CXM Strategy Stakeholder Presentation Template

    Phase 2 Results & Insights:

    • Application portfolio for CXM
    • Deployment best practices for areas such as integration, data quality, and end-user adoption

    Step 2.1: Scan the External Environment

    Phase 1

    1.1 Create the Project Vision

    1.2 Structure the Project

    Phase 2

    2.1 Scan the External Environment

    2.2 Assess the Current State of CXM

    2.3 Create an Application Portfolio

    2.4 Develop Deployment Best Practices

    Phase 3

    3.1 Create an Initiative Rollout Plan

    3.2 Confirm and Finalize the CXM Blueprint

    Activities:

    • Inventory CXM drivers and organizational objectives
    • Identify CXM challenges and pain points
    • Discuss opportunities and benefits
    • Align corporate and CXM strategies
    • Conduct a competitive analysis
    • Conduct a PEST analysis and extract strategic requirements
    • Build customer personas and extract strategic requirements

    Outcomes:

    • CXM operating model
      • Organizational drivers
      • Environmental factors
      • Barriers
      • Enablers
    • PEST analysis
    • External customer personas
    • Customer journey scenarios
    • Strategic requirements for CXM

    Develop a CXM technology operating model that takes stock of needs, drivers, barriers, and enablers

    Establish the drivers, enablers, and barriers to developing a CXM technology enablement strategy. In doing so, consider needs, environmental factors, organizational drivers, and technology drivers as inputs.

    CXM Strategy

    • Barriers
      • Lack of Resources
      • Cultural Mindset
      • Resistance to Change
      • Poor End-User Adoption
    • Enablers
      • Senior Management Support
      • Customer Data Quality
      • Current Technology Portfolio
    • Business Needs (What are your business drivers? What are current marketing, sales, and customer service pains?)
      • Acquisition Pipeline Management
      • Live Chat for Support
      • Social Media Analytics
      • Etc.
    • Organizational Goals
      • Increase Profitability
      • Enhance Customer Experience Consistency
      • Reduce Time-to-Resolution
      • Increase First Contact Resolution
      • Boost Share of Voice
    • Environmental Factors (What factors that affect your strategy are out of your control?)
      • Customer Buying Habits
      • Changing Technology Trends
      • Competitive Landscape
      • Regulatory Requirements
    • Technology Drivers (Why do you need a new system? What is the purpose for becoming an integrated organization?)
      • System Integration
      • Reporting Capabilities
      • Deployment Model

    Understand your needs, drivers, and organizational objectives for creating a CXM strategy

    Business Needs Organizational Drivers Technology Drivers Environmental Factors
    Definition A business need is a requirement associated with a particular business process (for example, Marketing needs customer insights from the website – the business need would therefore be web analytics capabilities). Organizational drivers can be thought of as business-level goals. These are tangible benefits the business can measure such as customer retention, operation excellence, and financial performance. Technology drivers are technological changes that have created the need for a new CXM enablement strategy. Many organizations turn to technology systems to help them obtain a competitive edge. External considerations are factors taking place outside of the organization that are impacting the way business is conducted inside the organization. These are often outside the control of the business.
    Examples
    • Web analytics
    • Live chat capabilities
    • Mobile self-service
    • Social media listening
    • Data quality
    • Customer satisfaction
    • Branding
    • Time-to-resolution
    • Deployment model (i.e. SaaS)
    • Integration
    • Reporting capabilities
    • Fragmented technologies
    • Economic factors
    • Customer preferences
    • Competitive influencers
    • Compliance regulations

    Info-Tech Insight

    A common organizational driver is to provide adequate technology enablement across multiple channels, resulting in a consistent customer experience. This driver is a result of external considerations. Many industries today are highly competitive and rapidly changing. To succeed under these pressures, you must have a rationalized portfolio of enterprise applications for customer interaction.

    Activity: Inventory and discuss CXM drivers and organizational objectives

    2.1.1 30 minutes

    Input

    • Business needs
    • Exercise 1.1.3
    • Exercise 1.1.4
    • Environmental factors

    Output

    • CXM operating model inputs
    • CXM Strategy Stakeholder Presentation

    Materials

    • Info-Tech examples
    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Brainstorm the business needs, organizational drivers, technology drivers, and environmental factors that will inform the CXM strategy. Draw from exercises 1.1.3-1.1.5.
    2. Document your findings in the CXM operating model template. This can be found in the CXM Strategy Stakeholder Presentation Template.

    The image is a graphic, with a rectangle split into three sections in the centre. The three sections are: Barriers; CXM Strategy; Enablers. Around the centre are 4 more rectangles, labelled: Business Needs; Organizational Drivers; Technology Drivers; Environmental Factors. The outer rectangles are a slightly darker shade of grey than the others, highlighting them.

    Understand challenges and barriers to creating and executing the CXM technology-enablement strategy

    Take stock of internal challenges and barriers to effective CXM strategy execution.

    Example: Internal Challenges & Potential Barriers

    Understanding the Customer Change Management IT Readiness
    Definition The degree to which a holistic understanding of the customer can be created, including customer demographic and psychographics. The degree to which employees are ready to accept operational and cultural changes and the degree to which the organization is ready to manage it. The degree to which IT is ready to support new technologies and processes associated with a portfolio of CXM applications.
    Questions to Ask
    • As an organization, do we have a true understanding of our customers?
    • How might we achieve a complete understanding of the customer throughout different phases of the customer lifecycle?
    • Are employees resistant to change?
    • Are there enough resources to drive an CXM strategy?
    • To what degree is the existing organizational culture customer-centric?
    • Is there strong technical expertise?
    • Is there strong infrastructure?
    Implications
    • Uninformed creation of CXM strategic requirements
    • Inadequate understanding of customer needs and wants
    • User acceptance
    • Lack of ownership
    • Lack of accountability
    • Lack of sustainability
    • Poor implementation
    • Reliance on expensive external consultants
    • Lack of sustainability

    Activity: Identify CXM challenges and pain points

    2.1.2 30 minutes

    Input

    • Challenges
    • Pain points

    Output

    • CXM operating model barriers
    • CXM Strategy Stakeholder Presentation

    Materials

    • Info-Tech examples
    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Brainstorm the challenges and pain points that may act as barriers to the successful planning and execution of a CXM strategy.
    2. Document your findings in the CXM operating model template. This can be found in the CXM Strategy Stakeholder Presentation Template.

    The image is the same graphic from a previous section. In this instance, the Barriers sections is highlighted.

    Identify opportunities that can enable CXM strategy execution

    Existing internal conditions, capabilities, and resources can create opportunities to enable the CXM strategy. These opportunities are critical to overcoming challenges and barriers.

    Example: Opportunities to Leverage for Strategy Enablement

    Management Buy-In Customer Data Quality Current Technology Portfolio
    Definition The degree to which upper management understands and is willing to enable a CXM project, complete with sponsorship, funding, and resource allocation. The degree to which customer data is accurate, consistent, complete, and reliable. Strong customer data quality is an opportunity – poor data quality is a barrier. The degree to which the existing portfolio of CXM-supporting enterprise applications can be leveraged to enable the CXM strategy.
    Questions to Ask
    • Is management informed of changing technology trends and the subsequent need for CXM?
    • Are adequate funding and resourcing available to support a CXM project, from strategy creation to implementation?
    • Are there any data quality issues?
    • Is there one source of truth for customer data?
    • Are there duplicate or incomplete sets of data?
    • Does a strong CRM backbone exist?
    • What marketing, sales, and customer service applications exist?
    • Are CXM-enabling applications rated highly on usage and performance?
    Implications
    • Need for CXM clearly demonstrated
    • Financial and logistical feasibility
    • Consolidated data quality governance initiatives
    • Informed decision making
    • Foundation for CXM technology enablement largely in place
    • Reduced investment of time and money needed

    Activity: Discuss opportunities and benefits

    2.1.3 30 minutes

    Input

    • Opportunities
    • Benefits

    Output

    • Completed CXM operating model
    • CXM Strategy Stakeholder Presentation

    Materials

    • Info-Tech examples
    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Brainstorm opportunities that should be leveraged or benefits that should be realized to enable the successful planning and execution of a CXM strategy.
    2. Document your findings in the CXM operating model template. This can be found in the CXM Strategy Stakeholder Presentation Template.

    The image is the same graphic from earlier sections, this time with the Enablers section highlighted.

    Ensure that you align your CXM technology strategy to the broader corporate strategy

    A successful CXM strategy requires a comprehensive understanding of an organization’s overall corporate strategy and its effects on the interrelated departments of marketing, sales, and service, including subsequent technology implications. For example, a CXM strategy that emphasizes tools for omnichannel management and is at odds with a corporate strategy that focuses on only one or two channels will fail.

    Corporate Strategy

    • Conveys the current state of the organization and the path it wants to take.
    • Identifies future goals and business aspirations.
    • Communicates the initiatives that are critical for getting the organization from its current state to the future state.

    CXM Strategy

    • Communicates the company’s budget and spending on CXM applications and initiatives.
    • Identifies IT initiatives that will support the business and key CXM objectives, specific to marketing, sales, and service.
    • Outlines staffing and resourcing for CXM initiatives.

    Unified Strategy

    • The CXM implementation can be linked, with metrics, to the corporate strategy and ultimate business objectives.

    Info-Tech Insight

    Your organization’s corporate strategy is especially important in dictating the direction of the CXM strategy. Corporate strategies are often focused on customer-facing activity and will heavily influence the direction of marketing, sales, customer service, and consequentially, CXM. Corporate strategies will often dictate market targeting, sales tactics, service models, and more.

    Review sample organizational objectives to decipher how CXM technologies can support such objectives

    Identifying organizational objectives of high priority will assist in breaking down CXM objectives to better align with the overall corporate strategy and achieve buy-in from key stakeholders.

    Corporate Objectives Aligned CXM Technology Objectives
    Increase Revenue Enable lead scoring Deploy sales collateral management tools Improve average cost per lead via a marketing automation tool
    Enhance Market Share Enhance targeting effectiveness with a CRM Increase social media presence via an SMMP Architect customer intelligence analysis
    Improve Customer Satisfaction Reduce time-to-resolution via better routing Increase accessibility to customer service with live chat Improve first contact resolution with customer KB
    Increase Customer Retention Use a loyalty management application Improve channel options for existing customers Use customer analytics to drive targeted offers
    Create Customer-Centric Culture Ensure strong training and user adoption programs Use CRM to provide 360-degree view of all customer interaction Incorporate the voice of the customer into product development

    Activity: Review your corporate strategy and validate its alignment with the CXM operating model

    2.1.4 30 minutes

    Input

    • Corporate strategy
    • CXM operating model (completed in Activity 2.1.3)

    Output

    • Strategic alignment between the business and CXM strategies

    Materials

    • Info-Tech examples
    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Brainstorm and create a list of organizational objectives at the corporate strategy level.
    2. Break down each organizational objective to identify how CXM may support it.
    3. Validate CXM goals and organizational objectives with your CXM operating model. Be sure to address the validity of each with the business needs, organizational drivers, technology drivers, and environmental factors identified as inputs to the operating model.

    Amazon leverages customer data to drive decision making around targeted offers and customer experience

    CASE STUDY

    Industry E-Commerce

    Source Pardot, 2012

    Situation

    Amazon.com, Inc. is an American electronic commerce and cloud computing company. It is the largest e-commerce retailer in the US.

    Amazon originated as an online book store, later diversifying to sell various forms of media, software, games, electronics, apparel, furniture, food, toys, and more.

    By taking a data-driven approach to marketing and sales, Amazon was able to understand its customers’ needs and wants, penetrate different product markets, and create a consistently personalized online-shopping customer experience that keeps customers coming back.

    Technology Strategy

    Use Browsing Data Effectively

    Amazon leverages marketing automation suites to view recent activities of prospects on its website. In doing so, a more complete view of the customer is achieved, including insights into purchasing interests and site navigation behaviors.

    Optimize Based on Interactions

    Using customer intelligence, Amazon surveys and studies standard engagement metrics like open rate, click-through rate, and unsubscribes to ensure the optimal degree of marketing is being targeted to existing and prospective customers, depending on level of engagement.

    Results

    Insights gained from having a complete understanding of the customer (from basic demographic characteristics provided in customer account profiles to observed psychographic behaviors captured by customer intelligence applications) are used to personalize Amazon’s sales and marketing approaches. This is represented through targeted suggestions in the “recommended for you” section of the browsing experience and tailored email marketing.

    It is this capability, partnered with the technological ability to observe and measure customer engagement, that allows Amazon to create individual customer experiences.

    Scan the external environment to understand your customers, competitors, and macroenvironmental trends

    Do not develop your CXM technology strategy in isolation. Work with Marketing to understand your STP strategy (segmentation, targeting, positioning): this will inform persona development and technology requirements downstream.

    Market Segmentation

    • Segment target market by demographic, geographic, psychographic, and behavioral characteristics
    • What does the competitive market look like?
    • Who are the key customer segments?
    • What segments are you going to target?

    Market Targeting

    • Evaluate potential and commercial attractiveness of each segment, considering the dynamics of the competition
    • How do you target your customers?
    • How should you target them in the future?
    • How do your products/services differ from the competition?

    Product Positioning

    • Develop detailed product positioning and marketing mixes for selected segments
    • What is the value of the product/service to each segment of the market?
    • How are you positioning your product/service in the market?

    Info-Tech Insight

    It is at this point that you should consider the need for and viability of an omnichannel approach to CXM. Through which channels do you target your customers? Are your customers present and active on a wide variety of channels? Consider how you can position your products, services, and brand through the use of omnichannel methodologies.

    Activity: Conduct a competitive analysis to understand where your market is going

    2.1.5 1 hour

    Input

    • Scan of competitive market
    • Existing customer STP strategy

    Output

    • Strategic CXM requirements
    • CXM Strategy Stakeholder Presentation

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Team
    • Marketing SME

    Instructions

    1. Scan the market for direct and indirect competitors.
    2. Evaluate current and/or future segmentation, targeting, and positioning strategies by answering the following questions:
    • What does the competitive market look like?
    • Who are the key customer segments?
    • What segments are you going to target?
    • How do you target your customers?
    • How should you target them in the future?
    • How do your products/services differ from the competition?
    • What is the value of the product/service to each segment of the market?
    • How are you positioning your product/service in the market?
    • Other helpful questions include:
      • How formally do you target customers? (e.g. through direct contact vs. through passive brand marketing)
      • Does your organization use the shotgun or rifle approach to marketing?
        • Shotgun marketing: targets a broad segment of people, indirectly
        • Rifle marketing: targets smaller and more niche market segments using customer intelligence
  • For each point, identify CXM requirements.
  • Document your outputs in the CXM Strategy Stakeholder Presentation Template.
  • Activity: Conduct a competitive analysis (cont’d)

    2.1.5 30 minutes

    Input

    • Scan of competitive market

    Output

    • Competitive analysis
    • CXM Strategy Stakeholder Presentation

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Team
    • Marketing SME (e.g. Market Research Stakeholders)

    Instructions

    1. List recent marketing technology and customer experience-related initiatives that your closest competitors have implemented.
    2. For each identified initiative, elaborate on what the competitive implications are for your organization.
    3. Document your outputs in the CXM Strategy Stakeholder Presentation Template.

    Example: Competitive Implications

    Competitor Organization Recent Initiative Associated Technology Direction of Impact Competitive Implication
    Organization X Multichannel E-Commerce Integration WEM – hybrid integration Positive
    • Up-to-date e-commerce capabilities
    • Automatic product updates via PCM
    Organization Y Web Social Analytics WEM Positive
    • Real-time analytics and customer insights
    • Allows for more targeted content toward the visitor or customer

    Conduct a PEST analysis to determine salient political, economic, social, and technological impacts for CXM

    A PEST analysis is a structured planning method that identifies external environmental factors that could influence the corporate and IT strategy.

    Political - Examine political factors, such as relevant data protection laws and government regulations.

    Economic - Examine economic factors, such as funding, cost of web access, and labor shortages for maintaining the site(s).

    Technological - Examine technological factors, such as new channels, networks, software and software frameworks, database technologies, wireless capabilities, and availability of software as a service.

    Social - Examine social factors, such as gender, race, age, income, and religion.

    Info-Tech Insight

    When looking at opportunities and threats, PEST analysis can help to ensure that you do not overlook external factors, such as technological changes in your industry. When conducting your PEST analysis specifically for CXM, pay particular attention to the rapid rate of change in the technology bucket. New channels and applications are constantly emerging and evolving, and seeing differential adoption by potential customers.

    Activity: Conduct and review the PEST analysis

    2.1.6 30 minutes

    Input

    • Political, economic, social, and technological factors related to CXM

    Output

    • Completed PEST analysis

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Identify your current strengths and weaknesses in managing the customer experience.
    2. Identify any opportunities to take advantage of and threats to mitigate.

    Example: PEST Analysis

    Political

    • Data privacy for PII
    • ADA legislation for accessible design

    Economic

    • Spending via online increasing
    • Focus on share of wallet

    Technological

    • Rise in mobile
    • Geo-location based services
    • Internet of Things
    • Omnichannel

    Social

    • Increased spending power by millennials
    • Changing channel preferences
    • Self-service models

    Activity: Translate your PEST analysis into a list of strategic CXM technology requirements to be addressed

    2.1.7 30 minutes

    Input

    • PEST Analysis conducted in Activity 2.1.6.

    Output

    • Strategic CXM requirements
    • CXM Strategy Stakeholder Presentation

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    For each PEST quadrant:

    1. Document the point and relate it to a goal.
    2. For each point, identify CXM requirements.
    3. Sort goals and requirements to eliminate duplicates.
    4. Document your outputs in the CXM Strategy Stakeholder Presentation Template.

    Example: Parsing Requirements from PEST Analysis

    Technological Trend: There has been a sharp increase in popularity of mobile self-service models for buying habits and customer service access.

    Goal: Streamline mobile application to be compatible with all mobile devices. Create consistent branding across all service delivery applications (e.g. website, etc.).

    Strategic Requirement: Develop a native mobile application while also ensuring that resources through our web presence are built with responsive design interface.

    IT must fully understand the voice of the customer: work with Marketing to develop customer personas

    Creating a customer-centric CXM technology strategy requires archetypal customer personas. Creating customer personas will enable you to talk concretely about them as consumers of your customer experience and allow you to build buyer scenarios around them.

    A persona (or archetypal user) is an invented person that represents a type of user in a particular use-case scenario. In this case, personas can be based on real customers.

    Components of a persona Example – Organization: Grocery Store
    Name Name personas to reflect a key attribute such as the persona’s primary role or motivation Brand Loyal Linda: A stay-at-home mother dedicated to maintaining and caring for a household of 5 people
    Demographic Include basic descriptors of the persona (e.g. age, geographic location, preferred language, education, job, employer, household income, etc.) Age: 42 years old Geographic location: London Suburbia Language: English Education: Post-secondary Job: Stay-at-home mother Annual Household Income: $100,000+
    Wants, needs, pain points Identify surface-level motivations for buying habits

    Wants: Local products Needs: Health products; child-safe products

    Pain points: Fragmented shopping experience

    Psychographic/behavioral traits Observe persona traits that are representative of the customers’ behaviors (e.g. attitudes, buying patterns, etc.)

    Psychographic: Detail-oriented, creature of habit

    Behavioral: Shops at large grocery store twice a week, visits farmers market on Saturdays, buys organic products online

    Activity: Build personas for your customers

    2.1.8 2 hours

    Input

    • Customer demographics and psychographics

    Output

    • List of prioritized customer personas
    • CXM Strategy Stakeholder Presentation

    Materials

    • Info-Tech examples
    • Whiteboard
    • Markers

    Participants

    Project Team

    Instructions

    1. In 2-4 groups, list all the customer personas that need to be built. In doing so, consider the people who interact with your organization most often.
    2. Build a demographic profile for each customer persona. Include information such as age, geographic location, occupation, annual income, etc.
    3. Augment the persona with a psychographic profile of each customer. Consider the goals and objectives of each customer persona and how these might inform buyer behaviors.
    4. Introduce your group’s personas to the entire group, in a round-robin fashion, as if you are introducing your persona at a party.
    5. Summarize the personas in a persona map. Rank your personas according to importance and remove any duplicates.

    Info-Tech Insight

    For CXM, persona building is typically used for understanding the external customer; however, if you need to gain a better understanding of the organization’s internal customers (those who will be interacting with CXM applications), personas can also be built for this purpose. Examples of useful internal personas are sales managers, brand managers, customer service directors, etc.

    Sample Persona Templates

    Fred, 40

    The Family Man

    Post-secondary educated, white-collar professional, three children

    Goals & Objectives

    • Maintain a stable secure lifestyle
    • Progress his career
    • Obtain a good future for his children

    Behaviors

    • Manages household and finances
    • Stays actively involved in children’s activities and education
    • Seeks potential career development
    • Uses a cellphone and email frequently
    • Sometimes follows friends Facebook pages

    Services of Interest

    • SFA, career counselling, job boards, day care, SHHS
    • Access to information via in-person, phone, online

    Traits

    General Literacy - High

    Digital Literacy - Mid-High

    Detail-Oriented - High

    Willing to Try New Things - Mid-High

    Motivated and Persistent - Mid-High

    Time Flexible - Mid-High

    Familiar With [Red.] - Mid

    Access to [Red.] Offices - High

    Access to Internet - High

    Ashley, 35

    The Tourist

    Single, college educated, planning vacation in [redacted], interested in [redacted] job opportunities

    Goals & Objectives

    • Relax after finishing a stressful job
    • Have adventures and try new things
    • Find a new job somewhere in Canada

    Behaviors

    • Collects information about things to do in [redacted]
    • Collects information about life in [redacted]
    • Investigates and follows up on potential job opportunities
    • Uses multiple social media to keep in touch with friends
    • Shops online frequently

    Services of Interest

    • SFA, job search, road conditions, ferry schedules, hospital, police station, DL requirements, vehicle rental
    • Access to information via in-person, phone, website, SMS, email, social media

    Traits

    General Literacy - Mid

    Digital Literacy - High

    Detail-Oriented - Mid

    Willing to Try New Things - High

    Motivated and Persistent - Mid

    Time Flexible - Mid-High

    Familiar With [Red.] - Low

    Access to [Red.] Offices - Low

    Access to Internet - High

    Bill, 25

    The Single Parent

    15-year resident of [redacted], high school education, waiter, recently divorced, two children

    Goals & Objectives

    • Improve his career options so he can support his family
    • Find an affordable place to live
    • Be a good parent
    • Work through remaining divorce issues

    Behaviors

    • Tries to get training or experience to improve his career
    • Stays actively involved in his children’s activities
    • Looks for resources and supports to resolve divorce issues
    • Has a cellphone and uses the internet occasionally

    Services of Interest

    • Child care, housing authority, legal aid, parenting resources
    • Access to information via in person, word-of mouth, online, phone, email

    Traits

    General Literacy - Mid

    Digital Literacy - Mid-Low

    Detail-Oriented - Mid-Low

    Willing to Try New Things - Mid

    Motivated and Persistent - High

    Time Flexible - Mid

    Familiar With [Red.] - Mid-High

    Access to [Red.] Offices - High

    Access to Internet - High

    Marie, 19

    The Regional Youth

    Single, [redacted] resident, high school graduate

    Goals & Objectives

    • Get a good job
    • Maintain ties to family and community

    Behaviors

    • Looking for work
    • Gathering information about long-term career choices
    • Trying to get the training or experience that can help her develop a career
    • Staying with her parents until she can get established
    • Has a new cellphone and is learning how to use it
    • Plays videogames and uses the internet at least weekly

    Services of Interest

    • Job search, career counselling
    • Access to information via in-person, online, phone, email, web applications

    Traits

    General Literacy - Mid

    Digital Literacy - Mid

    Detail-Oriented - Mid-Low

    Willing to Try New Things - Mid-High

    Motivated and Persistent - Mid-Low

    Time Flexible - High

    Familiar With [Red.] - Mid-Low

    Access to [Red.] Offices - Mid-Low

    Access to Internet - Mid

    Build key scenarios for each persona to extract strategic requirements for your CXM application portfolio

    A scenario is a story or narrative that helps explore the set of interactions that a customer has with an organization. Scenario mapping will help parse requirements used to design the CXM application portfolio.

    A Good Scenario…

    • Describes specific task(s) that need to be accomplished
    • Describes user goals and motivations
    • Describes interactions with a compelling but not overwhelming amount of detail
    • Can be rough, as long as it provokes ideas and discussion

    Scenarios Are Used To…

    • Provide a shared understanding about what a user might want to do, and how they might want to do it
    • Help construct the sequence of events that are necessary to address in your user interface(s)

    To Create Good Scenarios…

    • Keep scenarios high level, not granular in nature
    • Identify as many scenarios as possible. If you’re time constrained, try to develop 2-3 key scenarios per persona
    • Sketch each scenario out so that stakeholders understand the goal of the scenario

    Activity: Build scenarios for each persona and extract strategic requirements for the CXM strategy

    2.1.9 1.5 hours

    Input

    • Customer personas (output of Activity 2.1.5)

    Output

    • CX scenario maps
    • Strategic CXM requirements
    • CXM Strategy Stakeholder Presentation

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. For each customer persona created in Activity 2.1.5, build a scenario. Choose and differentiate scenarios based on the customer goal of each scenario (e.g. make online purchase, seek customer support, etc.).
    2. Think through the narrative of how a customer interacts with your organization, at all points throughout the scenario. List each step in the interaction in a sequential order to form a scenario journey.
    3. Examine each step in the scenario and brainstorm strategic requirements that will be needed to support the customer’s use of technology throughout the scenario.
    4. Repeat steps 1-3 for each persona. Document your outputs in the CXM Strategy Stakeholder Presentation Template.

    Example: Scenario Map

    Persona Name: Brand Loyal Linda

    Scenario Goal: File a complaint about in-store customer service

    Look up “[Store Name] customer service” on public web. →Reach customer support landing page. →Receive proactive notification prompt for online chat with CSR. →Initiate conversation: provide order #. →CSR receives order context and information. →Customer articulates problem, CSR consults knowledgebase. →Discount on next purchase offered. →Send email with discount code to Brand Loyal Linda.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    2.1.1; 2.1.2; 2.1.3; 2.1.4 - Create a CXM operating model

    An analyst will facilitate a discussion to identify what impacts your CXM strategy and how to align it to your corporate strategy. The discussion will take different perspectives into consideration and look at organizational drivers, external environmental factors, as well as internal barriers and enablers.

    2.1.5 Conduct a competitive analysis

    Calling on their depth of expertise in working with a broad spectrum of organizations, our facilitator will help you work through a structured, systematic evaluation of competitors’ actions when it comes to CXM.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    2.1.6; 2.1.7 - Conduct a PEST analysis

    The facilitator will use guided conversation to target each quadrant of the PEST analysis and help your organization fully enumerate political, economic, social, and technological trends that will influence your CXM strategy. Our analysts are deeply familiar with macroenvironmental trends and can provide expert advice in identifying areas of concern in the PEST and drawing strategic requirements as implications.

    2.1.8; 2.1.9 - Build customer personas and subsequent persona scenarios

    Drawing on the preceding exercises as inputs, the facilitator will help the team create and refine personas, create respective customer interaction scenarios, and parse strategic requirements to support your technology portfolio for CXM.

    Step 2.2: Assess the Current State of CXM

    Phase 1

    1.1 Create the Project Vision

    1.2 Structure the Project

    Phase 2

    2.1 Scan the External Environment

    2.2 Assess the Current State of CXM

    2.3 Create an Application Portfolio

    2.4 Develop Deployment Best Practices

    Phase 3

    3.1 Create an Initiative Rollout Plan

    3.2 Confirm and Finalize the CXM Blueprint

    Activities:

    • Conduct a SWOT analysis and extract strategic requirements
    • Inventory existing CXM applications and assess end-user usage and satisfaction
    • Conduct a VRIO analysis and extract strategic requirements

    Outcomes:

    • SWOT analysis
    • VRIO analysis
    • Current state application portfolio
    • Strategic requirements

    Conduct a SWOT analysis to prepare for creating your CXM strategy

    A SWOT analysis is a structured planning method that evaluates the strengths, weaknesses, opportunities, and threats involved in a project.

    Strengths - Strengths describe the positive attributes that are within your control and internal to your organization (i.e. what do you do better than anyone else?)

    Weaknesses - Weaknesses are internal aspects of your business that place you at a competitive disadvantage; think of what you need to enhance to compete with your top competitor.

    Opportunities - Opportunities are external factors the project can capitalize on. Think of them as factors that represent reasons your business is likely to prosper.

    Threats - Threats are external factors that could jeopardize the project. While you may not have control over these, you will benefit from having contingency plans to address them if they occur.

    Info-Tech Insight

    When evaluating weaknesses of your current CXM strategy, ensure that you’re taking into account not just existing applications and business processes, but also potential deficits in your organization’s channel strategy and go-to-market messaging.

    Activity: Conduct a SWOT analysis

    2.2.1 30 minutes

    Input

    • CXM strengths, weaknesses, opportunities, and threats

    Output

    • Completed SWOT analysis

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Identify your current strengths and weaknesses in managing the customer experience. Consider marketing, sales, and customer service aspects of the CX.
    2. Identify any opportunities to take advantage of and threats to mitigate.

    Example: SWOT Analysis

    Strengths

    • Strong customer service model via telephony

    Weaknesses

    • Customer service inaccessible in real-time through website or mobile application

    Opportunities

    • Leverage customer intelligence to measure ongoing customer satisfaction

    Threats

    • Lack of understanding of customer interaction platforms by staff could hinder adoption

    Activity: Translate your SWOT analysis into a list of requirements to be addressed

    2.2.2 30 minutes

    Input

    • SWOT Analysis conducted in Activity 2.2.1.

    Output

    • Strategic CXM requirements
    • CXM Stakeholder Presentation Template

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    For each SWOT quadrant:

    1. Document the point and relate it to a goal.
    2. For each point, identify CXM requirements.
    3. Sort goals and requirements to eliminate duplicates.
    4. Document your outputs in the CXM Stakeholder Presentation Template.

    Example: Parsing Requirements from SWOT Analysis

    Weakness: Customer service inaccessible in real-time through website or mobile application.

    Goal: Increase the ubiquity of access to customer service knowledgebase and agents through a web portal or mobile application.

    Strategic Requirement: Provide a live chat portal that matches the customer with the next available and qualified agent.

    Inventory your current CXM application portfolio

    Applications are the bedrock of technology enablement for CXM. Review your current application portfolio to identify what is working well and what isn’t.

    Understand Your CXM Application Portfolio With a Four-Step Approach

    Build the CXM Application Inventory →Assess Usage and Satisfaction →Map to Business Processes and Determine Dependencies →Determine Grow/Maintain/ Retire for Each Application

    When assessing the CXM applications portfolio, do not cast your net too narrowly; while CRM and MMS applications are often top of mind, applications for digital asset management and social media management are also instrumental for ensuring a well-integrated CX.

    Identify dependencies (either technical or licensing) between applications. This dependency tracing will come into play when deciding which applications should be grown (invested in), which applications should be maintained (held static), and which applications should be retired (divested).

    Info-Tech Insight

    Shadow IT is prominent here! When building your application inventory, ensure you involve Marketing, Sales, and Service to identify any “unofficial” SaaS applications that are being used for CXM. Many organizations fail to take a systematic view of their CXM application portfolio beyond maintaining a rough inventory. To assess the current state of alignment, you must build the application inventory and assess satisfaction metrics.

    Understand which of your organization’s existing enterprise applications enable CXM

    Review the major enterprise applications in your organization that enable CXM and align your requirements to these applications (net-new or existing). Identify points of integration to capture the big picture.

    The image shows a graphic titled Example: Integration of CRM, SMMP, and ERP. It is a flow chart, with icons defined by a legend on the right side of the image

    Info-Tech Insight

    When assessing the current application portfolio that supports CXM, the tendency will be to focus on the applications under the CXM umbrella, relating mostly to marketing, sales, and customer service. Be sure to include systems that act as input to, or benefit due to outputs from, CRM or similar applications. Examples of these systems are ERP systems, ECM (e.g. SharePoint) applications, and more.

    Assess CXM application usage and satisfaction

    Having a portfolio but no contextual data will not give you a full understanding of the current state. The next step is to thoroughly assess usage patterns as well as IT, management, and end-user satisfaction with each application.

    Example: Application Usage & Satisfaction Assessment

    Application Name Level of Usage IT Satisfaction Management Satisfaction End-User Satisfaction Potential Business Impact
    CRM (e.g. Salesforce) Medium High Medium Medium High
    CRM (e.g. Salesforce) Low Medium Medium High Medium
    ... ... ... ... ... ...

    Info-Tech Insight

    When evaluating satisfaction with any application, be sure to consult all stakeholders who come into contact with the application or depend on its output. Consider criteria such as ease of use, completeness of information, operational efficiency, data accuracy, etc.

    Use Info-Tech’s Application Portfolio Assessment to gather end-user feedback on existing CXM applications

    2.2.3 Application Portfolio Assessment: End-User Feedback

    Info-Tech’s Application Portfolio Assessment: End-User Feedback diagnostic is a low-effort, high-impact program that will give you detailed report cards on end-user satisfaction with an application. Use these insights to identify problems, develop action plans for improvement, and determine key participants.

    Application Portfolio Assessment: End-User Feedback is an 18-question survey that provides valuable insights on user satisfaction with an application by:

    • Performing a general assessment of the application portfolio that provides a full view of the effectiveness, criticality, and prevalence of all relevant applications.
    • Measuring individual application performance with open-ended user feedback surveys about the application, organized by department to simplify problem resolution.
    • Providing targeted department feedback to identify end-user satisfaction and focus improvements on the right group or line of business.

    INFO-TECH DIAGNOSTIC

    Activity: Inventory your CXM applications, and assess application usage and satisfaction

    2.2.4 1 hour

    Input

    • List of CXM applications

    Output

    • Complete inventory of CXM applications
    • CXM Stakeholder Presentation Template

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. List all existing applications that support the creation, management, and delivery of your customer experience.
    2. Identify which processes each application supports (e.g. content deployment, analytics, service delivery, etc.).
    3. Identify technical or licensing dependencies (e.g. data models).
    4. Assess the level of application usage by IT, management, and internal users (high/medium/low).
    5. Assess the satisfaction with and performance of each application according to IT, management, and internal users (high/medium/low). Use the Info-Tech Diagnostic to assist.

    Example: CXM Application Inventory

    Application Name Deployed Date Processes Supported Technical and Licensing Dependencies
    Salesforce June 2018 Customer relationship management XXX
    Hootsuite April 2019 Social media listening XXX
    ... ... ... ...

    Conduct a VRIO analysis to identify core competencies for CXM applications

    A VRIO analysis evaluates the ability of internal resources and capabilities to sustain a competitive advantage by evaluating dimensions of value, rarity, imitability, and organization. For critical applications like your CRM platform, use a VRIO analysis to determine their value.

    Is the resource or capability valuable in exploiting an opportunity or neutralizing a threat? Is the resource or capability rare in the sense that few of your competitors have a similar capability? Is the resource or capability costly to imitate or replicate? Is the organization organized enough to leverage and capture value from the resource or capability?
    NO COMPETITIVE DISADVANTAGE
    YES NO→ COMPETITIVE EQUALITY/PARITY
    YES YES NO→ TEMPORARY COMPETITIVE ADVANTAGE
    YES YES YES NO→ UNUSED COMPETITIVE ADVANTAGE
    YES YES YES YES LONG-TERM COMPETITIVE ADVANTAGE

    (Strategic Management Insight, 2013)

    Activity: Conduct a VRIO analysis on your existing application portfolio

    2.2.5 30 minutes

    Input

    • Inventory of existing CXM applications (output of Activity 2.2.4)

    Output

    • Completed VRIO analysis
    • Strategic CXM requirements
    • CXM Stakeholder Presentation Template

    Materials

    • VRIO Analysis model
    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Evaluate each CXM application inventoried in Activity 2.2.4 by answering the four VRIO questions in sequential order. Do not proceed to the following question if “no” is answered at any point.
    2. Record the results. The state of your organization’s competitive advantage, based on each resource/capability, will be determined based on the number of questions with a “yes” answer. For example, if all four questions are answered positively, then your organization is considered to have a long-term competitive advantage.
    3. Document your outputs in the CXM Stakeholder Presentation Template.

    If you want additional support, have our analysts guide your through this phase as part of an Info-Tech workshop

    2.2.1; 2.2.2 Conduct a SWOT Analysis

    Our facilitator will use a small-team approach to delve deeply into each area, identifying enablers (strengths and opportunities) and challenges (weaknesses and threats) relating to the CXM strategy.

    2.2.3; 2.2.4 Inventory your CXM applications, and assess usage and satisfaction

    Working with your core team, the facilitator will assist with building a comprehensive inventory of CXM applications that are currently in use and with identifying adjacent systems that need to be identified for integration purposes. The facilitator will work to identify high and low performing applications and analyze this data with the team during the workshop exercise.

    2.2.5 Conduct a VRIO analysis

    The facilitator will take you through a VRIO analysis to identify which of your internal technological competencies ensure, or can be leveraged to ensure, your competitiveness in the CXM market.

    Step 2.3: Create an Application Portfolio

    Phase 1

    1.1 Create the Project Vision

    1.2 Structure the Project

    Phase 2

    2.1 Scan the External Environment

    2.2 Assess the Current State of CXM

    2.3 Create an Application Portfolio

    2.4 Develop Deployment Best Practices

    Phase 3

    3.1 Create an Initiative Rollout Plan

    3.2 Confirm and Finalize the CXM Blueprint

    Activities

    • Shortlist and prioritize business processes for improvement and reengineering
    • Map current CXM processes
    • Identify business process owners and assign job responsibilities
    • Identify user interaction channels to extract strategic requirements
    • Aggregate and develop strategic requirements
    • Determine gaps in current and future state processes
    • Build the CXM application portfolio

    Outcomes

    CXM application portfolio map

    • Shortlist of relevant business processes
    • Current state map
    • Business process ownership assignment
    • Channel map
    • Complete list of strategic requirements

    Understand business process mapping to draft strategy requirements for marketing, sales, and customer service

    The interaction between sales, marketing, and customer service is very process-centric. Rethink sales and customer-centric workflows and map the desired workflow, imbedding the improved/reengineered process into the requirements.

    Using BPM to Capture Strategic Requirements

    Business process modeling facilitates the collaboration between the business and IT, recording the sequence of events, tasks performed, who performed them, and the levels of interaction with the various supporting applications.

    By identifying the events and decision points in the process and overlaying the people that perform the functions, the data being interacted with, and the technologies that support them, organizations are better positioned to identify gaps that need to be bridged.

    Encourage the analysis by compiling an inventory of business processes that support customer-facing operations that are relevant to achieving the overall organizational strategies.

    Outcomes

    • Operational effectiveness
    • Identification, implementation, and maintenance of reusable enterprise applications
    • Identification of gaps that can be addressed by acquisition of additional applications or process improvement/ reengineering

    INFO-TECH OPPORTUNITY

    Refer to Info-Tech’s Create a Comprehensive BPM Strategy for Successful Process Automation blueprint for further assistance in taking a BPM approach to your sales-IT alignment.

    Leverage the APQC framework to help define your inventory of sales, marketing, and service processes

    APQC’s Process Classification Framework is a taxonomy of cross-functional business processes intended to allow the objective comparison of organizational performance within and among organizations.

    OPERATING PROCESSES
    1.0 Develop Vision and Strategy 2.0 Develop and Manage Products and Services 3.0 Market and Sell Products and Services 4.0 Deliver Products and Services 5.0 Manage Customer Service
    MANAGEMENT AND SUPPORT SERVICES
    6.0 Develop and Manage Human Capital
    7.0 Manage Information Technology
    8.0 Manage Financial Resources
    9.0 Acquire, Construct, and Manage Assets
    10.0 Manage Enterprise Risk, Compliance, and Resiliency
    11.0 Manage External Relationships
    12.0 Develop and Manage Business Capabilities

    (APQC, 2011)

    MORE ABOUT APQC

    • APQC serves as a high-level, industry-neutral enterprise model that allows organizations to see activities from a cross-industry process perspective.
    • Sales processes have been provided up to Level 3 of the APQC framework.
    • The APQC Framework can be accessed through APQC’s Process Classification Framework.
    • Note: The framework does not list all processes within a specific organization, nor are the processes that are listed in the framework present in every organization.

    Understand APQC’s “Market and Sell Products and Services” framework

    3.0 Market and Sell Products

    3.1 Understand markets, customers, and capabilities

    • 3.1.1 Perform customer and market intelligence analysis
    • 3.1.2 Evaluate and prioritize market opportunities

    3.2 Develop marketing strategy

    • 3.2.1 Define offering and customer value proposition
    • 3.2.2 Define pricing strategy to align to value proposition
    • 3.2.3 Define and manage channel strategy

    3.3 Develop sales strategy

    • 3.3.1 Develop sales forecast
    • 3.3.2 Develop sales partner/alliance relationships
    • 3.3.3 Establish overall sales budgets
    • 3.3.4 Establish sales goals and measures
    • 3.3.5 Establish customer management measures

    3.4 Develop and manage marketing plans

    • 3.4.1 Establish goals, objectives, and metrics by products by channels/segments
    • 3.4.2 Establish marketing budgets
    • 3.4.3 Develop and manage media
    • 3.4.4 Develop and manage pricing
    • 3.4.5 Develop and manage promotional activities
    • 3.4.6 Track customer management measures
    • 3.4.7 Develop and manage packaging strategy

    3.5 Develop and manage sales plans

    • 3.5.1 Generate leads
    • 3.5.2 Manage customers and accounts
    • 3.5.3 Manage customer sales
    • 3.5.4 Manage sales orders
    • 3.5.5 Manage sales force
    • 3.5.6 Manage sales partners and alliances

    Understand APQC’s “Manage Customer Service” framework

    5.0 Manage Customer Service

    5.1 Develop customer care/customer service strategy

    • 5.1.1 Develop customer service segmentation
      • 5.1.1.1 Analyze existing customers
      • 5.1.1.2 Analyze feedback of customer needs
    • 5.1.2 Define customer service policies and procedures
    • 5.1.3 Establish service levels for customers

    5.2 Plan and manage customer service operations

    • 5.2.1 Plan and manage customer service work force
      • 5.2.1.1 Forecast volume of customer service contacts
      • 5.2.1.2 Schedule customer service work force
      • 5.2.1.3 Track work force utilization
      • 5.2.1.4 Monitor and evaluate quality of customer interactions with customer service representatives

    5.2 Plan and 5.2.3.1 Receive customer complaints 5.2.3.2 Route customer complaints 5.2.3.3 Resolve customer complaints 5.2.3.4 Respond to customer complaints manage customer service operations

    • 5.2.2 Manage customer service requests/inquiries
      • 5.2.2.1 Receive customer requests/inquiries
      • 5.2.2.2 Route customer requests/inquiries
      • 5.2.2.3 Respond to customer requests/inquiries
    • 5.2.3 Manage customer complaints
      • 5.2.3.1 Receive customer complaints
      • 5.2.3.2 Route customer complaints
      • 5.2.3.3 Resolve customer complaints
      • 5.2.3.4 Respond to customer complaints

    Leverage the APQC framework to inventory processes

    The APQC framework provides levels 1 through 3 for the “Market and Sell Products and Services” framework. Level 4 processes and beyond will need to be defined by your organization as they are more granular (represent the task level) and are often industry-specific.

    Level 1 – Category - 1.0 Develop vision and strategy (10002)

    Represents the highest level of process in the enterprise, such as manage customer service, supply chain, financial organization, and human resources.

    Level 2 – Process Group - 1.1 Define the business concept and long-term vision (10014)

    Indicates the next level of processes and represents a group of processes. Examples include perform after sales repairs, procurement, accounts payable, recruit/source, and develop sales strategy.

    Level 3 – Process - 1.1.1 Assess the external environment (10017)

    A series of interrelated activities that convert input into results (outputs); processes consume resources and require standards for repeatable performance; and processes respond to control systems that direct quality, rate, and cost of performance.

    Level 4 – Activity - 1.1.1.1 Analyze and evaluate competition (10021)

    Indicates key events performed when executing a process. Examples of activities include receive customer requests, resolve customer complaints, and negotiate purchasing contracts.

    Level 5 – Task - 12.2.3.1.1 Identify project requirements and objectives (11117)

    Tasks represent the next level of hierarchical decomposition after activities. Tasks are generally much more fine grained and may vary widely across industries. Examples include create business case and obtain funding, and design recognition and reward approaches.

    Info-Tech Insight

    Define the Level 3 processes in the context of your organization. When creating a CXM strategy, concern yourself with the interrelatedness of processes across existing departmental silos (e.g. marketing, sales, customer service). Reserve the analysis of activities (Level 4) and tasks (Level 3) for granular work initiatives involved in the implementation of applications.

    Use Info-Tech’s CXM Business Process Shortlisting Tool to prioritize processes for improvement

    2.3.1 CXM Business Process Shortlisting Tool

    The CXM Business Process Shortlisting Tool can help you define which marketing, sales, and service processes you should focus on.

    Working in concert with stakeholders from the appropriate departments, complete the short questionnaire.

    Based on validated responses, the tool will highlight processes of strategic importance to your organization.

    These processes can then be mapped, with requirements extracted and used to build the CXM application portfolio.

    INFO-TECH DELIVERABLE

    The image shows a screenshot of the Prioritize Your Business Processes for Customer Experience Management document, with sample information filled in.

    Activity: Define your organization’s top-level processes for reengineering and improvement

    2.3.2 1 hour

    Input

    • Shortlist business processes relating to customer experience (output of Tool 2.3.1)

    Output

    • Prioritized list of top-level business processes by department

    Materials

    • APQC Framework
    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Inventory all business processes relating to customer experience.
    2. Customize the impacted business units and factor weightings on the scorecard below to reflect the structure and priorities of your organization.
    3. Using the scorecard, identify all processes essential to your customer experience. The scorecard is designed to determine which processes to focus on and to help you understand the impact of the scrutinized process on the different customer-centric groups across the organization.

    The image shows a chart with the headings Factor, Check If Yes, repeated. The chart lists various factors, and the Check if Yes columns are left blank.

    This image shows a chart with the headings Factor, Weights, and Scores. It lists factors, and the rest of the chart is blank.

    Current legend for Weights and Scores

    F – Finance

    H – Human Resources

    I – IT

    L – Legal

    M – Marketing

    BU1 – Business Unit 1

    BU2 – Business Unit 2

    Activity: Map top-level business processes to extract strategic requirements for the CXM application portfolio

    2.3.3 45 minutes

    Input

    • Prioritized list of top-level business processes (output of Activity 2.3.2)

    Output

    • Current state process maps
    • CXM Strategy Stakeholder Presentation

    Materials

    • APQC Framework
    • Whiteboard
    • Markers
    • Sticky notes

    Participants

    • Project Team

    Instructions

    1. List all prioritized business processes, as identified in Activity 2.3.2. Map your processes in enough detail to capture all relevant activities and system touchpoints, using the legend included in the example. Focus on Level 3 processes, as explained in the APQC framework.
    2. Record all of the major process steps on sticky notes. Arrange the sticky notes in sequential order.
    3. On a set of different colored sticky notes, record all of the systems that enable the process. Map these system touchpoints to the process steps.
    4. Draw arrows in between the steps to represent manual entry or automation.
    5. Identify effectiveness and gaps in existing processes to determine process technology requirements.
    6. Document your outputs in the CXM Strategy Stakeholder Presentation Template.

    INFO-TECH OPPORTUNITY

    Refer to Info-Tech’s Create a Comprehensive BPM Strategy for Successful Process Automation blueprint for further assistance in taking a BPM approach to your sales-IT alignment.

    Info-Tech Insight

    Analysis of the current state is important in the context of gap analysis. It aids in understanding the discrepancies between your baseline and the future state vision, and ensures that these gaps are documented as part of the overall requirements.

    Example: map your current CXM processes to parse strategic requirements (customer acquisition)

    The image shows an example of a CXM process map, which is formatted as a flow chart, with a legend at the bottom.

    Activity: Extract requirements from your top-level business processes

    2.3.4 30 minutes

    Input

    • Current state process maps (output of Activity 2.3.3)

    Output

    • Requirements for future state mapping

    Materials

    • Info-Tech examples
    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Discuss the current state of priority business processes, as mapped in Activity 2.3.3.
    2. Extract process requirements for business process improvement by asking the following questions:
    • What is the input?
    • What is the output?
    • What are the underlying risks and how can they be mitigated?
    • What conditions should be met to mitigate or eliminate each risk?
    • What are the improvement opportunities?
    • What conditions should be met to enable these opportunities?
    1. Break business requirements into functional and non-functional requirements, as outlined on this slide.

    Info-Tech Insight

    The business and IT should work together to evaluate the current state of business processes and the business requirements necessary to support these processes. Develop a full view of organizational needs while still obtaining the level of detail required to make informed decisions about technology.

    Establish process owners for each top-level process

    Identify the owners of the business processes being evaluated to extract requirements. Process owners will be able to inform business process improvement and assume accountability for reengineered or net-new processes going forward.

    Process Owner Responsibilities

    Process ownership ensures support, accountability, and governance for CXM and its supporting processes. Process owners must be able to negotiate with business users and other key stakeholders to drive efficiencies within their own process. The process owner must execute tactical process changes and continually optimize the process.

    Responsibilities include the following:

    • Inform business process improvement
    • Introduce KPIs and metrics
    • Monitor the success of the process
    • Present process findings to key stakeholders within the organization
    • Develop policies and procedures for the process
    • Implement new methods to manage the process

    Info-Tech Insight

    Identify the owners of existing processes early so you understand who needs to be involved in process improvement and reengineering. Once implemented, CXM applications are likely to undergo a series of changes. Unstructured data will multiply, the number of users may increase, administrators may change, and functionality could become obsolete. Should business processes be merged or drastically changed, process ownership can be reallocated during CXM implementation. Make sure you have the right roles in place to avoid inefficient processes and poor data quality.

    Use Info-Tech’s Process Owner Assignment Guide to aid you in choosing the right candidates

    2.3.5 Process Owner Assignment Guide

    The Process Owner Assignment Guide will ensure you are taking the appropriate steps to identify process owners for existing and net-new processes created within the scope of the CXM strategy.

    The steps in the document will help with important considerations such as key requirements and responsibilities.

    Sections of the document:

    1. Define responsibilities and level of commitment
    2. Define job requirements
    3. Receive referrals
    4. Hold formal interviews
    5. Determine performance metrics

    INFO-TECH DELIVERABLE

    Activity: Assign business process owners and identify job responsibilities

    2.3.6 30 minutes

    Input

    • Current state map (output of Activity 2.3.3)

    Output

    • Process owners assigned
    • CXM Strategy Stakeholder Presentation

    Materials

    Participants

    • Project Team

    Instructions

    1. Using Info-Tech’s Process Owner Assignment Guide, assign process owners for each process mapped out in Activity 2.3.3. To assist in doing so, answer the following questions
    • What is the level of commitment expected from each process owner?
    • How will the process owner role be tied to a formal performance appraisal?
    • What metrics can be assigned?
    • How much work will be required to train process owners?
    • Is there support staff available to assist process owners?
  • Document your outputs in the CXM Strategy Stakeholder Presentation Template.
  • Choose the channels that will make your target customers happy – and ensure they’re supported by CXM applications

    Traditional Channels

    Face-to-Face is efficient and has a positive personalized aspect that many customers desire, be it for sales or customer service.

    Telephony (or IVR) has been a mainstay of customer interaction for decades. While not fading, it must be used alongside newer channels.

    Postal used to be employed extensively for all domains, but is now used predominantly for e-commerce order fulfillment.

    Web 1.0 Channels

    Email is an asynchronous interaction channel still preferred by many customers. Email gives organizations flexibility with queuing.

    Live Chat is a way for clients to avoid long call center wait times and receive a solution from a quick chat with a service rep.

    Web Portals permit transactions for sales and customer service from a central interface. They are a must-have for any large company.

    Web 2.0 Channels

    Social Media consists of many individual services (like Facebook or Twitter). Social channels are exploding in consumer popularity.

    HTML5 Mobile Access allows customers to access resources from their personal device through its integrated web browser.

    Dedicated Mobile Apps allow customers to access resources through a dedicated mobile application (e.g. iOS, Android).

    Info-Tech Insight

    Your channel selections should be driven by customer personas and scenarios. For example, social media may be extensively employed by some persona types (i.e. Millennials) but see limited adoption in other demographics or use cases (i.e. B2B).

    Activity: Extract requirements from your channel map

    2.3.7 30 minutes

    Input

    • Current state process maps (output of Activity 2.3.3)

    Output

    • Channel map
    • CXM Strategy Stakeholder Presentation

    Materials

    • Info-Tech examples
    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Inventory which customer channels are currently used by each department.
    2. Speak with the department heads for Marketing, Sales, and Customer Service and discuss future channel usage. Identify any channels that will be eliminated or added.
    3. Document your outputs in the CXM Strategy Stakeholder Presentation Template.

    Example: Business Unit Channel Use Survey

    Marketing Sales Customer Service
    Current Used? Future Use? Current Used? Future Use? Current Used? Future Use?
    Email Yes Yes No No No No
    Direct Mail Yes No No No No No
    Phone No No Yes Yes Yes Yes
    In-Person No No Yes Yes Yes No
    Website Yes Yes Yes Yes Yes Yes
    Social Channels No Yes Yes Yes No Yes

    Bring it together: amalgamate your strategic requirements for CXM technology enablement

    Discovering your organizational requirements is vital for choosing the right business-enabling initiative, technology, and success metrics. Sorting the requirements by marketing, sales, and service is a prudent mechanism for clarification.

    Strategic Requirements: Marketing

    Definition: High-level requirements that will support marketing functions within CXM.

    Examples

    • Develop a native mobile application while also ensuring that resources for your web presence are built with responsive design interface.
    • Consolidate workflows related to content creation to publish all brand marketing from one source of truth.
    • Augment traditional web content delivery by providing additional functionality such as omnichannel engagement, e-commerce, dynamic personalization, and social media functionality.

    Strategic Requirements: Sales

    Definition: High-level requirements that will support sales functions within CXM.

    Examples

    • Implement a system that reduces data errors and increases sales force efficiency by automating lead management workflows.
    • Achieve end-to-end visibility of the sales process by integrating the CRM, inventory, and order processing and shipping system.
    • Track sales force success by incorporating sales KPIs with real-time business intelligence feeds.

    Strategic Requirements: Customer Service

    Definition: High-level requirements that will support customer service functions within CXM.

    Examples

    • Provide a live chat portal that connects the customer, in real time, with the next available and qualified agent.
    • Bridge the gap between the source of truth for sales with customer service suites to ensure a consistent, end-to-end customer experience from acquisition to customer engagement and retention.
    • Use customer intelligence to track customer journeys in order to best understand and resolve customer complaints.

    Activity: Consolidate your strategic requirements for the CXM application portfolio

    2.3.8 30 minutes

    Input

    • Strategic CXM requirements (outputs of Activities 2.1.5, 2.1.6, and 2.2.2)

    Output

    • Aggregated strategic CXM requirements
    • CXM Strategy Stakeholder Presentation

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Aggregate strategic CXM requirements that have been gathered thus far in Activities 2.1.5, 2.1.6, and 2.2.2, 2.3.5, and 2.3.7.
    2. Identify and rectify any obvious gaps in the existing set of strategic CXM requirements. To do so, consider the overall corporate and CXM strategy: are there any objectives that have not been addressed in the requirements gathering process?
    3. De-duplicate the list. Prioritize the aggregated/augmented list of CXM requirements as “high/critical,” “medium/important,” or “low/desirable.” This will help manage the relative importance and urgency of different requirements to itemize respective initiatives, resources, and the time in which they need to be addressed. In completing the prioritization of requirements, consider the following:
    • Requirements prioritization must be completed in collaboration with all key stakeholders (across the business and IT). Stakeholders must ask themselves:
      • What are the consequences to the business objectives if this requirement is omitted?
      • Is there an existing system or manual process/workaround that could compensate for it?
      • What business risk is being introduced if a particular requirement cannot be implemented right away?
  • Document your outputs in the CXM Strategic Stakeholder Presentation Template.
  • Info-Tech Insight

    Strategic CXM requirements will be used to prioritize specific initiatives for CXM technology enablement and application rollout. Ensure that IT, the business, and executive management are all aligned on a consistent and agreed upon set of initiatives.

    Burberry digitizes the retail CX with real-time computing to bring consumers back to the physical storefront

    CASE STUDY

    Industry Consumer Goods, Clothing

    Source Retail Congress, 2017

    Burberry London

    Situation

    Internally, Burberry invested in organizational alignment and sales force brand engagement. The more the sales associate knew about the brand engagement and technology-enabled strategy, the better the store’s performance. Before the efforts went to building relationships with customers, Burberry built engagement with employees.

    Burberry embraced “omnichannel,” the hottest buzzword in retailing to provide consumers the most immersive and intuitive brand experience within the store.

    Technology Strategy

    RFID tags were attached to products to trigger interactive videos on the store’s screens in the common areas or in a fitting room. Consumers are to have instant access to relevant product combinations, ranging from craftsmanship information to catwalk looks. This is equivalent to the rich, immediate information consumers have grown to expect from the online shopping experience.

    Another layer of Burberry’s added capabilities includes in-memory-based analytics to gather and analyze data in real-time to better understand customers’ desires. Burberry builds customer profiles based on what items the shoppers try on from the RFID-tagged garments. Although this requires customer privacy consent, customers are willing to provide personal information to trusted brands.

    This program, called “Customer 360,” assisted sales associates in providing data-driven shopping experiences that invite customers to digitally share their buying history and preferences via their tablet devices. As the data is stored in Burberry’s customer data warehouse and accessed through an application such as CRM, it is able to arm sales associates with personal fashion advice on the spot.

    Lastly, the customer data warehouse/CRM application is linked to Burberry’s ERP system and other custom applications in a cloud environment to achieve real-time inventory visibility and fulfillment.

    Burberry digitizes the retail CX with real-time computing to bring consumers back to the physical storefront (cont'd)

    CASE STUDY

    Industry Consumer Goods, Clothing

    Source Retail Congress, 2017

    Burberry London

    Situation

    Internally, Burberry invested in organizational alignment and sales force brand engagement. The more the sales associate knew about the brand engagement and technology-enabled strategy, the better the store’s performance. Before the efforts went to building relationships with customers, Burberry built engagement with employees.

    Burberry embraced “omnichannel,” the hottest buzzword in retailing to provide consumers the most immersive and intuitive brand experience within the store.

    The Results

    Burberry achieved one of the most personalized retail shopping experiences. Immediate personal fashion advice using customer data is only one component of the experience. Not only are historic purchases and preference data analyzed, a customer’s social media posts and fashion industry trend data is proactively incorporated into the interactions between the sales associate and the customer.

    Burberry achieved CEO Angela Ahrendts’ vision of “Burberry World,” in which the brand experience is seamlessly integrated across channels, devices, retail locations, products, and services.

    The organizational alignment between Sales, Marketing, and IT empowered employees to bring the Burberry brand to life in unique ways that customers appreciated and were willing to advocate.

    Burberry is now one of the most beloved and valuable luxury brands in the world. The brand tripled sales in five years, became one of the leading voices on trends, fashion, music, and beauty while redefining what top-tier customer experience should be both digitally and physically.

    Leverage both core CRM suites and point solutions to create a comprehensive CXM application portfolio

    The debate between best-of-breed point solutions versus comprehensive CRM suites is ongoing. There is no single best answer. In most cases, an effective portfolio will include both types of solutions.

    • When the CRM market first evolved, vendors took a heavy “module-centric” approach – offering basic suites with the option to add a number of individual modules. Over time, vendors began to offer suites with a high degree of out-of-the-box functionality. The market has now witnessed the rise of powerful point solutions for the individual business domains.
    • Point solutions augment, rather than supplant, the functionality of a CRM suite in the mid-market to large enterprise context. Point solutions do not offer the necessary spectrum of functionality to take the place of a unified CRM suite.
    • Point solutions enhance aspects of CRM. For example, most CRM vendors have yet to provide truly impressive social media capabilities. An organization seeking to dominate the social space should consider purchasing a social media management platform to address this deficit in their CRM ecosystem.

    Customer Relationship Management (CRM)

    Social Media Management Platform (SMMP)

    Field Sales/Service Automation (FSA)

    Marketing Management Suites

    Sales Force Automation

    Email Marketing Tools

    Lead Management Automation (LMA)

    Customer Service Management Suites

    Customer Intelligence Systems

    Don’t adopt multiple point solutions without a genuine need: choose domains most in need of more functionality

    Some may find that the capabilities of a CRM suite are not enough to meet their specific requirements: supplementing a CRM suite with a targeted point solution can get the job done. A variety of CXM point solutions are designed to enhance your business processes and improve productivity.

    Sales

    Sales Force Automation: Automatically generates, qualifies, tracks, and contacts leads for sales representatives, minimizing time wasted on administrative duties.

    Field Sales: Allows field reps to go through the entire sales cycle (from quote to invoice) while offsite.

    Sales Compensation Management: Models, analyzes, and dispenses payouts to sales representatives.

    Marketing

    Social Media Management Platforms (SMMP): Manage and track multiple social media services, with extensive social data analysis and insight capabilities.

    Email Marketing Bureaus: Conduct email marketing campaigns and mine results to effectively target customers.

    Marketing Intelligence Systems: Perform in-depth searches on various data sources to create predictive models.

    Service

    Customer Service Management (CSM): Manages the customer support lifecycle with a comprehensive array of tools, usually above and beyond what’s in a CRM suite.

    Customer Service Knowledge Management (CSKM): Advanced knowledgebase and resolution tools.

    Field Service Automation (FSA): Manages customer support tickets, schedules work orders, tracks inventory and fleets, all on the go.

    Info-Tech Insight

    CRM and point solution integration is critical. A best-of-breed product that poorly integrates with your CRM suite compromises the value generated by the combined solution, such as a 360-degree customer view. Challenge point solution vendors to demonstrate integration capabilities with CRM packages.

    Refer to your use cases to decide whether to add a dedicated point solution alongside your CRM suite

    Know your end state and what kind of tool will get you there. Refer to your strategic requirements to evaluate CRM and point solution feature sets.

    Standalone CRM Suite

    Sales Conditions: Need selling and lead management capabilities for agents to perform the sales process, along with sales dashboards and statistics.

    Marketing or Communication Conditions: Need basic campaign management and ability to refresh contact records with information from social networks.

    Member Service Conditions: Need to keep basic customer records with multiple fields per record and basic channels such as email and telephony.

    Add a Best-of-Breed or Point Solution

    Environmental Conditions: An extensive customer base with many different interactions per customer along with industry specific or “niche” needs. Point solutions will benefit firms with deep needs in specific feature areas (e.g. social media or field service).

    Sales Conditions: Lengthy sales process and account management requirements for assessing and managing opportunities – in a technically complex sales process.

    Marketing Conditions: Need social media functionality for monitoring and social property management.

    Customer Service Conditions: Need complex multi-channel service processes and/or need for best-of-breed knowledgebase and service content management.

    Info-Tech Insight

    The volume and complexity of both customers and interactions have a direct effect on when to employ just a CRM suite and when to supplement with a point solution. Check to see if your CRM suite can perform a specific business requirement before deciding to evaluate potential point solutions.

    Use Info-Tech’s CXM Portfolio Designer to create an inventory of high-value customer interaction applications

    2.3.9 CXM Portfolio Designer

    The CXM Portfolio Designer features a set of questions geared toward understanding your needs for marketing, sales, and customer service enablement.

    These results are scored and used to suggest a comprehensive solution-level set of enterprise applications for CXM that can drive your application portfolio and help you make investment decisions in different areas such as CRM, marketing management, and customer intelligence.

    Sections of the tool:

    1. Introduction
    2. Customer Experience Management Questionnaire
    3. Business Unit Recommendations
    4. Enterprise-Level Recommendations

    INFO-TECH DELIVERABLE

    Understand the art of the possible and how emerging trends will affect your application portfolio (1)

    Cloud

    • The emergence and maturation of cloud technologies has broken down the barriers of software adoption.
    • Cloud has enabled easy-to-implement distributed sales centers for enterprises with global or highly fragmented workforces.
    • Cloud offers the agility, scalability, and flexibility needed to accommodate dynamic, evolving customer requirements while minimizing resourcing strain on IT and sales organizations.
    • It is now easier for small to medium enterprises to acquire and implement advanced sales capabilities to compete against larger competitors in a business environment where the need for business agility is key.
    • Although cost and resource reduction is a prominent view of the impact of cloud computing, it is also seen as an agile way to innovate and deliver a product/service experience that customers are looking for – the key to competitive differentiation.

    Mobile

    • Smartphones and other mobile devices were adopted faster than the worldwide web in the late 1990s, and the business and sales implications of widespread adoption cannot be ignored – mobile is changing how businesses operate.
      • Accenture’s Mobility Research Report states that 87% of companies in the study have been guided by a formal mobility strategy – either one that spans the enterprise or for specific business functions.
    • Mobile is now the first point of interaction with businesses. With this trend, gaining visibility into customer insights with mobile analytics is a top priority for organizations.
    • Enterprises need to develop and optimize mobile experiences for internal salespeople and customers alike as part of their sales strategy – use mobile to enable a competitive, differentiated sales force.
    • The use of mobile platforms by sales managers is becoming a norm. Sales enablement suites should support real-time performance metrics on mobile dashboards.

    Understand the art of the possible and how emerging trends will affect your application portfolio (2)

    Social

    • The rise of social networking brought customers together. Customers are now conversing with each other over a wide range of community channels that businesses neither own nor control.
      • The Power Shift: The use of social channels empowered customers to engage in real-time, unstructured conversations for the purpose of product/service evaluations. Those who are active in social environments come to wield considerable influence over the buying decisions of other prospects and customers.
    • Organizations need to identify the influencers and strategically engage them as well as developing an active presence in social communities that lead to sales.
    • Social media does have an impact on sales, both B2C and B2B. A study conducted in 2012 by Social Centered Selling states that 72.6% of sales people using social media as part of their sales process outperformed their peers and exceeded their quota 23% more often (see charts at right).

    The image shows two bar graphs, the one on top titled Achieving Quota: 2010-2012 and the one below titled Exceeding Quota: 2010-2012.

    (Social Centered Learning, n.d.)

    Understand the art of the possible and how emerging trends will affect your application portfolio (3)

    Internet of Things

    • Definition: The Internet of Things (IoT) is the network of physical objects accessed through the internet. These objects contain embedded technology to interact with internal states or the external environment.
    • Why is this interesting?
      • IoT will make it possible for everybody and everything to be connected at all times, processing information in real time. The result will be new ways of making business and sales decisions supported by the availability of information.
      • With ubiquitous connectivity, the current product design-centric view of consumers is changing to one of experience design that aims to characterize the customer relationship with a series of integrated interaction touchpoints.
      • The above change contributes to the shift in focus from experience and will mean further acceleration of the convergence of customer-centric business functions. IoT will blur the lines between marketing, sales, and customer service.
      • Products or systems linked to products are capable of self-operating, learning, updating, and correcting by analyzing real-time data.
      • Take for example, an inventory scale in a large warehouse connected to the company’s supply chain management (SCM) system. When a certain inventory weight threshold is reached due to outgoing shipments, the scale automatically sends out a purchase requisition to restock inventory levels to meet upcoming demand.
    • The IoT will eventually begin to transform existing business processes and force organizations to fundamentally rethink how they produce, operate, and service their customers.

    The image shows a graphic titled The Connected Life by 2020, and shows a number of statistics on use of connected devices over time.

    For categories covered by existing applications, determine the disposition for each app: grow it or cut it loose

    Use the two-by-two matrix below to structure your optimal CXM application portfolio. For more help, refer to Info-Tech’s blueprint, Use Agile Application Rationalization Instead of Going Big Bang.

    1

    0

    Richness of Functionality

    INTEGRATE RETAIN
    1
    REPLACE REPLACE OR ENHANCE

    0

    Degree of Integration

    Integrate: The application is functionally rich, so spend time and effort integrating it with other modules by building or enhancing interfaces.

    Retain: The application satisfies both functionality and integration requirements, so it should be considered for retention.

    Replace/Enhance: The module offers poor functionality but is well integrated with other modules. If enhancing for functionality is easy (e.g. through configuration or custom development), consider enhancement or replace it.

    Replace: The application neither offers the functionality sought nor is it integrated with other modules, and thus should be considered for replacement.

    Activity: Brainstorm the art of the possible, and build and finalize the CXM application portfolio

    2.3.10 1-2 hours

    Input

    • Process gaps identified (output of Activity 2.3.9)

    Output

    • CXM application portfolio
    • CXM Strategy Stakeholder Presentation

    Materials

    Participants

    • Project Team

    Instructions

    1. Review the complete list of strategic requirements identified in the preceding exercises, as well as business process maps.
    2. Identify which application would link to which process (e.g. customer acquisition, customer service resolution, etc.).
    3. Use Info-Tech’s CXM Portfolio Designer to create an inventory of high-value customer interaction applications.
    4. Define rationalization and investment areas.
    5. Document your outputs in the CXM Strategy Stakeholder Presentation Template.

    Example: Brainstorming the Art of the Possible

    Application Gap Satisfied Related Process Number of Linked Requirements Do we have the system? Priority
    LMA
    • Lead Generation
    • Social Lead Management
    • CRM Integration
    Sales 8 No Business Critical
    Customer Intelligence
    • Web Analytics
    • Customer Journey Tracking
    Customer Service 6 Yes Business Enabling
    ... ... ... ... ... ...

    Use Info-Tech’s comprehensive reports to make granular vendor selection decisions

    Now that you have developed the CXM application portfolio and identified areas of new investment, you’re well positioned to execute specific vendor selection projects. After you have built out your initiatives roadmap in phase 3, the following reports provide in-depth vendor reviews, feature guides, and tools and templates to assist with selection and implementation.

    Info-Tech Insight

    Not all applications are created equally well for each use case. The vendor reports help you make informed procurement decisions by segmenting vendor capabilities among major use cases. The strategic requirements identified as part of this project should be used to select the use case that best fits your needs.

    If you want additional support, have our analyst guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    2.3.2; 2.3.3 Shortlist and map the key top-level business processes

    Based on experience working with organizations in similar verticals, the facilitator will help your team map out key sample workflows for marketing, sales, and customer service.

    2.3.6 Create your strategic requirements for CXM

    Drawing on the preceding exercises, the facilitator will work with the team to create a comprehensive list of strategic requirements that will be used to drive technology decisions and roadmap initiatives.

    2.3.10 Create and finalize the CXM application portfolio

    Using the strategic requirements gathered through internal, external, and technology analysis up to this point, a facilitator will assist you in assembling a categorical technology application portfolio to support CXM.

    Step 2.4: Develop Deployment Best Practices

    Phase 1

    1.1 Create the Project Vision

    1.2 Structure the Project

    Phase 2

    2.1 Scan the External Environment

    2.2 Assess the Current State of CXM

    2.3 Create an Application Portfolio

    2.4 Develop Deployment Best Practices

    Phase 3

    3.1 Create an Initiative Rollout Plan

    3.2 Confirm and Finalize the CXM Blueprint

    Activities:

    • Develop a CXM integration map
    • Develop a mitigation plan for poor quality customer data
    • Create a framework for end-user adoption of CXM applications

    Outcomes:

    • CXM application portfolio integration map
    • Data quality preservation plan
    • End-user adoption plan

    Develop an integration map to specify which applications will interface with each other

    Integration is paramount: your CXM application portfolio must work as a unified face to the customer. Create an integration map to reflect a system of record and the exchange of data.

    • CRM
      • ERP
      • Telephony Systems (IVR, CTI)
      • Directory Services
      • Email
      • Content Management
      • Point Solutions (SMMP, MMS)

    The points of integration that you’ll need to establish must be based on the objectives and requirements that have informed the creation of the CXM application portfolio. For instance, achieving improved customer insights would necessitate a well-integrated portfolio with customer interaction point solutions, business intelligence tools, and customer data warehouses in order to draw the information necessary to build insight. To increase customer engagement, channel integration is a must (i.e. with robust links to unified communications solutions, email, and VoIP telephony systems).

    Info-Tech Insight

    If the CXM application portfolio is fragmented, it will be nearly impossible to build a cohesive view of the customer and deliver a consistent customer experience. Points of integration (POIs) are the junctions between the applications that make up the CXM portfolio. They are essential to creating value, particularly in customer insight-focused and omnichannel-focused deployments. Be sure to include enterprise applications that are not included in the CXM application portfolio. Popular systems to consider for POIs include billing, directory services, content management, and collaboration tools.

    After identifying points of integration, profile them by business significance, complexity, and investment required

    • After enumerating points of integration between the CRM platform and other CXM applications and data sources, profile them by business significance and complexity required to determine a rank-ordering of priorities.
    • Points of integration that are of high business significance with low complexity are your must do’s – these are your quick wins that deliver maximum value without too much cost. This is typically the case when integrating a vendor-to-vendor solution with available native connectors.
    • On the opposite end of the spectrum are your POIs that will require extensive work to deliver but offer negligible value. These are your should not do’s – typically, these are niche requests for integration that will only benefit the workflows of a small (and low priority) group of end users. Only accommodate them if you have slack time and budget built into your implementation timeline.

    The image shows a square matrix with Point of Integration Value Matrix in the centre. On the X-axis is Business Significance, and on the Y-axis is POI complexity. In the upper left quadrant is Should Not Do, upper right is Should Do, lower left is Could Do, and lower right is Must do.

    "Find the absolute minimum number of ‘quick wins’ – the POIs you need from day one that are necessary to keep end users happy and deliver value." – Maria Cindric, Australian Catholic University Source: Interview

    Activity: Develop a CXM application integration map

    2.4.1 1 hour

    Input

    • CXM application portfolio (output of Activity 2.3.10)

    Output

    • CXM application portfolio integration map
    • CXM Strategy Stakeholder Presentation

    Materials

    • Sticky notes
    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. On sticky notes, record the list of applications that comprise the CXM application portfolio (built in Activity 2.3.10) and all other relevant applications. Post the sticky notes on a whiteboard so you can visualize the portfolio.
    2. Discuss the key objectives and requirements that will drive the integration design of the CXM application portfolio.
    3. As deemed necessary by step 2, rearrange the sticky notes and draw connecting arrows between applications to reflect their integration. Allow the point of the arrow to indicate direction of data exchanges.
    4. Document your outputs in the CXM Strategy Stakeholder Presentation Template.

    Example: Mapping the Integration of CXM Applications

    The image shows several yellow rectangles with text in them, connected by arrows.

    Plug the hole and bail the boat – plan to be preventative and corrective with customer data quality initiatives

    Data quality is king: if your customer data is garbage in, it will be garbage out. Enable strategic CXM decision making with effective planning of data quality initiatives.

    Identify and Eliminate Dead Weight

    Poor data can originate in the firm’s system of record, which is typically the CRM system. Custom queries, stored procedures, or profiling tools can be used to assess the key problem areas.

    Loose rules in the CRM system lead to records of no significant value in the database. Those rules need to be fixed, but if changes are made before the data is fixed, users could encounter database or application errors, which will reduce user confidence in the system.

    • Conduct a data flow analysis: map the path that data takes through the organization.
    • Use a mass cleanup to identify and destroy dead weight data. Merge duplicates either manually or with the aid of software tools. Delete incomplete data, taking care to reassign related data.
    • COTS packages typically allow power users to merge records without creating orphaned records in related tables, but custom-built applications typically require IT expertise.

    Create and Enforce Standards & Policies

    Now that the data has been cleaned, protect the system from relapsing.

    Work with business users to find out what types of data require validation and which fields should have changes audited. Whenever possible, implement drop-down lists to standardize values and make programming changes to ensure that truncation ceases.

    • Truncated data is usually caused by mismatches in data structures during either one-time data loads or ongoing data integrations.
    • Don’t go overboard on assigning required fields – users will just put key data in note fields.
    • Discourage the use of unstructured note fields: the data is effectively lost unless it gets subpoenaed.
    • To specify policies, use Info-Tech’s Master Data Record Tool.

    Profile your customer and sales-related data

    Applications are a critical component of how IT supports Sales, but IT also needs to help Sales keep its data current and accurate. Conducting a sales data audit is critical to ensure Sales has the right information at the right time.

    Info-Tech Insight

    Data is king. More than ever, having accurate data is essential for your organization to win in hyper-competitive marketplaces. Prudent current state analysis looks at both the overall data model and data architecture, as well as assessing data quality within critical sales-related repositories. As the amount of customer data grows exponentially due to the rise of mobility and the Internet of Things, you must have a forward-looking data model and data marts/customer data warehouse to support sales-relevant decisions.

    • A current state analysis for sales data follows a multi-step process:
      • Determine the location of all sales-relevant and customer data – the sales data inventory. Data can reside in applications, warehouses, and documents (e.g. Excel and Access files) – be sure to take a holistic approach.
    • For each data source, assess data quality across the following categories:
      • Completeness
      • Currency (Relevancy)
      • Correctness
      • Duplication
    • After assessing data quality, determine which repositories need the most attention by IT and Sales. We will look at opportunities for data consolidation later in the blueprint.

    INFO-TECH OPPORTUNITY

    Refer to Info-Tech’s Develop a Master Data Management Strategy and Roadmap blueprint for further reference and assistance in data management for your sales-IT alignment.

    Activity: Develop a mitigation plan for poor quality customer data

    2.4.2 30 minutes

    Input

    • List of departments involved in maintenance of CXM data

    Output

    • Data quality preservation plan
    • CXM Strategy Stakeholder Presentation

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Inventory a list of departments that will be interacting directly with CXM data.
    2. Identify data quality cleansing and preservation initiatives, such as those in previous examples.
    3. Assign accountability to an individual in the department as a data steward. When deciding on a data steward, consider the following:
    • Data stewards are designated full-time employees who serve as the go-to resource for all issues pertaining to data quality, including keeping a particular data silo clean and free of errors.
    • Data stewards are typically mid-level managers in the business (not IT), preferably with an interest in improving data quality and a relatively high degree of tech-savviness.
    • Data stewards can sometimes be created as a new role with a dedicated FTE, but this is not usually cost effective for small and mid-sized firms.
    • Instead, diffuse the steward role across several existing positions, including one for CRM and other marketing, sales, and service applications.
  • Document your outputs in the CXM Strategy Stakeholder Presentation Template.
  • Example: Data Steward Structure

    Department A

    • Data Steward (CRM)
    • Data Steward (ERP)

    Department B

    • Data Steward (All)

    Department C

    • Data Steward (All)

    Determine if a customer data warehouse will add value to your CXM technology-enablement strategy

    A customer data warehouse (CDW) “is a subject-oriented, integrated, time-variant, non-volatile collection of data used to support the strategic decision-making process across marketing, sales, and service. It is the central point of data integration for customer intelligence and is the source of data for the data marts, delivering a common view of customer data” (Corporate Information Factory, n.d.).

    Analogy

    CDWs are like a buffet. All the food items are in the buffet. Likewise, your corporate data sources are centralized into one repository. There are so many food items in a buffet that you may need to organize them into separate food stations (data marts) for easier access.

    Examples/Use Cases

    • Time series analyses with historical data
    • Enterprise level, common view analyses
    • Integrated, comprehensive customer profiles
    • One-stop repository of all corporate information

    Pros

    • Top-down architectural planning
    • Subject areas are integrated
    • Time-variant, changes to the data are tracked
    • Non-volatile, data is never over-written or deleted

    Cons

    • A massive amount of corporate information
    • Slower delivery
    • Changes are harder to make
    • Data format is not very business friendly

    Activity: Assess the need for a customer data warehouse

    2.4.3. 30 minutes

    Input

    • List of data sources
    • Data inflows and outflows

    Output

    • Data quality preservation plan
    • CXM Strategy Stakeholder Presentation

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Create a shortlist of customer data sources.
    2. Profile the integration points that are necessary to support inflows and outflows of customer data.
    3. Ask the following questions around the need for a CDW based on these data sources and points of integration:
    • What is the volume of customer information that needs to be stored? The greater the capacity, the more likely that you should build a dedicated CDW.
    • How complex is the data? The more complex the data, the greater the need for a CDW.
    • How often will data interchange happen between various applications and data sources? The greater and more frequent the interchange, the greater the need for a CDW.
    • What are your organizational capabilities for building a CDW? Do you have the resources in-house to create a CDW at this time?
  • Document your outputs in the CXM Strategy Stakeholder Presentation Template.
  • INFO-TECH OPPORTUNITY

    Refer to Info-Tech’s Build an Agile Data Warehouse blueprint for more information on building a centralized and integrated data warehouse.

    Create a plan for end-user training on new (or refocused) CXM applications and data quality processes

    All training modules will be different, but some will have overlapping areas of interest.

    – Assign Project Evangelists – Analytics Training – Mobile Training

    Application Training

    • Customer Service - Assign Project Evangelists – Analytics Training – Mobile Training
      • Focus training on:
        • What to do with inbound tickets.
        • Routing and escalation features.
        • How to use knowledge management features effectively.
        • Call center capabilities.
    • Sales – Assign Project Evangelists – Analytics Training – Mobile Training
      • Focus training on:
        • Recording of opportunities, leads, and deals.
        • How to maximize sales with sales support decision tree.
    • Marketing - Assign Project Evangelists – Analytics Training
      • Focus training on:
        • Campaign management features.
        • Social media monitoring and engagement capabilities.
    • IT
      • Focus training on:
        • Familiarization with the software.
        • Software integration with other enterprise applications.
        • The technical support needed to maintain the system in the future.

    Info-Tech Insight

    Train customers too. Keep the customer-facing sales portals simple and intuitive, have clear explanations/instructions under important functions (e.g. brief directions on how to initiate service inquiries), and provide examples of proper uses (e.g. effective searches). Make sure customers are aware of escalation options available to them if self-service falls short.

    Ensure adoption with a formal communication process to keep departments apprised of new application rollouts

    The team leading the rollout of new initiatives (be they applications, new governance structures, or data quality procedures) should establish a communication process to ensure management and users are well informed.

    CXM-related department groups or designated trainers should take the lead and implement a process for:

    • Scheduling application platform/process rollout/kick-off meetings.
    • Soliciting preliminary input from the attending groups to develop further training plans.
    • Establishing communication paths and the key communication agents from each department who are responsible for keeping lines open moving forward.

    The overall objective for inter-departmental kick-off meetings is to confirm that all parties agree on certain key points and understand alignment rationale and new sales app or process functionality.

    The kick-off process will significantly improve internal communications by inviting all affected internal IT groups, including business units, to work together to address significant issues before the application process is formally activated.

    The kick-off meeting(s) should encompass:

    • Target business-user requirements
    • The high-level application overview
    • Tangible business benefits of alignment
    • Special consideration needs
    • Other IT department needs
    • Target quality of service (QoS) metrics

    Info-Tech Insight

    Determine who in each department will send out a message about initiative implementation, the tone of the message, the medium, and the delivery date.

    Construct a formal communication plan to engage stakeholders through structured channels

    Tangible Elements of a Communications Plan

    • Stakeholder Group Name
    • Stakeholder Description
    • Message
    • Concerns Relative to Application Maintenance
    • Communication Medium
    • Role Responsible for Communication
    • Frequency
    • Start and End Date

    Intangible Elements of a Communications Plan

    • Establish biweekly meetings with representatives from sales functional groups, who are tasked with reporting on:
      • Benefits of revised processes
      • Metrics of success
      • Resource restructuring
    • Establish a monthly interdepartmental meeting, where all representatives from sales and IT leadership discuss pressing bug fixes and minor process improvements.
    • Create a webinar series, complete with Q&A, so that stakeholders can reference these changes at their leisure.

    Info-Tech Insight

    Every piece of information that you give to a stakeholder that is not directly relevant to their interests is a distraction from your core message. Always remember to tailor the message, medium, and timing accordingly.

    Carry the CXM value forward with linkage and relationships between sales, marketing, service, and IT

    Once the sales-IT alignment committees have been formed, create organizational cadence through a variety of formal and informal gatherings between the two business functions.

    • Organizations typically fall in one of three maturity stages: isolation, collaboration, or synergy. Strive to achieve business-technology synergy at the operational level.
    • Although collaboration cannot be mandated, it can be facilitated. Start with a simple gauge of the two functions’ satisfaction with each other, and determine where and how inter-functional communication and synergy can be constructed.

    Isolation

    The image shows four shapes, with the words IT, Sales, Customer Service, and Marketing in them.

    • Point solutions are implemented on an ad-hoc basis by individual departments for specific projects.
    • Internal IT is rarely involved in these projects from beginning to end.

    Collaboration

    The image features that same four shapes and text from the previous image, but this time they are connected by dotted lines.

    • There is a formal cross-departmental effort to integrate some point solutions.
    • Internal IT gets involved to integrate systems and then support system interactions.

    Synergy

    The image features the same shapes and text from previous instances, except the shapes are now connect by solid lines and the entire image is surrounded by dotted lines.

    • Cross-functional, business technology teams are established to work on IT-enabled revenue generation initiatives.
    • Team members are collocated if possible.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    2.4.1 Develop a CXM application integration map

    Using the inventory of existing CXM-supporting applications and the newly formed CXM application portfolio as inputs, your facilitator will assist you in creating an integration map of applications to establish a system of record and flow of data.

    2.4.2 Develop a mitigation plan for poor quality customer data

    Our facilitator will educate your stakeholders on the importance of quality data and guide you through the creation of a mitigation plan for data preservation.

    2.4.3 Assess the need for a customer data warehouse

    Addressing important factors such as data volume, complexity, and flow, a facilitator will help you assess whether or not a customer data warehouse for CXM is the right fit for your organization.

    Phase 3

    Finalize the CXM Framework

    Build a Strong Technology Foundation for Customer Experience Management

    Phase 3 outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 3: Finalize the CXM Framework

    Proposed Time to Completion: 1 week

    Step 3.1: Create an Initiative Rollout Plan

    Start with an analyst kick-off call:

    • Discuss strategic requirements and the associated application portfolio that has been proposed.

    Then complete these activities…

    • Initiatives prioritization

    With these tools & templates:

    • CXM Strategy Stakeholder Presentation Template

    Step 3.2: Confirm and Finalize the CXM Blueprint

    Review findings with analyst:

    • Discuss roadmap and next steps in terms of rationalizing and implementing specific technology-centric initiatives or rollouts.

    Then complete these activities…

    • Confirm stakeholder strategy presentation

    With these tools & templates:

    • CXM Strategy Stakeholder Presentation Template

    Phase 3 Results & Insights:

    • Initiatives roadmap

    Step 3.1: Create an Initiative Rollout Plan

    Phase 1

    1.1 Create the Project Vision

    1.2 Structure the Project

    Phase 2

    2.1 Scan the External Environment

    2.2 Assess the Current State of CXM

    2.3 Create an Application Portfolio

    2.4 Develop Deployment Best Practices

    Phase 3

    3.1 Create an Initiative Rollout Plan

    3.2 Confirm and Finalize the CXM Blueprint

    Activities:

    • Create a risk management plan
    • Brainstorm initiatives for CXM roadmap
    • Identify dependencies and enabling projects for your CXM roadmap
    • Complete the CXM roadmap

    Outcomes:

    • Risk management plan
    • CXM roadmap
      • Quick-win initiatives

    A CXM technology-enablement roadmap will provide smooth and timely implementation of your apps/initiatives

    Creating a comprehensive CXM strategy roadmap reduces the risk of rework, misallocation of resources, and project delays or abandonment.

    • People
    • Processes
    • Technology
    • Timeline
    • Tasks
    • Budget

    Benefits of a Roadmap

    1. Prioritize execution of initiatives in alignment with business, IT, and needs.
    2. Create clearly defined roles and responsibilities for IT and business stakeholders.
    3. Establish clear timelines for rollout of initiatives.
    4. Identify key functional areas and processes.
    5. Highlight dependencies and prerequisites for successful deployment.
    6. Reduce the risk of rework due to poor execution.

    Implement planning and controls for project execution

    Risk Management

    • Track risks associated with your CXM project.
    • Assign owners and create plans for resolving open risks.
    • Identify risks associated with related projects.
    • Create a plan for effectively communicating project risks.

    Change Management

    • Brainstorm a high-level training plan for various users of the CXM.
    • Create a communication plan to notify stakeholders and impacted users about the tool and how it will alter their workday and performance of role activities.
    • Establish a formal change management process that is flexible enough to meet the demands for change.

    Project Management

    • Conduct a post-mortem to evaluate the completion of the CXM strategy.
    • Design the project management process to be adaptive in nature.
    • Communication is key to project success, whether it is to external stakeholders or internal project team members..
    • Review the project’s performance against metrics and expectations.

    INFO-TECH OPPORTUNITIES

    Optimize the Change Management Process

    You need to design a process that is flexible enough to meet demand for change and strict enough to protect the live environment from change-related incidents.

    Create Project Management Success

    Investing time up front to plan the project and implementing best practices during project execution to ensure the project is delivered with the planned outcome and quality is critical to project success.

    Activity: Create a risk management plan

    3.1.1 45 minutes

    Input

    • Inventory of risks

    Output

    • Risk management plan
    • CXM Strategy Stakeholder Presentation

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Create a list of possible risks that may hamper the progress of your CXM project.
    2. Classify risks as strategy-based, related to planning, or systems-based, related to technology.
    3. Brainstorm mitigation strategies to overcome each listed risk.
    4. On a score of 1 to 3, determine the impact of each risk on the success of the project.
    5. On a score of 1 to 3, determine the likelihood of the occurrence for each risk.
    6. Document your outputs in the CXM Strategy Stakeholder Presentation Template.

    Example: Constructing a Risk Management Plan

    Risk Impact Likelihood Mitigation Effort
    Strategy Risks Project over budget
    • Detailed project plan
    • Pricing guarantees
    Inadequate content governance
    System Risks Integration with additional systems
    • Develop integration plan and begin testing integration methods early in the project
    .... ... ... ...

    Likelihood

    1 – High/ Needs Focus

    2 – Can Be Mitigated

    3 - Unlikely

    Impact

    1 - High Risk

    2 - Moderate Risk

    3 - Minimal Risk

    Prepare contingency plans to minimize time spent handling unexpected risks

    Understanding technical and strategic risks can help you establish contingency measures to reduce the likelihood that risks will occur. Devise mitigation strategies to help offset the impact of risks if contingency measures are not enough.

    Remember

    The biggest sources of risk in a CXM strategy are lack of planning, poorly defined requirements, and lack of governance.

    Apply the following mitigation tips to avoid pitfalls and delays.

    Risk Mitigation Tips

    • Upfront planning
    • Realistic timelines
    • Resource support
    • Change management
    • Executive sponsorship
    • Sufficient funding
    • Expectation setting
    1. Project Starts
    • Expectations are high
  • Project Workload Increases
    • Expectations are high
  • Pit of Despair
    • Why are we doing this?
  • Project Nears Close
    • Benefits are being realized
  • Implementation is Completed
    • Learning curve dip
  • Standardization & Optimization
    • Benefits are high
  • Identify factors to complete your CXM initiatives roadmap

    Completion of initiatives for your CXM project will be contingent upon multiple variables.

    Defining Dependencies

    Initiative complexity will define the need for enabling projects. Create a process to define dependencies:

    1. Enabling projects: complex prerequisites.
    2. Preceding tasks: direct and simplified assignments.

    Establishing a Timeline

    • Assign realistic timelines for each initiative to ensure smooth progress.
    • Use milestones and stage gates to track the progress of your initiatives and tasks.

    Defining Importance

    • Based on requirements gathering, identify the importance of each initiative to your marketing department.
    • Each initiative can be ranked high, medium, or low.

    Assigning Ownership

    • Owners are responsible for on-time completion of their assigned initiatives.
    • Populate a RACI chart to ensure coverage of all initiatives.

    Complex....Initiative

    • Enabling Project
      • Preceding Task
      • Preceding Task
    • Enabling Project
      • Preceding Task
      • Preceding Task

    Simple....Initiative

    • Preceding Task
    • Preceding Task
    • Preceding Task

    Activity: Brainstorm CXM application initiatives for implementation in alignment with business needs

    3.1.2 45 minutes

    Input

    • Inventory of CXM initiatives

    Output

    • Prioritized and quick-win initiatives
    • CXM Strategy Stakeholder Presentation

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. As a team, identify and list CXM initiatives that need to be addressed.
    2. Plot the initiatives on the complexity-value matrix to determine priority.
    3. Identify quick wins: initiatives that can realize quick benefits with little effort.
    4. Document your outputs in the CXM Strategy Stakeholder Presentation Template.

    Example: Importance-Capability Matrix

    The image shows a matrix, with Initiative Complexity on the X-axis, and Business Value on the Y-axis. There are circle of different sizes in the matrix.

    Pinpoint quick wins: high importance, low effort initiatives.

    The size of each plotted initiative must indicate the effort or the complexity and time required to complete.
    Top Right Quadrant Strategic Projects
    Top Left Quadrant Quick Wins
    Bottom Right Quadrant Risky Bets
    Bottom Left Quadrant Discretionary Projects

    Activity: Identify any dependencies or enabling projects for your CXM roadmap

    3.1.3 1 hour

    Input

    • Implementation initiatives
    • Dependencies

    Output

    • CXM project dependencies

    Materials

    • Sticky notes
    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Using sticky notes and a whiteboard, have each team member rank the compiled initiatives in terms of priority.
    2. Determine preceding tasks or enabling projects that each initiative is dependent upon.
    3. Determine realistic timelines to complete each quick win, enabling project, and long-term initiative.
    4. Assign an owner for each initiative.

    Example: Project Dependencies

    Initiative: Omnichannel E-Commerce

    Dependency: WEM Suite Deployment; CRM Suite Deployment; Order Fulfillment Capabilities

    Activity: Complete the implementation roadmap

    3.1.4 30 minutes

    Input

    • Implementation initiatives
    • Dependencies

    Output

    • CXM Roadmap
    • CXM Strategy Stakeholder Presentation

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Establish time frames to highlight enabling projects, quick wins, and long-term initiatives.
    2. Indicate the importance of each initiative as high, medium, or low based on the output in Activity 3.1.2.
    3. Assign each initiative to a member of the project team. Each owner will be responsible for the execution of a given initiative as planned.
    4. Document your outputs in the CXM Strategy Stakeholder Presentation Template.

    Example: Importance-Capability Matrix

    Importance Initiative Owner Completion Date
    Example Projects High Gather business requirements. Project Manager MM/DD/YYYY
    Quick Wins
    Long Term Medium Implement e-commerce across all sites. CFO & Web Manager MM/DD/YYYY

    Importance

    • High
    • Medium
    • Low

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    3.1.1 Create a risk management plan

    Based on the workshop exercises, the facilitator will work with the core team to design a priority-based risk mitigation plan that enumerates the most salient risks to the CXM project and addresses them.

    3.1.2; 3.1.3; 3.1.4 Identify initiative dependencies and create the CXM roadmap

    After identifying dependencies, our facilitators will work with your IT SMEs and business stakeholders to create a comprehensive roadmap, outlining the initiatives needed to carry out your CXM strategy roadmap.

    Step 3.2: Confirm and Finalize the CXM Blueprint

    Phase 1

    1.1 Create the Project Vision

    1.2 Structure the Project

    Phase 2

    2.1 Scan the External Environment

    2.2 Assess the Current State of CXM

    2.3 Create an Application Portfolio

    2.4 Develop Deployment Best Practices

    Phase 3

    3.1 Create an Initiative Rollout Plan

    3.2 Confirm and Finalize the CXM Blueprint

    Activities:

    • Identify success metrics
    • Create a stakeholder power map
    • Create a stakeholder communication plan
    • Complete and present CXM strategy stakeholder presentation

    Outcomes:

    • Stakeholder communication plan
    • CXM strategy stakeholder presentation

    Ensure that your CXM applications are improving the performance of targeted processes by establishing metrics

    Key Performance Indicators (KPIs)

    Key performance indicators (KPIs) are quantifiable measures that demonstrate the effectiveness of a process and its ability to meet business objectives.

    Questions to Ask

    1. What outputs of the process can be used to measure success?
    2. How do you measure process efficiency and effectiveness?

    Creating KPIs

    Specific

    Measurable

    Achievable

    Realistic

    Time-bound

    Follow the SMART methodology when developing KPIs for each process.

    Adhering to this methodology is a key component of the Lean management methodology. This framework will help you avoid establishing general metrics that aren’t relevant.

    Info-Tech Insight

    Metrics are essential to your ability to measure and communicate the success of the CXM strategy to the business. Speak the same language as the business and choose metrics that relate to marketing, sales, and customer service objectives.

    Activity: Identify metrics to communicate process success

    3.2.1 1 hour

    Input

    • Key organizational objectives

    Output

    • Strategic business metrics
    • CXM Strategy Stakeholder Presentation

    Materials

    • Whiteboard
    • Markers

    Participants

    • Project Team

    Instructions

    1. Recap the major functions that CXM will focus on (e.g. marketing, sales, customer service, web experience management, social media management, etc.)
    2. Identify business metrics that reflect organizational objectives for each function.
    3. Establish goals for each metric (as exemplified below).
    4. Document your outputs in the CXM Strategy Stakeholder Presentation Template.
    5. Communicate the chosen metrics and the respective goals to stakeholders.

    Example: Metrics for Marketing, Sales, and Customer Service Functions

    Metric Example
    Marketing Customer acquisition cost X% decrease in costs relating to advertising spend
    Ratio of lifetime customer value X% decrease in customer churn
    Marketing originated customer % X% increase in % of customer acquisition driven by marketing
    Sales Conversion rate X% increase conversion of lead to sale
    Lead response time X% decrease in response time per lead
    Opportunity-to-win ratio X% increase in monthly/annual opportunity-to-win ratio
    Customer Service First response time X% decreased time it takes for customer to receive first response
    Time-to-resolution X% decrease of average time-to-resolution
    Customer satisfaction X% improvement of customer satisfaction ratings on immediate feedback survey

    Use Info-Tech’s Stakeholder Power Map Template to identify stakeholders crucial to CXM application rollouts

    3.2.2 Stakeholder Power Map Template

    Use this template and its power map to help visualize the importance of various stakeholders and their concerns. Prioritize your time according to the most powerful and most impacted stakeholders.

    Answer questions about each stakeholder:

    • Power: How much influence does the stakeholder have? Enough to drive the project forward or into the ground?
    • Involvement: How interested is the stakeholder? How involved is the stakeholder in the project already?
    • Impact: To what degree will the stakeholder be impacted? Will this significantly change how they do their job?
    • Support: Is the stakeholder a supporter of the project? Neutral? A resistor?

    Focus on key players: relevant stakeholders who have high power, should have high involvement, and are highly impacted.

    INFO-TECH DELIVERABLE

    Stakeholder Power Map Template

    Use Info-Tech’s Stakeholder Communication Planning Template to document initiatives and track communication

    3.2.3 Stakeholder Communication Planning Template

    Use the Stakeholder Communication Planning Template to document your list of initiative stakeholders so you can track them and plan communication throughout the initiative.

    Track the communication methods needed to convey information regarding CXM initiatives. Communicate how a specific initiative will impact the way employees work and the work they do.

    Sections of the document:

    1. Document the Stakeholder Power Map (output of Tool 3.2.2).
    2. Complete the Communicate Management Plan to aid in the planning and tracking of communication and training.

    INFO-TECH DELIVERABLE

    Activity: Create a stakeholder power map and communication plan

    3.2.4 1 hour

    Input

    • Stakeholder power map

    Output

    • Stakeholder communication plan
    • CXM Strategy Stakeholder Presentation

    Materials

    • Info-Tech’s Stakeholder Communication Planning Template
    • Info-Tech’s Stakeholder Power Map Template

    Participants

    • Project Team

    Instructions

    1. Using Info-Tech’s Stakeholder Power Map Template, identify key stakeholders for ensuring the success of the CXM strategy (Tool 3.2.2).
    2. Using Info-Tech’s Stakeholder Communication Plan Template, construct a communication plan to communicate and track CXM initiatives with all CXM stakeholders (Tool 3.2.3).
    3. Document your outputs in the CXM Strategy Stakeholder Presentation Template.

    Use Info-Tech’s CXM Strategy Stakeholder Presentation Template to sell your CXM strategy to the business

    3.2.5 CXM Strategy Stakeholder Presentation Template

    Complete the presentation template as indicated when you see the green icon throughout this deck. Include the outputs of all activities that are marked with this icon.

    Info-Tech has designed the CXM Strategy Stakeholder Presentation Template to capture the most critical aspects of the CXM strategy. Customize it to best convey your message to project stakeholders and to suit your organization.

    The presentation should be no longer than one hour. However, additional slides can be added at the discretion of the presenter. Make sure there is adequate time for a question and answer period.

    INFO-TECH DELIVERABLE

    After the presentation, email the deck to stakeholders to ensure they have it available for their own reference.

    Activity: Determine the measured value received from the project

    3.2.6 30 minutes

    Input

    • Project Metrics

    Output

    • Measured Value Calculation

    Materials

    • Workbook

    Participants

    • Project Team

    Instructions

    1. Review project metrics identified in phase 1 and associated benchmarks.
    2. After executing the CXM project, compare metrics that were identified in the benchmarks with the revised and assess the delta.
    3. Calculate the percentage change and quantify dollar impact (i.e. as a result of increased customer acquisition or retention).

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    3.2.4 Create a stakeholder power map and communication plan

    An analyst will walk the project team through the creation of a communication plan, inclusive of project metrics and their respective goals. If you are planning a variety of CXM initiatives, track how the change will be communicated and to whom. Determine the employees who will be impacted by the change.

    Insight breakdown

    Insight 1

    • IT must work in lockstep with Marketing, Sales, and Customer Service to develop a comprehensive technology-enablement strategy for CXM.
    • As IT works with its stakeholders in the business, it must endeavor to capture and use the voice of the customer in driving strategic requirements for CXM portfolio design.
    • IT must consider the external environment, customer personas, and internal processes as it designs strategic requirements to build the CXM application portfolio.

    Insight 2

    • The cloud is bringing significant disruption to the CXM space: to maintain relevancy, IT must become deeply involved in ensuring alignment between vendor capabilities and strategic requirements.
    • IT must serve as a trusted advisor on technical implementation challenges related to CXM, such as data quality, integration, and end-user training and adoption.
    • IT is responsible for technology enablement and is an indispensable partner in this regard; however, the business must ultimately own the objectives and communication strategy for customer engagement.

    Insight 3

    • When crafting a portfolio for CXM, be aware of the art of the possible: capabilities are rapidly merging and evolving to support new interaction channels. Social, mobile, and IoT are disrupting the customer experience landscape.
    • Big data and analytics-driven decision making is another significant area of value. IT must allow for true customer intelligence by providing an integration framework across customer-facing applications.

    Summary of accomplishment

    Knowledge Gained

    • Voice of the Customer for CXM Portfolio Design
    • Understanding of Strategic Requirements for CXM
    • Customer Personas and Scenarios
    • Environmental Scan
    • Deployment Considerations
    • Initiatives Roadmap Considerations

    Processes Optimized

    • CXM Technology Portfolio Design
    • Customer Data Quality Processes
    • CXM Integrations

    Deliverables Completed

    • Strategic Summary for CXM
    • CXM Project Charter
    • Customer Personas
    • External and Competitive Analysis
    • CXM Application Portfolio

    Bibliography

    Accenture Digital. “Growing the Digital Business: Accenture Mobility Research 2015.” Accenture. 2015. Web.

    Afshar, Vala. “50 Important Customer Experience Stats for Business Leaders.” Huffington Post. 15 Oct. 2015. Web.

    APQC. “Marketing and Sales Definitions and Key Measures.” APQC’s Process Classification Framework, Version 1.0.0. APQC. Mar. 2011. Web.

    CX Network. “The Evolution of Customer Experience in 2015.” Customer Experience Network. 2015. Web.

    Genesys. “State of Customer Experience Research”. Genesys. 2018. Web.

    Harvard Business Review and SAS. “Lessons From the Leading Edge of Customer Experience Management.” Harvard Business School Publishing. 2014. Web.

    Help Scout. “75 Customer Service Facts, Quotes & Statistics.” Help Scout. n.d. Web.

    Inmon Consulting Services. “Corporate Information Factory (CIF) Overview.” Corporate Information Factory. n.d. Web

    Jurevicius, Ovidijus. “VRIO Framework.” Strategic Management Insight. 21 Oct. 2013. Web.

    Keenan, Jim, and Barbara Giamanco. “Social Media and Sales Quota.” A Sales Guy Consulting and Social Centered Selling. n.d. Web.

    Malik, Om. “Internet of Things Will Have 24 Billion Devices by 2020.” Gigaom. 13 Oct. 2011. Web.

    McGovern, Michele. “Customers Want More: 5 New Expectations You Must Meet Now.” Customer Experience Insight. 30 July 2015. Web.

    McGinnis, Devon. “40 Customer Service Statistics to Move Your Business Forward.” Salesforce Blog. 1 May 2019. Web.

    Bibliography

    Reichheld, Fred. “Prescription for Cutting Costs”. Bain & Company. n.d. Web.

    Retail Congress Asia Pacific. “SAP – Burberry Makes Shopping Personal.” Retail Congress Asia Pacific. 2017. Web.

    Rouse, Margaret. “Omnichannel Definition.” TechTarget. Feb. 2014. Web.

    Salesforce Research. “Customer Expectations Hit All-Time High.” Salesforce Research. 2018. Web.

    Satell, Greg. “A Look Back at Why Blockbuster Really Failed and Why It Didn’t Have To.” Forbes. 5 Sept. 2014. Web.

    Social Centered Learning. “Social Media and Sales Quota: The Impact of Social Media on Sales Quota and Corporate Review.” Social Centered Learning. n.d. Web.

    Varner, Scott. “Economic Impact of Experience Management”. Qualtrics/Forrester. 16 Aug. 2017. Web.

    Wesson, Matt. “How to Use Your Customer Data Like Amazon.” Salesforce Pardot Blog. 27 Aug. 2012. Web.

    Winterberry Group. “Taking Cues From the Customer: ‘Omnichannel’ and the Drive For Audience Engagement.” Winterberry Group LLC. June 2013. Web.

    Wollan, Robert, and Saideep Raj. “How CIOs Can Support a More Agile Sales Organization.” The Wall Street Journal: The CIO Report. 25 July 2013. Web.

    Zendesk. “The Impact of Customer Service on Customer Lifetime Value 2013.” Z Library. n.d. Web.

    Deliver a Customer Service Training Program to Your IT Department

    • Buy Link or Shortcode: {j2store}484|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $4,339 Average $ Saved
    • member rating average days saved: 6 Average Days Saved
    • Parent Category Name: Service Desk
    • Parent Category Link: /service-desk
    • The scope of service that the service desk must provide has expanded. With the growing complexity of technologies to support, it becomes easy to forget the customer service side of the equation. Meanwhile, customer expectations for prompt, frictionless, and exceptional service from anywhere have grown.
    • IT departments struggle to hire and retain talented service desk agents with the right mix of technical and customer service skills.
    • Some service desk agents don’t believe or understand that customer service is an integral part of their role.
    • Many IT leaders don’t ask for feedback from users to know if there even is a customer service problem.

    Our Advice

    Critical Insight

    • There’s a common misconception that customer service skills can’t be taught, so no effort is made to improve those skills.
    • Even when there is a desire to improve customer service, it’s hard for IT teams to make time for training and improvement when they’re too busy trying to keep up with tickets.
    • A talented service desk agent with both great technical and customer service skills doesn’t have to be a rare unicorn, and an agent without innate customer service skills isn’t a lost cause. Relevant and impactful customer service habits, techniques, and skills can be taught through practical, role-based training.
    • IT leaders can make time for this training through targeted, short modules along with continual on-the-job coaching and development.

    Impact and Result

    • Good customer service is critical to the success of the service desk. How a service desk treats its customers will determine its customers' satisfaction with not only IT but also the company as a whole.
    • Not every technician has innate customer service skills. IT managers need to provide targeted, practical training on what good customer service looks like at the service desk.
    • One training session is not enough to make a change. Leaders must embed the habits, create a culture of engagement and positivity, provide continual coaching and development, regularly gather customer feedback, and seek ways to improve.

    Deliver a Customer Service Training Program to Your IT Department Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should deliver customer service training to your team, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Deliver a Customer Service Training Program to Your IT Department – Executive Brief
    • Deliver a Customer Service Training Program to Your IT Department Storyboard

    1. Deliver customer service training to your IT team

    Understand the importance of customer service training, then deliver Info-Tech's training program to your IT team.

    • Customer Service Training for the Service Desk – Training Deck
    • Customer Focus Competency Worksheet
    • Cheat Sheet: Service Desk Communication
    • Cheat Sheet: Service Desk Written Communication
    [infographic]

    Position and Agree on ROI to Maximize the Impact of Data and Analytics

    • Buy Link or Shortcode: {j2store}341|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management
    • Because ROI is a financial concept, it can be difficult to apply ROI to anything that produces intangible value.
    • It is a lot harder to apply ROI to functions like data and analytics than it is to apply it to functions like sales without misrepresenting its true purpose.

    Our Advice

    Critical Insight

    • The standard ROI formula cannot be easily applied to data and analytics and other critical functions across the organization.
    • Data and analytics ROI strategy is based on the business problem being solved.
    • The ROI score itself doesn’t have to be perfect. Key decision makers need to agree on the parameters and measures of success.

    Impact and Result

    • Agreed-upon ROI parameters
    • Defined measures of success
    • Optimized ROI program effectiveness by establishing an appropriate cadence between key stakeholders

    Position and Agree on ROI to Maximize the Impact of Data and Analytics Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Data and Analytics ROI Strategy Deck – A guide for positioning ROI to maximize the value of data and analytics.

    This research is meant to ensure that data and analytics executives are aligned with the key business decision makers. Focus on the value you are trying to achieve rather than perfecting the ROI score.

    • Position and Agree on ROI to Maximize the Impact of Data and Analytics Storyboard

    2. Data and Analytics Service to Business ROI Map – An aligned ROI approach between key decision makers and data and analytics.

    A tool to be used by business and data and analytics decision makers to facilitate discussions about how to approach ROI for data and analytics.

    • Data and Analytics Service to Business ROI Map
    [infographic]

    Further reading

    Position and Agree on ROI to Maximize the Impact of Data and Analytics

    Data and analytics ROI strategy is based on the business problem being solved and agreed-upon value being generated.

    Analyst Perspective

    Missing out on a significant opportunity for returns could be the biggest cost to the project and its sponsor.

    This research is directed to the key decision makers tasked with addressing business problems. It also informs stakeholders that have any interest in ROI, especially when applying it to a data and analytics platform and practice.

    While organizations typically use ROI to measure the performance of their investments, the key to determining what investment makes sense is opportunity cost. Missing out on a significant opportunity for return could be the biggest cost to the project and its sponsor. By making sure you appropriately estimate costs and value returned for all data and analytics activities, you can prioritize the ones that bring in the greatest returns.

    Ibrahim Abdel-Kader
    Research Analyst,
    Data & Analytics Practice
    Info-Tech Research Group
    Ben Abrishami-Shirazi
    Technical Counselor
    Info-Tech Research Group

    Executive Summary – ROI on Data and Analytics

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    Return on investment (ROI) is a financial term, making it difficult to articulate value when trying to incorporate anything that produces something intangible.

    The more financial aspects there are to a professional function (e.g. sales and commodity-related functions), the easier it is to properly assess the ROI.

    However, for functions that primarily enable or support business functions (such as IT and data and analytics), it is a lot harder to apply ROI without misrepresenting its true purpose.

    • Apples and oranges – There is no simple way to apply the standard ROI formula to data and analytics among other critical functions across the organization.
    • Boiling the ocean – Obsession with finding a way to calculate a perfect ROI on data and analytics.
    • Not getting the big picture – Data and analytics teams suffer a skill set deficit when it comes to commercial acumen.
    • Not seeing eye to eye – ROI does not account for time in its calculation, making it prone to misalignment between stakeholders.

    Approach ROI for data and analytics appropriately:

    • Answer the following questions:
      • What is the business problem?
      • Whose business problem is it?
      • What is the objective?
    • Define measures of success based on the answers to the questions above.
    • Determine an appropriate cadence to continuously optimize the ROI program for data and analytics in collaboration with business problem owners.

    Info-Tech Insight

    ROI doesn’t have to be perfect. Parameters and measures of success need to be agreed upon with the key decision makers.

    Glossary

    Return on Investment (ROI): A financial term used to determine how much value has been or will be gained or lost based on the total cost of investment. It is typically expressed as a percentage and is supported by the following formula:

    Payback: How quickly money is paid back (or returned) on the initial investment.
    Business Problem Owner (BPO): A leader in the organization who is accountable and is the key decision maker tasked with addressing a business problem through a series of investments. BPOs may use ROI as a reference for how their financial investments have performed and to influence future investment decisions.
    Problem Solver: A key stakeholder tasked with collaborating with the BPO in addressing the business problem at hand. One of the problem solver’s responsibilities is to ensure that there is an improved return on the BPO’s investments.
    Return Enhancers: A category for capabilities that directly or indirectly enhance the return of an investment.
    Cost Savers: A category for capabilities that directly or indirectly save costs in relation of an investment.
    Investment Opportunity Enablers: A category for capabilities that create or enable a new investment opportunity that may yield a potential return.
    Game Changing Components: The components of a capability that directly yield value in solving a business problem.

    ROI strategy on data and analytics

    The image contains a screenshot of a diagram that demonstrates the ROI strategy on data and analytics.

    ROI roles

    Typical roles involved in the ROI strategy across the organization

    CDOs and CAOs typically have their budget allocated from both IT and business units.

    This is evidenced by the “State of the CIO Survey 2023” reporting that up to 63% of CDOs and CAOs have some budget allocated from within IT; therefore, up to 37% of budgets are entirely funded by business executives.

    This signifies the need to be aligned with peer executives and to use mechanisms like ROI to maximize the performance of investments.

    Source: Foundry, “State of the CIO Survey 2023.”

    Integrate Threat Intelligence Into Your Security Operations

    • Buy Link or Shortcode: {j2store}320|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: 2 Average Days Saved
    • member rating average days saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • Parent Category Name: Threat Intelligence & Incident Response
    • Parent Category Link: /threat-intelligence-incident-response
    • Organizations have limited visibility into their threat landscape, and as such are vulnerable to the latest attacks, hindering business practices, workflow, revenue generation, and damaging their public image.
    • Organizations are developing ad hoc intelligence capabilities that result in operational inefficiencies, the misalignment of resources, and the misuse of their security technology investments.
    • It is difficult to communicate the value of a threat intelligence solution when trying to secure organizational buy-in and the appropriate resourcing.
    • There is a vast array of “intelligence” in varying formats, often resulting in information overload.

    Our Advice

    Critical Insight

    1. Information alone is not actionable. A successful threat intelligence program contextualizes threat data, aligns intelligence with business objectives, and then builds processes to satisfy those objectives.
    2. Your security controls are diminishing in value (if they haven’t already). As technology in the industry evolves, threat actors will inevitably adopt new tools, tactics, and procedures; a threat intelligence program can provide relevant situational awareness to stay on top of the rapidly-evolving threat landscape.
    3. Your organization might not be the final target, but it could be a primary path for attackers. If you exist as a third-party partner to another organization, your responsibility in your technology ecosystem extends beyond your own product/service offerings. Threat intelligence provides visibility into the latest threats, which can help you avoid becoming a backdoor in the next big data breach.

    Impact and Result

    • Assess the needs and intelligence requirements of key stakeholders.
    • Garner organizational buy-in from senior management.
    • Identify organizational intelligence gaps and structure your efforts accordingly.
    • Understand the different collection solutions to identify which best supports your needs.
    • Optimize the analysis process by leveraging automation and industry best practices.
    • Establish a comprehensive threat knowledge portal.
    • Define critical threat escalation protocol.
    • Produce and share actionable intelligence with your constituency.
    • Create a deployment strategy to roll out the threat intelligence program.
    • Integrate threat intelligence within your security operations.

    Integrate Threat Intelligence Into Your Security Operations Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should implement a threat intelligence program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Plan for a threat intelligence program

    Assess current capabilities and define an ideal target state.

    • Integrate Threat Intelligence Into Your Security Operations – Phase 1: Plan for a Threat Intelligence Program
    • Security Pressure Posture Analysis Tool
    • Threat Intelligence Maturity Assessment Tool
    • Threat Intelligence Project Charter Template
    • Threat Intelligence RACI Tool
    • Threat Intelligence Management Plan Template
    • Threat Intelligence Policy Template

    2. Design an intelligence collection strategy

    Understand the different collection solutions to identify which best supports needs.

    • Integrate Threat Intelligence Into Your Security Operations – Phase 2: Design an Intelligence Collection Strategy
    • Threat Intelligence Prioritization Tool
    • Threat Intelligence RFP MSSP Template

    3. Optimize the intelligence analysis process

    Begin analyzing and acting on gathered intelligence.

    • Integrate Threat Intelligence Into Your Security Operations – Phase 3: Optimize the Intelligence Analysis Process
    • Threat Intelligence Malware Runbook Template

    4. Design a collaboration and feedback program

    Stand up an intelligence dissemination program.

    • Integrate Threat Intelligence Into Your Security Operations – Phase 4: Design a Collaboration and Feedback Program
    • Threat Intelligence Alert Template
    • Threat Intelligence Alert and Briefing Cadence Schedule Template
    [infographic]

    Service Management

    • Buy Link or Shortcode: {j2store}46|cart{/j2store}
    • Related Products: {j2store}46|crosssells{/j2store}
    • Parent Category Name: Service Planning and Architecture
    • Parent Category Link: /service-planning-and-architecture

    The challenge

    • We have good, holistic practices, but inconsistent adoption leads to chaotic service delivery and low customer satisfaction.
    • You may have designed your IT services with little structure, formalization, or standardization.
    • That makes the management of these services more difficult and also leads to low business satisfaction.

    Register to read more …

    Get Started With Customer Advocacy

    • Buy Link or Shortcode: {j2store}565|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Marketing Solutions
    • Parent Category Link: /marketing-solutions

    Getting started with customer advocacy (CA) is no easy task. Many customer success professionals carry out ad hoc customer advocacy activities to address immediate needs but lack a more strategic approach.

    Our Advice

    Critical Insight

    • Customer success leaders must reposition their CA program around growth; the recognition that customer advocacy is a strategic growth initiative is necessary to succeed in today’s competitive market.
    • Get key stakeholders on board early – especially Sales!
    • Always link your CA efforts back to retention and growth.
    • Make building genuine relationships with your advocates the cornerstone of your CA program.

    Impact and Result

    • Enable the organization to identify and develop meaningful relationships with top customers and advocates.
    • Understand the concepts and benefits of CA and how CA can be used to improve marketing and sales and fuel growth and competitiveness.
    • Follow SoftwareReviews’ methodology to identify where to start to apply CA within the organization.
    • Develop a customer advocacy proof of concept/pilot program to gain stakeholder approval and funding to get started with or expand efforts around customer advocacy.

    Get Started With Customer Advocacy Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Get Started With Customer Advocacy Executive Brief – An overview of why customer advocacy is critical to your organization and the recommended approach for getting started with a pilot program.

    Understand the strategic benefits and process for building a formal customer advocacy program. To be successful, you must reposition CA as a strategic growth initiative and continually link any CA efforts back to growth.

    • Get Started With Customer Advocacy Storyboard

    2. Define Your Advocacy Requirements – Assess your current customer advocacy efforts, identify gaps, and define your program requirements.

    With the assessment tool and steps outlined in the storyboard, you will be able to understand the gaps and pain points, where and how to improve your efforts, and how to establish program requirements.

    • Customer Advocacy Maturity Assessment Tool

    3. Win Executive Approval and Launch Pilot – Develop goals, success metrics, and timelines, and gain approval for your customer advocacy pilot.

    Align on pilot goals, key milestones, and program elements using the template and storyboard to effectively communicate with stakeholders and gain executive buy-in for your customer advocacy pilot.

    • Get Started With Customer Advocacy Executive Presentation Template

    Infographic

    Further reading

    Get Started With Customer Advocacy

    Develop a customer advocacy program to transform customer satisfaction into revenue growth.

    EXECUTIVE BRIEF

    Analyst perspective

    Customer advocacy is critical to driving revenue growth

    The image contains a picture of Emily Wright.

    Customer advocacy puts the customer at the center of everything your organization does. By cultivating a deep understanding of customer needs and how they define value and by delivering positive experiences throughout the customer journey, organizations inspire and empower customers to become evangelists for their brands or products. Both the client and solution provider enjoy satisfying and ongoing business outcomes as a result.

    Focusing on customer advocacy is critical for software solutions providers. Business-to-business (B2B) buyers are increasingly looking to their peers and third-party resources to arm themselves with information on solutions they feel they can trust before they choose to engage with solution providers. Your satisfied customers are now your most trusted and powerful resource.

    Customer advocacy helps build strong relationships with your customers, nurtures brand advocacy, gives your marketing messaging credibility, and differentiates your company from the competition; it’s critical to driving revenue growth. Companies that develop mature advocacy programs can increase Customer Lifetime Value (CLV) by 16% (Wharton Business School, 2009), increase customer retention by 35% (Deloitte, 2011), and give themselves a strong competitive advantage in an increasingly competitive marketplace.

    Emily Wright
    Senior Research Analyst, Advisory
    SoftwareReviews

    Executive summary

    Your Challenge

    Ad hoc customer advocacy (CA) efforts and reference programs, while still useful, are not enough to drive growth. Providers increase their chance for success by assessing if they face the following challenges:

    • Lack of referenceable customers that can turn into passionate advocates, or a limited pool that is at risk of burnout.
    • Lack of references for all key customer types, verticals, etc., especially in new growth segments or those that are hard to recruit.
    • Lack of a consistent program for gathering customer feedback and input to make improvements and increase customer satisfaction.
    • Lack of executive and stakeholder (e.g. Sales, Customer Success, channel partners, etc.) buy-in for the importance and value of customer advocacy.

    Building a strong customer advocacy program must be a high priority for customer service/success leaders in today’s highly competitive software markets.

    Common Obstacles

    Getting started with customer advocacy is no easy task. Many customer success professionals carry out ad hoc customer advocacy activities to address immediate needs but lack a more strategic approach. What separates them from success are several nagging obstacles:

    • Efforts lack funding and buy-in from stakeholders.
    • Senior management doesn’t fully understand the business value of a customer advocacy program.
    • Duplicate efforts are taking place between Sales, Marketing, product teams, etc., because ownership, roles, and responsibilities have not been determined.
    • Relationships are guarded/hoarded by those who feel they own the relationship (e.g. Sales, Customer Success, channel partners, etc.).
    • Customer-facing staff often lack the necessary skills to foster customer advocacy.

    SoftwareReviews’ Approach

    This blueprint will help leaders of customer advocacy programs get started with developing a formalized pilot program that will demonstrate the value of customer advocacy and lay a strong foundation to justify rollout. Through SoftwareReviews’ approach, customer advocacy leaders will:

    • Enable the organization to identify and develop meaningful relationships with top customers and advocates.
    • Understand the concepts and benefits of CA and how CA can be used to improve marketing and sales and fuel growth and competitiveness.
    • Follow SoftwareReviews’ methodology to identify where to start to apply CA within the organization.
    • Develop a customer advocacy proof of concept/pilot program to gain stakeholder approval and funding to get started with or expand efforts around customer advocacy.

    What is customer advocacy?

    “Customer advocacy is the act of putting customer needs first and working to deliver solution-based assistance through your products and services." – Testimonial Hero, 2021

    Customer advocacy is designed to keep customers loyal through customer engagement and advocacy marketing campaigns. Successful customer advocacy leaders experience decreased churn while increasing return on investment (ROI) through retention, acquisition, and cost savings.

    Businesses that implement customer advocacy throughout their organizations find new ways of supporting customers, provide additional customer value, and ensure their brands stand unique among the competition.

    Customer Advocacy Is…

    • An integral part of any marketing and/or business strategy.
    • Essential to improving and maintaining high levels of customer satisfaction.
    • Focused on delivering value to customers.
    • Not only a set of actions, but a mindset that should be fostered and reinforced through a customer-centric culture.
    • Mutually beneficial relationships for both company and customer.

    Customer Advocacy Is Not…

    • Only referrals and testimonials.
    • Solely about what you can get from your advocates.
    • Brand advocacy. Brand advocacy is the desired outcome of customer advocacy.
    • Transactional. Brand advocates must be engaged.
    • A nice-to-have.
    • Solved entirely by software. Think about what you want to achieve and how a software solution can you help you reach those goals.

    SoftwareReviews Insight

    Customer advocacy has evolved into being a valued company asset versus a simple referral program – success requires an organization-wide customer-first mindset and the recognition that customer advocacy is a strategic growth initiative necessary to succeed in today’s competitive market.

    Customer advocacy: Essential to high retention

    When customers advocate for your company and products, they are eager to retain the value they receive

    • Customer acts of advocacy correlate to high retention.
    • Acts of advocacy won’t happen unless customers feel their interests are placed ahead of your company’s, thereby increasing satisfaction and customer success. That’s the definition of a customer-centric culture.
    • And yet your company does receive significant benefits from customer advocacy:
      • When customers advocate and renew, your costs go down and margins rise because it costs less to keep a happy customer than it does to bring a new customer onboard.
      • When renewal rates are high, customer lifetime value increases, also increasing profitability.

    Acquiring a new customer can cost five times more than retaining an existing customer (Huify, 2018).

    Increasing customer retention by 5% can increase profits by 25% to 95% (Bain & Company, cited in Harvard Business Review, 2014).

    SoftwareReviews Insight

    Don’t overlook the value of customer advocacy to retention! Despite the common knowledge that it’s far easier and cheaper to sell to an existing customer than to sell to a new prospect, most companies fail to leverage their customer advocacy programs and continue to put pressure on Marketing to focus their budgets on customer acquisition.

    Customer advocacy can also be your ultimate growth strategy

    In your marketing and sales messaging, acts of advocacy serve as excellent proof points for value delivered.

    Forty-five percent of businesses rank online reviews as a top source of information for selecting software during this (top of funnel) stage, followed closely by recommendations and referrals at 42%. These sources are topped only by company websites at 54% (Clutch, 2020).

    With referrals coming from customer advocates to prospects via your lead gen engine and through seller talk tracks, customer advocacy is central to sales, marketing, and customer experience success.

    ✓ Advocates can help your new customers learn your solution and ensure higher adoption and satisfaction.
    ✓ Advocates can provide valuable, honest feedback on new updates and features.

    The image contains a picture to demonstrate the cycle of customer advocacy. The image has four circles, with one big circle in the middle and three circles surrounding with arrows pointing in both directions in between them. The middle circle is labelled customer advocacy. The three circles are labelled: sales, customer success, marketing.

    “A customer advocacy program is not just a fancy buzz word or a marketing tool that’s nice to have. It’s a core discipline that every major brand needs to integrate into their overall marketing, sales and customer success strategies if they expect to survive in this trust economy. Customer advocacy arguably is the common asset that runs throughout all marketing, sales and customer success activities regardless of the stage of the buyer’s journey and ties it all together.” – RO Innovation, 2017

    Positive experience drives acts of advocacy

    More than price or product, experience now leads the way in customer advocacy and retention

    Advocacy happens when customers recommend your product. Our research shows that the biggest drivers of likeliness to recommend and acts of customer advocacy are the positive experiences customers have with vendors and their products, not product features or cost savings. Customers want to feel that:

    1. Their productivity and performance is enhanced and the vendor is helping them to innovate and grow as a company.
    2. Their vendor inspires them and helps them to continually improve.
    3. They can rely on the vendor and the product they purchased.
    4. They are respected by the vendor.
    5. They can trust that the vendor will be on their side and save them time.

    The image contains a graph to demonstrate the correlation of likeliness to recommend a satisfaction driver. Where anything above a 0.5 indicates a strong driver of satisfaction.

    Note that anything above 0.5 indicates a strong driver of satisfaction.
    Source: SoftwareReviews buyer reviews (based on 82,560 unique reviews).

    SoftwareReviews Insight

    True customer satisfaction comes from helping customers innovate, enhancing their performance, inspiring them to continually improve, and being reliable, respectful, trustworthy, and conscious of their time. These true drivers of satisfaction should be considered in your customer advocacy and retention efforts. The experience customers have with your product and brand is what will differentiate your brand from competitors, drive advocacy, and ultimately, power business growth. Talk to a SoftwareReviews advisor to learn how users rate your product on these satisfaction drivers in the SoftwareReviews Emotional Footprint Report.

    Yet challenges exist for customer advocacy program leaders

    Customer success leaders without a strong customer advocacy program feel numerous avoidable pains:

    • Lack of compelling stories and proof points for the sales team, causing long sales cycles.
    • Heavy reliance on a small pool of worn-out references.
    • Lack of references for all needed customer types, verticals, etc.
    • Lack of a reliable customer feedback process for solution improvements.
    • Overspending on acquiring new customers due to a lack of customer proof points.
    • Missed opportunities that could grow the business (customer lifetime value, upsell/cross-sell, etc.).

    Marketing, customer success, and sales teams experiencing any one of the above challenges must consider getting started with a more formalized customer advocacy program.

    Obstacles to customer advocacy programs

    Leaders must overcome several barriers in developing a customer advocacy program:

    • Stakeholders are often unclear on the value customer advocacy programs can bring and require proof of benefits to invest.
    • Efforts are duplicated among sales, marketing, product, and customer success teams, given ownership and collaboration practices are ill-defined or nonexistent.
    • There is a culture of guarding or hoarding customer relationships by those who feel they own the relationship, or there’s high turnover among employees who own the customer relationships.
    • The governance, technology, people, skills, and/or processes to take customer advocacy to the next level are lacking.
    • Leaders don’t know where to start with customer advocacy, what needs to be improved, or what to focus on first.

    A lack of customer centricity hurts organizations

    12% of people believe when a company says they put customers first. (Source: HubSpot, 2019)

    Brands struggle to follow through on brand promises, and a mismatch between expectations and lived experience emerges. Customer advocacy can help close this gap and help companies live up to their customer-first messaging.

    42% of companies don’t conduct any customer surveys or collect feedback. (Source: HubSpot, 2019)

    Too many companies are not truly listening to their customers. Companies that don’t collect feedback aren’t going to know what to change to improve customer satisfaction. Customer advocacy will orient companies around their customer and create a reliable feedback loop that informs product and service enhancements.

    Customer advocacy is no longer a nice-to-have but a necessity for solution providers

    B2B buyers increasingly turn to peers to learn about solutions:

    “84% of B2B decision makers start the buying process with a referral.” (Source: Influitive, Gainsight & Pendo, 2020)

    “46% of B2B buyers rely on customer references for information before purchasing.” (Source: RO Innovation, 2017)

    “91% of B2B purchasers’ buying decisions are influenced by word-of-mouth recommendations.” (Source: ReferralRock, 2022)

    “76% of individuals admit that they’re more likely to trust content shared by ‘normal’ people than content shared by brands.” (Source: TrustPilot, 2020)

    By ignoring the importance of customer advocacy, companies and brands are risking stagnation and missing out on opportunities to gain competitive advantage and achieve growth.

    Getting Started With Customer Advocacy: SoftwareReviews' Approach

    1 BUILD
    Build the business case
    Identify your key stakeholders, steering committee, and working team, understand key customer advocacy principles, and note success barriers and ways to overcome them as your first steps.

    2 DEVELOP
    Develop your advocacy requirements
    Assess your current customer advocacy maturity, identify gaps in your current efforts, and develop your ideal advocate profile.

    3 WIN
    Win executive approval and implement pilot
    Determine goals and success metrics for the pilot, establish a timeline and key project milestones, create advocate communication materials, and finally gain executive buy-in and implement the pilot.

    SoftwareReviews Insight
    Building and implementing a customer advocacy pilot will help lay the foundation for a full program and demonstrate to executives and key stakeholders the impact on revenue, retention, and CLV that can be achieved through coordinated and well-planned customer advocacy efforts.

    Customer advocacy benefits

    Our research benefits customer advocacy program managers by enabling them to:

    • Explain why having a centralized, proactive customer advocacy program is important.
    • Clearly communicate the benefits and business case for having a formalized customer advocacy program.
    • Develop a customer advocacy pilot to provide a proof of concept (POC) and demonstrate the value of customer advocacy.
    • Assess the maturity of your current customer advocacy efforts and identify what to improve and how to improve to grow your customer advocacy function.

    "Advocacy is the currency for business and the fuel for explosive growth. Successful marketing executives who understand this make advocacy programs an essential part of their go-to-market strategy. They also know that advocacy isn't something you simply 'turn on': ... ultimately, it's about making human connections and building relationships that have enduring value for everyone involved."
    - Dan Cote, Influitive, Dec. 2021

    Case Study: Advocate impact on sales at Genesys

    Genesys' Goal

    Provide sales team with compelling customer reviews, quotes, stories, videos, and references.

    Approach to Advocacy

    • Customers were able to share their stories through Genesys' customer hub GCAP as quotes, reviews, etc., and could sign up to host reference forum sessions for prospective customers.
    • Content was developed that demonstrated ROI with using Genesys' solutions, including "top-tier logos, inspiring quotes, and reference forums featuring some of their top advocates" (Influitive, 2021).
    • Leveraged customer advocacy-specific software solution integration with the CRM to easily identify reference recommendations for Sales.

    Advocate Impact on Sales

    According to Influitive (2021), the impacts were:

    • 386% increase in revenue influences from references calls
    • 82% of revenue has been influence by reference calls
    • 78 reference calls resulted in closed-won opportunities
    • 250 customers and prospects attended 7 reference forums
    • 112 reference slides created for sales enablement
    • 100+ quotes were collect and transformed into 78 quote slides

    Who benefits from getting started with customer advocacy?

    This Research Is Designed for:

    • Customer advocacy leaders and marketers who are looking to:
      • Take a more strategic, proactive, and structured approach to customer advocacy.
      • Find a more effective and reliable way to gather customer feedback and input on products and services.
      • Develop and nurture a customer-oriented mindset throughout the organization.
      • Improve marketing credibility both within the company and outside to prospective customers.

    This Research Will Help You:

    • Explain why having a centralized, proactive customer advocacy program is important.
    • Clearly communicate the benefits and business case for having a formalized customer advocacy program.
    • Develop a customer advocacy pilot to provide a proof of concept (POC) and demonstrate the value of customer advocacy.
    • Assess the maturity of your current customer advocacy efforts and identify what to improve and how to improve to grow your customer advocacy function.

    This Research Will Also Assist:

    • Customer success leaders and sales directors who are responsible for:
      • Gathering customer references and testimonials.
      • Referral or voice of the customer (VoC) programs.

    This Research Will Help Them:

    • Align stakeholders on an overall program of identifying ideal advocates.
    • Coordinate customer advocacy efforts and actions.
    • Gather and make use of customer feedback to improve products, solutions, and service provided.
    • Provide an amazing customer experience throughout the entirety of the customer journey.

    SoftwareReviews’ methodology for getting started with customer advocacy

    Phase Steps

    1. Build the business case

    1. Identify your key stakeholders, steering committee, and working team
    2. Understand the concepts and benefits of customer advocacy as they apply to your organization
    3. Outline barriers to success, risks, and risk mitigation tactics

    2. Develop your advocacy requirements

    1. Assess your customer advocacy maturity using the SoftwareReviews CA Maturity Assessment Tool
    2. Identify gaps/pains in current CA efforts and add tasks to your action plan
    3. Develop ideal advocate profile/identify target advocate segment(s)

    3. Create implementation plan and pitch CA pilot

    1. Determine pilot goals and success metrics
    2. Establish timeline and create advocate communication materials
    3. Gain executive buy-in and implement pilot

    Phase Outcomes

    1. Common understanding of CA concepts and benefits
    2. Buy-in from CEO and head of Sales
    3. List of opportunities, risks, and risk mitigation tactics
    1. Identification of gaps in current customer advocacy efforts and/or activities
    2. Understanding customer advocacy readiness
    3. Identification of ideal advocate profile/target segment
    4. Basic actions to bridge gaps in CA efforts
    1. Clear objective for CA pilot
    2. Key metrics for program success
    3. Pilot timelines and milestones
    4. Executive presentation with business case for CA

    Insight summary

    Customer advocacy is a critical strategic growth initiative
    Customer advocacy (CA) has evolved into being a highly valued company asset as opposed to a simple referral program, but not everyone in the organization sees it that way. Customer success leaders must reposition their CA program around growth instead of focusing solely on retention and communicate this to key stakeholders. The recognition that customer advocacy is a strategic growth initiative is necessary to succeed in today’s competitive market.

    Get key stakeholders on board early – especially Sales!
    Work to bring the CEO and the head of Sales on your side early. Sales is the gatekeeper – they need to open the door to customers to turn them into advocates. Clearly reposition CA for growth and communicate that to the CEO and head of Sales; wider buy-in will follow.

    Identify the highest priority segment for generating acts of advocacy
    By focusing on the highest priority segment, you accomplish a number of things: generating growth in a critical customer segment, proving the value of customer advocacy to key stakeholders (especially Sales), and setting a strong foundation for customer advocacy to build upon and expand the program out to other segments.

    Always link your CA efforts back to retention and growth
    By clearly demonstrating the impact that customer advocacy has on not only retention but also overall growth, marketers will gain buy-in from key stakeholders, secure funding for a full CA program, and gain the resources needed to expand customer advocacy efforts.

    Focus on providing value to advocates
    Many organizations take a transactional approach to customer advocacy, focusing on what their advocates can do for them. To truly succeed with CA, focus on providing your advocates with value first and put them in the spotlight.

    Make building genuine relationships with your advocates the cornerstone of your CA program
    "57% of small businesses say that having a relationship with their consumers is the primary driver of repeat business" (Factory360).

    Guided Implementation

    What does our GI on getting started with building customer advocacy look like?

    Build the Business Case

    Call #1: Identify key stakeholders. Map out motivations and anticipate any concerns or objections. Determine steering committee and working team. Plan next call – 1 week.

    Call #2: Discuss concepts and benefits of customer advocacy as they apply to organizational goals. Plan next call – 1 week.

    Call #3: Discuss barriers to success, risks, and risk mitigation tactics. Plan next call – 1 week.

    Call #4: Finalize CA goals, opportunities, and risks and develop business case. Plan next call – 2 weeks.

    Develop Your Advocacy Requirements

    Call #5: Review the SoftwareReviews CA Maturity Assessment Tool. Assess your current level of customer advocacy maturity. Plan next call – 1 week.

    Call #6: Review gaps and pains in current CA efforts. Discuss tactics and possible CA pilot program goals. Begin adding tasks to action plan. Plan next call – 2 weeks.

    Call #7: Discuss ideal advocate profile and target segments. Plan next call – 2 weeks.

    Call #8: Validate and finalize ideal advocate profile. Plan next call – 1 week.

    Win Executive Approval and Implement Pilot

    Call #9: Discuss CA pilot scope. Discuss performance metrics and KPIs. Plan next call – 3 days.

    Call #10: Determine timeline and key milestones. Plan next call –2 weeks.

    Call #11: Develop advocate communication materials. Plan next call – 3 days.

    Call #12: Review final business case and coach on executive presentation. Plan next call – 1 week.

    A Guided Implementation (GI) is series of calls with a SoftwareReviews Advisory analyst to help implement our best practices in your organization. For guidance on marketing applications, we can arrange a discussion with an Info-Tech analyst. Your engagement managers will work with you to schedule analyst calls.


    Customer Advocacy Workshop

    Pre-Workshop Day 1 Day 2 Day 3 Day 4 Day 5 Post-Workshop
    Activities Identify Stakeholders & CA Pilot Team Build the Business Case Assess Current CA Efforts Develop Advocacy Goals & Ideal Advocate Profile Develop Project Timelines, Materials, and Exec Presentation Next Steps and Wrap-Up (offsite) Pitch CA Pilot
    0.1 Identify key stakeholders to involve in customer advocacy pilot and workshop; understand their motivations and anticipate possible concerns. 1.1 Review key CA concepts and identify benefits of CA for the organization.
    1.2 Outline barriers to success, risks, and risk mitigation tactics.
    2.1 Assess your customer advocacy maturity using the SoftwareReviews CA Maturity Assessment Tool.
    2.2 Identify gaps/pains in current CA efforts.
    2.3 Prioritize gaps from diagnostic and any other critical pain points.
    3.1 Identify and document the ideal advocate profile and target customer segment for pilot.
    3.2 Determine goal(s) and success metrics for program pilot.
    4.1 Develop pilot timelines and key milestones.
    4.2 Outline materials needed and possible messaging.
    4.3 Build the executive buy-in presentation.
    5.1 Complete in-progress deliverables from the previous four days. 6.1 Present to executive team and stakeholders.
    6.2 Gain executive buy-in and key stakeholder approval.
    6.3 Execute CA pilot.
    Deliverables
    1. Rationale for CA pilot; clear benefits, and how they apply to the organization.
    2. Documented barriers to success, risks, and risk mitigation tactics.
    1. CA Maturity Assessment results.
    2. Identification of gaps in current customer advocacy efforts and/or activities.
    1. Documented ideal advocate profile/target customer segment.
    2. Clear goal(s) and success metrics for CA pilot.
    1. Documented pilot timelines and key milestones.
    2. Draft/outlines of advocate materials.
    3. Draft executive presentation with business case for CA.
    1. Finalized implementation plan for CA pilot.
    2. Finalized executive presentation with business case for CA.
    1. Buy-in from decision makers and key stakeholders.

    Contact your account representative for more information.
    workshops@infotech.com
    1-888-670-8889

    Get started!

    Know your target market and audience, deploy well-designed strategies based on shared values, and make meaningful connections with people.

    Phase 1
    Build the Business Case

    Phase 2
    Develop Your Advocacy Requirements

    Phase 3
    Win Executive Approval and Implement Pilot

    Phase 1: Build the Business Case

    Steps
    1.1 Identify your key stakeholders, steering committee, and working team
    1.2 Understand the concepts and benefits of customer advocacy as they apply to your organization
    1.3 Outline barriers to success, risks, and risk mitigation tactics

    Phase Outcome

    • Common understanding of CA concepts and benefits
    • Buy-in from CEO and head of Sales
    • List of barriers to success, risks, and risk mitigation tactics

    Build the business case

    Step 1.1 Identify your key stakeholders, steering committee, and working team

    Total duration: 2.5-8.0 hours

    Objective
    Identify, document, and finalize your key stakeholders to know who to involve and how to get them onboard by truly understanding the forces of influence.

    Output

    • Robust stakeholder list with key stakeholders identified.
    • Steering committee and working team decided.

    Participants

    • Customer advocacy lead
    • Identified stakeholders
    • Workstream leads

    MarTech
    None

    Tools

    1.1.1 Identify Stakeholders
    (60-120 min.)

    Identify
    Using the guidance on slide 28, identify all stakeholders who would be involved or impacted by your customer advocacy pilot by entering names and titles into columns A and B on slide 27 "Stakeholder List Worksheet."

    Document
    Document as much information about each stakeholder as possible in columns C, D, E, and F into the table on slide 27.

    1.1.2 Select Steering Committee & Working Team
    (60-90 min.)

    Select
    Using the guidance on slides 28 and 29 and the information collected in the table on slide 27, identify the stakeholders that are steering committee members, functional workstream leads, or operations; document in column G on slide 27.

    Document
    Open the Executive Presentation Template to slides 5 and 6 and document your final steering committee and working team selections. Be sure to note the Executive Sponsor and Program Manager on slide 5.

    Tips & Reminders

    1. It is critical to identify "key stakeholders"; a single missed key stakeholder can disrupt an initiative. A good way to ensure that nobody is missed is to first uncover as many stakeholders as possible and later decide how important they are.
    2. Ensure steering committee representation from each department this initiative would impact or that may need to be involved in decision-making or problem-solving endeavors.

    Consult Info-Tech's Manage Stakeholder Relations blueprint for additional guidance on identifying and managing stakeholders, or contact one of our analysts for more personalized assistance and guidance.

    Stakeholder List Worksheet

    *Possible Roles
    Executive Sponsor
    Program Manager
    Workstream Lead
    Functional Lead
    Steering Committee
    Operations
    A B C D E F G
    Name Position Decision Involvement
    (Driver / Approver / Contributor / Informe
    Direct Benefit?
    (Yes / No)
    Motivation Concerns *Role in Customer Advocacy Pilot
    E.g. Jane Doe VP, Customer Success A N
    • Increase customer retention
    • Customer advocate burnout
    Workstream Lead

    Customer advocacy stakeholders

    What to consider when identifying stakeholders required for CA:
    Customer advocacy should be done as a part of a cross-functional company initiative. When identifying stakeholders, consider:

    • Who can make the ultimate decision on approving the CA program?
    • Who are the senior leadership members you need buy-in from?
    • Who do you need to support the CA program?
    • Who is affected by the CA program?
    • Who will help you build the CA program?
    • Where and among who is there enthusiasm for customer advocacy?
    • Consider stakeholders from Customer Success, Marketing, Sales, Product, PR & Social, etc.
    Key Roles Supporting an Effective Customer Advocacy Pilot
    Executive Sponsor
    • Owns the function at the management/C-suite level
    • Responsible for breaking down barriers and ensuring alignment with organizational strategy
    • CMO, VP of Marketing, and in SMB providers, the CEO
    Program Manager
    • Typically, a senior member of the marketing team
    • Responsible for organizing the customer advocacy pilot, preparing summary executive-level communications, and approval requests
    • Program manages the customer advocacy pilot, and in many cases, the continued formal program
    • Product Marketing Director, or other Marketing Director, who has strong program management skills, has run large-scale marketing or product programs, and is familiar with the stakeholder roles and enabling technologies
    Functional / Workstream Leads
    • Works alongside the Program Manager on planning and implementing the customer advocacy pilot and ensures functional workstreams are aligned with pilot objectives
    • Typical customer advocacy pilots will have a team comprised of representatives from Marketing, Sales, and Customer Success
    Steering Committee
    • Comprised of C-suite/management-level individuals that guide key decisions, approve requests, and mitigate any functional conflicts
    • Responsible for validating goals and priorities, enabling adequate resourcing, and critical decision making
    • CMO, CRO/Head of Sales, Head of Customer Success
    Operations
    • Comprised of individuals whose application and tech tools knowledge and skills support integration of customer advocacy functions into existing tech stack/CRM (e.g. adding custom fields into CRM)
    • Responsible for helping select technology that enables customer advocacy program activities
    • CRM, Marketing Applications, and Analytics Managers, IT Managers

    Customer advocacy working team

    Consider the skills and knowledge required for planning and executing a customer advocacy pilot.

    Workstream leads should have strong project management and collaboration skills and deep understanding of both product and customers (persona, journeys, satisfaction, etc.).

    Required Skills Suggested Functions
    • Project management
    • CRM knowledge
    • Marketing automation experience
    • MarTech knowledge
    • Understanding of buyer persona and journey
    • Product knowledge
    • Understanding of executive-level goals for the pilot
    • Content creation
    • Customer advocacy experience, if possible
    • Customer satisfaction
    • Email and event marketing experience
    • Customer Success
    • Marketing
    • Sales
    • Product
    • PR/Corporate Comms.

    Build the business case

    Step 1.2 Understand key concepts and benefits of customer advocacy

    Total duration: 2.0-4.0 hours

    Objective
    Understand customer advocacy and what benefits you seek from your customer advocacy program, and get set up to best communicate them to executives and decision makers.

    Output

    • Documented customer advocacy benefits

    Participants

    • Customer advocacy lead

    MarTech
    None

    Tools

    1.2.1 Discuss Key Concepts
    (60-120 min.)

    Envision
    Schedule a visioning session with key stakeholders and share the Get Started With Customer Advocacy Executive Brief (slides 3-23 in this deck).

    Discuss how key customer advocacy concepts can apply to your organization and how CA can contribute to organizational growth.

    Document
    Determine the top benefits sought from the customer advocacy program pilot and record them on slides 4 and 12 in the Executive Presentation Template.

    Finalize
    Work with the Executive Sponsor to finalize the "Message from the CMO" on slide 4 in the Executive Presentation Template.

    Tips & Reminders

    Keep in mind that while we're starting off broadly, the pilot for your customer advocacy program should be narrow and focused in scope.

    Build the business case

    Step 1.3 Understand barriers to success, risks, and risk mitigation tactics

    Total duration: 2.0-8.0 hours

    Objective
    Anticipate threats to pilot success; identify barriers to success, any possible risks, and what can be done to reduce the chances of a negative pilot outcome.

    Output

    • Awareness of barriers
    • Tactics to mitigate risk

    Participants

    • Customer advocacy lead
    • Key stakeholders

    MarTech
    None

    Tools

    1.3.1 Brainstorm Barriers to Success & Possible Risks
    (60-120 min.)

    Identify
    Using slide 7 of the Executive Presentation Template, brainstorm any barriers to success that may exist and risks to the customer advocacy program pilot success. Consider the people, processes, and technology that may be required.

    Document
    Document all information on slide 7 of the Executive Presentation Template.

    1.3.2 Develop Risk Mitigation Tactics
    (60-300 min.)

    Develop
    Brainstorm different ways to address any of the identified barriers to success and reduce any risks. Consider the people, processes, and technology that may be required.

    Document
    Document all risk mitigation tactics on slide 7 of the Executive Presentation Template.

    Tips & Reminders
    There are several types of risk to explore. Consider the following when brainstorming possible risks:

    • Damage to brand (if advocate guidance not provided)
    • Legal (compliance with regulations and laws around contact, incentives, etc.)
    • Advocate burnout
    • Negative advocate feedback

    Phase 2: Develop Your Advocacy Requirements

    Steps
    2.1 Assess your customer advocacy maturity
    2.2 Identify and document gaps and pain points
    2.3 Develop your ideal advocate profile

    Phase Outcome

    • Identification of gaps in current customer advocacy efforts or activities
    • Understanding of customer advocacy readiness and maturity
    • Identification of ideal advocate profile/target segment
    • Basic actions to bridge gaps in CA efforts

    Develop your advocacy requirements

    Step 2.1 Assess your customer advocacy maturity

    Total duration: 2.0-8.0 hours

    Objective
    Use the Customer Advocacy Maturity Assessment Tool to understand your organization's current level of customer advocacy maturity and what to prioritize in the program pilot.

    Output

    • Current level of customer advocacy maturity
    • Know areas to focus on in program pilot

    Participants

    • Customer advocacy lead
    • Key stakeholders

    MarTech
    None

    Tools

    2.1.1 Diagnose Current Customer Advocacy Maturity
    (60-120 min.)

    Diagnose
    Begin on tab 1 of the Customer Advocacy Maturity Assessment Tool and read all instructions.

    Navigate to tab 2. Considering the current state of customer advocacy efforts, answer the diagnostic questions in the Diagnostic tab of the Customer Advocacy Maturity Assessment Tool.

    After completing the questions, you will receive a diagnostic result on tab 3 that will identify areas of strength and weakness and make high-level recommendations for your customer advocacy program pilot.

    2.1.2 Discuss Results
    (60-300 min.)

    Discuss
    Schedule a call to discuss your customer advocacy maturity diagnostic results with a SoftwareReviews Advisor.

    Prioritize the recommendations from the diagnostic, noting which will be included in the program pilot and which require funding and resources to advance.

    Transfer
    Transfer results into slides 8 and 11 of the Executive Presentation Template.

    Tips & Reminders
    Complete the diagnostic with a handful of key stakeholders identified in the previous phase. This will help provide a more balanced and accurate assessment of your organization’s current level of customer advocacy maturity.

    Develop your advocacy requirements

    Step 2.2 Identify and document gaps and pain points

    Total duration: 2.5-8.0 hours

    Objective
    Understand the current pain points within key customer-related processes and within any current customer advocacy efforts taking place.

    Output

    • Prioritized list of pain points that could be addressed by a customer advocacy program.

    Participants

    • Customer advocacy lead
    • Key stakeholders

    MarTech
    None

    Tools

    2.2.1 Identify Pain Points
    (60-120 min.)

    Identify
    Identify and list current pain points being experienced around customer advocacy efforts and processes around sales, marketing, customer success, and product feedback.

    Add any gaps identified in the diagnostic to the list.

    Transfer
    Transfer key information into slide 9 of Executive Presentation Template.

    2.2.2 Prioritize Pain Points
    (60-300 min.)

    Prioritize
    Indicate which pains are the most important and that a customer advocacy program could help improve.

    Schedule a call to discuss the outputs of this step with a SoftwareReviews Advisor.

    Document
    Document priorities on slide 9 of Executive Presentation Template.

    Tips & Reminders

    Customer advocacy won't solve for everything; it's important to be clear about what pain points can and can't be addressed through a customer advocacy program.

    Develop your advocacy requirements

    Step 2.3 Develop your ideal advocate profile

    Total duration: 3.0-9.0 hours

    Objective
    Develop an ideal advocate persona profile that can be used to identify potential advocates, guide campaign messaging, and facilitate advocate engagement.

    Output

    • Ideal advocate persona profile

    Participants

    • Customer advocacy lead
    • Key stakeholders
    • Sales lead
    • Marketing lead
    • Customer Success lead
    • Product lead

    MarTech
    May require the use of:

    • CRM or marketing automation platform
    • Available and up-to-date customer database

    Tools

    2.3.1 Brainstorm Session Around Ideal Advocate Persona
    (60-150 min.)

    Brainstorm
    Lead the team to prioritize an initial, single, most important persona and to collaborate to complete the template.

    Choose your ideal advocate for the pilot based on your most important audience. Start with firmographics like company size, industry, and geography.

    Next, consider satisfaction levels and behavioral attributes, such as renewals, engagement, usage, and satisfaction scores.

    Identify motivations and possible incentives for advocate activities.

    Document
    Use slide 10 of the Executive Presentation Template to complete this exercise.

    2.3.2 Review and Refine Advocate Persona
    (60-300 min.)

    Review & Refine
    Place the Executive Presentation Template in a shared drive for team collaboration. Encourage the team to share persona knowledge within the shared drive version.

    Hold any necessary follow-up sessions to further refine persona.

    Validate
    Interview advocates that best represent your ideal advocate profile on their type of preferred involvement with your company, their role and needs when it comes to your solution, ways they'd be willing to advocate, and rewards sought.

    Confirm
    Incorporate feedback and inputs into slide 10 of the Executive Presentation Template. Ensure everyone agrees on persona developed.

    Tips & Reminders

    1. When identifying potential advocates, choose based on your most important audience.
    2. Ensure you're selecting those with the highest satisfaction scores.
    3. Ideally, select candidates that have, on their own, advocated previously such as in social posts, who may have acted as a reference, or who have been highly visible as a positive influence at customer events.
    4. Knowing motivations will determine the type of acts of advocacy they would be most willing to perform and the incentives for participating in the program.

    Consider the following criteria when identifying advocates and developing your ideal advocate persona:

    Demographics Firmographics Satisfaction & Needs/Value Sought Behavior Motivation
    Role - user, decision-maker, etc. Company size: # of employees Satisfaction score Purchase frequency & repeat purchases (renewals), upgrades Career building/promotion
    Department Company size: revenue NPS score Usage Collaboration with peers
    Geography CLV score Engagement (e.g. email opens, response, meetings) Educate others
    Industry Value delivered (outcomes, occasions used, etc.) Social media interaction, posts Influence (on product, service)
    Tenure as client Benefits sought
    Account size ($) Minimal and resolved service tickets, escalations
    1. When identifying potential advocates, choose based on your most important audience/segments. 2. Ensure you're selecting those with the highest satisfaction, NPS, and CLV scores. 3. When identifying potential advocates, choose based on high engagement and interaction, regular renewals, and high usage. 4. Knowing motivations will determine the type of acts of advocacy they would be most willing to perform and incentives for participating in the program.

    Phase 3: Win Executive Approval and Implement Pilot

    Steps
    3.1 Determine pilot goals and success metrics
    3.2 Establish timeline and create advocate communication materials
    3.3 Gain executive buy-in and implement pilot

    Phase Outcome

    • Clear objective for CA pilot
    • Key metrics for program success
    • Pilot timelines and milestones
    • Executive presentation with business case for CA

    Win executive approval and implement pilot

    Step 3.1 Determine pilot goals and success metrics

    Total duration: 2.0-4.0 hours

    Objective
    Set goals and determine the scope for the customer advocacy program pilot.

    Output

    • Documented business objectives for the pilot
    • Documented success metrics

    Participants

    • Customer advocacy lead
    • Key stakeholders
    • Sales lead
    • Marketing lead
    • Customer Success lead
    • Product lead

    MarTech
    May require to use, set up, or install platforms like:

    • Register to a survey platform
    • CRM or marketing automation platform

    Tools

    3.1.1 Establish Pilot Goals
    (60-120 min.)

    Set
    Organize a meeting with department heads and review organizational and individual department goals.

    Using the Venn diagram on slide 39 in this deck, identify customer advocacy goals that align with business goals. Select the highest priority goal for the pilot.

    Check that the goal aligns with benefits sought or addresses pain points identified in the previous phase.

    Document
    Document the goals on slides 9 and 16 of the Executive Presentation Template.

    3.1.2 Establish Pilot Success Metrics
    (60-120 min.)

    Decide
    Decide how you will measure the success of your program pilot using slide 40 in this document.

    Document
    Document metrics on slide 16 of the Executive Presentation Template.

    Tips & Reminders

    1. Don't boil the ocean. Pick the most important goal that can be achieved through the customer advocacy pilot to gain executive buy-in and support or resources for a formal customer advocacy program. Once successfully completed, you'll be able to tackle new goals and expand the program.
    2. Keep your metrics simple, few in number, and relatively easy to track

    Connect customer advocacy goals with organizational goals

    List possible customer advocacy goals, identifying areas of overlap with organizational goals by taking the following steps:

    1. List organizational/departmental goals in the green oval.
    2. List possible customer advocacy program goals in the purple oval.
    3. Enter goals that are covered in both the Organizational Goals and Customer Advocacy Goals sections into the Shared Goals section in the center.
    4. Highlight the highest priority goal for the customer advocacy program pilot to tackle.
    Organizational Goals Shared Goals Customer Advocacy Goals
    Example Example: Gain customer references to help advance sales and improve win rates Example: Develop pool of customer references
    [insert goal] [insert goal] Example: Gather customer feedback
    [insert goal] [insert goal] [insert goal]
    [insert goal] [insert goal] [insert goal]

    Customer advocacy success metrics for consideration

    This table provides a starting point for measuring the success of your customer advocacy pilot depending on the goals you've set.

    This list is by no means exhaustive; the metrics here can be used, or new metrics that would better capture success measurement can be created and tracked.

    Metric
    Revenue influenced by reference calls ($ / % increase)
    # of reference calls resulting in closed-won opportunities
    # of quotes collected
    % of community growth YoY
    # of pieces of product feedback collected
    # of acts of advocacy
    % membership growth
    % product usage amongst community members
    # of social shares, clicks
    CSAT score for community members
    % of registered qualified leads
    # of leads registered
    # of member sign-ups
    # of net-new referenceable customers
    % growth rate of products used by members
    % engagement rate
    # of published third-party reviews
    % increase in fulfilled RFPs

    When selecting metrics, remember:
    When choosing metrics for your customer advocacy pilot, be sure to align them to your specific goals. If possible, try to connect your advocacy efforts back to retention, growth, or revenue.

    Do not choose too many metrics; one per goal should suffice.

    Ensure that you can track the metrics you select to measure - the data is available and measuring won't be overly manual or time-consuming.

    Win executive approval and implement pilot

    Step 3.2 Establish timeline and create advocate communication materials

    Total duration: 2.5-8.0 hours

    Objective
    Outline who will be involved in what roles and capacities and what tasks and activities need to completed.

    Output

    • Timeline and milestones
    • Advocate program materials

    Participants

    • Customer advocacy lead
    • Key stakeholders
    • Sales lead
    • Marketing lead
    • Customer Success lead
    • Product lead

    MarTech
    None

    Tools

    3.2.1 Establish Timeline & Milestones
    (30-60 min.)

    List & Assign
    List all key tasks, phases, and milestones on slides 13, 14, and 15 in the Executive Presentation Template.

    Include any activities that help close gaps or address pain points from slide 9 in the Executive Presentation Template.

    Assign workstream leads on slide 15 in the Executive Presentation Template.

    Finalize all tasks and activities with working team.

    3.2.2 Design & Build Advocate Program Materials
    (180-300 min.)

    Decide
    Determine materials needed to recruit advocates and explain the program to advocate candidates.

    Determine the types of acts of advocacy you are looking for.

    Determine incentives/rewards that will be provided to advocates, such as access to new products or services.

    Build
    Build out all communication materials.

    Obtain incentives.

    Tips & Reminders

    1. When determining incentives, use the validated ideal advocate profile for guidance (i.e. what motivates your advocates?).
    2. Ensure to leave a buffer in the timeline if the need to adjust course arises.

    Win executive approval and implement pilot

    Step 3.3 Implement pilot and gain executive buy-in

    Total duration: 2.5-8.0 hours

    Objective
    Successfully implement the customer advocacy pilot program and communicate results to gain approval for full-fledged program.

    Output

    • Deliver Executive Presentation
    • Successful customer advocacy pilot
    • Provide regular updates to stakeholders, executives

    Participants

    • Customer advocacy lead
    • Workstream leads

    MarTech
    May require the use of:

    • CRM or Marketing Automation Platform
    • Available and up-to-date customer database

    Tools

    3.3.1 Complete & Deliver Executive Presentation
    (60-120 min.)

    Present
    Finalize the Executive Presentation.

    Hold stakeholder meeting and introduce the program pilot.

    3.3.2 Gain Executive Buy-in
    (60-300 min.)

    Pitch
    Present the final results of the customer advocacy pilot using the Executive Presentation Template and gain approval.

    3.3.3 Implement the Customer Advocacy Program Pilot
    (30-60 min.)

    Launch
    Launch the customer advocacy program pilot. Follow the timelines and activities outlined in the Executive Presentation Template. Track/document all advocate outreach, activity, and progress against success metrics.

    Communicate
    Establish a regular cadence to communicate with steering committee, stakeholders. Use the Executive Presentation Template to present progress and resolve roadblocks if/as they arise.

    Tips & Reminders

    1. Continually collect feedback and input from advocates and stakeholders throughout the process.
    2. Don't be afraid to make changes on the go if it helps to achieve the end goal of your pilot.
    3. If the pilot program was successful, consider scaling it up and rolling it out to more customers.

    Summary of Accomplishment

    Mission Accomplished

    • You successfully launched your customer advocacy program pilot and demonstrated clear benefits and ROI. By identifying the needs of the business and aligning those needs with key customer advocacy activities, marketers and customer advocacy leaders can prioritize the most important tasks for the pilot while also identifying potential opportunities for expansion pending executive approval.
    • SoftwareReviews' comprehensive and tactical approach takes you through the steps to build the foundation for a strategic customer advocacy program. Our methodology ensures that a customer advocacy pilot is developed to deliver the desired outcomes and ROI, increasing stakeholder buy-in and setting up your organization for customer advocacy success.

    If you would like additional support, contact us and we'll make sure you get the professional expertise you need.

    Contact your account representative for more information.
    info@softwarereviews.com
    1-888-670-8889

    Related SoftwareReviews Research

    Measure and Manage the Customer Satisfaction Metrics That Matter the Most
    Understand what truly keeps your customer satisfied. Measure what matters to improve customer experience and increase satisfaction and advocacy.

    • Understand the true drivers of satisfaction and dissatisfaction among your customer segments.
    • Establish process and cadence for effective satisfaction measurement and monitoring.
    • Know where resources are needed most to improve satisfaction levels and increase retention.

    Develop the Right Message to Engage Buyers
    Sixty percent of marketers find it hard to produce high-quality content consistently. SaaS marketers have an even more difficult job due to the technical nature of content production.

    • Create more compelling and relevant content that aligns with a buyer's needs and journey.
    • Shrink marketing and sales cycles.
    • Increase the pace of content production.

    Create a Buyer Persona and Journey
    Get deeper buyer understanding and achieve product-market fit, with easier access to market and sales.

    • Reduce time and resources wasted chasing the wrong prospects.
    • Increase open and click-through rates.
    • Perform more effective sales discovery.
    • Increase win rate.

    Bibliography

    "15 Award-Winning Customer Advocacy Success Stories." Influitive, 2021. Accessed 8 June 2023.

    "Advocacy Marketing." Influitive, June 2016. Accessed 26 Oct. 2021.

    Andrews, Marcus. "42% of Companies Don’t Listen to their Customers. Yikes." HubSpot, June 2019. Accessed 2 Nov. 2021.

    "Before you leap! Webcast." Point of Reference, Sept. 2019. Accessed 4 Nov. 2021.

    "Brand Loyalty: 5 Interesting Statistics." Factory360, Jan. 2016. Accessed 2 Nov. 2021.

    Brenner, Michael. "The Data Driven Guide to Customer Advocacy." Marketing Insider Group, Sept. 2021. Accessed 3 Feb. 2022.

    Carroll, Brian. "Why Customer Advocacy Should Be at the Heart of Your Marketing." Marketing Insider Group, Sept. 2017. Accessed 3 Feb. 2022.

    Cote, Dan. "Advocacy Blooms and Business Booms When Customers and Employees Engage." Influitive, Dec. 2021. Accessed 3 Feb. 2022.

    "Customer Success Strategy Guide." ON24, Jan. 2021. Accessed 2 Nov. 2021.

    Dalao, Kat. "Customer Advocacy: The Revenue-Driving Secret Weapon." ReferralRock, June 2017. Accessed 7 Dec. 2021.

    Frichou, Flora. "Your guide to customer advocacy: What is it, and why is it important?" TrustPilot, Jan. 2020. Accessed 26 Oct. 2021.

    Gallo, Amy. "The Value of Keeping the Right Customers." Harvard Business Review, Oct. 2014. Accessed 10 March 2022.

    Huhn, Jessica. "61 B2B Referral Marketing Statistics and Quotes." ReferralRock, March 2022. Accessed 10 March 2022.

    Kemper, Grayson. "B2B Buying Process: How Businesses Purchase B2B Services and Software." Clutch, Feb. 2020. Accessed 6 Jan. 2022.

    Kettner, Kyle. "The Evolution of Ambassador Marketing." BrandChamp.io, Oct. 2018. Accessed 2 Nov. 2021.

    Landis, Taylor. "Customer Retention Marketing vs. Customer Acquisition Marketing." OutboundEngine, April 2022. Accessed 23 April 2022.

    Miels, Emily. "What is customer advocacy? Definition and strategies." Zendesk Blog, June 2021. Accessed 27 Oct. 2021.

    Mohammad, Qasim. "The 5 Biggest Obstacles to Implementing a Successful B2B Customer Advocacy Program." HubSpot, June 2018. Accessed 6 Jan. 2022.

    Murphy, Brandon. "Brand Advocacy and Social Media - 2009 GMA Conference." Deloitte, Dec. 2009. Accessed 8 June 2023.

    Patel, Neil. "Why SaaS Brand Advocacy is More Important than Ever in 2021." Neil Patel, Feb. 2021. Accessed 4 Nov. 2021.

    Pieri, Carl. "The Plain-English Guide to Customer Advocacy." HubSpot, Apr. 2020. Accessed 27 Oct. 2021.

    Schmitt, Philipp; Skiera, Bernd; Van den Bulte, Christophe. "Referral Programs and Customer Value." Wharton Journal of Marketing, Jan. 2011. Accessed 8 June 2023.

    "The Complete Guide to Customer Advocacy." Gray Group International, 2020. Accessed 15 Oct. 2021.

    "The Customer-powered Enterprise: Playbook." Influitive, Gainsight & Pendo. 2020. Accessed 26 Oct. 2021.

    "The Winning Case for a Customer Advocacy Solution." RO Innovation, 2017. Accessed 26 Oct. 2021.

    Tidey, Will. "Acquisition vs. Retention: The Importance of Customer Lifetime Value." Huify, Feb. 2018. Accessed 10 Mar. 2022.

    "What a Brand Advocate Is and Why Your Company Needs One." RockContent, Jan. 2021. Accessed 7 Feb. 2022.

    "What is Customer Advocacy? A Definition and Strategies to Implement It." Testimonial Hero, Oct. 2021. Accessed 26 Jan. 2022.

    Take Advantage of Big Tech Layoffs

    • Buy Link or Shortcode: {j2store}573|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Attract & Select
    • Parent Category Link: /attract-and-select

    Tech layoffs have been making the news over the past year, with thousands of Big Tech employees having been laid off. After years of record low unemployment in IT, many leaders are looking to take advantage of these layoffs to fill their talent gaps.

    However, IT leaders need to determine their response – wait and see the impact of the recession on budgets and candidate expectations, or dive in and secure great talent to execute today on strategic needs. This research is designed to help those IT leaders who are looking to take advantage employee effective talents to secure talent.

    • With the impact of the economic slowdown still unknown, the first question IT leaders need to ask is whether now is the time to act.
    • Even with these layoffs, IT unemployment rates are at record lows, with many organizations continuing to struggle to attract talent. While these layoffs have opened a window, IT leaders need to act quickly to secure great talent.

    Our Advice

    Critical Insight

    The “where has the talent gone?” puzzle has been solved. Many tech firms over-hired and were able to outcompete everyone, but it wasn’t sustainable. This correction won’t impact unemployment numbers in the short term – the job force is just in flux right now.

    Impact and Result

    This research is designed to help IT leaders understand the talent market and to provide winning tactics to those looking to take advantage of the layoffs to fill their hiring needs.

    Take Advantage of Big Tech Layoffs Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Take Advantage of Big Tech Layoffs Storyboard – A snapshot of the current talent market in IT and quick tactics IT leaders can employ to improve their hiring process to find and attract tech talent.

    Straightforward tactics you can execute to successfully recruit IT staff impacted by layoffs.

    • Take Advantage of Big Tech Layoffs Storyboard

    2. IT Talent Acquisition Optimization Tool – Use this tool to document the current and future talent acquisition process.

    To hire efficiently, create a clear, consistent talent acquisition process. The IT Talent Acquisition Process Optimization Tool will help to:

  • Map out the current talent acquisition workflow
  • Identify areas of opportunity and potential gaps in the current process
    • IT Talent Acquisition Optimization Tool
    [infographic]

    Further reading

    Take Advantage of Big Tech Layoffs

    Simple tactics to secure the right talent in times of economic uncertainty.

    Why are the layoffs making the news?

    After three years of record low unemployment rates in IT and organizations struggling to hire IT talent into their organization, the window appears to be opening with tens of thousands layoffs from Big Tech employers.

    Big brand organizations such as Microsoft, Alphabet, Amazon, Twitter, Netflix, and Meta have been hitting major newswires, but these layoffs aren't exclusive to the big names. We've also seen smaller high-growth tech organizations following suit. In fact, in 2022, it's estimated that there were more than 160,997 layoffs across over 1,045 tech organizations. This trend has continued into 2023. By mid-February 2023, there were already 108,754 employees laid off at 385 tech companies (Layoffs.fyi).(1)

    While some of these layoffs have been openly connected to economic slowdown, others are pointing to the layoffs being a correction for over-hiring during the pandemic. It is also important to note that many of these workers were not IT employees, as these organizations also saw cuts across other areas of the business such as sales, marketing, recruitment, and operations.

    (1)This global database is constantly being updated, and these numbers are changing on an ongoing basis. For up-to-date statistics, see https://layoffs.fyi

    While tech layoffs have been making the news, so far many of these layoffs have been a correction to over-hiring, with most employees laid off finding work, if they want it, within three months.

    IT leaders need to determine their response – wait and see the impact of the recession on budgets and candidate expectations or dive in and secure great talent to execute today on strategic needs.

    This research is designed to help IT leaders understand the talent market and provide winning strategies to those looking to take advantage of the layoffs to fill their hiring needs.

    Three key drivers for Big Tech layoffs

    Economic uncertainty

    Globally, economists are predicting an economic slowdown, though there is not a consistent prediction on the impact. We have seen an increase in interest rates and inflation, as well as reduced investment budgets.

    Over-hiring during the pandemic

    High growth and demand for digital technologies and services during the early pandemic led to over-hiring in the tech industry. Many organizations overestimated the future demand and had to rebalance staffing as a result.

    New automation investments

    Many tech organizations that have conducted layoffs are still in a growth mindset. This is demonstrated though new tech investments by these companies in products like chatbots and RPA to semi-automate processes to reduce the need for certain roles.

    Despite layoffs, the labor market remains competitive

    There were at least 160,997 layoffs from more than 1,045 tech companies last year (2022). (Layoffs.fyi reported as of Feb 21/2023)

    But just because Big Tech is laying people off doesn't mean the IT job market has cooled.

    Between January and October 2022 technology- focused job postings rose 25% compared to the same period in 2021, and there were more than 375,000 tech jobs posted in October of 2022.
    (Dice: Tech Jobs Report.)

    Info-Tech Insight

    The "where has the talent gone?" puzzle has been solved. Many tech firms over-hired and were able to outcompete everyone, but it wasn't sustainable. This correction won't impact unemployment numbers in the short term – the job force is just in flux right now.

    So far, many of the layoffs have been a market correction

    Tech Layoffs Since COVID-19

    This is an image of a combo line graph plotting the number of tech layoffs from Q1 2020 to Q4 2022.

    Source: Layoffs.fyi - Tech Layoff Tracker and Startup Layoff Lists

    Tech Companies Layoffs vs. Early Pandemic Hiring # of People

    This is an image of a bar graph plotting Tech Companies Layoffs vs. Early Pandemic Hiring # of People

    Source: Yahoo Finance. Q4 '19 to Q3 '22

    Tech Layoffs between 2020 Q3- 2022 Q1 remained very low across the sector. In fact, outside of the initial increase at the start of the pandemic, layoffs have remained at historic low levels of around 1% (HBR, 2023). While the layoffs look significant in isolation, when you compare these numbers to pandemic hiring and growth for these organizations, the figures are relatively small.

    The first question IT leaders need to ask is whether now is the time to act

    The big gamble many CIOs face is whether to strike now to secure talent or to wait to better understand the impact of the recession. While two-thirds of IT professionals are still expecting their budgets to increase in 2023, CIOs must account for the impact of inflation and the recession on their IT budgets and staffing decisions (see Info-Tech's CEO-CIO Alignment Program).

    Ultimately, while unemployment is low today, it's common to see unemployment numbers drop right before a recession. If that is the case, then we will see more talent entering the market, possibly at more competitive salaries. But organizations that wait to hire risk not having the staff they need to execute on their strategy and finding themselves in a hiring freeze. CIOs need to decide on how to approach the economic uncertainty and where to place their bets.

    Looking ahead to 2023, how do you anticipate your IT spending will change compared to spending in 2022?

    This is an image of anticipated changes to IT spending compared to 2022 for the following categories: Decrease of more than 30%; Decrease between 16-30%; Decrease between 6-15%; Decrease between 1-5%; No Change; Increase between 1-5%; Increase between 6-15%; Increase between 16-30%; Increase of more than 30%

    Info-Tech's CEO-CIO Alignment Program

    Organizations ready to take advantage will need to act fast when layoffs happen

    Organizations looking to fill hiring needs or grow their IT/digital organization will need to be strategic and efficient when it comes to recruitment. Regardless of the number of layoffs, it continues to be an employee market when it comes to IT roles.

    While it is likely that the recession will impact unemployment rates, so far, the market remains hot, and the number of open roles continues to grow. This means that organizations that want to take advantage need to act quickly when news hits.

    Leaders not only need to compete with other organizations for talent, but the other challenge hiring organizations will need to compete with is that many in tech received generous severance packages and will be considering taking time off. To take advantage, leaders need to establish a plan and a clear employee value proposition to entice these highly skilled workers to get off the bench.

    Why you need to act fast:

    • Unemployment rates remain low:
      • Tech unemployment's rates in the US dropped to 1.5% in January 2023 (CompTIA), compared to overall unemployment which is at 3.4% in the US as of January 2023 (Yahoo Finance). While the layoffs look significant, we can see that many workers have been rehired into the labor market.
    • Long time-to-hire results in lost candidates:
      • According to Info-Tech's IT Talent Trend Report, 58% of IT leaders report time-to-hire is longer than two months. This timing increases for tech roles which require unique skills or higher seniority. IT leaders who can increase the timeline for their requirement process are much more likely to be able to take advantage of tech layoffs.

    IT must take a leading role in IT recruitment to take advantage of layoffs

    A personal connection is the differentiator when it comes to talent acquisition

    There is a statistically significant relationship between IT leadership involvement in talent acquisition and the effectiveness of this process in the IT department. The more involved they are, the higher the effectiveness.(1)

    More IT leadership involvement

    An image of two upward facing arrows. The left arrow is faded purple, and the right arrow is dark purple.

    Higher recruitment effectiveness

    Involved leaders see shorter times to hire

    There is a statistically significant relationship between IT leadership involvement in the talent acquisition process and time to fill vacant positions. The more involved they are, the shorter the time to hire.(2)

    Involved leaders are an integral part of effective IT departments

    There is a statistically significant relationship between IT leadership involvement in talent acquisition and overall IT department effectiveness. Those that are more involved have higher levels of effectiveness.(3)

    Increased IT Leadership in Recruitment Is Directly Correlated to Recruitment Effectiveness.

    This is an image of a combo bar graph plotting Overall Effectiveness for IT leadership involvement in recruitment.

    Focus your layoff recruitment strategy on critical and strategic roles

    If you are ready to take advantage of tech layoffs, focus hiring on critical and strategic roles, rather than your operational backfills. Roles related to security, cloud migration, data and analytics, and digital transformation are more likely to be shielded from budget cuts and are logical areas to focus on when looking to recruit from Big Tech organizations.

    Additionally, within the IT talent market, scarcity is focused in areas with specialized skill sets, such as security and architecture, which are dynamic and evolving faster than other skill sets. When looking to recruit in these areas, it's critical that you have a targeted recruitment approach; this is why tech layoffs represent a strong opportunity to secure talent in these specialized areas.

    ROLES DIFFICULT TO FILL

    An image of a bar graph plotting roles by difficulty to fill.

    Info-Tech Talent Trends 2022 Survey

    Four quick tactics to take advantage of Big Tech layoffs

    TALENT ACQUISITION PROCESS TO TAKE ADVANTAGE OF LAYOFFS

    This is an image of the talent acquisition process to take advantage of layoffs. It involves the following four steps: 1 Prepare organization and job ads for recruitment.  2 Actively track and scan for layoff activity.  3 Prioritize and screen candidates using salary benchmarks and keywords.  4 Eliminate all unnecessary hiring process steps.

    Guided Implementation

    What does a typical GI on this topic look like?

    Step 1 Step 2 Step 3 Step 4

    Call #1: Scope requirements, objectives, and your specific challenges.

    Call #2: IT job ad review.

    Call #4: Identify screening and sourcing opportunities.

    Call #5: Review your IT talent acquisition process.

    Call #3: Employee value proposition review.

    Call #7: Refine your talent acquisition process.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 8 to 12 calls over the course of 4 to 6 months.

    Tactics to take advantage of tech layoffs

    Activities

    1.1 Spot check your employee value proposition
    1.2 Update job advertisements
    1.3 Document your talent acquisition process
    1.4 Refine your talent acquisition process

    This step involves the following participants:

    • IT executive leadership
    • IT hiring manager
    • Human resources
    • Marketing/public relations

    Outcomes of this step

    Streamlined talent acquisition process tailored to take advantage of tech layoffs.

    This is an image of the talent acquisition process to take advantage of layoffs. It involves the following fo steps: 1 Prepare organization and job ads for recrtment.  2 Actively track and scan for layoff aivity.  3 Prioritize and screen candidates using salary benchmarks and kwords.  4 Eliminate all unnecessary hiring process steps.

    Requisition: update job ads and secure approval to hire

    Critical steps:

    1. Ensure you have secured budget and hiring approval.
    2. Identify an IT recruitment partner within the IT organization who will be accountable for working with HR throughout the process and who will actively track and scan for recruitment opportunities.
    3. Update your IT job descriptions.
    4. Spot check your employee value proposition (EVP) to appeal to targeted candidates (Exercise 1.1).
    5. Write employee job ads for relevant skills and minimum viable experience (Exercise 1.2).
    6. Work with HR to develop your candidate outreach messages – ensure that your outreach is empathetic, aligns with your EVP, and focuses on welcoming them to apply to a role.

    The approval process to activate a requisition can be one of the longest stages in the talent acquisition process. Ensure all your roles are up to date and approved so you can trigger outreach as soon as news hits; otherwise, you'll be late before you've even begun.

    Your employee value proposition (EVP) is a key tool for attracting and retaining talent

    Any updates to your EVP need to be a genuine reflection of the employee experience at your organization – and should resonate internally and externally.

    Internal (retention) perspective: These characteristics help to retain new and existing talent by ensuring that new hires' expectations are met and that the EVP is experienced throughout the organization.

    External (attraction) perspective: These characteristics help to attract talent and are targeted so the right candidates are motivated to join, while those who aren't a good fit will self-select out.

    McLean & Company's Employee Value Proposition Framework

    This is an image of McLean & Company's Employee Value Proposition Framework.  It is divided into Retain and Attract.  under Retain, are the following three headings: Aligned; Accurate; Aspirational.  Under Attract are: Compelling; Clear; Comprehensive.

    Source: McLean & Company

    1.1 Spot check your EVP

    1-3 hours

    1. Review your existing IT employee value proposition. If you do not have an EVP, see Info-Tech's comprehensive research Improve the IT Recruitment Process to draft a new EVP.
    2. Invite a representative group of employees to participate in a working group to improve your employee value proposition. Ask each participant to brainstorm the top five things they value most about working at the organization.
    3. Consider the following categories: work environment, career advancement, benefits, and ESG and diversity impact. Brainstorm as a group if there is anything unique your organization offers with regard to these categories.
    4. Compare your notes to your existing EVP, identify up to four key statements to focus on for the EVP, ensuring that your EVP speaks to at least one of the categories above. Remove any statements that no longer speak to who you are as an organization or what you offer.

    Input

    • Existing employee value proposition
    • Employee Engagement Surveys (If Available)

    Output

    • Updated employee value proposition

    Materials

    • Whiteboard/flip charts
    • Job ad template

    Participants

    • Representative group of internal employees.
    • HR
    • Marketing/PR (if possible)

    Four critical factors considered by today's job seeker

    1. Be specific about remote work policies: Include verbiage about whether there is an option to work hybrid or remote. 81% of job seekers stated that whether a job is remote, hybrid, or in-person was a top factor in whether they'd accept an offer (Benefits Canada, 2022).
    2. Career advancement and stability: "37% of Gen Z employees and 25% of millennial employees are currently looking for a job that offers career progression transparency — or, in other words, a job with clear opportunities for growth. This is significantly higher than our findings for older generations Gen X (18%) and baby boomers (7%)," (Lattice, 2021).
    3. Unique benefits: Consider your unique benefits – it's not the Big Tech "fun perks" like slides and ping pong that drive interest. Employees are increasingly looking for roles with long-term benefits programs. 90% of job seekers consider higher pension contributions to be a key factor, and 85% are considering bonuses/profit sharing" (Benefits Canada, 2022). Candidates may accept lower total compensation in exchange for flexibility, culture, work/life balance that was lacking in the start-up scene or the mega-vendors' fast-paced world.
    4. ESG and diversity impact: Include details of how the candidate will make a societal impact through their role, and how the company is acting on climate and sustainability. "Nearly two in five [Gen Z's and millennials] say they have rejected a job or assignment because it did not align with their values," (Deloitte Global, 2022).

    Update or establish job ads for candidate outreach

    Take the time up front to update your IT job descriptions and to write effective job advertisements. A job advertisement is an external-facing document that advertises a position with the intent of attracting job applicants. It contains key elements from the job description as well as information on the organization and its EVP. A job description informs a job ad, it doesn't replace it.
    When updating job descriptions and job ads, it's critical that your requirements are an accurate representation of what you need in the position. For the job ads especially, focus on the minimum requirements for the role, highlight your employee value proposition, and ensure that they are using inclusive language.
    Don't be lulled into using a job description as a posting when there's a time crunch to fill a position – use your preparation time to complete this key step.

    Three tips to consider when building a job ad

    Include the minimum desired requirements

    Include the required skills, responsibilities, and certifications required. Instead of looking for a unicorn, look for what you need and a demonstrated ability to learn. 70% of business executives say they are getting creative about sourcing for skills rather than just considering job experience (Deloitte Insights, 2022).

    Strategically include certifications

    When including certifications, ensure you have validated the process to be certified – i.e. if you are hiring for a role with 3-5 years' experience, ensure that the certification does not take 5-10 years of experience be eligible.

    Use inclusive language

    Consider having a review group within your IT organization to ensure the language is inclusive, that the responsibilities don't read as overly complex, and that it is an accurate representation of the organization's culture.

    1.2 Update or build job ads

    1-3 hours

    1. Begin with a copy of the job ad you are looking to fill, if you haven't begun to draft the role, start with Info-Tech's Job Description Library and Info-Tech's Job Ad Template.
    2. Review the job accountabilities, rank each responsibility based on its importance and volume of work. Determine if there are any responsibilities that are uncommon to be executed by the role and remove unnecessary responsibilities.
    3. For each of the job accountabilities, identify if there is a level of experience, knowledge or competency that would be the minimum bar for a candidate. Remove technical skills, specific technologies, and competencies that aren't directly relevant to the role, responsibilities or values.
    4. Review the education and requirements, and ensure that any certification or educational background is truly needed or suggested.
    5. Use the checklist on the following tab to review and update your job ad.

    Input

    • Job description
    • Employee value proposition
    • Job ad template

    Output

    • Completed job ad

    Materials

    • Whiteboard/flip charts
    • Web share

    Participants

    • Representative group of internal employees.
    • HR
    • Marketing/PR (if possible)

    1.2 Job ad checklist:

    A job ad needs to be two things: effective and inclusive.

    Effective

    The job ad does include:

    The organization's logo.
    Description of the organization.
    Information about benefits.
    A link to the organization's website and social media platforms.
    Steps in the application process and what candidates can expect.

    The job ad:

    Paints an accurate picture of key aspects of the role.
    Tells a story to show potential candidates how the role and organization will fit into their career path (outlines potential career paths, growth opportunities, training, etc.).
    Does not contain too many details and tasks that would overwhelm applicants.
    Highlights the employer brand in a manner that conveys the EVP and markets the organization to attract potential applicants.
    Includes creative design or formatting to make the ad stand out.
    The job ad speaks to the audience by using targeted language (e.g. using creative language when recruiting for a creative role).
    The job ad has been reviewed by HR, Marketing, PR.

    Inclusive

    The job ad does NOT include:

    Industry jargon or abbreviations that are not spelled out.
    Personality characteristics and unnecessary adjectives that would deter qualified candidates (e.g. extroverted, aggressive, competitive).
    A list of specific academic disciplines or schools, GPA requirements, or inflated degree requirements.

    The job ad:

    Uses gender-neutral language and does not contain terms that indicate traits that are typically associated with a specific gender.
    Can be viewed and applications can be completed on mobile devices.
    Focuses on results, day-to-day requirements, competencies, and transferrable skills.
    Includes design that is accessible (e.g. alternative text is provided for images, clear posting structure with headings, color is not used to convey information).

    Sourcing: Set up news trackers and review layoff source lists

    • Set up news and social media trackers to track layoff updates, and ensure you have an IT staff member on standby to complete a more detailed opportunity analysis when layoffs happen.
    • Use layoff source lists such as Layoffs.fyi to actively track organizations that have laid people off, noting the industry, location, and numbers in order to identify potential candidates. Limit your future analysis to locations that would be geographically possible to hire from.
    • Review open-source lists of laid-off employees to quickly identify potential candidates for your organization.
    • Many organizations that have completed layoffs have established outplacement programs to help laid-off staff find new roles. Set a plan in motion with HR to reach out to organizations once a layoff has occurred to understand their layoff support program.

    The key to successful sourcing is for IT to take an active role in identifying which organizations impacted by layoffs would be a good fit, and to quickly respond by searching open-source lists and LinkedIn to reach out potential candidates.

    Consider leveraging open-source lists

    Layoffs.fyi has been tracking and reporting on layoffs since the start of COVID-19. While they are not an official source of information, the site has more than a million views per month and is a strong starting point for IT leaders looking to source candidates from tech layoffs beyond the big organizations that are making the news.

    The site offers a view of companies with layoffs by location, industry, and the source of the info. Additionally, it often lists the names and contact information of laid-off employees, which you can leverage to start your deeper LinkedIn outreach or candidate screening.

    This is an image of two screenshots of open source lists from Layoffs.fyi

    Screenshots from Layoffs.fyi.

    Screening: Prioritize by considering salary benchmarks and keywords

    • Determine a set of consistent pre-screening questions to leverage while screening candidates, which every candidate must answer, including knockout questions.
    • Prioritize by going for salary ranges you can afford: It is important to be aware of what companies are paying within the tech arena, so you know if your salary bands are within a competitive range.
    • Pre-screen resumes using appropriate keywords that are critical for the role, and widen the terms if you do not have enough candidates. Given the pool you are looking to recruit from, consider removing criteria specifically related to education or certifications; instead, prioritize skills and on-the-job experience.

    Screening is one of the most time-consuming stages of the TA process. For each open position, it can take 23 hours to screen resumes (Toolbox, 2021). In fact, 52% of TA leaders believe that screening candidates from a large pool of applicants is the hardest part of recruitment (Ideal, 2021).

    Compensation comparison reports

    Keep in mind that the market may be shifting rapidly as layoffs proliferate, so what the data shows, particularly on free-to-use sites with little data-checking, may not be current and may be overstated. Info-Tech does not provide salary analysis; however, there are publicly available reports and online websites with self-reported data.

    This list contains several market data sources for the tech industry, which may be a good starting point for comparison. Info-Tech is not affiliated with or endorsing any of these market data sources.

    Aon Global Cyber Security Compensation and Talent Survey
    Aon – Radford Surveys Radford Global Technology Survey
    Culpepper Comprehensive Compensation Survey Solution for Technology-Focused Companies
    Modis 2022 IT Compensation Guide
    Motion Recruitment 2023 Tech Salary Guide
    Mondo 2022 Salary Guide for roles & jobs across the technology, creative & digital marketing industries.
    Willis Towers Watson Willis Towers Watson Data Services - Artificial Intelligence and Digital Talent
    Willis Towers Watson 2022 Artificial Intelligence and Digital Talent Survey Report - Canada
    Willis Towers Watson 2022 Artificial Intelligence and Digital Talent Survey Report - U.S.
    Michael Page Salary Guide 2022 for the Greater Toronto Area Technology Industry
    Willis Towers Watson Willis Towers Watson Data Services - Tech, Media, and Gaming
    Willis Towers Watson 2022 Tech, Media and Gaming Executive Survey Report - Canada
    Willis Towers Watson 2022 Tech, Media and Gaming Middle Management, Professional and Support Survey Report - Canada
    Willis Towers Watson 2022 Tech, Media and Gaming Executive Survey Report - U.S.
    Willis Towers Watson 2022 Tech, Media and Gaming Middle Management, Professional and Support Survey Report - U.S.

    Work with your HR partner to streamline your talent acquisition process

    A slow talent acquisition process presents multiple risks to your ability to recruit. Candidates are likely having multiple hiring conversations, and you could lose a good candidate just by being slower than another organization. Additionally, long hiring processes are also an indicator of a high level of bureaucracy in an organization, which may turn off tech candidates who are used to faster-paced decision making.

    Reducing your time-to-hire needs to be a strategic priority, and companies that manage to do this are reaping the benefits: There is a statistically significant relationship between time to fill vacant positions and overall IT department effectiveness. The shorter the time to fill a position, the higher the effectiveness (Bika, 2019).

    Key Considerations for Optimizing your Talent Acquisition Process

    Key Considerations for Optimizing your Talent Acquisition Process

    Review the end-to-end experience

    50%

    of job seekers surveyed had "declined a job offer due to poor [candidate] experience," (Echevarria, 2020).

    Reduce the time to hire

    55%

    "of candidates believe that it should take one to two weeks from the first interview to being offered the job," (Duszyński, 2021).

    Be clear on Timelines

    83%

    "of candidates say it would greatly improve the overall experience if employers provided a clear timeline of the hiring process," (Miller, n.d.).

    Time to hire: Identify solutions to drive efficient hiring

    1. Document all steps between screening and hiring and remove any unnecessary steps.
    2. Create clearly defined interview guides to ensure consistent questioning by interviewers.
    3. Enable hiring managers to schedule their own interviews.
    4. Determine who needs to approve an offer. Streamline the number of approvals, if possible.
    5. Eliminate unnecessary background checks. Many companies have eliminated reference checks, for example, after determining that it was it was not adding value to their decision.
    6. Identify and track key metrics across your talent acquisition process.

    It is critical to partner with your HR department on optimizing this process, as they are typically the process owners and will have deep knowledge of the rationale for decisions. Together, you can identify some opportunities to streamline the process and improve the time to hire.

    4.1 Document your TA process

    1-3 hours

    1. If you have a documented talent acquisition process, begin with that; if not, open the IT Talent Acquisition Process Optimization Tool and map the stages of the talent acquisition process with your HR leader. Stages are the top level in the process (e.g. requisition, sourcing, screening).
    2. Identify all the stakeholders involved in IT talent acquisition and document these in the tool.
    3. Next, identify the steps required for each stage. These are more detailed actions that together will complete the stage (e.g. enter requisition into ATS, intake meeting). Ask subject matter experts to add steps to their portion of the process and document these in the cells.
    4. For each step in the stage, record the time required and the number of people who are involved.

    Input

    • Existing talent acquisition (TA) process document
    • Any TA process metrics
    • Info-Tech's Talent Acquisition Process Optimization Tool

    Output

    • Documented TA process

    Materials

    • Info-Tech's Talent Acquisition Process Optimization Tool
    • Whiteboard/flip charts
    • Sticky notes

    Participants

    • HR
    • IT leaders
    • Hiring manager

    Download the IT Talent Acquisition Process Optimization Tool

    Example of steps in each stage of the TA process

    Activities

    Requisition

    Source

    Screen

    Interview & Assess

    Offer

    Background Check

    Vacancy identified Posted on website Resumes screened in system Interviews scheduled Offer letter drafted Reference checks conducted
    Requisition submitted Posted on job boards Resume screened by recruited First round interviews Offer letter sent Medical checks conducted
    Requisition approved Identification of layoff sources Resumed reviewed by hiring manager Assessment Negotiations Other background checks conducted
    Job description updated Review layoff source lists Screening calls Second round interview First date confirmed
    Job ad updated Screening questions developed Candidates selected
    Intake meeting

    4.2 Refine your TA process

    1-3 hours

    1. Collectively identify any:
      1. Inconsistent applications: Activities that are done differently by different participants.
      2. Bottlenecks: A place in the process where activity is constrained and holds up next steps.
      3. Errors: When a mistake occurs requiring extra time, resources, or rework.
      4. Lack of value: An activity that adds little to no value (often a legacy activity).
    2. Work with HR to identify any proposed solutions to improve consistency, reduce bottlenecks, errors, or eliminate steps that lack value. Document your proposed solutions in tab 3 of the IT Talent Acquisition Optimization Tool.
    3. Identify any new steps needed that would drive greater efficiency, including the tactics suggested in this research. Document any proposed solutions in tab 3.
    4. For each proposed solution, evaluate the general level of effort and impact required to move forward with that solution and select the appropriate classification from the drop-down.
    5. Determine if you will move forward with the proposed solution at this time. Update the TA workflow with your decisions.

    Input

    • Existing talent acquisition (TA) process document
    • Any TA process metrics
    • Info-Tech's Talent Acquisition Process Optimization Tool

    Output

    • Documented TA process

    Materials

    • Info-Tech's Talent Acquisition Process Optimization Tool
    • Whiteboard/flip charts
    • Sticky notes

    Participants

    • HR
    • IT leaders
    • Hiring manager

    Use Info-Tech's IT Talent Acquisition Optimization Tool to document current challenges & target solutions.

    Map your process and identify opportunities to streamline

    This is an image of the talent aquisitions workflow page from Info-Tech's Map your process and identify opportunities to streamline

    Brainstorm and select solutions to improve your process

    This is an image of the Effort Analysis page from Info-Tech's Brainstorm and select solutions to improve your process

    Key considerations when optimizing your process

    • Put yourself in each stakeholder's shoes (candidate, HR, hiring manager). Think through what they need from the process.
    • Challenge assumptions and norms. It can be tempting to get caught up in "how we do it today." Think beyond how it is today.
    • Question timing of activities and events. Identify if they are occurring when they need to.
    • Rebalance work to align with priorities. Identify if work can be redistributed or condensed to use time more efficiently.
    • Distinguish when consistency will add value and when there should be process flexibility.
    • Question the value. For each activity, ask "What value does this activity add?"

    Select metrics to measure Talent Acquisition process improvement

    METRICS INFORMATION
    Metric Definition Calculation
    Average applicants per posting The average number of applicants received per post. Number of applications / Number of postings
    Average number of interviews for open job positions Average number of interviews for open job positions. Total number of interviews / Total number of open job positions
    Average external time to fill Average number of calendar days from when the requisition is issued to when a candidate accepts the position from outside the organization. External days to fill / External candidates
    Pipeline throughput Percentage of candidates advancing through to the next stage. (Number of candidates in chosen stage / Number of candidates in preceding stage) * 100
    External offer acceptance rate Percentage of job offers extended to external candidates that were accepted. (Number of job offers that are accepted / Number of job offers extended) * 100
    Percentage of target group hired The percentage of a target group that was hired. Number of FTE hired / Target number of FTE to be hired
    Average time to hire Average number of calendar days between first contact with the candidate and when they accept the offer. Sum of number of days between first contact and offer acceptance / External candidates
    Quality of hire Percentage of new hires achieving a satisfactory appraisal at their first assessment. New hires who achieve a satisfactory rating at their first appraisal / Total number of new hires
    Vacancy rate Percentage of positions being actively recruited for at the end of the reporting period. Count of vacant positions / (Headcount + Vacant positions)

    Bibliography

    "81% of Employees Factoring Hybrid Work Into Job Search: Survey." BenefitsCanada.com, 16 June 2022.
    Andre, Louie. "40 Notable Candidate Experience Statistics: 2023 Job Application Trends & Challenges." Financesonline.Com, 15 Mar. 2023.
    Bika, Nikoletta. "Key Hiring Metrics: Useful Benchmarks for Tech Roles." Recruiting Resources: How to Recruit and Hire Better, 10 Jan. 2019.
    "Bureau of Labor Statistics Labor Market Revisions Contribute to Conflicting Signals in Latest Tech Employment Data, CompTIA Analysis Finds." CompTIA, 3 Feb. 2023. Press release.
    Byrnes, Amy. "ICIMS Insights Workforce Report: Time to Press the Reset Button?" ICIMS | The Leading Cloud Recruiting Software, 1 Dec. 2022.
    Cantrell, Sue, et al. "The Skills-Based Organization: A New Operating Model for Work and the Workforce." Deloitte Insights, 8 Sept. 2022.
    deBara, Deanna. "Top Findings from Lattice's Career Progression Survey." Lattice, 13 Sept. 2021. Accessed 16 Feb. 2023.
    Duszyński, Maciej. "Candidate Experience Statistics (Survey of 1,000+ Americans)." Zety, 14 Oct. 2019.
    Duszyński, Maciej. "Candidate Experience Statistics." Zety, 2021.
    Echevarria, Desiree. "2020 Candidate Experience Report." Career Plug, 17 Mar. 2021.
    Ghosh, Prarthana. "Candidate Screening and Selection Process: The Complete Guide for 2021." Spiceworks, 26 Feb. 2021. Accessed 22 Jun. 2021
    "Introduction - Dice Tech Job Report: Tech Hiring Trends by Location, Industry, Role and Skill." Accessed 16 Feb. 2023.
    Lee, Roger. "Tech Layoff Tracker and Startup Layoff Lists." Layoffs.fyi. Accessed 16 Feb. 2023.
    Miller, Kandace. "Candidate Experience And Engagement Metrics You Should Be Tracking." ConveyIQ, n.d. Accessed 16 Feb. 2023.
    Min, Ji-A. "Resume Screening: A How-To Guide for Recruiters." Ideal, 15 Mar. 2021. Web.
    Palmeri, Shelby. "2023 Candidate Experience Research: Strategies for Recruiting." CareerPlug, 6 Feb. 2023.
    Semenova, Alexandra. "Jobs Report: U.S. Economy Adds 517,000 Jobs in January, Unemployment Rate Falls to 3.4% as Labor Market Stuns." Yahoo!Finance, 3 Feb. 2023.
    Sozzi, Brian. "Big Tech Layoffs: What Companies Such as Amazon and Meta Have in Common." Yahoo!News, 6 Feb. 2023.
    Tarki, Atta. "Despite Layoffs, It's Still a Workers' Labor Market." Harvard Business Review, 30 Jan. 2023.
    The Deloitte Global 2022 Gen Z and Millennial Survey. Deloitte Global, 2022. Accessed 16 Feb. 2023.
    "Uncover the Employee Value Proposition." McLean & Company, 21 Jun. 2022. Accessed 22 Feb. 2023.

    Get Started With IT Project Portfolio Management

    • Buy Link or Shortcode: {j2store}443|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $7,599 Average $ Saved
    • member rating average days saved: 46 Average Days Saved
    • Parent Category Name: Portfolio Management
    • Parent Category Link: /portfolio-management
    • Most companies are struggling to get their project work done. This is due in part to the fact that many prescribed remedies are confusing, disruptive, costly, or ineffective.
    • While struggling to find a solution, within the organization, project requests never stop and all projects continue to all be treated the same. Resources are requested for multiple projects without any visibility into their project capacity. Projects lack proper handoffs from closure to ongoing operational work. And the benefits are never tracked.
    • If you have too many projects, limited resources, ineffective communications, or low post-project adoption, keep reading. Perhaps you should spend a bit more on project, portfolio, and organizational change management.

    Our Advice

    Critical Insight

    • Successful project outcomes are not built by rigorous project processes: Projects may be the problem, but project management rigor is not the solution.
    • Don’t fall into the common trap of thinking high-rigor project management should be every organization’s end goal.
    • Instead, understand that it is better to spend time assessing the portfolio to determine what projects should be prioritized.

    Impact and Result

    Begin by establishing a few foundational practices that will work to drive project throughput.

    • Capacity Estimation: Understand what your capacity is to do projects by determining how much time is allocated to doing other things.
    • Book of Record: Establish a basic but sustainable book of record so there is an official list of projects in flight and those waiting in a backlog or funnel.
    • Simple Project Management Processes: Align the rigor of your project management process with what is required, not what is prescribed by the PMP designation.
    • Impact Assessment: Address the impact of change at the beginning of the project and prepare stakeholders with the right level of communication.

    Get Started With IT Project Portfolio Management Research & Tools

    Start here – read the Executive Brief

    Begin by establishing a few foundational practices that will work to drive project throughput. Most project management problems are resolved with portfolio level solutions. This blueprint will address the eco-system of project, portfolio, and organizational change management.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Project portfolio management

    Estimate project capacity, determine what needs to be tracked on an ongoing basis, and determine what criteria is necessary for prioritizing projects.

    • Project Portfolio Supply-Demand Analysis Tool
    • Project Value Scorecard Development Tool
    • Project Portfolio Book of Record

    2. Project management

    Develop a process to inform the portfolio of the project status, create a plan that can be maintained throughout the project lifecycle, and manage the scope through a change request process.

    • Light Project Change Request Form Template

    3. Organizational change management

    Perform a change impact assessment and identify the obvious and non-obvious stakeholders to develop a message canvas accordingly.

    • Organizational Change Management Triage Tool

    4. Develop an action plan

    Develop a roadmap for how to move from the current state to the target state.

    • PPM Wireframe
    • Project Portfolio Management Foundations Stakeholder Communication Deck
    [infographic]

    Workshop: Get Started With IT Project Portfolio Management

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Project Portfolio Management

    The Purpose

    Establish the current state of the portfolio.

    Organize the portfolio requirements.

    Determine how projects are prioritized.

    Key Benefits Achieved

    Understand project capacity supply-demand.

    Build a portfolio book of record.

    Create a project value scorecard.

    Activities

    1.1 Conduct capacity supply-demand estimation.

    1.2 Determine requirements for portfolio book of record.

    1.3 Develop project value criteria.

    Outputs

    Clear project capacity

    Draft portfolio book of record

    Project value scorecard

    2 Project Management

    The Purpose

    Feed the portfolio with the project status.

    Plan the project work with a sustainable level of granularity.

    Manage the project as conditions change.

    Key Benefits Achieved

    Develop a process to inform the portfolio of the project status.

    Create a plan that can be maintained throughout the project lifecycle and manage the scope through a change request process.

    Activities

    2.1 Determine necessary reporting metrics.

    2.2 Create a work structure breakdown.

    2.3 Document your project change request process.

    Outputs

    Feed the portfolio with the project status

    Plan the project work with a sustainable level of granularity

    Manage the project as conditions change

    3 Organizational Change Management

    The Purpose

    Discuss change accountability.

    Complete a change impact assessment.

    Create a communication plan for stakeholders.

    Key Benefits Achieved

    Complete a change impact assessment.

    Identify the obvious and non-obvious stakeholders and develop a message canvas accordingly.

    Activities

    3.1 Discuss change accountability.

    3.2 Complete a change impact assessment.

    3.3 Create a communication plan for stakeholders.

    Outputs

    Assign accountability for the change

    Assess the change impact

    Communicate the change

    4 Develop an Action Plan

    The Purpose

    Summarize current state.

    Determine target state.

    Create a roadmap.

    Key Benefits Achieved

    Develop a roadmap for how to move from the current state to the target state.

    Activities

    4.1 Summarize current state and target state.

    4.2 Create a roadmap.

    Outputs

    Stakeholder Communication Deck

    MS Project Wireframe

    Create a Horizontally Optimized SDLC to Better Meet Business Demands

    • Buy Link or Shortcode: {j2store}149|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Development
    • Parent Category Link: /development
    • While teams are used to optimizing their own respective areas of responsibility, there is lack of clarity on the overall core SDLC process resulting in applications being released that are of poor quality.
    • Software development teams are struggling to release on time and within budget.
    • Teams do not understand the overall process, are not communicating well, and traceability is hard to achieve.
    • Each team claims to be optimized yet the final deliverable doesn’t reflect the expected quality.

    Our Advice

    Critical Insight

    • Optimizing can make you worse. One cannot just optimize locally – the SDLC must be optimized in its entirety to ensure traceability across the process.
    • Separate process from framework.
      You don’t need to “Go Agile” or follow other industry jargon to effectively optimize your SDLC.
    • SDLC process improvement is ongoing.
      Start with your team’s current capabilities and optimize. You should set expectations that new improvements will always come in the future.

    Impact and Result

    • Use a systematic framework to bring out local optimizations as potential candidates for SDLC optimization.
    • Prioritize those candidates that will aid in optimizing the overall core SDLC process.
    • Create the necessary governance and control structures to sustain the changes.
    • Use Info-Tech tools and templates to accelerate your process optimization.

    Create a Horizontally Optimized SDLC to Better Meet Business Demands Research & Tools

    Start here – read the Executive Brief

    Read this Executive Brief to understand Info-Tech's approach to SDLC optimization and why the SDLC must be optimized in its entirety to ensure traceability across the process.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Document the current state of the SDLC

    This phase of the blueprint will help in understanding the organization's business priorities, documenting the current SDLC process, and identifing current SDLC challenges.

    • Create a Horizontally Optimized SDLC to Better Meet Business Demands – Phase 1: Document the Current State of the SDLC
    • SDLC Optimization Playbook

    2. Define root causes, determine optimization initiatives, and define target state

    This phase of the blueprint, will help with defining root causes, determining potential optimization initiatives, and defining the target state of the SDLC.

    • Create a Horizontally Optimized SDLC to Better Meet Business Demands – Phase 2: Define Root Causes, Determine Optimization Initiatives, and Define Target State

    3. Develop a rollout strategy for SDLC optimization

    This phase of the blueprint will help with prioritizing initiatives in order to develop a rollout strategy, roadmap, and communication plan for the SDLC optimization.

    • Create a Horizontally Optimized SDLC to Better Meet Business Demands – Phase 3: Develop a Rollout Strategy for SDLC Optimization
    • SDLC Communication Template
    [infographic]

    Workshop: Create a Horizontally Optimized SDLC to Better Meet Business Demands

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Document Your Current SDLC

    The Purpose

    Understand SDLC current state.

    Key Benefits Achieved

    Understanding of your current SDLC state and metrics to measure the success of your SDLC optimization initiative.

    Activities

    1.1 Document the key business objectives that your SDLC delivers upon.

    1.2 Document your current SDLC process using a SIPOC process map.

    1.3 Identify appropriate metrics in order to track the effectiveness of your SDLC optimization.

    1.4 Document the current state process flow of each SDLC phase.

    1.5 Document the control points and tools used within each phase.

    Outputs

    Documented business objectives

    Documented SIPOC process map

    Identified metrics to measure the effectiveness of your SDLC optimization

    Documented current state process flows of each SDLC phase

    Documented control points and tools used within each SDLC phase

    2 Assess Challenges and Define Root Causes

    The Purpose

    Understand current SDLC challenges and root causes.

    Key Benefits Achieved

    Understand the core areas of your SDLC that require optimization.

    Activities

    2.1 Identify the current challenges that exist within each SDLC phase.

    2.2 Determine the root cause of the challenges that exist within each SDLC phase.

    Outputs

    Identified current challenges

    Identified root causes of your SDLC challenges

    3 Determine Your SDLC Optimization Initiatives

    The Purpose

    Understand common best practices and the best possible optimization initiatives to help optimize your current SDLC.

    Key Benefits Achieved

    Understand the best ways to address your SDLC challenges.

    Activities

    3.1 Define optimization initiatives to address the challenges in each SDLC phase.

    Outputs

    Defined list of potential optimization initiatives to address SDLC challenges

    4 Define SDLC Target State

    The Purpose

    Define your SDLC target state while maintaining traceability across your overall SDLC process.

    Key Benefits Achieved

    Understand what will be required to reach your optimized SDLC.

    Activities

    4.1 Determine the target state of your SDLC.

    4.2 Determine the people, tools, and control points necessary to achieve your target state.

    4.3 Assess the traceability between phases to ensure a seamlessly optimized SDLC.

    Outputs

    Determined SDLC target state

    Identified people, processes, and tools necessary to achieve target state

    Completed traceability alignment map and prioritized list of initiatives

    5 Prioritize Initiatives and Develop Rollout Strategy

    The Purpose

    Define how you will reach your target state.

    Key Benefits Achieved

    Create a plan of action to achieve your desired target state.

    Activities

    5.1 Gain the full scope of effort required to implement your SDLC optimization initiatives.Gain the full scope of effort required to implement your SDLC optimization initiatives.

    5.2 Identify the enablers and blockers of your SDLC optimization.

    5.3 Define your SDLC optimization roadmap.

    5.4 Create a communication plan to share initiatives with the business.

    Outputs

    Level of effort required to implement your SDLC optimization initiatives

    Identified enablers and blockers of your SDLC optimization

    Defined optimization roadmap

    Completed communication plan to present your optimization strategy to stakeholders

    Position IT to Support and Be a Leader in Open Data Initiatives

    • Buy Link or Shortcode: {j2store}326|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Innovation
    • Parent Category Link: /innovation
    • Open data programs are often seen as unimportant or not worth taking up space in the budget in local government.
    • Open data programs are typically owned by a single open data evangelist who works on it as a side-of-desk project.
    • Having a single resource spend a portion of their time on open data doesn’t allow the open data program to mature to the point that local governments are realizing benefits from it.
    • It is difficult to gain buy-in for open data as it is hard to track the benefits of an open data program.

    Our Advice

    Critical Insight

    • Local government can help push the world towards being more open, unlocking economic benefits for the wider economy.
    • Cities don’t know the solutions to all of their problems often they don’t know all of the problems they have. Release data as a platform to crowdsource solutions and engage your community.
    • Build your open data policies in collaboration with the community. It’s their data, let them shape the way it’s used!

    Impact and Result

    • Level-set expectations for your open data program. Every local government is different in terms of the benefits they can achieve with open data; ensure the business understands what is realistic to achieve.
    • Create a team of open data champions from departments outside of IT. Identify potential champions for the team and use this group to help gain greater business buy-in and gather feedback on the program’s direction.
    • Follow the open data maturity model in order to assess your current state, identify a target state, and assess capability gaps that need to be improved upon.
    • Use industry best practices to develop an open data policy and processes to help improve maturity of the open data program and reach your desired target state.
    • Identify metrics that you can use to track, and communicate the success of, the open data program.

    Position IT to Support and Be a Leader in Open Data Initiatives Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should develop your open data program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Set the foundation for the success of your open data program

    Identify your open data program's current state maturity, and gain buy-in from the business for the program.

    • Position IT to Support and Be a Leader in Open Data Initiatives – Phase 1: Set the Foundation for the Success of Your Open Data Program
    • Open Data Maturity Assessment
    • Open Data Program – IT Stakeholder Powermap Template
    • Open Data in Our City Stakeholder Presentation Template

    2. Grow the maturity of your open data program

    Identify a target state maturity and reach it through building a policy and processes and the use of metrics.

    • Position IT to Support and Be a Leader in Open Data Initiatives – Phase 2: Grow the Maturity of Your Open Data Program
    • Open Data Policy Template
    • Open Data Process Template
    • Open Data Process Descriptions Template
    • Open Data Process Visio Templates (Visio)
    • Open Data Process Visio Templates (PDF)
    • Open Data Metrics Template
    [infographic]

    Workshop: Position IT to Support and Be a Leader in Open Data Initiatives

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Business Drivers for Open Data Program

    The Purpose

    Ensure that the open data program is being driven out from the business in order to gain business support.

    Key Benefits Achieved

    Identify drivers for the open data program that are coming directly from the business.

    Activities

    1.1 Understand constraints for the open data program.

    1.2 Conduct interviews with the business to gain input on business drivers and level-set expectations.

    1.3 Develop list of business drivers for open data.

    Outputs

    Defined list of business drivers for the open data program

    2 Assess Current State and Define Target State of the Open Data Program

    The Purpose

    Understand the gaps between where your program currently is and where you want it to be.

    Key Benefits Achieved

    Identify top processes for improvement in order to bring the open data program to the desired target state maturity.

    Activities

    2.1 Perform current state maturity assessment.

    2.2 Define desired target state with business input.

    2.3 Highlight gaps between current and target state.

    Outputs

    Defined current state maturity

    Identified target state maturity

    List of top processes to improve in order to reach target state maturity

    3 Develop an Open Data Policy

    The Purpose

    Develop a draft open data policy that will give you a starting point when building your policy with the community.

    Key Benefits Achieved

    A draft open data policy will be developed that is based on best-practice standards.

    Activities

    3.1 Define the purpose of the open data policy.

    3.2 Establish principles for the open data program.

    3.3 Develop a rough governance outline.

    3.4 Create a draft open data policy document based on industry best-practice examples.

    Outputs

    Initial draft of open data policy

    4 Develop Open Processes and Identify Metrics

    The Purpose

    Build open data processes and identify metrics for the program in order to track benefits realization.

    Key Benefits Achieved

    Formalize processes to set in place to improve the maturity of the open data program.

    Identify metrics that can track the success of the open data program.

    Activities

    4.1 Develop the roles that will make up the open data program.

    4.2 Create processes for new dataset requests, updates of existing datasets, and the retiring of datasets.

    4.3 Identify metrics that will be used for measuring the success of the open data program.

    Outputs

    Initial draft of open data processes

    Established metrics for the open data program

    IT Organizational Design

    • Buy Link or Shortcode: {j2store}32|cart{/j2store}
    • Related Products: {j2store}32|crosssells{/j2store}
    • member rating overall impact (scale of 10): 9.1/10
    • member rating average dollars saved: $83,392
    • member rating average days saved: 21
    • Parent Category Name: People and Resources
    • Parent Category Link: /people-and-resources

    The challenge

    • IT can ensure full business alignment through an organizational redesign.
    • Finding the best approach for your company is difficult due to many frameworks and competing priorities.
    • External competitive influences and technological trends exacerbate this.

    Our advice

    Insight

    • Your structure is the critical enabler of your strategic direction. Structure dictates how people work together and how they can fill in their roles to create the desired business value. 
    • Constant change is killing for an organization. You need to adapt, but you need a stable baseline and make sure the change is in line with the overall strategy and company context.
    • A redesign is only successful if it really happens. Shifting people into new positions is not enough to implement a redesign. 

    Impact and results 

    • Define your redesign principles. They will act as a manifesto to your change. It also provides for a checklist, ensuring that the structure does not deviate from the business strategy.
    • Visualize the new design with a customized operating model for your company. It must demonstrate how IT creates value and supports the business value creation chains.
    • Define the future-state roles, functions, and responsibilities to enable your IT department to support the business effectively.

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Get started

    Our concise executive brief explains to you the challenges associated with the organizational redesign. We'll show you our methodology and the ways we can help you in completing this.

    Define your organizational design principles and select your operating model

    The design principles will govern your organizational redesign; Align the principles with your business strategy.

    • Redesign Your IT Organizational Structure – Phase 1: Craft Organizational Design Principles and Select an IT Operating Model (ppt)
    • Organizational Design Communications Deck (ppt)

    Customize the selected IT operating model to your company

    Your operating model must account for the company's nuances and culture.

    • Redesign Your IT Organizational Structure – Phase 2: Customize the IT Operating Model (ppt)
    • Operating Models and Capability Definition List (ppt)

    Design the target-state of your IT organizational structure

    Go from an operating model to the structure fit for your company.

    • Redesign Your IT Organizational Structure – Phase 3: Architect the Target-State IT Organizational Structure (ppt)
    • Organizational Design Capability RACI Chart (xls)
    • Work Unit Reference Structures (Visio)
    • Work Unit Reference Structures (pdf)

    Communicate the benefits of the new structure

    Change does not come easy. People will be anxious. Craft your communications to address critical concerns and obtain buy-in from the organization. If the reorganization will be painful, be up-front on that, and limit the time in which people are uncertain.

    • Redesign Your IT Organizational Structure – Phase 4: Communicate the Benefits of the New Organizational Structure (ppt)

     

    Build a Digital Workspace Strategy

    • Buy Link or Shortcode: {j2store}294|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $12,399 Average $ Saved
    • member rating average days saved: 10 Average Days Saved
    • Parent Category Name: End-User Computing Strategy
    • Parent Category Link: /end-user-computing-strategy
    • IT must figure out what a digital workspace is, why they’re building one, and what type they want.
    • Remote work creates challenges that cannot be solved by technology alone.
    • Focusing solely on technology risks building something the business doesn’t want or can’t use.

    Our Advice

    Critical Insight

    Building a smaller digital workspace doesn’t mean that the workspace will have a smaller impact on the business.

    Impact and Result

    • Partner with the business to create a team of digital workspace champions.
    • Empower employees with a tool that makes remote work easier.

    Build a Digital Workspace Strategy Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should partner with the business for building a digital workspace, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify the digital workspace you want to build

    Create a list of benefits that the organization will find compelling and build a cross-functional team to champion the workspace.

    • Build a Digital Workspace Strategy – Phase 1: Identify the Digital Workspace You Want to Build
    • Digital Workspace Strategy Template
    • Digital Workspace Executive Presentation Template

    2. Identify high-level requirements

    Design the digital workspace’s value proposition to drive your requirements.

    • Build a Digital Workspace Strategy – Phase 2: Identify High-Level Requirements
    • Sample Digital Workspace Value Proposition
    • Flexible Work Location Policy
    • Flexible Work Time Policy
    • Flexible Work Time Off Policy
    • Mobile Device Remote Wipe Waiver Template
    • Mobile Device Connectivity & Allowance Policy
    • General Security – User Acceptable Use Policy

    3. Identify initiatives and a high-level roadmap

    Take an agile approach to building your digital workspace.

    • Build a Digital Workspace Strategy – Phase 3: Identify Initiatives and a High-Level Roadmap
    [infographic]

    Workshop: Build a Digital Workspace Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify the Digital Workspace You Want to Build

    The Purpose

    Ensure that the digital workspace addresses real problems the business is facing.

    Key Benefits Achieved

    Defined benefits that will address business problems

    Identified strategic business partners

    Activities

    1.1 Identify the digital workspace’s direction.

    1.2 Prioritize benefits and define a vision.

    1.3 Assemble a team of digital workspace champions.

    Outputs

    Vision statement

    Mission statement

    Guiding principles

    Prioritized business benefits

    Metrics and key performance indicators

    Service Owner, Business Owner, and Project Sponsor role definitions

    Project roles and responsibilities

    Operational roles and responsibilities

    2 Identify Business Requirements

    The Purpose

    Drive requirements through a well-designed value proposition.

    Key Benefits Achieved

    Identified requirements that are based in employees’ needs

    Activities

    2.1 Design the value proposition.

    2.2 Identify required policies.

    2.3 Identify required level of input from users and business units.

    2.4 Document requirements for user experiences, processes, and services.

    2.5 Identify in-scope training and culture requirements.

    Outputs

    Prioritized functionality requirements

    Value proposition for three business roles

    Value proposition for two service provider roles

    Policy requirements

    Interview and focus group plan

    Business process requirements

    Training and culture initiatives

    3 Identify IT and Service Provider Requirements

    The Purpose

    Ensure that technology is an enabler.

    Key Benefits Achieved

    Documented requirements for IT and service provider technology

    Activities

    3.1 Identify systems of record requirements.

    3.2 Identify requirements for apps.

    3.3 Identify information storage requirements.

    3.4 Identify management and security integrations.

    3.5 Identify requirements for internal and external partners.

    Outputs

    Requirements for systems for record

    Prioritized list of apps

    Storage system requirements

    Data and security requirements

    Outsourcing requirements

    Design and Build a User-Facing Service Catalog

    • Buy Link or Shortcode: {j2store}395|cart{/j2store}
    • member rating overall impact (scale of 10): 9.3/10 Overall Impact
    • member rating average dollars saved: $62,821 Average $ Saved
    • member rating average days saved: 29 Average Days Saved
    • Parent Category Name: Service Management
    • Parent Category Link: /service-management
    • Business users don’t know what breadth of services are available to them.
    • It is difficult for business users to obtain useful information regarding services because they are often described in technical language.
    • Business users have unrealistic expectations of what IT can do for them.
    • There is no defined agreement on what is available, so the business assumes everything is.

    Our Advice

    Critical Insight

    • Define services from the business user’s perspective, not IT’s perspective.
      • A service catalog is of no use if a user looks at it and sees a significant amount of information that doesn’t apply to them.
    • Separate the enterprise services from the Line of Business (LOB) services.
      • This will simplify the process of documenting your service definitions and make it easier for users to navigate, which leads to a higher chance of user acceptance.

    Impact and Result

    • Our program helps you organize your services in a way that is relevant to the users, and practical and manageable for IT.
    • Our approach to defining and categorizing services ensures your service catalog remains a living document. You may add or revise your service records with ease.
    • Our program creates a bridge between IT and the business. Begin transforming IT’s perception within the organization by communicating the benefits of the service catalog.

    Design and Build a User-Facing Service Catalog Research & Tools

    Start here – read the Executive Brief

    Read our concise executive brief to understand why building a Service Catalog is a good idea for your business, and how following our approach will help you accomplish this difficult task.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Launch the project

    The Launch the Project phase will walk through completing Info-Tech's project charter template. This phase will help build a balanced project team, create a change message and communication plan, and achieve buy-in from key stakeholders.

    • Design & Build a User-Facing Service Catalog – Phase 1: Launch the Project
    • Service Catalog Project Charter

    2. Identify and define enterprise services

    The Identify and Define Enterprise Services phase will help to target enterprise services offered by the IT team. They are offered to everyone in the organization, and are grouped together in logical categories for users to access them easily.

    • Design & Build a User-Facing Service Catalog – Phase 2: Identify and Define Enterprise Services
    • Sample Enterprise Services

    3. Identify and define Line of Business (LOB) services

    After completing this phase, all services IT offers to each LOB or functional group should have been identified. Each group should receive different services and display only these services in the catalog.

    • Design & Build a User-Facing Service Catalog – Phase 3: Identify and Define Line of Business Services
    • Sample LOB Services – Industry Specific
    • Sample LOB Services – Functional Group

    4. Complete the Services Definition Chart

    Completing the Services Definition Chart will help the business pick which information to include in the catalog. This phase also prepares the catalog to be extended into a technical service catalog through the inclusion of IT-facing fields.

    • Design & Build a User-Facing Service Catalog – Phase 4: Complete Service Definitions
    • Services Definition Chart
    [infographic]

    Workshop: Design and Build a User-Facing Service Catalog

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Launch the Project

    The Purpose

    The purpose of this module is to help engage IT with business decision making.

    Key Benefits Achieved

    This module will help build a foundation for the project to begin. The buy-in from key stakeholders is key to having them take onus on the project’s completion.

    Activities

    1.1 Assemble the project team.

    1.2 Develop a communication plan.

    1.3 Establish metrics for success.

    1.4 Complete the project charter.

    Outputs

    A list of project members, stakeholders, and a project leader.

    A change message, communication strategy, and defined benefits for each user group.

    Metrics used to monitor the usefulness of the catalog, both from a performance and monetary perspective.

    A completed project charter to engage users in the initiative.

    2 Identify and Define Enterprise Services

    The Purpose

    The purpose of this module is to review services which are offered across the entire organization.

    Key Benefits Achieved

    A complete list of enterprise services defined from the user’s perspective to help them understand what is available to them.

    Activities

    2.1 Identify enterprise services used by almost everyone across the organization.

    2.2 Categorize services into logical groups.

    2.3 Define the services from the user’s perspective.

    Outputs

    A complete understanding of enterprise services for both IT service providers and business users.

    Logical groups for organizing the services in the catalog.

    Completed definitions in business language, preferably reviewed by business users.

    3 Identify and Define Line of Business (LOB) Services

    The Purpose

    The purpose of this module is to define the remaining LOB services for business users, and separate them into functional groups.

    Key Benefits Achieved

    Business users are not cluttered with LOB definitions that do not pertain to their business activities.

    Business users are provided with only relevant IT information.

    Activities

    3.1 Identify the LOBs.

    3.2 Determine which one of two methodologies is more suitable.

    3.3 Identify LOB services using appropriate methodology.

    3.4 Define services from a user perspective.

    Outputs

    A structured view of the different functional groups within the business.

    An easy to follow process for identifying all services for each LOB.

    A list of every service for each LOB.

    Completed definitions in business language, preferably reviewed by business users.

    4 Complete the Full Service Definitions

    The Purpose

    The purpose of this module is to guide the client to completing their service record definitions completely.

    Key Benefits Achieved

    This module will finalize the deliverable for the client by defining every user-facing service in novice terms.

    Activities

    4.1 Understand the components to each service definition (information fields).

    4.2 Pick which information to include in each definition.

    4.3 Complete the service definitions.

    Outputs

    A selection of information fields to be included in the service catalog.

    A selection of information fields to be included in the service catalog.

    A completed service record design, ready to be implemented with the right tool.

    Further reading

    Design and Build a User-Facing Service Catalog

    Improve user satisfaction with IT with a convenient menu-like catalog.

    Our understanding of the problem

    This Research Is Designed For:

    • CIOs
    • Directors and senior managers within IT and the business

    This Research Will Help You:

    • Articulate all of the services IT provides to the business in a language the business users understand.
    • Improve IT and business alignment through a common understanding of service features and IT support.

    This Research Will Help Them

    • Standardize and communicate how users request access to services.
    • Standardize and communicate how users obtain support for services.
    • Clearly understand IT’s role in providing each service.

    What is a service catalog?

    The user-facing service catalog is the go-to place for IT service-related information.

    The catalog defines, documents, and organizes the services that IT delivers to the organization. The catalog also describes the features of the services and how the services are intended to be used.

    The user-facing service catalog creates benefits for both the business and IT.

    For business users, the service catalog:

    1. Documents how to request access to the service, hours of availability, delivery timeframes, and customer responsibilities.
    2. Specifies how to obtain support for the services, support hours, and documentation.

    For IT, the service catalog:

    1. Identifies who owns the services and who is authorized to use the services.
    2. Specifies IT support requirements for the services, including support hours and documentation.

    What is the difference between a user-facing service catalog and a technical service catalog?

    This blueprint is about creating a user-facing service catalog written and organized in a way that focuses on the services from the business’ view.

    User facing

    User-friendly, intuitive, and simple overview of the services that IT provides to the business.

    The items you would see on the menu at a restaurant are an example of User Facing. The content is relatable and easy to understand.

    Technical

    Series of technical workflows, supporting services, and the technical components that are required to deliver a service.

    The recipe book with cooking instructions is an example of Technical Facing. This catalog is intended for the IT teams and is “behind the scene.”

    What is a service and what does it mean to be service oriented?

    The sum of the people, processes, and technologies required to enable users to achieve a business outcome is a Service.

    A service is used directly by the end users and is perceived as a coherent whole.

    Business Users →Service = Application & Systems + People & Processes

    Service Orientation is…

    • A focus on business requirements and business value, rather than IT driven motives.
    • Services are designed to enable required business activities.
    • Services are defined from the business perspective using business language.

    In other words, put on your user hat and leave behind the technical jargons!

    A lack of a published user-facing service catalog could be the source of many pains throughout your organization

    IT Pains

    • IT doesn’t understand all the services they provide.
    • Business users would go outside of IT for solutions, proliferating shadow IT.
    • Business users have a negative yet unrealistic perception of what IT is capable of.
    • IT has no way of managing expectations for their users, which tend to inflate.
    • There is often no defined agreement on services; the business assumes everything is available.

    Business Pains

    • Business users don’t know what services are available to them.
    • It is difficult to obtain useful information regarding a service because IT always talks in technical language.
    • Without a standard process in place, business users don’t know how to request access to a service with multiple sources of information available.
    • Receiving IT support is a painful, long process and IT doesn’t understand what type of support the business requires.

    An overwhelming majority of IT organizations still need to improve how they demonstrate their value to the business

    This image contains a pie chart with a slice representing 23% of the circle This image contains a pie chart with a slice representing 47% of the circle This image contains a pie chart with a slice representing 92% of the circle

    23% of IT is still viewed as a cost center.

    47% of business executives believe that business goals are going unsupported by IT.

    92% of IT leaders see the need to prove the business value of IT’s contribution.

    How a Service Catalog can help:

    Use the catalog to demonstrate how IT is an integral part of the organization and IT services are essential to achieve business objectives.

    Source: IT Communication in Crisis Report

    Transform the perception of IT by articulating all the services that are provided through the service catalog in a user-friendly language.

    Source: Info-Tech Benchmarking and Diagnostic Programs

    Increase IT-business communication and collaboration through the service catalog initiative. Move from technology focused to service-oriented.

    Source: IT Communication in Crisis Report

    Project Steps

    Phase 1 – Project Launch

    1.2 Project Team

    The team must be balanced between representatives from the business and IT.

    1.2 Communication Plan

    Communication plan to facilitate input from both sides and gain adoption.

    1.3 Identify Metrics

    Metrics should reflect the catalog benefits. Look to reduced number of service desk inquiries.

    1.4 Project Charter

    Project charter helps walk you through project preparation.

    This blueprint separates enterprise service from line of business service.

    This image contains a comparison between Enterprise IT Service and Line of Business Service, which will be discussed in further detail later in this blueprint.

    Project steps

    Phase 2 – Identify and Define Enterprise Services

    2.1 Identify the services that are used across the entire organization.

    2.2 Users must be able to identify with the service categories.

    2.3 Create basic definitions for enterprise services.

    Phase 3 – Identify and Define Line of Business Services

    3.1 Identify the different lines of business (LOBs) in the organization.

    3.2 Understand the differences between our two methodologies for identifying LOB services.

    3.3 Use methodology 1 if you have thorough knowledge of the business.

    3.4 Use methodology 2 if you only have an IT view of the LOB.

    Phase 4 – Complete Service Definitions

    4.1 Understand the different components to each service definition, or the fields in the service record.

    4.2 Identify which information to include for each service definition.

    4.3 Define each enterprise service according to the information and field properties.

    4.3 Define each LOB service according to the information and field properties.

    Define your service catalog in bundles to achieve better catalog design in the long run

    Trying to implement too many services at once can be overwhelming for both IT and the users. You don’t have to define and implement all of your services in one release of the catalog.

    Info-Tech recommends implementing services themselves in batches, starting with enterprise, and then grouping LOB services into separate releases. Why? It benefits both IT and business users:

    • It enables a better learning experience for IT – get to test the first release before going full-scale. In other words, IT gets a better understanding of all components of their deliverable before full adoption.
    • It is easier to meet customer agreements on what is to be delivered early, and easier to be able to meet those deadlines.
    This image depicts how you can use bundles to simplify the process of catalog design using bundles. The cycle includes the steps: Identify Services; Select a Service Bundle; Review Record Design; followed by a cycle of: Pick a service; Service X; Service Data Collection; Create Service Record, followed by Publish the bundle; Communicate the bundle; Rinse and Repeat.

    After implementing a service catalog, your IT will be able to:

    Use the service catalog to communicate all the services that IT provides to the business.

    Improve IT’s visibility within the organization by creating a single source of information for all the value creating services IT has to offer. The service catalog helps the business understand the value IT brings to each service, each line of business, and the overall organization.

    Concentrate more on high-value IT services.

    The service catalog contains information which empowers business users to access IT services and information without the help of IT support staff. The reduction in routine inquiries decreases workload and increases morale within the IT support team, and allows IT to concentrate on providing higher value services.

    Reduce shadow IT and gain control of services.

    Service catalog brings more control to your IT environment by reducing shadow IT activities. The service catalog communicates business requests responsively in a language the business users understand, thus eliminating the need for users to seek outside help.

    After implementing a service catalog, your business will be able to:

    Access IT services with ease.

    The language of IT is often confusing for the business and the users don’t know what to do when they have a concern. With a user-facing service catalog, business users can access information through a single source of information, and better understand how to request access or receive support for a service through clear, consistent, and business-relevant language.

    Empower users to self-serve.

    The service catalog enables users to “self-serve” IT services. Instead of calling the service desk every time an issue occurs, the users can rely on the service catalog for information. This simplified process not only reduces routine service requests, but also provides information in a faster, more efficient manner that increases productivity for both IT and the business.

    Gain transparency on the IT services provided.

    With every service clearly defined, business users can better understand the current support level, communicate their expectation for IT accountability, and help IT align services with critical business strategies.

    Leverage the different Info-Tech deliverable tools to help you along the way

    1. Project Charter

    A project charter template with a few samples completed. The project charter helps you govern the project progress and responsibilities.

    2. Enterprise Service Definitions

    A full list of enterprise definitions with features and descriptions pre-populated. These are meant to get you on your feet defining your own enterprise services, or editing the ones already there.

    3. Basic Line of Business Service Definitions

    Similar to the enterprise services deliverable, but with two separate deliverables focusing on different perspectives – functional groups services (e.g. HR and finance) and industry-specific services (e.g. education and government).

    Service Definitions & Service Record Design

    Get a taste of a completed service catalog with full service definitions and service record design. This is the final product of the service catalog design once all the steps and activities have been completed.

    The service catalog can be the foundation of your future IT service management endeavors

    After establishing a catalog of all IT services, the following projects are often pursued for other objectives. Service catalog is a precursor for all three.

    1. Technical Service Catalog

    Need an IT-friendly breakdown of each service?
    Keep better record of what technical components are required to deliver a service. The technical service catalog is the IT version of a user-facing catalog.

    2. Service-Based Costing

    Want to know how much each IT service is costing you?
    Get a better grip on the true cost of IT. Using service-based costing can help justify IT expenses and increase budgetary allotment.

    3. Chargeback

    Want to hold each business unit accountable for the IT services they use?
    Some business units abuse their IT services because they are thought to be free. Keep them accountable and charge them for what they use.

    The service catalog need not be expensive – organizations of all sizes (small, medium, large) can benefit from a service catalog

    No matter what size organization you may be, every organization can create a service catalog. Small businesses can benefit from the catalog the same way a large organization can. We have an easy step-by-step methodology to help introduce a catalog to your business.

    It is common that users do not know where to go to obtain services from IT… We always end up with a serious time-crunch at the beginning of a new school year. With automated on- and off-boarding services, this could change for the better.Dean Obermeyer, Technology Coordinator, Los Alamos Public Schools

    CIO Call to Action

    As the CIO and the project sponsor, you need to spearhead the development of the service catalog and communicate support to drive engagement and adoption.

      Start

    1. Select an experienced project leader
    2. Identify stakeholders and select project team members with the project leader
    3. Throughout the project

    4. Attend or lead the project kick-off meeting
    5. Create checkpoints to regularly touch base with the project team
    6. Service catalog launch

    7. Communicate the change message from beginning to implementation

    Identify a project leader who will drive measurable results with this initiative

    The project leader acts on behalf of the CIO and must be a senior level staff member who has extensive knowledge of the organization and experiences marshalling resources.

    Influential & Impactful

    Developing a service catalog requires dedication from many groups within IT and outside of IT.
    The project leader must hold a visible, senior position and can marshal all the necessary resources to ensure the success of the project. Ability to exert impact and influence around both IT and the business is a must.

    Relationship with the Business

    The user-facing service catalog cannot be successful if business input is not received.
    The project leader must leverage his/her existing relationship with the business to test out the service definitions and the service record design.

    Results Driven

    Creating a service catalog is not an easy job and the project leader must continuously engage the team members to drive results and efficiency.
    The highly visible nature of the service catalog means the project leader must produce a high-quality outcome that satisfies the business users.

    Info-Tech’s methodology helps organization to standardize how to define services

    CASE STUDY A
    Industry Municipal Government
    Source Onsite engagement

    Municipal Government
    The IT department of a large municipal government in the United States provides services to a large number of customers in various government agencies.
    Service Catalog Initiative
    The municipal government allocated a significant amount of resources to answer routine inquiries that could have been avoided through user self-service. The government also found that they do not organize all the services IT provides, and they could not document and publish them to the customer. The government has already begun the service catalog initiative, but was struggling with how to identify services. Progress was slow because people were arguing amongst themselves – the project team became demoralized and the initiative was on the brink of failure.
    Results
    With Info-Tech’s onsite support, the government was able to follow a standardized methodology to identify and define services from the user perspective. The government was able to successfully communicate the initiative to the business before the full adoption of the service catalog.

    We’re in demos with vendors right now to purchase an ITSM tool, and when the first vendor looked at our finished catalog, they were completely impressed.- Client Feedback

    [We feel] very confident. The group as a whole is pumped up and empowered – they're ready to pounce on it. We plan to stick to the schedule for the next three months, and then review progress/priorities. - Client Feedback

    CASE STUDY B
    Industry Healthcare
    Source Onsite engagement

    Healthcare Provider
    The organization is a healthcare provider in Canada. It treats patients with medical emergencies, standard operations, and manages a faculty of staff ranging from nurses and clerks, to senior doctors. This organization is run across several hospitals, various local clinics, and research centers.
    Service Catalog Initiative
    Because the organization is publicly funded, it is subject to regular audit requirements – one of which is to have a service catalog in place.
    The organization also would like to charge back its clients for IT-related costs. In order to do this, the organization must be able to trace it back to each service. Therefore, the first step would be to create a user-facing service catalog, followed by the technical service catalog, which then allows the organization to do service-based costing and chargeback.
    Results
    By leveraging Info-Tech’s expertise on the subject, the healthcare provider was able to fast-track its service catalog development and establish the groundwork for chargeback abilities.

    "There is always some reticence going in, but none of that was apparent coming out. The group dynamic was very good. [Info-Tech] was able to get that response, and no one around the table was silent.
    The [expectation] of the participants was that there was a purpose in doing the workshop. Everybody knew it was for multiple reasons, and everyone had their own accountability/stakes in the development of it. Highly engaged."
    - Client Feedback

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Launch the Project

    Identify Enterprise Services

    Identify Line of Business Services

    Complete Service Definitions

    Best-Practice Toolkit

    1.1 Assemble the project team.

    1.2 Develop a communication plan.

    1.3 Establish metrics for success.

    1.4 Complete the project charter.

    2.1 Identify services available organization-wide.

    2.2 Categorize services into logical groups.

    2.3 Define the services.

    3.1 Identify different LOBs.

    3.2 Pick one of two methodologies.

    3.3 Use method to identify LOB services.

    4.1 Learn components to each service definition.

    4.2 Pick which information to include in each definition.

    4.3 Define each service accordingly.

    Guided Implementations Identify the project leader with the appropriate skills.

    Assemble a well-rounded project team.

    Develop a mission statement and change messages.

    Create a comprehensive list of enterprise services that are used across the organization.

    Create a categorization scheme that is based on the needs of the business users.

    Walk through the two Info-Tech methodologies and understand which one is applicable.

    Define LOB services using the appropriate methodology.

    Decide what should be included and what should be kept internal for the service record design.

    Complete the full service definitions.

    Onsite Workshop Phase 1 Results:

    Clear understanding of project objectives and support obtained from the business.

    Phase 2 Results:

    Enterprise services defined and categorized.

    Phase 3 Results:

    LOB services defined based on user perspective.

    Phase 4 Results:

    Service record designed according to how IT wishes to communicate to the business.

    Workshop overview

    Contact your account representative or email Workshops@InfoTech.com for more information.

    Workshop Day 1 Workshop Day 2 Workshop Day 3 Workshop Day 4
    Activities

    Launch the Project

    Identify Enterprise Services

    Identify Line of Business Services

    Complete Service Definitions

    1.1 Assemble the project team.

    1.2 Develop a communication plan.

    1.3 Establish metrics for success.

    1.4 Complete the project charter.

    2.1 Identify services available organization-wide.

    2.2 Categorize services into logical groups.

    2.3 Define the services.

    3.1 Identify different LOBs.

    3.2 Pick one of two methodologies.

    3.3 Use method to identify LOB services.

    4.1 Learn components to each service definition.

    4.2 Pick which information to include in each definition.

    4.3 Define each service accordingly.

    Deliverables
    • Service Catalog Project Charter
    • Enterprise Service Definitions
    • LOB Service Definitions – Functional groups
    • LOB Service Definitions – Industry specific
    • Service Definitions Chart

    PHASE 1

    Launch the Project

    Design & Build a User-Facing Service Catalog

    Step 1 – Create a project charter to launch the initiative

    1. Complete the Project Charter
    2. Create Enterprise Services Definitions
    3. Create Line of Business Services Definitions
    4. Complete Service Definitions

    This step will walk you through the following activities:

    • Develop a mission statement to obtain buy-ins from both IT and business stakeholders.
    • Assemble a well-rounded project team to increase the success of the project.
    • Identify and obtain support from stakeholders.
    • Create an impactful change message to the organization to promote the service catalog.
    • Determine project metrics to measure the effectiveness and value of the initiative.

    Step Insights

    • The project leader must have a strong relationship with the business, the ability to garner user input, and the authority to lead the team in creating a user-facing catalog that is accessible and understandable to the user.
    • Having two separate change messages prepared for IT and the business is a must. The business change message advocates how the catalog will make IT more accessible to users, and the IT message centers around how the catalog will make IT’s life easier through a standardized request process.

    Phase 1 outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 1: Launch the project
    Proposed Time to Completion: 2 weeks
    Step 1.2: Create change messages

    Step 1.2: Create change messages

    Start with an analyst kick off call:

    • Identify the key objectives of creating a user-facing service catalog.
    • Identify the necessary members of the project team.

    Review findings with analyst:

    • Prioritize project stakeholders according to their involvement and influence.
    • Create a change message for IT and the business articulating the benefits.

    Then complete these activities…

  • Assemble a team with representatives from all areas of IT.
  • Identify the key project stakeholders.
  • Create a project mission statement.
  • Then complete these activities…

  • Create a separate change message for IT and the business.
  • Determine communication methods and channels.
  • With these tools & templates: Service

    Catalog Project Charter

    With these tools & templates:

    Service Catalog Project Charter

    Use Info-Tech’s Service Catalog Project Charter to begin your initiative

    1.1 Project Charter

    The following section of slides outline how to effectively use Info-Tech’s sample project charter.

    The Project Charter is used to govern the initiative throughout the project. IT should provide the foundation for project communication and monitoring.

    It has been pre-populated with information appropriate for Service Catalog projects. Please review this sample text and change, add, or delete information as required.

    Building the charter as a group will help you to clarify your key messages and help secure buy-in from critical stakeholders upfront.

    You may feel like a full charter isn’t necessary, and depending on your organizational size, it might not be. However, the exercise of building the charter is important none-the-less. No matter your current climate, some elements of communicating the value and plans for implementing the catalog will be necessary.

    The Charter includes the following sections:

    • Mission Statement
    • Project team members
    • Project stakeholders
    • Change message
    • Communication and organizational plan
    • Metrics

    Use Info-Tech’s Service Catalog Project Charter.

    Create a mission statement to articulate the purpose of this project

    The mission statement must be compelling because embarking on creating a service catalog is no easy task. It requires significant commitment from different people in different areas of the business.

    Good mission statements are directive, easy to understand, narrow in focus, and favor substance over vagueness.

    While building your mission statement, think about what it is intended to do, i.e. keep the project team engaged and engage others to adopt the service catalog. Included in the project charter’s mission statement section is a brief description of the goals and objectives of the service catalog.

    Ask yourself the following questions:

    1. What frustrations does your business face regarding IT services?
    2. f our company continues growing at this rate, will IT be able to manage service levels?
    3. How has IT benefited from consolidating IT services into a user perspective?

    Project Charter

    Info-Tech’s project charter contains two sample mission statements, along with additional tips to help you create yours.

    Tackle the project with a properly assembled team to increase the speed and quality in which the catalog will be created

    Construct a well-balanced project team to increase your chances of success.

    Project Leader

    Project leader will be the main catalyst for the creation of the catalog. This person is responsible for driving the whole initiative.

    Project Participants

    IT project participants’ input and business input will be pivotal to the creation of the catalog.

    Project Stakeholders

    The project stakeholders are the senior executives who have a vested interest in the service catalog. IT must produce periodic and targeted communication to these stakeholders.

    Increase your chances of success by creating a dynamic group of project participants

    Your project team will be a major success factor for your service catalog. Involvement from IT management and the business is a must.

    IT Team Member

    IT Service Desk Manager

    • The Service Desk team will be an integral part of the service catalog creation. Because of their client-facing work, service desk technicians can provide real feedback about how users view and request services.

    Senior Manager/Director of Application

    • The Application representative provides input on how applications are used by the business and supported by IT.

    Senior Manager/Director of Infrastructure

    • The infrastructure representative provides input on services regarding data storage, device management, security, etc.

    Business Team Member

    Business IT Liaison

    • This role is responsible for bridging the communication between IT and the business. This role could be fulfilled by the business relationship manager, service delivery manager, or business analyst. It doesn’t have to be a dedicated role; it could be part of an existing role.

    Business representatives from different LOBs

    • Business users need to validate the service catalog design and ensure the service definitions are user facing and relevant.

    Project Charter

    Input your project team, their roles, and relevant contact information into your project charter, Section 2.

    Identify the senior managers who are the stakeholders for the service catalog

    Obtain explicit buy-in from both IT and business stakeholders.

    The stakeholders could be your biggest champions for the service catalog initiative, or they could pull you back significantly. Engage the stakeholders at the start of the project and communicate the benefits of the service catalog to them to gain their approval.

    Stakeholders

    Benefits

    CIO
    • Improved visibility and perception for IT
    • Ability to better manage business expectation

    Manager of Service Desk

    • Reduced number of routine inquires
    • Respond to business needs faster and uniformly

    Senior Manager/Director of Application & Infrastructure

    • Streamlined and standardized request/support process
    • More effective communication with the business

    Senior Business Executives from Major LOBs

    • Self-service increases user productivity for business users
    • Better quality of services provided by IT

    Project Charter

    Document a list of stakeholders, their involvement in the process (why they are stakeholders), and their contact information in Section 3.

    Articulate the creation of the service catalog to the organization

    Spread the word of service catalog implementation. Bring attention to your change message through effective mediums and organizational changes.

    Key aspects of a communication plan

    The methods of communication (e.g. newsletters, email broadcast, news of the day, automated messages) notify users of implementation.

    In addition, it is important to know who will deliver the message (delivery strategy). Talking to the business leaders is very important, and you need IT executives to deliver the message. Work hard on obtaining their support as they are the ones communicating to their staff and could be your project champions.

    Recommended organizational changes

    The communication plan should consist of changes that will affect the way users interact with the catalog. Users should know of any meetings pertinent to the maintenance and improvement of the catalog, and ways to access the catalog (e.g. link on desktop/start menu).

    This image depicts the cycle of communicating change. the items in the cycle include: What is the change?; Why are we doing it?; How are we going to go about it?; What are we trying to achieve?; How often will we be updated?

    The Qualities of Leadership: Leading Change

    Project Charter

    Your communication plan should serve as a rough guide. Communication happens in several unpredictable happenstances, but the overall message should be contained within.

    Ensure you get the whole company on board for the service catalog with a well practiced change message

    The success of your catalog implementation hinges on the business’ readiness.

    One of the top challenges for organizations that are implementing a service catalog is the acceptance and adoption of the change. Effective planning for implementation and communication is pivotal. Ensure you create tailored plans for communication and understand how the change will impact staff.

    1. Draft your change message
    2. “Better Service, Better Value.” It is important to have two change messages prepared: one for the IT department and one for business users.
      Outline a few of the key benefits each user group will gain from adopting the service catalog (e.g. Faster, ease of use, convenient, consistent…)

    3. Address feedback
    4. Anticipate some resistances of service catalog adoption and prepare responses. These may be the other benefits which were not included in the change message (e.g. IT may be reluctant to think in business language.)

    5. Conduct training sessions
    6. Host lunch & learns to demonstrate the value of the service catalog to both business and IT user groups.
      These training sessions also serve as a great way to gather feedback from users regarding style and usability.

    Project Charter

    Pick your communication medium, and then identify your target audience. You should have a change message for each: the IT department and the business users. Pay careful consideration to wording and phrasing with regard for each.

    Track metrics throughout the project to keep stakeholders informed

    In order to measure the success of your service catalog, you must establish baseline metrics to determine how much value the catalog is creating for your business.

    1. Number of service requests via the service catalog
    2. The number of service catalog requests should be carefully monitored so that it does not fluctuate too greatly. In general, the number of requests via the service catalog should increase, which indicates a higher level of self-serve.

    3. Number of inquiry calls to the service desk
    4. The number of inquiry calls should decrease because customers are able to self-serve routine IT inquiries that would otherwise have gone through the service desk.

    5. Customer satisfaction – specific questions
    6. The organization could adopt the following sample survey questions:
      From 0-5: How satisfied are you with the functionality of the service catalog? How often do you turn to the service catalog first to solve IT problems?

    7. Number of non-standard requests
    8. The number of non-standard requests should decrease because a majority of services should eventually be covered in the service catalog. Users should be able to solve nearly any IT related problem through navigating the service catalog.

    Metric Description Current Metric Future Goal
    Number of service requests via the Service Catalog
    Number of inquiry calls to the service desk
    Customer Satisfaction – specific question
    Number of non-standard requests

    Use metrics to monitor the monetary improvements the service catalog creates for the business

    When measuring against your baseline, you should expect to see the following two monetary improvements:

    1. Improved service desk efficiency
    2. (# of routine inquiry calls reduced) x (average time for a call) x (average service desk wage)

      Routine inquiries often take up a significant portion of the service desk’s effort, and the majority of them can be answered via the service catalog, thus reducing the amount of time required for a service desk employee to engage in routine solutions. The reduction in routine inquiries allows IT to allocate resources to high-value services and provide higher quality of support.

    Example

    Originally, the service desk of an organization answers 850 inquiries per month, and around 540 of them are routine inquiries requesting information on when a service is available, who they can contact if they want to receive a service, and what they need to do if they want access to a service, etc.

    IT successfully communicated the introduction of the service catalog to the business and 3 months after the service catalog was implemented, the number of routine inquiries dropped to 60 per month. Given that the average time for IT to answer the inquiry is 10 minutes (0.167 hour) and the hourly wage of a service desk technician is $25, the monthly monetary cost saving of the service catalog is:

    (540 – 60) x 0.167 x 25 = $2004.00

    • Reduced expense by eliminating non-standard requests

    (Average additional cost of non-standard request) x (Reduction of non-standard request)
    +
    (Extra time IT spends on non-standard request fulfilment) x (Average wage)

    Non-standard requests require a lot of time, and often a lot of money. IT frequently incurs additional cost because the business is not aware of how to properly request service or support. Not only can the service catalog standardize and streamline the service request process, it can also help IT define its job boundary and say no to the business if needed.

    Example

    The IT department of an organization often finds itself dealing with last-minute, frustrating service requests from the business. For example, although equipment requests should be placed a week in advance, the business often requests equipment to be delivered the next day, leaving IT to pay for additional expedited shipping costs and/or working fanatically to allocate the equipment. Typically, these requests happen 4 times a month, with an additional cost of $200.00. IT staff work an extra 6 hours per each non-standard request at an hourly wage of $30.00.

    With the service catalog, the users are now aware of the rules that are in place and can submit their request with more ease. IT can also refer the users to the service catalog when a non-standard request occurs, which helps IT to charge the cost to the department or not meet the terms of the business.

    The monthly cost saving in this case is:

    $200.00 x 4 + 6 hours x 30 = $980.00

    Create your project charter for the service catalog initiative to get key stakeholders to buy in

    1.1 2-3 hours

    The project charter is an important document to govern your project process. Support from the project sponsors is important and must be documented. Complete the following steps working with Info-Tech’s sample Project Charter.

    1. The project leader and the core project team must identify key reasons for creating a service catalog. Document the project objectives and benefits in the mission statement section.
    2. Identify and document your project team. The team must include representatives from the Infrastructure, Applications, Service desk, and a Business-IT Liaison.
    3. Identify and document your project stakeholders. The stakeholders are those who have interest in seeing the service catalog completed. Stakeholders for IT are the CIO and management of different IT practices. Stakeholders for the business are executives of different LOBs.
    4. Identify your target audience and choose the communication medium most effective to reach them. Draft a communication message hitting all key elements.
      Info-Tech’s project charter contains sample change messages for the business and IT.
    5. Develop a strategy as to how the change message will be distributed, i.e. the communication and organizational change plan.
    6. Use the metrics identified as a base to measure your service catalog’s implementation. If you have identified any other objectives, add new metrics to monitor your progress from the baseline to reaching those objectives.
    7. Sign and date the project charter to officiate commitment to completing the project and reaching your objectives. Have the signed and dated charter available to members of the project team.

    INPUT

    • A collaborative discussion between team members

    OUTPUT

    • Thorough briefing for project launch
    • A committed team

    Materials

    • Communication message and plan
    • Metric tracking

    Participants

    • Project leader
    • Core project team

    Obtain buy-in from business users at the beginning of the service catalog initiative

    CASE STUDY A
    Industry Government
    Source Onsite engagement

    Challenge

    The nature of government IT is quite complex: there are several different agencies located in a number of different areas. It is extremely important to communicate the idea of the service catalog to all the users, no matter the agency or location.

    The IT department had yet to let business leaders of the various agencies know about the initiative and garner their support for the project. This has proven to be prohibitive for gaining adoption from all users.

    Solution

    The IT leaders met and identified all the opportunities to communicate the service catalog to the business leaders and end users.

    To meet with the business leaders, IT leaders hosted a service level meeting with the business directors and managers. They adopted a steering committee for the continuation of the project.

    To communicate with business users, IT leaders published announcements on the intranet website before releasing the catalog there as well.

    Results

    Because IT communicated the initiative, support from business stakeholders was obtained early and business leaders were on board shortly after.

    IT also managed to convince key business stakeholders to become project champions, and leveraged their network to communicate the initiative to their employees.

    With this level of adoption, it meant that it was easier for IT to garner business participation in the project and to obtain feedback throughout.

    Info-Tech assists project leader to garner support from the project team

    CASE STUDY A
    Industry Government
    Source Onsite engagement

    Challenge

    The project received buy-in from the CIO and director of infrastructure. Together they assembled a team and project leader.

    The two struggled to get buy-in from the rest of the team, however. They didn’t understand the catalog or its benefits and objectives. They were reluctant to change their old ways. They didn’t know how much work was required from them to accomplish the project.

    Solution

    With the Info-Tech analyst on site, the client was able to discuss the benefits within their team as well as the project team responsibilities.

    The Info-Tech analyst convinced the group to move towards focusing on a business- and service-oriented mindset.

    The workshop discussion was intended to get the entire team on board and engaged with meeting project objectives.

    Results

    The project team had experienced full buy-in after the workshop. The CIO and director relived their struggles of getting project members on-board through proper communication and engagement.

    Engaging the members of the project team with the discussion was key to having them take ownership in accomplishing the project.

    The business users understood that the service catalog was to benefit their long-term IT service development.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.
    The following are sample activities that will be conducted by Info-Tech analysts with your team:
    1.1 this image contains a screenshot from section 1.1 of this blueprint. Begin your project with a mission statement
    A strong mission statement that outlines the benefits of the project is needed to communicate the purpose of the project. The onsite Info-Tech analysts will help you customize the message and establish the foundation of the project charter.
    1.2 this image contains a screenshot from section 1.2 of this blueprint.

    Identify project team members

    Our onsite analysts will help you identify high-value team members to contribute to this project.

    1.3 This image contains a screenshot from section 1.3 of this blueprint.

    Identify important business and IT stakeholders

    Buy-in from senior IT and business management is a must. Info-Tech will help you identify the stakeholders and determine their level of influence and impact.

    1.4 This image contains a screenshot from section 1.4 of this blueprint.

    Create a change message for the business and IT

    It is important to communicate changes early and the message must be tailored for each target audience. Our analysts will help you create an effective message by articulating the benefits of the service catalog to the business and to IT.

    1.5 This image contains a screenshot from section 1.5 of this blueprint.

    Determine service project metrics

    To demonstrate the value of the service catalog, IT must come up with tangible metrics. Info-Tech’s analysts will provide some sample metrics as well as facilitate a discussion around which metrics should be tracked and monitored.

    PHASE 2

    Identify and Define Enterprise Services

    Design & Build a User-Facing Service Catalog

    Step 2 – Create Enterprise Services Definitions

    1. Complete the Project Charter
    2. Create Enterprise Services Definitions
    3. Create Line of Business Services Definitions
    4. Complete Service Definitions

    This step will walk you through the following activities:

    • Identify and define enterprise services that are commonly used across the organization.
    • Create service descriptions and features to accurately sum up the functionality of each service.
    • Create service categories and assign each service to a category.

    Step Insights

    • When defining services, be sure to carefully distinguish between what is a feature and what is a service. Often, separate services are defined in situations when they would be better off as features of existing services, and vice versa.
    • When coming up with enterprise services categories, ensure the categories group the services in a way that is intuitive. The users should be able to find a service easily based on the names of the categories.

    Phase 2 outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 2: Define Enterprise Services
    Proposed Time to Completion: 4 weeks

    Step 2.1: Identify enterprise services

    Step 2.2: Create service categories

    Start with an analyst kick off call:

    • Identify enterprise services that are commonly used.
    • Ensure the list is comprehensive and capture common IT needs.
    • Create service descriptions and features.

    Review findings with analyst:

    • Review full list of identified enterprise services.
    • Identify service categories that are intuitive to the users.

    Then complete these activities…

    • Use Info-Tech’s sample enterprise service definitions as a guide, and change/add/delete the service definitions to customize them to your organization.

    Then complete these activities…

    • Group identified services into categories that are intuitive to the users.

    With these tools & templates: Service

    Sample Enterprise Services

    With these tools & templates:

    Sample Enterprise Services

    Identify enterprise services in the organization apart from the services available to lines of business

    Separating enterprise services from line of business services helps keep things simple to organize the service catalog. -

    Documentation of all business-facing IT services is an intimidating task, and a lack of parameters around this process often leads to longer project times and unsatisfactory outcomes.

    To streamline this process, separating enterprise services from line of business services allows IT to effectively and efficiently organize these services. This method increases the visibility of the service catalog through user-oriented communication plans.

    Enterprise Services are common services that are used across the organization.

    1. Common Services for all users within the organization (e.g. Email, Video Conferencing, Remote Access, Guest Wireless)
    2. Service Requests organized into Service Offerings (e.g. Hardware Provisioning, Software Deployment, Hardware Repair, Equipment Loans)
    3. Consulting Services (e.g. Project Management, Business Analysis, RFP Preparation, Contract Negotiation)

    All user groups access Enterprise Services

    Enterprise Services

    • Finance
    • IT
    • Sales
    • HR

    Ensure your enterprise services are defined from the user perspective and are commonly used

    If you are unsure whether a service is enterprise wide, ask yourself these two questions:

    This image contains an example of how you would use the two questions: Does the user directly use the service themselves?; and; Is the service used by the entire organization (or nearly everyone)?. The examples given are: A. Video Conferencing; B. Exchange Server; C. Email & Fax; D. Order Entry System

    Leverage Info-Tech’s Sample Enterprise Services definition

    2.1 Info-Tech’s Sample Enterprise Services definitions

    Included with this blueprint is Info-Tech’s Sample Enterprise Services definitions.

    The sample contains dozens of services common across most organizations; however, as a whole, they are not complete for every organization. They must be modified according to the business’ needs. Phase two will serve as a guide to identifying an enterprise service as well as how to fill out the necessary fields.

    This image contains a screenshot of definitions from Info-Tech's Sample Enterprises services

    Info-Tech Insight

    Keep track of which services you either modify or delete. You will have to change the same services in the final Info-Tech deliverable.

    The next slide will introduce you to the information for each service record that can be edited.

    Info-Tech’s Sample Enterprise Services definitions is designed to be easily customized

    2.1 Info-Tech’s Sample Enterprise Services definitions

    Below is an example of a service record and its necessary fields of information. This is information that can be kept, deleted, or expanded upon.

    Name the service unambiguously and from the user’s perspective.

    Brief description of how the service allows users to perform tasks.

    Describe the functionality of the service and how it helps users to achieve their business objectives.

    Cluster the services into logical groups.

    Service Name Description Features Category
    Email Email communication to connect with other employees, suppliers, and customers
    • Inbox
    • Calendar
    • Resource Scheduling (meeting rooms)
    • Access to shared mailboxes
    • Limit on mailbox size (‘x’ GB)
    • Address book/external contacts
    • Spam filtering, virus protection
    • Archiving and retrieval of older emails
    • Web/browser access to email
    • Mass email/notification (emergency, surveys, reporting)
    • Setting up a distribution list
    • Setting up Active Sync for email access on mobile devices
    Communications

    Distinguish between a feature and a unique service

    It can be difficult to determine what is considered a service itself, and what is a feature of another service. Use these tips and examples below to help you standardize this judgement.

    Example 1

    Web Conferencing has already been defined as a service. Is Audio Conferencing its own service or a feature of Web Conferencing?

    Info-Tech Tip: Is Audio Conferencing run by the same application as the Web Conferencing? Does it use the same equipment? If not, Audio Conferencing is probably its own service.

    Example 2

    Web Conferencing has already been defined as a service. Is “Screen Sharing” its own service or a feature of Web Conferencing?

    Info-Tech Tip: It depends on how the user interacts with Screen Sharing. Do they only screen share when engaged in a Web Conference? If so, Screen Sharing is a feature and not a service itself.

    Example 3

    VoIP is a popular alternative to landline telephone nowadays, but should it be part of the telephony service or a separate service?

    Info-Tech Tip: It depends on how the VoIP phone is set up.

    If the user uses the VoIP phone the same way they would use a landline phone – because the catalog is user facing – consider the VoIP as part of the telephone service.

    If the user uses their computer application to call and receive calls, consider this a separate service on its own.

    Info-Tech Insight

    While there are some best practices for coming up with service definitions, it is not an exact science and you cannot accommodate everyone. When in doubt, think how most users would perceive the service.

    Change or delete Info-Tech’s enterprise services definitions to make them your own

    2.1 3 hours

    You need to be as comprehensive as possible and try to capture the entire breadth of services IT provides to the business.

    To achieve this, a three-step process is recommended.

    1. First, assemble your project team. It is imperative to have representatives from the service desk. Host two separate workshops, one with the business and one with IT. These workshops should take the form of focus groups and should take no more than 1-2 hours.
    2. Business Focus Group:
    • In an open-forum setting, discuss what the business needs from IT to carry out their day-to-day activities.
    • Engage user-group representatives and business relationship managers.

    IT Focus Group:

    • In a similar open-forum setting, determine what IT delivers to the business. Don’t think about it from a support perspective, but from an “ask” perspective – e.g. “Service Requests.
    • Engage the following individuals: team leads, managers, directors.
  • Review results from the focus groups and compare with your service desk tickets – are there services users inquire about frequently that are not included? Finalize your list of enterprise services as a group.
  • INPUT

    • Modify Info-Tech’s sample services

    OUTPUT

    • A list of some of your business’ enterprise services

    Materials

    • Whiteboard/marker
    • Info-Tech sample enterprise services

    Participants

    • Key members of the project team
    • Service desk rep
    • Business rep

    Using Info-Tech’s Sample Enterprise Services, expand upon the services to add those that we did not include

    2.2 1-3 hours (depending on size and complexity of the IT department)

    Have your user hat on when documenting service features and descriptions. Try to imagine how the users interact with each service.

    1. Once you have your service name, start with the service feature. This field lists all the functionality the service provides. Think from the user’s perspective and document the IT-related activities they need to complete.
    2. Review the service feature fields with internal IT first to make sure there isn’t any information that IT doesn’t want to publish. Afterwards, review with business users to ensure the language is easy to understand and the features are relatable.
    3. Lastly, create a high-level service description that defines the nature of the service in one or two sentences.

    INPUT

    • Collaborate and discuss to expand on Info-Tech’s example

    OUTPUT

    • A complete list of your business’ enterprise services

    Materials

    • Whiteboard/marker
    • Info-Tech sample enterprise services

    Participants

    • Key members of the project team
    • Service desk rep
    • Business rep

    Follow Info-Tech’s guidelines to establish categories for the enterprise services that IT provides to the business

    Similar to the services and their features, there is no right or wrong way to categorize. The best approach is to do what makes sense for your organization and understand what your users think.

    What are Service Categories?

    Categories organize services into logical groups that the users can identify with. Services with similar functions are grouped together in a common category.

    When deciding your categories, think about:

    • What is best for the users?
    • Look at the workflows from the user perspective: how and why do they use the service?
    • Will the user connect with the category name?
    • Will they think about the services within the category?
    Enterprise Service Categories
    Accounts and Access
    Collaboration
    Communication
    Connectivity
    Consulting
    Desktop, Equipment, & Software
    Employee Services
    Files and Documents
    Help & Support
    Training

    Sample categories

    Categorize the services from the list below; how would you think to group them?

    There is no right or wrong way to categorize services; it is subjective to how they are provided by IT and how they are used by the business. Use the aforementioned categories to group the following services. Sample solutions are provided on the following slide.

    Service Name
    Telephone
    Email
    Remote access
    Internet
    BYOD (wireless access)
    Instant Messaging
    Video Conferencing
    Audio Conferencing
    Guest Wi-Fi
    Document Sharing

    Tips and tricks:

    1. Think about the technology behind the service. Is it the same application that provides the services? For example: is instant messaging run by the same application as email?
    2. Consider how the service is used by the business. Are two services always used together? If instant messaging is always used during video conferencing, then they belong in the same category.
    3. Consider the purpose of the services. Do they achieve the same outcomes? For example, document sharing is different from video conferencing, though they both support a collaborative working environment.

    This is a sample of different categorizations – use these examples to think about which would better suit your business

    Example 1 Example 2

    Desktop, Equipment, & Software Services

    Connectivity

    Mobile Devices

    Communications

    Internet

    Telephone

    BYOD (wireless access)

    Telephone

    Guest Wi-Fi

    Internet

    Email

    Remote Access

    Instant Messaging

    Video Conferencing

    Audio Conferencing

    Communications

    Collaboration

    Storage and Retrieval

    Accounts and Access

    Telephone

    Email

    Document Sharing

    Remote access

    Email

    Instant Messaging

    Connectivity

    Mobile Devices

    Video Conferencing

    Internet

    BYOD (wireless access)

    Audio Conferencing

    Guest Wi-Fi

    Guest Wi-Fi

    Document Sharing

    Info-Tech Insight

    Services can have multiple categories only if it means the users will be better off. Try to limit this as much as possible.

    Neither of these two examples are the correct answer, and no such thing exists. The answers you came up with may well be better suited for the users in your business.

    With key members of your project team, categorize the list of enterprise services you have created

    2.3 1 hour

    Before you start, you must have a modified list of all defined enterprise services and a modified list of categories.

    1. Write down the service names on sticky notes and write down the categories either on the whiteboard or on the flipchart.
    2. Assign the service to a category one at a time. For each service, obtain consensus on how the users would view the service and which category would be the most logical choice. In some cases, discuss whether a service should be included in two categories to create better searchability for the users.
    3. If a consensus could not be reached on how to categorize a service, review the service features and category name. In some cases, you may go back and change the features or modify or create new categories if needed.

    INPUT

    • Collaborate and discuss to expand on Info-Tech’s example

    OUTPUT

    • A complete list of your business’ enterprise services

    Materials

    • Whiteboard/marker
    • Info-Tech sample enterprise services

    Participants

    • Key members of the project team
    • Service desk rep
    • Business rep

    Accounts & Access Services

    • User ID & Access
    • Remote Access
    • Business Applications Access

    Communication Services

    • Telephone
    • Email
    • Mobile devices

    Files & Documents

    • Shared Folders
    • File Storage
    • File Restoration
    • File Archiving

    Collaboration

    • Web Conferencing
    • Audio Conferencing
    • Video Conferencing
    • Chat
    • Document Sharing

    Employee Services

    • Onboarding & Off Boarding
    • Benefits Self Service
    • Time and Attendance
    • Employee Records Management

    Help & Support

    • Service Desk
    • Desk Side Support
    • After Hours Support

    Desktop, Equipment, & Software

    • Printing
    • Hardware Provisioning
    • Software Provisioning
    • Software Support
    • Device Move
    • Equipment Loaner

    Education & Training Services

    • Desktop Application Training
    • Corporate Application Training
    • Clinical Application Training
    • IT Training Consultation

    Connectivity

    • BYOD (wireless access)
    • Internet
    • Guest Wi-Fi

    IT Consulting Services

    • Project Management
    • Analysis
    • RFP Reviews
    • Solution Development
    • Business Analysis/Requirements Gathering
    • RFI/RFP Evaluation
    • Security Consulting & Assessment
    • Contract Management
    • Contract Negotiation

    IT department identifies a comprehensive list of enterprise services

    CASE STUDY A
    Industry Government
    Source Onsite engagement

    Challenge

    Because of the breadth of services IT provides across several agencies, it was challenging to identify what was considered enterprise beyond just the basic ones (email, internet, etc.)

    IT recognized that although the specific tasks of service could be different, there are many services that are offered universally across the organization and streamlining the service request and delivery process would reduce the burden on IT.

    Solution

    The client began with services that users interact with on a daily basis; this includes email, wireless, telephone, internet, printing, etc.

    Then, they focused on common service requests from the users, such as software and hardware provisioning, as well as remote access.

    Lastly, they began to think of other IT services that are provided across the organization, such as RFP/RFI support, project management analysis, employee onboarding/off-boarding, etc.

    Results

    By going through the lists and enterprise categories, the government was able to come up with a comprehensive list of all services IT provides to the business.

    Classifying services such as onboarding meant that IT could now standardize IT services for new recruits and employee termination.

    By capturing all enterprise services offered to the organization, IT centralized its management of services instead of having scattered request processes.

    Organization distinguishes features from services using Info-Tech’s tips and techniques

    CASE STUDY B
    Industry Government
    Source Onsite engagement

    Challenge

    For some services, the project team had difficulty deciding on what was a service and what was a feature. They found it hard to distinguish between a service with features or multiple services.

    For example, the client struggled to define the Wi-Fi services because they had many different user groups and different processes to obtain the service. Patients, visitors, doctors, researchers, and corporate employees all use Wi-Fi, but the service features for each user group were different.

    Solution

    The Info-Tech analyst came on-site and engaged the project team in a discussion around how the users would view the services.

    The analyst also provided tips and techniques on identifying services and their features.

    Because patients and visitors do not access Wi-Fi or receive support for the service in the same way as clinical or corporate employees, Wi-Fi was separated into two services (one for each user group).

    Results

    Using the tips and techniques that were provided during the onsite engagement, the project team was able to have a high degree of clarity on how to define the services by articulating who the authorized users are, and how to access the process.

    This allowed the group to focus on the users’ perspective and create clear, unambiguous service features so that users could clearly understand eligibility requirements for the service and how to request them.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts

    this is a picture of an Info-Tech Analyst

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.
    The following are sample activities that will be conducted by Info-Tech analysts with your team:
    2.1 This image contains a screenshot from section 2.1 of this blueprint.

    Understand what enterprise services are

    The project team must have a clear understanding of what qualifies as an enterprise service. The onsite analysts will also promote a user-oriented mindset so the catalog focuses on business needs.

    2.2 this image contains a screenshot from section 2.2 of this blueprint.

    Identify enterprise services

    The Info-Tech analysts will provide a list of ready-to-use services and will work with the project team to change, add, and delete service definitions and to customize the service features.

    2.3 this image contains a screenshot from section 2.3 of this blueprint.

    Identify categories for enterprise services

    The Info-Tech analyst will again emphasize the importance of being service-oriented rather than IT-oriented. This will allow the group to come up with categories that are intuitive to the users.

    PHASE 3

    Identify and Define Line of Business Services

    Design & Build a User-Facing Service Catalog

    Step 3 – Create Line of Business Services Definitions

    1. Complete the Project Charter
    2. Create Enterprise Services Definitions
    3. Create Line of Business Services Definitions
    4. Complete Service Definitions

    This step will walk you through the following activities:

    • Identify lines of business (LOB) within the organization as well as the user groups within the different LOBs.
    • Determine which one of Info-Tech’s two approaches is more suitable for your IT organization.
    • Define and document LOB services using the appropriate approach.
    • Categorize the LOB services based on the organization’s functional structure.

    Step Insights

    • Collaboration with the business significantly strengthens the quality of line of business service definitions. A significant amount of user input is crucial to create impactful and effective service definitions.
    • If a strong relationship with the business is not in place, IT can look at business applications and the business activities they support in order to understand how to define line of business services.

    Phase 3 outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 3: Define LOB Services

    Proposed Time to Completion: 4 weeks

    Step 3.1: Identify LOB services

    Step 3.2: Define LOB services

    Start with an analyst kick off call:

    • Identify enterprise services that are commonly used.
    • Ensure the list is comprehensive and capture common IT needs.
    • Create service descriptions and features.

    Review findings with analyst:

    • Use either the business view or the IT view methodology to identify and define LOB services.

    Then complete these activities…

    • Select one of the methodologies and either compile a list of business applications or a list of user groups/functional departments.

    Then complete these activities…

    • Validate the service definitions and features with business users.

    With these tools & templates: Service

    LOB Services – Functional Group
    LOB Services – Industry Specific

    With these tools & templates:

    LOB Services – Functional Group
    LOB Services – Industry Specific

    Communicate with your business users to get a clear picture of each line of business

    Within a business unit, there are user groups that use unique applications and IT services to perform business activities. IT must understand which group is consuming each service to document to their needs and requirements. Only then is it logical to group services into lines of business.

    Covering every LOB service is a difficult task. Info-Tech offers two approaches to identifying LOB services, though we recommend working alongside business user groups to have input on how each service is used directly from the users. Doing so makes the job of completing the service catalog easier, and the product more detailed and user friendly.

    Some helpful questions to keep in mind when characterizing user groups:

    • Where do they fall on the organizational chart?
    • What kind of work do they do?
    • What is included in their job description?
    • What are tasks that they do in addition to their formal responsibilities?
    • What do they need from IT to do their day-to-day tasks?
    • What does their work day look like?
    • When, why, and how do they use IT services?

    Info-Tech Insight

    With business user input, you can answer questions as specific as “What requirements are necessary for IT to deliver value to each line of business?” and “What does each LOB need in order to run their operation?”

    Understand when it is best to use one of Info-Tech’s two approaches to defining LOB services

    1. Business View

    Business View is the preferred method for IT departments with a better understanding of business operations. This is because they can begin with input from the user, enabling them to more successfully define every service for each user group and LOB.

    In addition, IT will also have a chance to work together with the business and this will improve the level of collaboration and communication. However, in order to follow this methodology, IT needs to have a pre-established relationship with the business and can demonstrate their knowledge of business applications.

    2. IT View

    The IT view begins with considering each business application used within the organization’s lines of business. Start with a broad view, following with a process of narrowing down, and then iterate for each business application.

    This process leads to each unique service performed by every application within the business’ LOBs.

    The IT view does not necessarily require a substantial amount of information about the business procedures. IT staff are capable of deducing what business users often require to maintain their applications’ functionality.

    Use one of Info-Tech’s two methodologies to help you identify each LOB service

    Choose the methodology that fits your IT organization’s knowledge of the business.

    This image demonstrates a comparison between the business view of service and the IT View of Service. Under the Business View, the inputs are LOB; User Groups; and Business Activity. Under the IT View, the inputs are Business Application and Functionality, and the outputs are Business Activity; User Groups; and LOB.

    1. Business View

    If you do have knowledge of business operations, using the business view is the better option and the service definition will be more relatable to the users.

    2. IT View

    For organizations that don’t have established relationships with the business or detailed knowledge of business activities, IT can decompose the application into services. They have more familiarity and comfort with the business applications than with business activities.

    It is important to continue after the service is identified because it helps confirm and solidify the names and features. Determining the business activity and the user groups can help you become more user-oriented.

    Identifying LOB services using Info-Tech’s Business View method

    We will illustrate the two methodologies with the same example.

    If you have established an ongoing relationship with the business and you are familiar with their business operations, starting with the LOB and user groups will ensure you cover all the services IT provides to the business and create more relatable service names.

    This is a screenshot of an example of the business view of Service.

    Identifying LOB services using Info-Tech’s IT View method

    If you want to understand what services IT provides to the Sales functional group, and you don’t have comprehensive knowledge of the department, you need to start with the IT perspective.

    This is a screenshot of an example of the business view of Service.

    Info-Tech Insight

    If you are concerned about the fact that people always associate a service with an application, you can include the application in the service name or description so users can find the service through a search function.

    Group LOB services into functional groups as you did enterprise services into categories

    3.1 Sample Line of Business Services Definitions – Functional Groups & Industry Examples

    Like categories for enterprise services in Phase Two, LOB services are grouped into functional groups. Functional groups are the components of an organizational chart (HR, Finance, etc.) that are found in a company’s structure.

    Functional Groups

    Functional groups enable a clear view for business users of what services they need, while omitting services that do not apply to them. This does not overwhelm them, and provides them with only relevant information.

    Industry Services

    To be clear, industry services can be put into functional groups.

    Info-Tech provides a few sample industry services (without their functional group) to give an idea of what LOB service is specific to these industries. Try to extrapolate from these examples to create LOB services for your business.

    Use Info-Tech’s Sample LOB Services – Functional Group and Sample LOB Services – Industry Specific documents.

    This is a screenshot of Info-Tech's Functional Group Services

    Info-Tech Insight

    Keep track of which services you either modify or delete. You will have to change the same services in the final Info-Tech deliverable.

    Identify the user group and business activity within each line of business – Business view

    3.1 30-45 minutes per line of business

    Only perform this activity if you have a relationship with the business that can enable you to generate business input on service identifications and definitions.

    In a group of your project participants, repeat the sequence for each LOB.

    1. Brainstorm each user group within the LOB that is creating value for the business by performing functional activities.
    2. Think of what each individual end user must do to create their value. Think of the bigger picture rather than specifics at this point. For example, sales representatives must communicate with clients to create value.
    3. Now that you have each user group and the activities they perform, consider the specifics of how they go about doing that activity. Consider each application they use and how much they use that application. Think of any and all IT services that could occur as a result of that application usage.

    INPUT

    • A collaborative discussion (with a business relationship)

    OUTPUT

    • LOB services defined from the business perspective

    Materials

    • Sticky notes
    • Whiteboard/marker

    Participants

    • Members of the project team
    • Representatives from the LOBs

    Identify the user group and business activity within each line of business – IT view

    3.1 30-45 minutes per application

    Only perform this activity if you cannot generate business input through your relationships, and must begin service definitions with business applications.

    In a group of your project participants, repeat the sequence for each application.

    1. Brainstorm all applications that the business provides through IT. Cross out the ones that provide enterprise services.
    2. In broad terms, think about what the application is accomplishing to create value for the business from IT’s perspective. What are the modules? Is it recording interactions with the clients? Each software can have multiple functionalities.
    3. Narrow down each functionality performed by the application and think about how IT helps deliver that value. Create a name for the service that the users can relate to and understand.
    4. → Optional

    5. Now go beyond the service and think about the business activities. They are always similar to IT’s application functionality, but from the user perspective. How would the user think about what the application’s functionality to accomplish that particular service is? At this point, focus on the service, not the application.
    6. Determine the user groups for each service. This step will help you complete the service record design in phase 4. Keep in mind that multiple user groups may access one service.

    INPUT

    • A collaborative discussion (without a business relationship)

    OUTPUT

    • LOB services defined from the IT perspective

    Materials

    • Sticky notes
    • Whiteboard/marker

    Participants

    • Members of the project team

    You must review your LOB service definitions with the business before deployment

    Coming up with LOB service definitions is challenging for IT because it requires comprehension of all lines of business within the organization as well as direct interaction with the business users.

    After completing the LOB service definitions, IT must talk to the business to ensure all the user groups and business activities are covered and all the features are accurate.

    Here are some tips to reviewing your LOB Service Catalog generated content:

    • If you plan to talk to a business SME, plan ahead to help complete the project in time for rollout.
    • Include a business relationship manager on the project team to facilitate discussion if you do not have an established relationship with the business.

    Sample Meeting Agenda

    Go through the service in batches. Present 5-10 related services to the business first. Start with the service name and then focus on the features.

    In the meeting, discuss whether the service features accurately sum up the business activities, or if there are missing key activities. Also discuss whether certain services should be split up into multiple services or combined into one.

    Organization identifies LOB services using Info-Tech’s methodologies

    CASE STUDY A
    Industry Government
    Source Onsite engagement

    Challenge

    There were many users from different LOBs, and IT provided multiple services to all of them. Tracking them and who had access to what was difficult.

    IT didn’t understand who provided the services (service owner) and who the customers were (business owner) for some of the services.

    Solution

    After identifying the different Lines of Business, they followed the first approach (Business View) for those that IT had sufficient knowledge of in terms of business operations:

    1. Identified lines of business
    2. Identified user groups
    3. Identified business activities

    For the LOBs they weren’t familiar with, they used the IT view method, beginning with the application:

    1. Identified business apps
    2. Deduced the functionalities of each application
    3. Traced the application back to the service and identified the service owner and business owner

    Results

    Through these two methodologies, IT was able to define services according to how the users both perceive and utilize them.

    IT was able to capture all the services it provides to each line of business effectively without too much help from the business representatives.

    By capturing all enterprise services offered to the organization, IT centralized its management of services instead of having scattered request processes.

    Info-Tech helps organization to identify LOB services using the IT View

    CASE STUDY B
    Industry Healthcare
    Source Onsite engagement

    Challenge
    The organization uses a major application containing several modules used by different users for various business activities.

    The challenge was to break down the application into multiple services in a way that makes sense to the business users. Users should be able to find services specific to them easily.

    Therefore, the project team must understand how to map the modules to different services and user groups.


    Solution
    The project team identified the major lines of business and took various user groups such as nurses and doctors, figured out their daily tasks that require IT services, and mapped each user-facing service to the functionality of the application.

    The project team then went back to the application to ensure all the modules and functionalities within the application were accounted for. This helped to ensure that services for all user groups were covered and prepared to be released in the catalog.


    Results
    Once the project team had come up with a comprehensive list of services for each line of business, they were able to sit with the business and review the services.

    IT was also able to use this opportunity to demonstrate all the services it provides. Having all the LOB services demonstrates IT has done its preparation and can show the value they help create for the business in a language the users can understand. The end result was a strengthened relationship between the business and the IT department.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts

    This is a picture of an Info-Tech Analyst

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.
    The following are sample activities that will be conducted by Info-Tech analysts with your team:
    3.1 this image contains a screenshot from section 3.1 of this blueprint.

    Understand what Line of Business services are

    The onsite analysts will provide a clear distinction between enterprise services and LOB services. The analysts will also articulate the importance of validating LOB services with the business.

    3.2 this image contains a screenshot from section 3.2 of this blueprint.

    Identify LOB services using the business’ view

    There are two methods for coming up with LOB services. If IT has comprehensive knowledge of the business, they can identify the services by outlining the user groups and their business activities.

    3.3 This image contains a screenshot from section 3.3 of this blueprint.

    Identify LOB services using IT’s view

    If IT does not understand the business and cannot obtain business input, Info-Tech’s analysts will present the second method, which allows IT to identify services with more comfortability through business applications/systems.

    3.4 This image contains a screenshot from section 3.4 of this blueprint.

    Categorize the LOB services into functional groups

    The analysts will help the project team categorize the LOB services based on user groups or functional departments.

    PHASE 4

    Complete Service Definitions

    Design & Build a User-Facing Service Catalog

    Step 4: Complete service definitions and service record design

    1. Complete the Project Charter
    2. Create Enterprise Services Definitions
    3. Create Line of Business Services Definitions
    4. Complete Service Definitions

    This step will walk you through the following activities:

    • Select which fields of information you would like to include in your service catalog design.
    • Determine which fields should be kept internal for IT use only.
    • Complete the service record design with business input if possible.

    Step Insights

    • Don’t overcomplicate the service record design. Only include the pieces of information the users really need to see.
    • Don’t publish anything that you don’t want to be held accountable for. If you are not ready, keep the metrics and costs internal.
    • It is crucial to designate a facilitator and a decision maker so confusions and disagreements regarding service definitions can be resolved efficiently.

    Phase 3 outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 4: Complete service definitions
    Proposed Time to Completion (in weeks): 4 weeks

    Step 4.1: Design service record

    Step 4.2: Complete service definitions

    Start with an analyst kick off call:

    • Review Info-Tech’s sample service record and determine which fields to add/change/delete.
    • Determine which fields should be kept internal.

    Review findings with analyst:

    • Complete all fields in the service record for each identified service.

    Then complete these activities…

    • Finalize the design of the service record and bring over enterprise services and LOB services.

    Then complete these activities…

    • Test the service definitions with business users prior to catalog implementation.

    With these tools & templates: Service

    Services Definition Chart

    With these tools & templates:

    Services Definition Chart

    Utilize Info-Tech’s Services Definition Chart to map out your final service catalog design

    Info-Tech’s Sample Services Definition Chart

    Info-Tech has provided a sample Services Definition Chart with standard service definitions and pre-populated fields. It is up to you throughout this step to decide which fields are necessary to your business users, as well as how much detail you wish to include in each of them.

    This image contains a screenshot from Info-Tech's Services Definition Chart.

    Info-Tech Insight

    Keep track of which services you either modify or delete. You will have to change the same services in the final Info-Tech deliverable.

    Tips and techniques for service record design

    The majority of the fields in the service catalog are user facing, which means they must be written in business language that the users can understand.

    If there is any confusion or disagreement in filling out the fields, a facilitator is required to lead the working groups in coming up with a definitive answer. If a decision is still not reached, it should be escalated to the decision maker (usually the service owner).

    IT-Facing Fields

    There are IT facing fields that should not be published to the business users – they are for the benefit of IT. For example, you may want to keep Performance Metrics internal to IT until you are ready to discuss it with the business.

    If the organization is interested in creating a Technical Service Catalog following this initiative, these fields will provide a helpful starting place for IT to identify the people, process, and technology required to support user-facing services.

    Info-Tech Insight

    It is important for IT-facing fields to be kept internal. If business users are having trouble with a service and the service owner’s name is available to them, they will phone them for support even if they are not the support owner.

    Design your service catalog with business input: have the user in mind

    When completing the service record, adopt the principle that “Less is More.” Keep it simple and write the service description from the user’s perspective, without IT language. From the list below, pick which fields of information are important to your business users.

    What do the users need to access the service quickly and with minimal assistance?

    The depicted image contains an example of an analysis of what users need to access the service quickly and with minimal assistance. The contents are as follows. Under Service Overview, Name; Description; Features; Category; and Supporting Services. Under Owners, are Service Owner; Business Owner. Under Access Policies and Procedures, are Authorized Users; Request Process; Approval Requirements/Process; Turnaround Time; User Responsibility. Under Availability and Service Levels are Support Hours; Hours of Availability; Planned Downtime; and Metrics. Under Support Policies & Procedures are Support Process; Support Owner; Support Documentation. Under Costs are Internal Cost; Customer Cost. The items which are IT Facing are coloured Red. These include Supporting Services; Service Owner; Business Owner; Metrics; Support Owner; and Internal Cost.

    Identify service overview

    “What information must I have in each service record? What are the fundamentals required to define a service?”

    Necessary Fields – Service Description:

    • Service name → a title for the service that gives a hint of its purpose.
    • Service description → what the service does and expected outcomes.
    • Service features → describe functionality of the service.
    • Service category → an intuitive way to group the service.
    • Support services → applications/systems required to support the service.

    Description: Delivers electronic messages to and from employees.

    Features:

    • Desk phone
    • Teleconference phones (meeting rooms)
    • Voicemail
    • Recover deleted voicemails
    • Team line: call rings multiple phones/according to call tree
    • Employee directory
    • Caller ID, Conference calling

    Category: Communications

    This image contains an example of a Service overview table. The headings are: Description; Features; Category; Supporting Services (Systems, Applications).

    Identify owners

    Who is responsible for the delivery of the service and what are their roles?

    Service Owner and Business Owner

    Service owner → the IT member who is responsible and accountable for the delivery of the service.

    Business owner → the business partner of the service owner who ensures the provided service meets business needs.

    Example: Time Entry

    Service Owner: Manager of Business Solutions

    Business Owner: VP of Human Resources

    This image depicts a blank table with the headings Service Owner, and Business Owner

    Info-Tech Insight

    For enterprise services that are used by almost everyone in the organization, the business owner is the CIO.

    Identify access policies and procedures

    “Who is authorized to access this service? How do they access it?”

    Access Policies & Procedures

    Authorized users → who can access the service.

    Request process → how to request access to the service.

    Approval requirement/process → what the user needs to have in place before accessing the service.

    Example: Guest Wi-Fi

    Authorized Users: All people on site not working for the company

    Request Process: Self-Service through website for external visitors

    Approval Requirement/Process: N/A

    This image depicts a blank table with the headings: Authorized Users; Request Process; Approval Requirement/Process

    Info-Tech Insight

    Clearly defining how to access a service saves time and money by decreasing calls to the service desk and getting users up and running faster. The result is higher user productivity.

    Identify access policies and procedures

    “Who is authorized to access this service? How do they access it?”

    Access Policies & Procedures

    Requirements & pre-requisites → details of what must happen before a service can be provided.

    Turnaround time → how much time it will take to grant access to the service.

    User responsibility → What the user is expected to do to acquire the service.

    Example: Guest Wi-Fi

    Requirements & Pre-requisites: Disclaimer of non-liability and acceptance

    Turnaround time: Immediate

    User Responsibility: Adhering to policies outlined in the disclaimer

    This image depicts a blank table with the headings: Authorized Users; Request Process; Approval Requirement/Process

    Info-Tech Insight

    Clearly defining how to access a service saves time and money by decreasing calls to the service desk and getting users up and running faster. The result is higher user productivity.

    Identify availability and service levels

    “When is this service available to users? What service levels can the user expect?”

    Availability & Service Levels

    Support hours → what days/times is this service available to users?

    Hours of availability/planned downtime → is there scheduled downtime for maintenance?

    Performance metrics → what level of performance can the user expect for this service?

    Example: Software Provisioning

    Support Hours: Standard business hours

    Hours of Availability/Planned Downtime: Standard business hours; can be agreed to work beyond operating hours either earlier or later

    Performance Metrics: N/A

    This image depicts a blank table with the headings: Support hours; Hours of availability/planned downtime; Performance Metrics.

    Info-Tech Insight

    Manage user expectations by clearly documenting and communicating service levels.

    Identify support policies and procedures

    “How do I obtain support for this service?”

    Support Policies & Procedures

    Support process → what is the process for obtaining support for this service?

    Support owner → who can users contact for escalations regarding this service?

    Support documentation → where can users find support documentation for this service?

    Example: Shared Folders

    Support Process: Contact help desk or submit a ticket via portal

    Support Owner: Manager, client support

    Support Documentation: .pdf of how-to guide

    This image depicts a blank table with the headings: Support Process; Support Owner; Support Documentation

    Info-Tech Insight

    Clearly documenting support procedures enables users to get the help they need faster and more efficiently.

    Identify service costs and approvals

    “Is there a cost for this service? If so, how much and who is expensing it?”

    Costs

    Internal Cost → do we know the total cost of the service?

    Customer Cost → a lot of services are provided without charge to the business; however, certain service requests will be charged to a department’s budget.

    Example: Hardware Provisioning

    Internal Cost: For purposes of audit, new laptops will be expensed to IT.

    Customer Cost: Cost to rush order 10 new laptops with retina displays for the graphics team. Charged for extra shipment cost, not for cost of laptop.

    This image depicts a blank table with the headings: Internal Costs; Customer costs

    Info-Tech Insight

    Set user expectations by clearly documenting costs associated with a service and how to obtain approval for these costs if required.

    Complete the service record design fields for every service

    4.1 3 Hours

    This is the final activity to completing the service record design. It has been a long journey to make it here; now, all that is left is completing the fields and transferring information from previous activities.

    1. Organize the services however you think is most appropriate. A common method of organization is alphabetically by enterprise category, and then each LOB functional group.
    2. Determine which fields you would like to keep or edit to be part of your design. Also add any other fields you can think of which will add value to the user or IT. Remember to keep them IT facing if necessary.
    3. Complete the fields for each service one by one. Keep in mind that for some services, a field or two may not apply to the nature of that service and may be left blank or filled with a null value (e.g. N/A).

    INPUT

    • A collaborative discussion

    OUTPUT

    • Completed service record design ready for a catalog

    Materials

    • Info-Tech sample service record design.

    Participants

    • Project stakeholders, business representatives

    Info-Tech Insight

    Don’t forget to delete or bring over the edited LOB and Enterprise services from the phase 2 and 3 deliverables.

    Complete the service definitions and get them ready for publication

    Now that you have completed the first run of service definitions, you can go back and complete the rest of the identified services in batches. You should observe increased efficiency and effectiveness in filling out the service definitions.

    This image depicts how you can use bundles to simplify the process of catalog design using bundles. The cycle includes the steps: Identify Services; Select a Service Bundle; Review Record Design; followed by a cycle of: Pick a service; Service X; Service Data Collection; Create Service Record, followed by Publish the bundle; Communicate the bundle; Rinse and Repeat.

    This blueprint’s purpose is to help you design a service catalog. There are a number of different platforms to build the catalog offered by application vendors. The sophistication of the catalog depends on the size of your business. It may be as simple as an Excel book, or something as complex as a website integrated with your service desk.

    Determine how you want to publish the service catalog

    There are various levels of maturity to consider when you are thinking about how to deploy your service catalog.

    1. Website/User Portal 2. Catalog Module Within ITSM Tool

    3. Homegrown Solution

    Prerequisite

    An internet website, or a user portal

    An existing ITSM tool with a built-in service catalog module

    Database development capabilities

    Website development capabilities

    Pros

    Low cost

    Low effort

    Easy to deploy

    Customized solution tailored for the organization

    High flexibility regarding how the service catalog is published

    Cons

    Not aesthetically appealing

    Lacking sophistication

    Difficult to customize to organization’s needs

    Limitation on how the service catalog info is published

    High effort

    High cost

    → Maturity Level →

    Organization uses the service catalog to outline IT’s and users’ responsibilities

    CASE STUDY A
    Industry Government
    Source Onsite engagement

    Challenge

    The client had collected a lot of good information, but they were not sure about what to include to ensure the users could understand the service clearly.

    They were also not sure what to keep internal so the service catalog did not increase IT’s workload. They want to help the business, but not appear as if they are capable of solving everything for everyone immediately. There was a fear of over-commitment.

    Solution

    The government created a Customer Responsibility field for each service, so it was not just IT who was providing solutions. Business users needed to understand what they had to do to receive some services.

    The Service Owner and Business Owner fields were also kept internal so users would go through the proper request channel instead of calling Service Owners directly.

    Lastly, the Performance Metrics field was kept internal until IT was ready to present service metrics to the business.

    Results

    The business was provided clarity on their responsibility and what was duly owed to them by IT staff. This established clear boundaries on what was to be expected of IT services projected into the future.

    The business users knew what to do and how to obtain the services provided to them. In the meantime, they didn’t feel overwhelmed by the amount of information provided by the service catalog.

    Organization leverages the service catalog as a tool to define IT workflows and business processes

    CASE STUDY B
    Industry Healthcare
    Source Onsite engagement

    Challenge

    There is a lack of clarity and a lack of agreement between the client’s team members regarding the request/approval processes for certain services. This was an indication that there is a level of ambiguity around process. Members were not sure what was the proper way to access a service and could not come up with what to include in the catalog.

    Different people from different teams had different ways of accessing services. This could be true for both enterprise and LOB services.

    Solution

    The Info-Tech analyst facilitated a discussion about workflows and business processes.

    In particular, the discussion focused around the approval/authorization process, and IT’s workflows required to deliver the service. The Info-Tech analyst on site walked the client through their different processes to determine which one should be included in the catalog.

    Results

    The discussion brought clarity to the project team around both IT and business process. Using this new information, IT was able to communicate to the business better, and create consistency for IT and the users of the catalog.

    The catalog design was a shared space where IT and business users could confer what the due process and responsibilities were from both sides. This increased accountability for both parties.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts

    this is a picture of an Info-Tech Analyst

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.
    The following are sample activities that will be conducted by Info-Tech analysts with your team:
    4.1 this image contains a screenshot from section 4.1 of this blueprint.

    Determine which fields should be included in the record design

    The analysts will present the sample service definitions record and facilitate a discussion to customize the service record so unique business needs are captured.

    4.2 this image contains a screenshot from section 4.2.1 of this blueprint.

    Determine which fields should be kept internal

    The onsite analysts will explain why certain fields are used but not published. The analysts will help the team determine which fields should be kept internal.

    4.3 this image contains a screenshot from section 4.3 of this blueprint.

    Complete the service definitions

    The Info-Tech analysts will help the group complete the full service definitions. This exercise will also provide the organization with a clear understanding of IT workflows and business processes.

    Summary of accomplishment

    Knowledge Gained

    • Understanding why it is important to identify and define services from the user’s perspective.
    • Understand the differences between enterprise services and line of business services.
    • Distinguish service features from services.
    • Involve the business users to define LOB services using either IT’s view or LOB’s view.

    Processes Optimized

    • Enterprise services identification and documentation.
    • Line of business services identification and documentation.

    Deliverables Completed

    • Service catalog project charter
    • Enterprise services definitions
    • Line of business service definitions – functional groups
    • Line of business service definitions – industry specific
    • Service definition chart

    Project step summary

    Client Project: Design and Build a User-Facing Service Catalog

    1. Launch the Project – Maximize project success by assembling a well-rounded team and managing all important stakeholders.
    2. Identify Enterprise Services – Identify services that are used commonly across the organization and categorize them in a user-friendly way.
    3. Identify Line of Business Services – Identify services that are specific to each line of business using one of two Info-Tech methodologies.
    4. Complete the Service Definitions – Determine what should be presented to the users and complete the service definitions for all identified services.

    Info-Tech Insight

    This project has the ability to fit the following formats:

    • Onsite workshop by Info-Tech Research Group consulting analysts.
    • Do-it-yourself with your team.
    • Remote delivery (Info-Tech Guided Implementation).

    Related Info-Tech research

    Establish a Service-Based Costing Model

    Develop the right level of service-based costing capability by applying our methodology.

    Establish a Sustainable ESG Reporting Program

    • Buy Link or Shortcode: {j2store}194|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: IT Governance, Risk & Compliance
    • Parent Category Link: /it-governance-risk-and-compliance

    Consistent, high-quality disclosure of ESG practices is the means by which organizations can demonstrate they are acting responsibly and in the best interest of their customers and society. Organizations may struggle with these challenges when implementing an ESG reporting program:

    • Narrowing down ESG efforts to material ESG issues
    • Building a sustainable reporting framework
    • Assessing and solving for data gaps and data quality issues
    • Being aware of the tools and best practices available to support regulatory and performance reporting

    Our Advice

    Critical Insight

    • A tactical approach to ESG reporting will backfire. The reality of climate change and investor emphasis is not going away. For long-term success, organizations need to design an ESG reporting program that is flexible, interoperable, and digital.
    • Implementing a robust reporting program takes time. Start early, remain focused, and make plans to continually improve data quality and collection and performance metrics.
    • The “G” in ESG may not be capturing the limelight under ESG legislation yet, but there are key factors within the governance component that are under the regulatory microscope, including data, cybersecurity, fraud, and diversity and inclusion. Be sure you stay on top of these issues and include performance metrics in your internal and external reporting frameworks.

    Impact and Result

    • Successful organizations recognize that transparent ESG disclosure is necessary for long-term corporate performance.
    • Taking the time up front to design a robust and proactive ESG reporting program will pay off in the long run.
    • Future-proof your ESG reporting program by leveraging new tools, technologies, and software applications.

    Establish a Sustainable ESG Reporting Program Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Establish a Sustainable ESG Reporting Program Storyboard – A comprehensive framework to define an ESG reporting program that supports your ESG goals and reporting requirements.

    This storyboard provides a three-phased approach to establishing a comprehensive ESG reporting framework to drive sustainable corporate performance. It will help you identify what to report, understand how to implement your reporting program, and review in-house and external software and tooling options.

    • Establish a Sustainable ESG Reporting Program Storyboard

    2. ESG Reporting Workbook – A tool to document decisions, rationale, and implications of key activities to support your ESG reporting program.

    The workbook allows IT and business leaders to document decisions as they work through the steps to establish a comprehensive ESG reporting framework.

    • ESG Reporting Workbook

    3. ESG Reporting Implementation Plan – A tool to document tasks required to deliver and address gaps in your ESG reporting program.

    This planning tool guides IT and business leaders in planning, prioritizing, and addressing gaps to build an ESG reporting program.

    • ESG Reporting Implementation Plan Template

    4. ESG Reporting Presentation Template – A guide to communicate your ESG reporting approach to internal stakeholders.

    Use this template to create a presentation that explains the drivers behind the strategy, communicates metrics, demonstrates gaps and costs, and lays out the timeline for the implementation plan.

    • ESG Reporting Presentation Template

    Infographic

    Workshop: Establish a Sustainable ESG Reporting Program

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Determine Material ESG Factors

    The Purpose

    Determine material ESG factors.

    Key Benefits Achieved

    Learn how to identify your key stakeholders and material ESG risks.

    Activities

    1.1 Create a list of stakeholders and applicable ESG factors.

    1.2 Create a materiality map.

    Outputs

    List of stakeholders and applicable ESG factors

    Materiality map

    2 Define Performance and Reporting Metrics

    The Purpose

    Define performance and reporting metrics.

    Key Benefits Achieved

    Align your ESG strategy with key performance metrics.

    Activities

    2.1 Create a list of SMART metrics.

    2.2 Create a list of reporting obligations.

    Outputs

    SMART metrics

    List of reporting obligations

    3 Assess Data and Implementation Gaps

    The Purpose

    Assess data and implementation gaps.

    Key Benefits Achieved

    Surface data and technology gaps.

    Activities

    3.1 Create a list of high-priority data gaps.

    3.2 Summarize high-level implementation considerations.

    Outputs

    List of high-priority data gaps

    Summary of high-level implementation considerations

    4 Consider Software and Tooling Options

    The Purpose

    Select software and tooling options and develop implementation plan.

    Key Benefits Achieved

    Complete your roadmap and internal communication document.

    Activities

    4.1 Review tooling and technology options.

    4.2 Prepare ESG reporting implementation plan.

    4.3 Prepare the ESG reporting program presentation.

    Outputs

    Selected tooling and technology

    ESG reporting implementation plan

    ESG reporting strategy presentation

    Further reading

    Establish a Sustainable ESG Reporting Program

    Strengthen corporate performance by implementing a holistic and proactive reporting approach.

    Analyst Perspective

    The shift toward stakeholder capitalism cannot be pinned on one thing; rather, it is a convergence of forces that has reshaped attitudes toward the corporation. Investor attention on responsible investing has pushed corporations to give greater weight to the achievement of corporate goals beyond financial performance.

    Reacting to the new investor paradigm and to the wider systemic risk to the financial system of climate change, global regulators have rapidly mobilized toward mandatory climate-related disclosure.

    IT will be instrumental in meeting the immediate regulatory mandate, but their role is much more far-reaching. IT has a role to play at the leadership table shaping strategy and assisting the organization to deliver on purpose-driven goals.

    Delivering high-quality, relevant, and consistent disclosure is the key to unlocking and driving sustainable corporate performance. IT leaders should not underestimate the influence they have in selecting the right technology and data model to support ESG reporting and ultimately support top-line growth.

    Photo of Yaz Palanichamy

    Yaz Palanichamy
    Senior Research Analyst
    Info-Tech Research Group

    Photo of Donna Bales

    Donna Bales
    Principal Research Director
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Your organization needs to define a ESG reporting strategy that is driven by corporate purpose.

    Climate-related disclosure mandates are imminent; you need to prepare for them by building a sustainable reporting program now.

    There are many technologies available to support your ESG program plans. How do you choose the one that is right for your organization?

    Common Obstacles

    Knowing how to narrow down ESG efforts to material ESG issues for your organization.

    Understanding the key steps to build a sustainable ESG reporting program.

    Assessing and solving for data gaps and data quality issues.

    Being aware of the tools and best practices available to support regulatory and performance reporting.

    Info-Tech’s Approach

    Learn best-practice approaches to develop and adopt an ESG reporting program approach to suit your organization’s unique needs.

    Understand the key features, tooling options, and vendors in the ESG software market.

    Learn through analyst insights, case studies, and software reviews on best-practice approaches and tool options.

    Info-Tech Insight

    Implementing a robust reporting program takes time. Start early, remain focused, and plan to continually improve data quality and collection and performance metrics

    Putting “E,” “S,” and “G” in context

    Corporate sustainability depends on managing ESG factors well

    Environmental, social, and governance are the components of a sustainability framework that is used to understand and measure how an organization impacts or is affected by society as a whole.

    Human activities, particularly fossil fuel burning since the middle of the twentieth century, have increased greenhouse gas concentration, resulting in observable changes to the atmosphere, ocean, cryosphere, and biosphere. The “E” in ESG relates to the positive and negative impacts an organization may have on the environment, such as the energy it takes in and the waste it discharges.

    The “S” in ESG is the most ambiguous component in the framework, as social impact relates not only to risks but also to prosocial behavior. It’s the most difficult to measure but can have significant financial and reputational impact on corporations if material and poorly managed.

    The “G” in ESG is foundational to the realization of “S” and “E.” It encompasses how well an organization integrates these considerations into the business and how well the organization engages with key stakeholders, receives feedback, and is transparent with its intentions.

    A diagram that shows common examples of ESG issues.

    The impact of ESG factors on investment decisions

    Alleviate Investment Risk

    Organizational Reputation: Seventy-four percent of those surveyed were concerned that failing to improve their corporate ESG performance would negatively impact their organization’s branding and overall reputation in the market (Intelex, 2022).

    Ethical Business Compliance: Adherence to well-defined codes of business conduct and implementation of anti-corruption and anti-bribery practices is a great way to distinguish between organizations with good/poor governance intentions.

    Shifting Consumer Preferences: ESG metrics can also largely influence consumer preferences in buying behavior intentions. Research from McKinsey shows that “upward of 70 percent” of consumers surveyed on purchases in multiple industries said they would pay an additional 5 percent for a green product if it met the same performance standards as a nongreen alternative (McKinsey, 2019).

    Responsible Supply Chain Management: The successful alignment of ESG criteria with supply chain operations can lead to several benefits (e.g. producing more sustainable product offerings, maintaining constructive relationships with more sustainability-focused suppliers).

    Environmental Stewardship: The growing climate crisis has forced companies of all sizes to rethink how they plan their corporate environmental sustainability practices.

    Compliance With Regulatory Guidelines: An increasing emphasis on regulations surrounding ESG disclosure rates may result in some institutional investors taking a more proactive stance toward ESG-related initiatives.

    Sustaining Competitive Advantage: Given today’s globalized economy, many businesses are constantly confronted with environmental issues (e.g. water scarcity, air pollution) as well as social problems (e.g. workplace wellness issues). Thus, investment in ESG factors is simply a part of maintaining competitive advantage.

    Leaders increasingly see ESG as a competitive differentiator

    The perceived importance of ESG has dramatically increased from 2020 to 2023

    A diagram that shows the perceived importance of ESG in 2020 and 2023.

    In a survey commissioned by Schneider Electric, researchers categorized the relative importance of ESG planning initiatives for global IT business leaders. ESG was largely identified as a critical factor in sustaining competitive advantage against competitors and maintaining positive investor/public relations.
    Source: S&P Market Intelligence, 2020; N=825 IT decision makers

    “74% of finance leaders say investors increasingly use nonfinancial information in their decision-making.”
    Source: EY, 2020

    Regulatory pressure to report on carbon emission is building globally

    The Evolving Regulatory Landscape

    Canada

    • Canadian Securities Administrators (CSA) NI 51-107 Disclosure of Climate-related Matters

    United States

    • Securities and Exchange Commission (SEC) 33-11042 – The Enhancement and Standardization of Climate-Related Disclosures for Investors
    • SEC 33-11038 Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure
    • Nasdaq Board Diversity Rule (5605(f))

    Europe

    • European Commission Sustainable Finance Disclosure Regulation (SFDR)
    • European Commission EU Supply Chain Act
    • The German Supply Chain Act (GSCA)
    • Financial Conduct Authority UK Proposal (DP 21/4) Sustainability Disclosure Requirements and investment labels
    • UK Modern Slavery Act, 2015

    New Zealand

    • The Financial Sector (Climate-related Disclosures and Other Matters) Amendment Act 2021

    Accurate ESG reporting will be critical to meet regulatory requirements

    ESG reporting is the disclosure of environmental, social, and governance (ESG) data via qualitative and quantitative reports.

    It is how organizations make their sustainability commitments and strategies transparent to stakeholders.

    For investors it provides visibility into a company's ESG activities, enabling them to align investments to their values and avoid companies that cause damage to the environment or are offside on social and governance issues.

    Despite the growing practice of ESG reporting, reporting standards and frameworks are still evolving and the regulatory approach for climate-related disclosure is inconsistent across jurisdictions, making it challenging for organizations to develop a robust reporting program.

    “Environmental, social and governance (ESG) commitments are at the core a data problem.”

    Source: EY, 2022

    However, organizations will struggle to meet reporting requirements

    An image that shows 2 charts: How accurately can your organization report on the impact of its ESG Initiatives; and More specifically, if it was required to do so, how accurately could your organization report on its carbon footprint.

    Despite the commitment to support an ESG Initiative, less than a quarter of IT professionals say their organization can accurately report on the impact of its ESG initiatives, and 44% say their reporting on impacts is not accurate.

    Reporting accuracy was even worse for reporting on carbon footprint with 46% saying their organization could not report on its carbon footprint accurately. This despite most IT professionals saying they are working to support environmental mandates.

    Global sustainability rankings based on ESG dimensions

    Global Country Sustainability Ranking Map

    An image of Global Country Sustainability Ranking Map, with a score of 0 to 10.

    Country Sustainability Scores (CSR) as of October 2021
    Scores range from 1 (poor) to 10 (best)
    Source: Robeco, 2021

    ESG Performance Rankings From Select Countries

    Top ESG and sustainability performer

    Finland has ranked consistently as a leading sustainability performer in recent years. Finland's strongest ESG pillar is the environment, and its environmental ranking of 9.63/10 is the highest out of all 150 countries.

    Significant score deteriorations

    Brazil, France, and India are among the countries whose ESG score rankings have deteriorated significantly in the past three years.

    Increasing political tensions and risks as well as aftershock effects of the COVID-19 pandemic (e.g. high inequality and insufficient access to healthcare and education) have severely impacted Brazil’s performance across the governance and social pillars of the ESG framework, ultimately causing its overall ESG score to drop to a CSR value of 5.31.

    Largest gains and losses in ESG scores

    Canada has received worse scores for corruption, political risk, income inequality, and poverty over the past three years.

    Taiwan has seen its rankings improve in terms of overall ESG scores. Government effectiveness, innovation, a strong semiconductor manufacturing market presence, and stronger governance initiatives have been sufficient to compensate for a setback in income and economic inequality.

    Source: Robeco, 2021

    Establish a Sustainable Environmental, Social, and Governance (ESG) Reporting Program

    A diagram of establishing a sustainable ESG reporting program.

    Blueprint benefits

    Business Benefits

    • Clarity on technical and organizational gaps in the organization’s ability to deliver ESG reporting strategy.
    • Transparency on the breadth of the change program, internal capabilities needed, and accountable owners.
    • Reduced likelihood of liability.
    • Improved corporate performance and top-line growth.
    • Confidence that the organization is delivering high-quality, comprehensive ESG disclosure.

    IT Benefits

    • Understanding of IT’s role as strategic enabler for delivering high-quality ESG disclosure and sustainable corporate performance.
    • Transparency on primary data gaps and technology and tools needed to support the ESG reporting strategy.
    • Clear direction of material ESG risks and how to prioritize implementation efforts.
    • Awareness of tool selection options.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Photo of Executive Presentation.

    Key deliverable: Executive Presentation

    Leverage this presentation deck to improve corporate performance by implementing a holistic and proactive ESG reporting program.

    Photo of Workbook

    Workbook

    As you work through the activities, use this workbook to document decisions and rationale and to sketch your materiality map.

    Photo of Implementation Plan

    Implementation Plan

    Use this implementation plan to address organizational, technology, and tooling gaps.

    Photo of RFP Template

    RFP Template

    Leverage Info-Tech’s RFP Template to source vendors to fill technology gaps.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit
    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation
    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop
    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting
    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 8 to 12 calls over the course of 4 to 6 months.

    What does a typical GI on this topic look like?

    A diagram that shows Guided Implementation in 3 phases.

    Workshop Overview

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    Activities

    Determine Material ESG Factors

    1.1 Review ESG drivers.
    1.2 Identify key stakeholders and what drives their behavior.
    1.3 Discuss materiality frameworks options and select baseline model.
    1.4 Identify material risks and combine and categorize risks.
    1.5 Map material risks on materiality assessment map.

    Define Performance and Reporting Metrics

    2.1 Understand common program metrics for each ESG component.
    2.2 Consider and select program metrics.
    2.3 Discuss ESG risk metrics.
    2.4 Develop SMART metrics.
    2.5 Surface regulatory reporting obligations.

    Assess Data and Implementation Gaps

    3.1 Assess magnitude and prioritize data gaps.
    3.2 Discuss high-level implementation considerations and organizational gaps.

    Software and Tooling Options

    4.1 Review technology options.
    4.2 Brainstorm technology and tooling options and the feasibility of implementing.
    4.3 Prepare implementation plan.
    4.4 Draft ESG reporting program communication.
    4.5 Optional – Review software selection options.

    Next Steps and Wrap-Up (offsite)

    5.1 Complete in-progress deliverables from previous four days.
    5.2 Set up review time for workshop deliverables and to discuss next steps.

    Deliverables

    1. Customized list of key stakeholders and material ESG risks
    2. Materiality assessment map

    1. SMART metrics
    2. List of regulatory reporting obligations

    1. High-priority data gaps
    2. High-level implementation considerations

    1. Technology and tooling opportunities
    2. Implementation Plan
    3. ESG Reporting Communication

    1. ESG Reporting Workbook
    2. Implementation Plan

    Contact your account representative for more information.
    workshops@infotech.com
    1-888-670-8889

    Phase 1

    Explore ESG Reporting

    A diagram that shows phase 1 to 3 of establishing ESG reporting program.

    This phase will walk you through the following:

    • Define key stakeholders and material ESG factors.
    • Identify material ESG issues.
    • Develop SMART program metrics.
    • List reporting obligations.
    • Surface high-level data gaps.
    • Record high-level implementation considerations.

    This phase involves the following participants: CIO, CCO, CSO, business leaders, legal, marketing and communications, head of ESG reporting, and any dedicated ESG team members

    Practical steps for ESG disclosure

    Measuring and tracking incremental change among dimensions such as carbon emissions reporting, governance, and diversity, equity, and inclusion (DEI) requires organizations to acquire, analyze, and synthesize data from beyond their internal organizational ecosystems

    A diagram that shows 5 steps of identify, assess, implement, report & communicate, and monitor & improve.

    1.1 Ensure your reporting requirements are comprehensive

    A diagram of reporting lifecycle.

    This section will walk you through some key considerations for establishing your ESG reporting strategy. The first step in this process is to identify the scope of your reporting program.

    Defining the scope of your reporting program

    1. Stakeholder requirements: When developing a reporting program consider all your stakeholder needs as well as how they want to consume the information.
    2. Materiality assessment: Conduct a materiality assessment to identify the material ESG issues most critical to your organization. Organizations will need to report material risks to internal and external stakeholders.
    3. Purpose-driven goals: Your ESG reporting must include metrics to measure performance against your purpose-driven strategy.
    4. Regulatory requirements & industry: Work with your compliance and legal teams to understand which reporting requirements apply. Don’t forget requirements under the “S” and “G” components. Some jurisdictions require DEI reporting, and the Securities and Exchange Commission (SEC) in the US recently announced cybersecurity disclosure of board expertise and management oversight practices.

    Factor 1: Stakeholder requirements

    Work with key stakeholders to determine what to report

    A diagram that shows internal and external stakeholders.

    Evaluate your stakeholder landscape

    Consider each of these areas of the ESG Stakeholder Wheel and identify your stakeholders. Once stakeholders are identified, consider how the ESG factors might be perceived by delving into the ESG factors that matter to each stakeholder and what drives their behavior.

    A diagram of ESG impact, including materiality assessment, interviews, benchmark verses competitors, metrics and trend analysis.

    Determine ESG impact on stakeholders

    Review materiality assessment frameworks for your industry to surface ESG factors for your segment and stakeholder group(s).

    Perform research and analysis of the competition and stakeholder trends, patterns, and behavior

    Support your findings with stakeholder interviews.

    Stakeholders will prioritize ESG differently. Understanding their commitment is a critical success factor.

    Many of your stakeholders care about ESG commitments…

    27%: Support for social and environmental proposals at shareholder meetings of US companies rose to 27% in 2020 (up from 21% in 2017).
    Source: Sustainable Investments Institute, 2020.

    79%: of investors consider ESG risks and opportunities an important factor in investment decision making.
    Source: “Global Investor Survey,” PwC, 2021.

    ...Yet

    33%: of survey respondents cited that a lack of attention or support from senior leadership was one of the major barriers preventing their companies from making any progress on ESG issues.
    Source: “Consumer Intelligence Survey,” PwC, 2021.

    Info-Tech Insight

    To succeed with ESG reporting it is essential to understand who we hold ourselves accountable to and to focus ESG efforts in areas with the optimal balance between people, the planet, and profits

    Activity 1: Define stakeholders

    Input: Internal documentation (e.g. strategy, annual reports), ESG Stakeholder Wheel
    Output: List of key stakeholders and applicable ESG factors
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Chief Compliance Officer, Head of ESG Reporting, Business leaders

    2 hours

    1. Using the ESG Stakeholder Wheel as a baseline, consider the breadth of your organization’s value chain and write down all your stakeholders.
    2. Discuss what drives their behavior. Be as detailed as you can be. For example, if it’s a consumer, delve into their age group and the factors that may drive their behavior.
    3. List the ESG factors that may be important to each stakeholder.
    4. Write down the communication channels you expect to use to communicate ESG information to this stakeholder group.
    5. Rate the priority of this stakeholder to your organization.
    6. Record this information in ESG Reporting Workbook.
    7. Optional – consider testing the results with a targeted survey.

    Download the ESG Reporting Workbook

    Activity 1: Example

    An example of activity 1 (defining stakeholders)

    Factor 2: Materiality assessments

    Conduct a materiality assessment to inform company strategy and establish targets and metrics for risk and performance reporting

    The concept of materiality as it relates to ESG is the process of gaining different perspectives on ESG issues and risks that may have significant impact (both positive and negative) on or relevance to company performance.

    The objective of a materiality assessment is to identify material ESG issues most critical to your organization by looking at a broad range of social and environmental factors. Its purpose is to narrow strategic focus and enable an organization to assess the impact of financial and non-financial risks aggregately.

    It helps to make the case for ESG action and strategy, assess financial impact, get ahead of long-term risks, and inform communication strategies.

    Organizations can use assessment tools from Sustainalytics or GRI, SASB Standards, or guidance and benchmarking information from industry associations to help assess ESG risks .

    An image of materiality matrix to understand ESG exposure

    Info-Tech Insight

    The materiality assessment informs your risk management approach. Material ESG risks identified should be integrated into your organization’s risk reporting framework.

    Supplement your materiality assessment with stakeholder interviews

    A diagram that shows steps of stakeholder interviews.

    How you communicate the results of your ESG assessment may vary depending on whether you’re communicating to internal or external stakeholders and their communication delivery preferences.

    Using the results from your materiality assessment, narrow down your key stakeholders list. Enhance your strategy for disclosure and performance measurement through direct and indirect stakeholder engagement.

    Decide on the most suitable format to reach out to these stakeholders. Smaller groups lend themselves to interviews and forums, while surveys and questionnaires work well for larger groups.

    Develop relevant questions tailored to your company and the industry and geography you are in.

    Once you receive the results, decide how and when you will communicate them.

    Determine how they will be used to inform your strategy.

    Steps to determine material ESG factors

    Step 1

    Select framework

    A diagram of framework

    Review reporting frameworks and any industry guidance and select a baseline reporting framework to begin your materiality assessment.

    Step 2

    Begin to narrow down

    A diagram of narrowing down stakeholders

    Work with stakeholders to narrow down your list to a shortlist of high-priority material ESG issues.

    Step 3

    Consolidate and group

    A diagram of ESG grouping

    Group ESG issues under ESG components, your company’s strategic goals, or the UN’s Sustainable Development Goals.

    Step 4

    Rate the risks of ESG factors

    A diagram of rating the risks of ESG factors

    Assign an impact and likelihood scale for each risk and assign your risk threshold.

    Step 5

    Map

    A diagram of material map

    Use a material map framework such as GRI or SASB or Info-Tech’s materiality map to visualize your material ESG risks.

    Materiality assessment

    The materiality assessment is a strategic tool used to help identify, refine, and assess the numerous ESG issues in the context of your organization.

    There is no universally accepted approach to materiality assessments. Although the concept of materiality is often embedded within a reporting standard, your approach to conducting the materiality assessment does not need to link to a specific reporting standard. Rather, it can be used as a baseline to develop your own.

    To arrive at the appropriate outcome for your organization, careful consideration is needed to tailor the materiality assessment to meet your organization’s objectives.

    When defining the scope of your materiality assessment consider:

    • Your corporate ESG purpose and sustainability strategy
    • Your audience and what drives their behavior
    • The relevance of the ESG issues to your organization. Do they impact strategy? Increase risk?
    • The boundaries of your materiality assessment (e.g. regions or business departments, supply chains it will cover)
    • Whether you want to assess from a double materiality perspective

    A diagram of framework

    Consider your stakeholders and your industry when selecting your materiality assessment tool – this will ensure you provide relevant disclosure information to the stakeholders that need it.

    Double materiality is an extension of the financial concept of materiality and considers the broader impact of an organization on the world at large – particularly to people and climate.

    Prioritize and categorize

    A diagram of narrowing down stakeholders

    Using internal information (e.g. strategy, surveys) and external information (e.g. competitors, industry best practices), create a longlist of ESG issues.

    Discuss and narrow down the list. Be sure to consider opportunities – not just material risks!

    A diagram of ESG grouping

    Group the issues under ESG components or defined strategic goals for your organization. Another option is to use the UN’s Sustainable Development Goals to categorize.

    Differentiate ESG factors that you already measure and report.

    The benefit of clustering is that it shows related topics and how they may positively or negatively influence one another.

    Internal risk disclosure should not be overlooked

    Bank of America estimates ESG disputes have cost S&P companies more than $600 billion in market capitalization in the last seven years alone.

    ESG risks are good predictors of future risks and are therefore key inputs to ensure long-term corporate success.

    Regardless of the size of your organization, it’s important to build resilience against ESG risks.

    To protect an organization against an ESG incident and potential liability risk, ESG risks should be treated like any other risk type and incorporated into risk management and internal reporting practices, including climate scenario analysis.

    Some regulated entities will be required to meet climate-related financial disclosure expectations, and sound risk management practices will be prescribed through regulatory guidance. However, all organizations should instill sound risk practices.

    ESG risk management done right will help protect against ESG mishaps that can be expensive and damaging while demonstrating commitment to stakeholders that have influence over all corporate performance.

    Source: GreenBiz, 2022.

    A diagram of risk landscape.

    IT has a role to play to provide the underlying data and technology to support good risk decisions.

    Visualize your material risks

    Leverage industry frameworks or use Info-Tech’s materiality map to visualize your material ESG risks.

    GRI’s Materiality Matrix

    A photo of GRI’s Materiality Matrix

    SASB’s Materiality Map

    A photo of SASB’s Materiality Map

    Info-Tech’s Materiality Map

    A diagram of material map

    Activity 2: Materiality assessment

    Input: ESG corporate purpose or any current ESG metrics; Customer satisfaction or employee engagement surveys; Materiality assessment tools from SASB, Sustainalytics, GRI, or industry frameworks; Outputs from stakeholder outreach/surveys
    Output: Materiality map, a list of material ESG issues
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Chief Compliance Officer, Head of ESG Reporting, Business leaders, Participants from marketing and communications

    2-3 hour

    1. Begin by reviewing various materiality assessment frameworks to agree on a baseline framework. This will help to narrow down a list of topics that are relevant to your company and industry.
    2. As a group, discuss the potential impact and start listing material issues. At first the list will be long, but the group will work collectively to prioritize and consolidate the list.
    3. Begin to combine and categorize the results by aligning them to your ESG purpose and strategic pillars.
    4. Treat each ESG issue as a risk and map against the likelihood and impact of the risk.
    5. Map the topics on your materiality map. Most of the materiality assessment tools have materiality maps – you may choose to use their map.
    6. Record this information in the ESG Reporting Workbook.

    Download the ESG Reporting Workbook

    Case Study: Novartis

    Logo of Novartis

    • INDUSTRY: Pharmaceuticals
    • SOURCE: Novartis, 2022

    Novartis, a leading global healthcare company based in Switzerland, stands out as a leader in providing medical consultancy services to address the evolving needs of patients worldwide. As such, its purpose is to use science and technologically innovative solutions to address some of society’s most debilitating, challenging, and ethically significant healthcare issues.

    The application of Novartis’ materiality assessment process in understanding critical ESG topics important to their shareholders, stakeholder groups, and society at large enables the company to better quantify references to its ESG sustainability metrics.

    Novartis applies its materiality assessment process to better understand relevant issues affecting its underlying business operations across its entire value chain. Overall, employing Novartis’s materiality assessment process helps the company to better manage its societal, environmental, and economic impacts, thus engaging in more socially responsible governance practices.

    Novartis’ materiality assessment is a multitiered process that includes three major elements:

    1. Identifying key stakeholders, which involves a holistic analysis of internal colleagues and external stakeholders.
    2. Collecting quantitative feedback and asking relevant stakeholders to rank a set of issues (e.g. climate change governance, workplace culture, occupational health and safety) and rate how well Novartis performs across each of those identified issues.
    3. Eliciting qualitative insights by coordinating interviews and workshops with survey participants to better understand why the issues brought up during survey sessions were perceived as important.

    Results

    In 2021, Novartis had completed its most recent materiality assessment. From this engagement, both internal and external stakeholders had ranked as important eight clusters that Novartis is impacting on from an economic, societal, and environmental standpoint. The top four clusters were patient health and safety, access to healthcare, innovation, and ethical business practices.

    Factor 3: ESG program goals

    Incorporate ESG performance metrics that support your ESG strategy

    Another benefit of the materiality assessment is that it helps to make the case for ESG action and provides key information for developing a purpose-led strategy.

    An internal ESG strategy should drive toward company-specific goals such as green-house gas emission targets, use of carbon neutral technologies, focus on reusable products, or investment in DEI programs.

    Most organizations focus on incremental goals of reducing negative impacts to existing operations or improving the value to existing stakeholders rather than transformative goals.

    Yet, a strategy that is authentic and aligned with key stakeholders and long-term goals will bring sustainable value.

    The strategy must be supported by an accountability and performance measurement framework such as SMART metrics.

    A fulsome reporting strategy should include performance metrics

    A photo of SMART metrics: Specific, Measurable, Actionable, Realistic, Time-bound.

    Activity 3: SMART metrics

    Input: ESG corporate purpose or any current ESG metrics, Outputs from activities 1 and 2, Internally defined metrics (i.e. risk metrics or internal reporting requirements)
    Output: SMART metrics
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Chief Compliance Officer, Chief Risk officer/Risk leaders, Head of ESG Reporting, Business leaders, Participants from marketing and communications

    1-2 hours

    1. Document a list of appropriate metrics to assess the success of your ESG program.
    2. Use the sample metrics listed in the table on the next slide as a starting point.
    3. Fill in the chart to indicate the:
      1. Name of the success metric
      2. Method for measuring success
      3. Baseline measurement
      4. Target measurement
      5. Actual measurements at various points throughout the process of improving the risk management program
      6. A deadline for each metric to meet the target measurement
    4. Record this information in the ESG Reporting Workbook.

    Download the ESG Reporting Workbook

    Sample ESG metrics

    Leverage industry resources to help define applicable metrics

    Environmental

    • Greenhouse gas emissions – total corporate
    • Carbon footprint – percent emitted and trend
    • Percentage of air and water pollution
    • Renewable energy share per facility
    • Percentage of recycled material in a product
    • Ratio of energy saved to actual use
    • Waste creation by weight
    • Circular transition indicators

    Social

    • Rates of injury
    • Lost time incident rate
    • Proportion of spend on local suppliers
    • Entry-level wage vs. local minimum wage
    • Percentage of management who identify with specific identity groups (i.e. gender and ethnic diversity)
    • Percentage of suppliers screened for accordance to ESG vs. total number of suppliers
    • Consumer responsiveness

    Governance

    • Annual CEO compensation compared to median
    • Percentage of employees trained in conflict-of-interest policy
    • Number of data breaches using personally identifiable information (PII)
    • Number of incidents relating to management corruption
    • Percentage of risks with mitigation plans in place

    Activity 3: Develop SMART project metrics

    1-3 hours

    Attach metrics to your goals to gauge the success of the ESG program.

    Sample Metrics

    An image of sample metrics

    Factor 4: Regulatory reporting obligations

    Identify your reporting obligations

    High-level overview of reporting requirements:

    An image of high-level reporting requirements in Canada, the United Kingdom, Europe, and the US.

    Refer to your legal and compliance team for the most up-to-date and comprehensive requirements.

    The focus of regulators is to move to mandatory reporting of material climate-related financial information.

    There is some alignment to the TCFD* framework, but there is a lack of standardization in terms of scope across jurisdictions.
    *TCFD is the Task Force on Climate-Related Financial Disclosures.

    Activity 4: Regulatory obligations

    Input: Corporate strategy documents; Compliance registry or internal governance, risk, and compliance (GRC) tool
    Output: A list of regulatory obligations
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Chief Compliance Officer, Chief Legal Officer, Head of ESG Reporting, Business leaders

    1-2 hours

    1. Begin by listing the jurisdictions in which you operate or plan to operate.
    2. For each jurisdiction, list any known current or future regulatory requirements. Consider all ESG components.
    3. Log whether the requirements are mandatory or voluntary and the deadline to report.
    4. Write any details about reporting framework; for example, if a reporting framework such as TCFD is prescribed.
    5. Record this information in the ESG Reporting Workbook.

    Download the ESG Reporting Workbook

    1.2 Assess impact and weigh options

    A diagram of reporting lifecycle.

    Once the scope of your ESG reporting framework has been identified, further assessment is needed to determine program direction and to understand and respond to organizational impact.

    Key factors for further assessment and decisions include

    1. Reporting framework options. Consider mandated reporting frameworks and any industry standards when deciding your baseline reporting framework. Strive to have a common reporting methodology that serves all your reporting needs: regulatory, corporate, shareholders, risk reporting, etc.
    2. Perform gap analysis. The gap analysis will reveal areas where data may need to be sourced or where tools or external assistance may be needed to help deliver your reporting strategy.
    3. Organizational impact and readiness. The gap analysis will help to determine whether your current operating model can support the reporting program or whether additional resources, tools, or infrastructure will be needed.

    1.2.1 Decide on baseline reporting framework

    1. Determine the appropriate reporting framework for your organization

    Reporting standards are available to enable relevant, high-quality, and comparable information. It’s the job of the reporting entity to decide on the most suitable framework for their organization.

    The most established standard for sustainability reporting is the Global Reporting Initiative (GRI), which has supported sustainability reporting for over 20 years.

    The Task Force on Climate-Related Financial Disclosures (TCFD) was created by the Financial Stability Board to align ESG disclosure with financial reporting. Many global regulators support this framework.

    The International Sustainability Standards Board (ISSB) is developing high-quality, understandable, and enforceable global standards using the Sustainability Accounting Standards Board (SASB) as a baseline. It is good practice to use SASB Standards until the ISSB standards are available.

    2. Decide which rating agencies you will use and why they are important

    ESG ratings are provided by third-party agencies and are increasingly being used for financing and transparency to investors. ESG ratings provide both qualitative and quantitative information.

    However, there are multiple providers, so organizations need to consider which ones are the most important and how many they want to use.

    Some of the most popular rating agencies include Sustainalytics, MSCI, Bloomberg, Moody's, S&P Global, and CDP.

    Reference Appendix Below

    1.2.2 Determine data gaps

    The ESG reporting mandate is built on the assumption of consistent, good-quality data

    To meet ESG objectives, corporations are challenged with collecting non-financial data from across functional business and geographical locations and from their supplier base and supply chains.

    One of the biggest impediments to ESG implementation is the lack of high-quality data and of mature processes and tools to support data collection.

    An important step for delivering reporting requirements is to perform a gap analysis early on to surface gaps in the primary data needed to deliver your reporting strategy.

    The output of this exercise will also inform and help prioritize implementation, as it may show that new data sets need to be sourced or tools purchased to collect and aggregate data.

    Conduct a gap analysis to determine gaps in primary data

    A diagram of gap analysis to determine gaps in primary data.

    Activity 5: Gap analysis

    Input: Business (ESG) strategy, Data inventory (if exists), Output from Activity 1: Key stakeholders, Output from Activity 2: Materiality map, Output of Activity 3: SMART metrics, Output of Activity 4: Regulatory obligations
    Output: List of high-priority data gaps
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Chief Compliance Officer, Chief Legal Officer, Head of ESG Reporting, Business leaders, Data analysts

    1-3 hours

    1. Using the outputs from activities 1-4, list your organization’s ESG issues in order of priority. You may choose to develop your priority list by stakeholder group or by material risks.
    2. List any defined SMART metric from Activity 3.
    3. Evaluate data availability and quality of the data (if existing) as well as any impediments to sourcing the data.
    4. Make note if this is a common datapoint, i.e. would you disclose this data in more than one report?
    5. Record this information in the ESG Reporting Workbook.

    Download the ESG Reporting Workbook

    1.3 Take a holistic implementation approach

    Currently, 84 percent of businesses don’t integrate their ESG performance with financial and risk management reporting.

    Source: “2023 Canadian ESG Reporting Insights,” PwC.

    A diagram of reporting lifecycle.

    When implementing an ESG reporting framework, it is important not to implement in silos but to take a strategic approach that considers the evolving nature of ESG and the link to value creation and sound decision making.

    Key implementation considerations include

    1. Setting clear metrics and targets. Key performance indicators (KPIs) and key risk indicators (KRIs) are used to measure ESG factor performance. It’s essential that they are relevant and are constructed using high-quality data. Your performance metrics should be continually assessed and adapted as your ESG program evolves.
    2. Data challenges. Without good-quality data it is impossible to accurately measure ESG performance, generate actionable insights on ESG performance and risk, and provide informative metrics to investors and other stakeholders. Design your data model to be flexible and digital where possible to enable data interoperability.
    3. Architectural approach. IT will play a key role in the design of your reporting framework, including the decision on whether to build, buy, or deliver a hybrid solution. Every organization will build their reporting program to suit their unique needs; however, taking a holistic and proactive approach will support and sustain your strategy long term.

    1.3.1 Metrics and targets for climate-related disclosure

    “The future of sustainability reporting is digital – and tagged.”
    Source: “XBRL Is Coming,” Novisto, 2022.

    In the last few years, global regulators have proposed or effected legislation requiring public companies to disclose climate-related information.

    Yet according to Info-Tech’s 2023 Trends and Priorities survey, most IT professionals expect to support environmental mandates but are not prepared to accurately report on their organization’s carbon footprint.

    IT groups have a critical role to play in helping organizations develop strategic plans to meet ESG goals, measure performance, monitor risks, and deliver on disclosure requirements.

    To future-proof your reporting structure, your data should be readable by humans and machines.

    eXtensible Business Reporting Language (XBRL) tagging is mandated in several jurisdictions for financial reporting, and several reporting frameworks are adopting XBRL for sustainability reporting so that non-financial and financial disclosure frameworks are aligned.

    Example environmental metrics

    • Amount of scope 1, 2, or 3 GHG emissions
    • Total energy consumption
    • Total water consumption
    • Progress toward net zero emission
    • Percentage of recycled material in a product

    1.3.1 Metrics and targets for social disclosure

    “59% of businesses only talk about their positive performance, missing opportunities to build trust with stakeholders through balanced and verifiable ESG reporting.”
    Source: “2023 Canadian ESG Reporting Insights,” PwC.

    To date, regulatory focus has been on climate-related disclosure, although we are beginning to see signals in Europe and the UK that they are turning their attention to social issues.

    Social reporting focuses on the socioeconomic impacts of an organization’s initiatives or activities on society (indirect or direct).

    The “social” component of ESG can be the most difficult to quantify, but if left unmonitored it can leave your organization open to litigation from consumers, employees, and activists.

    Although organizations have been disclosing mandated metrics such as occupational health and safety and non-mandated activities such as community involvement for years, the scope of reporting is typically narrow and hard to measure in financial terms.

    This is now changing with the recognition by companies of the value of social reporting to brand image, traceability, and overall corporate performance.

    Example social metrics

    • Rate of injury
    • Lost time incident rate
    • Proportion of spend on local suppliers
    • Entry-level wage versus local minimum wage
    • Percentage of management within specific identity groups (i.e. gender and ethnic diversity)
    • Number of workers impacted by discrimination

    Case Study: McDonald’s Corporation (MCD)

    Logo of McDonald’s

    • INDUSTRY: Food service retailer
    • SOURCE: RBC Capital Markets, 2021; McDonald’s, 2019

    McDonald’s Corporation is the leading global food service retailer. Its purpose is not only providing burgers to dinner tables around the world but also serving its communities, customers, crew, farmers, franchisees, and suppliers alike. As such, not only is the company committed to having a positive impact on communities and in maintaining the growth and success of the McDonald's system, but it is also committed to conducting its business operations in a way that is mindful of its ESG commitments.

    An image of McDonald’s Better Together

    McDonald’s Better Together: Gender Balance & Diversity strategy and Women in Tech initiative

    In 2019, MCD launched its Better Together: Gender Balance & Diversity strategy as part of a commitment to improving the representation and visibility of women at all levels of the corporate structure by 2023.

    In conjunction with the Better Together strategy, MCD piloted a “Women in Tech” initiative through its education and tuition assistance program, Archways to Opportunity. The initiative enabled women from company-owned restaurants and participating franchisee restaurants to learn skills in areas such as data science, cybersecurity, artificial intelligence. MCD partnered with Microsoft and Colorado Technical University to carry out the initiative (McDonald’s, 2019).

    Both initiatives directly correlate to the “S” of the ESG framework, as the benefits of gender-diverse leadership continue to be paramount in assessing the core strengths of a company’s overreaching ESG portfolio. Hence, public companies will continue to face pressure from investors to act in accordance with these social initiatives.

    Results

    MCD’s Better Together and Women in Tech programs ultimately helped improve recruitment and retention rates among its female employee base. After the initialization of the gender balance and diversification strategy, McDonald’s signed on to the UN Women’s Empowerment Principles to help accelerate global efforts in addressing the gender disparity problem.

    1.3.1 Metrics and targets for governance disclosure

    Do not lose sight of regulatory requirements

    Strong governance is foundational element of a ESG program, yet governance reporting is nascent and is often embedded in umbrella legislation pertaining to a particular risk factor.

    A good example of this is the recent proposal by the Securities and Exchange Commission in the US (CFR Parts 229, 232, 239, 240, and 249, Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure), which will require public companies to:

    • Disclosure of board oversight of cyber risk.
    • Disclose management’s role in managing and accessing cybersecurity-related risks.

    The "G” component includes more than traditional governance factors and acts as a catch-all for other important ESG factors such as fraud, cybersecurity, and data hygiene. Make sure you understand how risk may manifest in your organization and put safeguards in place.

    Example governance metrics

    • Annual CEO compensation compared to median
    • Percentage of employees trained in conflict-of-interest policy
    • Completed number of supplier assessments
    • Number of data breaches using PII
    • Number of material cybersecurity breaches

    Info-Tech Insight

    The "G" in ESG may not be capturing the limelight under ESG legislation yet, but there are key governance factors that are that are under regulatory radar, including data, cybersecurity, fraud, and DEI. Be sure you stay on top of these issues and include performance metrics into your internal and external reporting frameworks.

    1.3.2 Conquering data management challenges

    48% of investment decision makers, including 58% of institutional investors, say companies’ self-reported ESG performance data is “much more important” than companies’ conventional financial data when informing their investment decisions (Benchmark ESG, 2021).

    Due to the nascent nature of climate-related reporting, data challenges such as the availability, usability, comparability, and workflow integration surface early in the ESG program journey when sourcing and organizing data:

    • It is challenging to collect non-financial data across functional business and geographical locations and from supplier base and supply chains.
    • The lack of common standards leads to comparability challenges, hindering confidence in the outputs.

    In addition to good, reliable inputs, organizations need to have the infrastructure to access new data sets and convert raw data into actionable insights.

    The establishment of data model and workflow processes to track data lineage is essential to support an ESG program. To be successful, it is critical that flexibility, scalability, and transparency exist in the architectural design. Data architecture must scale to capture rapidly growing volumes of unstructured raw data with the associated file formats.

    A photo of conceptual model for data lineage.

    Download Info-Tech’s Create and Manage Enterprise Data Models blueprint

    1.3.3 Reporting architecture

    CIOs play an important part in formulating the agenda and discourse surrounding baseline ESG reporting initiatives

    Building and operating an ESG program requires the execution of a large number of complex tasks.

    IT leaders have an important role to play in selecting the right technology approach to support a long-term strategy that will sustain and grow corporate performance.

    The decision to buy a vendor solution or build capabilities in-house will largely depend on your organization’s ESG ambitions and the maturity of in-house business and IT capabilities.

    For large, heavily regulated entities an integrated platform for ESG reporting can provide organizations with improved risk management and internal controls.

    Example considerations when deciding to meet ESG reporting obligations in-house

    • Size and type of organization
    • Extent of regulatory requirements and scrutiny
    • The amount of data you want to report
    • Current maturity of data architecture, particularly your ability to scale
    • Current maturity of your risk and control program – how easy is it to enhance current processes?
    • The availability and quality of primary data
    • Data set gaps
    • In-house expertise in data, model risk, and change management
    • Current operating model – is it siloed or integrated?
    • Implementation time
    • Program cost
    • The availability of vendor solutions that may address gaps

    Info-Tech Insight

    Executive leadership should take a more holistic and proactive stance to not only accurately reporting upon baseline corporate financial metrics but also capturing and disclosing relevant ESG performance metrics to drive alternative streams of valuation across their respective organizational environments.

    Activity 6: High-level implementation considerations

    Input: Business (ESG) strategy, Data inventory (if exists), Asset inventory (if exists), Output from Activity 5
    Output: Summary of high-level implementation considerations
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Head of ESG Reporting, Business leaders, Data analysts, Data and IT architect/leaders,

    2-3 hours

    1. Review the implementation considerations on the previous slide to help determine the appropriate technology approach.
    2. For each implementation consideration, describe the current state.
    3. Discuss and draft the implications of reaching the desired future state by listing implications and organizational gaps.
    4. Discuss as a group if there is an obvious implementation approach.
    5. At this point, further analysis may be needed. Form a subcommittee or assign a leader to conduct further analysis.
    6. Record this information in the ESG Reporting Workbook.

    Download the ESG Reporting Workbook

    1.3.4 Ensure your implementation team has a high degree of trust and communication

    If external partners are needed, dedicate an internal resource to managing the vendor and partner relationships.

    Communication: Teams must have some type of communication strategy. This can be broken into:

    • Regularity: Having a set time each day to communicate progress and a set day to conduct retrospectives.
    • Ceremonies: Injecting awards and continually emphasizing delivery of value to encourage relationship building and constructive motivation.
    • Escalation: Voicing any concerns and having someone responsible for addressing those concerns.

    Proximity: Distributed teams create complexity as communication can break down. This can be mitigated by:

    • Location: Placing teams in proximity to close the barrier of geographical distance and time zone differences.
    • Inclusion: Making a deliberate attempt to pull remote team members into discussions and ceremonies.
    • Communication tools: Having the right technology (e.g. videoconference) to help bring teams closer together virtually.

    Trust: Members should trust other members are contributing to the project and completing their required tasks on time. Trust can be developed and maintained by:

    • Accountability: Having frequent quality reviews and feedback sessions. As work becomes more transparent, people become more accountable.
    • Role clarity: Having a clear definition of what everyone’s role is.

    1.4 Clear effective communication

    Improving investor transparency is one of the key drivers behind disclosure, so making the data easy to find and consumable is essential

    A diagram of reporting lifecycle.

    Your communication of ESG performance is intricately linked to corporate value creation. When designing your communications strategy, consider:

    • Your message – make it authentic and tell a consistent story.
    • How data will be used to support the narrative.
    • How your ESG program may impact internal and external programs and build a communication strategy that is fit for purpose. Example programs are:
      • Employee recruitment
      • New product rollout
      • New customer campaign
    • The design of the communication and how well it suits the audience. Communications may take the form of campaigns, thought leadership, infographics, etc.
    • The appropriateness of communication channels to your various audiences and the messages you want to convey. For example, social media, direct outreach, shareholder circular, etc.

    1.5 Continually evaluate

    A diagram of reporting lifecycle.

    A recent BDC survey of 121 large companies and public-sector buyers found that 82% require some disclosure from their suppliers on ESG, and that's expected to grow to 92% by 2024.
    Source: BDC, 2023

    ESG's link to corporate performance means that organizations must stay on top of ESG issues that may impact the long-term sustainability of their business.

    ESG components will continue to evolve, and as they do so will stakeholder views. It is important to continually survey your stakeholders to ensure you are optimally managing ESG risks and opportunities.

    To keep ESG on the strategy agenda, we recommend that organizations:

    • Appoint a chief sustainability officer (CSO) with a seat on executive leadership committees.
    • Embed ESG into existing governance and form a tactical ESG working group committee.
    • Ensure ESG risks are integrated into the enterprise risk management program.
    • Continually challenge your ESG strategy.
    • Regularly review risks and opportunities through proactive outreach to stakeholders.

    Download The ESG Imperative and Its Impact on Organizations

    Phase 2

    Streamline Requirements and Tool Selection

    A diagram that shows phase 1 to 3 of establishing ESG reporting program.

    This phase will walk you through the following activities:

    • Assess technology and tooling opportunities.
    • Prepare ESG reporting implementation plan.
    • Write ESG reporting presentation document.

    This phase involves the following participants: CIO, CCO, CSO, EA, IT application and data leaders, procurement, business leaders, marketing and communications, head of ESG reporting, and any dedicated ESG team members

    2.1 Streamline your requirements and tool section

    Spend the time up front to enable success and meet expectations

    Before sourcing any technology, it’s important to have a good understanding of your requirements.

    Key elements to consider:

    1. ESG reporting scope. Large enterprises will have more complex workflow requirements, but they also will have larger teams to potentially manage in-house. Smaller organizations will need easy-to-use, low-cost solutions.
    2. Industry and value chain. Look for industry-specific solutions, as they will be more tailored to your needs and will enable you to be up and running quicker.
    3. Coverage. Ensure the tool has adequate regulatory coverage to meet your current and future needs.
    4. Gap in functionality. Be clear on the problem you are trying to solve and/or the gap in workflow. Refer to the reporting lifecycle and be clear on your needs before sourcing technology.
    5. Resourcing. Factor in capacity during and after implementation and negotiate the appropriate support.

    Industry perspective

    The importance of ESG is something that will need to be considered for most, if not every decision in the future, and having reliable and available information is essential. While the industry will continue to see investment and innovation that drives operational efficiency and productivity, we will also see strong ESG themes in these emerging technologies to ensure they support both sustainable and socially responsible operations.

    With the breadth of technology Datamine already has addressing the ESG needs for the mining industry combined with our new technology, our customers can make effective and timely decisions through incorporating ESG data into their planning and scheduling activities to meet customer demands, while staying within the confines of their chosen ESG targets.

    Photo of Chris Parry

    Chris Parry
    VP of ESG, Datamine

    Photo of Datamine Photo of isystain

    Activity 7: Brainstorm tooling options

    Use the technology feature list below to identify areas along the ESG workflow where automated tools or third-party solutions may create efficiencies

    Technological Solutions Feature Bucket

    Basic Feature Description

    Advanced Feature Description

    Natural language processing (NLP) tools

    Ability to use NLP tools to track and monitor sentiment data from news and social media outlets.

    Leveraging NLP toolsets can provide organizations granular insights into workplace sentiment levels, which is a core component of any ESG strategy. A recent study by MarketPsych, a company that uses NLP technologies to analyze sentiment data from news and social media feeds, linked stock price performance to workplace sentiment levels.

    Distributed ledger technologies (DLTs)

    DLTs can help ensure greater reporting transparency, in line with stringent regulatory reporting requirements.

    DLT as an ESG enabler, with advanced capabilities such as an option to provide demand response services linked to electricity usage and supply forecasting.

    Cloud-based data management and reporting systems

    Cloud-based data management and reporting can support ESG initiatives by providing increased reporting transparency and a better understanding of diverse social and environmental risks.

    Leverage newfound toolsets such as Microsoft Cloud for Sustainability – a SaaS offering that enables organizations to seamlessly record, report, and reduce their emissions on a path toward net zero.

    IoT technologies

    Integration of IoT devices can help enhance the integrity of ESG reporting through the collection of descriptive and accurate ESG metrics (e.g. energy efficiency, indoor air quality, water quality and usage).

    Advanced management of real-time occupancy monitoring: for example, the ability to reduce energy consumption rates by ensuring energy is only used when spaces and individual cubicles are occupied.

    2.2 Vendors tools and technologies to support ESG reporting

    In a recent survey of over 1,000 global public- and private-sector leaders, 87% said they see AI as a helpful tool to fight climate change.
    Source: Boston Consulting Group

    Technology providers are part of the solution and can be leveraged to collect, analyze, disclose, track, and report on the vast amount of data.

    Increasingly organizations are using artificial intelligence to build climate resiliency:

    • AI is useful for the predictive modelling of potential climate events due to its ability to gather and analyze and synthesize large complete data sets.

    And protect organizations from vulnerabilities:

    • AI can be used to identify and assess vulnerabilities that may lead to business disruption or risks in production or the supply chain.

    A diagram of tooling, including DLT, natural language processing, cloud-based data management and IoT.

    2.3 ESG reporting software selection

    What Is ESG Reporting Software?

    Our definition: ESG reporting software helps organizations improve the transparency and accountability of their ESG program and track, measure, and report their sustainability efforts.

    Key considerations for reporting software selection:

    • While there are boutique ESG vendors in the market, organizations with existing GRC tools may first want to discuss ESG coverage with their existing vendor as it will enable better integration.
    • Ensure that the vendors you are evaluating support the requirements and regulations in your region, industry, and geography. Regulation is moving quickly – functionality needs to be available now and not just on the roadmap.
    • Determine the level of software integration support you need before meeting with vendors and ensure they will be able to provide it – when you need it!

    Adoption of ESG reporting software has historically been low, but these tools will become critical as organizations strive to meet increasing ESG reporting requirements.

    In a recent ESG planning and performance survey conducted by ESG SaaS company Diligent Corporation, it was found that over half of all organizations surveyed do not publish ESG metrics of any kind, and only 9% of participants are actively using software that supports ESG data collection, analysis, and reporting.

    Source: Diligent, 2021.

    2.3.1 Elicit and prioritize granular requirements for your ESG reporting software

    Understanding business needs through requirements gathering is the key to defining everything about what is being purchased. However, it is an area where people often make critical mistakes.

    Poorly scoped requirements

    Fail to be comprehensive and miss certain areas of scope.

    Focus on how the solution should work instead of what it must accomplish.

    Have multiple levels of detail within the requirements that are inconsistent and confusing.

    Drill all the way down into system-level detail.

    Add unnecessary constraints based on what is done today rather than focusing on what is needed for tomorrow.

    Omit constraints or preferences that buyers think are obvious.

    Best practices

    Get a clear understanding of what the system needs to do and what it is expected to produce.

    Test against the principle of MECE – requirements should be “mutually exclusive and collectively exhaustive.”

    Explicitly state the obvious and assume nothing.

    Investigate what is sold on the market and how it is sold. Use language that is consistent with that of the market and focus on key differentiators – not table stakes.

    Contain the appropriate level of detail – the level should be suitable for procurement and sufficient for differentiating vendors.

    Download Info-Tech's Improve Requirements Gathering blueprint

    2.3.1 Identify critical and nice-to-have features

    Central Data Repository: Collection of stored data from existing databases merged into one location that can then be shared, analyzed, or updated.

    Automatic Data Collection: Ability to automate data flows, collect responses from multiple sources at specified intervals, and check them against acceptance criteria.

    Automatic KPI Calculations, Conversions, and Updates: Company-specific metrics can be automatically calculated, converted, and tracked.

    Built-In Indicator Catalogs and Benchmarking: Provides common recognized frameworks or can integrate a catalog of ESG indicators.

    Custom Reporting: Ability to create reports on company emissions, energy, and asset data in company-branded templates.

    User-Based Access and Permissions: Ability to control access to specific content or data sets based on the end user’s roles.

    Real-Time Capabilities: Ability to analyze and visualize data as soon as it becomes available in underlying systems.

    Version Control: Tracking of document versions with each iteration of document changes.

    Intelligent Alerts and Notifications: Ability to create, manage, send, and receive notifications, enhancing efficiency and productivity.

    Audit Trail: View all previous activity including any recent edits and user access.

    Encrypted File Storage and Transfer: Ability to encrypt a file before transmitting it over the network to hide content from being viewed or extracted.

    Activity 7: Technology and tooling options

    Input: Business (ESG) strategy, Data inventory (if exists), Asset inventory (if exists), Output from Activity 5, Output from Activity 6,
    Output: List of tooling options
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Head of ESG Reporting, Business leaders, Data analysts, Data and IT architect/leaders

    1-2 hours

    1. Begin by listing key requirements and features for your ESG reporting program.
    2. Use the outputs from activities 5 and 6 and the technology feature list on the previous slide to help brainstorm technology and tooling options.
    3. Discuss the availability and readiness of each option. Note that regulatory requirements will have an effective date that will impact the time to market for introducing new tooling.
    4. Discuss and assign a priority.
    5. At this point, further analysis may be needed. Form a subcommittee or assign a leader to conduct further analysis.
    6. Record this information in the ESG Reporting Workbook.

    Download the ESG Reporting Workbook

    Activity 8: Implementation plan

    Input: Business (ESG) strategy, Output from Activity 5, Output from Activity 6, Output from Activity 7
    Output: ESG Reporting Implementation Plan
    Materials: Whiteboard/flip charts, ESG Reporting Implementation Plan Template
    Participants: Chief Sustainability Officer, Head of ESG Reporting, Business leaders, Data analysts, PMO, Data and IT architect/leaders

    1-2 hours

    1. Use the outputs from activities 5 to 7 and list required implementation tasks. Set a priority for each task.
    2. Assign the accountable owner as well as the group responsible. Larger organizations and large, complex change programs will have a group of owners.
    3. Track any dependencies and ensure the project timeline aligns.
    4. Add status as well as start and end dates.
    5. Complete in the ESG Reporting Implementation Plan Template.

    Download the ESG Reporting Implementation Plan Template

    Activity 9: Internal communication

    Input: Business (ESG) strategy, ESG Reporting Workbook, ESG reporting implementation plan
    Output: ESG Reporting Presentation Template
    Materials: Whiteboard/flip charts, ESG Reporting Presentation Template, Internal communication templates
    Participants: Chief Sustainability Officer, Head of Marketing/ Communications, Business leaders, PMO

    1-2 hours

    Since a purpose-driven ESG program presents a significant change in how organizations operate, the goals and intentions need to be understood throughout the organization. Once you have developed your ESG reporting strategy it is important that it is communicated, understood, and accepted. Use the ESG Reporting Presentation Template as a guide to deliver your story.

    1. Consider your audience and discuss and agree on the key elements you want to convey.
    2. Prepare the presentation.
    3. Test the presentation with smaller group before communicating to senior leadership/board

    Download the ESG Reporting Presentation Template

    Phase 3

    Select ESG Reporting Software

    A diagram that shows phase 1 to 3 of establishing ESG reporting program.

    This phase will provide additional material on Info-Tech’s expertise in the following areas:

    • Info-Tech’s approach to RFPs
    • Info-Tech tools for software selection
    • Example ESG software assessments

    3.1 Leverage Info-Tech’s expertise

    Develop an inclusive and thorough approach to the RFP process

    An image that a process of 7 steps.

    The Info-Tech difference:

    1. The secret to managing an RFP is to make it as manageable and as thorough as possible. The RFP process should be like any other aspect of business – with a standard process in place, you are better able to handle whatever comes your way, because you know the steps you need to follow to produce a top-notch RFP.
    2. The business then identifies the need for more information about a product/service or determines that a purchase is required.
    3. A team of stakeholders from each area impacted gather all business, technical, legal, and risk requirements. What are the expectations of the vendor relationship post-RFP? How will the vendors be evaluated?
    4. Based on predetermined requirements, either an RFI or an RFP is issued to vendors with a due date.

    Info-Tech Insight

    Review Info-Tech’s process and understand how you can prevent your organization from leaking negotiation leverage while preventing vendors from taking control of your RFP.

    Software Selection Engagement

    5 Advisory Calls Over a 5-Week Period to Accelerate Your Selection Process

    Expert Analyst Guidance over5 weeks on average to select and negotiate software.

    Save Money, Align Stakeholders, Speed Up the Process & make better decisions.

    Use a Repeatable, Formal Methodology to improve your application selection process.

    Better, Faster Results, guaranteed, included in membership.

    A diagram of selection engagement over a 5-week period.

    CLICK HERE to Book Your Selection Engagement

    Leverage the Contract Review Service to level the playing field with your shortlisted vendors

    You may be faced with multiple products, services, master service agreements, licensing models, service agreements, and more.

    Use the Contract Review Service to gain insights on your agreements.

    Consider the aspects of a contract review:

    1. Are all key terms included?
    2. Are they applicable to your business?
    3. Can you trust that results will be delivered?
    4. What questions should you be asking from an IT perspective?

    Validate that a contract meets IT’s and the business’ needs by looking beyond the legal terminology. Use a practical set of questions, rules, and guidance to improve your value for dollar spent.

    A photo of Contract Review Service.

    Click here to book The Contract Review Service

    Download blueprint Master Contract Review and Negotiation for Software Agreements

    3.2 Vendor spotlight assessments

    See above for a vendor landscape overview of key ESG reporting software providers

    The purpose of this section is to showcase various vendors and companies that provide software solutions to help users manage and prioritize their ESG reporting initiatives.

    This section showcases the core capabilities of each software platform to provide Info-Tech members with industry insights regarding some of the key service providers that operate within the ESG vendor market landscape.

    Info-Tech members who are concerned with risks stemming from the inability to sort and disseminate unstructured ESG data reporting metrics or interested in learning more about software offerings that can help automate the data collection, processing, and management of ESG metrics will find high-level insights into the ESG vendor market space.

    Vendor spotlight

    A photo of Datamine Isystain

    The establishment of the Datamine ESG unit comes at the same time the mining sector is showing an increased interest in managing ESG and its component systems as part of a single scope.

    With miners collecting and dealing with ever-increasing quantities of data and looking for ways to leverage it to make data-driven decisions that enhance risk management and increase profitability, integrated software solutions are – now more than ever – essential in supporting continuous improvement and maintaining data fidelity and data integrity across the entire mining value chain.

    An example of Datamine Isystain An example of Datamine Isystain An example of Datamine Isystain

    Key Features:

    • Discover GIS for geochemical, water, erosion, and vegetation modelling and management.
    • Qmed for workforce health management, COVID testing, and vaccine administration.
    • MineMarket and Reconcilor for traceability and auditing, giving visibility to chain of custody and governance across the value chain, from resource modelling to shipping and sales.
    • Centric Mining Systems – intelligence software for real-time transparency and governance across multiple sites and systems, including key ESG performance indicator reporting.
    • Zyght – a leading health, safety, and environment solution for high-impact industries that specializes in environment, injury, risk management, safe work plans, document management, compliance, and reporting.
    • Isystain – a cloud-based platform uniquely designed to support health, safety & environment, sustainability reporting, compliance and governance, and social investment reporting. Designed for seamless integration within an organization’s existing software ecosystems providing powerful analytics and reporting capabilities to streamline the production of sustainability and performance reporting.

    Vendor spotlight

    A logo of Benchmark ESG

    Benchmark ESG provides industry-leading ESG data management and reporting software that can assist organizations in managing operational risk and compliance, sustainability, product stewardship, and ensuring responsible sourcing across complex global operations.

    An example of Benchmark ESG An example of Benchmark ESG

    Key Features:

    Vendor spotlight

    A logo of PWC

    PwC’s ESG Management Solution provides quick insights into ways to improve reporting transparency surrounding your organization’s ESG commitments.

    According to PwC’s most recent CEO survey, the number one motivator for CEOs in mitigating climate change risks is their own desire to help solve this global problem and drive transparency with stakeholders.
    Source: “Annual Global CEO Survey,” PwC, 2022.

    An example of PWC An example of PWC

    Key Features:

    • Streamlined data mining capabilities. PwC’s ESG solution provides the means to streamline, automate, and standardize the input of sustainability data based on non-financial reporting directive (NFRD) and corporate sustainability reporting directive (CSRD) regulations.
    • Company and product carbon footprint calculation and verification modules.
    • Robust dashboarding capabilities. Option to create custom-tailored sustainability monitoring dashboards or integrate existing ESG data from an application to existing dashboards.
    • Team management functionalities that allow for more accessible cross-departmental communication and collaboration. Ability to check progress on tasks, assign tasks, set automatic notifications/deadlines, etc.

    Vendor spotlight

    A logo of ServiceNow

    ServiceNow ESG Management (ESGM) and reporting platform helps organizations transform the way they manage, visualize, and report on issues across the ESG spectrum.

    The platform automates the data collection process and the organization and storage of information in an easy-to-use system. ServiceNow’s ESGM solution also develops dashboards and reports for internal user groups and ensures that external disclosure reports are aligned with mainstream ESG standards and frameworks.

    We know that doing well as a business is about more than profits. One workflow at a time, we believe we can change the world – to be more sustainable, equitable, and ethical.
    Source: ServiceNow, 2021.

    An example of ServiceNow

    Key Features:

    1. An executive dashboard to help coherently outline the status of various ESG indicators, including material topics, goals, and disclosure policies all in one centralized hub
    2. Status review modules. Ensure that your organization has built-in modules to help them better document and monitor their ESG goals and targets using a single source of truth.
    3. Automated disclosure modules. ESGM helps organizations create more descriptive ESG disclosure reports that align with industry accountability standards (e.g. SASB, GRI, CDP).

    Other key vendors to consider

    An image of other 12 key vendors

    Related Info-Tech Research

    Photo of The ESG Imperative and Its Impact on Organizations

    The ESG Imperative and Its Impact on Organizations

    Use this blueprint to educate yourself on ESG factors and the broader concept of sustainability.

    Identify changes that may be needed in your organizational operating model, strategy, governance, and risk management approach.

    Learn about Info-Tech’s ESG program approach and use it as a framework to begin your ESG program journey.

    Photo of Private Equity and Venture Capital Growing Impact of ESG Report

    Private Equity and Venture Capital Growing Impact of ESG Report

    Increasingly, new capital has a social mandate attached to it due to the rise of ESG investment principles.

    Learn about how the growing impact of ESG affects both your organization and IT specifically, including challenges and opportunities, with expert assistance.

    Definitions

    Terms

    Definition

    Corporate Social Responsibility

    Management concept whereby organizations integrate social and environmental concerns in their operations and interactions with their stakeholders.

    Chief Sustainability Officer

    Steers sustainability commitments, helps with compliance, and helps ensure internal commitments are met. Responsibilities may extend to acting as a liaison with government and public affairs, fostering an internal culture, acting as a change agent, and leading delivery.

    ESG

    An acronym that stands for environment, social, and governance. These are the three components of a sustainability program.

    ESG Standard

    Contains detailed disclosure criteria including performance measures or metrics. Standards provide clear, consistent criteria and specifications for reporting. Typically created through consultation process.

    ESG Framework

    A broad contextual model for information that provides guidance and shapes the understanding of a certain topic. It sets direction but does not typically delve into the methodology. Frameworks are often used in conjunction with standards.

    ESG Factors

    The factors or issues that fall under the three ESG components. Measures the sustainability performance of an organization.

    ESG Rating

    An aggregated score based on the magnitude of an organization’s unmanaged ESG risk. Ratings are provided by third-party rating agencies and are increasingly being used for financing, transparency to investors, etc.

    ESG Questionnaire

    ESG surveys or questionnaires are administered by third parties and used to assess an organization’s sustainability performance. Participation is voluntary.

    Key Risk Indicator (KRI)

    A measure to indicate the potential presence, level, or trend of a risk.

    Key Performance Indicator (KPI)

    A measure of deviation from expected outcomes to help a firm see how it is performing.

    Materiality

    Material topics are topics that have a direct or indirect impact on an organization's ability to create, preserve, or erode economic, environmental, and social impact for itself and its stakeholder and society as a whole.

    Materiality Assessment

    A tool to identify and prioritize the ESG issues most critical to the organization.

    Risk Sensing

    The range of activities carried out to identify and understand evolving sources of risk that could have a significant impact on the organization (e.g. social listening).

    Sustainability

    The ability of an organization and broader society to endure and survive over the long term by managing adverse impacts well and promoting positive opportunities.

    Sustainalytics

    Now part of Morningstar. Sustainalytics provides ESG research, ratings, and data to institutional investors and companies.

    UN Guiding Principles on Business and Human Rights (UNGPs)

    An essential methodological foundation for how impacts across all dimensions should be assessed.

    Reporting and standard frameworks

    Standard

    Definition and focus

    CDP
    (Formally Carbon Disclosure Project)

    CDP has created standards and metrics for comparing sustainability impact. Focuses on environmental data (e.g. carbon, water, and forests) and on data disclosure and benchmarking.

    Audience: All stakeholders

    Dow Jones Sustainability Indices (DJSI)

    Heavy on corporate governance and company performance. Equal balance of economic, environmental, and social.

    Audience: All stakeholders

    Global Reporting Initiative (GRI)

    International standards organization that has a set of standards to help organizations understand and communicate their impacts on climate change and social responsibility. The standard has a strong emphasis on transparency and materiality, especially on social issues.

    Audience: All stakeholders

    International Sustainability Standards Board (ISSB)

    Standard-setting board that sits within the International Financial Reporting Standards (IFRS) Foundation. The IFRS Foundation is a not-for-profit, public-interest organization established to develop high-quality, understandable, enforceable, and globally accepted accounting and sustainability disclosure standards.

    Audience: Investor-focused

    United Nations Sustainable Development Goals (SDGs)

    Global partnership across sectors and industries that sets out 17 goals to achieve sustainable development for all.

    Audience: All stakeholders

    Sustainability Accounting Standards Board (SASB)
    Now part of IFSR foundation

    Industry-specific standards to help corporations select topics that may impact their financial performance. Focus on material impacts on financial condition or operating performance.

    Audience: Investor-focused

    Task Force on Climate-Related Financial Disclosures (TCFD; created by the Financial Stability Board)

    Standards framework focused on the impact of climate risk on financial and operating performance. More broadly the disclosures inform investors of positive and negative measures taken to build climate resilience and make transparent the exposure to climate-related risk.

    Audience: Investors, financial stakeholders

    Bibliography

    "2021 Global Investor Survey: The Economic Realities of ESG." PwC, Dec. 2021. Accessed May 2022.

    "2023 Canadian ESG Reporting Insights." PwC, Nov. 2022. Accessed Dec. 2022.

    Althoff, Judson. "Microsoft Cloud for Sustainability: Empowering Organizations On Their Path To Net Zero." Microsoft Blog, 14 July 2021. Accessed May 2022.

    "Balancing Sustainability and Profitability." IBM, Feb. 2022. Accessed June. 2022.

    "Beyond Compliance: Consumers and Employees Want Business to Do More on ESG." PwC, Nov. 2021. Accessed July 2022.

    Bizo, Daniel. "Multi-Tenant Datacenters and Sustainability: Ambitions and Reality." S&P Market Intelligence, Sept. 2020. Web.

    Bolden, Kyle. "Aligning nonfinancial reporting with your ESG strategy to communicate long-term value." EY, 18 Dec. 2020. Web.

    Carril, Christopher, et al. "Looking at Restaurants Through an ESG Lens: ESG Stratify – Equity Research Report." RBC Capital Markets, 5 Jan. 2021. Accessed Jun. 2022.

    "Celebrating and Advancing Women." McDonald’s, 8 March 2019. Web.

    Clark, Anna. "Get your ESG story straight: A sustainability communication starter kit." GreenBiz, 20 Dec. 2022, Accessed Dec. 2022.

    Courtnell, Jane. “ESG Reporting Framework, Standards, and Requirements.” Corporate Compliance Insights, Sept. 2022. Accessed Dec. 2022.

    “Country Sustainability Ranking. Country Sustainability: Visibly Harmed by Covid-19.” Robeco, Oct. 2021. Accessed June 2022.

    “Defining the “G” in ESG Governance Factors at the Heart of Sustainable Business.” World Economic Forum, June 2022. Web.

    “Digital Assets: Laying ESG Foundations.” Global Digital Finance, Nov. 2021. Accessed April 2022.

    “Dow Jones Sustainability Indices (DJCI) Index Family.” S&P Global Intelligence, n.d. Accessed June 2022.

    "ESG in Your Business: The Edge You Need to Land Large Contracts." BDC, March 2023, Accessed April 2023.

    “ESG Performance and Its Impact on Corporate Reputation.” Intelex Technologies, May 2022. Accessed July 2022.

    “ESG Use Cases. IoT – Real-Time Occupancy Monitoring.” Metrikus, March 2021. Accessed April 2022.

    Fanter, Tom, et al. “The History & Evolution of ESG.” RMB Capital, Dec. 2021. Accessed May 2022.

    Flynn, Hillary, et al. “A guide to ESG materiality assessments.” Wellington Management, June 2022, Accessed September 2022

    “From ‘Disclose’ to ‘Disclose What Matters.’” Global Reporting Initiative, Dec. 2018. Accessed July 2022.

    “Getting Started with ESG.” Sustainalytics, 2022. Web.

    “Global Impact ESG Fact Sheet.” ServiceNow, Dec. 2021. Accessed June 2022.

    Gorley, Adam. “What is ESG and Why It’s Important for Risk Management.” Sustainalytics, March 2022. Accessed May 2022.

    Hall, Lindsey. “You Need Near-Term Accountability to Meet Long-Term Climate Goals.” S&P Global Sustainable1, Oct. 2021. Accessed April 2022.

    Henisz, Witold, et al. “Five Ways That ESG Creates Value.” McKinsey, Nov. 2019. Accessed July 2022.

    “Integrating ESG Factors in the Investment Decision-Making Process of Institutional Investors.” OECD iLibrary, n.d. Accessed July 2022.

    “Investor Survey.” Benchmark ESG, Nov. 2021. Accessed July 2022.

    Jackson, Brian. Tech Trends 2023, Info-Tech Research Group, Dec. 2022, Accessed Dec. 2022.

    Keet, Lior. “What Is the CIO’s Role in the ESG Equation?” EY, 2 Feb. 2022. Accessed May 2022.

    Lev, Helee, “Understanding ESG risks and why they matter” GreenBiz, June 2022. Accessed Dec 2022.

    Marsh, Chris, and Simon Robinson. “ESG and Technology: Impacts and Implications.” S&P Global Market Intelligence, March 2021. Accessed April 2022.

    Martini, A. “Socially Responsible Investing: From the Ethical Origins to the Sustainable Development Framework of the European Union.” Environment, Development and Sustainability, vol. 23, Nov. 2021. Web.

    Maher, Hamid, et al. “AI Is Essential for Solving the Climate Crisis.” Boston Consulting Group, 7 July 2022. Web.

    “Materiality Assessment. Identifying and Taking Action on What Matters Most.” Novartis, n.d. Accessed June. 2022.

    Morrow, Doug, et al. “Understanding ESG Incidents: Key Lessons for Investors.” Sustainalytics, July 2017. Accessed May 2022.

    “Navigating Climate Data Disclosure.” Novisto, July 2022. Accessed Nov. 2022.

    Nuttall, Robin, et al. “Why ESG Scores Are Here to Stay.” McKinsey & Company, May 2020. Accessed July 2022.

    “Opportunities in Sustainability – 451 Research’s Analysis of Sustainability Perspectives in the Data Center Industry.” Schneider Electric, Sept. 2020. Accessed May 2022.

    Peterson, Richard. “How Can NLP Be Used to Quantify ESG Analytics?” Refinitiv, Feb. 2021. Accessed June 2022.

    “PwC’s 25th Annual Global CEO Survey: Reimagining the Outcomes That Matter.” PwC, Jan. 2022. Accessed June 2022.

    “SEC Proposes Rules on Cybersecurity, Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies.” Securities and Exchange Commission, 9 May 2022. Press release.

    Serafeim, George. “Social-Impact Efforts That Create Real Value.” Harvard Business Review, Sept. 2020. Accessed May 2022.

    Sherrie, Gonzalez. “ESG Planning and Performance Survey.” Diligent, 24 Sept. 2021. Accessed July 2022.

    “Special Reports Showcase, Special Report: Mid-Year Report on Proposed SEC Rule 14-8 Change.” Sustainable Investments Institute, July 2020. Accessed April 2022.

    “State of European Tech. Executive Summary Report.” Atomico, Nov. 2021. Accessed June 2022.

    “Top Challenges in ESG Reporting, and How ESG Management Solution Can Help.” Novisto, Sept. 2022. Accessed Nov. 2022.

    Vaughan-Smith, Gary. “Navigating ESG data sets and ‘scores’.” Silverstreet Capital, 23 March 2022. Accessed Dec. 2022.

    Waters, Lorraine. “ESG is not an environmental issue, it’s a data one.” The Stack, 20 May 2021. Web.

    Wells, Todd. “Why ESG, and Why Now? New Data Reveals How Companies Can Meet ESG Demands – And Innovate Supply Chain Management.” Diginomica, April 2022. Accessed July 2022.

    “XBRL is coming to corporate sustainability Reporting.” Novisto, Aug. 2022. Accessed Dec. 2022.

    Research Contributors and Experts

    Photo of Chris Parry

    Chris Parry
    VP of ESG, Datamine

    Chris Parry has recently been appointed as the VP of ESG at Datamine Software. Datamine’s dedicated ESG division provides specialized ESG technology for sustainability management by supporting key business processes necessary to drive sustainable outcomes.

    Chris has 15 years of experience building and developing business for enterprise applications and solutions in both domestic and international markets.

    Chris has a true passion for business-led sustainable development and is focused on helping organizations achieve their sustainable business outcomes through business transformation and digital software solutions.

    Datamine’s comprehensive ESG capability supports ESG issues such as the environment, occupational health and safety, and medical health and wellbeing. The tool assists with risk management, stakeholder management and business intelligence.

    Evolve Your Business Through Innovation

    • Buy Link or Shortcode: {j2store}330|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Innovation
    • Parent Category Link: /innovation
    • Innovation teams are tasked with the responsibility of ensuring that their organizations are in the best position to succeed while the world is in a period of turmoil, chaos, and uncertainty.
    • CIOs have been expected to help the organization transition to remote work and collaboration instantaneously.
    • CEOs are under pressure to redesign, and in some cases reinvent, their business model to cope with and compete in a new normal.

    Our Advice

    Critical Insight

    It is easy to get swept up during a crisis and cling to past notions of normal. Unfortunately, there is no controlling the fact that things have changed fundamentally, and it is now incumbent upon you to help your organization adapt and evolve. Treat this as an opportunity because that is precisely what this is.

    Impact and Result

    There are some lessons we can learn from innovators who have succeeded through past crises and from those who are succeeding now.

    There are a number of tactics an innovation team can employ to help their business evolve during this time:

    1. Double down on digital transformation (DX)
    2. Establish a foresight capability
    3. Become a platform for good

    Evolve Your Business Through Innovation Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Evolve your business through innovation

    Download our guide to learn what you can do to evolve your business and innovate your way through uncertainty.

    • Evolve Your Business Through Innovation Storyboard
    [infographic]

    Domino – Maintain, Commit to, or Vacate?

    If you have a Domino/Notes footprint that is embedded within your business units and business processes and is taxing your support organization, you may have met resistance from the business and been asked to help the organization migrate away from the Lotus Notes platform. The Lotus Notes platform was long used by technology and businesses and a multipurpose solution that, over the years, became embedded within core business applications and processes.

    Our Advice

    Critical Insight

    For organizations that are struggling to understand their options for the Domino platform, the depth of business process usage is typically the biggest operational obstacle. Migrating off the Domino platform is a difficult option for most organizations due to business process and application complexity. In addition, migrating clients have to resolve the challenges with more than one replaceable solution.

    Impact and Result

    The most common tactic is for the organization to better understand their Domino migration options and adopt an application rationalization strategy for the Domino applications entrenched within the business. Options include retiring, replatforming, migrating, or staying with your Domino platform.

    Domino – Maintain, Commit to, or Vacate? Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Domino – Maintain, Commit to, or Vacate? – A brief deck that outlines key migration options for HCL Domino platforms.

    This blueprint will help you assess the fit, purpose, and price of Domino options; develop strategies for overcoming potential challenges; and determine the future of Domino for your organization.

    • Domino – Maintain, Commit to, or Vacate? Storyboard

    2. Application Rationalization Tool – A tool to understand your business-developed applications, their importance to business process, and the potential underlying financial impact.

    Use this tool to input the outcomes of your various application assessments.

    • Application Rationalization Tool

    Infographic

    Further reading

    Domino – Maintain, Commit to, or Vacate?

    Lotus Domino still lives, and you have options for migrating away from or remaining with the platform.

    Executive Summary

    Info-Tech Insight

    “HCL announced that they have somewhere in the region of 15,000 Domino customers worldwide, and also claimed that that number is growing. They also said that 42% of their customers are already on v11 of Domino, and that in the year or so since that version was released, it’s been downloaded 78,000 times. All of which suggests that the Domino platform is, in fact, alive and well.”
    – Nigel Cheshire in Team Studio

    Your Challenge

    You have a Domino/Notes footprint embedded within your business units and business processes. This is taxing your support organization; you are meeting resistance from the business, and you are now asked to help the organization migrate away from the Lotus Notes platform. The Lotus Notes platform was long used by technology and businesses as a multipurpose solution that, over the years, became embedded within core business applications and processes.

    Common Obstacles

    For organizations that are struggling to understand their options for the Domino platform, the depth of business process usage is typically the biggest operational obstacle. Migrating off the Domino platform is a difficult option for most organizations due to business process and application complexity. In addition, migrating clients have to resolve the challenges with more than one replaceable solution.

    Info-Tech Approach

    The most common tactic is for the organization to better understand their Domino migration options and adopt an application rationalization strategy for the Domino applications entrenched within the business. Options include retiring, replatforming, migrating, or staying with your Domino platform.

    Review

    Is “Lotus” Domino still alive?

    Problem statement

    The number of member engagements with customers regarding the Domino platform has, as you might imagine, dwindled in the past couple of years. While many members have exited the platform, there are still many members and organizations that have entered a long exit program, but with how embedded Domino is in business processes, the migration has slowed and been met with resistance. Some organizations had replatformed the applications but found that the replacement target state was inadequate and introduced friction because the new solution was not a low-code/business-user-driven environment. This resulted in returning the Domino platform to production and working through a strategy to maintain the environment.

    This research is designed for:

    • IT strategic direction decision-makers
    • IT managers responsible for an existing Domino platform
    • Organizations evaluating migration options for mission-critical applications running on Domino

    This research will help you:

    1. Evaluate migration options.
    2. Assess the fit and purpose.
    3. Consider strategies for overcoming potential challenges.
    4. Determine the future of this platform for your organization.

    The “everything may work” scenario

    Adopt and expand

    Believe it or not, Domino and Notes are still options to consider when determining a migration strategy. With HCL still committed to the platform, there are options organizations should seek to better understand rather than assuming SharePoint will solve all. In our research, we consider:

    Importance to current business processes

    • Importance of use
    • Complexity in migrations
    • Choosing a new platform

    Available tools to facilitate

    • Talent/access to skills
    • Economies of scale/lower cost at scale
    • Access to technology

    Info-Tech Insight

    With multiple options to consider, take the time to clearly understand the application rationalization process within your decision making.

    • Archive/retire
    • Application migration
    • Application replatform
    • Stay right where you are

    Eliminate your bias – consider the advantages

    “There is a lot of bias toward Domino; decisions are being made by individuals who know very little about Domino and more importantly, they do not know how it impacts business environment.”

    – Rob Salerno, Founder & CTO, Rivet Technology Partners

    Domino advantages include:

    Modern Cloud & Application

    • No-code/low-code technology

    Business-Managed Application

    • Business written and supported
    • Embrace the business support model
    • Enterprise class application

    Leverage the Application Taxonomy & Build

    • A rapid application development platform
    • Develop skill with HCL training

    HCL Domino is a supported and developed platform

    Why consider HCL?

    • Consider scheduling a Roadmap Session with HCL. This is an opportunity to leverage any value in the mission and brand of your organization to gain insights or support from HCL.
    • Existing Domino customers are not the only entities seeking certainty with the platform. Software solution providers that support enterprise IT infrastructure ecosystems (backup, for example) will also be seeking clarity for the future of the platform. HCL will be managing these relationships through the channel/partner management programs, but our observations indicate that Domino integrations are scarce.
    • HCL Domino should be well positioned feature-wise to support low-code/NoSQL demands for enterprises and citizen developers.

    Visualize Your Application Roadmap

    1. Focus on the application portfolio and crafting a roadmap for rationalization.
      • The process is intended to help you determine each application’s functional and technical adequacy for the business process that it supports.
    2. Document your findings on respective application capability heatmaps.
      • This drives your organization to a determination of application dispositions and provides a tool to output various dispositions for you as a roadmap.
    3. Sort the application portfolio into a disposition status (keep, replatform, retire, consolidate, etc.)
      • This information will be an input into any cloud migration or modernization as well as consolidation of the infrastructure, licenses, and support for them.

    Our external support perspective

    by Darin Stahl

    Member Feedback

    • Some members who have remaining Domino applications in production – while the retire, replatform, consolidate, or stay strategy is playing out – have concerns about the challenges with ongoing support and resources required for the platform. In those cases, some have engaged external services providers to augment staff or take over as managed services.
    • While there could be existing support resources (in house or on retainer), the member might consider approaching an external provider who could help backstop the single resource or even provide some help with the exit strategies. At this point, the conversation would be helpful in any case. One of our members engaged an external provider in a Statement of Work for IBM Domino Administration focused on one-time events, Tier 1/Tier 2 support, and custom ad hoc requests.
    • The augmentation with the managed services enabled the member to shift key internal resources to a focus on executing the exit strategies (replatform, retire, consolidate), since the business knowledge was key to that success.
    • The member also very aggressively governed the Domino environment support needs to truly technical issues/maintenance of known and supported functionality rather than coding new features (and increasing risk and cost in a migration down the road) – in short, freezing new features and functionality unless required for legal compliance or health and safety.
    • There obviously are other providers, but at this point Info-Tech no longer maintains a market view or scan of those related to Domino due to low member demand.

    Domino database assessments

    Consider the database.

    • Domino database assessments should be informed through the lens of a multi-value database, like jBase, or an object system.
    • The assessment of the databases, often led by relational database subject matter experts grounded in normalized databases, can be a struggle since Notes databases must be denormalized.
    Key/Value Column

    Use case: Heavily accessed, rarely updated, large amounts of data
    Data Model: Values are stored in a hash table of keys.
    Fast access to small data values, but querying is slow
    Processor friendly
    Based on amazon's Dynamo paper
    Example: Project Voldemort used by LinkedIn

    this is a Key/Value example

    Use case: High availability, multiple data centers
    Data Model: Storage blocks of data are contained in columns
    Handles size well
    Based on Google's BigTable
    Example: Hadoop/Hbase used by Facebook and Yahoo

    This is a Column Example
    Document Graph

    Use case: Rapid development, Web and programmer friendly
    Data Model: Stores documents made up of tagged elements. Uses Key/Value collections
    Better query abilities than Key/Value databases.
    Inspired by Lotus Notes.
    Example: CouchDB used by BBC

    This is a Document Example

    Use case: Best at dealing with complexity and relationships/networks
    Data model: Nodes and relationships.
    Data is processed quickly
    Inspired by Euler and graph theory
    Can easily evolve schemas
    Example: Neo4j

    This is a Graph Example

    Understand your options

    Archive/Retire

    Store the application data in a long-term repository with the means to locate and read it for regulatory and compliance purposes.

    Migrate

    Migrate to a new version of the application, facilitating the process of moving software applications from one computing environment to another.

    Replatform

    Replatforming is an option for transitioning an existing Domino application to a new modern platform (i.e. cloud) to leverage the benefits of a modern deployment model.

    Stay

    Review the current Domino platform roadmap and understand HCL’s support model. Keep the application within the Domino platform.

    Archive/retire

    Retire the application, storing the application data in a long-term repository.

    Abstract

    The most common approach is to build the required functionality in whatever new application/solution is selected, then archive the old data in PDFs and documents.

    Typically this involves archiving the data and leveraging Microsoft SharePoint and the new collaborative solutions, likely in conjunction with other software-as-a-service (SaaS) solutions.

    Advantages

    • Reduce support cost.
    • Consolidate applications.
    • Reduce risk.
    • Reduce compliance and security concerns.
    • Improve business processes.

    Considerations

    • Application transformation
    • eDiscovery costs
    • Legal implications
    • Compliance implications
    • Business process dependencies

    Info-Tech Insights

    Be aware of the costs associated with archiving. The more you archive, the more it will cost you.

    Application migration

    Migrate to a new version of the application

    Abstract

    An application migration is the managed process of migrating or moving applications (software) from one infrastructure environment to another.

    This can include migrating applications from one data center to another data center, from a data center to a cloud provider, or from a company’s on-premises system to a cloud provider’s infrastructure.

    Advantages

    • Reduce hardware costs.
    • Leverage cloud technologies.
    • Improve scalability.
    • Improve disaster recovery.
    • Improve application security.

    Considerations

    • Data extraction, starting from the document databases in NSF format and including security settings about users and groups granted to read and write single documents, which is a powerful feature of Lotus Domino documents.
    • File extraction, starting from the document databases in NSF format, which can contain attachments and RTF documents and embedded files.
    • Design of the final relational database structure; this activity should be carried out without taking into account the original structure of the data in Domino files or the data conversion and loading, from the extracted format to the final model.
    • Design and development of the target-state custom applications based on the new data model and the new selected development platform.

    Application replatform

    Transition an existing Domino application to a new modern platform

    Abstract

    This type of arrangement is typically part of an application migration or transformation. In this model, client can “replatform” the application into an off-premises hosted provider platform. This would yield many benefits of cloud but in a different scaling capacity as experienced with commodity workloads (e.g. Windows, Linux) and the associated application.

    Two challenges are particularly significant when migrating or replatforming Domino applications:

    • The application functionality/value must be reproduced/replaced with not one but many applications, either through custom coding or a commercial-off-the-shelf/SaaS solution.
    • Notes “databases” are not relational databases and will not migrate simply to an SQL database while retaining the same business value. Notes databases are essentially NoSQL repositories and are difficult to normalize.

    Advantages

    • Leverage cloud technologies.
    • Improve scalability.
    • Align to a SharePoint platform.
    • Improve disaster recovery.
    • Improve application security.

    Considerations

    • Application replatform resource effort
    • Network bandwidth
    • New platform terms and conditions
    • Secure connectivity and communication
    • New platform security and compliance
    • Degree of complexity

    Info-Tech Insights

    There is a difference between a migration and a replatform application strategy. Determine which solution aligns to the application requirements.

    Stay with HCL

    Stay with HCL, understanding its future commitment to the platform.

    Abstract

    Following the announced acquisition of IBM Domino and up until around December 2019, HCL had published no future roadmap for the platform. The public-facing information/website at the time stated that HCL acquired “the product family and key lab services to deliver professional services.” Again, there was no mention or emphasis on upcoming new features for the platform. The product offering on their website at the time stated that HCL would leverage its services expertise to advise clients and push applications into four buckets:

    1. Replatform
    2. Retire
    3. Move to cloud
    4. Modernize

    That public-facing messaging changed with release 11.0, which had references to IBM rebranded to HCL for the Notes and Domino product – along with fixes already inflight. More information can be found on HCL’s FAQ page.

    Advantages

    • Known environment
    • Domino is a supported platform
    • Domino is a developed platform
    • No-code/low-code optimization
    • Business developed applications
    • Rapid application framework

    This is the HCL Domino Logo

    Understand your tools

    Many tools are available to help evaluate or migrate your Domino Platform. Here are a few common tools for you to consider.

    Notes Archiving & Notes to SharePoint

    Summary of Vendor

    “SWING Software delivers content transformation and archiving software to over 1,000 organizations worldwide. Our solutions uniquely combine key collaborative platforms and standard document formats, making document production, publishing, and archiving processes more efficient.”*

    Tools

    Lotus Notes Data Migration and Archiving: Preserve historical data outside of Notes and Domino

    Lotus Note Migration: Replacing Lotus Notes. Boost your migration by detaching historical data from Lotus Notes and Domino.

    Headquarters

    Croatia

    Best fit

    • Application archive and retire
    • Migration to SharePoint

    This is an image of the SwingSoftware Logo

    * swingsoftware.com

    Domino Migration to SharePoint

    Summary of Vendor

    “Providing leading solutions, resources, and expertise to help your organization transform its collaborative environment.”*

    Tools

    Notes Domino Migration Solutions: Rivit’s industry-leading solutions and hardened migration practice will help you eliminate Notes Domino once and for all.

    Rivive Me: Migrate Notes Domino applications to an enterprise web application

    Headquarters

    Canada

    Best fit

    • Application Archive & Retire
    • Migration to SharePoint

    This is an image of the RiVit Logo

    * rivit.ca

    Lotus Notes to M365

    Summary of Vendor

    “More than 300 organizations across 40+ countries trust skybow to build no-code/no-compromise business applications & processes, and skybow’s community of customers, partners, and experts grows every day.”*

    Tools

    SkyBow Studio: The low-code platform fully integrated into Microsoft 365

    Headquarters:

    Switzerland

    Best fit

    • Application Archive & Retire
    • Migration to SharePoint

    This is an image of the SkyBow Logo

    * skybow.com | About skybow

    Notes to SharePoint Migration

    Summary of Vendor

    “CIMtrek is a global software company headquartered in the UK. Our mission is to develop user-friendly, cost-effective technology solutions and services to help companies modernize their HCL Domino/Notes® application landscape and support their legacy COBOL applications.”*

    Tools

    CIMtrek SharePoint Migrator: Reduce the time and cost of migrating your IBM® Lotus Notes® applications to Office 365, SharePoint online, and SharePoint on premises.

    Headquarters

    United Kingdom

    Best fit

    • Application replatform
    • Migration to SharePoint

    This is an image of the CIMtrek Logo

    * cimtrek.com | About CIMtrek

    Domino replatform/Rapid application selection framework

    Summary of Vendor

    “4WS.Platform is a rapid application development tool used to quickly create multi-channel applications including web and mobile applications.”*

    Tools

    4WS.Platform is available in two editions: Community and Enterprise.
    The Platform Enterprise Edition, allows access with an optional support pack.

    4WS.Platform’s technical support provides support services to the users through support contracts and agreements.

    The platform is a subscription support services for companies using the product which will allow customers to benefit from the knowledge of 4WS.Platform’s technical experts.

    Headquarters

    Italy

    Best fit

    • Application replatform

    This is an image of the 4WS PLATFORM Logo

    * 4wsplatform.org

    Activity

    Understand your Domino options

    Application Rationalization Exercise

    Info-Tech Insight

    Application rationalization is the perfect exercise to fully understand your business-developed applications, their importance to business process, and the potential underlying financial impact.

    This activity involves the following participants:

    • IT strategic direction decision-makers.
    • IT managers responsible for an existing Domino platform
    • Organizations evaluating platforms for mission-critical applications.

    Outcomes of this step:

    • Completed Application Rationalization Tool

    Application rationalization exercise

    Use this Application Rationalization Tool to input the outcomes of your various application assessments

    In the Application Entry tab:

    • Input your application inventory or subset of apps you intend to rationalize, along with some basic information for your apps.

    In the Business Value & TCO Comparison tab, determine rationalization priorities.

    • Input your business value scores and total cost of ownership (TCO) of applications.
    • Review the results of this analysis to determine which apps should require additional analysis and which dispositions should be prioritized.

    In the Disposition Selection tab:

    • Add to or adapt our list of dispositions as appropriate.

    In the Rationalization Inputs tab:

    • Add or adapt the disposition criteria of your application rationalization framework as appropriate.
    • Input the results of your various assessments for each application.

    In the Disposition Settings tab:

    • Add or adapt settings that generate recommended dispositions based on your rationalization inputs.

    In the Disposition Recommendations tab:

    • Review and compare the rationalization results and confirm if dispositions are appropriate for your strategy.

    In the Timeline Considerations tab:

    • Enter the estimated timeline for when you execute your dispositions.

    In the Portfolio Roadmap tab:

    • Review and present your roadmap and rationalization results.

    Follow the instructions to generate recommended dispositions and populate an application portfolio roadmap.

    This image depicts a scatter plot graph where the X axis is labeled Business Value, and the Y Axis is labeled Cost. On the graph, the following datapoints are displayed: SF; HRIS; ERP; ALM; B; A; C; ODP; SAS

    Info-Tech Insight

    Watch out for misleading scores that result from poorly designed criteria weightings.

    Related Info-Tech Research

    Build an Application Rationalization Framework

    Manage your application portfolio to minimize risk and maximize value.

    Embrace Business-Managed Applications

    Empower the business to implement their own applications with a trusted business-IT relationship.

    Satisfy Digital End Users With Low- and No-Code

    Extend IT, automation, and digital capabilities to the business with the right tools, good governance, and trusted organizational relationships.

    Maximize the Benefits from Enterprise Applications with a Center of Excellence

    Optimize your organization’s enterprise application capabilities with a refined and scalable methodology.

    Drive Successful Sourcing Outcomes With a Robust RFP Process

    Leverage your vendor sourcing process to get better results.

    Research Authors

    Darin Stahl, Principal Research Advisor, Info-Tech Research Group

    Darin Stahl, Principal Research Advisor,
    Info-Tech Research Group

    Darin is a Principal Research Advisor within the Infrastructure practice, leveraging 38+ years of experience. His areas of focus include IT operations management, service desk, infrastructure outsourcing, managed services, cloud infrastructure, DRP/BCP, printer management, managed print services, application performance monitoring, managed FTP, and non-commodity servers (zSeries, mainframe, IBM i, AIX, Power PC).

    Troy Cheeseman, Practice Lead, Info-Tech Research Group

    Troy Cheeseman, Practice Lead,
    Info-Tech Research Group

    Troy has over 24 years of experience and has championed large enterprise-wide technology transformation programs, remote/home office collaboration and remote work strategies, BCP, IT DRP, IT operations and expense management programs, international right placement initiatives, and large technology transformation initiatives (M&A). Additionally, he has deep experience working with IT solution providers and technology (cloud) startups.

    Research Contributors

    Rob Salerno, Founder & CTO, Rivit Technology Partners

    Rob Salerno, Founder & CTO, Rivit Technology Partners

    Rob is the Founder and Chief Technology Strategist for Rivit Technology Partners. Rivit is a system integrator that delivers unique IT solutions. Rivit is known for its REVIVE migration strategy which helps companies leave legacy platforms (such as Domino) or move between versions of software. Rivit is the developer of the DCOM Application Archiving solution.

    Bibliography

    Cheshire, Nigel. “Domino v12 Launch Keeps HCL Product Strategy On Track.” Team Studio, 19 July 2021. Web.

    “Is LowCode/NoCode the best platform for you?” Rivit Technology Partners, 15 July 2021. Web.

    McCracken, Harry. “Lotus: Farewell to a Once-Great Tech Brand.” TIME, 20 Nov. 2012. Web.

    Sharwood, Simon. “Lotus Notes refuses to die, again, as HCL debuts Domino 12.” The Register, 8 June 2021. Web.

    Woodie, Alex. “Domino 12 Comes to IBM i.” IT Jungle, 16 Aug. 2021. Web.

    Security Priorities 2022

    • Buy Link or Shortcode: {j2store}244|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Security Strategy & Budgeting
    • Parent Category Link: /security-strategy-and-budgeting
    • Ransomware activities and the cost of breaches are on the rise.
    • Cybersecurity talent is hard to find, and an increasing number of cybersecurity professionals are considering leaving their jobs.
    • Moving to the digital world increases the risk of a breach.

    Our Advice

    Critical Insight

    • The pandemic has fundamentally changed the technology landscape. Security programs must understand how their threat surface is now different and adapt their controls to meet the challenge.
    • The upside to the upheaval in 2021 is new opportunities to modernize your security program.

    Impact and Result

    • Use the report to ensure your plan in 2022 addresses what’s important in cybersecurity.
    • Understand the current situation in the cybersecurity space.

    Security Priorities 2022 Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Security Priorities 2022 – A report that describes priorities and recommendations for CISOs in 2022.

    Use this report to understand the current situation in the cybersecurity space and inform your plan for 2022. This report includes sections on protecting against and responding to ransomware, acquiring and retaining talent, securing a remote workforce, securing digital transformation, and adopting zero trust.

    • Security Priorities for 2022 Report

    Infographic

    Further reading

    Security Priorities 2022

    The pandemic has changed how we work

    disruptions to the way we work caused by the pandemic are here to stay.

    The pandemic has introduced a lot of changes to our lives over the past two years, and this is also true for various aspects of how we work. In particular, a large workforce moved online overnight, which shifted the work environment rapidly.

    People changed how they communicate, how they access company information, and how they connect to the company network. These changes make cybersecurity a more important focus than ever.

    Although changes like the shift to remote work occurred in response to the pandemic, they are largely expected to remain, regardless of the progression of the pandemic itself. This report will look into important security trends and the priorities that stemmed from these trends.

    30% more professionals expect transformative permanent change compared to one year ago.

    47% of professionals expect a lot of permanent change; this remains the same as last year. (Source: Info-Tech Tech Trends 2022 Survey; N=475)

    The cost of a security breach is rising steeply

    The shift to remote work exposes organizations to more costly cyber incidents than ever before.

    $4.24 million

    Average cost of a data breach in 2021
    The cost of a data breach rose by nearly 10% in the past year, the highest rate in over seven years.

    $1.07 million

    More costly when remote work involved in the breach

    The average cost of breaches where remote work is involved is $1.07 million higher than breaches where remote work is not involved.

    The ubiquitous remote work that we saw in 2021 and continue to see in 2022 can lead to more costly security events. (Source: IBM, 2021)

    Remote work is here to stay, and the cost of a breach is higher when remote work is involved.

    The cost comes not only directly from payments but also indirectly from reputational loss. (Source: IBM, 2021)

    Security teams can participate in the solution

    The numbers are clear: in 2022, when we face a threat environment like WE’VE never EXPERIENCED before, good security is worth the investment

    $1.76 million

    Saved when zero trust is deployed facing a breach

    Zero trust controls are realistic and effective controls.

    Organizations that implement zero trust dramatically reduce the cost of an adverse security event.

    35%

    More costly if it takes more than 200 days to identify and contain a breach

    With increased BYOD and remote work, detection and response is more challenging than ever before – but it is also highly effective.

    Organizations that detect and respond to incidents quickly will significantly reduce the impact. (Source: IBM, 2021)

    Breaches are 34% less costly when mature zero trust is implemented.

    A fully staffed and well-prepared security team could save the cost through quick responses. (Source: IBM, 2021)

    Top security priorities and constraints in 2022

    Survey results

    As part of its research process for the 2022 Security Priorities Report, Info-Tech Research Group surveyed security and IT leaders (N=97) to ask their top security priorities as well as their main obstacles to security success in 2022:

    Top Priorities
    A list of the top three priorities identified in the survey with their respective percentages, 'Acquiring and retaining talent, 30%', 'Protecting against and responding to ransomware, 23%', and 'Securing a remote workforce, 23%'.

    Survey respondents were asked to force-rank their security priorities.

    Among the priorities chosen most frequently as #1 were talent management, addressing ransomware threats, and securing hybrid/remote work.

    Top Obstacles
    A list of the top three obstacles identified in the survey with their respective percentages, 'Staffing constraints, 31%', 'Demand of ever-changing business environment, 23%', and 'Budget constraints, 15%'.

    Talent management is both the #1 priority and the top obstacle facing security leaders in 2022.

    Unsurprisingly, the ever-changing environment in a world emerging from a pandemic and budget constraints are also top obstacles.

    We know the priorities…

    But what are security leaders actually working on?

    This report details what we see the world demanding of security leaders in the coming year.

    Setting aside the demands – what are security leaders actually working on?

    A list of 'Top security topics among Info-Tech members' with accompanying bars, 'Security Strategy', 'Security Policies', 'Security Operations', 'Security Governance', and 'Security Incident Response'.

    Many organizations are still mastering the foundations of a mature cybersecurity program.

    This is a good idea!

    Most breaches are still due to gaps in foundational security, not lack of advanced controls.

    We know the priorities…

    But what are security leaders actually working on?

    A list of industries with accompanying bars representing their demand for security. The only industry with a significant positive percentage is 'Government'. Security projects included in annual plan relative to industry.

    One industry plainly stands out from the rest. Government organizations are proportionally much more active in security than other industries, and for good reason: they are common targets.

    Manufacturing and professional services are proportionally less interested in security. This is concerning, given the recent targeting of supply chain and personal data holders by ransomware gangs.

    5 Security Priorities for 2022 Logo for Info-Tech. Logo for ITRG.

    People

    1. Acquiring and Retaining Talent
      Create a good working environment for existing and potential employees. Invest time and effort into talent issues to avoid being understaffed.
    2. Securing a Remote Workforce
      Create a secure environment for users and help your people build safe habits while working remotely.

    Process

    1. Securing Digital Transformation
      Build in security from the start and check in frequently to create agile and secure user experiences.

    Technology

    1. Adopting Zero Trust
      Manage access of sensitive information based on the principle of least privilege.
    2. Protecting Against and Responding to Ransomware
      Put in your best effort to build defenses but also prepare for a breach and know how to recover.

    Main Influencing Factors

    COVID-19 Pandemic
    The pandemic has changed the way we interact with technology. Organizations are universally adapting their business and technology processes to fit the post-pandemic paradigm.
    Rampant Cybercrime Activity
    By nearly every conceivable metric, cybercrime is way up in the past two years. Cybercriminals smell blood and pose a more salient threat than before. Higher standards of cybersecurity capability are required to respond to this higher level of threat.
    Remote Work and Workforce Reallocation
    Talented IT staff across the globe enabled an extraordinarily fast shift to remote and distance work. We must now reckon with the security and human resourcing implications of this huge shift.

    Acquire and Retain Talent

    Priority 01

    Security talent was in short supply before the pandemic, and it's even worse now.

    Executive summary

    Background

    Cybersecurity talent has been in short supply for years, but this shortage has inflected upward since the pandemic.

    The Great Resignation contributed to the existing talent gap. The pandemic has changed how people work as well as how and where they choose work. More and more senior workers are retiring early or opting for remote working opportunities.

    The cost to acquire cybersecurity talent is huge, and the challenge doesn’t end there. Retaining top talent can be equally difficult.

    Current situation

    • A 2021 survey by ESG shows that 76% of security professional agree it’s difficult to recruit talent, and 57% said their organization is affected by this talent shortage.
    • (ISC)2 reports there are 2.72 million unfilled job openings and an increasing workforce gap (2021).

    2.72 million unfilled cybersecurity openings (Source: (ISC)2, 2021)

    IT leaders must do more to attract and retain talent in 2022

    • Over 70% of IT professionals are considering quitting their jobs (TalentLMS, 2021). Meanwhile, 51% of surveyed cybersecurity professionals report extreme burnout during the last 12 months and many of them have considered quitting because of it (VMWare, 2021).
    • Working remotely makes it easier for people to look elsewhere, lowering the barrier to leaving.
    • This is a big problem for security leaders, as cybersecurity talent is in very short supply. The cost of acquiring and retaining quality cybersecurity staff in 2022 is significant, and many organizations are unwilling or unable to pay the premium.
    • Top talent will demand flexible working conditions – even though remote work comes with security risk.
    • Most smart, talented new hires in 2022 are demanding to work remotely most of the time.
    Top reasons for resignations in 2021
    Burnout 30%
    Other remote opportunities 20%
    Lack of growth opportunities 20%
    Poor culture 20%
    Acquisition concerns 10%
    (Source: Survey of West Coast US cybersecurity professionals; TechBeacon, 2021)

    Talent will be 2022’s #1 strength and #1 weakness

    Staffing obstacles in 2022:

    “Attracting and retaining talent is always challenging. We don’t pay as well and my org wants staff in the office at least half of the time. Most young, smart, talented new hires want to work remotely 100 percent of the time.“

    “Trying to grow internal resources into security roles.”

    “Remote work expectations by employees and refusal by business to accommodate.”

    “Biggest obstacle: payscales that are out of touch with cybersecurity market.”

    “Request additional staff. Obtaining funding for additional position is most significant obstacle.”

    (Info-Tech Tech Security Priorities Survey 2022)
    Top obstacles in 2022:

    As you can see, respondents to our security priorities survey have strong feelings on the challenges of staffing a cybersecurity team.

    The growth of remote work means local talent can now be hired by anybody, vastly increasing your competition as an employer.

    Hiring local will get tougher – but so will hiring abroad. People who don’t want to relocate for a new job now have plenty of alternatives. Without a compelling remote work option, you will find non-local prospects unwilling to move for a new job.

    Lastly, many organizations are still reeling at the cost of experienced cybersecurity talent. Focused internal training and development will be the answer for many organizations.

    Recommended Actions

    Provide career development opportunities

    Many security professionals are dissatisfied with their unclear career development paths. To improve retention, organizations should provide their staff with opportunities and clear paths for career and skills advancement.

    Be open-minded when hiring

    To broaden the candidate pool, organizations should be open-minded when considering who to hire.

    • Enable remote work.
    • Do not fixate on certificates and years of experience; rather, be open to developing those who have the right interest and ability.
    • Consider using freelance workers.
    Facilitate work-life balance

    Many security professionals say they experience burnout. Promoting work-life balance in your organization can help retain critical skills.

    Create inclusive environment

    Hire a diverse team and create an inclusive environment where they can thrive.

    Talent acquisition and retention plan

    Use this template to explain the priorities you need your stakeholders to know about.

    Provide a brief value statement for the initiative.

    Address a top priority and a top obstacle with a plan to attract and retain top organizational and cybersecurity talent.

    Initiative Description:

    • Provide secure remote work capabilities for staff.
    • Work with HR to refine a hiring plan that addresses geographical and compensation gaps with cybersecurity and general staff.
    • Survey staff engagement to identify points of friction and remediate where needed.
    • Define a career path and growth plan for staff.
    Description must include what IT will undertake to complete the initiative.

    Primary Business Benefits:

    Arrow pointing down.
    Reduction in costs due to turnover and talent loss

    Other Expected Business Benefits:

    Arrow pointing up.
    Productivity due to good morale/ engagement
    Arrow pointing up.
    Improved corporate culture
    Align initiative benefits back to business benefits or benefits for the stakeholder groups that it impacts.

    Risks:

    • Big organizational and cultural changes
    • Increased attack surface of remote/hybrid workforce

    Related Info-Tech Research:

    Secure a Remote Workforce

    Priority 02

    Trends suggest remote work is here to stay. Addressing the risk of insecure endpoints can no longer be deferred.

    Executive summary

    Remote work poses unique challenges to cybersecurity teams. The personal home environment may introduce unauthorized people and unknown network vulnerabilities, and the organization loses nearly all power and influence over the daily cyber hygiene of its users.

    In addition, the software used for enabling remote work itself can be a target of cybersecurity criminals.

    Current situation

    • 70% of workers in technical services work from home.
    • Employees of larger firms and highly paid individuals are more likely to be working outside the office.
    • 80% of security and business leaders find that remote work has increased the risk of a breach.
    • (Source: StatCan, 2021)

    70% of tech workers work from home (Source: Statcan, 2021)

    Remote work demands new security solutions

    The security perimeter is finally gone

    The data is outside the datacenter.
    The users are outside the office.
    The endpoints are … anywhere and everywhere.

    Organizations that did not implement digital transformation changes following COVID-19 experience higher costs following a breach, likely because it is taking nearly two months longer, on average, to detect and contain a breach when more than 50% of staff are working remotely (IBM, 2021).

    In 2022 the cumulative risk of so many remote connections means we need to rethink how we secure the remote/hybrid workforce.

    Security
    • Distributed denial of service
    • DNS hijacking
    • Weak VPN protocols
    Identity
    • One-time verification allowing lateral movement
    Colorful tiles representing the surrounding security solutions. Network
    • Risk perimeter stops at corporate network edge
    • Split tunneling
    Authentication
    • Weak authentication
    • Weak password
    Access
    • Man-in-the-middle attack
    • Cross-site scripting
    • Session hijacking

    Recommended Actions

    Mature your identity management

    Compromised identity is the main vector to breaches in recent years. Stale accounts, contractor accounts, misalignment between HR and IT – the lack of foundational practices leads to headline-making breaches every week.
    Tighten up identity control to keep your organization out of the newspaper.

    Get a handle on your endpoints

    Work-from-home (WFH) often means unknown endpoints on unknown networks full of other unknown devices…and others in the home potentially using the workstation for non-work purposes. Gaining visibility into your endpoints can help to keep detection and resolution times short.

    Educate users

    Educate everyone on security best practices when working remotely:

    • Apply secure settings (not just defaults) to the home network.
    • Use strong passwords.
    • Identify suspicious email.
    Ease of use

    Many workers complain that the corporate technology solution makes it difficult to get their work done.

    Employees will take productivity over security if we force them to choose, so IT needs to listen to end users’ needs and provide a solution that is nimble and secure.

    Roadmap to securing remote/hybrid workforce

    Use this template to explain the priorities you need your stakeholders to know about.

    Provide a brief value statement for the initiative.

    The corporate network now extends to the internet – ensure your security plan has you covered.

    Initiative Description:

    • Reassess enterprise security strategy to include the WFH attack surface (especially endpoint visibility).
    • Ensure authentication requirements for remote workers are sufficient (e.g. MFA, strong passwords, hardware tokens for high-risk users/connections).
    • Assess the value of zero trust networking to minimize the blast radius in the case of a breach.
    • Perform penetration testing annually.
    Description must include what IT will undertake to complete the initiative.

    Primary Business Benefits:

    Arrow pointing down.


    Reduced cost of security incidents/reputational damage

    Other Expected Business Benefits:

    Arrow pointing up.
    Improved ability to attract and retain talent
    Arrow pointing up.
    Increased business adaptability
    Align initiative benefits back to business benefits or benefits for the stakeholder groups that it impacts.

    Risks:

    • Potential disruption to traditional working patterns
    • Cost of investing in WFH versus risk of BYOD

    Related Info-Tech Research:

    Secure Digital Transformation

    Priority 03

    Digital transformation could be a competitive advantage…or the cause of your next data breach.

    Executive summary

    Background

    Digital transformation is occurring at an ever-increasing rate these days. As Microsoft CEO Satya Nadella said early in the pandemic, “We’ve seen two years’ worth of digital transformation in two months.”

    We have heard similar stories from Info-Tech members who deployed rollouts that were scheduled to take months over a weekend instead.

    Microsoft’s own shift to rapidly expand its Teams product is a prime example of how quickly the digital landscape has changed. The global adaption to a digital world has largely been a success story, but rapid change comes with risk, and there is a parallel story of rampant cyberattacks like we have never seen before.

    Insight

    There is an adage that “slow is smooth, and smooth is fast” – the implication being that fast is sloppy. In 2022 we’ll see a pattern of organizations working to catch up their cybersecurity with the transformations we all made in 2020.

    $1.78 trillion expected in digital transformation investments (Source: World Economic Forum, 2021)

    An ounce of security prevention versus a pound of cure

    The journey of digital transformation is a risky one.

    Digital transformations often rely heavily on third-party cloud service providers, which increases exposure of corporate data.

    Further, adoption of new technology creates a new threat surface that must be assessed, mitigations implemented, and visibility established to measure performance.

    However, digital transformations are often run on slim budgets and without expert guidance.

    Survey respondents report as much: rushed deployments, increased cloud migration, and shadow IT are the top vulnerabilities reported by security leaders and executives.

    In a 2020 Ponemon survey, 82% of IT security and C-level executives reported experiencing at least one data breach directly resulting from a digital transformation they had undergone.

    Scope creep is inevitable on any large project like a digital transformation. A small security shortcut early in the project can have dire consequences when it grows to affect personal data and critical systems down the road.

    Recommended Actions

    Engage the business early and often

    Despite the risks, organizations engage in digital transformations because they also have huge business value.

    Security leaders should not be seeking to slow or stop digital transformations; rather, we should be engaging with the business early to get ahead of risks and enable successful transformation.

    Establish a vendor security program

    Data is moving out of datacenters and onto third-party environments. Without security requirements built into agreements, and clear visibility into vendor security capabilities, that data is a major source of risk.

    A robust vendor security program will create assurance early in the process and help to reinforce the responsibility of securing data with other parts of the organization.

    Build/revisit your security strategy

    The threat surface has changed since before your transformation. This is the right time to revisit or rebuild your security strategy to ensure that your control set is present throughout the new environment – and also a great opportunity to show how your current security investments are helping secure your new digital lines of business!

    Educate your key players

    Only 16% of security leaders and executives report alignment between security and business processes during digital transformation.

    If security is too low a priority, then key players in your transformation efforts are likely unaware of how security risks impact their own success. It will be incumbent upon the CISO to start that conversation.

    Securing digital transformation

    Use this template to explain the priorities you need your stakeholders to know about.

    Provide a brief value statement for the initiative.

    Ensure your investment in digital transformation is appropriately secured.

    Initiative Description:

    • Engage security with digital transformation and relevant governance structures (steering committees) to ensure security considerations are built into digital transformation planning.
    • Incorporate security stage gates in project management procedures.
    • Establish a vendor security assessment program.
    Description must include what IT will undertake to complete the initiative.

    Primary Business Benefits:

    Arrow pointing up.


    Increased likelihood of digital transformation success

    Other Expected Business Benefits:

    Arrow pointing up.
    Ability to make informed decisions for the field rep strategy
    Arrow pointing down.
    Reduced long-term cost of digital transformation
    Align initiative benefits back to business benefits or benefits for the stakeholder groups that it impacts.

    Risks:

    • Potential increased up front cost (reduced long-term cost)
    • Potential slowed implementation with security stage gates in project management

    Related Info-Tech Research:

    Adopt Zero Trust

    Priority 04

    Governments are recognizing the importance of zero trust strategies. So should your organization.

    Why now for zero trust?

    John Kindervag modernized the concept of zero trust back in 2010, and in the intervening years there has been enormous interest in cybersecurity circles, yet in 2022 only 30% of organizations report even beginning to roll out zero trust capabilities (Statista, 2022).

    Why such little action on a revolutionary and compelling model?

    Zero trust is not a technology; it is a principle. Zero trust adoption takes concerted planning, effort, and expense, for which the business value has been unclear throughout most of the last 10 years. However, several recent developments are changing that:

    • Securing technology has become very hard! The size, complexity, and attack surface of IT environments has grown significantly – especially since the pandemic.
    • Cyberattacks have become rampant as the cost to deploy harmful ransomware has become lower and the impact has become higher.
    • The shift away from on-premises datacenters and offices created an opening for zero trust investment, and zero trust technology is more mature than ever before.

    The time has come for zero trust adoption to begin in earnest.

    97% will maintain or increase zero trust budget (Source: Statista, 2022)

    Traditional perimeter security is not working

    Zero trust directly addresses the most prevalent attack vectors today

    A hybrid workforce using traditional VPN creates an environment where we are exposed to all the risks in the wild (unknown devices at any location on any network), but at a stripped-down security level that still provides the trust afforded to on-premises workers using known devices.

    What’s more, threats such as ransomware are known to exploit identity and remote access vulnerabilities before moving laterally within a network – vectors that are addressed directly by zero trust identity and networking. Ninety-three percent of surveyed zero trust adopters state that the benefits have matched or exceeded their expectations (iSMG, 2022).

    Top reasons for building a zero trust program in 2022

    (Source: iSMG, 2022)

    44%

    Enforce least privilege access to critical resources

    44%

    Reduce attacker ability to move laterally

    41%

    Reduce enterprise attack surface

    The business case for zero trust is clearer than ever

    Prior obstacles to Zero Trust are disappearing

    A major obstacle to zero trust adoption has been the sheer cost, along with the lack of business case for that investment. Two factors are changing that paradigm in 2022:

    The May 2021 US White House Executive Order for federal agencies to adopt zero trust architecture finally placed zero trust on the radar of many CEOs and board members, creating the business interest and willingness to consider investing in zero trust.

    In addition, the cost of adopting zero trust is quickly being surpassed by the cost of not adopting zero trust, as cyberattacks become rampant and successful zero trust deployments create a case study to support investment.

    Bar chart titled 'Cost to remediate a Ransomware attack' with bars representing the years '2021' and '2020'. 2021's cost sits around $1.8M while 2020's was only $750K The cost to remediate a ransomware attack more than doubled from 2020 to 2021. Widespread adoption of zero trust capabilities could keep that number from doubling again in 2022. (Source: Sophos, 2021)

    The cost of a data breach is on average $1.76 million less for organizations with mature zero trust deployments.

    That is, the cost of a data breach is 35% reduced compared to organizations without zero trust controls. (Source: IBM, 2021)

    Recommended Actions

    Start small

    Don’t put all your eggs in one basket by deploying zero trust in a wide swath. Rather, start as small as possible to allow for growing pains without creating business friction (or sinking your project altogether).

    Build a sensible roadmap

    Zero trust principles can be applied in a myriad of ways, so where should you start? Between identities, devices, networking, and data, decide on a use case to do pilot testing and then refine your approach.

    Beware too-good-to-be-true products

    Zero trust is a powerful buzzword, and vendors know it.

    Be skeptical and do your due diligence to ensure your new security partners in zero trust are delivering what you need.

    Zero trust roadmap

    Use this template to explain the priorities you need your stakeholders to know about.

    Provide a brief value statement for the initiative.

    Develop a practical roadmap that shows the business value of security investment.

    Initiative Description:

    • Define desired business and security outcomes from zero trust adoption.
    • Assess zero trust readiness.
    • Build roadmaps for zero trust:
      1. Identity
      2. Networking
      3. Devices
      4. Data
    Description must include what IT will undertake to complete the initiative.

    Primary Business Benefits:

    Arrow pointing up.


    Increased security posture and business agility

    Other Expected Business Benefits:

    Arrow pointing down.
    Reduced impact of security events
    Arrow pointing down.
    Reduced cost of managing complex control set
    Arrow pointing up.
    More secure business transformation (i.e. cloud/digital)
    Align initiative benefits back to business benefits or benefits for the stakeholder groups that it impacts.

    Risks:

    • Learning curve of implementation (start small and slow)
    • Transition from current control set to zero trust model

    Related Info-Tech Research:

    Protect Against and Respond to Ransomware

    Priority 05

    Ransomware is still the #1 threat to the safety of your data.

    Executive summary

    Background

    • Ransomware attacks have transformed in 2021 and show no sign of slowing in 2022. There is a new major security breach every week, despite organizations spending over $150 billion in a year on cybersecurity (Nasdaq, 2021).
    • Ransomware as a service (RaaS) is commonplace, and attackers are doubling down by holding encrypted data ransom and also demanding payment under threat to disclose exfiltrated data – and they are making good on their threats.
    • The global cost of ransomware is expected to rise to $265 billion by 2031 (Cybersecurity Ventures, 2021).
    • We expect to see an increase in ransomware incidents in 2022, both in severity and volume – multiple attacks and double extortion are now the norm.
    • High staff turnover increases risk because new employees are unfamiliar with security protocols.

    150% increase ransomware attacks in 2020 (Source: ENISA)

    This is a new golden age of ransomware

    What is the same in 2022

    Unbridled ransomware attacks make it seem like attackers must be using complex new techniques, but prevalent ransomware attack vectors are actually well understood.

    Nearly all modern variants are breaching victim systems in one of three ways:

    • Email phishing
    • Software vulnerabilities
    • RDP/Remote access compromise
    What is new in 2022
    The sophistication of victim targeting

    Victims often find themselves asking, “How did the attackers know to phish the most security-oblivious person in my staff?” Bad actors have refined their social engineering and phishing to exploit high-risk individuals, meaning your chain is only as strong as the weakest link.

    Ability of malware to evade detection

    Modern ransomware is getting better at bypassing anti-malware technology, for example, through creative techniques such as those seen in the MedusaLocker variant and in Ghost Control attacks.

    Effective anti-malware is still a must-have control, but a single layer of defense is no longer enough. Any organization that hopes to avoid paying a ransom must prepare to detect, respond, and recover from an attack.

    Many leaders still don’t know what a ransomware recovery would look like

    Do you know what it would take to recover from a ransomware incident?

    …and does your executive leadership know what it would take to recover?

    The organizations that are most likely to pay a ransom are unprepared for the reality of recovering their systems.

    If you have not done a tabletop or live exercise to simulate a true recovery effort, you may be exposed to more risk than you realize.

    Are your defenses sufficiently hardened against ransomware?

    Organizations with effective security prevention are often breached by ransomware – but they are prepared to contain, detect, and eradicate the infection.

    Ask yourself whether you have identified potential points of entry for ransomware. Assume that your security controls will fail.

    How well are your security controls layered, and how difficult would it be for an attacker to move east/west within your systems?

    Recommended Actions

    Be prepared for a breach

    There is no guarantee that an organization will not fall victim to ransomware, so instead of putting all their effort into prevention, organizations should also put effort into planning to respond to a breach.

    Security awareness training/phishing detection

    Phishing continues to be the main point of entry for ransomware. Investing in phishing awareness and detection among your end users may be the most impactful countermeasure you can implement.

    Zero trust adoption

    Always verify at every step of interaction, even when access is requested by internal users. Manage access of sensitive information based on the principle of least privilege access.

    Encrypt and back up your data

    Encrypt your data so that even if there is a breach, the attackers don’t have a copy of your data. Also, keep regular backups of data at a separate location so that you still have data to work with after a breach occurs.

    You never want to pay a ransom. Being prepared to deal with an incident is your best chance to avoid paying!

    Prevent and respond to ransomware

    Use this template to explain the priorities you need your stakeholders to know about.

    Provide a brief value statement for the initiative.

    Determine your current readiness, response plan, and projects to close gaps.

    Initiative Description:

    • Execute a systematic assessment of your current security and ransomware recovery capabilities.
    • Perform tabletop activities and live recoveries to test data recovery capabilities.
    • Train staff to detect suspicious communications and protect their identities.
    Description must include what IT will undertake to complete the initiative.

    Primary Business Benefits:

    Arrow pointing up.


    Improved productivity and brand protection

    Other Expected Business Benefits:

    Arrow pointing down.
    Reduced downtime and disruption
    Arrow pointing down.
    Reduced cost due to incidents (ransom payments, remediation)
    Align initiative benefits back to business benefits or benefits for the stakeholder groups that it impacts.

    Risks:

    • Friction with existing staff

    Related Info-Tech Research:

    Deepfakes: Dark-horse threat for 2022

    Deepfake video

    How long has it been since you’ve gone a full workday without having a videoconference with someone?

    We have become inherently trustful that the face we see on the screen is real, but the technology required to falsify that video is widely available and runs on commercially available hardware, ushering in a genuinely post-truth online era.

    Criminals can use deepfakes to enhance social engineering, to spread misinformation, and to commit fraud and blackmail.

    Deepfake audio

    Many financial institutions have recently deployed voiceprint authentication. TD describes its VoicePrint as “voice recognition technology that allows us to use your voiceprint – as unique to you as your fingerprint – to validate your identity” over the phone.

    However, hackers have been defeating voice recognition for years already. There is ripe potential for voice fakes to fool both modern voice recognition technology and the accounts payable staff.

    Bibliography

    “2021 Ransomware Statistics, Data, & Trends.” PurpleSec, 2021. Web.

    Bayern, Macy. “Why 60% of IT security pros want to quit their jobs right now.” TechRepublic, 10 Oct. 2018. Web.

    Bresnahan, Ethan. “How Digital Transformation Impacts IT And Cyber Risk Programs.” CyberSaint Security, 25 Feb. 2021. Web.

    Clancy, Molly. “The True Cost of Ransomware.” Backblaze, 9 Sept. 2021.Web.

    “Cost of a Data Breach Report 2021.” IBM, 2021. Web.

    Cybersecurity Ventures. “Global Ransomware Damage Costs To Exceed $265 Billion By 2031.” Newswires, 4 June 2021. Web.

    “Digital Transformation & Cyber Risk: What You Need to Know to Stay Safe.” Ponemon Institute, June 2020. Web.

    “Global Incident Response Threat Report: Manipulating Reality.” VMware, 2021.

    Granger, Diana. “Karmen Ransomware Variant Introduced by Russian Hacker.” Recorded Future, 18 April 2017. Web.

    “Is adopting a zero trust model a priority for your organization?” Statista, 2022. Web.

    “(ISC)2 Cybersecurity Workforce Study, 2021: A Resilient Cybersecurity Profession Charts the Path Forward.” (ISC)2, 2021. Web.

    Kobialka, Dan. “What Are the Top Zero Trust Strategies for 2022?” MSSP Alert, 10 Feb. 2022. Web.

    Kost, Edward. “What is Ransomware as a Service (RaaS)? The Dangerous Threat to World Security.” UpGuard, 1 Nov. 2021. Web.

    Lella, Ifigeneia, et al., editors. “ENISA Threat Landscape 2021.” ENISA, Oct. 2021. Web.

    Mello, John P., Jr. “700K more cybersecurity workers, but still a talent shortage.” TechBeacon, 7 Dec. 2021. Web.

    Naraine, Ryan. “Is the ‘Great Resignation’ Impacting Cybersecurity?” SecurityWeek, 11 Jan. 2022. Web.

    Oltsik, Jon. “ESG Research Report: The Life and Times of Cybersecurity Professionals 2021 Volume V.” Enterprise Security Group, 28 July 2021. Web.

    Osborne, Charlie. “Ransomware as a service: Negotiators are now in high demand.” ZDNet, 8 July 2021. Web.

    Osborne, Charlie. “Ransomware in 2022: We’re all screwed.” ZDNet, 22 Dec. 2021. Web.

    “Retaining Tech Employees in the Era of The Great Resignation.” TalentLMS, 19 Oct. 2021. Web.

    Rubin, Andrew. “Ransomware Is the Greatest Business Threat in 2022.” Nasdaq, 7 Dec. 2021. Web.

    Samartsev, Dmitry, and Daniel Dobrygowski. “5 ways Digital Transformation Officers can make cybersecurity a top priority.“ World Economic Forum, 15 Sept. 2021. Web.

    Seymour, John, and Azeem Aqil. “Your Voice is My Passport.” Presented at black hat USA 2018.

    Solomon, Howard. “Ransomware attacks will be more targeted in 2022: Trend Micro.” IT World Canada, 6 Jan. 2022. Web.

    “The State of Ransomware 2021.” Sophos, April 2021. Web.

    Tarun, Renee. “How The Great Resignation Could Benefit Cybersecurity.” Forbes Technology Council, Forbes, 21 Dec. 2021. Web.

    “TD VoicePrint.” TD Bank, n.d. Web.

    “Working from home during the COVID-19 pandemic, April 202 to June 2021.” Statistics Canada, 4 Aug. 2021. Web.

    “Zero Trust Strategies for 2022.” iSMG, Palo Alto Networks, and Optiv, 28 Jan. 2022. Web.

    Considerations to Optimize Container Management

    • Buy Link or Shortcode: {j2store}499|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Data Center & Facilities Strategy
    • Parent Category Link: /data-center-and-facilities-strategy

    Do you experience challenges with the following:

    • Equipping IT operations processes to manage containers.
    • Choosing the right container technology.
    • Optimizing your infrastructure strategy for containers.

    Our Advice

    Critical Insight

    • Plan ahead to ensure your container strategy aligns with your infrastructure roadmap. Before deciding between bare metal and cloud, understand the different components of a container management solution and plan for current and future infrastructure services.
    • When selecting tools from multiple sources, it is important to understand what each tool should and should not meet. This holistic approach is necessary to avoid gaps and duplication of effort.

    Impact and Result

    Use the reference architecture to plan for the solution you need and want to deploy. Infrastructure planning and strategy optimizes the container image supply chain, uses your current infrastructure, and reduces costs for compute and image scan time.

    Considerations to Optimize Container Management Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Considerations to Optimize Container Management Deck – A document to guide you design your container strategy.

    A document that walks you through the components of a container management solution and helps align your business objectives with your current infrastructure services and plan for your future assets.

    • Considerations to Optimize Container Management Storyboard

    2. Container Reference Architecture – A best-of-breed template to help you build a clear, concise, and compelling strategy document for container management.

    Complete the reference architecture tool to strategize your container management.

    • Container Reference Architecture
    [infographic]

    Further reading

    Considerations to Optimize Container Management

    Design a custom reference architecture that meets your requirements.

    Analyst Perspective

    Containers have become popular as enterprises use DevOps to develop and deploy applications faster. Containers require managed services because the sheer number of containers can become too complex for IT teams to handle. Orchestration platforms like Kubernetes can be complex, requiring management to automatically deploy container-based applications to operating systems and public clouds. IT operations staff need container management skills and training.

    Installing and setting up container orchestration tools can be laborious and error-prone. IT organizations must first implement the right infrastructure setup for containers by having a solid understanding of the scope and scale of containerization projects and developer requirements. IT administrators also need to know how parts of the existing infrastructure connect and communicate to maintain these relationships in a containerized environment. Containers can run on bare metal servers, virtual machines in the cloud, or hybrid configurations, depending on your IT needs

    Nitin Mukesh, Senior Research Analyst, Infrastructure and Operations

    Nitin Mukesh
    Senior Research Analyst, Infrastructure and Operations
    Info-Tech Research Group

    Executive Summary

    Your Challenge Common Obstacles Info-Tech’s Approach

    The container software market is constantly evolving. Organizations must consider many factors to choose the right container management software for their specific needs and fit their future plans.

    It's important to consider your organization's current and future infrastructure strategy and how it fits with your container management strategy. The container management platform you choose should be compatible with the existing network infrastructure and storage capabilities available to your organization.

    IT operations staff have not been thinking the same way as developers who have now been using an agile approach for some time. Container image builds are highly automated and have several dependencies including scheduling, testing, and deployment that the IT staff is not trained for or lack the ability to create anything more than a simple image.

    Use the reference architecture to plan for the solution you need and want to deploy. Infrastructure planning and strategy optimizes the container image supply chain and reduces costs for compute and image scan time.

    Plan ahead to ensure your container strategy aligns with your infrastructure roadmap. Before deciding between bare metal and cloud, understand the different components of a container management solution and plan for current and future infrastructure services.

    Your challenge

    Choosing the right container technology: IT is a rapidly changing and evolving market, with startups and seasoned technology vendors maintaining momentum in everything from container platforms to repositories to orchestration tools. The rapid evolution of container platform components such as orchestration, storage, networking, and system services such as load balancing has made the entire stack a moving target.

    However, waiting for the industry to be standardized can be a recipe for paralysis, and waiting too long to decide on solutions and approaches can put a company's IT operations in catch-up mode.

    Keeping containers secure: Security breaches in containers are almost identical to operating system level breaches in virtual machines in terms of potential application and system vulnerabilities. It is important for any DevOps team working on container and orchestration architecture and management to fully understand the potential vulnerabilities of the platforms they are using.

    Optimize your infrastructure strategy for containers: One of the challenges enterprise IT operations management teams face when it comes to containers is the need to rethink the underlying infrastructure to accommodate the technology. While you may not want to embrace the public cloud for your critical applications just yet, IT operations managers will need an on-premises infrastructure so that applications can scale up and down the same way as they are containerized.

    Common ways organizations use containers

    A Separation of responsibilities
    Containerization provides a clear separation of responsibilities as developers can focus on application logic and dependencies, while IT operations teams can focus on deployment and management instead of application details such as specific software versions and configurations.

    B Workload portability
    Containers can run almost anywhere: physical servers or on-premise data centers on virtual machines or developer machines, as well as public clouds on Linux, Windows, or Mac operating systems, greatly easing development and deployment.

    “Lift and shift” existing applications into a modern cloud architecture. Some organizations even use containers to migrate existing applications to more modern environments. While this approach provides some of the basic benefits of operating system virtualization, it does not provide all the benefits of a modular, container-based application architecture.

    C Application isolation
    Containers virtualize CPU, memory, storage, and network resources at the operating system level, providing developers with a logically isolated view of the operating system from other applications.

    Source: TechTarget, 2021

    What are containers and why should I containerize?

    A container is a partially isolated environment in which an application or parts of an application can run. You can use a single container to run anything from small microservices or software processes to larger applications. Inside the container are all the necessary executable, library, and configuration files. Containers do not contain operating system images. This makes them lighter and more portable with much less overhead. Large application deployments can deploy multiple containers into one or more container clusters (CapitalOne, 2020).

    Containers have the following advantages:

    • Reduce overhead costs: Because containers do not contain operating system images, they require fewer system resources than traditional or hardware virtual machine environments.
    • Enhanced portability: Applications running in containers can be easily deployed on a variety of operating systems and hardware platforms.
    • More consistent operations: DevOps teams know that applications in containers run the same no matter where they are deployed.
    • Efficiency improvement: Containers allow you to deploy, patch, or scale applications faster.
    • Develop better applications: Containers support Agile and DevOps efforts to accelerate development and production cycles.

    Source: CapitalOne, 2020

    Container on the cloud or on-premise?

    On-premises containers Public cloud-based containers

    Advantages:

    • Full control over your container environment.
    • Increased flexibility in networking and storage configurations.
    • Use any version of your chosen tool or container platform.
    • No need to worry about potential compliance issues with data stored in containers.
    • Full control over the host operating system and environment.

    Disadvantages:

    • Lack of easy scalability. This can be especially problematic if you're using containers because you want to be more agile from a DevOps perspective.
    • No turnkey container deployment solution. You must set up and maintain every component of the container stack yourself.

    Advantages:

    • Easy setup and management through platforms such as Amazon Elastic Container Service or Azure Container Service. These products require significant Docker expertise to use but require less installation and configuration than on-premise installations.
    • Integrates with other cloud-based tools for tasks such as monitoring.
    • Running containers in the cloud improves scalability by allowing you to add compute and storage resources as needed.

    Disadvantages:

    • You should almost certainly run containers on virtual machines. That can be a good thing for many people; however, you miss out on some of the potential benefits of running containers on bare metal servers, which can be easily done.
    • You lose control. To build a container stack, you must use the orchestrator provided by your cloud host or underlying operating system.

    Info-Tech Insight
    Start-ups and small businesses that don't typically need to be closely connected to hardware can easily move (or start) to the cloud. Large (e.g. enterprise-class) companies and companies that need to manage and control local hardware resources are more likely to prefer an on-premises infrastructure. For enterprises, on-premises container deployments can serve as a bridge to full public cloud deployments or hybrid private/public deployments. The answer to the question of public cloud versus on premises depends on the specific needs of your business.

    Container management

    From container labeling that identifies workloads and ownership to effective reporting that meets the needs of different stakeholders across the organization, it is important that organizations establish an effective framework for container management.

    Four key considerations for your container management strategy:

    01 Container Image Supply Chain
    How containers are built

    02 Container Infrastructure and Orchestration
    Where and how containers run together

    03 Container Runtime Security and Policy Enforcement
    How to make sure your containers only do what you want them to do

    04 Container Observability
    Runtime metrics and debugging

    To effectively understand container management solutions, it is useful to define the various components that make up a container management strategy.

    1: Container image supply chain

    To run a workload as a container, it must first be packaged into a container image. The image supply chain includes all libraries or components that make up a containerized application. This includes CI/CD tools to test and package code into container images, application security testing tools to check for vulnerabilities and logic errors, registries and mirroring tools for hosting container images, and attribution mechanisms such as image signatures for validating images in registries.

    Important functions of the supply chain include the ability to:

    • Scan container images in registries for security issues and policy compliance.
    • Verify in-use image hashes have been scanned and authorized.
    • Mirror images from public registries to isolate yourself from outages in these services.
    • Attributing images to the team that created them.

    Source: Rancher, 2022

    Info-Tech Insight
    It is important to consider disaster recovery for your image registry. As mentioned above, it is wise to isolate yourself from registry disruptions. However, external registry mirroring is only one part of the equation. You also want to make sure you have a high availability plan for your internal registry as well as proper backup and recovery processes. A highly available, fault-tolerant container management platform is not just a runtime environment.

    2: Container infrastructure and orchestration

    Orchestration tools

    Once you have a container image to run, you need a location to run it. That means both the computer the container runs on and the software that schedules it to run. If you're working with a few containers, you can make manual decisions about where to run container images, what to run with container images, and how best to manage storage and network connectivity. However, at scale, these kinds of decisions should be left to orchestration tools like Kubernetes, Swarm, or Mesos. These platforms can receive workload execution requests, determine where to run based on resource requirements and constraints, and then actually launch that workload on its target. And if a workload fails or resources are low, it can be restarted or moved as needed.

    Source: DevOpsCube, 2022

    Storage

    Storage is another important consideration. This includes both the storage used by the operating system and the storage used by the container itself. First, you need to consider the type of storage you actually need. Can I outsource my storage concerns to a cloud provider using something like Amazon Relational Database Service instead? If not, do you really need block storage (e.g. disk) or can an external object store like AWS S3 meet your needs? If your external object storage service can meet your performance and durability requirements as well as your governance and compliance needs, you're in luck. You may not have to worry about managing the container's persistent storage. Many external storage services can be provisioned on demand, support discrete snapshots, and some even allow dynamic scaling on demand.

    Networking

    Network connectivity inside and outside the containerized environment is also very important. For example, Kubernetes supports a variety of container networking interfaces (CNIs), each providing different functionality. Questions to consider here are whether you can set traffic control policies (and the OSI layer), how to handle encryption between workloads and between workloads and external entities, and how to manage traffic import for containerized workloads. The impact of these decisions also plays a role on performance.

    Backups

    Backups are still an important task in containerized environments, but the backup target is changing slightly. An immutable, read-only container file system can be recreated very easily from the original container image and does not need to be backed up. Backups or snapshots on permanent storage should still be considered. If you are using a cloud provider, you should also consider fault domain and geo-recovery scenarios depending on the provider's capabilities. For example, if you're using AWS, you can use S3 replication to ensure that EBS snapshots can be restored in another region in case of a full region outage.

    3: Container runtime security and policy enforcement

    Ensuring that containers run in a place that meets the resource requirements and constraints set for them is necessary, but not sufficient. It is equally important that your container management solution performs continuous validation and ensures that your workloads comply with all security and other policy requirements of your organization. Runtime security and policy enforcement tools include a function for detecting vulnerabilities in running containers, handling detected vulnerabilities, ensuring that workloads are not running with unnecessary or unintended privileges, and ensuring that only other workloads that need to be allowed can connect.

    One of the great benefits of (well implemented) containerized software is reducing the attackable surface of the application. But it doesn't completely remove it. This means you need to think about how to observe running applications to minimize security risks. Scanning as part of the build pipeline is not enough. This is because an image without vulnerabilities at build time can become a vulnerable container because new flaws are discovered in its code or support libraries. Instead, some modern tools focus on detecting unusual behavior at the system call level. As these types of tools mature, they can make a real difference to your workload’s security because they rely on actual observed behavior rather than up-to-date signature files.

    4: Container observability

    What’s going on in there?

    Finally, if your container images are being run somewhere by orchestration tools and well managed by security and policy enforcement tools, you need to know what your containers are doing and how well they are doing it. Orchestration tools will likely have their own logs and metrics, as will networking layers, and security and compliance checking tools; there is a lot to understand in a containerized environment. Container observability covers logging and metrics collection for both your workloads and the tools that run them.

    One very important element of observability is the importance of externalizing logs and metrics in a containerized environment. Containers come and go, and in many cases the nodes running on them also come and go, so relying on local storage is not recommended.

    The importance of a container management strategy

    A container management platform typically consists of a variety of tools from multiple sources. Some container management software vendors or container management services attempt to address all four key components of effective container management. However, many organizations already have tools that provide at least some of the features they need and don't want to waste existing licenses or make significant changes to their entire infrastructure just to run containers.

    When choosing tools from multiple sources, it's important to understand what needs each tool meets and what it doesn't. This holistic approach is necessary to avoid gaps and duplication of effort.

    For example, scanning an image as part of the build pipeline and then rescanning the image while the container is running is a waste of CPU cycles in the runtime environment. Similarly, using orchestration tools and separate host-based agents to aggregate logs or metrics can waste CPU cycles as well as storage and network resources.

    Planning a container management strategy

    1 DIY, Managed Services, or Packaged Products
    Developer satisfaction is important, but it's also wise to consider the team running the container management software. Migrating from bare metal or virtual machine-based deployment methodologies to containers can involve a significant learning curve, so it's a good idea to choose a tool that will help smooth this curve.
    2 Kubernetes
    In the world of container management, Kubernetes is fast becoming the de facto standard for container orchestration and scheduling. Most of the products that address the other aspects of container management discussed in this post (image supply chain, runtime security and policy enforcement, observability) integrate easily with Kubernetes. Kubernetes is open-source software and using it is possible if your team has the technical skills and the desire to implement it themselves. However, that doesn't mean you should automatically opt to build yourself.
    3 Managed Kubernetes
    Kubernetes is difficult to implement well. As a result, many solution providers offer packaged products or managed services to facilitate Kubernetes adoption. All major cloud providers now offer Kubernetes services that reduce the operational burden on your teams. Organizations that have invested heavily in the ecosystem of a particular cloud provider may find this route suitable. Other organizations may be able to find a fully managed service that provides container images and lets the service provider worry about running the images which, depending on the cost and capacity of the organization, may be the best option.
    4 Third-Party Orchestration Products
    A third approach is packaged products from providers that can be installed on the infrastructure (cloud or otherwise). These products can offer several potential advantages over DIY or cloud provider offerings, such as access to additional configuration options or cluster components, enhanced functionality, implementation assistance and training, post-installation product support, and reduced risk of cloud provider lock-in.

    Source: Kubernetes, 2022; Rancher, 2022

    Infrastructure considerations

    It's important to describe your organization’s current and future infrastructure strategy and how it fits into your container management strategy. It’s all basic for now, but if you plan to move to a virtual machine or cloud provider next year, your container management solution should be able to adapt to your environment now and in the future. Similarly, if you’ve already chosen a public cloud, you may want to make sure that the tool you choose supports some of the cloud options, but full compatibility may not be an important feature.

    Infrastructure considerations extend beyond computing. Choosing a container management platform should be compatible with the existing network infrastructure and storage capacity available to your organization. If you have existing policy enforcement, monitoring, and alerting tools, the ideal solution should be able to take advantage of them. Moving to containers can be a game changer for developers and operations teams, so continuing to use existing tools to reduce complexity where possible can save time and money.

    Leverage the reference architecture to guide your container management strategy

    Questions for support transition

    Using the examples as a guide, complete the tool to strategize your container management

    Download the Reference Architecture

    Bibliography

    Mell, Emily. “What is container management and why is it important?” TechTarget, April 2021.
    https://www.techtarget.com/searchitoperations/definition/container-management-software#:~:text=A%20container%20management%20ecosystem%20automates,operator%20to%20keep%20up%20with

    Conrad, John. “What is Container Orchestration?” CapitalOne, 24 August 2020.
    https://www.capitalone.com/tech/cloud/what-is-container-orchestration/?v=1673357442624

    Kubernetes. “Cluster Networking.” Kubernetes, 2022.
    https://kubernetes.io/docs/concepts/cluster-administration/networking/

    Rancher. “Comparing Kubernetes CNI Providers: Flannel, Calico, Canal, and Weave.” Rancher, 2022.
    https://www.suse.com/c/rancher_blog/comparing-kubernetes-cni-providers-flannel-calico-canal-and-weave/

    Wilson, Bob. “16 Best Container Orchestration Tools and Services.” DevopsCube, 5 January 2022.
    https://devopscube.com/docker-container-clustering-tools/

    Combine Security Risk Management Components Into One Program

    • Buy Link or Shortcode: {j2store}376|cart{/j2store}
    • member rating overall impact (scale of 10): 9.1/10 Overall Impact
    • member rating average dollars saved: $37,798 Average $ Saved
    • member rating average days saved: 32 Average Days Saved
    • Parent Category Name: Governance, Risk & Compliance
    • Parent Category Link: /governance-risk-compliance
    • Companies are aware of the need to discuss and assess risk, but many struggle to do so in a systematic and repeatable way.
    • Rarely are security risks analyzed in a consistent manner, let alone in a systematic and repeatable method to determine project risk as well as overall organizational risk exposure.

    Our Advice

    Critical Insight

    • The best security programs are built upon defensible risk management. With an appropriate risk management program in place, you can ensure that security decisions are made strategically instead of based on frameworks and gut feelings. This will optimize any security planning and budgeting.
    • All risks can be quantified. Security, compliance, legal, or other risks can be quantified using our methodology.

    Impact and Result

    • Develop a security risk management program to create a standardized methodology for assessing and managing the risk that information systems face.
    • Build a risk governance structure that makes it clear how security risks can be escalated within the organization and who makes the final decision on certain risks.
    • Use Info-Tech’s risk assessment methodology to quantifiably evaluate the threat severity for any new or existing project or initiative.
    • Tie together all aspects of your risk management program, including your information security risk tolerance level, threat and risk assessments, and mitigation effectiveness models.

    Combine Security Risk Management Components Into One Program Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should develop and implement a security risk management program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Establish the risk environment

    Lay down the foundations for security risk management, including roles and responsibilities and a defined risk tolerance level.

    • Combine Security Risk Management Components Into One Program – Phase 1: Establish the Risk Environment
    • Security Risk Governance Responsibilities and RACI Template
    • Risk Tolerance Determination Tool
    • Risk Weighting Determination Tool

    2. Conduct threat and risk assessments

    Define frequency and impact rankings then assess the risk of your project.

    • Combine Security Risk Management Components Into One Program – Phase 2: Conduct Threat and Risk Assessments
    • Threat and Risk Assessment Process Template
    • Threat and Risk Assessment Tool

    3. Build the security risk register

    Catalog an inventory of individual risks to create an overall risk profile.

    • Combine Security Risk Management Components Into One Program – Phase 3: Build the Security Risk Register
    • Security Risk Register Tool

    4. Communicate the risk management program

    Communicate the risk-based conclusions and leverage these in security decision making.

    • Combine Security Risk Management Components Into One Program – Phase 4: Communicate the Risk Management Program
    • Security Risk Management Presentation Template
    • Security Risk Management Summary Template
    [infographic]

    Workshop: Combine Security Risk Management Components Into One Program

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish the Risk Environment

    The Purpose

    Build the foundation needed for a security risk management program.

    Define roles and responsibilities of the risk executive.

    Define an information security risk tolerance level.

    Key Benefits Achieved

    Clearly defined roles and responsibilities.

    Defined risk tolerance level.

    Activities

    1.1 Define the security executive function RACI chart.

    1.2 Assess business context for security risk management.

    1.3 Standardize risk terminology assumptions.

    1.4 Conduct preliminary evaluation of risk scenarios to determine your risk tolerance level.

    1.5 Decide on a custom risk factor weighting.

    1.6 Finalize the risk tolerance level.

    1.7 Begin threat and risk assessment.

    Outputs

    Defined risk executive functions

    Risk governance RACI chart

    Defined quantified risk tolerance and risk factor weightings

    2 Conduct Threat and Risk Assessments

    The Purpose

    Determine when and how to conduct threat and risk assessments (TRAs).

    Complete one or two TRAs, as time permits during the workshop.

    Key Benefits Achieved

    Developed process for how to conduct threat and risk assessments.

    Deep risk analysis for one or two IT projects/initiatives.

    Activities

    2.1 Determine when to initiate a risk assessment.

    2.2 Review appropriate data classification scheme.

    2.3 Identify system elements and perform data discovery.

    2.4 Map data types to the elements.

    2.5 Identify STRIDE threats and assess risk factors.

    2.6 Determine risk actions taking place and assign countermeasures.

    2.7 Calculate mitigated risk severity based on actions.

    2.8 If necessary, revisit risk tolerance.

    2.9 Document threat and risk assessment methodology.

    Outputs

    Define scope of system elements and data within assessment

    Mapping of data to different system elements

    Threat identification and associated risk severity

    Defined risk actions to take place in threat and risk assessment process

    3 Continue to Conduct Threat and Risk Assessments

    The Purpose

    Complete one or two TRAs, as time permits during the workshop.

    Key Benefits Achieved

    Deep risk analysis for one or two IT projects/initiatives, as time permits.

    Activities

    3.1 Continue threat and risk assessment activities.

    3.2 As time permits, one to two threat and risk assessment activities will be performed as part of the workshop.

    3.3 Review risk assessment results and compare to risk tolerance level.

    Outputs

    One to two threat and risk assessment activities performed

    Validation of the risk tolerance level

    4 Establish a Risk Register and Communicate Risk

    The Purpose

    Collect, analyze, and aggregate all individual risks into the security risk register.

    Plan for the future of risk management.

    Key Benefits Achieved

    Established risk register to provide overview of the organizational aggregate risk profile.

    Ability to communicate risk to other stakeholders as needed.

    Activities

    4.1 Begin building a risk register.

    4.2 Identify individual risks and threats that exist in the organization.

    4.3 Decide risk responses, depending on the risk level as it relates to the risk tolerance.

    4.4 If necessary, revisit risk tolerance.

    4.5 Identify which stakeholders sign off on each risk.

    4.6 Plan for the future of risk management.

    4.7 Determine how to present risk to senior management.

    Outputs

    Risk register, with an inventory of risks and a macro view of the organization’s risk

    Defined risk-based initiatives to complete

    Plan for securing and managing the risk register

    Accelerate Business Growth and Valuation by Building Brand Awareness

    • Buy Link or Shortcode: {j2store}569|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Marketing Solutions
    • Parent Category Link: /marketing-solutions

    Brands that fail to invest in brand awareness are likely to face some, if not all these problems:

    • Lack of brand visibility and recognition
    • Inability to reach and engage with the buyers
    • Difficulties generating and converting leads
    • Low customer retention rate
    • Inability to justify higher pricing
    • Limited brand equity, business valuation, and sustainability

    Our Advice

    Critical Insight

    Awareness brings visibility and traction to brands, which is essential in taking the market leadership position and becoming the trusted brand that buyers think of first.

    Brand awareness also significantly contributes to increasing brand equity, market valuation, and business sustainability.

    Impact and Result

    Building brand awareness allows for the increase of:

    • Brand visibility, perception, recognition, and reputation
    • Interactions and engagement with the target audience
    • Digital advertising performance and ROI
    • Conversion rates and sales wins
    • Revenue and profitability
    • Market share & share of voice (SOV)
    • Talents, partners, and investors attraction and retention
    • Brand equity, business growth, and market valuation

    Accelerate Business Growth and Valuation by Building Brand Awareness Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Accelerate Business Growth and Valuation by Building Brand Awareness Storyboard - Learn how to establish the brand foundation, create assets and workflows, and deploy effective brand awareness strategies and tactics.

    A two-step approach to building brand awareness, starting with defining the brand foundations and then implementing effective brand awareness strategies and tactics.

    • Accelerate Business Growth and Valuation by Building Brand Awareness Storyboard

    2. Define Brand's Personality and Message - Analyze your target market and develop key elements of your brand guidelines.

    With this set of tools, you will be able to capture and analyze your target market, your buyers and their journeys, define your brand's values, personality, and voice, and develop all the key elements of your brand guidelines to enable people within your organization and external resources to build a consistent and recognizable image across all assets and platforms.

    • Market Analysis Template
    • Brand Recognition Survey and Interview Questionnaire and List Template
    • External and Internal Factors Analysis Template
    • Buyer Personas and Journey Presentation Template
    • Brand Purpose, Mission, Vision, and Values Template
    • Brand Value Proposition and Positioning Statement
    • Brand Voice Guidelines Template
    • Writing Style Guide Template
    • Brand Messaging Template
    • Writer Checklist

    3. Start Building Brand Awareness - Achieve strategic alignment.

    These tools will allow you to achieve strategic alignment and readiness, create assets and workflows, deploy tactics, establish Key Performance Indicators (KPIs), and monitor and optimize your strategy on an ongoing basis.

    • Brand Awareness Strategy and Tactics Template
    • Asset Creation and Management List
    • Campaign Workflows Template
    • Brand Awareness Strategy Rollout Plan Template
    • Survey Emails Best Practices Guidelines

    Infographic

    Further reading

    Accelerate Business Growth and Valuation By Building Brand Awareness

    Develop and deploy comprehensive, multi-touchpoint brand awareness strategies to become the trusted brand that buyers think of first.

    EXECUTIVE BRIEF

    Analyst perspective

    Building brand awareness

    Achieving high brand awareness in a given market and becoming the benchmark for buyers

    is what every brand wants to achieve, as it is a guarantee of success. Building brand awareness,

    even though its immediate benefits are often difficult to see and measure, is essential for companies that want to stand out from their competitors and continue to grow in a sustainable way. The return on investment (ROI) may take longer, but the benefits are also greater than those achieved through short-term initiatives with the expectation of immediate, albeit often limited, results.

    Brands that are familiar to their target market have greater credibility, generate more sales,

    and have a more loyal customer base. CMOs that successfully execute brand awareness programs

    build brand equity and grow company valuation.

    This is a picture of Nathalie Vezina

    Nathalie Vezina
    Marketing Research Director
    SoftwareReviews Advisory

    Executive summary

    Brand leaders know that brand awareness is essential to the success of all marketing and sales activities. Brands that fail to invest in brand awareness are likely to face some, if not all these problems:

    • Lack of brand visibility and compelling storytelling.
    • Inability to reach the target audience.
    • Low engagement on digital platforms and with ads.
    • Difficulties generating and converting leads, or closing/winning sales/deals, and facing a high cost per acquisition.
    • Low/no interest or brand recognition, trust level, and customer retention rate.
    • Inability to justify higher pricing.

    Convincing stakeholders of the benefits of strong brand awareness can be difficult when the positive outcomes are hard to quantify, and the return on investment (ROI) is often long-term. Among the many obstacles brand leaders must overcome are:

    • Lack of longer-term corporate vision, focusing all efforts and resources on short-term growth strategies for a quick ROI.
    • Insufficient market and target buyers' information and understanding of the brand's key differentiator.
    • Misalignment of brand message, and difficulties creating compelling content that resonates with the target audience, generates interest, and keeps them engaged.
    • Limited or no resources dedicated to the development of the brand.

    Inspired by top-performing businesses and best practices, this blueprint provides the guidance and tools needed to successfully build awareness and help businesses grow. By following these guidelines, brand leaders can expect to:

    • Gain market intelligence and a clear understanding of the buyer's needs, your competitive advantage, and key differentiator.
    • Develop a clear and compelling value proposition and a human-centric brand messaging driven by the brand's values.
    • Increase online presence and brand awareness to attract and engage with buyers.
    • Develop a long-term brand strategy and execution plan.

    "A brand is the set of expectations, memories, stories, and relationships that, taken together, account for a consumer's decision to choose one product or service over another."

    – Seth Godin

    What is brand awareness?

    The act of making a brand visible and memorable.

    Brand awareness is the degree to which buyers are familiar with and recognize the attributes and image of a particular brand, product, or service. The higher the level of awareness, the more likely the brand is to come into play when a target audience enters the " buying consideration" phase of the buyer's journey.

    Brand awareness also plays an important role in building equity and increasing business valuation. Brands that are familiar to their target market have greater credibility, drive more sales and have a more loyal customer base.
    Building brand awareness allows increasing:

    • Brand visibility, perception, recognition, and reputation
    • Interactions and engagement with the target audience
    • Digital advertising performance and ROI
    • Conversion rates and sales wins
    • Revenue and profitability
    • Market share and share of voice (SOV)
    • Talents, partners, and investors attraction and retention
    • Brand equity, business growth, and market valuation

    "Products are made in a factory, but brands are created in the mind."
    Source: Walter Landor

    Capitalizing on a powerful brand

    A longer-term approach for an increased and more sustainable ROI.

    Market leader position

    Developing brand awareness is essential to increase the visibility and traction of a brand.

    Several factors may cause a brand to be not well-known. One reason might be that the brand recently launched, such as a startup. Another reason could be that the brand has rebranded or entered a new market.

    To become the trusted brand that buyers think of first in their target markets, it is critical for these brands to develop and deploy comprehensive, multi-touchpoint brand awareness strategies.

    A relationship leading to loyalty

    A longer-term brand awareness strategy helps build a strong relationship between the brand and the buyer, fostering a lasting and rewarding alliance.

    It also enables brands to reach and engage with their target audience effectively by using compelling storytelling and meaningful content.

    Adopting a more human-centric approach and emphasizing shared values makes the brand more attractive to buyers and can drive sales and gain loyalty.

    Sustainable business growth

    For brands that are not well established in their target market, short-term tactics that focus on immediate benefits can be ineffective. In contrast, long-term brand awareness strategies provide a more sustainable ROI (return on investment).

    Investing in building brand awareness can impact a business's ability to interact with its target audience, generate leads, and increase sales. Moreover, it can significantly contribute to boosting the business's brand equity and market valuation.

    "Quick wins may work in the short term, but they're not an ideal substitute for long-term tactics and continued success."
    Source: Forbes

    Impacts of low brand awareness on businesses

    Unfamiliar brands, despite their strong potential, won't thrive unless they invest in their notoriety.

    Brands that choose not to invest in longer-term awareness strategies and rely solely on short-term growth tactics in hopes of an immediate gain will see their ability to grow diminished and their longevity reduced due to a lack of market presence and recognition.

    Symptoms of a weakening brand include:

    • High marketing spending and limited result
    • Low market share or penetration
    • Low sales, revenue, and gross margin
    • Weak renewal rate, customer retention, and loyalty
    • Difficulties delivering on the brand promise, low/no trust in the brand
    • Limited brand equity, business valuation, and sustainability
    • Unattractive brand to partners and investors

    "Your brand is the single most important investment you can make in your business."
    Source: Steve Forbes

    Most common obstacles to increasing brand awareness

    Successfully building brand awareness requires careful preparation and planning.

    • Limited market intelligence
    • Unclear competitive advantage/key differentiator
    • Misaligned and inconsistent messaging and storytelling
    • Lack of long-term vision
    • and low prioritization
    • Limited resources to develop and execute brand awareness building tactics
    • Unattractive content that does not resonate, generates little or no interest and engagement

    Investing in the notoriety of the brand

    Become the top-of-mind brand in your target market.

    To stand out, be recognized by their target audience, and become major players in their industry, brands must adopt a winning strategy that includes the following elements:

    • In-depth knowledge and understanding of the market and audience
    • Strengthening digital presence and activities
    • Creating and publishing content relevant to the target audience
    • Reaching out through multiple touchpoints
    • Using a more human-centric approach
    • Ensure consistency in all aspects of the brand, across all media and channels

    How far are you from being the brand buyers think of first in your target market?

    This is an image of the Brand Awareness Pyramid.

    Brand awareness pyramid

    Based on David Aaker's brand loyalty pyramid

    Tactics for building brand awareness

    Focus on effective ways to gain brand recognition in the minds of buyers.

    This is an image of the Brand Awareness Journey Roadmap.

    Brand recognition requires in-depth knowledge of the target market, the creation of strong brand attributes, and increased presence and visibility.

    Understand the market and audience you're targeting

    Be prepared. Act smart.

    To implement a winning brand awareness-building strategy, you must:

    • Be aware of your competitor's strengths and weaknesses, as well as yours.
    • Find out who is behind the keyboard, and the user experience they expect to have.
    • Plan and continuously adapt your tactics accordingly.
    • Make your buyer the hero.

    Identify the brands' uniqueness

    Find your "winning zone" and how your brand uniquely addresses buyers' pain points.

    Focus on your key differentiator

    A brand has found its "winning zone" or key differentiator when its value proposition clearly shows that it uniquely solves its buyers' specific pain points.

    Align with your target audience's real expectations and successfully interact with them by understanding their persona and buyer's journey. Know:

    • How you uniquely address their pain points.
    • Their values and what motivates them.
    • Who they see as authorities in your field.
    • Their buying habits and trends.
    • How they like brands to engage with them.

    An image of a Venn diagram between the following three terms: Buyer pain point; Competitors' value proposition; your unique value proposition.  The overlapping zone is labeled the Winning zone.  This is your key differentiator.

    Give your brand a voice

    Define and present a consistent voice across all channels and assets.

    The voice reflects the personality of the brand and the emotion to be transmitted. That's why it's crucial to establish strict rules that define the language to use when communicating through the brand's voice, the type of words, and do's and don'ts.

    To be recognizable it is imperative to avoid inconsistencies. No matter how many people are behind the brand voice, the brand must show a unique, distinctive personality. As for the tone, it may vary according to circumstances, from lighter to more serious.

    Up to 80% Increased customer recognition when the brand uses a signature color scheme across multiple platforms
    Source: startup Bonsai
    23% of revenue increase is what consistent branding across channels leads to.
    Source: Harvard Business Review

    When we close our eyes and listen, we all recognize Ella Fitzgerald's rich and unique singing voice.

    We expect to recognize the writing of Stephen King when we read his books. For the brand's voice, it's the same. People want to be able to recognize it.

    Adopt a more human-centric approach

    If your brand was a person, who would it be?

    Human attributes

    Physically attractive

    • Brand identity
    • Logo and tagline
    • Product design

    Intellectually stimulating

    • Knowledge and ideas
    • Continuous innovation
    • Thought leadership

    Sociable

    • Friendly, likeable and fun
    • Confidently engage with audience through multiple touchpoints
    • Posts and shares meaningful content
    • Responsive

    Emotionally connected

    • Inspiring
    • Powerful influencer
    • Triggers emotional reactions

    Morally sound

    • Ethical and responsible
    • Value driven
    • Deliver on its promise

    Personable

    • Honest
    • Self-confident and motivated
    • Accountable

    0.05 Seconds is what it takes for someone to form an opinion about a website, and a brand.
    Source: 8ways

    90% of the time, our initial gut reaction to products is based on color alone.
    Source: startup Bonsai

    56% of the final b2b purchasing decision is based on emotional factors.
    Source: B@B International

    Put values at the heart of the brand-buyers relationship

    Highlight values that will resonate with your audience.

    Brands that focus on the values they share with their buyers, rather than simply on a product or service, succeed in making meaningful emotional connections with them and keep them actively engaged.

    Shared values such as transparency, sustainability, diversity, environmental protection, and social responsibility become the foundation of a solid relationship between a brand and its audience.

    The key is to know what motivates the target audience.

    86% of consumers claim that authenticity is one of the key factors they consider when deciding which brands they like and support.
    Source: Business Wire

    56% of the final decision is based on having a strong emotional connection with the supplier.
    Source: B2B International

    64% of today's customers are belief-driven buyers; they want to support brands that "can be a powerful force for change."
    Source: Edelman

    "If people believe they share values with a company, they will stay loyal to the brand."
    – Howard Schultz
    Source: Lokus Design

    Double-down on digital

    Develop your digital presence and reach out to your target audiences through multiple touchpoints.

    Beyond engaging content, reaching the target audience requires brands to connect and interact with their audience in multiple ways so that potential buyers can form an opinion.

    With the right message consistently delivered across multiple channels, brands increase their reach, create a buzz around their brand and raise awareness.

    73% of today's consumers confirm they use more than one channel during a shopping journey
    Source: Harvard Business Review

    Platforms

    • Website and apps
    • Social media
    • Group discussions

    Multimedia

    • Webinars
    • Podcasts
    • Publication

    Campaign

    • Ads and advertising
    • Landing pages
    • Emails, surveys drip campaigns

    Network

    • Tradeshows, events, sponsorships
    • Conferences, speaking opportunities
    • Partners and influencers

    Use social media to connect

    Reach out to the masses with a social media presence.

    Social media platforms represent a cost-effective opportunity for businesses to connect and influence their audience and tell their story by posting relevant and search-engine-optimized content regularly on their account and groups. It's also a nice gateway to their website.

    Building a relationship with their target buyer through social media is also an easy way for businesses to:

    • Understand the buyers.
    • Receive feedback on how the buyers perceive the brand and how to improve it.
    • Show great user experience and responsiveness.
    • Build trust.
    • Create awareness.

    75% of B2B buyers and 84% of C-Suite executives use social media when considering a purchase
    Source: LinkedIn Business

    92% of B2B buyers use social media to connect with leaders in the sales industry.
    Source: Techjury

    With over 4.5 billion social media users worldwide, and 13 new users signing up to their first social media account every second, social media is fast becoming a primary channel of communication and social interaction for many.
    Source: McKinsey

    Become the expert subject matter

    Raise awareness with thought leadership content.

    Thought leadership is about building credibility
    by creating and publishing meaningful, relevant content that resonates with a target audience.
    Thought leaders write and publish all kinds of relevant content such as white papers, ebooks, case studies, infographics, video and audio content, webinars, and research reports.
    They also participate in speaking opportunities, live presentations, and other high-visibility forums.
    Well-executed thought leadership strategies contribute to:

    • Raise awareness.
    • Build credibility.
    • Be recognized as a subject expert matter.
    • Become an industry leader.

    60% of buyers say thought leadership builds credibility when entering a new category where the brand is not already known.
    Source: Edelman | LinkedIn

    70% of people would rather learn about a company through articles rather than advertising.
    Source: Brew Interactive

    57% of buyers say that thought leadership builds awareness for a new or little-known brand.
    Source: Edelman | LinkedIn

    To achieve best results

    • Know the buyers' persona and journey.
    • Create original content that matches the persona of the target audience and that is close to their values.
    • Be Truthful and insightful.
    • Find the right tone and balance between being human-centric, authoritative, and bold.
    • Be mindful of people's attention span and value their time.
    • Create content for each phase of the buyer's journey.
    • Ensure content is SEO, keyword-loaded, and add calls-to-action (CTAs).
    • Add reason to believe, data to support, and proof points.
    • Address the buyers' pain points in a unique way.

    Avoid

    • Focusing on product features and on selling.
    • Publishing generic content.
    • Using an overly corporate tone.

    Promote personal branding

    Rely on your most powerful brand ambassadors and influencers: your employees.

    The strength of personal branding is amplified when individuals and companies collaborate to pursue personal branding initiatives that offer mutual benefits. By training and positioning key employees as brand ambassadors and industry influencers, brands can boost their brand awareness through influencer marketing strategies.

    Personal branding, when well aligned with business goals, helps brands leverage their key employee's brands to:

    • Increase the organization's brand awareness.
    • Broaden their reach and circle of influence.
    • Show value, gain credibility, and build trust.
    • Stand out from the competition.
    • Build employee loyalty and pride.
    • Become a reference to other businesses.
    • Increase speaking opportunities.
    • Boost qualified leads and sales.

    About 90% of organizations' employee network tends to be completely new to the brand.
    Source: Everyone Social

    8X more engagement comes from social media content shared by employees rather than brand accounts.
    Source: Entrepreneur

    561% more reach when brand messages are shared by employees on social media, than the same message shared by the Brand's social media.
    Source: Entrepreneur

    "Personal branding is the art of becoming knowable, likable and trustable."
    Source: Founder Jar, John Jantsch

    Invest in B2B influencer marketing

    Broaden your reach and audiences by leveraging the voice of influencers.

    Influencers are trusted industry experts and analysts who buyers can count on to provide reliable information when looking to make a purchase.

    Influencer marketing can be very effective to reach new audiences, increase awareness, and build trust. But finding the right influencers with the level of credibility and visibility brands are expecting can sometimes be challenging.

    Search for influencers that have:

    • Relevance of audience and size.
    • Industry expertise and credibility.
    • Ability to create meaningful content (written, video, audio).
    • Charismatic personality with values consistent with the brand.
    • Frequent publications on at least one leading media platform.

    76% of people say that they trust content shared by people over a brand.
    Source: Adweek


    44% increased media mention of the brand using B2B influencer marketers.
    Source: TopRank Marketing

    Turn your customers into brand advocates

    Establish customer advocacy programs and deliver a great customer experience.

    Retain your customers and turn them into brand advocates by building trust, providing an exceptional experience, and most importantly, continuously delivering on the brand promise.

    Implement a strong customer advocacy program, based on personalized experiences, the value provided, and mutual exchange, and reap the benefits of developing and growing long-term relationships.

    92% of individuals trust word-of-mouth recommendations, making it one of the most trust-rich forms of advertising.
    Source: SocialToaster

    Word-of-mouth (advocacy) marketing increases marketing effectiveness by 54%
    Source: SocialToaster

    Make your brand known and make it stick in people's minds

    Building and maintaining high brand awareness requires that each individual within the organization carry and deliver the brand message clearly and consistently across all media whether in person, in written communications, or otherwise.

    To achieve this, brand leaders must first develop a powerful, researched narrative that people will embrace and convey, which requires careful preparation.

    Target market and audience intel

    • Target market Intel
    • Buyer persona and journey/pain points
    • Uniqueness and positioning

    Brand attributes

    • Values at the heart of the relationship
    • Brand's human attributes

    Brand visibly and recall

    • Digital and social media presence
    • Thought leadership
    • Personal branding
    • Influencer marketing

    Brand awareness building plan

    • Long-term awareness and multi-touchpoint approach
    • Monitoring and optimization

    Short and long-term benefits of increasing brand awareness

    Brands are built over the long term but the rewards are high.

    • Stronger brand perception
    • Improved engagement and brand associations
    • Enhanced credibility, reputation, and trust
    • Better connection with customers
    • Increased repeat business
    • High-quality leads
    • Higher and faster conversion rate
    • More sales closed/ deals won
    • Greater brand equity
    • Accelerated growth

    "Strong brands outperform their less recognizable competitors by as much as 73%."
    Source: McKinsey

    Brand awareness building

    Building brand awareness, even though immediate benefits are often difficult to see and measure, is essential for companies to stand out from their competitors and continue to grow in a sustainable way.

    To successfully raise awareness, brands need to have:

    • A longer-term vision and strategy.
    • Market Intelligence, a clear value proposition, and key differentiator.
    • Consistent, well-aligned messaging and storytelling.
    • Digital presence and content.
    • The ability to reach out through multiple touchpoints.
    • Necessary resources.

    Without brand awareness, brands become less attractive to buyers, talent, and investors, and their ability to grow, increase their market value, and be sustainable is reduced.

    Brand awareness building methodology

    Define brands' personality and message

    • Gather market intel and analyze the market.
    • Determine the value proposition and positioning.
    • Define the brand archetype and voice.
    • Craft a compelling brand message and story.
    • Get all the key elements of your brand guidelines.

    Start building brand awareness

    • Achieve strategy alignment and readiness.
    • Create and manage assets.
    • Deploy your tactics, assets, and workflows.
    • Establish key performance indicators (KPIs).
    • Monitor and optimize on an ongoing basis.

    Toolkit

    • Market and Influencing Factors Analysis
    • Recognition Survey and Best Practices
    • Buyer Personas and Journeys
    • Purpose, Mission, Vision, Values
    • Value Proposition and Positioning
    • Brand Message, Voice, and Writing Style
    • Brand Strategy and Tactics
    • Asset Creation and Management
    • Strategy Rollout Plan

    Short and long-term benefits of increasing brand awareness

    Increase:

    • Brand perception
    • Brand associations and engagement
    • Credibility, reputation, and trust
    • Connection with customers
    • Repeat business
    • Quality leads
    • Conversion rate
    • Sales closed / deals won
    • Brand equity and growth

    It typically takes 5-7 brand interactions before a buyer remembers the brand.
    Source: Startup Bonsai

    Who benefits from this brand awareness research?

    This research is being designed for:
    Brand and marketing leaders who:

    • Know that brand awareness is essential to the success of all marketing and sales activities.
    • Want to make their brand unique, recognizable, meaningful, and highly visible.
    • Seek to increase their digital presence, connect and engage with their target audience.
    • Are looking at reaching a new segment of the market.

    This research will also assist:

    • Sales with qualified lead generation and customer retention and loyalty.
    • Human Resources in their efforts to attract and retain talent.
    • The overall business with growth and increased market value.

    This research will help you:

    • Gain market intelligence and a clear understanding of the target audience's needs and trends, competitive advantage, and key differentiator.
    • The ability to develop clear and compelling, human-centric messaging and compelling story driven by brand values.
    • Increase online presence and brand awareness activities to attract and engage with buyers.
    • Develop a long-term brand awareness strategy and deployment plan.

    This research will help them:

    • Increase campaign ROI.
    • Develop a longer-term vision and benefits of investing in longer-term initiatives.
    • Build brand equity and increase business valuation.
    • Grow your business in a more sustainable way.

    SoftwareReviews' brand awareness building methodology

    Phase 1 Define brands' personality and message

    Phase 2 Start building brand awareness

    Phase steps

    1.1 Gather market intelligence and analyze the market.

    1.2 Develop and document the buyer's persona and journey.

    1.3 Uncover the brand mission, vision statement, core values, value proposition and positioning.

    1.4 Define the brand's archetype and tone of voice, then craft a compelling brand messaging.

    2.1 Achieve strategy alignment and readiness.

    2.2 Create assets and workflows and deploy tactics.

    2.3 Establish key performance indicators (KPIs), monitor, and optimize on an ongoing basis.

    Phase outcomes

    • Target market and audience are identified and documented.
    • A clear value proposition and positioning are determined.
    • The brand personality, voice, and messaging are developed.
    • All the key elements of the brand guidelines are in place and ready to use, along with the existing logo, typography, color palette, and imagery.
    • A comprehensive and actionable brand awareness strategy, with tactics, KPIs, and metrics, is set and ready to execute.
    • A progressive and effective deployment plan with deliverables, timelines, workflows, and checklists is in place.
    • Resources are assigned.

    Insight summary

    Brands to adapt their strategies to achieve longer-term growth
    Brands must adapt and adjust their strategies to attract informed buyers who have access to a wealth of products, services, and brands from all over. Building brand awareness, even though immediate benefits are often difficult to see and measure, has become essential for companies that want to stand out from their competitors and continue to grow in a sustainable way.

    A more human-centric approach
    Brand personalities matter. Brands placing human values at the heart of the customer-brand relationship will drive interest in their brand and build trust with their target audience.

    Stand out from the crowd
    Brands that develop and promote a clear and consistent message across all platforms and channels, along with a unique value proposition, stand out from their competitors and get noticed.

    A multi-touchpoints strategy
    Engage buyers with relevant content across multiple media to address their pain points. Analyze touchpoints to determine where to invest your efforts.

    Going social
    Buyers expect brands to be active and responsive in their interactions with their audience. To build awareness, brands are expected to develop a strong presence on social media by regularly posting relevant content, engaging with their followers and influencers, and using paid advertising. They also need to establish thought leadership through content such as white papers, case studies, and webinars.

    Thought leaders wanted
    To enhance their overall brand awareness strategy, organizations should consider developing the personal brand of key executives. Thought leadership can be a valuable method to gain credibility, build trust, and drive conversion. By establishing thought leadership, businesses can increase brand mentions, social engagement, website traffic, lead generation, return on investment (ROI), and Net Promoter Score (NPS).

    Save time and money with SoftwareReviews' branding advice

    Collaborating with SoftwareReviews analysts for inquiries not only provides valuable advice but also leads to substantial cost savings during branding activities, particularly when partnering with an agency.

    Guided Implementation Purpose Measured Value
    Build brands' personality and message Get the key elements of the brand guidelines in place and ready to use, along with your existing logo, typography, color palette, and imagery, to ensure consistency and clarity across all brand touchpoints from internal communication to customer-facing materials. Working with SoftwareReviews analysts to develop brand guidelines saves costs compared to hiring an agency.

    Example: Building the guidelines with an agency will take more or less the same amount of time and cost approximately $80K.

    Start building brand awareness Achieve strategy alignment and readiness, then deploy tactics, assets, and other deliverables. Start building brand awareness and reap the immediate and long-term benefits.

    Working with SoftwareReviews analysts and your team to develop a long-term brand strategy and deployment will cost you less than a fraction of the cost of using an agency.

    Example: Developing and executing long-term brand awareness strategies with an agency will cost between $50-$75K/month over a 24-month period minimum.

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1

    Build brands' personality and message

    Phase 2

    Start building brand awareness

    • Call #1: Discuss concept and benefits of building brand awareness. Identify key stakeholders. Anticipate concerns and objections.
    • Call #2: Discuss target market intelligence, information gathering, and analysis.
    • Call #3: Review market intelligence information. Address questions or concerns.
    • Call #4: Discuss value proposition and guide to find positioning and key differentiator.
    • Call #5: Review value proposition. Address questions or concerns.
    • Call #6: Discuss how to build a comprehensive brand awareness strategy using SR guidelines and template.
    • Call #7: Review strategy. Address questions or concerns.
    • Call #8: Second review of the strategy. Address questions or concerns.
    • Call #9 (optional): Third review of the strategy. Address questions or concerns.
    • Call #10: Discuss how to build the Execution Plan using SR template.
    • Call #11: Review Execution Plan. Address questions or concerns.
    • Call #12: Second review of the Execution Plan. Address questions or concerns.
    • Call #13 (optional): Third review of the Execution Plan. Address questions or concerns.
    • Call #14: Discuss how to build a compelling storytelling and content creation.
    • Call #15: Discuss website and social media platforms and other initiatives.
    • Call #16: Discuss marketing automation and continuous monitoring.
    • Call #17 (optional): Discuss optimization and reporting
    • Call #18: Debrief and determine how we can help with next steps.

    A Guided Implementation (GI) is a series of calls with a SoftwareReviews Marketing Analyst to help implement our best practices in your organization.

    Your engagement managers will work with you to schedule analyst calls.

    Brand awareness building tools

    Each step of this blueprint comes with tools to help you build brand awareness.

    Brand Awareness Tool Kit

    This kit includes a comprehensive set of tools to help you better understand your target market and buyers, define your brand's personality and message, and develop an actionable brand awareness strategy, workflows, and rollout plan.

    The set includes these templates:
    • Market and Influencing Factors Analysis
    • Recognition Survey and Best Practices
    • Buyer Personas and Journeys
    • Purpose, Mission, Vision, and Values
    • Value Proposition and Positioning
    • Brand Message, Voice, and Writing Style
    • Brand Strategy and Tactics
    • Asset Creation and Management
    • Strategy Rollout Plan
    An image of a series of screenshots from the templates listed in the column to the left of this image.

    Get started!

    Know your target market and audience, deploy well-designed strategies based on shared values, and make meaningful connections with people.

    Phase 1

    Define brands' personality and message

    Phase 2

    Start building brand awareness

    Phase 1

    Define brands' personality and message

    Steps

    1.1 Gather market intelligence and analyze the market.
    1.2 Develop and document the buyer's persona and journey.
    1.3 Uncover the brand mission, vision statement, core values, positioning, and value proposition.
    1.4 Define the brand's archetype and tone of voice, then craft a compelling brand messaging.

    Phase outcome

    • Target market and audience are identified and documented.
    • A clear value proposition and positioning are determined.
    • The brand personality, voice, and messaging are developed.
    • All the key elements of the brand guidelines are in place. and ready to use, along with the existing logo, typography, color palette, and imagery..

    Build brands' personality and message

    Step 1.1 Gather market intelligence and analyze the market.

    Total duration: 2.5-8 hours

    Objective

    Analyze and document your competitive landscape, assess your strengths, weaknesses, opportunities,
    and threats, gauge the buyers' familiarity with your brand, and identify the forces of influence.

    Output

    This exercise will allow you to understand your market and is essential to developing your value proposition.

    Participants

    • Head of branding and key stakeholders

    MarTech
    May require you to:

    • Register to a Survey Platform.
    • Use, setup, or install platforms like CRM and/or Marketing Automation Platform.

    Tools

    1.1.1 SWOT and competitive landscape

    (60-120 min.)

    Analyze & Document

    Follow the instructions in the Market Analysis Template to complete the SWOT and Competitive Analysis, slides 4 to 7.

    1.1.3 Internal and External Factors

    (30-60 min.)

    Analyze

    Follow the instructions in the External and Internal Factors Analysis Template to perform the PESTLE, Porter's 5 Forces, and Internal Factors and VRIO Analysis.

    Transfer

    Transfer key information into slides 10 and 11 of the Market Analysis Template.

    Consult SoftwareReviews website to find the best survey and MarTech platforms or contact one of our analysts for more personalized assistance and guidance

    1.1.2 Brand recognition

    (60-300 min.)

    Prep

    Adapt the survey and interview questions in the Brand Recognition Survey Questionnaire and List Template.

    Determine how you will proceed to conduct the survey and interviews (internal or external resources, and tools).

    Refer to the Survey Emails Best Practices Guidelines for more information on how to conduct email surveys.

    Collect & Analyze

    Use the Brand Recognition Survey Questionnaire and List Template to build your list, conduct the survey /interviews, and collect and analyze the feedback received.

    Transfer

    Transfer key information into slides 8 and 9 of the Market Analysis Template.

    Brand performance diagnostic

    Have you considered diagnosing your brand's current performance before you begin building brand awareness?

    Audit your brand using the Diagnose Brand Health to Improve Business Growth blueprint.Collect and interpret qualitative and quantitative brand performance measures.

    The toolkit includes the following templates:

    • Surveys and interviews questions and lists
    • External and internal factor analysis
    • Digital and financial metrics analysis

    Also included is an executive presentation template to communicate the results to key stakeholders and recommendations to fix the uncovered issues.

    Build brands' personality and message

    Step 1.2 Develop and document the buyer's persona and journey.

    Total duration: 4-8 hours

    Objective

    Gather existing and desired customer insights and conduct market research to define and personify your buyers' personas and their buying behaviors.

    Output

    Provide people in your organization with clear direction on who your target buyers are and guidance on how to effectively reach and engage with them throughout their journey.
    Participants

    • Head of branding
    • Key stakeholders from sales and product marketing

    MarTech
    May require you to:

    • Register to an Online Survey Platform (free version or subscription).
    • Use, setup, or installation of platforms like CRM and/or Marketing Automation Platform.

    Tools

    1.2.1 Buyer Personas and Journeys

    (240-280 min.)

    Research

    Identify your tier 1 to 3 customers using the Ideal Client Profile (ICP) Workbook. (Recommended)

    Survey and interview existing and desired customers based using the Buyer Persona and Journey Interview Guide and Data Capture Tool. (Recommended)

    Create

    Define and document your tier 1 to 3 Buyer Personas and Journeys using the Buyer Personas and Journeys Presentation Template.

    Consult SoftwareReviews website to find the best survey platform for your needs or contact one of our analysts for more personalized assistance and guidance

    Buyer Personas and Journeys

    A well-defined buyer persona and journey is a great way for brands to ensure they are effectively reaching and engaging their ideal buyers through a personalized buying experience.

    When properly documented, it provides valuable insights about the ideal customers, their needs, challenges, and buying decision processes allowing the development of initiatives that correspond to the target buyers.

    Build brands' personality and message

    Step 1.3 Uncover the brand mission, vision statement, core values, value proposition, and positioning.

    Total duration: 4-5.5 hours

    Objective
    Define the "raison d'être" and fundamental principles of your brand, your positioning in the marketplace, and your unique competitive advantage.

    Output
    Allows everyone in an organization to understand and align with the brand's raison d'être beyond the financial dimension, its current positioning and objectives, and how it intends to achieve them.
    It also serves to communicate a clear and appealing value proposition to buyers.

    Participants

    • Head of branding
    • Chief Executive Officer (CEO)
    • Key stakeholders

    Tools

    • Brand Purpose, Mission, Vision, and Values Template
    • Value Proposition and Positioning Statement Template

    1.3.1 Brand Purpose, Mission, Vision, and Values

    (90-120 min.)

    Capture or Develop

    Capture or develop, if not already existing, your brand's purpose, mission, vision statement, and core values using slides 4 to 7 of the Brand Purpose, Mission, Vision, and Values Template.

    1.3.2 Brand Value Proposition and Positioning

    (150-210 min.)

    Define

    Map the brand value proposition using the canvas on slide 5 of the Value Proposition and Positioning Statement Template, and clearly articulate your value proposition statement on slide 4.

    Optional: Use canvas on slide 7 to develop product-specific product value propositions.

    On slide 8 of the same template, develop your brand positioning statement.

    Build brands' personality and message

    Steps 1.4 Define the brand's archetype and tone of voice, and craft a compelling brand messaging.

    Total duration: 5-8 hours

    Objective

    Define your unique brand voice and develop a set of guidelines, brand story, and messaging to ensure consistency across your digital and non-digital marketing and communication assets.
    Output

    A documented brand personality and voice, as well as brand story and message, will allow anyone producing content or communicating on behalf of your brand to do it using a unique and recognizable voice, and convey the right message.

    Participants

    • Head of branding
    • Content specialist
    • Chief Executive Officer and other key stakeholders

    Tools

    • Brand Voice Guidelines Template
    • Writing Style Guide Template
    • Brand Messaging Template
    • Writer Checklist Template

    1.4.1 Brand Archetype and Tone of Voice

    (120-240 min.)

    Define and document

    Refer to slides 5 and 6 of the Brand Voice Guidelines Template to define your brand personality (archetype), slide 7.

    Use the Brand Voice Guidelines Template to define your brand tone of voice and characteristics on slides 8 and 9, based on the 4 primary tone of voice dimensions, and develop your brand voice chart, slide 9.

    Set Rules

    In the Writing Style Guide template, outline your brand's writing principles, style, grammar, punctuation, and number rules.

    1.4.2 Brand Messaging

    (180-240 min.)

    Craft

    Use the Brand Messaging template, slides 4 to 7, to craft your brand story and message.

    Audit

    Create a content audit to review and approve content to be created prior to publication, using the Writer's Checklist template.

    Important Tip!

    A consistent brand voice leads to remembering and trusting the brand. It should stand out from the competitors' voices and be meaningful to the target audience. Once the brand voice is set, avoid changing it.

    Phase 2

    Start building brand awareness

    Steps

    2.1 Achieve strategy alignment and readiness.
    2.2 Create assets and workflows, and deploy tactics.
    2.3 Establish key performance indicators (KPIs), monitor, and optimize on an ongoing basis.

    Phase outcome

    • A comprehensive and actionable brand awareness strategy, with tactics, KPIs, and metrics, is set and ready to execute.
    • A progressive and effective deployment plan with deliverables, timelines, workflows, and checklists is in place.
    • Resources are assigned.

    Start building brand awareness

    Step 2.1 Achieve strategy readiness and alignment.

    Total duration: 4-5 hours

    Objective

    Now that you have all the key elements of your brand guidelines in place, in addition to your existing logo, typography, color palette, and imagery, you can begin to build brand awareness.

    Start planning to build brand awareness by developing a comprehensive and actionable brand awareness strategy with tactics that align with the company's purpose and objectives. The strategy should include achievable goals and measurables, budget and staffing considerations, and a good workload assessment.

    Output

    A comprehensive long-term, actionable brand awareness strategy with KPIs and measurables.

    Participants

    • Head of branding
    • Key stakeholders

    Tools

    • Brand Awareness Strategy and Tactics Template

    2.1.1 Brand Awareness Analysis

    (60-120 min.)

    Identify

    In slide 5 of the Brand Awareness Strategy and Tactics Template, identify your top three brand awareness drivers, opportunities, inhibitors, and risks to help you establish your strategic objectives in building brand awareness.

    2.1.2 Brand Awareness Strategy

    (60-120 min.)

    Elaborate

    Use slides 6 to 10 of the Brand Awareness Strategy and Tactics Template to elaborate on your strategy goals, key issues, and tactics to begin or continue building brand awareness.

    2.1.3 Brand Awareness KPIs and Metrics

    (180-240 min.)

    Set

    Set the strategy performance metrics and KPIs on slide 11 of the Brand Awareness Strategy and Tactics Template.

    Monitor

    Once you start executing the strategy, monitor and report each quarter using slides 13 to 15 of the same document.

    Understanding the difference between strategies and tactics

    Strategies and tactics can easily be confused, but although they may seem similar at times, they are in fact quite different.

    Strategies and tactics are complementary.

    A strategy is a plan to achieve specific goals, while a tactic is a concrete action or set of actions used to implement that strategy.

    To be effective, brand awareness strategies should be well thought-out, carefully planned, and supported by a series of tactics to achieve the expected outcomes.

    Start building brand awareness

    Step 2.2 Create assets and workflows and deploy tactics.

    Total duration: 3.5-4.5 hours

    Objective

    Build a long-term rollout with deliverables, milestones, timelines, workflows, and checklists. Assign resources and proceed to the ongoing development of assets. Implement, manage, and continuously communicate the strategy and results to key stakeholders.

    Output

    Progressive and effective development and deployment of the brand awareness-building strategy and tactics.

    Participants

    • Head of branding

    Tools

    • Asset Creation and Management List
    • Campaign Workflows Template
    • Brand Awareness Strategy Rollout Plan Template

    2.2.1 Assets Creation List

    (60-120 min.)

    Inventory

    Inventory existing assets to create the Asset Creation and Management List.

    Assign

    Assign the persons responsible, accountable, consulted, and informed of the development of each asset, using the RACI model in the template. Ensure you identify and collaborate with the right stakeholders.

    Prioritize

    Prioritize and add release dates.

    Communicate

    Update status and communicate regularly. Make the list with links to the assets available to the extended team to consult as needed.

    2.2.2 Rollout Plan

    (60-120 min.)

    Inventory

    Map out your strategy deployment in the Brand Awareness Strategy Rollout Plan Template and workflow in the Campaign Workflow Template.

    Assign

    Assign the persons responsible, accountable, consulted, and informed for each tactic, using the RACI model in the template. Ensure you identify and collaborate with the right stakeholders.

    Prioritize

    Prioritize and adjust the timeline accordingly.

    Communicate

    Update status and communicate regularly. Make the list with links to the assets available to the extended team to consult as needed.

    Band Awareness Strategy Rollout Plan
    A strategy rollout plan typically includes the following:

    • Identifying a cross-functional team and resources to develop the assets and deploy the tactics.
    • Listing the various assets to create and manage.
    • A timeline with key milestones, deadlines, and release dates.
    • A communication plan to keep stakeholders informed and aligned with the strategy and tactics.
    • Ongoing performance monitoring.
    • Constant adjustments and improvements to the strategy based on data collected and feedback received.

    Start building brand awareness

    Step 2.3 Establish key performance indicators (KPIs), monitor, and optimize on an ongoing basis.

    Total duration: 3.5-4.5 hours

    Objective

    Brand awareness is built over a long period of time and must be continuously monitored in several ways. Measuring and monitoring the effectiveness of your brand awareness activities will allow you to constantly adjust your tactics and continue to build awareness.

    Output

    This step will provide you with a snapshot of your current level of brand awareness and interactions with the brand, and allow you to set up the tools for ongoing monitoring and optimization.

    Participants

    • Head of branding
    • Digital marketing manager

    MarTech
    May require you to:

    • Register to an Online Survey Platform(free version or subscription), or
    • Use, setup, or installation of platforms like CRM and/or Marketing Automation Platform.
    • Use Google Analytics or other tracking tools.
    • Use social media and campaign management tools.

    Tools

    • Brand Awareness Strategy and Tactics Template

    2.2.2 Rollout Plan

    (60-120 min.)

    Measure

    Monitor and record the strategy performance metrics in slides 12 to 15 of the Brand Awareness Strategy and Tactics template, and gauge its performance against preset KPIs in slide 11. Make ongoing improvements to the strategy and assets.

    Communicate

    The same slides in which you monitor strategy performance can be used to report on the results of the current strategy to key stakeholders on a monthly or quarterly basis, as appropriate.

    Take this opportunity to inform stakeholders of any adjustments you plan to make to the existing plan to improve its performance. Since brand awareness is built over time, be sure to evaluate the results based on how long the strategy has been in place before making major changes.

    Consult SoftwareReviews website to find the best survey, brand monitoring and feedback, and MarTech platforms, or contact one of our analysts for more personalized assistance and guidance

    Measuring brand strategy performance
    There are two ways to measure and monitor your brand's performance on an ongoing basis.

    • By registering to brand monitoring and feedback platforms and tools like Meltwater, Hootsuite, Insights, Brand24, Qualtrics, and Wooltric.
    • Manually, using native analytics built in the platforms you're already using, such as Google and Social Media Analytics, or by gathering customer feedback through surveys, or calculating CAC, ROI, and more in spreadsheets.

    SoftwareReviews can help you choose the right platform for your need. We also equip you with manual tools, available with the Diagnose Brand Health to Improve Business Growthblueprint to measure:

    • Surveys and interviews questions and lists.
    • External and internal factor analysis.
    • Digital and financial metrics analysis.
    • Executive presentation to report on performance.

    Related SoftwareReviews research

    An image of the title page for SoftwareReviews Create a Buyer Persona and Journey. An image of the title page for SoftwareReviews Diagnose Brand Health to Improve Business Growth.

    Create a Buyer Persona and Journey

    Get deeper buyer understanding and achieve product-market fit, with easier access to market and sales

    • Reduce time and resources wasted chasing the wrong prospects.
    • Increase open and click-through rates.
    • Perform more effective sales discovery.
    • Increase win rate.

    Diagnose Brand Health to Improve Business Growth

    Have a significant and well-targeted impact on business success and growth by knowing how your brand performs, identifying areas of improvement, and making data-driven decisions to fix them.

    • Increase brand awareness and equity.
    • Build trust and improve customer retention and loyalty.
    • Achieve higher and faster growth.

    Bibliography

    Aaker, David. "Managing Brand Equity." Simon & Schuster, 1991.
    "6 Factors for Brands to Consider While Designing Their Communication." Lokus Design, 23 Sept. 2022.
    "20 Advocacy Marketing Statistics You Need to Know." Social Toaster, n.d.
    Bazilian, Emma. "How Millennials and Baby Boomers Consume User-Generated Content And what brands can learn from their preferences." Adweek, January 2, 2017.
    B2B International, a Gyro: company, B2B Blog - Why Human-To-Human Marketing Is the Next Big Trend in a Tech-Obsessed World.
    B2B International, a Gyro: company, The State of B2B Survey 2019 - Winning with Emotions: How to Become Your Customer's First Choice.
    Belyh, Anastasia. "Brand Ambassador 101:Turn Your Personal Brand into Cash." Founder Jar, December 6, 2022.
    Brand Master Academy.com.
    Businesswire, a Berkshire Hathaway Company, "Stackla Survey Reveals Disconnect Between the Content Consumers Want & What Marketers Deliver." February 20, 2019.
    Chamat, Ramzi. "Visual Design: Why First Impressions Matter." 8 Ways, June 5, 2019.
    Cognism. "21 Tips for Building a LinkedIn Personal Brand (in B2B SaaS)."
    Curleigh, James. "How to Enhance and Expand a Global Brand." TED.
    "2019 Edelman Trust Barometer." Edelman.
    Erskine, Ryan. "22 Statistics That Prove the Value of Personal Branding." Entrepreneur, September 13, 2016.
    Forbes, Steve. "Branding for Franchise Success: How To Achieve And Maintain Brand Consistency Across A Franchise Network?" Forbes, 9 Feb. 2020.
    Godin, Seth. "Define: Brand." Seth's Blog, 30 Dec. 2009,
    Houragan, Stephen. "Learn Brand Strategy in 7 Minutes (2023 Crash Course)." YouTube.
    Jallad, Revecka. "To Convert More Customers, Focus on Brand Awareness." Forbes, October 22, 2019.
    Kingsbury, Joe, et al. "2021 B2B Thought Leadership Impact Study." Edelman, 2021.
    Kunsman, Todd. "The Anatomy of an Employee Influencer." EveryoneSocial, September 8, 2022.
    Landor, Walter. A Brand New World: The Fortune Guide to the 21st Century. Time Warner Books, 1999.
    Liedke, Lindsay. "37+ Branding Statistics For 2023: Stats, Facts & Trends." Startup Bonsai, January 2, 2023.
    Millman, Debbie. "How Symbols and Brands Shape our Humanity." TED, 2019.
    Nenova, Velina. "21 Eye-Opening B2B Marketing Statistics to Know in 2023." Techjury, February 9, 2023.
    Perrey, Jesko et al., "The brand is back: Staying relevant in an accelerating age." McKinsey & Company, May 1, 2015.
    Schaub, Kathleen. "Social Buying Meets Social Selling: How Trusted Networks Improve the Purchase Experience." LinkedIn Business, April 2014.
    Sopadjieva, Emma et al. "A Study of 46,000 Shoppers Shows That Omnichannel Retailing Works." Harvard Business Review, January 3, 2017.
    Shaun. "B2B Brand Awareness: The Complete Guide 2023." B2B House. 2023.
    TopRank Marketing, "2020 State of B2B Influencer Marketing Research Report." Influencer Marketing Report.

    Leverage Agile Goal Setting for Improved Employee Engagement & Performance

    • Buy Link or Shortcode: {j2store}593|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Manage & Coach
    • Parent Category Link: /manage-coach
    • Managers are responsible for driving the best performance out of their staff while still developing individuals professionally.
    • Micromanaging tasks is an ineffective, inefficient way to get things done and keep employees engaged at the same time.
    • Both managers and employees view goal setting as a cumbersome process that never materializes in day-to-day work.
    • Without a consistent and agile goal-setting environment that pervades every day, managers risk low productivity and disengaged employees.

    Our Advice

    Critical Insight

    • Effective performance management occurs throughout the year, on a daily and weekly basis, not just at annual performance review time. Managers must embrace this reality and get into the habit of setting agile short-term goals to drive productivity.
    • Employee empowerment is one of the most significant contributors to employee engagement, which is a proven performance driver. Short-term goal setting, which is ultimately employee-owned, develops and nurtures a strong sense of employee empowerment.
    • Micromanaging employee tasks will get managers nowhere quickly. Putting in the effort to collaboratively define goals that benefit both the organization and the employee will pay off in the long run.
    • Goal setting should not be a cumbersome activity, but an agile, rolling habit that ensures employees are focused, supported, and given appropriate feedback to continue to drive performance.

    Impact and Result

    • Managers who have daily meetings to set goals are 17% more successful in terms of employee performance than managers who set goals annually.
    • Managers must be agile goal-setting role models, or risk over a third of their staff being confused about productivity expectations.
    • Managers that allow tracking of goals to be an inhibitor to goal setting are most likely to have a negative effect on employee performance success. In fact, tracking goals should not be a priority in the short-term.

    Leverage Agile Goal Setting for Improved Employee Engagement & Performance Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Learn the agile, short-term goal-setting process

    Implement agile goal setting with your team right away and drive performance.

    • Storyboard: Leverage Agile Goal Setting for Improved Employee Engagement & Performance
    [infographic]

    Drive Technology Adoption

    • Buy Link or Shortcode: {j2store}111|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Strategy and Organizational Design
    • Parent Category Link: /strategy-and-organizational-design

    The project isn’t over if the new product or system isn’t being used. How do you ensure that what you’ve put in place isn’t going to be ignored or only partially adopted? People are more complicated than any new system and managing them through the change needs careful planning.

    Our Advice

    Critical Insight

    Cultivating a herd mentality, where people adopt new technology merely because everyone else is, is an important goal in getting the bulk of users using the new product or system. The herd needs to gather momentum though and this can be done by using the more tech-able and enthused to lead the rest on the journey. Identifying and engaging these key resources early in the process will greatly assist in starting the flow.

    Impact and Result

    While communication is key throughout, involving staff in proof-of-concept activities and contests and using the train-the-trainer techniques and technology champions will all start the momentum toward technology adoption. Group activities will address the bulk of users, but laggards may need special attention.

    Drive Technology Adoption Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Drive Technology Adoption – A brief deck describing how to encourage users to adopt newly implemented technology.

    This document will help you to ensure that newly implemented systems and technologies are correctly adopted by the intended recipients.

    • Drive Technology Adoption Storyboard
    [infographic]

    Further reading

    Drive Technology Adoption

    The project is over. The new technology is implemented. Now how do we make sure it's used?

    Executive Summary

    Your Challenge

    Technology endlessly changes and evolves. Similarly, business directions and requirements change, and these changes need to be supported by technology. Improved functionality and evolvement of systems, along with systems becoming redundant or unsupported, means that maintaining a static environment is virtually impossible.

    Enormous amounts of IT budget are allocated to these changes each year. But once the project is over, how do you manage that change and ensure the systems are being used? Planning your technology adoption is vital.

    Common Obstacles

    The obstacles to technology adoption can be many and various, covering a broad spectrum of areas including:

    • Reluctance of staff to let go of familiar processes and procedures.
    • Perception that any change will add complications but not add value, thereby hampering enthusiasm to adopt.
    • Lack of awareness of the change.
    • General fear of change.
    • Lack of personal confidence.

    Info-Tech’s Approach

    Start by identifying, understanding, categorizing, and defining barriers and put in place a system to:

    • Gain an early understanding of the different types of users and their attitudes to technology and change.
    • Review different adoption techniques and analyze which are most appropriate for your user types.
    • Use a “Follow the Leader” approach, by having technical enthusiasts and champions to show the way.
    • Prevent access to old systems and methods.

    Info-Tech Insight

    For every IT initiative that will be directly used by users, consider the question, “Will the final product be readily accepted by those who are going to use it?” There is no point in implementing a product that no one is prepared to use. Gaining user acceptance is much more than just ticking a box in a project plan once UAT is complete.

    The way change should happen is clear

    Prosci specializes in change. Its ADKAR model outlines what’s required to bring individuals along on the change journey.

    AWARENESS

    • Awareness means more than just knowing there’s a change occurring,
    • it means understanding the need for change.

    DESIRE

    • To achieve desire, there needs to be motivation, whether it be from an
    • organizational perspective or personal.

    KNOWLEDGE

    • Both knowledge on how to train during the transition and knowledge
    • on being effective after the change are required. This can only be done
    • once awareness and desire are achieved.

    ABILITY

    • Ability is not knowledge. Knowing how to do something doesn’t necessarily translate to having the skills to do it.

    REINFORCEMENT

    • Without reinforcement there can be a tendency to revert.

    When things go wrong

    New technology is not being used

    The project is seen as complete. Significant investments have been made, but the technology either isn’t being used or is only partially in use.

    Duplicate systems are now in place

    Even worse. The failure to adopt the new technology by some means that the older systems are still being used. There are now two systems that fail to interact; business processes are being affected and there is widespread confusion.

    Benefits not being realized

    Benefits promised to the business are not being realized. Projected revenue increases, savings, or efficiencies that were forecast are now starting to be seen as under threat.

    There is project blowout

    The project should be over, but the fact that the technology is not being used has created a perception that the implementation is not complete and the project needs to continue.

    Info-Tech Insight

    People are far more complicated than any technology being implemented.

    Consider carefully your approach.

    Why does it happen?

    POOR COMMUNICATION

    There isn’t always adequate communications about what’s changing in the workplace.

    FEAR

    Fear of change is natural and often not rational. Whether the fear is about job loss or not being able to adapt to change; it needs to be managed.

    TRAINING

    Training can be insufficient or ineffective and when this happens people are left feeling like they don’t have the skills to make the change.

    LACK OF EXECUTIVE SUPPORT

    A lack of executive support for change means the change is seen as less important.

    CONFLICTING VIEWS OF CHANGE

    The excitement the project team and business feels about the change is not necessarily shared throughout the business. Some may just see the change as more work, changing something that already works, or a reason to reduce staff levels.

    LACK OF CONFIDENCE

    Whether it’s a lack of confidence generally with technology or concern about a new or changing tool, a lack of confidence is a huge barrier.

    BUDGETARY CONSTRAINTS

    There is a cost with managing people during a change, and budget must be allocated to allow for it.

    Communications

    Info-Tech Insight

    Since Sigmund Freud there has been endless work to understand people’s minds.
    Don’t underestimate the effect that people’s reactions to change can have on your project.

    This is a Kubler-ross change curve graph, plotting the following Strategies: Create Alignment; Maximize Communication; Spark Motivation; Develop Capability; Share Knowledge

    Communication plans are designed to properly manage change. Managing change can be easier when we have the right tools and information to adapt to new circumstances. The Kubler-Ross change curve illustrates the expected steps on the path to acceptance of change. With the proper communications strategy, each can be managed appropriately

    Analyst perspective

    Paul Binns – Principal Research Advisor, Info-Tech

    The rapidly changing technology landscape in our world has always meant that an enthusiasm or willingness to embrace change has been advantageous. Many of us have seen how the older generation has struggled with that change and been left behind.

    In the work environment, the events of the past two years have increased pressure on those slow to adopt as in many cases they couldn't perform their tasks without new tools. Previously, for example, those who may have been reluctant to use digital tools and would instead opt for face-to-face meetings, suddenly found themselves without an option as physical meetings were no longer possible. Similarly, digital collaboration tools that had been present in the market for some time were suddenly more heavily used so everyone could continue to work together in the “online world.”

    At this stage no one is sure what the "new normal" will be in the post-pandemic world, but what has been clearly revealed is that people are prepared to change given the right motivation.

    “Technology adoption is about the psychology of change.”
    Bryan Tutor – Executive Counsellor, Info-Tech

    The Fix

    • Categorize Users
      • Gain a clear understanding of your user types.
    • Identify Adoption Techniques
      • Understand the range of different tools and techniques available.
    • Match Techniques To Categories
      • Determine the most appropriate techniques for your user base.
    • Follow-the-Leader
      • Be aware of the different skills in your environment and use them to your advantage.
    • Refresh, Retrain, Restrain
      • Prevent reversion to old methods or systems.

    Categories

    Client-Driven Insight

    Consider your staff and industry when looking at the Everett Rogers curve. A technology organization may have less laggards than a traditional manufacturing one.

    In Everett Rogers’ book Diffusion of Innovations 5th Edition (Free Press, 2005), Rogers places adopters of innovations into five different categories.

    This is an image of an Innovation Adoption Curve from Everett Rogers' book Diffusion of Innovations 5th Edition

    Category 1: The Innovator – 2.5%

    Innovators are technology enthusiasts. Technology is a central interest of theirs, either at work, at home, or both. They tend to aggressively pursue new products and technologies and are likely to want to be involved in any new technology being implemented as soon as possible, even before the product is ready to be released.

    For people like this the completeness of the new technology or the performance can often be secondary because of their drive to get new technology as soon as possible. They are trailblazers and are not only happy to step out of their comfort zone but also actively seek to do so.

    Although they only make up about 2.5% of the total, their enthusiasm, and hopefully endorsement of new technology, offers reassurance to others.

    Info-Tech Insight

    Innovators can be very useful for testing before implementation but are generally more interested in the technology itself rather than the value the technology will add to the business.

    Category 2: The Early Adopter – 13.5%

    Whereas Innovators tend to be technologists, Early Adopters are visionaries that like to be on board with new technologies very early in the lifecycle. Because they are visionaries, they tend to be looking for more than just improvement – a revolutionary breakthrough. They are prepared to take high risks to try something new and although they are very demanding as far as product features and performance are concerned, they are less price-sensitive than other groups.

    Early Adopters are often motivated by personal success. They are willing to serve as references to other adopter groups. They are influential, seen as trendsetters, and are of utmost importance to win over.

    Info-Tech Insight

    Early adopters are key. Their enthusiasm for technology, personal drive, and influence make them a powerful tool in driving adoption.

    Category 3: The Early Majority – 34%

    This group is comprised of pragmatists. The first two adopter groups belong to early adoption, but for a product to be fully adopted the mainstream needs to be won over, starting with the Early Majority.

    The Early Majority share some of the Early Adopters’ ability to relate to technology. However, they are driven by a strong sense of practicality. They know that new products aren’t always successful. Consequently, they are content to wait and see how others fare with the technology before investing in it themselves. They want to see well-established references before adopting the technology and to be shown there is no risk.

    Because there are so many people in this segment (roughly 34%), winning these people over is essential for the technology to be adopted.

    Category 4: The Late Majority – 34%

    The Late Majority are the conservatives. This group is generally about the same size as the Early Majority. They share all the concerns of the Early Majority; however, they are more resistant to change and are more content with the status quo than eager to progress to new technology. People in the Early Majority group are comfortable with their ability to handle new technology. People in the Late Majority are not.

    As a result, these conservatives prefer to wait until something has become an established standard and take part only at the end of the adoption period. Even then, they want to see lots of support and ensure that there is proof there is no risk in them adopting it.

    Category 5: The Laggard – 16%

    This group is made up of the skeptics and constitutes 16% of the total. These people want nothing to do with new technology and are generally only content with technological change when it is invisible to them. These skeptics have a strong belief that disruptive new technologies rarely deliver the value promised and are almost always worried about unintended consequences.

    Laggards need to be dealt with carefully as their criticism can be damaging and without them it is difficult for a product to become fully adopted. Unfortunately, the effort required for this to happen is often disproportional to the size of the group.

    Info-Tech Insight

    People aren’t born laggards. Technology projects that have failed in the past can alter people’s attitudes, especially if there was a negative impact on their working lives. Use empathy when dealing with people and respect their hesitancy.

    Adoption Techniques

    Different strokes for different folks

    Technology adoption is all about people; and therefore, the techniques required to drive that adoption need to be people oriented.

    The following techniques are carefully selected with the intention of being impactful on all the different categories described previously.

    Technology Adoption: Herd Mentality; Champions; Force; Group Training; One-on-One; Contests; Marketing; Proof of Concept; Train the Trainer

    There are multitudes of different methods to get people to adopt new technology, but which is the most appropriate for your situation? Generally, it’s a combination.

    Technology Adoption: Herd Mentality; Champions; Force; Group Training; One-on-One; Contests; Marketing; Proof of Concept; Train the Trainer

    Train the Trainer

    Use your staff to get your message across.

    Abstract

    This technique involves training key members of staff so they can train others. It is important that those selected are strong communicators, are well respected by others, and have some expertise in technology.

    Advantages

    • Cost effective
    • Efficient dissemination of information
    • Trusted internal staff

    Disadvantages

    • Chance of inconsistent delivery
    • May feel threatened by co-worker

    Best to worst candidates

    • Early Adopter: Influential trendsetters. Others receptive of their lead.
    • Innovator: Comfortable and enthusiastic about new technology, but not necessarily a trainer.
    • Early Majority: Tendency to take others’ lead.
    • Late Majority: Risk averse and tend to follow others, only after success is proven.
    • Laggard: Last to adopt usually. Unsuitable as Trainer.

    Marketing

    Marketing should be continuous throughout the change to encourage familiarity.

    Abstract

    Communication is key as people are comfortable with what is familiar to them. Marketing is an important tool for convincing adopters that the new product is mainstream, widely adopted and successful.

    Advantages

    • Wide communication
    • Makes technology appear commonplace
    • Promotes effectiveness of new technology

    Disadvantages

    • Reliant on staff interest
    • Can be expensive

    Best to worst candidates

    • Early Majority: Pragmatic about change. Marketing is effective encouragement.
    • Early Adopter: Receptive and interested in change. Marketing is supplemental.
    • Innovator: Actively seeks new technology. Does not need extensive encouragement.
    • Late Majority: Requires more personal approach.
    • Laggard: Resistant to most enticements.

    One-on-One

    Tailored for individuals.

    Abstract

    One-on-one training sometimes is the only way to train if you have staff with special needs or who are performing unique tasks.
    It is generally highly effective but inefficient as it only addresses individuals.

    Advantages

    • Tailored to specific need(s)
    • Only relevant information addressed
    • Low stress environment

    Disadvantages

    • Expensive
    • Possibility of inconsistent delivery
    • Personal conflict may render it ineffective

    Best to worst candidates

    • Laggard: Encouragement and cajoling can be used during training.
    • Late Majority: Proof can be given of effectiveness of new product.
    • Early Majority: Effective, but not cost efficient.
    • Early Adopter: Effective, but not cost-efficient.
    • Innovator: Effective, but not cost-efficient.

    Group Training

    Similar roles, attitudes, and abilities.

    Abstract

    Group training is one of the most common methods to start people on their journey toward new technology. Its effectiveness with the two largest groups, Early Majority and Late Majority, make it a primary tool in technology adoption.

    Advantages

    • Cost effective
    • Time effective
    • Good for team building

    Disadvantages

    • Single method may not work for all
    • Difficult to create single learning pace for all

    Best to worst candidates

    • Early Majority: Receptive. The formality of group training will give confidence.
    • Late Majority: Conservative attitude will be receptive to traditional training.
    • Early Adopter: Receptive and attentive. Excited about the change.
    • Innovator: Will tend to want to be ahead or want to move ahead of group.
    • Laggard: Laggards in group training may have a negative impact.

    Force

    The last resort.

    Abstract

    The transition can’t go on forever.

    At some point the new technology needs to be fully adopted and if necessary, force may have to be used.

    Advantages

    • Immediate full transition
    • Fixed delivery timeline

    Disadvantages

    • Alienation of some staff
    • Loss of faith in product if there are issues

    Best to worst candidates

    • Laggard: No choice but to adopt. Forces the issue.
    • Late Majority: Removes issue of reluctance to change.
    • Early Majority: Content, but worried about possible problems.
    • Early Adopter: Feel less personal involvement in change process.
    • Innovator: Feel less personal involvement in change process.

    Contests

    Abstract

    Contests can generate excitement and create an explorative approach to new technology. People should not feel pressured. It should be enjoyable and not compulsory.

    Advantages

    • Rapid improvement of skills
    • Bring excitement to the new technology
    • Good for team building

    Disadvantages

    • Those less competitive or with lower skills may feel alienated
    • May discourage collaboration

    Best to worst candidates

    • Early Adopter: Seeks personal success. Risk taker. Effective.
    • Innovator: Enthusiastic to explore limits of technology.
    • Early Majority: Less enthusiastic. Pragmatic. Less competitive.
    • Late Majority: Conservative. Not enthusiastic about new technology.
    • Laggard: Reluctant to get involved.

    Incentives

    Incentives don’t have to be large.

    Abstract

    For some staff, merely taking management’s lead is not enough. Using “Nudge” techniques to give that extra incentive is quite effective. Incentivizing staff either financially or through rewards, recognition, or promotion is a successful adoption technique for some.

    Advantages

    Encouragement to adopt from receiving tangible benefit

    Draws more attention to the new technology

    Disadvantages

    Additional expense to business or project

    Possible poor precedent for subsequent changes

    Best to worst candidates

    Early Adopter: Desire for personal success makes incentives enticing.

    Early Majority: Prepared to change, but extra incentive will assist.

    Late Majority: Conservative attitude means incentive may need to be larger.

    Innovator: Enthusiasm for new technology means incentive not necessary.

    Laggard: Sceptical about change. Only a large incentive likely to make a difference.

    Champions

    Strong internal advocates for your new technology are very powerful.

    Abstract

    Champions take on new technology and then use their influence to promote it in the organization. Using managers as champions to actively and vigorously promote the change is particularly effective.

    Advantages

    • Infectious enthusiasm encourages those who tend to be reluctant
    • Use of trusted internal staff

    Disadvantages

    • Removes internal staff from regular duties
    • Ineffective if champion not respected

    Best to worst candidates

    • Early Majority: Champions as references of success provide encouragement.
    • Late Majority: Management champions in particular are effective.
    • Laggard: Close contact with champions may be effective.
    • Early Adopter: Receptive of technology, less effective.
    • Innovator: No encouragement or promotion required.

    Herd Mentality

    Follow the crowd.

    Abstract

    Herd behavior is when people discount their own information and follow others. Ideally all adopters would understand the reason and advantages in adopting new technology, but practically, the result is most important.

    Advantages

    • New technology is adopted without question
    • Increase in velocity of adoption

    Disadvantages

    • Staff may not have clear understanding of the reason for change and resent it later
    • Some may adopt the change before they are ready to do so

    Best to worst candidates

    • Early Majority: Follow others’ success.
    • Late Majority: Likely follow an established proven standard.
    • Early Adopter: Less effective as they prefer to set trends rather than follow.
    • Innovator: Seeks new technology rather than following others.
    • Laggard: Suspicious and reluctant to change.

    Proof of Concepts

    Gain early input and encourage buy-in.

    Abstract

    Proof of concept projects give early indications of the viability of a new initiative. Involving the end users in these projects can be beneficial in gaining their support

    Advantages

    Involve adopters early on

    Valuable feedback and indications of future issues

    Disadvantages

    If POC isn’t fully successful, it may leave lingering negativity

    Usually, involvement from small selection of staff

    Best to worst candidates

    • Innovator: Strong interest in getting involved in new products.
    • Early Adopter: Comfortable with new technology and are influencers.
    • Early Majority: Less interest. Prefer others to try first.
    • Late Majority: Conservative attitude makes this an unlikely option.
    • Laggard: Highly unlikely to get involved.

    Match techniques to categories

    What works for who?

    This clustered column chart categorizes techniques by category

    Follow the leader

    Engage your technology enthusiasts early to help refine your product, train other staff, and act as champions. A combination of marketing and group training will develop a herd mentality. Finally, don’t neglect the laggards as they can prevent project completion.

    This is an inverted funnel chart with the output of: Change Destination.  The inputs are: 16% Laggards; 34% Late Majority; 34% Early Majority; 13.3% Early Adopters; 2% Innovators

    Info-Tech Insight

    Although there are different size categories, none can be ignored. Consider your budget when dealing with smaller groups, but also consider their impact.

    Refresh, retrain, restrain

    We don’t want people to revert.

    Don’t assume that because your staff have been trained and have access to the new technology that they will keep using it in the way they were trained. Or that they won’t revert back to their old methods or system.

    Put in place methods to remove completely or remove access to old systems. Schedule refresh training or skill enhancement sessions and stay vigilant.

    Research Authors

    Paul Binns

    Paul Binns

    Principal Research Advisor, Info-Tech Research Group

    With over 30 years in the IT industry, Paul brings to his work his experience as a Strategic Planner, Consultant, Enterprise Architect, IT Business Owner, Technologist, and Manager. Paul has worked with both small and large companies, local and international, and has had senior roles in government and the finance industry.

    Scott Young

    Scott Young

    Principal Research Advisor, Info-Tech Research Group

    Scott Young is a Director of Infrastructure Research at Info-Tech Research Group. Scott has worked in the technology field for over 17 years, with a strong focus on telecommunications and enterprise infrastructure architecture. He brings extensive practical experience in these areas of specialization, including IP networks, server hardware and OS, storage, and virtualization.

    Related Info-Tech Research

    User Group Analysis Workbook

    Use Info-Tech’s workbook to gather information about user groups, business processes, and day-to-day tasks to gain familiarity with your adopters.

    Governance and Management of Enterprise Software Implementation

    Use our research to engage users and receive timely feedback through demonstrations. Our iterative methodology with a task list focused on the business’ must-have functionality allows staff to return to their daily work sooner.

    Quality Management User Satisfaction Survey

    This IT satisfaction survey will assist you with early information to use for categorizing your users.

    Master Organizational Change Management Practices

    Using a soft, empathetic approach to change management is something that all PMOs should understand. Use our research to ensure you have an effective OCM plan that will ensure project success.

    Bibliography

    Beylis, Guillermo. “COVID-19 accelerates technology adoption and deepens inequality among workers in Latin America and the Caribbean.” World Bank Blogs, 4 March 2021. Web.

    Cleland, Kelley. “Successful User Adoption Strategies.” Insight Voices, 25 Apr. 2017. Web.

    Hiatt, Jeff. “The Prosci ADKAR ® Model.” PROSCI, 1994. Web.

    Malik, Priyanka. “The Kübler Ross Change Curve in the Workplace.” whatfix, 24 Feb. 2022. Web.

    Medhaugir, Tore. “6 Ways to Encourage Software Adoption.” XAIT, 9 March 2021. Web.

    Narayanan, Vishy. “What PwC Australia learned about fast tracking tech adoption during COVID-19” PWC, 13 Oct. 2020. Web.

    Sridharan, Mithun. “Crossing the Chasm: Technology Adoption Lifecycle.” Think Insights, 28 Jun 2022. Web.

    Advisory Call Outline: Software Selection Engagement

    • Buy Link or Shortcode: {j2store}609|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Selection & Implementation
    • Parent Category Link: /selection-and-implementation
    • Selection takes forever. Traditional software selection drags on for years, sometimes in perpetuity.
    • IT is viewed as a bottleneck and the business has taken control of software selection.
    • “Gut feel” decisions rule the day. Intuition, not hard data, guides selection, leading to poor outcomes.
    • Negotiations are a losing battle. Money is left on the table by inexperienced negotiators.
    • Overall: Poor selection processes lead to wasted time, wasted effort, and applications that continually disappoint.

    Our Advice

    Critical Insight

    • Adopt a formal methodology to accelerate and improve software selection results.
    • Improve business satisfaction by including the right stakeholders and delivering new applications on a truly timely basis.
    • Kill the “sacred cow” requirements that only exist because “it’s how we’ve always done it.”
    • Forget about “RFP” overload and hone in on the features that matter to your organization.
    • Skip the guesswork and validate decisions with real data.
    • Take control of vendor “dog and pony shows” with single-day, high-value, low-effort, rapid-fire investigative interviews.
    • Master vendor negotiations and never leave money on the table.

    Impact and Result

    • Improving software selection is a critical project that will deliver huge value.
    • Hit a home run with your business stakeholders: use a data-driven approach to select the right application vendor for their needs – fast.
    • Shatter stakeholder expectations with truly rapid application selections.
    • Boost collaboration and crush the broken telephone with concise and effective stakeholder meetings.
    • Lock in hard savings and do not pay list price by using data-driven tactics.

    Advisory Call Outline: Software Selection Engagement Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Advisory Call Outline

    Info-Tech's expert analyst guidance will help you save money, align stakeholders, and speed up the application selection process.

    • Advisory Call Outline: Software Selection Engagement Deck

    2. Workshop Overview

    Info-Tech's workshop will help you implement a repeatable, data-driven approach that accelerates software selection efforts.

    • Rapid Software Selection Workshop Overview
    [infographic]

    Create a Buyer Persona and Journey

    • Buy Link or Shortcode: {j2store}558|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Marketing Solutions
    • Parent Category Link: /marketing-solutions
    • Contacts fail to convert to leads because messaging fails to resonate with buyers.
    • Products fail to reach targets given shallow understanding of buyer needs.
    • Sellers' emails go unopened and attempts at discovery fail due to no understanding of buyer challenges, pain points, and needs.

    Our Advice

    Critical Insight

    • Marketing leaders in possession of well-researched and up-to-date buyer personas and journeys dramatically improve product market fit, lead gen, and sales results.
    • Success starts with product, marketing, and sales alignment on targeted personas.
    • Speed to deploy is enabled via initial buyer persona attribute discovery internally.
    • However, ultimate success requires buyer interviews, especially for the buyer journey.
    • Leading marketers update journey maps every six months as disruptive events such as COVID-19 and new media and tech platform advancements require continual innovation.

    Impact and Result

    • Reduce time and treasure wasted chasing the wrong prospects.
    • Improve product-market fit.
    • Increase open and click-through rates in your lead gen engine.
    • Perform more effective sales discovery and increase eventual win rates.

    Create a Buyer Persona and Journey Research & Tools

    Start here – read the Executive Brief

    Our Executive Brief summarizes the challenges faced when buyer persona and journeys are ill-defined. It describes the attributes of, and the benefits that accrue from, a well-defined persona and journey and the key steps to take to achieve success.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Drive an aligned initial draft of buyer persona

    Define and align your team on target persona, outline steps to capture and document a robust buyer persona and journey, and capture current team buyer knowledge.

    • Buyer Persona Creation Template
    • Buyer Persona and Journey Interview Guide and Data Capture Tool

    2. Interview buyers and validate persona and journey

    Hold initial buyer interviews, test initial results, and continue with interviews.

    3. Prepare communications and educate stakeholders

    Consolidate interview findings, present to product, marketing, and sales teams. Work with them to apply to product design, marketing launch/campaigning, and sales and customer success enablement.

    • Buyer Persona and Journey Summary Template
    [infographic]

    Workshop: Create a Buyer Persona and Journey

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Align Team, Identify Persona, and Document Current Knowledge

    The Purpose

    Organize, drive alignment on target persona, and capture initial views.

    Key Benefits Achieved

    Steering committee and project team roles and responsibilities clarified.

    Product, marketing, and sales aligned on target persona.

    Build initial team understanding of persona.

    Activities

    1.1 Outline a vision for buyer persona and journey creation and identify stakeholders.

    1.2 Identify buyer persona choices and settle on an initial target.

    1.3 Document team knowledge about buyer persona (and journey where possible).

    Outputs

    Documented steering committee and working team

    Executive Brief on personas and journey

    Personas and initial targets

    Documented team knowledge

    2 Validate Initial Work and Identify Buyer Interviewees

    The Purpose

    Build list of buyer interviewees, finalize interview guide, and validate current findings with analyst input.

    Key Benefits Achieved

    Interview efficiently using 75-question interview guide.

    Gain analyst help in persona validation, reducing workload.

    Activities

    2.1 Share initial insights with covering industry analyst.

    2.2 Hear from industry analyst their perspectives on the buyer persona attributes.

    2.3 Reconcile differences; update “current understanding.”

    2.4 Identify interviewee types by segment, region, etc.

    Outputs

    Analyst-validated initial findings

    Target interviewee types

    3 Schedule and Hold Buyer Interviews

    The Purpose

    Validate current persona hypothesis and flush out those attributes only derived from interviews.

    Key Benefits Achieved

    Get to a critical mass of persona and journey understanding quickly.

    Activities

    3.1 Identify actual list of 15-20 interviewees.

    3.2 Hold interviews and use interview guides over the course of weeks.

    3.3 Hold review session after initial 3-4 interviews to make adjustments.

    3.4 Complete interviews.

    Outputs

    List of interviewees; calls scheduled

    Initial review – “are you going in the right direction?”

    Completed interviews

    4 Summarize Findings and Provide Actionable Guidance to Colleagues

    The Purpose

    Summarize persona and journey attributes and provide activation guidance to team.

    Key Benefits Achieved

    Understanding of product market fit requirements, messaging, and marketing, and sales asset content.

    Activities

    4.1 Summarize findings.

    4.2 Create action items for supporting team, e.g. messaging, touch points, media spend, assets.

    4.3 Convene steering committee/executives and working team for final review.

    4.4 Schedule meetings with colleagues to action results.

    Outputs

    Complete findings

    Action items for team members

    Plan for activation

    5 Measure Impact and Results

    The Purpose

    Measure results, adjust, and improve.

    Key Benefits Achieved

    Activation of outcomes; measured results.

    Activities

    5.1 Review final copy, assets, launch/campaign plans, etc.

    5.2 Develop/review implementation plan.

    5.3 Reconvene team to review results.

    Outputs

    Activation review

    List of suggested next steps

    Further reading

    Create a Buyer Persona and Journey

    Make it easier to market, sell, and achieve product-market fit with deeper buyer understanding.

    EXECUTIVE BRIEF

    Executive Summary

    Your Challenge

    B2B marketers without documented personas and journeys often experience the following:

    • Contacts fail to convert to leads because messaging fails to resonate with buyers.
    • Products fail to reach targets given shallow understanding of buyer needs.
    • Sellers’ emails go unopened, and attempts at discovery fail due to no understanding of buyer challenges, pain points, and needs.

    Without a deeper understanding of buyer needs and how they buy, B2B marketers will waste time and precious resources targeting the incorrect personas.

    Common Obstacles

    Despite being critical elements, organizations struggle to build personas due to:

    • A lack of alignment and collaboration among marketing, product, and sales.
    • An internal focus; or a lack of true customer centricity.
    • A lack of tools and techniques for building personas and buyer journeys.

    In today’s Agile development environment, combined with the pressure to generate revenues quickly, high tech marketers often skip the steps necessary to go deeper to build buyer understanding.

    SoftwareReviews’ Approach

    With a common framework and target output, clients will:

    • Align marketing, sales, and product, and collaborate together to share current knowledge on buyer personas and journeys.
    • Target 12-15 customers and prospects to interview and validate insights. Share that with customer-facing staff.
    • Activate the insights for more customer-centric lead generation, product development, and selling.

    Clients who activate findings from buyer personas and journeys will see a 50% results improvement.

    SoftwareReviews Insight:
    Buyer personas and buyer journeys are essential ingredients in go-to-market success, as they inform for product, marketing, sales, and customer success who we are targeting and how to engage with them successfully.

    Buyer personas and journeys: A go-to-market critical success factor

    Marketers – large and small – will fail to optimize product-market fit, lead generation, and sales effectiveness without well-defined buyer personas and a buyer journey.

    Critical Success Factors of a Successful G2M Strategy:

    • Opportunity size and business case
    • Buyer personas and journey
    • Competitively differentiated product hypothesis
    • Buyer-validated commercial concept
    • Sales revenue plan and program cost budget
    • Consolidated communications to steering committee

    Jeff Golterman, Managing Director, SoftwareReviews Advisory

    “44% of B2B marketers have already discovered the power of Personas.”
    – Hasse Jansen, Boardview.io!, 2016

    Documenting buyer personas enables success beyond marketing

    Documenting buyer personas has several essential benefits to marketing, sales, and product teams:

    • Achieve a better understanding of your target buyer – by building a detailed buyer persona for each type of buyer and keeping it fresh, you take a giant step toward becoming a customer-centric organization.
    • Team alignment on a common definition – will happen when you build buyer personas collaboratively and among those teams that touch the customer.
    • Improved lead generation – increases dramatically when messaging and marketing assets across your lead generation engine better resonate with buyers because you have taken the time to understand them deeply.
    • More effective selling – is possible when sellers apply persona development output to their interactions with prospects and customers.
    • Better product-market fit – increases when product teams more deeply understand for whom they are designing products. Documenting buyer challenges, pain points, and unmet needs gives product teams what they need to optimize product adoption.

    “It’s easier buying gifts for your best friend or partner than it is for a stranger, right? You know their likes and dislikes, you know the kind of gifts they’ll have use for, or the kinds of gifts they’ll get a kick out of. Customer personas work the same way, by knowing what your customer wants and needs, you can present them with content targeted specifically to their wants and needs.”
    – Emma Bilardi, Product Marketing Alliance, 2020

    Buyer understanding activates just about everything

    Without the deep buyer insights that persona and journey capture enables, marketers are suboptimized.

    Buyer Persona and Journey

    • Product design
    • Customer targeting
    • Personalization
    • Messaging
    • Content marketing
    • Lead gen & scoring
    • Sales Effectiveness
    • Customer retention

    “Marketing eutopia is striking the all-critical sweet spot that adds real value and makes customers feel recognized and appreciated, while not going so far as to appear ‘big brother’. To do this, you need a deep understanding of your audience coming from a range of different data sets and the capability to extract meaning.”
    – Plexure, 2020

    Does your organization need buyer persona and journey updating?

    “Yes,” if experiencing one or more key challenges:

    • Sales time is wasted on unqualified leads
    • Website abandon rates are high
    • Lead gen engine click-through rates are low
    • Ideal customer profile is ill defined
    • Marketing asset downloads are low
    • Seller discovery with prospects is ineffective
    • Sales win/loss rates drop due to poor product-market fit
    • Higher than desired customer churn

    SoftwareReviews Advisory Insight:
    Marketers developing buyer personas and journeys that lack agreement among Marketing, Sales, and Product of personas to target will squander precious time and resources throughout the customer targeting and acquisition process.

    Outcomes and benefits

    Building your buyer persona and journey using our methodology will enable:

    • Greater stakeholder alignment – when marketing, product, and sales agree on personas, less time is wasted on targeting alternate personas.
    • Improved product-market fit – when buyers see both pain-relieving features and value-based pricing, “because you asked vs. guessed,” win rates increase.
    • Greater open and click-through rates – because you understood buyer pain points and motivations for solution seeking, you’ll see higher visits and engagement with your lead gen engine, and because you asked “what asset types do you find most helpful” your CTAs become ”lead-gen magnets” because you’ve offered the right asset types in your content marketing strategy.
    • More qualified leads – because you defined a more accurate ideal customer profile (ICP) and your lead scoring algorithm has improved, sellers see more qualified leads.
    • Increased sales cycle velocity – since you learned from personas their content and engagement preferences and what collateral types they need during the down-funnel sales discussions, sales calls are more productive and sales cycles shrink.

    Our methodology for buyer persona and journey creation

    1. Document Team Knowledge of Buyer Persona and Drive Alignment 2. Interview Target Buyer Prospects and Customers 3. Create Outputs and Apply to Marketing, Sales, and Product
    Phase Steps
    1. Outline a vision for buyer persona and journey creation and identify stakeholders.
    2. Pull stakeholders together, identify initial buyer persona, and begin to document team knowledge about buyer persona (and journey where possible).
    3. Validate with industry and marketing analyst’s initial buyer persona, and identify list of buyer interviewees.
    1. Hold interviews and document and share findings.
    2. Validate initial drafts of buyer persona and create initial documented buyer journey. Review findings among key stakeholders, steering committee, and supporting analysts.
    3. Complete remaining interviews.
    1. Summarize findings.
    2. Convene steering committee/exec. and working team for final review.
    3. Communicate to key stakeholders in product, marketing, sales, and customer success for activation.
    Phase Outcomes
    1. Steering committee and team selection
    2. Team insights about buyer persona documented
    3. Buyer persona validation with industry and marketing analysts
    4. Sales, marketing, and product alignment
    1. Interview guide
    2. Target interviewee list
    3. Buyer-validated buyer persona
    4. Buyer journey documented with asset types, channels, and “how buyers buy” fully documented
    1. Education deck on buyer persona and journey ready for use with all stakeholders: product, field marketing, sales, executives, customer success, partners
    2. Activation will update product-market fit, optimize lead gen, and improve sales effectiveness

    Our approach provides interview guides and templates to help rebuild buyer persona

    Our methodology will enable you to align your team on why it’s important to capture the most important attributes of buyer persona including:

    • Functional – helps you find and locate your target personas
    • Emotive – deepens team understanding of buyer initiatives, motivations for seeking alternatives, challenges they face, pain points for your offerings to address, and terminology that describes the “space”
    • Solution – enables greater product market fit
    • Behavioral – clarifies how to communicate with personas and understand their content preferences
    Functional – “to find them”
    Job Role Title Org. Chart Dynamics Buying Center Firmographics
    Emotive – “what they do and jobs to be done”
    Initiatives: What programs/projects the persona is tasked with and their feelings and aspirations about these initiatives. Motivations? Build credibility? Get promoted? Challenges: Identify the business issues, problems, and pain points that impede attainment of objectives. What are their fears, uncertainties, and doubts about these challenges? Buyer Need: They may have multiple needs; which need is most likely met with the offering? Terminology: What are the keywords/phrases they organically use to discuss the buyer need or business issue?
    Decision Criteria – “how they decide”
    Buyer Role: List decision-making criteria and power level. The five common buyer roles are champion, influencer, decision maker, user, and ratifier (purchaser/negotiator). Evaluation and Decision Criteria: Which lens – strategic, financial, or operational – does the persona evaluate the impact of purchase through?
    Solution Attributes – “what does the ideal solution look like”
    Steps in “Jobs to Be Done” Elements of the “Ideal Solution” Business outcomes from ideal solution Opportunity scope; other potential users Acceptable price for value delivered Alternatives that see consideration Solution sourcing: channel, where to buy
    Behavioral Attributes – “how to approach them successfully”
    Content Preferences: List the persona’s content preferences – blog, infographic, demo, video – vs. long-form assets (e.g. white paper, presentation, analyst report). Interaction Preferences: Which are preferred among in-person meetings, phone calls, emails, videoconferencing, conducting research via Web, mobile, and social? Watering Holes: Which physical or virtual places do they go to network or exchange info with peers (e.g. LinkedIn)?

    Buyer journeys are constantly shifting

    If you didn’t remap buyer journeys in 2021, you may be losing to competitors that did. Leaders remap buyer journey frequently.

    • The multi-channel buyer journey is constantly changing. Today’s B2B buyer uses industry research sites, vendor content marketing assets, software reviews sites, contacts with vendor salespeople, events participation, peer networking, consultants, emails, social media sites, and electronic media to research purchasing decisions.
    • COVID-19 has dramatically decreased face-to-face interaction. We estimate a B2B buyer spent 20-25% more time online in 2021 than pre-COVID-19 researching software buying decisions. This has diminished the importance of face-to-face selling and given dramatic rise to digital selling and outbound marketing.
    • Content marketing has exploded, but without mapping the buyer journey and knowing where – by channel –and when – by buyer journey step – to offer content marketing assets, we will fail to convert prospects into buyers.

    “~2/3 of [B2B] buyers prefer remote human interactions or digital self-service.” And during Aug. ‘20 to Feb. ‘21, use of digital self-service to interact with sales reps leapt by more than 10% for both researching and evaluating new suppliers.”
    – Liz Harrison, Dennis Spillecke, Jennifer Stanley, and Jenny Tsai McKinsey & Company, 2021

    SoftwareReviews Advisory Insight:
    Marketers are advised to update their buyer journey annually and with greater frequency when the human vs. digital mix is affected due to events such as COVID-19 and as emerging media such as AR shifts asset-type usage and engagement options.

    Our approach helps you define the buyer journey

    Because marketing leaders need to reach buyers through the right channel with the right message at the right time during their decision cycle, you’ll benefit by using questionnaires that enable you to build the below easily and quickly.

    You’ll be more successful by following our overall guidance

    Overarching insight

    Buyer personas and buyer journeys are essential ingredients in go-to-market success, as they inform for product, marketing, sales, and customer success who we are targeting and how to engage with them successfully.

    Align Your Team

    Marketers developing buyer personas and journeys that lack agreement among Marketing, Sales, and Product of personas to target will squander precious time and resources throughout the customer targeting and acquisition process.

    Jump-Start Persona Development

    Marketing leaders leverage the buyer persona knowledge not only from in-house experts in areas such as sales and executives but from analysts that speak with their buyers each and every day.

    Buyer Interviews Are a Must

    While leaders will get a fast start by interviewing sellers, executives, and analysts, you will fail to craft the right messages, build the right marketing assets, and design the best buyer journey if you skip buyer interviews.

    Watch for Disruption

    Leaders will update their buyer journey annually and with greater frequency when the human vs. digital mix is effected due to events such as COVID-19 and as emerging media such as AR and VR shifts the way buyers engage.

    Advanced Buyer Journey Discovery

    Digital marketers that ramp up lead gen engine capabilities to capture “wins” and measure engagement back through the lead gen and nurturing engines will build a more data-driven view of the buyer journey. Target to build this advanced capability in your initial design.

    Tools and templates to speed your success

    This blueprint is accompanied by supporting deliverables to help you gather team insights, interview customers and prospects, and summarize results for ease in communications.

    To support your buyer persona and journey creation, we’ve created the enclosed tools

    Buyer Persona Creation Template

    A PowerPoint template to aid the capture and summarizing of your team’s insights on the buyer persona.

    Buyer Persona and Journey Interview Guide and Data Capture Tool

    For interviewing customers and prospects, this tool is designed to help you interview personas and summarize results for up to 15 interviewees.

    Buyer Persona and Journey Summary Template

    A PowerPoint template into which you can drop your buyer persona and journey interviewees list and summary findings.

    SoftwareReviews offers two levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    The "do-it-yourself" step-by-step instructions begin with Phase 1.

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    A Guided Implementation is a series of analysts inquiries with you and your team.

    Diagnostics and consistent frameworks are used throughout each option.

    Guided Implementation

    A Guided Implementation (GI) is series of calls with a SoftwareReviews Advisory analyst to help implement our best practices in your organization.

    For guidance on marketing applications, we can arrange a discussion with an Info-Tech analyst.

    Your engagement managers will work with you to schedule analyst calls.

    What does our GI on buyer persona and journey mapping look like?

    Drive an Aligned Initial Draft of Buyer Persona

    • Call #1: Collaborate on vision for buyer persona and the buyer journey. Review templates and sample outputs. Identify your team.
    • Call #2: Review work in progress on capturing working team knowledge of buyer persona elements.
    • Call #3: (Optional) Review Info-Tech’s research-sourced persona insights.
    • Call #4: Validate the persona WIP with Info-Tech analysts. Review buyer interview approach and target list.

    Interview Buyers and Validate Persona and Journey

    • Call #5: Revise/review interview guide and final interviewee list; schedule interviews.
    • Call #6: Review interim interview finds; adjust interview guide.
    • Call #7: Use interview findings to validate/update persona and build journey map.
    • Call #8: Add supporting analysts to final stakeholder review.

    Prepare Communications and Educate Stakeholders

    • Call #9: Review output templates completed with final persona and journey findings.
    • Call #10: Add supporting analysts to stakeholder education meetings for support and help with addressing questions/issues.

    Workshop overview

    Contact your account representative for more information. workshops@infotech.com 1-888-670-8889

    Day1 Day 2 Day 3 Day 4 Day 5
    Align Team, Identify Persona, and Document Current Knowledge Validate Initial Work and Identify Buyer Interviewees Schedule and Hold Buyer interviews Summarize Findings and Provide Actionable Guidance to Colleagues Measure Impact and Results
    Activities

    1.1 Outline a vision for buyer persona and journey creation and identify stakeholders.

    1.2 Identify buyer persona choices and settle on an initial target.

    1.3 Document team knowledge about buyer persona (and journey where possible).

    2.1 Share initial insights with covering industry analyst.

    2.2 Hear from industry analyst their perspectives on the buyer persona attributes.

    2.3 Reconcile differences; update “current understanding.”

    2.4 Identify interviewee types by segment, region, etc.

    3.1 Identify actual list of 15-20 interviewees.

    A gap of up to a week for scheduling of interviews.

    3.2 Hold interviews and use interview guides (over the course of weeks).

    3.3 Hold review session after initial 3-4 interviews to make adjustments.

    3.4 Complete interviews.

    4.1 Summarize findings.

    4.2 Create action items for supporting team, e.g. messaging, touch points, media spend, assets.

    4.3 Convene steering committee/exec. and working team for final review.

    4.4 Schedule meetings with colleagues to action results.

    5.1 Review final copy, assets, launch/campaign plans, etc.

    5.2 Develop/review implementation plan.

    A period of weeks will likely intervene to execute and gather results.

    5.3 Reconvene team to review results.

    Deliverables
    1. Documented steering committee and working team
    2. Executive Brief on personas and journey
    3. Personas and initial targets
    4. Documented team knowledge
    1. Analyst-validated initial findings
    2. Target interviewee types
    1. List of interviewees; calls scheduled
    2. Initial review – “are we going in the right direction?”
    3. Completed interviews
    1. Complete findings
    2. Action items for team members
    3. Plan for activation
    1. Activation review
    2. List of suggested next steps

    Phase 1
    Drive an Aligned Initial Draft of Buyer Persona

    This Phase walks you through the following activities:

    • Develop an understanding of what comprises a buyer persona and journey, including their importance to overall go-to-market strategy and execution.
    • Sample outputs.

    This Phase involves the following stakeholders:

    • Program leadership
    • Product Marketing
    • Product Management
    • Representative(s) from Sales
    • Executive Leadership

    1.1 Establish the team and align on shared vision

    Input

    • Typically a joint recognition that buyer personas have not been fully documented.
    • Identify working team members/participants (see below), and an executive sponsor.

    Output

    • Communication of team members involved and the make-up of steering committee and working team
    • Alignment of team members on a shared vision of “Why Build Buyer Personas and Journey” and what key attributes define both.

    Materials

    • N/A

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • CMO/Sponsoring Executive Working Team – typically representatives in Product Marketing, Product Management, and Sales
    • SoftwareReviews marketing analyst

    60 minutes

    1. Schedule inquiry with working team members and walk the team through the Buyer Persona and Journey Executive Brief PowerPoint presentation.
    2. Optional: Have the (SoftwareReviews Advisory) SRA analyst walk the team through the Buyer Persona and Journey Executive Brief PowerPoint presentation as part of your session.

    Review the Create a Buyer Persona Executive Brief (Slides 3-14)

    1.2 Document team knowledge of buyer persona

    Input

    • Working team member knowledge

    Output

    • Initial draft of your buyer persona

    Materials

    • Buyer Persona Creation Template

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • CMO/Sponsoring Executive (optional)
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales

    2-3 sessions of 60 minutes each

    1. Schedule meeting with working team members and, using the Buyer Persona Template, lead the team in a discussion that documents current team knowledge of the target buyer persona.
    2. Lead the team to prioritize an initial, single, most important persona and to collaborate to complete the template (and later, the buyer journey). Once the team learns the process for working on the initial persona, the development of additional personas will become more efficient.
    3. Place the PowerPoint template in a shared drive for team collaboration. Expect to schedule several 60-minute meets. Quicken collaboration by encouraging team to “do their homework” by sharing persona knowledge within the shared drive version of the template. Your goal is to get to an initial agreed upon version that can be shared for additional validation with industry analyst(s) in the next step.

    Download the Buyer Persona Creation Template

    1.3 Validate with industry analysts

    Input

    • Identify gaps in persona from previous steps

    Output

    • Further validated buyer persona

    Materials

    • Bring your Buyer Persona Creation Template to the meeting to share with analysts

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • CMO/Sponsoring Executive (Optional)
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales
    • Info-Tech analyst covering your product category and SoftwareReviews marketing analyst

    30 minutes

    1. Schedule meeting with working team members and discuss which persona areas require further validation from an Info-Tech analyst who has worked closely with those buyers within your persona.

    60 minutes

    1. Schedule an inquiry with the appropriate Info-Tech analyst and SoftwareReviews Advisory analyst to share current findings and see:
      1. Info-Tech analyst provide content feedback given what they know about your target persona and product category.
      2. SoftwareReviews Advisory analyst provide feedback on persona approach and to coach any gaps or important omissions.
    2. Tabulate results and update your persona summary. At this point you will likely require additional validation through interviews with customers and prospects.

    1.4 Identify interviewees and prepare for interviews

    Input

    • Identify segments within which you require persona knowledge
    • Understand your persona insight gaps

    Output

    • List of interviewees

    Materials

    • Interviewee recording template on following slide
    • Interview guide questions found within the Buyer Persona and Journey Interview Guide and data Capture Tool

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales

    1-2 weeks

    1. Identify the types of customers and prospects that will best represent your target persona. Choose interviewees that when interviewed will inform key differences among key segments (geographies, company size, mix of customers and prospects, etc.).
    2. Recruit interviewees and schedule interviews for 45 minutes.
    3. Keep track of Interviewees using the slide following this one.
    4. In preparation for interviews, review the Buyer Persona and Journey Interview Guide and Data Capture Tool. Review the two sets of questions:
      1. Buyer Persona-Related – use to validate areas where you still have gaps in your persona, OR if you are starting with a blank persona and wish to build your personas entirely based on customer and prospect interviews.
      2. Buyer-Journey Related, which we will focus on in the next phase.

    Download the Buyer Persona and Journey Interview Guide and Data Capture Tool

    The image shows a table titled ‘Interviewee List.’ A note next to the title indicates: Here you will document your interviewee list and outreach plan. A note in the Segment column indicates: Ensure you are interviewing personas across segments that will give you the insights you need, e.g. by size, by region, mix of customers and prospects. A note in the Title column reads: Vary your title types up or down in the “buying center” if you are seeking to strengthen buying center dynamics understanding. A note in the Roles column reads: Vary your role types according to decision-making roles (decision maker, influencer, ratifier, coach, user) if you are seeking to strengthen decision-making dynamics understanding.

    Phase 2
    Interview Buyers and Validate Persona and Journey

    This Phase walks you through the following activities:

    • Developing final interview guide.
    • Interviewing buyers and customers.
    • Adjusting approach.
    • Validating buyer persona.
    • Crafting buyer journey
    • Gaining analyst feedback.

    This Phase involves the following stakeholders:

    • Program leadership
    • Product Marketing
    • Representative(s) from Sales

    2.1 Hold interviews

    Input

    • List of interviewees
    • Final list of questions

    Output

    • Buyer perspectives on their personas and buyer journeys

    Materials

    • Buyer Persona and Journey Interview Guide and data Capture Tool

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales

    1-2 weeks

    1. Hold interviews and adjust your interviewing approach as you go along. Uncover where you are not getting the right answers, check with working team and analysts, and adjust.

    Download the Buyer Persona and Journey Interview Guide and Data Capture Tool

    2.2 Use interview findings to validate what’s needed for activation

    Input

    • List of interviewees
    • Final list of questions

    Output

    • Buyer perspectives on their personas and buyer journeys
    • Stakeholder feedback that actionable insights are resulting from interviews

    Materials

    • Buyer Persona Creation Template
    • Buyer Persona and Journey Interview Guide and Data Capture Tool

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales
    • SoftwareReviews marketing analyst

    2 hours

    1. Convene your team, with marketing analysts, and test early findings: It’s wise to test initial interview results to check that you are getting the right insights to understand and validate key challenges, pain points, needs, and other vital areas pertaining to the buyer persona. Are the answers you are getting enabling you to complete the Summary slides for later communications and training for Sales?
    2. Check when doing buyer journey interviews that you are getting actionable answers that drive messaging, what asset types are needed, what the marketing channel mix is, and other vital insights to activate the results. Are the answers you are getting adequate to give guidance to campaigners, content marketers, and sales enablement?
    3. See the following slides for detailed questions that need to be answered satisfactorily by your team members that need to “activate” the results.

    Download the Buyer Persona and Journey Interview Guide and Data Capture Tool

    2.2.1 Are you getting what you need from interviews to inform the buyer persona?

    Test that you are on the right track:

    1. Are you getting the functional answers so you can guide sellers to the right roles? Can you guide marketers/campaigners to the right “Ideal Customer Profile” for lead scoring?
    2. Are you capturing the right emotive areas that will support message crafting? Solutioning? SEM/SEO?
    3. Are you capturing insights into “how they decide” so sellers are well informed on the decision-making dynamics?
    4. Are you getting a strong understanding of content, interaction preferences, and news and information sources so sellers can outreach more effectively, you can pinpoint media spend, and content marketing can create the right assets?
    Functional – “to find them”
    Job Role Title Org. Chart Dynamics Buying Center Firmographics
    Emotive – “what they do and jobs to be done”
    Initiatives: What programs/projects the persona is tasked with and their feelings and aspirations about these initiatives. Motivations? Build credibility? Get promoted? Challenges: Identify the business issues, problems, and pain points that impede attainment of objectives. What are their fears, uncertainties, and doubts about these challenges? Buyer Need: They may have multiple needs; which need is most likely met with the offering? Terminology: What are the keywords/phrases they organically use to discuss the buyer need or business issue?
    Decision Criteria – “how they decide”
    Buyer Role: List decision-making criteria and power level. The five common buyer roles are champion, influencer, decision maker, user, and ratifier (purchaser/negotiator). Evaluation and Decision Criteria: Which lens – strategic, financial, or operational – does the persona evaluate the impact of purchase through?
    Solution Attributes – “what does the ideal solution look like”
    Steps in “Jobs to Be Done” Elements of the “Ideal Solution” Business outcomes from ideal solution Opportunity scope; other potential users Acceptable price for value delivered Alternatives that see consideration Solution sourcing: channel, where to buy
    Behavioral Attributes – “how to approach them successfully”
    Content Preferences: List the persona’s content preferences – blog, infographic, demo, video – vs. long-form assets (e.g. white paper, presentation, analyst report). Interaction Preferences: Which are preferred among in-person meetings, phone calls, emails, videoconferencing, conducting research via Web, mobile, and social? Watering Holes: Which physical or virtual places do they go to network or exchange info with peers (e.g. LinkedIn)?

    2.2.2 Are you getting what you need from interviews to support the buyer journey?

    Our approach helps you define the buyer journey

    Because marketing leaders need to reach buyers through the right channel with the right message at the right time during their decision cycle, you’ll benefit by using questionnaires that enable you to build the below easily and quickly.

    2.3 Continue interviews

    Input

    • Final adjustments to list of interview questions

    Output

    • Final buyer perspectives on their personas and buyer journeys

    Materials

    • Buyer Persona Creation Template
    • Buyer Persona and Journey Interview Guide and data Capture Tool

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales

    1-2 weeks

    1. Continue customer and prospect interviews.
    2. Ensure you are gaining the segment perspectives needed.
    3. Complete the “Summary” columns within the Buyer Persona and Journey Interview Guide and Data Capture Tool.

    Download the Buyer Persona and Journey Interview Guide and Data Capture Tool

    Phase 3
    Prepare Communications and Educate Stakeholders

    This Phase walks you through the following activities:

    • Creating outputs for key stakeholders
    • Communicating final findings and supporting marketing, sales, and product activation.

    This Phase involves the following stakeholders:

    • Program leadership
    • Product Marketing
    • Product Management
    • Sales
    • Field Marketing/Campaign Management
    • Executive Leadership

    3.1 Summarize interview results and convene full working team and steering committee for final review

    Input

    • Buyer persona and journey interviews detail

    Output

    • Buyer perspectives on their personas and buyer journeys

    Materials

    • Buyer Persona and Journey Interview Guide and Data Capture Tool
    • Buyer Persona and Journey Summary Template

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • CMO/Sponsoring Executive (Optional)
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales
    • SoftwareReviews marketing analyst

    1-2 hours

    1. Summarize interview results within the Buyer Persona and Journey Summary Template.

    Download the Buyer Persona and Journey Interview Guide and Data Capture Tool

    Download the Buyer Persona and Journey Summary Template

    3.2 Convene executive steering committee and working team to review results

    Input

    • Buyer persona and journey interviews summary

    Output

    • Buyer perspectives on their personas and buyer journeys

    Materials

    • Buyer Persona and Journey Summary Template

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales

    1-2 hours

    1. Present final persona and journey results to the steering committee/executives and to working group using the summary slides interview results within the Buyer Persona and Journey Summary Template to finalize results.

    Download the Buyer Persona and Journey Summary Template

    3.3 Convene stakeholder meetings to activate results

    Input

    • Buyer persona and journey interviews summary

    Output

    Activation of key learnings to drive:

    • Better product –market fit
    • Lead gen
    • Sales effectiveness
    • Awareness

    Materials

    • Buyer Persona and Journey Summary Template

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales
    • Stakeholder team members (see left)

    4-5 hours

    Present final persona and journey results to each stakeholder team. Key presentations include:

    1. Product team to validate product market fit.
    2. Content marketing to provide messaging direction for the creation of awareness and lead gen assets.
    3. Campaigners/Field Marketing for campaign-related messaging and to identify asset types required to be designed and delivered to support the buyer journey.
    4. Social media strategists for social post copy, and PR for other awareness-building copy.
    5. Sales enablement/training to enable updating of sales collateral, proposals, and sales training materials. Sellers to help with their targeting, prospecting, and crafting of outbound messaging and talk tracks.

    Download the Buyer Persona and Journey Summary Template

    Summary of Accomplishment

    Problem Solved

    With the help of this blueprint, you have deepened your and your colleagues’ buyer understanding at both the persona “who they are” level and the buyer journey “how do they buy” level. You are among the minority of marketing leaders that have fully documented a buyer persona and journey – congratulations!

    The benefits of having led your team through the process are significant and include the following:

    • Better alignment of customer/buyer-facing teams such as in product, marketing, sales, and customer success.
    • Messaging that can be used by marketing, sales, and social teams that will resonate with buyer initiatives, pain points, sought-after “pain relief,” and value.
    • Places in the digital and physical universe where your prospects “hang out” so you can optimize your media spend.
    • More effective use of marketing assets and sales collateral that align with the way your prospect needs to consume information throughout their buyer journey to make a decision in your solution area.

    And by capturing and documenting your buyer persona and journey even for a single buyer type, you have started to build the “institutional strength” to apply the process to other roles in the decision-making process or for when you go after new and different buyer types for new products. And finally, by bringing your team along with you in this process, you have also led your team in becoming a more customer-focused organization – a strategic shift that all organizations should pursue.

    If you would like additional support, contact us and we’ll make sure you get the professional expertise you need.

    Contact your account representative for more information.

    info@softwarereviews.com

    1-888-670-8889

    Related Software Reviews Research

    Optimize Lead Generation With Lead Scoring

    • Save time and money and improve your sales win rates when you apply our methodology to score contacts with your lead gen engine more accurately and pass better qualified leads over to your sellers.
    • Our methodology teaches marketers to develop your own lead scoring approach based upon lead/contact profile vs. your Ideal Customer Profile (ICP) and scores contact engagement. Applying the methodology to arrive at your own approach to scoring will mean reduced lead gen costs, higher conversion rates, and increased marketing-influenced wins.

    Bibliography

    Bilardi, Emma. “How to Create Buyer Personas.” Product Marketing Alliance, July 2020. Accessed Dec. 2021.

    Harrison, Liz, Dennis Spillecke, Jennifer Stanley, and Jenny Tsai. “Omnichannel in B2B sales: The new normal in a year that has been anything but.” McKinsey & Company, 15 March 2021. Accessed Dec. 2021.

    Jansen, Hasse. “Buyer Personas – 33 Mind Blowing Stats.” Boardview.io!, 19 Feb. 2016. Accessed Jan. 2022.

    Raynor, Lilah. “Understanding The Changing B2B Buyer Journey.” Forbes Agency Council, 18 July 2021. Accessed Dec. 2021.

    Simpson, Jon. “Finding Your Audience: The Importance of Developing a Buyer Persona.” Forbes Agency Council, 16 May 2017. Accessed Dec. 2021.

    “Successfully Executing Personalized Marketing Campaigns at Scale.” Plexure, 6 Jan. 2020. Accessed Dec 2020.

    Ulwick, Anthony W. JOBS TO BE DONE: Theory to Practice. E-book, Strategyn, 1 Jan. 2017. Accessed Jan. 2022.

    Help Managers Inform, Interact, and Involve on the Way to Team Engagement

    • Buy Link or Shortcode: {j2store}595|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Employee Development
    • Parent Category Link: /train-and-develop
    • Employee engagement impacts a company’s bottom line as well as the quality of work life for employees.
    • Employee engagement surveys often fail to provide the value you are hoping for because they are treated like an annual project that quickly loses steam.
    • The responsibility for fixing the issues identified falls to HR, and ultimately HR has very little control over an employee’s concerns with their day-to-day role.

    Our Advice

    Critical Insight

    • HR and the executive team have been exclusively responsible for engagement for too long. Since managers have the greatest impact on employees, they should also be primarily responsible for employee engagement.
    • In most organizations, managers underestimate the impact they can have on employee engagement, and assume that the broader organization will take more meaningful action.
    • Improving employee engagement may be as simple as improving the frequency and quality of the “3Is”: informing employees about the why behind decisions, interacting with them on a personal level, and involving them in decisions that affect them.

    Impact and Result

    • Managers have the greatest impact on employee engagement as they are in a unique situation to better understand what makes employees tick.
    • If employees have a good relationship with their manager, they are much more likely to be engaged at work which ultimately leads to increases in revenue, profit, and shareholder return.

    Help Managers Inform, Interact, and Involve on the Way to Team Engagement Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Get more involved in analyzing and improving team engagement

    Improve employee engagement and ultimately the organization’s bottom line.

    • Storyboard: Help Managers Inform, Interact, and Involve on the Way to Team Engagement

    2. Gather feedback from employees

    Have a productive engagement feedback discussion with teams.

    • Engagement Feedback Session Agenda Template

    3. Engage teams to improve engagement

    Facilitate effective team engagement action planning.

    • Action Planning Worksheet

    4. Gain insight into what engages and disengages employees

    Solicit employee pain points that could potentially hinder their engagement.

    • Stay Interview Guide

    5. Get to know new hires on a more personal level

    Develop a stronger relationship with employees to drive engagement.

    • New Hire Conversation Guide
    [infographic]

    Initiate Your Service Management Program

    • Buy Link or Shortcode: {j2store}398|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Service Management
    • Parent Category Link: /service-management
    • IT organizations continue attempting to implement service management, often based on ITIL, with limited success and without visible value.
    • More than half of service management implementations have failed beyond simply implementing the service desk and the incident, change, and request management processes.
    • Organizational structure, goals, and cultural factors are not considered during service management implementation and improvement.
    • The business lacks engagement and understanding of service management.

    Our Advice

    Critical Insight

    • Service management is an organizational approach. Focus on producing successful and valuable services and service outcomes for the customers.
    • All areas of the organization are accountable for governing and executing service management. Ensure that you create a service management strategy that improves business outcomes and provides the value and quality expected.

    Impact and Result

    • Identified structure for how your service management model should be run and governed.
    • Identified forces that impact your ability to oversee and drive service management success.
    • Mitigation approach to restraining forces.

    Initiate Your Service Management Program Research & Tools

    Start here – read the Executive Brief

    Read this Executive Brief to understand why service management implementations often fail and why you should establish governance for service management.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify the level of oversight you need

    Use Info-Tech’s methodology to establish an effective service management program with proper oversight.

    • Service Management Program Initiation Plan
    [infographic]

    Select a Sourcing Partner for Your Development Team

    • Buy Link or Shortcode: {j2store}508|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Application Development
    • Parent Category Link: /application-development
    • You have identified that a change to your sourcing strategy is required, based on market and company factors.
    • You are ready to select a new sourcing partner to drive innovation, time to market, increased quality, and improved financial performance.
    • Taking on a new partner is a significant investment and risk, and you must get it right the first time.
    • You need to make a change now to prevent losing clients and falling further behind your performance targets and your market.

    Our Advice

    Critical Insight

    Selecting a sourcing partner is a function of matching complex factors to your own firm. It is not a simple RFP exercise; it requires significant introspection, proactive planning, and in-depth investigation of potential partners to choose the right fit.

    Impact and Result

    Choosing the right sourcing partner is a four-step process:

    1. Assess your companies' skills and processes in the key areas of risk to sourcing initiatives.
    2. Based on the current situation, define a profile for the matching sourcing partner.
    3. Seek matching partners from the market, either in terms of vendor partners or in terms of sourcing locations.
    4. Based on the choice of partner, build a plan to implement the partnership, define metrics to measure success, and a process to monitor.

    Select a Sourcing Partner for Your Development Team Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Select a Sourcing Partner for Your Development Team Storyboard – Use this presentation to select a partner to best fit your sourcing needs and deliver long-term value.

    This project helps select a partner for sourcing of your development team so that you can realize the benefits from changing your sourcing strategy.

    • Select a Sourcing Partner for Your Development Team Storyboard

    2. Select a Sourcing Partner for Your Development Team Presentation Template – Use this template to build a presentation to detail your decision on a sourcing partner for your development team.

    This presentation template is designed to capture the results from the exercises within the storyboard and allow users to build a presentation to leadership showing how selection was done.

    • Select a Sourcing Partner for Your Development Team Presentation Template

    3. Select a Sourcing Partner for Your Development Team Presentation Example – Use this as a completed example of the template.

    This presentation template portrays what the completed template looks like by showing sample data in all tables. It allows members to see how each exercise leads to the final selection of a partner.

    • Select a Sourcing Partner for Your Development Team Example Template
    [infographic]

    Further reading

    Select a Sourcing Partner for Your Application Development Team

    Choose the right partner to enable your firm to maximize the value realized from your sourcing strategy.

    Analyst Perspective

    Selecting the right partner for your sourcing needs is no longer a cost-based exercise. Driving long-term value comes from selecting the partner who best matches your firm on a wide swath of factors and fits your needs like a glove.

    Sourcing in the past dealt with a different kind of conversation involving two key questions:

    Where will the work be done?

    How much will it cost?

    How people think about sourcing has changed significantly. People are focused on gaining a partner, and not just a vendor to execute a single transaction. They will add skills your team lacks, and an ability to adapt to your changing needs, all while ensuring you operate within any constraints based on your business.

    Selecting a sourcing partner is a matching exercise that requires you to look deep into yourself, understand key factors about your firm, and then seek the partner who best meets your profile.

    The image contains a picture of Dr. Suneel Ghei.

    Dr. Suneel Ghei
    Principal Research Director, Application Development
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    • You have identified that a change to your sourcing strategy is required based on market and company factors.
    • You are ready to select a new sourcing partner to drive innovation, time to market, increased quality, and improve financial performance.
    • Taking on a new partner is a significant investment and risk, and you must get it right the first time.
    • You need to make a change now to avoid falling further behind your performance targets and your market, and losing clients.

    Almost half of all sourcing initiatives do not realize the projected savings, and the biggest reason is the choice of partner.

    The market for Application Development partners has become more diverse, increasing choice and the risk of making a costly mistake by choosing the wrong partner.

    Firms struggle with how best to support the sourcing partner and allocate resources with the right skills to maximize success, increasing the cost and time to implement, and limiting benefits.

    Making the wrong choice means inferior products, and higher costs and losing both clients and reputation.

    • Choosing the right sourcing partner is a four-step process:
    1. Assess your company's skills and processes in the key areas of risk to sourcing initiatives.
    2. Based on the current situation, define a profile for the matching sourcing partner.
    3. Seek matching partners from the market, either in terms of vendor partners or in terms of sourcing locations.
    4. Based on your choice of partner, build a plan to implement the partnership, and define metrics to measure success and a process to monitor.

    Info-Tech Insight

    Successfully selecting a sourcing partner is not a simple RFP exercise to choose the lowest cost. It is a complex process of introspection, detailed examination of partners and locations, and matching the fit. It requires you to seek a partner that is the Yin to your Yang, and failure is not an option.

    You need a new source for development resources

    You are facing immediate challenges that require a new approach to development resourcing.

    • Your firm is under fire; you are facing pressures financially from clients and your competitors.
    • Your pace of innovation and talent sourcing is too slow and too limiting.
    • Your competition is moving faster and your clients are considering their options.
    • Revenues and costs of development are trending in the wrong direction.
    • You need to act now to avoid spiraling further.

    Given how critical our applications are to the business and our clients, there is no room for error in choosing our partner.

    A study of 121 firms outsourcing various processes found that 50% of those surveyed saw no gains from the outsourcing arrangement, so it is critical to make the right choice the first time.

    Source: Zhang et al

    Big challenges await you on the journey

    The road to improving sourcing has many potholes.

    • In a study of 121 firms who moved development offshore, almost 50% of all outsourcing and offshoring initiatives do not achieve the desired results.
    • In another study focused on large corporations, it was shown that 70% of respondents saw negative outcomes from offshoring development.
    • Globalization of IT Services and the ability to work from anywhere have contributed to a significant increase in the number of development firms to choose from.
    • Choosing and implementing a new partner is costly, and the cost of choosing the wrong partner and then trying to correct your course is significant in dollars and reputation:
      • Costs to find a new partner and transition
      • Lost revenue due to product issues
      • Loss of brand and reputation due to poor choice
    • The wrong choice can also cost you in terms of your own resources, increasing the risk of losing more knowledge and skills.

    A survey of 25 large corporate firms that outsourced development offshore found that 70% of them had negative outcomes.

    (Source: University of Oregon Applied Information Management, 2019)

    Info-Tech’s approach

    Selecting the right partner is a matching exercise.

    Selecting the right partner is a complex exercise with many factors

    1. Look inward. Assess your culture, your skills, and your needs.
    • Market
    • People
    • Culture
    • Technical aspects
  • Create a profile for the perfect partner to fit your firm.
    • Sourcing Strategy
    • Priorities
    • Profile
  • Find the partner that best fits your needs
    • Define RFx
    • Target Partners
    • Evaluate
  • Implement the partner and put in metrics and process to manage.
    • Contract Partner
    • Develop Goals
    • Create Process and Metrics

    The Info-Tech difference:

    1. Assess your own organization’s characteristics and capabilities in four key areas.
    2. Based on these characteristics and the sourcing strategy you are seeking to implement, build a profile for your perfect partner.
    3. Define an RFx and assessment matrix to survey the market and select the best partner.
    4. Implement the partner with process and controls to manage the relationship, built collaboratively and in place day 1.

    Insight summary

    Overarching insight

    Successfully selecting a sourcing partner is not a simple RFP exercise to choose the lowest cost. It is a complex process of introspection, detailed examination of partners and locations, and matching the fit. It requires you to seek a partner that is the Yin to your Yang, and failure is not an option.

    Phase 1 insight

    Fitting each of these pieces to the right partner is key to building a long-term relationship of value.

    Selecting a partner requires you to look at your firm in depth from a business, technical, and organizational culture perspective.

    Phase 2 insight

    The factors we have defined serve to build us a profile for the ideal partner to engage in sourcing our development team. This profile will lead us to be able to define our RFP / RFI and assess respondents.

    Phase 3/4 insight

    Implement the relationship the same way you want it to work, as one team. Work together on contract mechanism, shared goals, metrics, and performance measurement. By making this transparent you hasten the development of a joint team, which will lead to long-term success.

    Tactical insight

    Ensure you assess not just where you are but where you are going, in choosing a partner. For example, you must consider future markets you might enter when choosing the right sourcing, or outsourcing location to maintain compliance.

    Tactical insight

    Sourcing is not a replacement for your full team. Skills must be maintained in house as well, so the partner must be willing to work with the in-house team to share knowledge and collaborate on deliverables.

    Addressing the myth – Single country offshoring or outsourcing

    Research shows that a multi-country approach has a higher chance of success.

    • Research shows that firms trying their own captive development centers fail 20% of the time. ( Journal of Information Technology, 2008)
    • Further, the overall cost of ownership for an offshore center has shown to be significantly higher than the cost of outsourcing, as the offshore center requires more internal management and leadership.
    • Research shows that offshoring requires the offshore location to also house business team members to allow key relationships to be built and ensure more access to expertise. (Arxiv, 2021)
    • Given the specificity of employment laws, cultural differences, and leadership needs, it is very beneficial to have a Corporate HR presence in countries where an offshore center is being set up. (Arxiv, 2021)
    • Lastly, given the changing climate on security, geopolitical changes, and economic factors, our research with service providers and corporate clients shows a need to have more diversity in provider location than a single center can provide.

    Info-Tech Insight

    Long-term success of sourcing requires more than a development center. It requires a location that houses business and HR staff to enable the new development team to learn and succeed.

    Addressing the myth – Outsourcing is a simple RFP for skills and lowest cost

    Success in outsourcing is an exercise in finding a match based on complex factors.

    • In the past, outsourcing was a simple RFP exercise to find the cheapest country with the skills.
    • Our research shows this is no longer true; the decision is now more complex.
    • Competition has driven costs higher, while time business integration and security constraints have served to limit the markets available.
    • Company culture fit is key to the ability to work as one team, which research shows is a key element in delivery of long-term value. (University of Oregon, 2019).
    • These are some of the many factors that need to be considered as you choose your outsourcing partner.
    • The right decision is to find the vendor that best matches the current state of your culture, meets your market constraints, and will allow for best integration to your team – it's not about cheapest or pure skills. (IEEE Access, 2020)

    Info-Tech Insight

    Finding the right outsourcing vendor is an exercise in knowing yourself and then finding the best match to align with your key traits. It's not just costs and skills, but the partner who best matches with your ability to mitigate the risks of outsourcing.

    Phase 1

    Look inward to gain insight on key factors

    Introspection

    1.1 Assess your market factors

    1.2 Determine your people factors

    1.3 Review your current culture

    1.4 Document your technical factors

    Profiling

    2.1 Recall your sourcing strategy

    2.2 Prioritize your company factors

    2.3 Create target profile

    Partner selection

    3.1 Review your RFx

    3.2 Identify target vendors

    3.3 Evaluate vendor

    responses

    Implementation

    4.1 Engage partner to choose contract mechanism

    4.2 Engage partner team to define goals

    4.3 Choose your success

    metrics

    This phase will walk you through assessing and documenting the key driving factors about your firm and the current situation.

    By defining these factors, you will be able to apply this information in the matching process to select the best fit in a partner.

    This phase involves the following participants:

    Line of Business leaders

    Technology leaders

    Key criteria to assess your firm

    Research shows firms must assess themselves in different areas.

    Market factors

    • Who are your clients and your competitors, and what legal constraints do you face?

    People / Process factors

    • What employee skills are you seeking, what is your maturity in product management and stakeholder engagement, and what languages are spoken most predominantly?

    Cultural factors

    • What is your culture around communications, collaboration, change management, and conflict resolution?

    Technical factors

    • What is your current / future technical platform, and what is the maturity of your applications?

    Info-Tech Best Practice

    When assessing these areas, consider where you are today and where you want to go tomorrow, as choosing a partner is a long-term endeavor.

    Step 1.1

    Assess your market factors

    Activities

    1.1.1 Review your client list and future projections to determine your market factors.

    1.1.2 Review your competitive analysis to determine your competitive factors

    This step involves the following participants:

    Business leaders

    Product Owners

    Technology leaders

    Outcomes of this step

    Details of key market factors that will drive the selection of the right partner.

    Market factors

    The Market has a lot to say about the best match for your application development partner.

    Research in the space has defined key market-based factors that are critical when selecting a partner.

    1. Market sectors you service or plan to service – This is critical, as many market sectors have constraints on where their data can be accessed or stored. These restrictions also change over time, so they must be consistently reviewed.
    • E.g. Canadian government data must be stored and only accessed in Canada.
    • E.g. US Government contracts require service providers to avoid certain countries.
  • Your competitors – Your competitors can often seize on differences and turn them to differentiators; for example, offshoring to certain countries can be played up as a risk by a competitor who does all their work in a particular country.
  • Your clients – Research shows that clients can have very distinct views on services being performed in certain countries due to perceived risk, culture, and geopolitical factors. Understanding the views of major clients on globalization of services is a key factor in maintaining client satisfaction.
  • Info-Tech Insight

    Understanding your current and future market factors ensure that your business can not only be successful with the chosen partner today, but also in the future.

    1.1.1 Assess your market factors

    30 min

    Market factors

    1. Group your current client list into three categories:
      1. Those that have no restrictions on data security, privacy or location.
      2. Those that ask for assurances on data security, privacy and location.
      3. Those clients who have compliance restrictions related to data security, privacy, and location.
    2. Categorize future markets into the same three categories.
    3. Based on revenue projections, estimate the revenue from each category as a percentage of your total revenue.

    Download the Select a Sourcing Partner Presentation Template

    Input Output
    • Current client list
    • Future market plans
    • Competitive analysis
    • Completion of the Market Factors chart in the Select a Sourcing Partner for Your Development Team template
    Materials Participants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leaders
    • Product owners
    • Line of business leaders
    • Finance leaders

    Assess your market factors

    Market and sector

    Market share and constraints

    Market category

    Sector – Public, private or both

    Market share of category

    Key areas of concern

    Not constrained by data privacy, security or location

    Private

    50%

    Require assurances on data security, privacy or location

    Public

    45%

    Data access

    Have constraints that preclude choices related to data security, privacy and location

    Public

    5%

    Data residency

    1.1.2 Review your competitive factors

    30 min

    Competitive factors

    1. List your largest competitors.
    2. Document their sourcing strategies for their development team – are they all onshore or nearshore? Do they outsource?
    3. Based on this, identify competitive threats based on changing sourcing strategies.

    Download the Select a Sourcing Partner Presentation Template

    Input Output
    • Current client list
    • Future market plans
    • Competitive analysis
    • Completion of the Market Factors chart in the Select a Sourcing Partner for Your Development Team template
    Materials Participants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leaders
    • Product owners
    • Line of business leaders
    • Finance leaders

    Review your competitive factors

    Competitors

    Competitor sourcing strategy

    Competitive threats

    Competitor

    Where is the market?

    Is this onshore / near shore / offshore?

    Data residency

    How could competitors take advantage of a change in our sourcing strategy?

    Competitor X

    Canada / US

    All work done in house and onshore

    Kept in Canada / US

    If we source offshore, we will face a Made in Canada / US threat

    Step 1.2

    Consider your people-related factors

    Activities

    1.2.1 Define your people factors

    1.2.2 Assess your process factors

    This step involves the following participants:

    Technical leaders

    Outcomes of this step

    Details of key people factors that will drive the selection of the right partner.

    People / process factors

    People and process have a large hand in the success or failure of a partner relationship.

    • Alignment of people and process are critical to the success of the partner relationship over the long term.
    • In research on outsourcing / offshoring, Rahman et al identified ten factors that directly impact success or failure in offshoring or outsourcing of development.
    • Key among them are the following:
      • Employee skills
      • Project management
      • Maturity of process concerning product and client management
      • Language barrier

    Info-Tech Insight

    People are a critical resource in any sourcing strategy. Making sure the people and the processes will mesh seamlessly is how to ensure success.

    1.2.1 Define your people factors

    30 min

    Skills Inventory

    1. List skills needed in the development team to service current needs.
    2. Based on future innovation and product direction, add skills you foresee needing in the next 12-24 months. Where do you see a new technology platform (e.g. move from .NET to Java) or innovation (addition of Mobile)?
    3. List current skills present in the team.
    4. Identify skills gaps.

    Download the Select a Sourcing Partner Presentation Template

    InputOutput
    • Product plans for current and future products
    • Technology platform plans for current products
    • Future innovation plans
    • People- and process-related factors that influence sourcing decisions
    MaterialsParticipants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leaders
    • Product owners
    • Solution architects

    Assess your people - Skills inventory

    Skills required

    Strategic value

    Skills present

    Skill you are seeking

    Required today or in the future

    Rate the skill level required in this area

    Is this a strategic focus for the firm for future targets?

    Is this skill present in the team today?

    Rate current skill level (H/M/L)

    Java Development

    Future

    High

    Yes

    No

    Low

    .Net Development

    Today

    Med

    No

    Yes

    High

    1.2.2 Assess your process factors

    30 min

    Process factors

    1. Do you have a defined product ownership practice?
    2. How mature is the product ownership for the product you are seeking to change sourcing for (H/M/L)?
    3. Do you have project management principles and governance in place for software releases?
    4. What is the relative maturity / skill in the areas you are seeking sourcing for (H/M/L)?

    Download the Select a Sourcing Partner Presentation Template

    InputOutput
    • Product plans for current and future products
    • Technology platform plans for current products
    • Future innovation plans
    • People- and process-related factors that influence sourcing decisions
    MaterialsParticipants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leaders
    • Product owners
    • Solution architects

    Assess your process factors

    Product ownership

    Project management

    Product where sourcing is being changed

    Product ownership in place?

    Skills / maturity rating (H/M/L)

    Project management / governance in place for software releases

    Rate current maturity / skill level (H/M/L)

    ABC

    Yes

    High

    Yes

    High

    SQW

    No

    Low

    Yes

    High

    Step 1.3

    Review your current culture

    Activities

    1.3.1 Assess your communications factors

    1.3.2 Assess your conflict resolution factors

    This step involves the following participants:

    Technical leaders

    Product owners

    Project managers

    Outcomes of this step

    Details of key culture factors that will drive the selection of the right partner.

    Cultural factors

    Organization culture fit is a driver of collaboration between the teams, which drives success.

    • In their study of country attractiveness for sourcing development, Kotlarsky and Oshri point to the ability of the client and their sourcing partner to work as one team as a key to success.
    • This requires synergies in many cultural factors to avoid costly miscommunications and misinterpretations that damage collaboration.
    • Key factors in achieving this are:
      • Communications methodology and frequency; managing and communicating to the teams as one team vs two, and communicating at all levels, vs top down.
      • Managing the team as one integrated team, with collaboration enabled between all resources, rather than the more adversarial client vs partner approach.
      • Conflict resolution strategies must align so all members of the extended team work together to resolve conflict vs the traditional “Blame the Contractors”.
      • Strong change management is required to keep all team members aligned.

    Info-Tech Insight

    Synergy of culture is what enables a good partner selection to become a long-term relationship of value.

    1.3.1 Assess your communications factors

    30 min

    1. List all the methods you use to communicate with your development team – face to face, email, conference call, written.
    2. For each form of communication confirm frequency, medium, and audience (team vs one-on-one)
    3. Confirm if these communications take into account External vs Internal resources and different time zones, languages, and cultures.
    4. Is your development team broken up into teams by function, by location, by skill, etc., or do you operate as one team?

    Download the Select a Sourcing Partner Presentation Template

    Input Output
    • Communication process with existing development team
    • Examples of how external staff have been integrated into the process
    • Examples of conflicts and how they were resolved
    • Documentation of key cultural characteristics that need to be part of provider profiling
    Materials Participants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leaders
    • Product owners
    • Project managers

    Assess your communications strategy

    Communications

    Type

    Frequency

    Audience

    One communication or one per audience?

    Level of two-way dialogue

    Face-to-face team meetings

    Weekly

    All developers

    One

    High

    Daily standup

    Daily

    Per team

    One per audience

    Low

    1.3.2 Assess your conflict resolution factors

    30 min

    1. How does your organization handle the following types of conflict? Rate from 1-5, with 1 being hierarchical and 5 being openly collaborative.
      1. Developers on a team disagree.
      2. Development team disagrees with manager.
      3. Development team disagrees with product owner.
      4. Development team disagrees with line of business.
    2. Rate each conflict resolution strategy based on effectiveness.
    3. Confirm if this type of strategy is used for internal and external resources, or internal only.

    Download the Select a Sourcing Partner Presentation Template

    InputOutput
    • Communication process with existing development team
    • Examples of how external staff have been integrated into the process
    • Examples of conflicts and how they were resolved
    • Documentation of key cultural characteristics that need to be part of provider profiling
    MaterialsParticipants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leaders
    • Product owners
    • Project managers

    Assess your conflict resolution strategy

    Conflict

    Resolution strategy

    Effectiveness

    Audience

    Conflict type

    Rate the resolution strategy from hierarchical to collaborative (1-5)

    How effective is this method of resolution from 1-5?

    Is this strategy used for external parties as well as internal?

    Developer to product owner

    44

    Yes

    Developer to manager

    12

    Yes

    Step 1.4

    Document your technical factors

    Activities

    1.4.1 Document your product / platform factors

    1.4.2 Document your environment details

    This step involves the following participants:

    Technical leaders

    Product owners

    Outcomes of this step

    Details of key technical factors that will drive the selection of the right partner.

    Technical factors

    Technical factors are still the foundation for a Development sourcing relationship.

    • While there are many organizational factors to consider, the matching of technological factors is still the root on which the sourcing relationship is built; the end goal is to build better software.
    • Key technical Items that need to be aligned based on the research are:
      • Technical infrastructure
      • Development environments
      • Development methodology and tools
      • Deployment methodology and tools
      • Lack of/poor-quality technical documentation
    • Most RFPs focus purely on skills, but without alignment on the above items, work becomes impossible to move forward quickly, limiting the chances of success.

    Info-Tech Insight

    Technical factors are the glue that enables teams to function together. Ensuring that they are fully integrated is what enables team integration; seams in that integration represent failure points.

    1.4.1 Document your product / platform factors

    30 mins

    1. How many environments does each software release go through from the start of development through release to production?
    2. What is the infrastructure and development platform?

    Download the Select a Sourcing Partner Presentation Template

    InputOutput
    • Development process
    • Deployment process
    • Operations process
    • IT security policies
    • Documentation of key technical characteristics that need to be part of provider profiling
    MaterialsParticipants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Development leaders
    • Deployment team leaders
    • Infrastructure leaders
    • IT operations leaders
    • Product owners
    • Project managers

    Document your product / platform

    Product / Platform

    Product you are seeking a sourcing solution for

    What is the current infrastructure platform?

    How many environments does the product pass through?

    What is the current development toolset?

    ABC

    Windows

    Dev – QA – Preprod - Prod

    .Net / Visual Studio

    1.4.2 Document your environment details

    30 min

    For each environment detail the following:

    1. Environment on premises or in cloud
    2. Access allowed to external parties
    3. Production data present and unmasked
    4. Deployment process: automated or manual
    5. Tools used for automated deployment
    6. Can the environment be restored to last known state automatically?
    7. Does documentation exist on the environment, processes and procedures?

    Download the Select a Sourcing Partner Presentation Template

    InputOutput
    • Development process
    • Deployment process
    • Operations process
    • IT security policies
    • Documentation of key technical characteristics that need to be part of provider profiling
    MaterialsParticipants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Development leaders
    • Deployment team leaders
    • Infrastructure leaders
    • IT operations leaders
    • Product owners
    • Project managers

    Document Your Environment Details

    Environment

    Location

    Access

    Deployment

    Data

    Name of Environment

    Is the environment on premises or in the cloud (which cloud)?

    Is external access allowed?

    Is deployment automated or manual?

    Tool used for deployment

    Is reset automated?

    Does the environment contain unmasked production data?

    Dev

    Cloud

    Yes

    Automated

    Azure DevOps

    Yes

    No

    QA

    Cloud

    Yes

    Automated

    Azure DevOps

    Yes

    No

    Preprod

    On Premises

    No

    Manual

    N/A

    No

    Yes

    Phase 2

    Introspection

    1.1 Assess your market factors

    1.2 Determine your people factors

    1.3 Review your current culture

    1.4 Document your technical factors

    Profiling

    2.1 Recall your sourcing strategy

    2.2 Prioritize your company factors

    2.3 Create target profile

    Partner selection

    3.1 Review your RFx

    3.2 Identify target vendors

    3.3 Evaluate vendor

    responses

    Implementation

    4.1 Engage partner to choose contract mechanism

    4.2 Engage partner team to define goals

    4.3 Choose your success

    metrics

    This phase will help you to build a profile of the partner you should target in your search for a sourcing partner.

    This phase involves the following participants:

    Technology leaders

    Procurement leaders

    Product owners

    Project managers

    Build a profile for the right partner

    • Finding the perfect partner is a puzzle to solve, an exercise between the firm and the partners.
    • It is necessary to be able to prioritize and to identify opportunities where you can adapt to create a fit.
    • You must also bring forward the sourcing model you are seeking and prioritize factors based on that; for example, if you are seeking a nearshore partner, language may be less of a factor.

    Review factors based on sourcing choice

    Different factors are more important depending on whether you are insourcing or outsourcing.

    Key risks for insourcing

    • Alignment on communication strategy and method
    • Ability to align culturally
    • Need for face-to-face relationship building
    • Need for coaching skills

    Key risks for outsourcing

    • Giving control to the vendor
    • Legal and regulatory issues
    • Lack of knowledge at the vendor
    • Language and cultural fit

    Assessing your firm's position

    • The model you derived from the Sourcing Strategy research will inform the prioritization of factors for matching partners.

    Info-Tech Insight

    To find the best location for insourcing, or the best vendor for outsourcing, you need to identify your firm's positions on key risk areas.

    Step 2.1

    Recall your sourcing strategy

    Activities

    2.1.1 Define the key factors in your sourcing strategy

    This step involves the following participants:

    Technology Leaders

    Outcomes of this step

    Documentation of the Sourcing Strategy you arrived at in the Define a Sourcing Strategy exercises

    Choosing the right model

    The image contains a screenshot of the legend that will be used down below. The legend contains circles, from the left there is a empty circle, a one quarter filled circle, half filled circle, three-quarter filled circle , and a fully filled in circle.

    Determinant

    Key Questions to Ask

    Onshore

    Nearshore

    Offshore

    Outsource role(s)

    Outsource team

    Outsource product(s)

    Business dependence

    How much do you rely on business resources during the development cycle?

    The image contains a screenshot of the filled in whole circle to demonstrate high. The image contains a screenshot of the three-quarter filled circle to demonstrate medium high. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the half filled circle to demonstrate medium. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the empty circle to demonstrate low.

    Absorptive capacity

    How successful has the organization been at bringing outside knowledge back into the firm?

    The image contains a screenshot of the empty circle to demonstrate low. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the half filled circle to demonstrate medium. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the filled in whole circle to demonstrate high.

    Integration complexity

    How many integrations are required for the product to function – fewer than 5, 5-10, or more than 10?

    The image contains a screenshot of the filled in whole circle to demonstrate high. The image contains a screenshot of the three-quarter filled circle to demonstrate medium high. The image contains a screenshot of the three-quarter filled circle to demonstrate medium high. The image contains a screenshot of the half filled circle to demonstrate medium. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the empty circle to demonstrate low.

    Product ownership

    Do you have full-time product owners in place for the products? Do product owners have control of their roadmaps?

    The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the half filled circle to demonstrate medium. The image contains a screenshot of the three-quarter filled circle to demonstrate medium high. The image contains a screenshot of the half filled circle to demonstrate medium. The image contains a screenshot of the filled in whole circle to demonstrate high. The image contains a screenshot of the filled in whole circle to demonstrate high.

    Organization culture fit

    What are your organization’s communication and conflict resolution strategies? Is your organization geographically dispersed?

    The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the three-quarter filled circle to demonstrate medium high. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the three-quarter filled circle to demonstrate medium high. The image contains a screenshot of the filled in whole circle to demonstrate high.

    Vendor mgmt skills

    What is your skill level in vendor management? How old are your longest-standing vendor relationships?

    The image contains a screenshot of the empty circle to demonstrate low. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the one-quarter filled circle to demonstrate medium low. The image contains a screenshot of the half filled circle to demonstrate medium. The image contains a screenshot of the three-quarter filled circle to demonstrate medium high. The image contains a screenshot of the filled in whole circle to demonstrate high.

    2.1.1 Define the key factors in your sourcing strategy

    30 min

    For each product you are seeking a sourcing strategy for, document the following:

    1. Product or team name.
    2. Sourcing strategy based on Define a Sourcing Strategy.
    3. The primary drivers that led to this selection – Business Dependence, Absorptive Capacity, Integration Complexity, Product Ownership, Culture or Vendor Management.
    4. The reasoning for the selection based on that factor – e.g. we chose nearshoring based on high business dependence by our development team.

    Download the Select a Sourcing Partner Presentation Template

    Input Output
    • Sourcing Strategy from Define a Sourcing Strategy for your Development Team
    • Reasoning that drove the sourcing strategy selection
    Materials Participants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leadership

    Define sourcing strategy factors

    Sourcing strategy

    Factors that led to selection

    Product you are seeking a sourcing solution for

    Strategy defined

    Key factors that led to that choice

    Reasoning

    ABC

    Outsourcing - Offshore

    • Product ownership
    • Business integration
    • Product maturity
    • Technical environment

    Mature product ownership and low requirement for direct business involvement.

    Mature product with lower environments in cloud.

    Step 2.2

    Prioritize your company factors

    Activities

    2.2.1 Prioritize the factors from your sourcing strategy and confirm if mitigation or adaptation are possible.

    This step involves the following participants:

    IT Leadership team

    Outcomes of this step

    Prioritized list of key factors

    2.2.1 Prioritize your sourcing strategy factors

    30 min

    1. For each of the factors listed in exercise 2.1, prioritize them by importance to the firm.
    2. For each factor, please confirm if there is room to drive change internally to overcome the lack of a match – for example, if the culture being changed in language and conflict resolution is an option, then say Yes for that factor.

    Download the Select a Sourcing Partner Presentation Template

    InputOutput
    • Sourcing Strategy factors from 2.1
    • Prioritized list of sourcing strategy factors
    MaterialsParticipants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leaders

    Sourcing strategy factors and priority

    Sourcing strategy

    Factors that led to selection

    Priority of factor in decision

    Change possible

    Product you are seeking a sourcing solution for

    Strategy defined

    Key factors that led to your choice

    Reasoning

    Priority of factor 1-x

    Is there an opportunity to adapt this factor to a partner?

    ABC

    Outsourcing - offshore

    • Product ownership
    • Business integration
    • Product maturity
    • Technical environment

    Mature product ownership

    Low requirement for direct business involvement

    Mature product with lower environments in cloud

    2

    1

    3

    N

    N

    Y

    Step 2.3

    Create target profile

    Activities

    2.3.1 Profile your best fit

    This step involves the following participants:

    IT Leadership team

    Outcomes of this step

    Profile of the target partner

    Profiling your best fit

    Creating a target profile will help you determine which partners should be included in the process.

    Given the complexity of all the factors and trying to find the best fit from a multitude of partners, Info-Tech recommends forming a target profile for your best fit of partner.

    This profile provides a detailed assessment matrix to use to review potential partners.

    Profile should be created based on priority; "must haves" are high priority, while properties that have mitigation opportunities are optional or lower priority.

    Criteria

    Priority

    Some US Govt contracts – data and staff in NATO

    1

    Windows environment – Azure DEVOPS

    2

    Clients in FS

    3

    Agile SDLC

    4

    Collaborative communication and conflict resolution

    5

    Mature product management

    6

    Languages English and Spanish

    7

    Partner Profile

    • Teams in NATO and non-NATO countries
    • Windows skills with Azure
    • Financial Services experience
    • Utilize Agile and willing to plug into our teams
    • Used to collaborating with clients in one team environment
    • One centre in Latin / South America

    Info-Tech Insight

    The factors we have defined serve to build us a profile for the ideal partner to engage in sourcing our development team. This profile will lead us to be able to define our RFP / RFI and assess respondents.

    Case study: Cognizant is partnering with clients on product development

    INDUSTRY: Technology Services

    SOURCE: Interview with Jay MacIsaac, Cognizant

    Cognizant is driving quality solutions for clients

    • Strives to be primarily an industry-aligned organization that delivers multiple service lines in multiple geographies.
    • Seeks to carefully consider client culture to create one team.
    • Value proposition is a consultative approach bringing thought leadership and mutually adding value to the relationship vs the more traditional order taker development partner
    • Wants to share in solution development to facilitate shared successes. Geographic alignment drives knowledge of the client and their challenges, not just about time zone and supportability.
    • Offers one of the largest offshore capabilities in the world, supported by local and nearshore resources to drive local knowledge.
    • Realizes today’s clients don’t typically want a black box, they are sophisticated and want transparency around the process and solution, to have a partner.
    • Understands that clients do want to know where the work is being delivered from and how it's being delivered, and want to help manage expectations and overall risk.

    Synergy with Info-Tech’s approach

    • Best relationship comes when teams operate as one.
    • Clients are seeking value, not a development black box.
    • Clients want to have a partner they can engage with, not just an order taker.
    • Goal is a one-team culture with shared goals and delivering business value.
    • Ideal is a partner that will add to their thinking, not echo it.

    Results of this approach

    • Cognizant is continuing to deliver double-digit growth and continues to strive for top quartile performance.
    • Growth in the client base has seen the company grow to over 340,000 associates worldwide.

    Case study: Cabot Technology Solutions uses industry knowledge to drive successful partnerships

    INDUSTRY: Technology Services

    SOURCE: Interview with Shibu Basheer, Cabot Technology Solutions

    Cabot Technology Solutions findings

    • Cabot Technology Solutions looks to partner with clients and deliver expertise and value, not just application development.
      • Focus on building deep knowledge in their chosen vertical, Healthcare.
      • Focus on partnering with clients in this space who are seeking a partner to provide industry knowledge and use this to propel them forward.
      • Look to work with clients seeking a one team philosophy.
      • Avoid clients looking for a cheap provider.
    • Recognizing the initial apprehension to India as a location, they have built a practice in Ontario that serves as a bridge for their offshore team.
    • Cabot overcame initial views and built trust, while integrating the India team in parallel.

    Synergy with Info-Tech approach

    • Preference is partners, not a client/vendor relationship.
    • Single country model is set aside in favor of mix of near and offshore.
    • Culture is a one team approach, not the more adversarial order-taker approach.
    • Goal is to build long-term relationships of value, not task management.

    Results of this approach

    • Cabot is a recognized as a top software development company in many markets across the USA.
    • Cabot continues to drive growth and build referenceable client relationships across North America.

    2.3.1 Profile your best fit

    30 min

    1. Document the list of skills you are seeking from the People Factors – Skills Inventory in Section 1.2 – these represent the skills you are seeking in a partner.
    2. Document the culture you are looking for in a partner with respect to communications and conflict resolution in the culture section of the requirements – this comes from Section 1.3.
    3. Confirm the type of partner you are seeking – nearshore, offshore, or outsourcing based on the sourcing strategy priorities in Section 2.2.
    4. Confirm constraints that the partner must work under based on constraints from your market and competitor factors in Section 1.1.
    5. Confirm your technical requirements in terms of environments, tools, and processes that the vendor must align to from Section 1.4.

    Download the Select a Sourcing Partner Presentation Template

    Input Output

    All exercises done in Steps 11-1.4 and 2.1-2.2

    Profile of a target partner to drive the RFx Criteria

    Materials Participants

    Select a Sourcing Partner for Your Development Team Presentation template

    Development leaders

    Deployment team leaders

    Infrastructure leaders

    IT operations leaders

    Product owners

    Project managers

    RFP skills requirement

    People skills required

    Product ownership

    Project management

    Skill

    Skill level required

    Tools / platform requirement

    Details of product management methodology and skills

    Details of firm's project management methodology

    .NET

    Medium

    Windows

    Highly mature, high skill

    Highly mature, high skill

    Java

    High

    Windows

    Low

    High

    RFx cultural characteristics

    Communication strategy

    Conflict resolution

    Organization / management

    Communication mediums supported

    Frequency of meetings expected

    Conflict resolutions strategies used at the firm

    Management methodology

    Face to face

    Weekly

    Collaborative

    Online

    Daily

    Hierarchical with manager

    Hierarchical

    RFx market constraints

    Constraints

    Partner proposal

    Constraint type

    Restrictions

    Market size required for

    Reasoning

    Data residency

    Data must stay in Canada for Canadian Gov't clients

    5% Canada public sector

    Competitive

    Offshoring dev means competition can take advantage

    95% Clients

    Need strategy to show data and leadership in NA, but delivering more innovation at lower cost by going offshore

    RFx technical requirements

    Technical environments

    Infrastructure

    Alignment of SDLC

    Tools required for development team

    Access control software required

    Infrastructure location

    Number of environments from development to production

    .Net Visual Studio

    Microsoft

    Azure

    4

    RFx scope of services

    Work being sourced

    Team sizing

    Work being sourced

    Skill level required

    Average size of release

    Releases per year

    Java development of new product

    High

    3-month development

    6

    .NET staff augmentation

    Medium

    ½-month development

    12

    Phase 3

    Choose the partner that will best enable you to move forward as one integrated team.

    Introspection

    1.1 Assess your market factors

    1.2 Determine your people factors

    1.3 Review your current culture

    1.4 Document your technical factors

    Profiling

    2.1 Recall your sourcing strategy

    2.2 Prioritize your company factors

    2.3 Create target profile

    Partner selection

    3.1 Review your RFx

    3.2 Identify target vendors

    3.3 Evaluate vendor

    responses

    Implementation

    4.1 Engage partner to choose contract mechanism

    4.2 Engage partner team to define goals

    4.3 Choose your success

    metrics

    For more details on Partner Selection, please refer to our research blueprint entitled Select an ERP Partner

    This phase will help you define your RFx for your provider search

    This phase involves the following participants:

    Vendor Management Team

    IT Leadership

    Finance Team

    Finding the right fit should always come before rates to determine value

    The right fit

    Determined in previous activities

    Negotiating will eventually bring the two together

    Value

    Rates

    Determined by skill and location

    Statement of Work (SOW) quality

    A quality SOW is the result of a quality RFI/RFP (RFx).

    The process up to now has been gathering the materials needed to build a quality RFx. Take this opportunity to review the outputs of the preceding activities to ensure that:

    • All the right stake holders have been engaged.
    • The requirements are complete.

    Info-Tech’s RFP Review as a Service looks for key items to ensure your RFx will generate quality responses and SOWs.

    • Is it well-structured with a consistent use of fonts and bullets?
    • Is it laid out in sections that are easily identifiable and progress from high-level to more detailed information?
    • Can a vendor quickly identify the ten (or fewer) things that are most important to you?

    The image contains a screenshot of the Request for Proposal Review as a Service.

    Step 3.1

    Review your RFx

    Activities

    3.1.1 Select your RFx template

    3.1.2 Finalize your RFx

    3.1.3 Weight each evaluation criteria

    This step involves the following participants:

    • Project team
    • Evaluation team
    • Vendor management team
    • CIO

    Outcomes of this step

    • Completed RFx

    Info-Tech’s RFI/RFP process

    Info-Tech has well-established vendor management templates and practices

    • Identify Need
    • Define Business Requirements
    • Gain Business Authorization
    • Perform RFI/RFP
    • Negotiate Agreement
    • Purchase Goods and Services
    • Assess and Measure Performance

    Info-Tech Best Practice

    You’ll want to customize templates for your organization, but we strongly suggest that you take whatever you feel best meets your needs from both the long- and short-form RFPs presented in this blueprint.

    The secret to managing an RFP is to make it manageable. And the secret to making an RFP manageable is to treat it like any other aspect of business – by developing a process. With a process in place, you are better able to handle whatever comes your way, because you know the steps you need to follow to produce a top-notch RFP.

    Your RFP process should be tailored to fit the needs and specifics of your organization and IT.

    Info-Tech Insight

    Create a better RFP process using Info-Tech’s well-established templates and methodology.

    Create a Better RFP Process

    In a hurry? Consider an enhanced RFI instead of an RFP.

    While many organizations rarely use RFIs, they can be an effective tool in the vendor manager’s toolbox when used at the right time in the right way. RFIs can be deployed in competitive targeted negotiations. An enhanced RFI (ERFI) is a two-stage strategy that speeds up the typical RFP process. The first stage is like an RFI on steroids, and the second stage is targeted competitive negotiation.

    Stage 1:

    Create an RFI with all the customary components. Next, add a few additional RFP-like requirements (e.g. operational and technical requirements). Make sure you include a request for budgetary pricing and provide any significant features and functionality requirements so that the vendors have enough information to propose solutions. In addition, allow the vendors to ask questions through your single point of coordination and share answers with all the vendors. Finally, notify the vendors that you will not be doing an RFP – this is it!

    Stage 2:

    Review the vendors’ proposals and select the best two. Negotiate with both vendors and then make your decision.

    The ERFI shortens the typical RFP process, maintains leverage for your organization, and works great with low- to medium-spend items (however your organization defines them). You’ll get clarification on vendors’ competencies and capabilities, obtain a fair market price, and meet your internal clients’ aggressive timelines while still taking steps to protect your organization.

    RFI Template

    The image contains a screenshot of the RFI Template.

    Use this template to create your RFI baseline template. Be sure to modify and configure the template to your organization’s specifications.

    Request for Information Template

    Long-Form RFP Template

    Configure Info-Tech’s Long-Form RFP Template for major initiatives

    The image contains a screenshot of the long-form RFP Template.

    A long-form or major RFP is an excellent tool for more complex and complicated requirements. This example is for a baseline RFP.

    It starts with best-in-class RFP terms and conditions that are essential to maintaining your control throughout the RFP process. The specific requirements for the business, functional, technical, and pricing areas should be included in the exhibits at the end of the template. That makes it easier to tailor the RFP for each deal, since you and your team can quickly identify specific areas that need modification. Grouping the exhibits together also makes it convenient for both your team to review, and the vendors to respond.

    You can use this sample RFP as the basis for your template RFP, taking it all as is or picking and choosing the sections that best meet the mission and objectives of the RFP and your organization.

    Source: Info-Tech’s The Art of Creating a Quality RFP

    Short-Form RFP Template

    Configure Info-Tech’s Short-Form RFP Template for minor or smaller initiatives

    The image contains a screenshot of the Short-Form RFP Template.

    This example is for a less complex RFP that has relatively basic requirements and perhaps a small window in which the vendors can respond. As with the long-form RFP, exhibits are placed at the end of the RFP, an arrangement that saves time for both your team and the vendors. Of course, the short-form RFP contains fewer specific instructions, guidelines, and rules for vendors’ proposal submissions.

    We find that short-form RFPs are a good choice when you need to use something more than a request for quote (RFQ) but less than an RFP running 20 or more pages. It’s ideal, for example, when you want to send an RFP to only one vendor or to acquire items such as office supplies, contingent labor, or commodity items that require significant vendor's risk assessment.

    Source: The Art of Creating a Quality RFP

    3.1.1 Select your RFx template

    1-3 hours

    1. As a group, download the RFx templates from the previous three slides.
    2. Review your RFx process as a group. Be sure to include the vendor management team.
    3. Be sure to consider organization-specific procurement guidelines. These can be included. The objective here is to find the template that is the best fit. We will finalize the template in the next activity.
    4. Determine the best template for this project.
    Input Output
    • RFx templates
    • The RFx template that will be used for this project
    Materials Participants
    • Info-Tech’s Enhanced RFI Template, Long-Form RFP Template, and Short-Form RFP Template
    • Vendor management team
    • Project team
    • Project manager

    Finalize your RFx

    Key insights

    Leverage the power of the RFP

    • Too often RFPs fail to achieve their intended purposes, and your organization feels the effects of a poorly created RFP for many years.
    • If you are faced with a single source vendor, you can perform an RFP to one to create the competitive leverage.

    Make the response and evaluation process easier

    • Being strategic in your wording and formatting makes it easier on both parties – easier for the vendors to submit meaningful proposals, and easier for customer teams to evaluate.
    • Create a level playing field to encourage competition. Without multiple proposals, your options are limited and your chances for a successful project plummet.

    Maximize the competition

    • Leverage a pre-proposal conference to resolve vendor questions and to ensure all vendors receive the same answers to all questions. No vendor should have an information advantage.

    Do’s

    • Leverage your team’s knowledge.
    • Document and explain your RFP process to stakeholders and vendors.
    • Include contract terms in your RFP.
    • Measure and manage performance after contract award.
    • Seek feedback from the RFP team on your process and improve it as necessary.

    Don'ts

    • Reveal your budget.
    • Do an RFP in a vacuum.
    • Send an RFP to a vendor your team is not willing to award the business to.
    • Hold separate conversations with candidate vendors during your RFP process.
    • Skimp on the requirements definition to speed the process.
    • Tell the vendor they are selected before negotiating.

    3.1.2 Finalize your RFx

    1-3 hours

    1. As a group, review the selected RFI or RFP template.
    2. This is YOUR document. Modify it to suit the needs of the organization and even add sections from the other RFP templates that are relevant to your project.
    3. Use the Supplementary RFx Material as a guide.
    4. Add the content created in Steps 1 and 2.
    5. Add any organization-specific clauses or requirements.
    6. Have the project team review and comment on the RFP.
    7. Optional: Use Info-Tech’s RFP Review Concierge Service.

    Download the RFx Vendor Evaluation Tool

    Download the Supplementary RFx Material

    InputOutput
    • RFx template
    • Organizational specific guidelines
    • Materials from Steps 1 and 2
    • Supplementary RFx Material
    • Finalized RFx
    MaterialsParticipants
    • Electronic RFP document for editing
    • Vendor management team
    • Project team
    • Project manager

    3.1.2 Bring it all together

    Supplementary RFx Material

    The image contains a screenshot of Supplementary RFx Material.

    Review the sample content to get a feel for how to incorporate the results of the activities you have worked through into the RFx template.

    RFx Templates

    Use one of our templates to build a ready-for-distribution implementation partner RFx tailored to the unique success factors of your implementation.

    Exercises in Steps 1 and 2

    The image contains a screenshot of Exercises in Steps 1 and 2

    Use the material gathered during each activity to inform and populate the implementation partner requirements that are specific for your organization and project.

    The image contains a screenshot of the Long Form RFx template.The image contains a screenshot of the Short Form RFx template.

    3.1.3 Weight each evaluation criteria

    1-3 hours

    1. As a group, review the selected RFI or RFP template.
    2. This is your document. Modify it to suit the needs of the organization and even add sections from the other RFP templates that are relevant to your project.
    3. Use the Supplementary RFx Material as a guide.
    4. Utilize the content defined in Steps 1 and 2.
    5. Add any organization-specific clauses or requirements.
    6. Have the project team review and comment on the RFP.
    7. Optional: Use Info-Tech’s RFP Review Concierge Service.

    Download the Supplementary RFx Material

    InputOutput

    RFx Vendor Evaluation Tool

    Exercises from Steps 1 and 2

    • Weighted scoring tool to evaluate responses
    MaterialsParticipants
    • RFx Vendor Evaluation Tool
    • Supplementary RFx Material
    • Vendor management team
    • Project team
    • Project manager

    3.1.3 Apply weight to each evaluation criteria

    Use this tool to weight each critical success factor based on results of the activities within the vendor selection workbook for later scoring results.

    The image contains a screenshot of the RFx Vendor Evaluation Tool.

    Download the RFx Vendor Evaluation Tool

    Step 3.2

    Identify target vendors

    Activities

    3.2.1 Identify target vendors

    3.2.2 Define your RFx timeline

    This step involves the following participants:

    • Project team
    • Vendor management team

    Outcomes of this step

    • Targeted vendor list
    • Initial RFx timeline

    3.2.1 Identify target vendors

    1-3 hours

    1. Based on the profile defined in Step 2.3, research potential partners that fit the profile, starting with those you may have used in the past. From this, build your initial list of vendors to target with your RFx.
    2. Break into smaller groups (or continue as a single group if it is already small) and review each shortlisted vendor to see if they will likely respond to the RFx.
    Input Output
    • Websites
    • Peers
    • Advisory groups
    • A shortlist of vendors to target with your RFx
    Materials Participants
    • RFx Vendor Evaluation Tool
    • CIO
    • Vendor management team
    • Project team
    • Evaluation team

    Download the RFx Vendor Evaluation Tool

    Define your RFx timeline

    Provider RFx timelines need to be clearly defined to keep the project and participants on track. These projects and processes can be long. Set yourself up for success by identifying the time frames clearly and communicating them to participants.

    1. Current
    • Concurrent ERP product selection
    • RFx preparation
    • Release of RFX
  • Near-term
    • Responses received
    • Scoring responses
    • Shortlisting providers
    • Provider interviews
    • Provider selection
    • Provider contract negotiations
    • Contract with provider
  • Future
    • Initiation of knowledge transfer
    • Joint development period
    • Cutover to provider team

    89% of roadmap views have at least some representation of time. (Roadmunk, n.d.)

    Info-Tech Insight

    The true value of time horizons is in dividing your timeline and applying different standards and rules, which allows you to speak to different audiences and achieve different communication objectives.

    3.2.2 Define your RFx timeline

    1-3 hours

    1. As a group identify an appropriate timeline for your RFP process. Info-Tech recommends no less than three months from RFx release to contract signing.

      Keep in mind that you need to allow for time to engage the team and perform some level of knowledge transfer, and to seed the team with internal resources for the initial period.
    2. Leave enough time for vendor responses, interviews, and reference checks.
    3. Once the timeline is finalized, document it and communicate it to the organization.

    Download the RFx Vendor Evaluation Tool

    Input Output
    • RFx template
    • Provider RFx timeline
    Materials Participants
    • RFx Vendor Evaluation Tool
    • Vendor management team
    • Project team
    • Project manager

    Define your RFx timeline

    The image contains a screenshot of an example of an RFx timeline.

    Step 3.3

    Evaluate vendor responses

    Activities

    3.3.1 Evaluate responses

    This step involves the following participants:

    • Evaluation team

    Outcomes of this step

    • Vendor submission scores

    3.3.1 Evaluate responses

    1-3 hours

    1. Use the RFx Vendor Evaluation Tool to collect and record the evaluation team's scores for each vendor's response to your RFx.
    2. Then record and compare each team member's scores to rank the vendors' responses.
    3. The higher the score, the closer the fit.

    Download the RFx Vendor Evaluation Tool

    InputOutput
    • Vendor responses
    • Vendor presentations
    • Vendor scores
    MaterialsParticipants
    • RFx Vendor Evaluation Tool
    • Evaluation team

    3.3.1 Score vendor results

    Use the RFx Vendor Evaluation Tool to score the vendors' responses to your RFx using the weighted scale from Activity 3.1.3.

    The image contains a screenshot of the RFx Vendor Evaluation Tool.

    Download the RFx Vendor Evaluation Tool

    Phase 4

    Measuring the new relationship

    Introspection

    1.1 Assess your market factors

    1.2 Determine your people factors

    1.3 Review your current culture

    1.4 Document your technical factors

    Profiling

    2.1 Recall your sourcing strategy

    2.2 Prioritize your company factors

    2.3 Create target profile

    Partner selection

    3.1 Review your RFx

    3.2 Identify target vendors

    3.3 Evaluate vendor

    responses

    Implementation

    4.1 Engage partner to choose contract mechanism

    4.2 Engage partner team to define goals

    4.3 Choose your success

    metrics

    This phase will allow you to define the relationship with your newly chosen partner, including choosing the right contract mechanism, defining shared goals for the relationship, and selecting the metrics and processes to measure performance.

    This phase involves the following participants:

    IT leadership

    Procurement team

    Product owners

    Project managers

    Implementing the Partner

    Implementing the new partner is an exercise in collaboration

    • Successfully implementing your new partner is an exercise in working together
    1. Define a contract mechanism that is appropriate for the relationship, but is not meant as punitive, contract-based management – this sets you up for failure.
    2. Engage with your team and your partner as one team to build shared, measurable goals
    3. Work with the team to define the metrics and processes by which progress against these goals will be measured
  • Goals, metrics and process should be transparent to the team so all can see how their performance ties to success
  • Make sure to take time to celebrate successes with the whole team as one
  • Info-Tech Insight

    Implement the relationship the same way you want it to work: as one team. Work together on contract mechanism, shared goals, metrics, and performance measurement. This transparency and collaboration will build a one team view, leading to long-term success.

    Step 4.1

    Engage partner to choose contract mechanism

    Activities

    4.1.1 Confirm your contract mechanism

    This step involves the following participants:

    IT leadership

    Procurement team

    Vendor team

    Outcomes of this step

    Contract between the vendor and the firm for the services

    Negotiate agreement

    Evaluate your RFP responses to see if they are complete and if the vendor followed your instructions.

    Then:

    Plan negotiation(s) with one or more vendors based on your questions and opportunities identified during evaluation.

    Select finalist(s).

    Apply selection criteria.

    Resolve vendors' exceptions.

    Negotiate before you select your vendor:

    Negotiating with two or more vendors will maintain your competitive leverage while decreasing the time it takes to negotiate the deal.

    Perform legal reviews as necessary.

    Use sound competitive negotiations principles.

    Info-Tech Insight

    Be certain to include any commitments made in the RFP, presentations, and proposals in the agreement, as the standard for an underperforming vendor.

    Info-Tech Insight

    Providing contract terms in an RFP can dramatically reduce time for this step by understanding the vendor’s initial contractual position for negotiation.

    Leverage ITRG's negotiation process research for additional information

    For more details on this process please see our research Drive Successful Sourcing Outcomes with a Robust RFP Process

    4.1.1 Confirm your contract mechanism

    30 min

    1. Does the firm have prior experience with this type of sourcing arrangement?
    2. Does the firm have an existing services agreement with the selected partner?
    3. What contract mechanisms have been used in the past for these types of arrangements?
    4. What mechanism was proposed by the partner in their RFP response?

    Download the Select a Sourcing Partner Presentation Template

    Input Output
    • Past sourcing agreements from Procurement
    • Proposed agreement from partner
    • Agreed upon contract mechanism
    Materials Participants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leaders
    • Vendor management group
    • Partner leaders

    Choose the appropriate contract method

    Work being sourced

    Partner proposal

    Agreed-upon mechanism

    Work being sourced

    Vendor management experience with type

    Partner proposed contract method

    Agreed-upon contract method

    Java development team to build new product

    Similar work done with fixed price with another vendor

    Time and materials per scrum team

    Time and materials per scrum team to avoid vendor conflicts inherent in fixed price which limit innovation

    Step 4.2

    Engage partner team to define shared goals

    Activities

    4.2.1 Define your shared goals

    This step involves the following participants:

    IT leadership

    Vendor leadership

    Outcomes of this step

    Shared goals for the team

    Define success and shared goals

    Work together to define how you will measure yourselves.

    One team

    • Treating the new center and the existing team as one team is critical to long-term success.
    • Having a plan that allows for teams to meet frequently face-to-face "get to know you" and "stay connected" sessions will help the team gel.

    Shared goals

    • New group must share common goals and measurements.

    Common understanding

    • New team must have a common understanding and culture on key facets such as:
      • Measurement of quality
      • Openness to feedback and knowledge sharing
      • Culture of collaboration
      • Issue and Risk Management

    4.2.1 Define your shared goals

    30 min

    1. List each item in the scope of work for the sourcing arrangement – e.g. development of product XXX.
    2. For each scope item, detail the benefit expected by the firm – e.g. development cost expected to drop by 10% per year, or customer satisfaction improvement.
    3. For each benefit define how you will measure success – e.g. track cost of development for the development team assigned, or track Customer Satisfaction Survey results.
    4. For each measure, define a target for this year – e.g. 10% decrease over last year's cost, or customer satisfaction improvement from 6 to 7.

    Download the Select a Sourcing Partner Presentation Template

    InputOutput
    • Services being procured from RFx
    • Benefits expected from the sourcing strategy
    • Baseline scores for measurements
    • Shared goals agreed upon between team and partner
    MaterialsParticipants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Technology leaders
    • Partner leaders

    Define goals collaboratively

    Role and benefit

    Goals and objectives

    Role / work being sourced

    Benefit expected

    Measure of success

    Year over year targets

    Java development team to build new product

    New product to replace aging legacy

    Launch of new product

    Agree on launch schedule and MVP for each release / roadmap

    Step 4.3

    Choose your success metrics

    Activities

    4,3.1 Define metrics and process to monitor

    This step involves the following participants:

    IT leadership

    Product owners

    Project managers

    Vendor leaders

    Outcomes of this step

    Metrics and process to measure performance

    4.3.1 Define metrics and process to monitor

    30 min

    1. For each goal defined and measure of success, break down the measure into quantifiable, measurable factors – e.g. Development cost is defined as all the costs tracked to the project including development, deployment, project management, etc.
    2. For each factor choose the metric that can be reported on – e.g. project actuals.
    3. For each metric define the report and reporting frequency – e.g. monthly project actuals from project manager.

    Download the Select a Sourcing Partner Presentation Template

    InputOutput
    • Development process
    • Deployment process
    • Operations process
    • IT Security policies
    • Documentation of key technical characteristics that need to be part of provider profiling
    MaterialsParticipants
    • Select a Sourcing Partner for Your Development Team Presentation template
    • Development leaders
    • Deployment team leaders
    • Infrastructure leaders
    • IT operations leaders
    • Product owners
    • Project managers

    Agreed-upon metrics

    Goal

    Metrics and process

    Agreed-upon goal

    Year 1 target

    Metric to measure success

    Measurement mechanism

    Deliver roadmap of releases

    3 releases – MVP in roadmap

    Features and stories delivered

    Measure delivery of stories from Jira

    Research Contributor

    The image contains a picture of Alaisdar Graham.

    Alaisdar Graham

    Executive Counsellor

    Info-Tech Research Group

    During Alaisdar’s 35-year career in information and operational technology, Alaisdar has been CIO for public sector organizations and private sector companies. He has been an entrepreneur with his own consultancy and a founder or business advisor with four cyber-security start-ups, Alaisdar has developed experience across a broad range of industries within a number of different countries and become known for his ability to drive business benefits and improvements through the use of technology.

    Alaisdar has worked with CXO-level executives across different businesses. Whether undertaking a digital transformation, building and improving IT functions across your span of control, or helping you create and execute an integrated technology strategy, Alaisdar can provide insight while introducing you to Info-Tech Research Group’s experts. Alaisdar’s experience with organizational turn- around, governance, project, program and portfolio management, change management, risk and security will support your organization’s success.

    Research Contributor

    The image contains a picture of Richard Nachazel.

    Richard Nachazel

    Executive Counsellor

    Info-Tech Research Group

    • Richard has more than 40 years working in various Fortune 500 organizations. His specialties are collaborating with business and IT executives and senior stakeholders to define strategic goals and transform operational protocols, standards, and methodologies. He has established a reputation at multiple large companies for taking charge of critical, high-profile enterprise projects in jeopardy of failure and turning them around. Colleagues and peers recognize his ability to organize enterprise efforts, build, develop, and motivate teams, and deliver outstanding outcomes.
    • Richard has worked as a Global CISO & Head of IT Governance for a Swiss Insurance company, Richard developed and led a comprehensive Cyber-Security Framework that provided leadership and oversight of the cyber-security program. Additionally, he was responsible for their IT Governance Risk & Compliance Operation and the information data security compliance in a complex global environment. Richard’s experience with organizational turn around, governance, risk, and controls, and security supports technology delivery integration with business success. Richard’s ability to engage executive and senior management decision makers and champion vision will prove beneficial to your organization.

    Research Contributor

    The image contains a picture of Craig Broussard.

    Craig Broussard

    Executive Counsellor

    Info-Tech Research Group

    • Craig has over 35 years of IT experience including software development, enterprise system management, infrastructure, and cyber security operations. Over the last 20 years, his focus has been on infrastructure and security along with IT service management. He’s been an accomplished speaker and panelist at industry trade events over the past decade.
    • Craig has served as Global Infrastructure Director for NCH Corporation, VP of Information Technology at ATOS, and earlier in his career as the Global Head of Data Center Services at Nokia Siemens Networks. Craig also worked for MicroSolutions (a Mark Cuban Company). Additionally, Craig received formal consulting training while working for IBM Global Services.
    • Craig’s deep experience across many aspects of IT from Governance through Delivery makes him an ideal partner for Info-Tech members.

    Bibliography

    Offshore, Onshore or Hybrid–Choosing the Best IT Outsourcing Model. (n.d.).
    Offshore Dedicated Development Team – A Compelling Hiring Guide. (n.d.).
    The Three Non-Negotiables Of IT Offshoring. (n.d.). Forbes.
    Top Ten Countries For Offshoring. Forbes, 2004.
    Nearshoring in Europe: Choose the Best Country for IT Outsourcing - The World Financial Review. (n.d.).
    Select an Offshore Jurisdiction. The Best Countries for Business in 2021-2022! | InternationalWealth.info. (n.d.).
    How to Find the Best Country to Set Up an Offshore Company. (n.d.). biz30.
    Akbar, M. A., Alsanad, A., Mahmood, S., & Alothaim, A. (2021). Prioritization-based taxonomy of global software development challenges: A FAHP based analysis. IEEE Access, 9, 37961–37974
    Ali, S. (2018). Practices in Software Outsourcing Partnership: Systematic Literature Review Protocol with Analysis. Journal of Computers, (February), 839–861
    Baird Georgia, A. (2007). MISQ Research Curation on Health Information Technology 2. Progression of Health IT Research in MIS Quarterly. MIS Quarterly, 2007(June), 1–14.
    Akbar, M. A., Alsanad, A., Mahmood, S., & Alothaim, A. (2021). Prioritization-based taxonomy of global software development challenges: A FAHP based analysis. IEEE Access, 9, 37961–37974
    Ali, S. (2018). Practices in Software Outsourcing Partnership: Systematic Literature Review Protocol with Analysis. Journal of Computers, (February), 839–861
    Baird Georgia, A. (2007). MISQ Research Curation on Health Information Technology 2. Progression of Health IT Research in MIS Quarterly. MIS Quarterly, 2007(June), 1–14.
    Carmel, E., & Abbott, P. (2006). Configurations of global software development: offshore versus nearshore. … on Global Software Development for the Practitioner, 3–7.
    Hanafizadeh, P., & Zare Ravasan, A. (2018). A model for selecting IT outsourcing strategy: the case of e-banking channels. Journal of Global Information Technology Management, 21(2), 111–138.
    Ishizaka, A., Bhattacharya, A., Gunasekaran, A., Dekkers, R., & Pereira, V. (2019). Outsourcing and offshoring decision making. International Journal of Production Research, 57(13), 4187–4193.
    Jeong, J. J. (2021). Success in IT offshoring: Does it depend on the location or the company? Arxiv.
    Joanna Minkiewicz, J. E. (2009). Deakin Research Online Online. 2007, Interrelationships between Innovation and Market Orientation in SMEs, Management Research News, Vol. 30, No. 12, Pp. 878-891., 30(12), 878–891.

    Bibliography

    King, W. R., & Torkzadeh, G. (2016). Special Issue Information Systems Offshoring : Research Status and Issues. MIS Quarterly, 32(2), 205–225.
    Kotlarsky, J., & Oshri, I. (2008). Country attractiveness for offshoring and offshore outsourcing: Additional considerations. Journal of Information Technology, 23(4), 228–231.
    Lehdonvirta, V., Kässi, O., Hjorth, I., Barnard, H., & Graham, M. (2019). The Global Platform Economy: A New Offshoring Institution Enabling Emerging-Economy Microproviders. Journal of Management, 45(2), 567–599.
    Mahajan, A. (2018). Risks and Benefits of Using Single Supplier in Software Development. Oulu University of Applied Sciences. Retrieved from
    Murberg, D. (2019). IT Offshore Outsourcing: Best Practices for U.S.-Based Companies. University of Oregon Applied Information Management, 1277(800), 824–2714.
    Nassimbeni, G., Sartor, M., & Dus, D. (2012). Security risks in service offshoring and outsourcing. Industrial Management and Data Systems, 112(3), 405–440.
    Olson, G. M., & Olson, J. S. (2000). Distance matters. Human-Computer Interaction, 15(2–3), 139–178.
    Pilkova, A., & Holienka, M. (2018). Home-Based Business in Visegrad Countries: Gem Perspective. Innovation Management, Entrepreneurship and Sustainability 2018 Proceedings of the 6th International Conference.
    Rahman, H. U., Raza, M., Afsar, P., Alharbi, A., Ahmad, S., & Alyami, H. (2021). Multi-criteria decision making model for application maintenance offshoring using analytic hierarchy process. Applied Sciences (Switzerland), 11(18).
    Rahman, H. U., Raza, M., Afsar, P., Khan, H. U., & Nazir, S. (2020). Analyzing factors that influence offshore outsourcing decision of application maintenance. IEEE Access, 8, 183913–183926.
    Roadmunk. What is a product roadmap? Roadmunk, n.d. Accessed 12 Oct. 2021.
    Rottman, J. W., & Lacity, M. C. (2006). Proven practices for effectively offshoring IT work. MIT Sloan Management Review.
    Smite, D., Moe, N. B., Krekling, T., & Stray, V. (2019). Offshore Outsourcing Costs: Known or Still Hidden? Proceedings - 2019 ACM/IEEE 14th International Conference on Global Software Engineering, ICGSE 2019, 40–47.
    Welsum, D. Van, & Reif, X. (2005). Potential Offshoring: Evidence from Selected OECD Countries. Brookings Trade Forum, 2005(1), 165–194.
    Zhang, Y., Liu, S., Tan, J., Jiang, G., & Zhu, Q. (2018). Effects of risks on the performance of business process outsourcing projects: The moderating roles of knowledge management capabilities. International Journal of Project Management, 36(4), 627–639.

    Optimize the IT Operating Model

    • Buy Link or Shortcode: {j2store}392|cart{/j2store}
    • member rating overall impact (scale of 10): 9.4/10 Overall Impact
    • member rating average dollars saved: $89,374 Average $ Saved
    • member rating average days saved: 31 Average Days Saved
    • Parent Category Name: Organizational Design
    • Parent Category Link: /organizational-design
    • Organizations have to adapt to a growing number of trends, putting increased pressure on IT to move at the same speed as the business.
    • The business, seeing that IT is slower to react, looks to external solutions to address its challenges and capitalize on opportunities.
    • IT and business leaders don’t have a clear and unified understanding or definition of an operating model.

    Our Advice

    Critical Insight

    • The IT operating model is not a static entity and should evolve according to changing business needs.
    • However, business needs are diverse, and the IT organization must recognize that the business includes groups that consume technology in different patterns. The IT operating model needs to support and enable multiple groups, while continuously adapting to changing business conditions.

    Impact and Result

    • Determine how each technology consumer group interacts with IT. Use consumer experience maps to determine what kind of services consumer groups use and if there are opportunities to improve the delivery of those services.
    • Identify how changing business conditions will affect the consumption of technology services. Classify your consumers based on business uncertainty and reliance on IT to plan for the future delivery of services.
    • Optimize the IT operating model. Create a target IT operating model based on the gathered information about technology service consumers. Select different implementations of common operating model elements: governance, sourcing, process, and structure.

    Optimize the IT Operating Model Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how implementing an IT operating model based on the needs of technology service consumers will improve the delivery of IT services and alignment with IT and business strategy.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Construct the IT services consumer experience maps

    Assess the current situation by identifying technology service consumers in the organization, their interfaces with IT, the level of service they require, and their sentiment toward IT.

    • Optimize the IT Operating Model – Phase 1: Construct the IT Services Consumer Experience Maps
    • Consumer Experience Map and Profiles

    2. Classify IT service consumers based on business needs

    Categorize the technology consumer groups into four business profiles based on their characteristics to identify implications based on technology consumption patterns for the target IT operating model.

    • Optimize the IT Operating Model – Phase 2: Classify IT Service Consumers Based on Business Needs

    3. Determine the target IT operating model

    Select implementation models for the four core elements of the IT operating model and optimize governance, sourcing, process, and organizational structure to create the target IT operating model.

    • Optimize the IT Operating Model – Phase 3: Determine the Target IT Operating Model
    • Target IT Operating Model

    4. Create a roadmap to develop the target IT operating model

    Create, assess, and prioritize initiatives to reach the target IT operating model. Construct a roadmap to show initiative execution.

    • Optimize the IT Operating Model – Phase 4: Create a Roadmap to Develop the Target IT Operating Model
    • IT Operating Model Roadmap
    [infographic]

    Workshop: Optimize the IT Operating Model

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify Organizational Strategy and Technology Consumer Groups

    The Purpose

    Identify the IT and business strategies, so that the target IT operating model can be constructed to support them.

    Key Benefits Achieved

    Identify the implications for the IT operating model and understand how to optimally construct it.

    Create consumer groups for consumer experience mapping and consumer profile classification.

    Activities

    1.1 Review business and IT strategies.

    1.2 Identify implications for the IT operating model.

    1.3 Identify internal technology consumer groups.

    1.4 Identify external technology consumer groups.

    Outputs

    Implications for the IT operating model

    List of internal and external technology service consumer groups

    2 Map the Consumer Experience and Identify Consumption Patterns (Consumer Group 1)

    The Purpose

    Identify the interfaces with IT for the consumer group, its level of technology service requirement, its sentiment toward IT, and its needs from IT.

    Key Benefits Achieved

    Consumer group needs from IT and feelings toward IT are identified.

    Activities

    2.1 Identify interview candidates for the consumer groups.

    2.2 Complete consumer group questionnaire.

    2.3 Complete consumer experience map.

    2.4 Classify the consumer group into a business profile.

    Outputs

    Consumer experience map for first group

    Business profile classification

    3 Map the Consumer Experience and Identify Consumption Patterns (Consumer Group 2)

    The Purpose

    Continue mapping the experience of consumer groups and classify them into profiles based on their needs to draw implications for the target IT operating model.

    Key Benefits Achieved

    Consumption patterns from the consumer groups are defined and implications for the target IT operating model are drawn.

    Activities

    3.1 Continue interviews for consumer groups.

    3.2 Complete consumer experience map.

    3.3 Classify the consumer group into a business profile.

    3.4 Aggregate the consumption patterns for the business profile and document implications.

    Outputs

    Consumer experience map for second group

    Business profile classification

    Aggregated consumption patterns

    Implications for consumption patterns

    4 Create the Target IT Operating Model

    The Purpose

    Map the target operating model to show how each element of the IT operating model supports the delivery of IT services to the consumer groups.

    Key Benefits Achieved

    Identify whether the current IT operating model is optimally supporting the delivery of IT services to consumer groups from the four core IT operating model elements.

    Activities

    4.1 Determine the approach to IT governance.

    4.2 Select the optimal mix of sourcing models.

    4.3 Customize the approach to process implementation.

    4.4 Identify the target organizational structure.

    Outputs

    Target IT operating model

    5 Build a Roadmap and Create Initiatives to Reach the Target

    The Purpose

    Create initiatives and communicate them with a roadmap to show how the organization will arrive at the target IT operating model.

    Key Benefits Achieved

    The steps to reach the IT operating model are created, assessed, and prioritized.

    Steps are ordered for presentation.

    Activities

    5.1 Identify initiatives to reach the target IT operating model.

    5.2 Create initiative profiles to assess initiative quality.

    5.3 Prioritize initiatives based on business conditions.

    5.4 Create a roadmap to communicate initiative execution.

    Outputs

    Initiative profiles

    Sunshine diagram

    Fix Your IT Culture

    • Buy Link or Shortcode: {j2store}518|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $32,499 Average $ Saved
    • member rating average days saved: 20 Average Days Saved
    • Parent Category Name: Lead
    • Parent Category Link: /lead
    • Go beyond value statements to create a culture that enables the departmental strategy.
    • There is confusion about how to translate culture from an abstract concept to something that is measurable, actionable, and process driven.
    • Organizations lack clarity about who is accountable and responsible for culture, with groups often pointing fingers at each other.

    Our Advice

    Critical Insight

    • When it comes to culture, the lived experience can be different from stated values. Culture is the pattern of behaviors and the way work is done rather than simply perks, working environment, and policy.
    • Executives’ active participation in culture change is paramount. If executives aren’t willing to change the way they behave, attempts to shift the culture will fail.
    • Elevate culture to a business imperative. Foster a culture that is linked to strategy rather than trying to replicate the hot culture of the moment.
    • Target values that will have the greatest impact. Select a few focus values as a guide and align all behaviors and work practices to those values.

    Impact and Result

    • Executives need to clarify how the culture they want will help achieve their strategy and choose the focus values that will have the maximum impact.
    • Measure the current state of culture and facilitate the process of leveraging existing elements while shifting undesirable ones.

    Fix Your IT Culture Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should improve your culture to enable your strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assessment: Determine current culture and identify focus values

    Complete a cultural assessment and select focus values to form core culture efforts.

    • Culture Documentation Template
    • IT Departmental Values Survey
    • IT Culture Diagnostic
    • Cultural Assessment Report Template

    2. Tools: Give IT executives the tools to drive change

    Enable executives to gather feedback on behavioral perceptions and support behavioral change.

    • Executive Reflection Template

    3. Behavioral Alignment: Align IT behaviors to the desired culture

    Review all areas of the department to understand where the links to culture exist and create a communication plan.

    • Standard Internal Communications Plan
    • IT Competency Library
    • Leadership Competency Library

    4. Sustainment: Disseminate and manage culture within the department

    Customize a process to infuse behaviors aligned with focus values in work practices and complete the first wave of meetings.

    • Culture Facilitation Guide for Leaders
    [infographic]

    Select a Security Outsourcing Partner

    • Buy Link or Shortcode: {j2store}246|cart{/j2store}
    • member rating overall impact (scale of 10): 8.8/10 Overall Impact
    • member rating average dollars saved: $13,739 Average $ Saved
    • member rating average days saved: 8 Average Days Saved
    • Parent Category Name: Security Processes & Operations
    • Parent Category Link: /security-processes-and-operations
    • Most organizations do not have a clear understanding of their current security posture, their security goals, and the specific security services they require. Without a clear understanding of their needs, organizations may struggle to identify a partner that can meet their requirements.
    • Breakdowns and lack of communication can be a significant obstacle, especially when clear lines of communication with partners, including regular check-ins, reporting, and incident response protocols, have not been clearly established.
    • Ensuring that security partners’ systems and processes integrate seamlessly with existing systems can be a challenge for most organizations in addition to making sure that security partners have the necessary access and permissions to perform their services effectively.
    • Adhering to security policies is rarely a priority to users as compliance often feels like an interference to daily workflow. For a lot of organizations, security policies are not having the desired effect.

    Our Advice

    Critical Insight

    • You can outsource your responsibilities but not your accountability.
    • Be aware that in most cases, the traditional approach is more profitable to MSSPs, and they may push you toward one, so make sure you get the service you want, not what they prescribe.

    Impact and Result

    • Determine which security responsibilities can be outsourced and which should be insourced and the right procedure to outsourcing to gain cost savings, improve resource allocation, and boost your overall security posture.

    Select a Security Outsourcing Partner Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Select a Security Outsourcing Partner Storyboard – A guide to help you determine your requirements and select and manage your security outsourcing partner.

    Our systematic approach will ensure that the correct procedure for selecting a security outsourcing partner is implemented. This blueprint will help you build and implement your security policy program by following our three-phase methodology: determine what to outsource, select the right MSSP, and manage your MSSP.

    • Select a Security Outsourcing Partner – Phases 1-3

    2. MSSP RFP Template – A customizable template to help you choose the right security service provider.

    This modifiable template is designed to introduce consistency and outline key requirements during the request for proposal phase of selecting an MSSP.

    • MSSP RFP Template

    Infographic

    Further reading

    Select a Security Outsourcing Partner

    Outsource the right functions to secure your business.

    Analyst Perspective

    Understanding your security needs and remaining accountable is the key to selecting the right partner.

    The need for specialized security services is fast becoming a necessity to most organizations. However, resource challenges will always mean that organizations will still have to take practical measures to ensure that the time, quality, and service that they require from outsourcing partners have been carefully crafted and packaged to elicit the right services that cover all their needs and requirements.

    Organizations must ensure that security partners are aligned not only with their needs and requirements, but also with the corporate culture. Rather than introducing hindrances to daily operations, security partners must support business goals and protect the organization’s interests at all times.

    And as always, outsource only your responsibilities and do not outsource your accountability, as that will cost you in the long run.

    Photo of Danny Hammond
    Danny Hammond
    Research Analyst
    Security, Risk, Privacy & Compliance Practice
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    A lack of high-skill labor increases the cost of internal security, making outsourcing more appealing.

    A lack of time and resources prevents your organization from being able to enable security internally.

    Due to a lack of key information on the subject, you are unsure which functions should be outsourced versus which functions should remain in-house.

    Having 24/7/365 monitoring in-house is not feasible for most firms.

    There is difficulty measuring the effectiveness of managed security service providers (MSSPs).

    Common Obstacles

    InfoSec leaders will struggle to select the right outsourcing partner without knowing what the organization needs, such as:

    • How to start the process to select the right service provider that will cover your security needs. With so many service providers and technology tools in this field, who is the right partner?
    • Where to obtain guidance on externalization of resources or maintaining internal posture to enable to you confidently select an outsourcing partner.

    InfoSec leaders must understand the business environment and their own internal security needs before they can select an outsourcing partner that fits.

    Info-Tech’s Approach

    Info-Tech’s Select a Security Outsourcing Partner takes a multi-faceted approach to the problem that incorporates foundational technical elements, compliance considerations, and supporting processes:

    • Determine which security responsibilities can be insourced and which should be outsourced, and the right procedure to outsourcing in order to gain cost savings, improve resource allocation, and boost your overall security posture.
    • Understand the current landscape of MSSPs that are available today and the features they offer.
    • Highlight the future financial obligations of outsourcing vs. insourcing to explain which method is the most cost-effective.

    Info-Tech Insight

    Mitigate security risks by developing an end-to-end process that ensures you are outsourcing your responsibilities and not your accountability.

    Your Challenge

    This research is designed to help organizations select an effective security outsourcing partner.

    • A security outsourcing partner is a third-party service provider that offers security services on a contractual basis depending on client needs and requirements.
    • An effective outsourcing partner can help an organization improve its security posture by providing access to more specialized security experts, tools, and technologies.
    • One of the main challenges with selecting a security outsourcing partner is finding a partner that is a good fit for the organization's unique security needs and requirements.
    • Security outsourcing partners typically have access to sensitive information and systems, so proper controls and safeguards must be in place to protect all sensitive assets.
    • Without careful evaluation and due diligence to ensure that the partner is a good fit for the organization's security needs and requirements, it can be challenging to select an outsourcing partner.

    Outsourcing is effective, but only if done right

    • 83% of decision makers with in-house cybersecurity teams are considering outsourcing to an MSP (Syntax, 2021).
    • 77% of IT leaders said cyberattacks were more frequent (Syntax, 2021).
    • 51% of businesses suffered a data breach caused by a third party (Ponemon, 2021).

    Common Obstacles

    The problem with selecting an outsourcing partner isn’t a lack of qualified partners, it’s the lack of clarity about an organization's specific security needs.

    • Most organizations do not have a clear understanding of their current security posture, their security goals, and the specific security services they require. Without a clear understanding of their needs, organizations may struggle to identify a partner that can meet their requirements.
    • Breakdowns and lack of communication can be a significant obstacle, especially when clear lines of communication with partners, including regular check-ins, reporting, and incident response protocols, have not been clearly established.
    • Ensuring that security partner's systems and processes integrate seamlessly with existing systems can be a challenge for most organizations. This is in addition to making sure that security partners have the necessary access and permissions to perform their services effectively.
    • Adhering to security policies is rarely a priority to users, as compliance often feels like an interference to daily workflow. For a lot of organizations, security policies are not having the desired effect.

    A diagram that shows Average cost of a data breach from 2019 to 2022.
    Source: IBM, 2022 Cost of a Data Breach; N=537.


    Reaching an all-time high, the cost of a data breach averaged US$4.35 million in 2022. This figure represents a 2.6% increase from 2021, when the average cost of a breach was US$4.24 million. The average cost has climbed 12.7% since 2020.

    Info-Tech’s methodology for selecting a security outsourcing partner

    Determine your responsibilities

    Determine what responsibilities you can outsource to a service partner. Analyze which responsibilities you should outsource versus keep in-house? Do you require a service partner based on identified responsibilities?

    Scope your requirements

    Refine the list of role-based requirements, variables, and features you will require. Use a well-known list of critical security controls as a framework to determine these activities and send out RFPs to pick the best candidate for your organization.

    Manage your outsourcing program

    Adopt a program to manage your third-party service security outsourcing. Trust your managed security service providers (MSSP) but verify their results to ensure you get the service level you were promised.

    Select a Security Outsourcing Partner

    A diagram that shows your organization responsibilities & accountabilities, framework for selecting a security outsourcing partner, and benefits.

    Blueprint benefits

    IT/InfoSec Benefits

    Reduces complexity within the MSSP selection process by highlighting all the key steps to a successful selection program.

    Introduces a roadmap to clearly educate about the do’s and don’ts of MSSP selection.

    Reduces costs and efforts related to managing MSSPs and other security partners.

    Business Benefits

    Assists with selecting outsourcing partners that are essential to your organization’s objectives.

    Integrates outsourcing into corporate culture, leveraging organizational requirements while maximizing value of outsourcing.

    Reduces security outsourcing risk.

    Insight summary

    Overarching insight: You can outsource your responsibilities but not your accountability.

    Determine what to outsource: Assess your responsibilities to determine which ones you can outsource. It is vital that an understanding of how outsourcing will affect the organization, and what cost savings, if any, to expect from outsourcing is clear in order to generate a list of responsibilities that can/should be outsourced.

    Select the right partner: Create a list of variables to evaluate the MSSPs and determine which features are important to you. Evaluate all potential MSSPs and determine which one is right for your organization

    Manage your MSSP: Align the MSSP to your organization. Adopt a program to monitor the MSSP which includes a long-term strategy to manage the MSSP.

    Identifying security needs and requirements = Effective outsourcing program: Understanding your own security needs and requirements is key. Ensure your RFP covers the entire scope of your requirements; work with your identified partner on updates and adaptation, where necessary; and always monitor alignment to business objectives.

    Measure the value of this blueprint

    Phase

    Purpose

    Measured Value

    Determine what to outsource Understand the value in outsourcing and determining what responsibilities can be outsourced. Cost of determining what you can/should outsource:
    • 120 FTE hours at $90K per year = $5,400
    Cost of determining the savings from outsourcing vs. insourcing:
    • 120 FTE hours at $90K per year = $5,400
    Select the right partner Select an outsourcing partner that will have the right skill set and solution to identified requirements. Cost of ranking and selecting your MSSPs:
    • 160 FTE hours at $90K per year = $7,200
    Cost of creating and distributing RFPs:
    • 200 FTE hours at $90K per year = $9,000
    Manage your third-party service security outsourcing Use Info-Tech’s methodology and best practices to manage the MSSP to get the best value. Cost of creating and implementing a metrics program to manage the MSSP:
    • 80 FTE hours at $90K per year = $3,600

    After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.

    Overall Impact: 8.9 /10

    Overall Average Cost Saved: $22,950

    Overall Average Days Saved: 9

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit
    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation
    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop
    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting
    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Optimize IT Change Management

    • Buy Link or Shortcode: {j2store}409|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $33,585 Average $ Saved
    • member rating average days saved: 27 Average Days Saved
    • Parent Category Name: Operations Management
    • Parent Category Link: /i-and-o-process-management
    • Infrastructure managers and change managers need to re-evaluate their change management processes due to slow change turnaround time, too many unauthorized changes, too many incidents and outages because of poorly managed changes, or difficulty evaluating and prioritizing changes.
    • IT system owners often resist change management because they see it as slow and bureaucratic.
    • Infrastructure changes are often seen as different from application changes, and two (or more) processes may exist.

    Our Advice

    Critical Insight

    • ITIL provides a usable framework for change management, but full process rigor is not appropriate for every change request.
    • You need to design a process that is flexible enough to meet the demand for change, and strict enough to protect the live environment from change-related incidents.
    • A mature change management process will minimize review and approval activity. Counterintuitively, with experience in implementing changes, risk levels decline to a point where most changes are “pre-approved.”

    Impact and Result

    • Create a unified change management process that reduces risk. The process should be balanced in its approach toward deploying changes while also maintaining throughput of innovation and enhancements.
    • Categorize changes based on an industry-standard risk model with objective measures of impact and likelihood.
    • Establish and empower a change manager and change advisory board with the authority to manage, approve, and prioritize changes.
    • Integrate a configuration management database with the change management process to identify dependencies.

    Optimize IT Change Management Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should optimize change management, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Optimize IT Change Management – Phases 1-4

    1. Define change management

    Assess the maturity of your existing change management practice and define the scope of change management for your organization.

    • Change Management Maturity Assessment Tool
    • Change Management Risk Assessment Tool

    2. Establish roles and workflows

    Build your change management team and standardized process workflows for each change type.

    • Change Manager
    • Change Management Process Library – Visio
    • Change Management Process Library – PDF
    • Change Management Standard Operating Procedure

    3. Define the RFC and post-implementation activities

    Bookend your change management practice by standardizing change intake, implementation, and post-implementation activities.

    • Request for Change Form Template
    • Change Management Pre-Implementation Checklist
    • Change Management Post-Implementation Checklist

    4. Measure, manage, and maintain

    Form an implementation plan for the project, including a metrics evaluation, change calendar inputs, communications plan, and roadmap.

    • Change Management Metrics Tool
    • Change Management Communications Plan
    • Change Management Roadmap Tool
    • Optimize IT Change Management Improvement Initiative: Project Summary Template

    [infographic]

    Workshop: Optimize IT Change Management

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Change Management

    The Purpose

    Discuss the existing challenges and maturity of your change management practice.

    Build definitions of change categories and the scope of change management.

    Key Benefits Achieved

    Understand the starting point and scope of change management.

    Understand the context of change request versus other requests such as service requests, projects, and operational tasks.

    Activities

    1.1 Outline strengths and challenges

    1.2 Conduct a maturity assessment

    1.3 Build a categorization scheme

    1.4 Build a risk assessment matrix

    Outputs

    Change Management Maturity Assessment Tool

    Change Management Risk Assessment Tool

    2 Establish Roles and Workflows

    The Purpose

    Define roles and responsibilities for the change management team.

    Develop a standardized change management practice for approved changes, including process workflows.

    Key Benefits Achieved

    Built the team to support your new change management practice.

    Develop a formalized and right-sized change management practice for each change category. This will ensure all changes follow the correct process and core activities to confirm changes are completed successfully.

    Activities

    2.1 Define the change manager role

    2.2 Outline the membership and protocol for the Change Advisory Board (CAB)

    2.3 Build workflows for normal, emergency, and pre-approved changes

    Outputs

    Change Manager Job Description

    Change Management Standard Operating Procedure (SOP)

    Change Management Process Library

    3 Define the RFC and Post-Implementation Activities

    The Purpose

    Create a new change intake process, including a new request for change (RFC) form.

    Develop post-implementation review activities to be completed for every IT change.

    Key Benefits Achieved

    Bookend your change management practice by standardizing change intake, implementation, and post-implementation activities.

    Activities

    3.1 Define the RFC template

    3.2 Determine post-implementation activities

    3.3 Build your change calendar protocol

    Outputs

    Request for Change Form Template

    Change Management Post-Implementation Checklist

    Project Summary Template

    4 Measure, Manage, and Maintain

    The Purpose

    Develop a plan and project roadmap for reaching your target for your change management program maturity.

    Develop a communications plan to ensure the successful adoption of the new program.

    Key Benefits Achieved

    A plan and project roadmap for reaching target change management program maturity.

    A communications plan ready for implementation.

    Activities

    4.1 Identify metrics and reports

    4.2 Build a communications plan

    4.3 Build your implementation roadmap

    Outputs

    Change Management Metrics Tool

    Change Management Communications Plan

    Change Management Roadmap Tool

    Further reading

    Optimize IT Change Management

    Right-size IT change management practice to protect the live environment.

    EXECUTIVE BRIEF

    Analyst Perspective

    Balance risk and efficiency to optimize IT change management.

    Change management (change enablement, change control) is a balance of efficiency and risk. That is, pushing changes out in a timely manner while minimizing the risk of deployment. On the one hand, organizations can attempt to avoid all risk and drown the process in rubber stamps, red tape, and bureaucracy. On the other hand, organizations can ignore process and push out changes as quickly as possible, which will likely lead to change related incidents and debilitating outages.

    Right-sizing the process does not mean adopting every recommendation from best-practice frameworks. It means balancing the efficiency of change request fulfillment with minimizing risk to your organization. Furthermore, creating a process that encourages adherence is key to avoid change implementers from skirting your process altogether.

    Benedict Chang, Research Analyst, Infrastructure and Operations, Info-Tech Research Group

    Executive Summary

    Your Challenge

    Infrastructure and application change occurs constantly and is driven by changing business needs, requests for new functionality, operational releases and patches, and resolution of incidents or problems detected by the service desk.

    IT managers need to follow a standard change management process to ensure that rogue changes are never deployed while the organization remains responsive to demand.

    Common Obstacles

    IT system owners often resist change management because they see it as slow and bureaucratic.

    At the same time, an increasingly interlinked technical environment may cause issues to appear in unexpected places. Configuration management systems are often not kept up-to-date and do not catch the potential linkages.

    Infrastructure changes are often seen as “different” from application changes and two (or more) processes may exist.

    Info-Tech’s Approach

    Info-Tech’s approach will help you:

    • Create a unified change management practice that balances risk and throughput of innovation.
    • Categorize changes based on an industry-standard risk model with objective measures of impact and likelihood.
    • Establish and empower a Change Manager and Change Advisory Board (CAB) with the authority to manage, approve, and prioritize changes.

    Balance Risk and Efficiency to Optimize IT Change Management

    Two goals of change management are to protect the live environment and deploying changes in a timely manner. These two may seem to sometimes be at odds against each other, but assessing risk at multiple points of a change’s lifecycle can help you achieve both.

    Your challenge

    This research is designed to help organizations who need to:

    • Build a right-sized change management practice that encourages adherence and balances efficiency and risk.
    • Integrate the change management practice with project management, service desk processes, configuration management, and other areas of IT and the business.
    • Communicate the benefits and impact of change management to all the stakeholders affected by the process.

    Change management is heavily reliant on organizational culture

    Having a right-sized process is not enough. You need to build and communicate the process to gather adherence. The process is useless if stakeholders are not aware of it or do not follow it.

    Increase the Effectiveness of Change Management in Your Organization

    The image is a bar graph, with the segments labelled 1 and 2. The y-axis lists numbers 1-10. Segment 1 is at 6.2, and segment 2 is at 8.6.

    Of the eight infrastructure & operations processes measured in Info-Tech’s IT Management and Governance Diagnostic (MGD) program, change management has the second largest gap between importance and effectiveness of these processes.

    Source: Info-Tech 2020; n=5,108 IT professionals from 620 organizations

    Common obstacles

    These barriers make this challenge difficult to address for many organizations:

    • Gaining buy-in can be a challenge no matter how well the process is built.
    • The complexity of the IT environment and culture of tacit knowledge for configuration makes it difficult to assess cross-dependencies of changes.
    • Each silo or department may have their own change management workflows that they follow internally. This can make it difficult to create a unified process that works well for everyone.

    “Why should I fill out an RFC when it only takes five minutes to push through my change?”

    “We’ve been doing this for years. Why do we need more bureaucracy?”

    “We don’t need change management if we’re Agile.”

    “We don’t have the right tools to even start change management.”

    “Why do I have to attend a CAB meeting when I don’t care what other departments are doing?”

    Info-Tech’s approach

    Build change management by implementing assessments and stage gates around appropriate levels of the change lifecycle.

    The image is a circle, comprised of arrows, with each arrow pointing to the next, forming a cycle. Each arrow is labelled, as follows: Improve; Request; Assess; Plan; Approve; Implement

    The Info-Tech difference:

    1. Create a unified change management process that balances risk and throughput of innovation.
    2. Categorize changes based on an industry-standard risk model with objective measures of impact and likelihood.
    3. Establish and empower a Change Manager and Change Advisory Board (CAB) with the authority to manage, approve, and prioritize changes.

    IT change is constant and is driven by:

    Change Management:

    1. Operations - Operational releases, maintenance, vendor-driven updates, and security updates can all be key drivers of change. Example: ITSM version update
      • Major Release
      • Maintenance Release
      • Security Patch
    2. Business - Business-driven changes may include requests from other business departments that require IT’s support. Examples: New ERP or HRIS implementation
      • New Application
      • New Version
    3. Service desk → Incident & Problem - Some incident and problem tickets require a change to facilitate resolution of the incident. Examples: Outage necessitating update of an app (emergency change), a user request for new functionality to be added to an existing app
      • Workaround
      • Fix
    4. Configuration Management Database (CMDB) ↔ Asset Management - In addition to software and hardware asset dependencies, a configuration management database (CMDB) is used to keep a record of changes and is queried to assess change requests.
      • Hardware
      • Software

    Insight summary

    “The scope of change management is defined by each organization…the purpose of change management is to maximize the number of successful service and product changes by ensuring that the risk have been properly assessed, authorizing changes to process, and managing the change schedule.” – ALEXOS Limited, ITIL 4

    Build a unified change management process balancing risk and change throughput.

    Building a unified process that oversees all changes to the technical environment doesn’t have to be burdensome to be effective. However, the process is a necessary starting point to identifying cross dependencies and avoiding change collisions and change-related incidents.

    Use an objective framework for estimating risk

    Simply asking, “What is the risk?” will result in subjective responses that will likely minimize the perceived risk. The level of due diligence should align to the criticality of the systems or departments potentially impacted by the proposed changes.

    Integrate your change process with your IT service management system

    Change management in isolation will provide some stability, but maturing the process through service integrations will enable data-driven decisions, decrease bureaucracy, and enable faster and more stable throughput.

    Change management and DevOps can work together effectively

    Change and DevOps tend to be at odds, but the framework does not have to change. Lower risk changes in DevOps are prime candidates for the pre-approved category. Much of the responsibility traditionally assigned to the CAB can be diffused throughout the software development lifecycle.

    Change management and DevOps can coexist

    Shift the responsibility and rigor to earlier in the process.

    • If you are implementing change management in a DevOps environment, ensure you have a strong DevOps lifecycle. You may wish to refer to Info-Tech’s research Implementing DevOps Practices That Work.
    • Consider starting in this blueprint by visiting Appendix II to frame your approach to change management. Follow the blueprint while paying attention to the DevOps Callouts.

    DEVOPS CALLOUTS

    Look for these DevOps callouts throughout this storyboard to guide you along the implementation.

    The image is a horizontal figure eight, with 7 arrows, each pointing into the next. They are labelled are follows: Plan; Create; Verify; Package; Release; Configure; Monitor. At the centre of the circles are the words Dev and Ops.

    Successful change management will provide benefits to both the business and IT

    Respond to business requests faster while reducing the number of change-related disruptions.

    IT Benefits

    • Fewer change-related incidents and outages
    • Faster change turnaround time
    • Higher rate of change success
    • Less change rework
    • Fewer service desk calls related to poorly communicated changes

    Business Benefits

    • Fewer service disruptions
    • Faster response to requests for new and enhanced functionalities
    • Higher rate of benefits realization when changes are implemented
    • Lower cost per change
    • Fewer “surprise” changes disrupting productivity

    IT satisfaction with change management will drive business satisfaction with IT. Once the process is working efficiently, staff will be more motivated to adhere to the process, reducing the number of unauthorized changes. As fewer changes bypass proper evaluation and testing, service disruptions will decrease and business satisfaction will increase.

    Change management improves core benefits to the business: the four Cs

    Most organizations have at least some form of change control in place, but formalizing change management leads to the four Cs of business benefits:

    Control

    Change management brings daily control over the IT environment, allowing you to review every relatively new change, eliminate changes that would have likely failed, and review all changes to improve the IT environment.

    Collaboration

    Change management planning brings increased communication and collaboration across groups by coordinating changes with business activities. The CAB brings a more formalized and centralized communication method for IT.

    Consistency

    Request for change templates and a structured process result in implementation, test, and backout plans being more consistent. Implementing processes for pre-approved changes also ensures these frequent changes are executed consistently and efficiently.

    Confidence

    Change management processes will give your organization more confidence through more accurate planning, improved execution of changes, less failure, and more control over the IT environment. This also leads to greater protection against audits.

    You likely need to improve change management more than any other infrastructure & operations process

    The image shows a vertical bar graph. Each segment of the graph is labelled for an infrastructure/operations process. Each segment has two bars one for effectiveness, and another for importance. The first segment, Change Management, is highlighted, with its Effectiveness at a 6.2 and Importance at 8.6

    Source: Info-Tech 2020; n=5,108 IT Professionals from 620 organizations

    Of the eight infrastructure and operations processes measured in Info-Tech’s IT Management and Governance Diagnostic (MGD) program, change management consistently has the second largest gap between importance and effectiveness of these processes.

    Executives and directors recognize the importance of change management but feel theirs is currently ineffective

    Info-Tech’s IT Management and Governance Diagnostic (MGD) program assesses the importance and effectiveness of core IT processes. Since its inception, the MGD has consistently identified change management as an area for immediate improvement.

    The image is a vertical bar graph, with four segments, each having 2 bars, one for Effectiveness and the other for Importance. The four segments are (with Effectiveness and Importance ratings in brackets, respectively): Frontline (6.5/8.6); Manager (6.6/8.9); Director (6.4/8.8); and Executive (6.1/8.8)

    Source: Info-Tech 2020; n=5,108 IT Professionals from 620 organizations

    Importance Scores

    No importance: 1.0-6.9

    Limited importance: 7.0-7.9

    Significant importance: 8.0-8.9

    Critical importance: 9.0-10.0

    Effectiveness Scores

    Not in place: n/a

    Not effective: 0.0-4.9

    Somewhat Ineffective: 5.0-5.9

    Somewhat effective: 6.0-6.9

    Very effective: 7.0-10.0

    There are several common misconceptions about change management

    Which of these have you heard in your organization?

     Reality
    “It’s just a small change; this will only take five minutes to do.” Even a small change can cause a business outage. That small fix could impact a large system connected to the one being fixed.
    “Ad hoc is faster; too many processes slow things down.” Ad hoc might be faster in some cases, but it carries far greater risk. Following defined processes keeps systems stable and risk-averse.
    “Change management is all about speed.” Change management is about managing risk. It gives the illusion of speed by reducing downtime and unplanned work.
    “Change management will limit our capacity to change.” Change management allows for a better alignment of process (release management) with governance (change management).

    Overcome perceived challenges to implementing change management to reap measurable reward

    Before: Informal Change Management

    Change Approval:

    • Changes do not pass through a formal review process before implementation.
    • 10% of released changes are approved.
    • Implementation challenge: Staff will resist having to submit formal change requests and assessments, frustrated at the prospect of having to wait longer to have changes approved.

    Change Prioritization

    • Changes are not prioritized according to urgency, risk, and impact.
    • 60% of changes are urgent.
    • Implementation challenge: Influential stakeholders accustomed to having changes approved and deployed might resist having to submit changes to a standard cost-benefit analysis.

    Change Deployment

    • Changes often negatively impact user productivity.
    • 25% of changes are realized as planned.
    • Implementation challenge: Engaging the business so that formal change freeze periods and regular maintenance windows can be established.

    After: Right-Sized Change Management

    Change Approval

    • All changes pass through a formal review process. Once a change is repeatable and well-tested, it can be pre-approved to save time. Almost no unauthorized changes are deployed.
    • 95% of changes are approved.
    • KPI: Decrease in change-related incidents

    Change Prioritization

    • The CAB prioritizes changes so that the business is satisfied with the speed of change deployment.
    • 35% of changes are urgent.
    • KPI: Decrease in change turnaround time.

    Change deployment

    • Users are always aware of impending changes and changes don’t interrupt critical business activities.
    • Over 80% of changes are realized as planned
    • KPI: Decrease in the number of failed deployments.

    Info-Tech’s methodology for change management optimization focuses on building standardized processes

     1. Define Change Management2. Establish Roles and Workflows3. Define the RFC and Post-Implementation Activities4. Measure, Manage, and Maintain
    Phase Steps

    1.1 Assess Maturity

    1.2 Categorize Changes and Build Your Risk Assessment

    2.1 Determine Roles and Responsibilities

    2.2 Build Core Workflows

    3.1 Design the RFC

    3.2 Establish Post-Implementation Activities

    4.1 Identify Metrics and Build the Change Calendar

    4.2 Implement the Project

      Change Management Standard Operating Procedure (SOP) Change Management Project Summary Template
    Phase Deliverables
    • Change Management Maturity Assessment Tool
    • Change Management Risk Assessment Tool
    • Change Manager Job Description
    • Change Management Process Library
    • Request for Change (RFC) Form Template
    • Change Management Pre-Implementation Checklist
    • Change Management Post-Implementation Checklist
    • Change Management Metrics Tool
    • Change Management
    • Communications Plan
    • Change Management Roadmap Tool

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Change Management Process Library

    Document your normal, pre-approved, and emergency change lifecycles with the core process workflows .

    Change Management Risk Assessment Tool

    Test Drive your impact and likelihood assessment questionnaires with the Change Management Risk Assessment Tool.

    Project Summary Template

    Summarize your efforts in the Optimize IT Change Management Improvement Initiative: Project Summary Template.

    Change Management Roadmap Tool

    Record your action items and roadmap your steps to a mature change management process.

    Key Deliverable:

    Change Management SOP

    Document and formalize your process starting with the change management standard operating procedure (SOP).

    These case studies illustrate the value of various phases of this project

    Define Change Management

    Establish Roles and Workflows

    Define RFC and Post-Implementation Activities

    Measure, Manage, and Maintain

    A major technology company implemented change management to improve productivity by 40%. This case study illustrates the full scope of the project.

    A large technology firm experienced a critical outage due to poor change management practices. This case study illustrates the scope of change management definition and strategy.

    Ignorance of change management process led to a technology giant experiencing a critical cloud outage. This case study illustrates the scope of the process phase.

    A manufacturing company created a makeshift CMDB in the absence of a CMDB to implement change management. This case study illustrates the scope of change intake.

    A financial institution tracked and recorded metrics to aid in the success of their change management program. This case study illustrates the scope of the implementation phase.

    Working through this project with Info-Tech can save you time and money

    Engaging in a Guided Implementation doesn’t just offer valuable project advice, it also results in significant cost savings.

    Guided ImplementationMeasured Vale
    Phase 1: Define Change Management
    • We estimate Phase 1 activities will take 2 FTEs 10 days to complete on their own, but the time saved by using Info-Tech’s methodology will cut that time in half, thereby saving $3,100 (2 FTEs * 5 days * $80,000/year).

    Phase 2: Establish Roles and Workflows

    • We estimate Phase 2 will take 2 FTEs 10 days to complete on their own, but the time saved by using Info-Tech’s methodology will cut that time in half, thereby saving $3,100 (2 FTEs * 5 days * $80,000/year).
    Phase 3: Define the RFC and Post-Implementation Activities
    • We estimate Phase 3 will take 2 FTEs 10 days to complete on their own, but the time saved by using Info-Tech’s methodology will cut that time in half, thereby saving $3,100 (2 FTEs * 5 days * $80,000/year).

    Phase 4: Measure, Manage, and Maintain

    • We estimate Phase 4 will take 2 FTEs 5 days to complete on their own, but the time saved by using Info-Tech’s methodology will cut that time in half, thereby saving $1,500 (2 FTEs * 2.5 days * $80,000/year).
    Total Savings $10,800

    Case Study

    Industry: Technology

    Source: Daniel Grove, Intel

    Intel implemented a robust change management program and experienced a 40% improvement in change efficiency.

    Founded in 1968, the world’s largest microchip and semiconductor company employs over 100,000 people. Intel manufactures processors for major players in the PC market including Apple, Lenovo, HP, and Dell.

    ITIL Change Management Implementation

    With close to 4,000 changes occurring each week, managing Intel’s environment is a formidable task. Before implementing change management within the organization, over 35% of all unscheduled downtime was due to errors resulting from change and release management. Processes were ad hoc or scattered across the organization and no standards were in place.

    Results

    After a robust implementation of change management, Intel experienced a number of improvements including automated approvals, the implementation of a formal change calendar, and an automated RFC form. As a result, Intel improved change productivity by 40% within the first year of the program’s implementation.

    Define Change Management

    Establish Roles and Workflows

    Define RFC and Post-Implementation Activities

    Measure, Manage, and Maintain

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    A Guided Implementation (GI) is series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

    Define Change Management

    • Call #1: Introduce change concepts.
    • Call #2: Assess current maturity.
    • Call #3: Identify target-state capabilities.

    Establish Roles and Workflows

    • Call #4: Review roles and responsibilities.
    • Call #5: Review core change processes.

    Define RFC and Post- Implementation Activities

    • Call #6: Define change intake process.
    • Call #7: Create pre-implementation and post-implementation checklists.

    Measure, Manage, and Maintain

    • Call #8: Review metrics.
    • Call #9: Create roadmap.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

     Day 1Day 2Day 3Day 4Day 5
    Activities

    Define Change Management

    1.1 Outline Strengths and Challenges

    1.2 Conduct a Maturity Assessment

    1.3 Build a Change Categorization Scheme

    1.4 Build Your Risk Assessment

    Establish Roles and Workflows

    2.1 Define the Change Manager Role

    2.2 Outline CAB Protocol and membership

    2.3 Build Normal Change Process

    2.4 Build Emergency Change Process

    2.5 Build Pre-Approved Change Process

    Define the RFC and Post-Implementation Activities

    3.1 Create an RFC Template

    3.2 Determine Post-Implementation Activities

    3.3 Build a Change Calendar Protocol

    Measure, Manage, and Maintain

    4.1 Identify Metrics and Reports

    4.2 Create Communications Plan

    4.3 Build an Implementation Roadmap

    Next Steps and Wrap-Up (offsite)

    5.1 Complete in-progress deliverables from previous four days

    5.2 Set up review time for workshop deliverables and to discuss next steps

    Deliverables
    1. Maturity Assessment
    2. Risk Assessment
    1. Change Manager Job Description
    2. Change Management Process Library
    1. Request for Change (RFC) Form Template
    2. Pre-Implementation Checklist
    3. Post-Implementation Checklist
    1. Metrics Tool
    2. Communications Plan
    3. Project Roadmap
    1. Change Management Standard Operating Procedure (SOP)
    2. Workshop Summary Deck

    Phase 1

    Define Change Management

    Define Change Management

    1.1 Assess Maturity

    1.2 Categorize Changes and Build Your Risk Assessment

    Establish Roles and Workflows

    2.1 Determine Roles and Responsibilities

    2.2 Build Core Workflows

    Define the RFC and Post-Implementation Activities

    3.1 Design the RFC

    3.2 Establish Post-Implementation Activities

    Measure, Manage, and Maintain

    4.1 Identify Metrics and Build the Change Calendar

    4.2 Implement the Project

    This phase will guide you through the following steps:

    • Assess Maturity
    • Categorize Changes and Build Your Risk Assessment

    This phase involves the following participants:

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board

    Step 1.1

    Assess Maturity

    Activities

    1.1.1 Outline the Organization’s Strengths and Challenges

    1.1.2 Complete a Maturity Assessment

    This step involves the following participants:

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board

    Outcomes of this step

    • An understanding of maturity change management processes and frameworks
    • Identification of existing change management challenges and potential causes
    • A framework for assessing change management maturity and an assessment of your existing change management processes

    Define Change Management

    Step 1.1: Assess Maturity → Step 1.2: Categorize Changes and Build Your Risk Assessment

    Change management is often confused with release management, but they are distinct processes

    Change

    • Change management looks at software changes as well as hardware, database, integration, and network changes, with the focus on stability of the entire IT ecosystem for business continuity.
    • Change management provides a holistic view of the IT environment, including dependencies, to ensure nothing is negatively affected by changes.
    • Change documentation is more focused on process, ensuring dependencies are mapped, rollout plans exist, and the business is not at risk.

    Release

    • Release and deployment are the detailed plans that bundle patches, upgrades, and new features into deployment packages, with the intent to change them flawlessly into a production environment.
    • Release management is one of many actions performed under change management’s governance.
    • Release documentation includes technical specifications such as change schedule, package details, change checklist, configuration details, test plan, and rollout and rollback plans.

    Info-Tech Insight

    Ensure the Release Manager is present as part of your CAB. They can explain any change content or dependencies, communicate business approval, and advise the service desk of any defects.

    Integrate change management with other IT processes

    As seen in the context diagram, change management interacts closely with many other IT processes including release management and configuration management (seen below). Ensure you delineate when these interactions occur (e.g. RFC updates and CMDB queries) and which process owns each task.

    The image is a chart mapping the interactions between Change Management and Configuration Management (CMDB).

    Avoid the challenges of poor change management

    1. Deployments
      • Too frequent: The need for frequent deployments results in reduced availability of critical business applications.
      • Failed deployments or rework is required: Deployments are not successful and have to be backed out of and then reworked to resolve issues with the installation.
      • High manual effort: A lack of automation results in high resource costs for deployments. Human error is likely, which adds to the risk of a failed deployment.
    2. Incidents
      • Too many unauthorized changes: If the process is perceived as cumbersome and ineffective, people will bypass it or abuse the emergency designation to get their changes deployed faster.
      • Changes cause incidents: When new releases are deployed, they create problems with related systems or applications.
    3. End Users
      • Low user satisfaction: Poor communication and training result in surprised and unhappy users and support staff.

    “With no controls in place, IT gets the blame for embarrassing outages. Too much control, and IT is seen as a roadblock to innovation.” – Anonymous, VP IT of a federal credit union

    1.1.1 Outline the Organization’s Strengths and Challenges

    Input

    • Current change documentation (workflows, SOP, change policy, etc.)
    • Organizational chart(s)

    Output

    • List of strengths and challenges for change management

    Materials

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board
    1. As group, discuss and outline the change management challenges facing the organization. These may be challenges caused by poor change management processes or by a lack of process.
    2. Use the pain points found on the previous slide to help guide the discussion.
    3. As a group, also outline the strengths of change management and the strengths of the current organization. Use these strengths as a guide to know what practices to continue and what strengths you can leverage to improve the change management process.
    4. Record the activity results in the Project Summary Template.

    Download the Optimize IT Change Management Improvement Initiative: Project Summary Template

    Assess current change management maturity to create a plan for improvement

     ChaosReactiveControlled

    Proactive

    Optimized
    Change Requests No defined processes for submitting changes Low process adherence and no RFC form RFC form is centralized and a point of contact for changes exists RFCs are reviewed for scope and completion RFCs trend analysis and proactive change exists
    Change Review Little to no change risk assessment Risk assessment exists for each RFC RFC form is centralized and a point of contact for changes exists Change calendar exists and is maintained System and component dependencies exist (CMDB)
    Change Approval No formal approval process exists Approval process exists but is not widely followed Unauthorized changes are minimal or nonexistent Change advisory board (CAB) is established and formalized Trend analysis exists increasing pre-approved changes
    Post-Deployment No post-deployment change review exists Process exists but is not widely followed Reduction of change-related incidents Stakeholder satisfaction is gathered and reviewed Lessons learned are propagated and actioned
    Process Governance Roles & responsibilities are ad hoc Roles, policies & procedures are defined & documented Roles, policies & procedures are defined & documented KPIs are tracked, reported on, and reviewed KPIs are proactively managed for improvement

    Info-Tech Insight

    Reaching an optimized level is not feasible for every organization. You may be able to run a very good change management process at the Proactive or even Controlled stage. Pay special attention to keeping your goals attainable.

    1.1.2 Complete a Maturity Assessment

    Input

    • Current change documentation (workflows, SOP, change policy, etc.)

    Output

    • Assessment of current maturity level and goals to improve change management

    Materials

    Participants

    • Change Manager
    • Service Desk Manager
    • Operations (optional)
    1. Use Info-Tech’s Change Management Maturity Assessment Tool to assess the maturity and completeness of your change process.
    2. Significant gaps revealed in this assessment should be the focal points of your discussion when investigating root causes and brainstorming remediation activities:
      1. For each activity of each process area of change management, determine the degree of completeness of your current process.
      2. Review your maturity assessment results and discuss as a group potential reasons why you arrived at your maturity level. Identify areas where you should focus your initial attention for improvement.
      3. Regularly review the maturity of your change management practices by completing this maturity assessment tool periodically to identify other areas to optimize.

    Download the Change Management Maturity Assessment Tool

    Case Study

    Even Google isn’t immune to change-related outages. Plan ahead and communicate to help avoid change-related incidents

    Industry: Technology

    Source: The Register

    As part of a routine maintenance procedure, Google engineers moved App Engine applications between data centers in the Central US to balance out traffic.

    Unfortunately, at the same time that applications were being rerouted, a software update was in progress on the traffic routers, which triggered a restart. This temporarily diminished router capacity, knocking out a sizeable portion of Google Cloud.

    The server drain resulted in a huge spike in startup requests, and the routers simply couldn’t handle the traffic.

    As a result, 21% of Google App Engine applications hosted in the Central US experienced error rates in excess of 10%, while an additional 16% of applications experienced latency, albeit at a lower rate.

    Solution

    Thankfully, engineers were actively monitoring the implementation of the change and were able to spring into action to halt the problem.

    The change was rolled back after 11 minutes, but the configuration error still needed to be fixed. After about two hours, the change failure was resolved and the Google Cloud was fully functional.

    One takeaway for the engineering team was to closely monitor how changes are scheduled. Ultimately, this was the result of miscommunication and a lack of transparency between change teams.

    Step 1.2

    Categorize Changes and Build Your Risk Assessment

    Activities

    1.2.1 Define What Constitutes a Change

    1.2.2 Build a Change Categorization Scheme

    1.2.3 Build a Classification Scheme to Assess Impact

    1.2.4 Build a Classification Scheme to Define Likelihood

    1.2.5 Evaluate and Adjust Your Risk Assessment Scheme

    Define Change Management

    Step 1.1: Assess Maturity → Step 1.2: Categorize Changes and Build Your Risk Assessment

    This step involves the following participants:

    • Infrastructure/Applications Manager
    • Change Manager
    • Members of the Change Advisory Board

    Outcomes of this step

    • A clear definition of what constitutes a change in your organization
    • A defined categorization scheme to classify types of changes
    • A risk assessment matrix and tool for evaluating and prioritizing change requests according to impact and likelihood of risk

    Change must be managed to mitigate risk to the infrastructure

    Change management is the gatekeeper protecting your live environment.

    Successfully managed changes will optimize risk exposure, severity of impact, and disruption. This will result in the bottom-line business benefits of removal of risk, early realization of benefits, and savings of money and time.

    • IT change is constant; change requests will be made both proactively and reactively to upgrade systems, acquire new functionality, and to prevent or resolve incidents.
    • Every change to the infrastructure must pass through the change management process before being deployed to ensure that it has been properly assessed and tested, and to check that a backout /rollback plan is in place.
    • It will be less expensive to invest in a rigorous change management process than to resolve incidents, service disruptions, and outages caused by the deployment of a bad change.
    • Change management is what gives you control and visibility regarding what is introduced to the live environment, preventing incidents that threaten business continuity.

    80%

    In organizations without formal change management processes, about 80% (The Visible Ops Handbook) of IT service outage problems are caused by updates and changes to systems, applications, and infrastructure. It’s crucial to track and systematically manage change to fully understand and predict the risks and potential impact of the change.

    Attributes of a change

    Differentiate changes from other IT requests

    Is this in the production environment of a business process?

    The core business of the enterprise or supporting functions may be affected.

    Does the task affect an enterprise managed system?

    If it’s for a local application, it’s a service request

    How many users are impacted?

    It should usually impact more than a single user (in most cases).

    Is there a configuration, or code, or workflow, or UI/UX change?

    Any impact on a business process is a change; adding a user or a recipient to a report or mailing list is not a change.

    Does the underlying service currently exist?

    If it’s a new service, then it’s better described as a project.

    Is this done/requested by IT?

    It needs to be within the scope of IT for the change management process to apply.

    Will this take longer than one week?

    As a general rule, if it takes longer than 40 hours of work to complete, it’s likely a project.

    Defining what constitutes a change

    Every change request will initiate the change management process; don’t waste time reviewing requests that are out of scope.

    ChangeService Request (User)Operational Task (Backend)
    • Fixing defects in code
    • Changing configuration of an enterprise system
    • Adding new software or hardware components
    • Switching an application to another VM
    • Standardized request
    • New PC
    • Permissions request
    • Change password
    • Add user
    • Purchases
    • Change the backup tape
    • Delete temporary files
    • Maintain database (one that is well defined, repeatable, and predictable)
    • Run utilities to repair a database

    Do not treat every IT request as a change!

    • Many organizations make the mistake of calling a standard service request or operational task a “change.”
    • Every change request will initiate the change management process; don’t waste time reviewing requests that are out of scope.
    • While the overuse of RFCs for out-of-scope requests is better than a lack of process, this will slow the process and delay the approval of more critical changes.
    • Requiring an RFC for something that should be considered day-to-day work will also discourage people from adhering to the process, because the RFC will be seen as meaningless paperwork.

     

    1.2.1 Define What Constitutes a Change

    Input

    • List of examples of each category of the chart

    Output

    • Definitions for each category to be used at change intake

    Materials

    • Whiteboard/flip charts (or shared screen if working remotely)
    • Service catalog (if applicable)
    • Sticky notes
    • Markers/pens
    • Change Management SOP

    Participants

    • Infrastructure Manager
    • Change Manager
    • Members of the Change Advisory Board
    1. As a group, brainstorm examples of changes, projects, service requests (user), operational tasks (backend), and releases. You may add additional categories as needed (e.g. incidents).
    2. Have each participant write the examples on sticky notes and populate the following chart on the whiteboard/flip chart.
    3. Use the examples to draw lines and define what defines each category.
      • What makes a change distinct from a project?
      • What makes a change distinct from a service request?
      • What makes a change distinct from an operational task?
      • When do the category workflows cross over with other categories? (For example, when does a project interact with change management?)
    4. Record the definitions of requests and results in section 2.3 of the Change Management Standard Operating Procedure (SOP).
    ChangeProjectService Request (User)Operational Task (Backend)Release
    Changing Configuration ERP upgrade Add new user Delete temp files Software release

    Download the Change Management Standard Operating Procedure (SOP).

    Each RFC should define resources needed to effect the change

    In addition to assigning a category to each RFC based on risk assessment, each RFC should also be assigned a priority based on the impact of the change on the IT organization, in terms of the resources needed to effect the change.

    Categories include

    Normal

    Emergency

    Pre-Approved

    The majority of changes will be pre-approved or normal changes. Definitions of each category are provided on the next slide.

    Info-Tech uses the term pre-approved rather than the ITIL terminology of standard to more accurately define the type of change represented by this category.

    A potential fourth change category of expedited may be employed if you are having issues with process adherence or if you experience changes driven from outside change management’s control (e.g. from the CIO, director, judiciary, etc.) See Appendix I for more details.

    Info-Tech Best Practice

    Do not rush to designate changes as pre-approved. You may have a good idea of which changes may be considered pre-approved, but make sure they are in fact low-risk and well-documented before moving them over from the normal category.

    The category of the change determines the process it follows

     Pre-ApprovedNormalEmergency
    Definition
    • Tasks are well-known, documented, and proven
    • Budgetary approval is preordained or within control of change requester
    • Risk is low and understood
    • There’s a low probability of failure
    • All changes that are not pre-approved or emergency will be classified as normal
    • Further categorized by priority/risk
    • The change is being requested to resolve a current or imminent critical/severity-1 incident that threatens business continuity
    • Associated with a critical incident or problem ticket
    Trigger
    • The same change is built and changed repeatedly using the same install procedures and resulting in the same low-risk outcome
    • Upgrade or new functionality that will capture a business benefit
    • A fix to a current problem
    • A current or imminent critical incident that will impact business continuity
    • Urgency to implement the change must be established, as well as lack of any alternative or workaround
    Workflow
    • Pre-established
    • Repeatable with same sequence of actions, with minimal judgment or decision points
    • Dependent on the change
    • Different workflows depending on prioritization
    • Dependent on the change
    Approval
    • Change Manager (does not need to be reviewed by CAB)
    • CAB
    • Approval from the Emergency Change Advisory Board (E-CAB) is sufficient to proceed with the change
    • A retroactive RFC must be created and approved by the CAB

    Pay close attention to defining your pre-approved changes. They are going to be critical for running a smooth change management practice in a DevOps Environment

    1.2.2 Build a Change Categorization Scheme

    Input

    • List of examples of each change category

    Output

    • Definitions for each change category

    Materials

    • Whiteboard/flip charts (or shared screen if working remotely)
    • Service catalog (if applicable)
    • Sticky notes
    • Markers
    • Change Management SOP

    Participants

    • Infrastructure Manager
    • Change Manager
    • Members of the Change Advisory Board
    1. Discuss the change categories on the previous slide and modify the types of descriptions to suit your organization.
    2. Once the change categories or types are defined, identify several examples of change requests that would fall under each category.
    3. Types of normal changes will be further defined in the next activity and can be left blank for now.
    4. Examples are provided below. Capture your definitions in section 4 of your Change Management SOP.
    Pre-Approved (AKA Standard)NormalEmergency
    • Microsoft patch management/deployment
    • Windows update
    • Minor form changes
    • Service pack updates on non-critical systems
    • Advance label status on orders
    • Change log retention period/storage
    • Change backup frequency

    Major

    • Active directory server upgrade
    • New ERP

    Medium

    • Network upgrade
    • High availability implementation

    Minor

    • Ticket system go-live
    • UPS replacement
    • Cognos update
    • Any change other than a pre-approved change
    • Needed to resolve a major outage in a Tier 1 system

    Assess the risk for each normal change based on impact (severity) and likelihood (probability)

    Create a change assessment risk matrix to standardize risk assessment for new changes. Formalizing this assessment should be one of the first priorities of change management.

    The following slides guide you through the steps of formalizing a risk assessment according to impact and likelihood:

    1. Define a risk matrix: Risk matrices can either be a 3x3 matrix (Minor, Medium, or High Risk as shown on the next slide) or a 4x4 matrix (Minor, Medium, High, or Critical Risk).
    2. Build an impact assessment: Enable consistent measurement of impact for each change by incorporating a standardized questionnaire for each RFC.
    3. Build a likelihood assessment: Enable the consistent measurement of impact for each change by incorporating a standardized questionnaire for each RFC.
    4. Test drive your risk assessment and make necessary adjustments: Measure your newly formed risk assessment questionnaires against historical changes to test its accuracy.

    Consider risk

    1. Risk should be the primary consideration in classifying a normal change as Low, Medium, High. The extent of governance required, as well as minimum timeline to implement the change, will follow from the risk assessment.
    2. The business benefit often matches the impact level of the risk – a change that will provide a significant benefit to a large number of users may likely carry an equally major downside if deviations occur.

    Info-Tech Insight

    All changes entail an additional level of risk. Risk is a function of impact and likelihood. Risk may be reduced, accepted, or neutralized through following best practices around training, testing, backout planning, redundancy, timing and sequencing of changes, etc.

    Create a risk matrix to assign a risk rating to each RFC

    Every normal RFC should be assigned a risk rating.

    How is risk rating determined?

    • Priority should be based on the business consequences of implementing or denying the change.
    • Risk rating is assigned using the impact of the risk and likelihood/probability that the event may occur.

    Who determines priority?

    • Priority should be decided with the change requester and with the CAB, if necessary.
    • Don’t let the change requester decide priority alone, as they will usually assign it a higher priority than is justified. Use a repeatable, standardized framework to assess each request.

    How is risk rating used?

    • Risk rating is used to determine which changes should be discussed and assessed first.
    • Time frames and escalation processes should be defined for each risk level.

    RFCs need to clearly identify the risk level of the proposed change. This can be done through statement of impact and likelihood (low/medium/high) or through pertinent questions linked with business rules to assess the risk.

    Risk always has a negative impact, but the size of the impact can vary considerably in terms of cost, number of people or sites affected, and severity of the impact. Impact questions tend to be more objective and quantifiable than likelihood questions.

    Risk Matrix

    Risk Matrix. Impact vs. Likelihood. Low impact, Low Likelihood and Medium Impact, Medium Likelihood are minor risks. High Likelihood, Low Impact; Medium Likelihood, Medium Impact; and Low Likelihood, High Impact are Medium Risk. High Impact, High Likelihood; High Impact, Medium Likelihood; and Medium Impact, High Likelihood are Major risk.

    1.2.3 Build a Classification Scheme to Assess Impact

    Input

    • Current risk assessment (if available)

    Output

    • Tailored impact assessment

    Materials

    Participants

    • CIO
    • Infrastructure Manager
    • Change Manager
    • Members of the Change Advisory Board
    1. Define a set of questions to measure risk impact.
    2. For each question, assign a weight that should be placed on that factor.
    3. Define criteria for each question that would categorize the risk as high, medium, or low.
    4. Capture your results in section 4.3.1 of your Change Management SOP.
    Impact
    Weight Question High Medium Low
    15% # of people affected 36+ 11-35 <10
    20% # of sites affected 4+ 2-3 1
    15% Duration of recovery (minutes of business time) 180+ 30-18 <3
    20% Systems affected Mission critical Important Informational
    30% External customer impact Loss of customer Service interruption None

    1.2.4 Build a Classification Scheme to Define Likelihood

    Input

    • Current risk assessment (if available)

    Output

    • Tailored likelihood assessment

    Materials

    Participants

    • CIO
    • Infrastructure Manager
    • Change Manager
    • Members of the Change Advisory Board
    1. Define a set of questions to measure risk likelihood.
    2. For each question, assign a weight that should be placed on that factor.
    3. Define criteria for each question that would categorize the risk as high, medium, or low.
    4. Capture your results in section 4.3.2 of your Change Management SOP.
    LIKELIHOOD
    Weight Question High Medium Low
    25% Has this change been tested? No   Yes
    10% Have all the relevant groups (companies, departments, executives) vetted the change? No Partial Yes
    5% Has this change been documented? No   Yes
    15% How long is the change window? When can we implement? Specified day/time Partial Per IT choice
    20% Do we have trained and experienced staff available to implement this change? If only external consultants are available, the rating will be “medium” at best. No   Yes
    25% Has an implementation plan been developed? No   Yes

    1.2.5 Evaluate and Adjust Your Risk Assessment Scheme

    Input

    • Impact and likelihood assessments from previous two activities

    Output

    • Vetted risk assessment

    Materials

    Participants

    • CIO
    • Infrastructure Manager
    • Change Manager
    • Members of the Change Advisory Board
    1. Draw your risk matrix on a whiteboard or flip chart.
    2. As a group, identify up to 10 examples of requests for changes that would apply within your organization. Depending on the number of people participating, each person could identify one or two changes and write them on sticky notes.
    3. Take turns bringing your sticky notes up to the risk matrix and placing each where it belongs, according to the assessment criteria you defined.
    4. After each participant has taken a turn, discuss each change as a group and adjust the placement of any changes, if needed. Update the risk assessment weightings or questions, if needed.

    Download the Change Management Rick Assessment Tool.

    #

    Change Example

    Impact

    Likelihood

    Risk

    1

    ERP change

    High

    Medium

    Major

    2

    Ticket system go-live

    Medium

    Low

    Minor

    3

    UPS replacement

    Medium

    Low

    Minor

    4

    Network upgrade

    Medium

    Medium

    Medium

    5

    AD upgrade

    Medium

    Low

    Minor

    6

    High availability implementation

    Low

    Medium

    Minor

    7

    Key-card implementation

    Low

    High

    Medium

    8

    Anti-virus update

    Low

    Low

    Minor

    9

    Website

    Low

    Medium

    Minor

     

    Case Study

    A CMDB is not a prerequisite of change management. Don’t let the absence of a configuration management database (CMDB) prevent you from implementing change management.

    Industry: Manufacturing

    Source: Anonymous Info-Tech member

    Challenge

    The company was planning to implement a CMDB; however, full implementation was still one year away and subject to budget constraints.

    Without a CMDB, it would be difficult to understand the interdependencies between systems and therefore be able to provide notifications to potentially affected user groups prior to implementing technical changes.

    This could have derailed the change management project.

    Solution

    An Excel template was set up as a stopgap measure until the full implementation of the CMDB. The template included all identified dependencies between systems, along with a “dependency tier” for each IT service.

    Tier 1: The dependent system would not operate if the upstream system change resulted in an outage.

    Tier 2: The dependent system would suffer severe degradation of performance and/or features.

    Tier 3: The dependent system would see minor performance degradation or minor feature unavailability.

    Results

    As a stopgap measure, the solution worked well. When changes ran the risk of degrading downstream dependent systems, the impacted business system owner’s authorization was sought and end users were informed in advance.

    The primary takeaway was that a system to manage configuration linkages and system dependencies was key.

    While a CMDB is ideal for this use case, IT organizations shouldn’t let the lack of such a system stop progress on change management.

    Case Study (part 1 of 4)

    Intel used a maturity assessment to kick-start its new change management program.

    Industry: Technology

    Source: Daniel Grove, Intel

    Challenge

    Founded in 1968, the world’s largest microchip and semiconductor company employs over 100,000 people. Intel manufactures processors for major players in the PC market including Apple, Lenovo, HP, and Dell.

    Intel IT supports over 65,000 servers, 3.2 petabytes of data, over 70,000 PCs, and 2.6 million emails per day.

    Intel’s change management program is responsible for over 4,000 changes each week.

    Solution

    Due to the sheer volume of change management activities present at Intel, over 35% of unscheduled outages were the result of changes.

    Ineffective change management was identified as the top contributor of incidents with unscheduled downtime.

    One of the major issues highlighted was a lack of process ownership. The change management process at Intel was very fragmented, and that needed to change.

    Results

    Daniel Grove, Senior Release & Change Manager at Intel, identified that clarifying tasks for the Change Manager and the CAB would improve process efficiency by reducing decision lag time. Roles and responsibilities were reworked and clarified.

    Intel conducted a maturity assessment of the overall change management process to identify key areas for improvement.

    Phase 2

    Establish Roles and Workflows

    For running change management in DevOps environment, see Appendix II.

    Define Change Management

    1.1 Assess Maturity

    1.2 Categorize Changes and Build Your Risk Assessment

    Establish Roles and Workflows

    2.1 Determine Roles and Responsibilities

    2.2 Build Core Workflows

    Define RFC and Post-Implementation Activities

    3.1 Design the RFC

    3.2 Establish Post-Implementation Activities

    Measure, Manage, and Maintain

    4.1 Identify Metrics and Build the Change Calendar

    4.2 Implement the Project

    This phase will guide you through the following steps:

    • Determine Roles and Responsibilities
    • Build Core Workflows

    This phase involves the following participants:

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board

    Step 2.1

    Determine Roles and Responsibilities

    Activities

    2.1.1 Capture Roles and Responsibilities Using a RACI Chart

    2.1.2 Determine Your Change Manager’s Responsibilities

    2.1.3 Define the Authority and Responsibilities of Your CAB

    2.1.4 Determine an E-CAB Protocol for Your Organization

    Establish Roles and Workflows

    Step 2.1: Determine Roles and Responsibilities → Step 2.2: Build Core Workflows

    This step involves the following participants:

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board

    Outcomes of this step

    • Clearly defined responsibilities to form the job description for a Change Manager
    • Clearly defined roles and responsibilities for the change management team, including the business system owner, technical SME, and CAB members
    • Defined responsibilities and authority of the CAB
    • Protocol for an emergency CAB (E-CAB) meeting

    Identify roles and responsibilities for your change management team

    Business System Owner

    • Provides downtime window(s)
    • Advises on need for change (prior to creation of RFC)
    • Validates change (through UAT or other validation as necessary)
    • Provides approval for expedited changes (needs to be at executive level)

    Technical Subject Matter Expert (SME)

    • Advises on proposed changes prior to RFC submission
    • Reviews draft RFC for technical soundness
    • Assesses backout/rollback plan
    • Checks if knowledgebase has been consulted for prior lessons learned
    • Participates in the PIR, if necessary
    • Ensures that the service desk is trained on the change

    CAB

    • Approves/rejects RFCs for normal changes
    • Reviews lessons learned from PIRs
    • Decides on the scope of change management
    • Reviews metrics and decides on remedial actions
    • Considers changes to be added to list of pre-approved changes
    • Communicates to organization about upcoming changes

    Change Manager

    • Reviews RFCs for completeness
    • Ensures RFCs brought to the CAB have a high chance of approval
    • Chairs CAB meetings, including scheduling, agenda preparation, reporting, and follow-ups
    • Manages post-implementation reviews and reporting
    • Organizes internal communications (within IT)

    2.1.1 Capture Roles and Responsibilities Using a RACI Chart

    Input

    • Current SOP

    Output

    • Documented roles and responsibilities in change management in a RACI chart

    Materials

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board
    1. As a group, work through developing a RACI chart to determine the roles and responsibilities of individuals involved in the change management practice based on the following criteria:
      • Responsible (performs the work)
      • Accountable (ensures the work is done)
      • Consulted (two-way communication)
      • Informed (one-way communication)
    2. Record your results in slide 14 of the Project Summary Template and section 3.1 of your Change Management SOP.
    Change Management TasksOriginatorSystem OwnerChange ManagerCAB MemberTechnical SMEService DeskCIO/ VP ITE-CAB Member
    Review the RFC C C A C R C R  
    Validate changes C C A C R C R  
    Assess test plan A C R R C   I  
    Approve the RFC I C A R C   I  
    Create communications plan R I A     I I  
    Deploy communications plan I I A I   R    
    Review metrics   C A R   C I  
    Perform a post implementation review   C R A     I  
    Review lessons learned from PIR activities     R A   C    

    Designate a Change Manager to own the process, change templates, and tools

    The Change Manager will be the point of contact for all process questions related to change management.

    • The Change Manager needs the authority to reject change requests, regardless of the seniority of the requester.
    • The Change Manager needs the authority to enforce compliance to a standard process.
    • The Change Manager needs enough cross-functional subject-matter expertise to accurately evaluate the impact of change from both an IT and business perspective.

    Info-Tech Best Practice

    Some organizations will not be able to assign a dedicated Change Manager, but they must still task an individual with change review authority and with ownership of the risk assessment and other key parts of the process.

    Responsibilities

    1. The Change Manager is your first stop for change approval. Both the change management and release and deployment management processes rely on the Change Manager to function.
    2. Every single change that is applied to the live environment, from a single patch to a major change, must originate with a request for change (RFC), which is then approved by the Change Manager to proceed to the CAB for full approval.
    3. Change templates and tools, such as the change calendar, list of preapproved changes, and risk assessment template are controlled by the Change Manager.
    4. The Change Manager also needs to have ownership over gathering metrics and reports surrounding deployed changes. A skilled Change Manager needs to have an aptitude for applying metrics for continual improvement activities.

    2.1.2 Document Your Change Manager’s Responsibilities

    Input

    • Current Change Manager job description (if available)

    Output

    • Change Manager job description and list of responsibilities

    Materials

    • Whiteboard/flip charts (or shared screen if working remotely)
    • Markers/pens
    • Info-Tech’s Change Manager Job Description
    • Change Management SOP

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board

    1.Using the previous slide, Info-Tech’s Change Manager Job Description, and the examples below, brainstorm responsibilities for the Change Manager.

    2.Record the responsibilities in Section 3.2 of your Change Management SOP.

    Example:

    Change Manager: James Corey

    Responsibilities

    1. Own the process, tools, and templates.
    2. Control the Change Management SOP.
    3. Provide standard RFC forms.
    4. Distribute RFCs for CAB review.
    5. Receive all initial RFCs and check them for completion.
    6. Approve initial RFCs.
    7. Approve pre-approved changes.
    8. Approve the conversion of normal changes to pre-approved changes.
    9. Assemble the Emergency CAB (E-CAB) when emergency change requests are received.
    10. Approve submission of RFCs for CAB review.
    11. Chair the CAB:
      • Set the CAB agenda and distribute it at least 24 hours before the meeting.
      • Ensure the agenda is adhered to.
      • Make the final approval/prioritization decision regarding a change if the CAB is deadlocked and cannot come to an agreement.
      • Distribute CAB meeting minutes to all members and relevant stakeholders.

    Download the Change Manager Job Description

    Create a Change Advisory Board (CAB) to provide process governance

    The primary functions of the CAB are to:

    1. Protect the live environment from poorly assessed, tested, and implemented changes.
      • CAB approval is required for all normal and emergency changes.
      • If a change results in an incident or outage, the CAB is effectively responsible; it’s the responsibility of the CAB to assess and accept the potential impact of every change.
    2. Prioritize changes in a way that fairly reflects change impact and urgency.
      • Change requests will originate from multiple stakeholders, some of whom have competing interests.
      • It’s up to the CAB to prioritize these requests effectively so that business need is balanced with any potential risk to the infrastructure.
      • The CAB should seek to reduce the number of emergency/expedited changes.
    3. Schedule deployments in a way that minimizes conflict and disruption.
      • The CAB uses a change calendar populated with project work, upcoming organizational initiatives, and change freeze periods. They will schedule changes around these blocks to avoid disrupting user productivity.
      • The CAB should work closely with the release and deployment management teams to coordinate change/release scheduling.

    See what responsibilities in the CAB’s process are already performed by the DevOps lifecycle (e.g. authorization, deconfliction etc.). Do not duplicate efforts.

    Use diverse representation from the business to form an effective CAB

    The CAB needs insight into all areas of the business to avoid approving a high-risk change.

    Based on the core responsibilities you have defined, the CAB needs to be composed of a diverse set of individuals who provide quality:

    • Change need assessments – identifying the value and purpose of a proposed change.
    • Change risk assessments – confirmation of the technical impact and likelihood assessments that lead to a risk score, based on the inputs in RFC.
    • Change scheduling – offer a variety of perspectives and responsibilities and will be able to identify potential scheduling conflicts.
     CAB RepresentationValue Added
    Business Members
    • CIO
    • Business Relationship Manager
    • Service Level Manager
    • Business Analyst
    • Identify change blackout periods, change impact, and business urgency.
    • Assess impact on fiduciary, legal, and/or audit requirements.
    • Determine acceptable business risk.
    IT Operations Members
    • Managers representing all IT functions
    • IT Directors
    • Subject Matter Experts (SMEs)
    • Identify dependencies and downstream impacts.
    • Identify possible conflicts with pre-existing OLAs and SLAs.
    CAB Attendees
    • Specific SMEs, tech specialists, and business and vendor reps relevant to a particular change
    • Only attend meetings when invited by the Change Manager
    • Provide detailed information and expertise related to their particular subject areas.
    • Speak to requirements, change impact, and cost.

    Info-Tech Best Practice

    Form a core CAB (members attend every week) and an optional CAB (members who attend only when a change impacts them or when they can provide value in discussions about a change). This way, members can have their voice heard without spending every week in a meeting where they do not contribute.

    2.1.3 Define the Authority and Responsibilities of Your CAB

    Input

    • Current SOP or CAB charter (if available)

    Output

    • Documented list of CAB authorities and responsibilities

    Materials

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board

    1.Using the previous slide and the examples below, list the authorities and responsibilities of your CAB.

    2.Record the responsibilities in section 3.3.2 of your Change Management SOP and the Project Summary Template.

    Example:

    CAP AuthorityCAP Responsibilities
    • Final authority over the deployment of all normal and emergency changes.
    • Authority to absorb the risk of a change.
    • Authority to set the change calendar:
      • Maintenance windows.
      • Change freeze periods.
      • Project work.
      • Authority to delay changes.
    • Evaluate all normal and emergency changes.
    • Verify all normal change test, backout, and implementation plans.
    • Verify all normal change test results.
    • Approve all normal and emergency changes.
    • Prioritize all normal changes.
    • Schedule all normal and emergency changes.
    • Review failed change deployments.

    Establish an emergency CAB (E-CAB) protocol

    • When an emergency change request is received, you will not be able to wait until the regularly scheduled CAB meeting.
    • As a group, decide who will sit on the E-CAB and what their protocol will be when assessing and approving emergency changes.

    Change owner conferences with E-CAB (best efforts to reach them) through email or messaging.

    E-CAB members and business system owners are provided with change details. No decision is made without feedback from at least one E-CAB member.

    If business continuity is being affected, the Change Manager has authority to approve change.

    Full documentation of the change (a retroactive RFC) is done after the change and is then reviewed by the CAB.

    Info-Tech Best Practice

    Members of the E-CAB should be a subset of the CAB who are typically quick to respond to their messages, even at odd hours of the night.

    2.1.4 Determine an E-CAB Protocol for Your Organization

    Input

    • Current SOP or CAB charter (if available)

    Output

    • E-CAB protocol

    Materials

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board
    1. Gather the members of the E-CAB and other necessary representatives from the change management team.
    2. Determine the order of operations for the E-CAB in the event that an emergency change is needed.
    3. Consult the example emergency protocol below. Determine what roles and responsibilities are involved at each stage of the emergency change’s implementation.
    4. Document the E-CAB protocol in section 3.4 of your Change Management SOP.

    Example

    Assemble E-CAB

    Assess Change

    Test (if Applicable)

    Deploy Change

    Create Retroactive RFC

    Review With CAB

    Step 2.2

    Build Core Workflows

    Activities

    2.2.1 Build a CMDB-lite as a Reference for Requested Changes

    2.2.2 Create a Normal Change Process

    2.2.3 Create a Pre-Approved Change Process

    2.2.4 Create an Emergency Change Process

    Establish Roles and Workflows

    Step 2.1: Determine Roles and Responsibilities → Step 2.2: Build Core Workflows

    This step involves the following participants:

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board

    Outcomes of this step

    • Emergency change workflow
    • Normal process workflow
    • Pre-approved change workflow

    Establishing Workflows: Change Management Lifecycle

    Improve

    • A post-implementation review assesses the value of the actual change measured against the proposed change in terms of benefits, costs, and impact.
    • Results recorded in the change log.
    • Accountability: Change Manager Change Implementer

    Request

    • A change request (RFC) can be submitted via paper form, phone, email, or web portal.
    • Accountability: Change requester/Initiator

    Assess

    • The request is screened to ensure it meets an agreed-upon set of business criteria.
    • Changes are assessed on:
      • Impact of change
      • Risks or interdependencies
      • Resourcing and costs
    • Accountability: Change Manager

    Plan

    • Tasks are assigned, planned, and executed.
    • Change schedule is consulted and necessary resources are identified.
    • Accountability: Change Manager

    Approve

    • Approved requests are sent to the most efficient channel based on risk, urgency, and complexity.
    • Change is sent to CAB members for final review and approval
    • Accountability: Change Manager
      • Change Advisory Board

    Implement

    • Approved changes are deployed.
    • A rollback plan is created to mitigate risk.
    • Accountability: Change Manager Change Implementer

    Establishing workflows: employ a SIPOC model for process definition

    A good SIPOC (supplier, input, process, output, customer) model helps establish the boundaries of each process step and provides a concise definition of the expected outcomes and required inputs. It’s a useful and recommended next step for every workflow diagram.

    For change management, employ a SIPOC model to outline your CAB process:

    Supplier

    • Who or what organization provides the inputs to the process? The supplier can be internal or external.

    Input

    • What goes into the process step? This can be a document, data, information, or a decision.

    Process

    • Activities that occur in the process step that’s being analyzed.

    Output

    • What does the process step produce? This can be a document, data, information, or a decision.

    Customer

    • Who or what organization(s) takes the output of the process? The customer can be internal or external.

    Optional Fields

    Metrics

    • Top-level indicators that usually relate to the input and output, e.g. turnaround time, risk matrix completeness.

    Controls

    • Checkpoints to ensure process step quality.

    Dependencies

    • Other process steps that require the output.

    RACI

    • Those who are Responsible, Accountable, Consulted, or Informed (RACI) about the input, output, and/or process.

    Establish change workflows: assess requested changes to identify impact and dependencies

    An effective change assessment workflow is a holistic process that leaves no stone unturned in an effort to mitigate risk before any change reaches the approval stage. The four crucial areas of risk in a change workflow are:

    Dependencies

    Identify all components of the change.

    Ask how changes will affect:

    • Services on the same infrastructure?
    • Applications?
    • Infrastructure/app architecture?
    • Security?
    • Ability to support critical systems?

    Business Impact

    Frame the change from a business point of view to identify potential disruptions to business activities.

    Your assessment should cover:

    • Business processes
    • User productivity
    • Customer service
    • BCPs

    SLA Impact

    Each new change can impact the level of service available.

    Examine the impact on:

    • Availability of critical systems
    • Infrastructure and app performance
    • Infrastructure and app capacity
    • Existing disaster recovery plans and procedures

    Required Resources

    Once risk has been assessed, resources need to be identified to ensure the change can be executed.

    These include:

    • People (SMEs, tech support, work effort/duration)
    • System time for scheduled implementation
    • Hardware or software (new or existing, as well as tools)

    Establishing workflows: pinpoint dependencies to identify the need for additional changes

    An assessment of each change and a query of the CMDB needs to be performed as part of the change planning process to mitigate outage risk.

    • A version upgrade on one piece of software may require another component to be upgraded as well. For example, an upgrade to the database management system requires that an application that uses the database be upgraded or modified.
    • The sequence of the release must also be determined, as certain components may need to be upgraded before others. For example, if you upgrade the Exchange Server, a Windows update must be installed prior to the Exchange upgrade.
    • If you do not have a CMDB, consider building a CMDB-lite, which consists of a listing of systems, primary users, SMEs, business owners, and system dependencies (see next slide).

    Services Impacted

    • Have affected services been identified?
    • Have supporting services been identified?
    • Has someone checked the CMDB to ensure all dependencies have been accounted for?
    • Have we referenced the service catalog so the business approves what they’re authorizing?

    Technical Teams Impacted

    • Who will support the change throughout testing and implementation?
    • Will additional support be needed?
    • Do we need outside support from eternal suppliers?
    • Has someone checked the contract to ensure any additional costs have been approved?

    Build a dependency matrix to avoid change related collisions (optional)

    A CMDB-lite does not replace a CMDB but can be a valuable tool to leverage when requesting changes if you do not currently have configuration management. Consider the following inputs when building your own CMDB-lite.

    • System
      • To build a CMDB-lite, start with the top 10 systems in your environment that experience changes. This list can always be populated iteratively.
    • Primary Users
      • Listing the primary users will give a change requester a first glance at the impact of the change.
      • You can also use this information when looking at the change communication and training after the change is implemented.
    • SME/Backup
      • These are the staff that will likely build and implement the change. The backup is listed in case the primary is on holiday.
    • Business System Owner
      • The owner of the system is one of the people needed to sign off on the change. Having their support from the beginning of a change is necessary to build and implement it successfully.
    • Tier 1 Dependency
      • If the primary system experiences and outage, Tier 1 dependency functionality is also lost. To request a change, include the business system owner signoffs of the Tier 1 dependencies of the primary system.
    • Tier 2 Dependency
      • If the primary system experiences an outage, Tier 2 dependency functionality is lost, but there is an available workaround. As with Tier 1, this information can help you build a backout plan in case there is a change-related collision.
    • Tier 3 Dependency
      • Tier 3 functionality is not lost if the primary system experiences an outage, but nice-to-haves such as aesthetics are affected.

    2.2.1 Build a CMDB-lite as a Reference for Requested Changes

    Input

    • Current system ownership documentation

    Output

    • Documented reference for change requests (CMDB-lite)

    Materials

    • Whiteboard/flip charts (or shared screen if working remotely)
    • Sticky notes
    • Markers/pens

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board
    1. Start with a list of your top 10-15 systems/services with the highest volume of changes.
    2. Using a whiteboard, flip chart, or shared screen, complete the table below by filling the corresponding Primary Users, SMEs, Business System Owner, and Dependencies as shown below. It may help to use sticky notes.
    3. Iteratively populate the table as you notice gaps with incoming changes.
    SystemPrimary UsersSMEBackup SME(s)Business System OwnerTier 1 Dependency (system functionality is down)Tier 2 (impaired functionality/ workaround available)Tier 3 Dependency (nice to have)
    Email Enterprise Naomi Amos James
    • ITSMs
    • Scan-to-email
    • Reporting
     
    • Lots
    Conferencing Tool Enterprise Alex Shed James
    • Videoconferencing
    • Conference rooms (can use Facebook messenger instead in worst case scenario)
    • IM
    ITSM (Service Now) Enterprise (Intl.) Anderson TBD Mike
    • Work orders
    • Dashboards
    • Purchasing
     
    ITSM (Manage Engine) North America Bobbie Joseph Mike
    • Work orders
    • Dashboards
    • Purchasing
     

    Establishing workflows: create standards for change approvals to improve efficiency

    • Not all changes are created equal, and not all changes require the same degree of approval. As part of the change management process, it’s important to define who is the authority for each type of change.
    • Failure to do so can create bureaucratic bottlenecks if each change is held to an unnecessary high level of scrutiny, or unplanned outages may occur due to changes circumventing the formal approval process.
    • A balance must be met and defined to ensure the process is not bypassed or bottlenecked.

    Info-Tech Best Practice

    Define a list pre-approved changes and automate them (if possible) using your ITSM solution. This will save valuable time for more important changes in the queue.

    Example:

    Change CategoryChange Authority
    Pre-approved change Department head/manager
    Emergency change E-CAB
    Normal change – low and medium risk CAB
    Normal change – high risk CAB and CIO (for visibility)

    Example process: Normal Change – Change Initiation

    Change initiation allows for assurance that the request is in scope for change management and acts as a filter for out-of-scope changes to be redirected to the proper workflow. Initiation also assesses who may be assigned to the change and the proper category of the change, and results in an RFC to be populated before the change reaches the build and test phase.

    The image is a horizontal flow chart, depicting an example of a change process.

    The change trigger assessment is critical in the DevOps lifecycle. This can take a more formal role of a technical review board (TRB) or, with enough maturity, may be automated. Responsibilities such as deconfliction, dependency identification, calendar query, and authorization identification can be done early in the lifecycle to decrease or eliminate the burden on CAB.

    For the full process, refer to the Change Management Process Library.

    Example process: Normal Change – Technical Build and Test

    The technical build and test stage includes all technical prerequisites and testing needed for a change to pass before proceeding to approval and implementation. In addition to a technical review, a solution consisting of the implementation, rollback, communications, and training plan are also built and included in the RFC before passing it to the CAB.

    The image is a flowchart, showing the process for change during the technical build and test stage.

    For the full process, refer to the Change Management Process Library.

    Example process: Normal Change – Change Approval (CAB)

    Change approval can start with the Change Manager reviewing all incoming RFCs to filter them for completeness and check them for red flags before passing them to the CAB. This saves the CAB from discussing incomplete changes and allows the Change Manager to set a CAB agenda before the CAB meeting. If need be, change approval can also set vendor communications necessary for changes, as well as the final implementation date of the change. The CAB and Change Manager may follow up with the appropriate parties notifying them of the approval decision (accepted, rescheduled, or rejected).

    The image shows a flowchart illustrating the process for change approval.

    For the full process, refer to the Change Management Process Library.

    Example process: Normal Change – Change Implementation

    Changes should not end at implementation. Ensure you define post-implementation activities (documentation, communication, training etc.) and a post-implementation review in case the change does not go according to plan.

    The image is a flowchart, illustrating the work process for change implementation and post-implementation review.

    For the full process, refer to the Change Management Process Library.

    2.2.2 Create a Normal Change Process

    Input

    • Current SOP/workflow library

    Output

    • Normal change process

    Materials

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board
    1. Gather representatives from the change management team.
    2. Using the examples shown on the previous few slides, work as a group to determine the workflow for a normal change, with particular attention to the following sub-processes:
      1. Request
      2. Assessment
      3. Plan
      4. Approve
      5. Implementation and Post-Implementation Activities
    3. Optionally, you may create variations of the workflow for minor, medium, and major changes (e.g. there will be fewer authorizations for minor changes).
    4. For further documentation, you may choose to run the SIPOC activity for your CAB as outlined on this slide.
    5. Document the resulting workflows in the Change Management Process Library and section 11 of your Change Management SOP.

    Download the Change Management Process Library.

    Identify and convert low-risk normal changes to pre-approved once the process is established

    As your process matures, begin creating a list of normal changes that might qualify for pre-approval. The most potential for value in gains from change management comes from re-engineering and automating of high-volume changes. Pre-approved changes should save you time without threatening the live environment.

    IT should flag changes they would like pre-approved:

    • Once your change management process is firmly established, hold a meeting with all staff that make change requests and build changes.
    • Run a training session detailing the traits of pre-approved changes and ask these individuals to identify changes that might qualify.
    • These changes should be submitted to the Change Manager and reviewed, with the help of the CAB, to decide whether or not they qualify for pre-approval.

    Pre-approved changes are not exempt from due diligence:

    • Once a change is designated as pre-approved, the deployment team should create and compile all relevant documentation:
      • An RFC detailing the change, dependencies, risk, and impact.
      • Detailed procedures and required resources.
      • Implementation and backout plan.
      • Test results.
    • When templating the RFC for pre-approved changes, aim to write the documentation as if another SME were to implement it. This reduces confusion, especially if there’s staff turnover.
    • The CAB must approve, sign off, and keep a record of all documents.
    • Pre-approved changes must still be documented and recorded in the CMDB and change log after each deployment.

    Info-Tech Best Practice

    At the beginning of a change management process, there should be few active pre-approved changes. However, prior to launch, you may have IT flag changes for conversion.

    Example process: Pre-Approved Change Process

    The image shows two horizontal flow charts, the first labelled Pre-Approval of Recurring RFC, and the second labelled Implementation of Child RFC.

    For the full process, refer to the Change Management Process Library.

    Review the pre-approved change list regularly to ensure the list of changes are still low-risk and repeatable.

    IT environments change. Don’t be caught by surprise.

    • Changes which were once low-risk and repeatable may cause unforeseen incidents if they are not reviewed regularly.
    • Dependencies change as the IT environment changes. Ensure that the changes on the pre-approved change list are still low-risk and repeatable, and that the documentation is up to date.
    • If dependencies have changed, then move the change back to the normal category for reassessment. It may be redesignated as a pre-approved change once the documentation is updated.

    Info-Tech Best Practice

    Other reasons for moving a pre-approved change back to the normal category is if the change led to an incident during implementation or if there was an issue during implementation.

    Seek new pre-approved change submissions. → Re-evaluate the pre-approved change list every 4-6 months.

    The image shows a horizontal flow chart, depicting the process for a pre-approved change list review.

    For the full process, refer to the Change Management Process Library.

    2.2.3 Create a Pre-Approved Change Process

    Input

    • Current SOP/workflow library

    Output

    • Pre-approved change process

    Materials

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board
    1. Gather representatives from the change management team.
    2. Using the examples shown on the previous few slides, work as a group to determine the workflow for a pre-approved change, with particular attention to the following sub-processes:
      1. Request
      2. Assessment
      3. Plan
      4. Approve
    3. Document the process of a converting a normal change to pre-approved. Include the steps from flagging a low-risk change to creating the related RFC template.
    4. Document the resulting workflows in the Change Management Process Library and sections 4.2 and 13 of your Change Management SOP.

    Reserve the emergency designation for real emergencies

    • Emergency changes have one of the following triggers:
      • A critical incident is impacting user productivity.
      • An imminent critical incident will impact user productivity.
    • Unless a critical incident is being resolved or prevented, the change should be categorized as normal.
    • An emergency change differs from a normal change in the following key aspects:
      • An emergency change is required to recover from a major outage – there must be a validated service desk critical incident ticket.
      • An urgent business requirement is not an “emergency.”
      • An RFC is created after the change is implemented and the outage is over.
      • A review by the full CAB occurs after the change is implemented.
      • The first responder and/or the person implementing the change may not be the subject matter expert for that system.
    • In all cases, an RFC must be created and the change must be reviewed by the full CAB. The review should occur within two business days of the event.
    Sample ChangeQuick CheckEmergency?
    Install the latest critical patches from the vendor. Are the patches required to resolve or prevent an imminent critical incident? No
    A virus or worm invades the network and a patch is needed to eliminate the threat. Is the patch required to resolve or prevent an imminent critical incident? Yes

    Info-Tech Best Practice

    Change requesters should be made aware that senior management will be informed if an emergency RFC is submitted inappropriately. Emergency requests trigger urgent CAB meetings, are riskier to deploy, and delay other changes waiting in the queue.

    Example process: Emergency Change Process

    The image is a flowchart depicting the process for an emergency change process

    When building your emergency change process, have your E-CAB protocol from activity 2.1.4 handy.

    • Focus on the following requirements for an emergency process:
      • E-CAB protocol and scope: Does the SME need authorization first before working on the change or can the SME proceed if no E-CAB members respond?
      • Documentation and communication to stakeholders and CAB after the emergency change is completed.
      • Input from incident management.

    For the full process, refer to the Change Management Process Library.

    2.2.4 Create an Emergency Change Process

    Input

    • Current SOP/workflow library

    Output

    • Emergency change process

    Materials

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board
    1. Gather representatives from the change management team.
    2. Using the examples shown on the previous few slides, work as a group to determine the workflow for an emergency change, with particular attention to the following sub-processes:
      1. Request
      2. Assessment
      3. Plan
      4. Approve
    3. Ensure that the E-CAB protocol from activity 2.1.4 is considered when building your process.
    4. Document the resulting workflows in the Change Management Process Library and section 12 of your Change Management SOP.

    Case Study (part 2 of 4)

    Intel implemented a robust change management process.

    Industry: Technology

    Source: Daniel Grove, Intel

    Challenge

    Founded in 1968, the world’s largest microchip and semiconductor company employs over 100,000 people. Intel manufactures processors for major players in the PC market including Apple, Lenovo, HP, and Dell.

    Intel IT supports over 65,000 servers, 3.2 petabytes of data, over 70,000 PCs, and 2.6 million emails per day.

    Intel’s change management program is responsible for over 4,000 changes each week.

    Solution

    Intel identified 37 different change processes and 25 change management systems of record with little integration.

    Software and infrastructure groups were also very siloed, and this no doubt contributed to the high number of changes that caused outages.

    The task was simple: standards needed to be put in place and communication had to improve.

    Results

    Once process ownership was assigned and the role of the Change Manager and CAB clarified, it was a simple task to streamline and simplify processes among groups.

    Intel designed a new, unified change management workflow that all groups would adopt.

    Automation was also brought into play to improve how RFCs were generated and submitted.

    Phase 3

    Define the RFC and Post-Implementation Activities

    Define Change Management

    1.1 Assess Maturity

    1.2 Categorize Changes and Build Your Risk Assessment

    Establish Roles and Workflows

    2.1 Determine Roles and Responsibilities

    2.2 Build Core Workflows

    Define the RFC and Post-Implementation Activities

    3.1 Design the RFC

    3.2 Establish Post-Implementation Activities

    Measure, Manage, and Maintain

    4.1 Identify Metrics and Build the Change Calendar

    4.2 Implement the Project

    This phase will guide you through the following activities:

    • Design the RFC
    • Establish Post-Implementation Activities

    This phase involves the following participants:

    • IT Director
    • Infrastructure Manager
    • Change Manager
    • Members of the Change Advisory Board

    Step 3.1

    Design the RFC

    Activities

    3.1.1 Evaluate Your Existing RFC Process

    3.1.2 Build the RFC Form

    Define the RFC and Post-Implementation Activities

    Step 3.1: Design the RFC

    Step 3.2: Establish Post-Implementation Activities

    This step involves the following participants:

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board

    Outcomes of this step

    • A full RFC template and process that compliments the workflows for the three change categories

    A request for change (RFC) should be submitted for every non-standard change

    An RFC should be submitted through the formal change management practice for every change that is not a standard, pre-approved change (a change which does not require submission to the change management practice).

    • The RFC should contain all the information required to approve a change. Some information will be recorded when the change request is first initiated, but not everything will be known at that time.
    • Further information can be added as the change progresses through its lifecycle.
    • The level of detail that goes into the RFC will vary depending on the type of change, the size, and the likely impact of the change.
    • Other details of the change may be recorded in other documents and referenced in the RFC.

    Info-Tech Insight

    Keep the RFC form simple, especially when first implementing change management, to encourage the adoption of and compliance with the process.

    RFCs should contain the following information, at a minimum:

    1. Contact information for requester
    2. Description of change
    3. References to external documentation
    4. Items to be changed, reason for the change, and impact of both implementing and not implementing the change
    5. Change type and category
    6. Priority and risk assessment
    7. Predicted time frame, resources, and cost
    8. Backout or remediation plan
    9. Proposed approvers
    10. Scheduled implementation time
    11. Communications plan and post-implementation review

    3.1.1 Evaluate Your Existing RFC Process

    Input

    • Current RFC form or stock ITSM RFC
    • Current SOP (if available)

    Output

    • List of changes to the current RFC form and RFC process

    Materials

    Participants

    • IT Director
    • Infrastructure Manager
    • Change Manager
    • Members of the Change Advisory Board
    1. If the organization is already using an RFC form, review it as a group now and discuss its contents:
      • Does this RFC provide adequate information for the Change Manager and/or CAB to review?
      • Should any additional fields be added?
    2. Show the participants Info-Tech’s Request for Change Form Template and compare it to the one the organization is currently using.
    3. As a group, finalize an RFC table of contents that will be used to formalize a new or improved RFC.
    4. Decide which fields should be filled out by the requester before the initial RFC is submitted to the Change Manager:
      • Many sections of the RFC are relevant for change assessment and review. What information does the Change Manager need when they first receive a request?
      • The Change Manager needs enough information to ensure that the change is in scope and has been properly categorized.
    5. Decide how the RFC form should be submitted and reviewed; this can be documented in section 5 of your Change Management SOP.

    Download the Request for Change Form Template.

    Design the RFC to encourage process buy-in

    • When building the RFC, split the form up into sections that follow the normal workflow (e.g. Intake, Assessment and Build, Approval, Implementation/PIR). This way the form walks the requester through what needs to be filled and when.
    • Revisit the form periodically and solicit feedback to continually improve the user experience. If there’s information missing on the RFC that the CAB would like to know, add the fields. If there are sections that are not used or not needed for documentation, remove them.
    • Make sure the user experience surrounding your RFC form is a top priority – make it accessible, otherwise change requesters simply will not use it.
    • Take advantage of your ITSM’s dropdown lists, automated notifications, CMDB integrations, and auto-generated fields to ease the process of filling the RFC

    Draft:

    • Change requester
    • Requested date of deployment
    • Change risk: low/medium/high
    • Risk assessment
    • Description of change
    • Reason for change
    • Change components

    Technical Build:

    • Assess change:
      • Dependencies
      • Business impact
      • SLA impact
      • Required resources
      • Query the CMS
    • Plan and test changes:
      • Test plan
      • Test results
      • Implementation plan
      • Backout plan
      • Backout plan test results

    CAB:

    • Approve and schedule changes:
      • Final CAB review
      • Communications plan

    Complete:

    • Deploy changes:
      • Post-implementation review

    Designing your RFC: RFC draft

    • Change requester – link your change module to the active directory to pull the change requester’s contact information automatically to save time.
    • A requested date of deployment gives approvers information on timeline and can be used to query the change calendar for possible conflicts
    • Information about risk assessment based on impact and likelihood questionnaires are quick to fill out but provide a lot of information to the CAB. The risk assessment may not be complete at the draft stage but can be updated as the change is built. Ensure this field is up-to- date before it reaches CAB.
    • If you have a technical review stage where changes are directed to the proper workflow and resourcing is assessed, the description, reason, and change components are high-level descriptors of the change that will aid in discovery and lining the change up with the business vision (viability from both a technical and business standpoint).
    • Change requester
    • Requested date of deployment
    • Change Risk: low/medium/high
    • Risk assessment
    • Description of change
    • Reason for change
    • Change components

    Use the RFC to point to documentation already gathered in the DevOps lifecycle to cut down on unnecessary manual work while maintaining compliance.

    Designing your RFC: technical build

    • Dependencies and CMDB query, along with the proposed implementation date, are included to aid in calendar deconfliction and change scheduling. If there’s a conflict, it’s easier to reschedule the proposed change early in the lifecycle.
    • Business, SLA impact, and required resources can be tracked to provide the CAB with information on the business resources required. This can also be used to prioritize the change if conflicts arise.
    • Implementation, test, and backout plans must be included and assessed to increase the probability that a change will be implemented without failure. It’s also useful in the case of PIRs to determine root causes of change-related incidents.
    • Assess change:
      • Dependencies
      • Business impact
      • SLA impact
      • Required resources
      • Query the CMS
    • Plan and test changes:
      • Test plan
      • Test results
      • Implementation plan
      • Backout plan
      • Backout plan test results

    Designing your RFC: approval and deployment

    • Documenting approval, rejection, and rescheduling gives the change requester the go-ahead to proceed with the change, rationale on why it was prioritized lower than another change (rescheduled), or rationale on rejection.
    • Communications plans for appropriate stakeholders can also be modified and forwarded to the communications team (e.g. service desk or business system owners) before deployment.
    • Post-implementation activities and reviews can be conducted if need be before a change is closed. The PIR, if filled out, should then be appended to any subsequent changes of the same nature to avoid making the same mistake twice.
    • Approve and schedule changes:
      • Final CAB review
      • Communications plan
    • Deploy changes:
      • Post-implementation review

    Standardize the request for change protocol

    1. Submission Standards
      • Electronic submission will make it easier for CAB members to review the documentation.
      • As the change goes through the assessment, plan, and test phase, new documentation (assessments, backout plans, test results, etc.) can be attached to the digital RFC for review by CAB members prior to the CAB meeting.
      • Change management software won’t be necessary to facilitate the RFC submission and review; a content repository system, such as SharePoint, will suffice.
    2. Designate the first control point
      • All RFCs should be submitted to a single point of contact.
      • Ideally, the Change Manager or Technical Review Board should fill this role.
      • Whoever is tasked with this role needs the subject matter expertise to ensure that the change has been categorized correctly, to reject out-of-scope requests, or to ask that missing information be provided before the RFC moves through the full change management practice.

    Info-Tech Best Practice

    Technical and SME contacts should be noted in each RFC so they can be easily consulted during the RFC review.

    3.1.2 Build the RFC Form

    Input

    • Current RFC form or stock ITSM RFC
    • Current SOP (if available)

    Output

    • List of changes to the current RFC and RFC process

    Materials

    Participants

    • IT Director
    • Infrastructure Manager
    • Change Manager
    • Members of the Change Advisory Board
    1. Use Info-Tech’s Request for Change Form Template as a basis for your RFC form.
    2. Use this template to standardize your change request process and ensure that the appropriate information is documented effectively each time a request is made. The change requester and Change Manager should consolidate all information associated with a given change request in this form. This form will be submitted by the change requester and reviewed by the Change Manager.

    Case Study (part 3 of 4)

    Intel implemented automated RFC form generation.

    Industry: Technology

    Source: Daniel Grove, Intel

    Challenge

    Founded in 1968, the world’s largest microchip and semiconductor company employs over 100,000 people. Intel manufactures processors for major players in the PC market including Apple, Lenovo, HP, and Dell.

    Intel IT supports over 65,000 servers, 3.2 petabytes of data, over 70,000 PCs, and 2.6 million emails per day.

    Intel’s change management program is responsible for over 4,000 changes each week.

    Solution

    One of the crucial factors that was impacting Intel’s change management efficiency was a cumbersome RFC process.

    A lack of RFC usage was contributing to increased ad hoc changes being put through the CAB, and rescheduled changes were quite high.

    Additionally, ad hoc changes were also contributing heavily to unscheduled downtime within the organization.

    Results

    Intel designed and implemented an automated RFC form generator to encourage end users to increase RFC usage.

    As we’ve seen with RFC form design, the UX/UI of the form needs to be top notch, otherwise end users will simply circumvent the process. This will contribute to the problems you are seeking to correct.

    Thanks to increased RFC usage, Intel decreased emergency changes by 50% and reduced change-caused unscheduled downtime by 82%.

    Step 3.2

    Establish Post-Implementation Activities

    Activities

    3.2.1 Determine When the CAB Would Reject Tested Changes

    3.2.2 Create a Post-Implementation Activity Checklist

    Define the RFC and Post-Implementation Activities

    Step 3.1: Design RFC

    Step 3.2: Establish Post-Implementation Activities

    This step involves the following participants:

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board

    Outcomes of this step

    • A formalized post-implementation process for continual improvement

    Why would the CAB reject a change that has been properly assessed and tested?

    Possible reasons the CAB would reject a change include:

    • The product being changed is approaching its end of life.
    • The change is too costly.
    • The timing of the change conflicts with other changes.
    • There could be compliance issues.
    • The change is actually a project.
    • The risk is too high.
    • There could be regulatory issues.
    • The peripherals (test, backout, communication, and training plans) are incomplete.

    Info-Tech Best Practice

    Many reasons for rejection (listed above) can be caught early on in the process during the technical review or change build portion of the change. The earlier you catch these reasons for rejection, the less wasted effort there will be per change.

    Sample RFCReason for CAP Rejection
    There was a request for an update to a system that a legacy application depends on and only a specific area of the business was aware of the dependency. The CAB rejects it due to the downstream impact.
    There was a request for an update to a non-supported application, and the vendor was asking for a premium support contract that is very costly. It’s too expensive to implement, despite the need for it. The CAB will wait for an upgrade to a new application.
    There was a request to update application functionality to a beta release. The risk outweighs the business benefits.

    Determine When the CAB Would Reject Tested Changes

    Input

    • Current SOP (if available)

    Output

    • List of reasons to reject tested changes

    Materials

    • Whiteboard/flip charts (or shared screen if working remotely)
    • Projector
    • Markers/pens
    • Laptop with ITSM admin access
    • Project Summary Template

    Participants

    • IT Director
    • Infrastructure Manager
    • Change Manager
    • Members of the Change Advisory Board

    Avoid hand-offs to ensure a smooth implementation process

    The implementation phase is the final checkpoint before releasing the new change into your live environment. Once the final checks have been made to the change, it’s paramount that teams work together to transition the change effectively rather than doing an abrupt hand-off. This could cause a potential outage.

    1.

    • Deployment resources identified, allocated, and scheduled
    • Documentation complete
    • Support team trained
    • Users trained
    • Business sign-off
    • Target systems identified and ready to receive changes
    • Target systems available for installation maintenance window scheduled
    • Technical checks:
      • Disk space available
      • Pre-requisites met
      • Components/Services to be updated are stopped
      • All users disconnected
    • Download Info-Tech’sChange Management Pre-Implementation Checklist

    Implement change →

    2.

    1. Verification – once the change has been implemented, verify that all requirements are fulfilled.
    2. Review – ensure that all affected systems and applications are operating as predicted. Update change log.
    3. Transition – a crucial phase of implementation that’s often overlooked. Once the change implementation is complete from a technical point of view, it’s imperative that the team involved with the change inform and train the group responsible for managing the new change.

    Create a backout plan to reduce the risk of a failed change

    Every change process needs to plan for the potential for failure and how to address it effectively. Change management’s solution to this problem is a backout plan.

    A backout plan needs to contain a record of the steps that need to be taken to restore the live environment back to its previous state and maintain business continuity. A good backout plan asks the following questions:

    1. How will failure be determined? Who will make the determination to back out of a change be made and when?
    2. Do we fix on fail or do we rollback to the previous configuration?
    3. Is the service desk aware of the impending change? Do they have proper training?

    Notify the Service Desk

    • Notify the Service Desk about backout plan initiation.

    Disable Access

    • Disable user access to affected system(s).

    Conduct Checks

    • Conduct checks to all affected components.

    Enable User Access

    • Enable user access to affected systems.

    Notify the Service Desk

    • Notify the service desk that the backout plan was successful.

    Info-Tech Best Practice

    As part of the backout plan, consider the turnback point in the change window. That is, the point within the change window where you still have time to fully back out of the change.

    Ensure the following post-implementation review activities are completed

    Service Catalog

    Update the service catalog with new information as a result of the implemented change.

    CMDB

    Update new dependencies present as a result of the new change.

    Asset DB

    Add notes about any assets newly affected by changes.

    Architecture Map

    Update your map based on the new change.

    Technical Documentation

    Update your technical documentation to reflect the changes present because of the new change.

    Training Documentation

    Update your training documentation to reflect any information about how users interact with the change.

    Use a post-implementation review process to promote continual improvement

    The post-implementation review (PIR) is the most neglected change management activity.

    • All changes should be reviewed to understand the reason behind them, appropriateness, and recommendations for next steps.
    • The Change Manager manages the completion of information PIRs and invites RFC originators to present their findings and document the lessons learned.

    Info-Tech Best Practice

    Review PIR reports at CAB meetings to highlight the root causes of issues, action items to close identified gaps, and back-up documentation required. Attach the PIR report to the relevant RFC to prevent similar changes from facing the same issues in the future.

    1. Why do a post-implementation review?
      • Changes that don’t fail but don’t perform well are rarely reviewed.
      • Changes may fail subtly and still need review.
      • Changes that cause serious failures (i.e. unplanned downtime) receive analysis that is unnecessarily in-depth.
    2. What are the benefits?
      • A proactive, post-implementation review actually uses less resources than reactionary change reviews.
      • Root-cause analysis of failed changes, no matter what the impact.
      • Insight into changes that took longer than projected.
      • Identification of previously unidentified risks affecting changes.

    Determine the strategy for your PIR to establish a standardized process

    Capture the details of your PIR process in a table similar to the one below.

    Frequency Part of weekly review (IT team meeting)
    Participants
    • Change Manager
    • Originator
    • SME/supervisor/impacted team(s)

    Categories under review

    Current deviations and action items from previous PIR:

    • Complete
    • Partially complete
    • Complete, late
    • Change failed, rollback succeeded
    • Change failed, rollback failed
    • Major deviation from implementation plan
    Output
    • Root cause or failure or deviation
    • External factors
    • Remediation focus areas
    • Remediation timeline (follow-up at appropriate time)
    Controls
    • Reviewed at next CAB meeting
    • RFC close is dependent on completion of PIR
    • Share with the rest of the technical team
    • Lessons learned stored in the knowledgebase and attached to RFC for easy search of past issues.

    3.2.2 Create a Post-Implementation Activity Checklist

    Input

    • Current SOP (if available)

    Output

    • List of reasons to reject tested changes

    Materials

    Participants

    • CIO
    • IT Managers
    • Change Manager
    • Members of the Change Advisory Board
    1. Gather representatives from the change management team.
    2. Brainstorm duties to perform following the deployment of a change. Below is a sample list:
      • Example:
        • Was the deployment successful?
          • If no, was the backout plan executed successfully?
        • List change-related incidents
        • Change assessment
          • Missed dependencies
          • Inaccurate business impact
          • Incorrect SLA impact
          • Inaccurate resources
            • Time
            • Staff
            • Hardware
        • System testing
        • Integration testing
        • User acceptance testing
        • No backout plan
        • Backout plan failure
        • Deployment issues
    3. Record your results in the Change Management Post-Implementation Checklist.

    Download the Change Management Post-Implementation Checklist

    Case Study

    Microsoft used post-implementation review activities to mitigate the risk of a critical Azure outage.

    Industry: Technology

    Source: Jason Zander, Microsoft

    Challenge

    In November 2014, Microsoft deployed a change intended to improve Azure storage performance by reducing CPU footprint of the Azure Table Front-Ends.

    The deployment method was an incremental approach called “flighting,” where software and configuration deployments are deployed incrementally to Azure infrastructure in small batches.

    Unfortunately, this software deployment caused a service interruption in multiple regions.

    Solution

    Before the software was deployed, Microsoft engineers followed proper protocol by testing the proposed update. All test results pointed to a successful implementation.

    Unfortunately, engineers pushed the change out to the entire infrastructure instead of adhering to the traditional flighting protocol.

    Additionally, the configuration switch was incorrectly enabled for the Azure Blob storage Front-Ends.

    A combination of the two mistakes exposed a bug that caused the outage.

    Results

    Thankfully, Microsoft had a backout plan. Within 30 minutes, the change was rolled back on a global scale.

    It was determined that policy enforcement was not integrated across the deployment system. An update to the system shifted the process of policy enforcement from human-based decisions and protocol to automation via the deployment platform.

    Defined PIR activities enabled Microsoft to take swift action against the outage and mitigate the risk of a serious outage.

    Phase 4

    Measure, Manage, and Maintain

    Define Change Management

    1.1 Assess Maturity

    1.2 Categorize Changes and Build Risk Assessment

    Establish Roles and Workflows

    2.1 Determine Roles and Responsibilities

    2.2 Build Core Workflows

    Define RFC and Post-Implementation Activities

    3.1 Design RFC

    3.2 Establish post-implementation activities

    Measure, Manage, and Maintain

    4.1 Identify Metrics and Build the Change Calendar

    4.2 Implement the Project

    This phase will guide you through the following activities:

    • Identify Metrics and Build the Change Calendar
    • Implement the Project

    This phase involves the following participants:

    • CIO/IT Director
    • IT Managers
    • Change Manager

    Step 4.1

    Identify Metrics and Build the Change Calendar

    Activities

    4.1.1 Create an Outline for Your Change Calendar

    4.1.2 Determine Metrics, Key Performance Indicators (KPIs), and Critical Success Factors (CSFs)

    4.1.3 Track and Record Metrics Using the Change Management Metrics Tool

    Measure, Manage, and Maintain

    Step 4.1: Identify Metrics and Build the Change Calendar

    Step 4.2: Implement the Project

    This step involves the following participants:

    • CIO/IT Director
    • IT Managers
    • Change Manager

    Outcomes of this step

    • Clear definitions of change calendar content
    • Guidelines for change calendar scheduling
    • Defined metrics to measure the success of change management with associated reports, KPIs, and CSFs

    Enforce a standard method of prioritizing and scheduling changes

    The impact of not deploying the change and the benefit of deploying it should determine its priority.

    Risk of Not Deploying

    • What is the urgency of the change?
    • What is the risk to the organization if the change is not deployed right away?
    • Will there be any lost productivity, service disruptions, or missed critical business opportunities?
      • Timing
        • Does the proposed timing work with the approved changes already on the change schedule?
        • Has the change been clash checked so there are no potential conflicts over services or resources?
      • Once prioritized, a final deployment date should be set by the CAB. Check the change calendar first to avoid conflicts.

    Positive Impact of Deployment

    • What benefits will be realized once the change is deployed?
    • How significant is the opportunity that triggered the change?
    • Will the change lead to a positive business outcome (e.g. increased sales)?

    “The one who has more clout or authority is usually the one who gets changes scheduled in the time frame they desire, but you should really be evaluating the impact to the organization. We looked at the risk to the business of not doing the change, and that’s a good way of determining the criticality and urgency of that change.” – Joseph Sgandurra, Director, Service Delivery, Navantis

    Info-Tech Insight

    Avoid a culture where powerful stakeholders are able to push change deployment on an ad hoc basis. Give the CAB the full authority to make approval decisions based on urgency, impact, cost, and availability of resources.

    Develop a change schedule to formalize the planning process

    A change calendar will help the CAB schedule changes more effectively and increase visibility into upcoming changes across the organization.

    1. Establish change windows in a consistent change schedule:
      • Compile a list of business units that would benefit from a change.
      • Look for conflicts in the change schedule.
      • Avoid scheduling two or more major business units in a day.
      • Consider clients when building your change windows and change schedule.
    2. Gain commitments from key participants:
      • These individuals can confirm if there are any unusual or cyclical business requirements that will impact the schedule.
    3. Properly control your change calendar to improve change efficiency:
      • Look at the proposed start and end times: Are they sensible? Does the implementation window leave time for anything going wrong or needing to roll back the change?
      • Special considerations: Are there special circumstances that need to be considered? Ask the business if you don’t know.
      • The key principle is to have a sufficient window available for implementing changes so you only need to set up calendar freezes for sound business or technical reasons.

    Our mantra is to put it on the calendar. Even if it’s a preapproved change and doesn’t need a vote, having it on the calendar helps with visibility. The calendar is the one-stop shop for scheduling and identifying change dependencies.“ – Wil Clark, Director of Service and Performance Management, University of North Texas Systems

    Provide clear definitions of what goes on the change calendar and who’s responsible

    Roles

    • The Change Manager will be responsible for creating and maintaining a change calendar.
    • Only the Change Manager can physically alter the calendar by adding a new change after the CAB has agreed upon a deployment date.
    • All other CAB members, IT support staff, and other impacted stakeholders should have access to the calendar on a read-only basis to prevent people from making unauthorized changes to deployment dates.

    Inputs

    • Freeze periods for individual business departments/applications (e.g. finance month-end periods, HR payroll cycle, etc. – all to be investigated).
    • Maintenance windows and planned outage periods.
    • Project schedules, and upcoming major/medium changes.
    • Holidays.
    • Business hours (some departments work 9-5, others work different hours or in different time zones, and user acceptance testing may require business users to be available).

    Guidelines

    • Business-defined freeze periods are the top priority.
    • No major or medium normal changes should occur during the week between Christmas and New Year’s Day.
    • Vendor SLA support hours are the preferred time for implementing changes.
    • The vacation calendar for IT will be considered for major changes.
    • Change priority: High > Medium > Low.
    • Minor changes and preapproved changes have the same priority and will be decided on a case-by-case basis.

    The change calendar is a critical pre-requisite to change management in DevOps. Use the calendar to be proactive with proposed implementation dates and deconfliction before the change is finished.

    4.1.1 Create Guidelines for Your Change Calendar

    Input

    • Current change calendar guidelines

    Output

    • Change calendar inputs and schedule checklist

    Materials

    Participants

    • Change Manager
    • Members of the Change Advisory Board
    • Service Desk Manager
    • Operations (optional)
    1. Gather representatives from the change management team.
      • Example:
        • The change calendar/schedule includes:
          • Approved and scheduled normal changes.
          • Scheduled project work.
          • Scheduled maintenance windows.
          • Change freeze periods with affected users noted:
            • Daily/weekly freeze periods.
            • Monthly freeze periods.
            • Annual freeze periods.
            • Other critical business events.
    2. Create a checklist to run through before each change is scheduled:
      • Check the schedule and assess resource availability:
        • Will user productivity be impacted?
        • Are there available resources (people and systems) to implement the change?
        • Is the vendor available? Is there a significant cost attached to pushing change deployment before the regularly scheduled refresh?
        • Are there dependencies? Does the deployment of one change depend on the earlier deployment of another?
    3. Record your results in your Project Summary Template.

    Start measuring the success of your change management project using three key metrics

    Number of change-related incidents that occur each month

    • Each month, record the number of incidents that can be directly linked to a change. This can be done using an ITSM tool or manually by service desk staff.
    • This is a key success metric: if you are not tracking change-related incidents yet, start doing so as soon as possible. This is the metric that the CIO and business stakeholders will be most interested in because it impacts users directly.

    Number of unauthorized changes applied each month

    • Each month, record the number of changes applied without approval. This is the best way to measure adherence to the process.
    • If this number decreases, it demonstrates a reduction in risk, as more changes are formally assessed and approved before being deployed.

    Percentage of emergency changes

    • Each month, compare the number of emergency change requests to the total number of change requests.
    • Change requesters often designate changes as emergencies as a way of bypassing the process.
    • A reduction in emergency changes demonstrates that your process is operating smoothly and reduces the risk of deploying changes that have not been properly tested.

    Info-Tech Insight

    Start simple. Metrics can be difficult to tackle if you’re starting from scratch. While implementing your change management practice, use these three metrics as a starting point, since they correlate well with the success of change management overall. The following few slides provide more insight into creating metrics for your change process.

    If you want more insight into your change process, measure the progress of each step in change management with metrics

    Improve

    • Number of repeat failures (i.e. making the same mistake twice)
    • Number of changes converted to pre-approved
    • Number of changes converted from pre-approved back to normal

    Request

    • What percentage of change requests have errors or lack appropriate support?
    • What percentage of change requests are actually projects, service requests, or operational tasks?
    • What percentage of changes have been requested before (i.e. documented)?

    Assess

    • What percentage of change requests are out of scope?
    • What percentage of changes have been requested before (i.e. documented)?
    • What are the percentages of changes by category (normal, pre-approved, emergency)?

    Plan

    • What percentage of change requests are reviewed by the CAB that should have been pre-approved or emergency (i.e. what percentage of changes are in the wrong category)?

    Approve

    • Number of changes broken down by department (business unit/IT department to be used in making core/optional CAB membership more efficient)
    • Number of workflows that can be automated

    Implement

    • Number of changes completed on schedule
    • Number of changes rolled back
    • What percentage of changes caused an incident?

    Use metrics to inform project KPIs and CSFs

    Leverage the metrics from the last slide and convert them to data communicable to IT, management, and leadership

    • To provide value, metrics and measurements must be actionable. What actions can be taken as a result of the data being presented?
    • If the metrics are not actionable, there is no value and you should question the use of the metric.
    • Data points in isolation are mostly meaningless to inform action. Observe trends in your metrics to inform your decisions.
    • Using a framework to develop measurements and metrics provides a defined methodology that enables a mapping of base measurements through CSFs.
    • Establishing the relationship increases the value that measurements provide.

    Purposely use SDLC and change lifecycle metrics to find bottlenecks and automation candidates.

    Metrics:

    Metrics are easily measured datapoints that can be pulled from your change management tool. Examples: Number of changes implemented, number of changes without incident.

    KPIs:

    Key Performance Indicators are metrics presented in a way that is easily digestible by stakeholders in IT. Examples: Change efficiency, quality of changes.

    CSFs:

    Critical Success Factors are measures of the business success of change management taken by correlating the CSF with multiple KPIs. Examples: consistent and efficient change management process, a change process mapped to business needs

    List in-scope metrics and reports and align them to benefits

    Metric/Report (by team)Benefit
    Total number of RFCs and percentages by category (pre-approved, normal, emergency, escalated support, expedited)
    • Understand change management activity
    • Tracking maturity growth
    • Identifying “hot spots”
    Pre-approved change list (and additions/removals from the list) Workload and process streamlining (i.e. reduce “red tape” wherever possible)
    Average time between RFC lifecycle stages (by service/application) Advance planning for proposed changes
    Number of changes by service/application/hardware class
    • Identifying weaknesses in the architecture
    • Vendor-specific TCO calculations
    Change triggers Business- vs. IT-initiated change
    Number of RFCs by lifecycle stage Workload planning
    List of incidents related to changes Visible failures of the CM process
    Percentage of RFCs with a tested backout/validation plan Completeness of change planning
    List of expedited changes Spotlighting poor planning and reducing the need for this category going forward (“The Hall of Shame”)
    CAB approval rate Change coordinator alignment with CAB priorities – low approval rate indicates need to tighten gatekeeping by the change coordinator
    Calendar of changes Planning

    4.1.2 Determine Metrics, Key Performance Indicators (KPIs), and Critical Success Factors (CSFs)

    Input

    • Current metrics

    Output

    • List of trackable metrics, KPIs and CSFs

    Materials

    Participants

    • Change Manager
    • Members of the Change Advisory Board
    • Service Desk Manager
    • Operations (optional)
    1. Draw three tables for metrics, KPIs, and CSFs.
    2. Starting with the CSF table, fill in all relevant CSFs that your group wishes to track and measure.
    3. Next, work to determine relevant KPIs correlated with the CSFs and metrics needed to measure the KPIs. Use the tables included below (taken from section 14 of the Change Management SOP) to guide the process.
    4. Record the results in the tables in section 14 of your Change Management SOP.
    5. Decide on where and when to review the metrics to discuss your change management strategy. Designate and owner and record in the RACI and Communications section of your Change Management SOP.
    Ref #Metric

    M1

    Number of changes implemented for a time period
    M2 Number of changes successfully implemented for a time period
    M3 Number of changes implemented causing incidents
    M4 Number of accepted known errors when change is implemented
    M5 Total days for a change build (specific to each change)
    M6 Number of changes rescheduled
    M7 Number of training questions received following a change
    Ref#KPIProduct
    K1 Successful changes for a period of time (approach 100%) M2 / M1 x 100%
    K2 Changes causing incidents (approach 0%) M3 / M1 x 100%
    K3 Average days to implement a change ΣM5 / M1
    K4 Change efficiency (approach 100%) [1 - (M6 / M1)] x 100%
    K5 Quality of changes being implemented (approach 100%) [1 - (M4 / M1)] x 100%
    K6 Change training efficiency (approach 100%) [1 - (M7 / M1)] x 100%
    Ref#CSFIndicator
    C1 Successful change management process producing quality changes K1, K5
    C2 Consistent efficient change process K4, K6
    C3 Change process maps to business needs K5, K6

    Measure changes in selected metrics to evaluate success

    Once you have implemented a standardized change management practice, your team’s goal should be to improve the process, year over year.

    • After a process change has been implemented, it’s important to regularly monitor and evaluate the CSFs, KPIs, and metrics you chose to evaluate. Examine whether the process change you implemented has actually resolved the issue or achieved the goal of the critical success factor.
    • Establish a schedule for regularly reviewing the key metrics. Assess changes in those metrics and determine progress toward reaching objectives.
    • In addition to reviewing CSFs, KPIs, and metrics, check in with the release management team and end users to measure their perceptions of the change management process once an appropriate amount of time has passed.
    • Ensure that metrics are telling the whole story and that reporting is honest in order to be informative.

    Outcomes of standardizing change management should include:

    1. Improved efficiency, effectiveness, and quality of changes.
    2. Changes and processes are more aligned with the business needs and strategy.
    3. Improved maturity of change processes.

    Info-Tech Best Practice

    Make sure you’re measuring the right things and considering all sources of information. It’s very easy to put yourself in a position where you’re congratulating yourselves for improving on a specific metric such as number of releases per month, but satisfaction remains low.

    4.1.3 Track and Record Metrics Using the Change Management Metrics Tool

    Input

    • Current metrics

    Output

    • List of trackable metrics, KPIs and CSFs to be observed over the length of a year

    Materials

    Participants

    • Change Manager
    • Members of the Change Advisory Board
    • Service Desk Manager
    • Operations (optional)

    Tracking the progress of metrics is paramount to the success of any change management process. Use Info-Tech’s Change Management Metrics Tool to record metrics and track your progress. This tool is intended to be a substitute for organizations who do not have the capability to track change-related metrics in their ITSM tool.

    1. Input metrics from the previous activity to track over the course of a year.
    2. To record your metrics, open the tool and go to tab 2. The tool is currently primed to record and track five metrics. If you need more than that, you can edit the list in the hidden calculations tab.
    3. To see the progress of your metrics, move to tab 3 to view a dashboard of all metrics in the tool.

    Download the Change Management Metrics Tool

    Case Study

    A federal credit union was able to track maturity growth through the proper use of metrics.

    Industry: Federal Credit Union (anonymous)

    Source: Info-Tech Workshop

    Challenge

    At this federal credit union, the VP of IT wanted a tight set of metrics to engage with the business, communicate within IT, enable performance management of staff, and provide visibility into workload demands, among other requirements.

    The organization was suffering from “metrics fatigue,” with multiple reports being generated from all groups within IT, to the point that weekly/monthly reports were being seen as spam.

    Solution

    Stakeholders were provided with an overview of change management benefits and were asked to identify one key attribute that would be useful to their specific needs.

    Metrics were designed around the stakeholder needs, piloted with each stakeholder group, fine-tuned, and rolled out.

    Some metrics could not be automated off-the-shelf and were rolled out in a manual fashion. These metrics were subsequently automated and finally made available through a dashboard.

    Results

    The business received clear guidance regarding estimated times to implement changes across different elements of the environment.

    The IT managers were able to plan team workloads with visibility into upstream change activity.

    Architects were able to identify vendors and systems that were the leading source of instability.

    The VP of IT was able to track the maturity growth of the change management process and proactively engage with the business on identified hot spots.

    Step 4.2

    Implement the Project

    Activities

    4.2.1 Use a Communications Plan to Gain End User Buy-In

    4.2.2 Create a Project Roadmap to Track Your Implementation Progress

    Measure, Manage, and Maintain

    Step 4.1: Identify Metrics and Build the Change Calendar

    Step 3.2: Implement the Project

    This step involves the following participants:

    • CIO/IT Director
    • IT Managers
    • Change Manager

    Outcomes of this step

    • A communications plan for key messages to communicate to relevant stakeholders and audiences
    • A roadmap with assigned action items to implement change management

    Success of the new process will depend on introducing change and gaining acceptance

    Change management provides value by promptly evaluating and delivering changes required by the business and by minimizing disruption and rework caused by failed changes. Communication of your new change management process is key. If people do not understand the what and why, it will fail to provide the desired value.

    Info-Tech Best Practice

    Gather feedback from end users about the new process: if the process is too bureaucratic, end users are more likely to circumvent it.

    Main Challenges with Communication

    • Many people fail before they even start because they are buried in a mess created before they arrived – either because of a failed attempt to get change management implemented or due to a complicated system that has always existed.
    • Many systems are maintained because “that’s the way it’s always been done.”
    • Organizations don’t know where to start; they think change management is too complex a process.
    • Each group needs to follow the same procedure – groups often have their own processes, but if they don’t agree with one another, this could cause an outage.

    Educate affected stakeholders to prepare for organizational change

    An organizational change management plan should be part of your change management project.

    • Educate stakeholders about:
      • The process change (describe it in a way that the user can understand and is clear and concise).
        • IT changes will be handled in a standardized and repeatable fashion to minimize change-related incidents.
      • Who is impacted?
        • All users.
      • How are they impacted?
        • All change requests will be made using a standard form and will not be deployed until formal approval is received.
      • Change messaging.
        • How to communicate the change (benefits).
      • Learning and development – training your users on the change.
        • Develop and deliver training session on the Change Management SOP to familiarize users with this new method of handling IT change.

    Host a lunch-and-learn session

    • For the initial deployment, host a lunch-and-learn session to educate the business on the change management practice. Relevant stakeholders of affected departments should host it and cover the following topics:
    • What is change management (change management/change control)?
    • The value of change management.
    • What the Change Management SOP looks like.
    • Who is involved in the change management process (the CAB, etc.)?
    • What constitutes a pre-approved change and an emergency change?
    • An overview of the process, including how to avoid unauthorized changes.
    • Who should they contact in case of questions?

    Communicate the new process to all affected stakeholders

    Do not surprise users or support staff with changes. This will result in lost productivity and low satisfaction with IT services.

    • User groups and the business need to be given sufficient notice of an impending change.
    • This will allow them to make appropriate plans to accept the change, minimizing the impact of the change on productivity.
    • A communications plan will be documented in the RFC while the release is being built and tested.
    • It’s the responsibility of the change team to execute on the communications plan.

    Info-Tech Insight

    The success of change communication can be measured by monitoring the number of service desk tickets related to a change that was not communicated to users.

    Communication is crucial to the integration and overall implementation of your change management initiative. An effective communications plan will:

    • Gain support from management at the project proposal phase.
    • Create end-user buy-in once the program is set to launch.
    • Maintain the presence of the program throughout the business.
    • Instill ownership throughout the business from top-level management to new hires.

    Create your communications plan to anticipate challenges, remove obstacles, and ensure buy-in

    Management

    Technicians

    Business Stakeholders

    Provide separate communications to key stakeholder groups

    Why? What problems are you trying to solve?

    What? What processes will it affect (that will affect me)?

    Who? Who will be affected? Who do I go to if I have issues with the new process?

    When? When will this be happening? When will it affect me?

    How? How will these changes manifest themselves?

    Goal? What is the final goal? How will it benefit me?

    Info-Tech Insight

    Pay close attention to the medium of communication. For example, stakeholders on their feet all day would not be as receptive to an email communication compared to those who primarily work in front of a computer. Put yourself into various stakeholders’ shoes to craft a tailored communication of change management.

    4.2.1 Use a Communications Plan to Gain End User Buy-In

    Input

    • List of stakeholder groups for change management

    Output

    • Tailored communications plans for various stakeholder groups

    Materials

    Participants

    • Change Manager
    • Members of the Change Advisory Board
    • Service Desk Manager
    • Operations (optional)
    1. Using Info-Tech’s Change Management Communications Plan, identify key audiences or stakeholder groups that will be affected by the new change management practice.
    2. For each group requiring a communications plan, identify the following:
      • The benefits for that group of individuals.
      • The impact the change will have on them.
      • The best communication method(s) for them.
      • The time frame of the communication.
    3. Complete this information in a table like the one below:
    GroupBenefitsImpactMethodTimeline
    IT Standardized change process All changes must be reviewed and approved Poster campaign 6 months
    End Users Decreased wait time for changes Formal process for RFCs Lunch-and-learn sessions 3 months
    Business Reduced outages Increased involvement in planning and approvals Monthly reports 1 year
    1. Discuss the communications plan:
      • Will this plan ensure that users are given adequate opportunities to accept the changes being deployed?
      • Is the message appropriate for each audience? Is the format appropriate for each audience?
      • Does the communication include training where necessary to help users adopt any new functions/workflows being introduced?

    Download the Change Management Communications Plan

    Present your SOP to key stakeholders and obtain their approval

    Now that you have completed your Change Management SOP, the final step is to get sign-off from senior management to begin the rollout process.

    Know your audience:

    • Determine the service management stakeholders who will be included in the audience for your presentation.
    • You want your presentation to be succinct and hard hitting. Management’s time is tight and they will lose interest if you drag out the delivery.
    • Briefly speak about the need for more formal change management and emphasize the benefits of implementing a more formal process with a SOP.
    • Present your current state assessment results to provide context before presenting the SOP itself.
    • As with any other foundational activity, be prepared with some quick wins to gain executive attention.
    • Be prepared to review with both technical and less technical stakeholders.

    Info-Tech Insight

    The support of senior executive stakeholders is critical to the success of your SOP rollout. Try to wow them with project benefits and make sure they know about the risks/pain points.

    Download the Change Management Project Summary Template

    4.2.2 Create a Project Roadmap to Track Your Implementation Progress

    Input

    • List of implementation tasks

    Output

    • Roadmap and timeline for change management implementation

    Materials

    Participants

    • Change Manager
    • Members of the Change Advisory Board
    • Service Desk Manager
    • Operations (optional)
    1. Info-Tech’s Change Management Roadmap Tool helps you identify and prioritize tasks that need to be completed for the change management implementation project.
    2. Use this tool to identify each action item that will need to be completed as part of the change management initiative. Chart each action item, assign an owner, define the duration, and set a completion date.
    3. Use the resulting rocket diagram as a guide to task completion as you work toward your future state.

    Download the Change Management Roadmap Tool

    Case Study (part 4 of 4)

    Intel implemented a robust change management process.

    Industry: Technology

    Source: Daniel Grove, Intel

    Challenge

    Founded in 1968, the world’s largest microchip and semiconductor company employs over 100,000 people. Intel manufactures processors for major players in the PC market including Apple, Lenovo, HP, and Dell.

    Intel IT supports over 65,000 servers, 3.2 petabytes of data, over 70,000 PCs, and 2.6 million emails per day.

    Intel’s change management program is responsible for over 4,000 changes each week.

    Solution

    Intel had its new change management program in place and the early milestones planned, but one key challenge with any new project is communication.

    The company also needed to navigate the simplification of a previously complex process; end users could be familiar with any of the 37 different change processes or 25 different change management systems of record.

    Top-level buy-in was another concern.

    Results

    Intel first communicated the process changes by publishing the vision and strategy for the project with top management sponsorship.

    The CIO published all of the new change policies, which were supported by the Change Governance Council.

    Intel cited the reason for success as the designation of a Policy and Guidance Council – a group designed to own communication and enforcement of the new policies and processes put in place.

    Summary of Accomplishment

    Problem Solved

    You now have an outline of your new change management process. The hard work starts now for an effective implementation. Make use of the communications plan to socialize the new process with stakeholders and the roadmap to stay on track.

    Remember as you are starting your implementation to keep your documents flexible and treat them as “living documents.” You will likely need to tweak and refine the processware and templates several times to continually improve the process. Furthermore, don’t shy away from seeking feedback from your stakeholders to gain buy-in.

    Lastly, keep an eye on your progress with objective, data-driven metrics. Leverage the trends in your data to drive your decisions. Be sure to revisit the maturity assessment not only to measure and visualize your progress, but to gain insight into your next steps.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com

    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic office in Toronto, Ontario, Canada to participate in an innovative onsite workshop.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    1.1.2 Complete a Change Management Maturity Assessment

    Run through the change management maturity assessment with tailored commentary for each action item outlining context and best practices.

    2.2.1 Plot the Process for a Normal Change

    Build a normal change process using Info-Tech’s Change Management Process Library template with an analyst helping you to right size the process for your organization.

    Related Info-Tech Research

    Standardize the Service Desk

    Improve customer service by driving consistency in your support approach and meeting SLAs.

    Stabilize Release and Deployment Management

    Maintain both speed and control while improving the quality of deployments and releases within the infrastructure team.

    Incident and Problem Management

    Don’t let persistent problems govern your department.

    Select Bibliography

    AXELOS Limited. ITIL Foundation: ITIL 4th edition. TSO, 2019, pp. 118–120.

    Behr, Kevin and George Spafford. The Visible Ops Handbook: Implementing ITIL in 4 Practical and Auditable Steps. IT Revolution Press. 2013.

    BMC. “ITIL Change Management.” BMC Software Canada, 22 December 2016.

    Brown, Vance. “Change Management: The Greatest ROI of ITIL.” Cherwell Service Management.

    Cisco. “Change Management: Best Practices.” Cisco, 10 March 2008.

    Grove, Daniel. “Case Study ITIL Change Management Intel Corporation.” PowerShow, 2005.

    ISACA. “COBIT 5: Enabling Processes.” ISACA, 2012.

    Jantti, M. and M. Kainulainen. “Exploring an IT Service Change Management Process: A Case Study.” ICDS 2011: The Fifth International Conference on Digital Society, 23 Feb. 2011.

    Murphy, Vawns. “How to Assess Changes.” The ITSM Review, 29 Jan. 2016.

    Nyo, Isabel. “Best Practices for Change Management in the Age of DevOps.” Atlassian Engineering, 12 May 2021.

    Phillips, Katherine W., Katie A. Liljenquist, and Margaret A. Neale. “Better Decisions Through Diversity.” Kellogg Insight, 1 Oct. 2010.

    Pink Elephant. “Best Practices for Change Management.” Pink Elephant, 2005.

    Sharwood, Simon. “Google broke its own cloud by doing two updates at once.” The Register, 24 Aug. 2016.

    SolarWinds. “How to Eliminate the No: 1 Cause of Network Downtime.” SolarWinds Tech Tips, 25 Apr. 2014.

    The Stationery Office. “ITIL Service Transition: 2011.” The Stationary Office, 29 July 2011.

    UCISA. “ITIL – A Guide to Change Management.” UCISA.

    Zander, Jason. “Final Root Cause Analysis and Improvement Areas: Nov 18 Azure Storage Service Interruption.” Microsoft Azure: Blog and Updates, 17 Dec. 2014.

    Appendix I: Expedited Changes

    Employ the expedited change to promote process adherence

    In many organizations, there are changes which may not fit into the three prescribed categories. The reason behind why the expedited category may be needed generally falls between two possibilities:

    1. External drivers dictate changes via mandates which may not fall within the normal change cycle. A CIO, judge, state/provincial mandate, or request from shared services pushes a change that does not fall within a normal change cycle. However, there is no imminent outage (therefore it is not an emergency). In this case, an expedited change can proceed. Communicate to the change requester that IT and the change build team will still do their best to implement the change without issue, but any extra risk of implementing this expedited change (compared to an normal change) will be absorbed by the change requester.
    2. The change requester did not prepare for the change adequately. This is common if a new change process is being established (and stakeholders are still adapting to the process). Change requesters or the change build team may request the change to be done by a certain date that does not fall within the normal change cycle, or they simply did not give the CAB enough time to vet the change. In this case, you may use the expedited category as a metric (or a “Hall of Shame” example). If you identify a department or individual that frequently request expedited changes, use the expedited category as a means to educate them about the normal change to discourage the behavior moving forward.

    Two possible ways to build an expedited change category”

    1. Build the category similar to an emergency change. In this case, one difference would be the time allotted to fully obtain authorization of the change from the E-CAB and business owner before implementing the change (as opposed to the emergency change workflow).
    2. Have the expedited change reflect the normal change workflow. In this case, all the same steps of the normal change workflow are followed except for expedited timelines between processes. This may include holding an impromptu CAB meeting to authorize the change.

    Example process: Expedited Change Process

    The image is a flowchart, showing the process for Expedited Change.

    For the full process, refer to the Change Management Process Library.

    Appendix II: Optimize IT Change Management in a DevOps Environment

    Change Management cannot be ignored because you are DevOps or Agile

    But it can be right-sized.

    The core tenets of change management still apply no matter the type of development environment an organization has. Changes in any environment carry risk of degrading functionality, and must therefore be vetted. However, the amount of work and rigor put into different stages of the change life cycle can be altered depending on the maturity of the development workflows. The following are several stage gates for change management that MUST be considered if you are a DevOps or Agile shop:

    • Intake assessment (separation of changes from projects, service requests, operational tasks)
      • Within a DevOps or Agile environment, many of the application changes will come directly from the SDLC and projects going live. It does not mean a change must go through CAB, but leveraging the pre-approved category allows for an organization to stick to development lifecycles without being heavily bogged down by change bureaucracy.
    • Technical review
      • Leveraging automation, release contingencies, and the current SDLC documentation to decrease change risk allows for various changes to be designated as pre-approved.
    • Authorization
      • Define the authorization and dependencies of a change early in the lifecycle to gain authorization and necessary signoffs.
    • Documentation/communication
      • Documentation and communication are post-implementation activities that cannot be ignored. If documentation is required throughout the SDLC, then design the RFC to point to the correct documentation instead of duplicating information.

    "Understand that process is hard and finding a solution that fits every need can be tricky. With this change management process we do not try to solve every corner case so much as create a framework by which best judgement can be used to ensure maximum availability of our platforms and services while still complying with our regulatory requirements and making positive changes that will delight our customers.“ -IT Director, Information Cybersecurity Organization

    Five principals for implementing change in DevOps

    Follow these best practices to make sure your requirements are solid:

    People

    The core differences between an Agile or DevOps transition and a traditional approach are the restructuring and the team behind it. As a result, the stakeholders of change management must be onboard for the process to work. This is the most difficult problem to solve if it’s an issue, but open avenues of feedback for a process build is a start.

    DevOps Lifecycles

    • Plan the dev lifecycle so people can’t skirt it. Ensure the process has automated checks so that it’s more work to skirt the system than it is to follow it. Make the right process the process of least resistance.
    • Plan changes from the start to ensure that cross-dependencies are identified early and that the proposed implementation date is deconflicted and visible to other change requesters and change stakeholders.

    Automation

    Automation comes in many forms and is well documented in many development workflows. Having automated signoffs for QA/security checks and stakeholders/cross dependency owner sign offs may not fully replace the CAB but can ease the burden on discussions before implementation.

    Contingencies

    Canary releases, phased releases, dark releases, and toggles are all options you can employ to reduce risk during a release. Furthermore, building in contingencies to the test/rollback plan decreases the risk of the change by decreasing the factor of likelihood.

    Continually Improve

    Building change from the ground up doesn’t meant the process has to be fully fledged before launch. Iterative improvements are possible before achieving an optimal state. Having the proper metrics on the pain points and bottlenecks in the process can identify areas for automation and improvement.

    Increasing the proportion of pre-approved changes

    Leverage the traditional change infrastructure to deploy changes quickly while keeping your risk low.

    • To designate a change as a pre-approved change it must have a low risk rating (based on impact and likelihood). Fortunately, many of the changes within the Agile framework are designed to be small and lower risk (at least within application development). Putting in the work ahead of time to document these changes, template RFCs, and document the dependencies for various changes allows for a shift in the proportion of pre-approved changes.
    • The designation of pre-approved changes is an ongoing process. This is not an overnight initiative. Measure the proportion of changes by category as a metric, setting goals and interim goals to shift the change proportion to a desired ratio.

    The image is a bar graph, with each bar having 3 colour-coded sections: Emergency, Normal, and Pre-Approved. The first bar is before, where the largest change category is Normal. The second bar is after, and the largest change category is Pre-Approved.

    Turn your CAB into a virtual one

    • The CAB does not have to fully disappear in a DevOps environment. If the SDLC is built in a way that authorizes changes through peer reviews and automated checks, by the time it’s deployed, the job of the CAB should have already been completed. Then the authorization stage-gate (traditionally, the CAB) shifts to earlier in the process, reducing the need for an actual CAB meeting. However, the change must still be communicated and documented, even if it’s a pre-approved change.
    • As the proportion of changes shifts from a high degree of normal changes to a high degree of pre-approved changes, the need for CAB meetings should decrease even further. As an end-state, you may reserve actual CAB meetings for high-profile changes (as defined by risk).
    • Lastly, change management does not disappear as a process. Periodic reviews of change management metrics and the pre-approved change list must still be completed.

    Improve IT-Business Alignment Through an Internal SLA

    • Buy Link or Shortcode: {j2store}455|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Operations Management
    • Parent Category Link: /i-and-o-process-management
    • The business is rarely satisfied with IT service levels, yet there is no clear definition of what is acceptable.
    • Dissatisfaction with service levels is often based on perception. Your uptime might be four 9s, but the business only remembers the outages.
    • IT is left trying to hit a moving target with a limited budget and no agreement on where services levels need to improve.

    Our Advice

    Critical Insight

    • Business leaders have service level expectations regardless of whether there is a formal agreement. The SLA process enables IT to manage those expectations.
    • Track current service levels and report them in plain language (e.g. hours and minutes of downtime, not “how many 9s” which then need to be translated) to gain a clearer mutual understanding of current versus desired service levels.
    • Use past incidents to provide context (how much that hour of downtime actually impacted the business) in addition to a business impact analysis to define appropriate target service levels based on actual business need.

    Impact and Result

    Create an effective internal SLA by following a structured process to report current service levels and set realistic expectations with the business. This includes:

    • Defining the current achievable service level by establishing a metrics tracking and monitoring process.
    • Determining appropriate (not ideal) business needs.
    • Creating an SLA that clarifies expectations to reduce IT-business friction.

    Improve IT-Business Alignment Through an Internal SLA Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should create an internal SLA, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Scope the pilot project

    Establish the SLA pilot project and clearly document the problems and challenges that it will address.

    • Improve IT-Business Alignment Through an Internal SLA – Phase 1: Scope the Pilot Project
    • Internal SLA Process Flowcharts (PDF)
    • Internal SLA Process Flowcharts (Visio)
    • Build an Internal SLA Project Charter Template
    • Internal SLA Maturity Scorecard Tool

    2. Establish current service levels

    Expedite the SLA process by thoroughly, carefully, and clearly defining the current achievable service levels.

    • Improve IT-Business Alignment Through an Internal SLA – Phase 2: Determine Current Service Levels
    • Availability and Reliability SLA Metrics Tracking Template
    • Service Desk SLA Metrics Tracking Template
    • Service Catalog SLA Metrics Tracking Template

    3. Identify target service levels and create the SLA

    Create a living document that aligns business needs with IT targets by discovering the impact of your current service level offerings through a conversation with business peers.

    • Improve IT-Business Alignment Through an Internal SLA – Phase 3: Set Target Service Levels and Create the SLA
    • SLA Project Roadmap Tool
    • Availability Internal Service Level Agreement Template
    • Service Catalog Internal Service Level Agreement Template
    • Service Desk Internal Service Level Agreement Template
    • Internal SLA Executive Summary Presentation Template
    [infographic]

    Select Your Data Platform

    • Buy Link or Shortcode: {j2store}346|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $62,999 Average $ Saved
    • member rating average days saved: 20 Average Days Saved
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management

    Every organization needs a data management (DM) platform that enables the DM capabilities required. This could be a daunting task because:

    • Every organization has a unique set of requirements for the DM platform.
    • Software products are difficult to compare because every vendor provides a unique set of features.
    • Software vendors are interested in getting as large a footprint as possible.
    • Some products from different categories offer the same functionalities.
    • Some products are just not compatible.

    Our Advice

    Critical Insight

    • Technology requirements start with the business goals.
    • Data platform selection should be based on common best practices and, at the same time, be optimized for the organization’s specific needs and goals and support an evolutionary platform development.
    • What is best for one organization may be totally unacceptable for another – all for very valid reasons.

    Impact and Result

    Understand your current environment and use proven reference architecture patterns to expedite building the data management platform that matches your needs.

    • Use a holistic approach.
    • Understand your goals and priorities.
    • Picture your target-state architecture.
    • Identify your current technology coverage.
    • Select the software covering the gaps in technology enablement based on feature/functional enablement descriptions as well as vendor and deployment preferences.

    Select Your Data Platform Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out what challenges are typically in the way of designing a data platform, review Info-Tech’s methodology, and understand how we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Select your data platform

    Assess your current environment, find the right reference architecture pattern, and match identified capabilities with software features.

    • Data Platform Design Assessment
    • Reference Architecture Pattern

    Infographic

    Choose a Right-Sized Contact Center Solution

    • Buy Link or Shortcode: {j2store}334|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $25,535 Average $ Saved
    • member rating average days saved: 18 Average Days Saved
    • Parent Category Name: Strategy and Organizational Design
    • Parent Category Link: /strategy-and-organizational-design
    • IT needs a method to pinpoint which contact center solution best aligns with business objectives, adapting to a post-COVID world of remote work, flexibility, and scalability.
    • Scoring RFP and RFQ proposals is a complex process, and it is difficult to map and gap without a clear view of the organization’s needs. SOWs can contain pitfalls that cause expensive headaches for the organization in the long run. Guidance through a SOW is required to best represent the organization’s interests.

    Our Advice

    Critical Insight

    • “On-premises versus cloud” is a false dichotomy. Contact center architectures come in all shapes and sizes, and organizations should discern whether a hybrid option best meets their needs.
    • Contact centers should service customers – not capabilities. Capabilities must work for you, your agents, and your customers – not the other way around.
    • Deliverables and responsibilities should be a contract’s focal point. While organizations are right to focus on avoiding unanticipated license charges, it is more important to clearly define how deliverables and responsibilities will be divided among the organization, the vendor, and potential third parties.

    Impact and Result

    • Assess the array of contact center architectures with Info-Tech’s Contact Center Decision Points Tool to select a right-sized solution.
    • Build business requirements in a formalized process to achieve stakeholder buy-in.
    • Use Info-Tech’s Contact Center RFP Scoring Tool to evaluate and choose from a range of vendors.
    • Successfully navigate and avoid major pitfalls in a SOW construction.
    • Justify each stage of the process with this blueprint’s key deliverable: the Contact Center Playbook.

    Choose a Right-Sized Contact Center Solution Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to examine the current contact center marketspace, review Info-Tech’s methodology for choosing a right-sized contact center solution, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess Contact Center Architectures

    Establish your project vision and metrics of success before shortlisting potential contact center architectures and deciding which is right-sized for the organization.

    • Choose a Right-Sized Contact Center Solution – Phase 1: Assess Contact Center Architectures
    • Contact Center Playbook
    • Contact Center Decision Points Tool

    2. Gather Requirements and Shortlist Vendors

    Build business requirements to achieve stakeholder buy-in, define key deliverables, and issue an RFP/RFQ to shortlisted vendors.

    • Choose a Right-Sized Contact Center Solution – Phase 2: Gather Requirements and Shortlist Vendors
    • Requirements Gathering Documentation Tool
    • Lean RFP Template
    • Contact Center Business Requirements Document
    • Request for Quotation Template
    • Long-Form RFP Template

    3. Score Vendors and Construct SOW

    Score RFP/RFQ responses and decide upon a vendor before constructing a SOW.

    • Choose a Right-Sized Contact Center Solution – Phase 3: Score Vendors and Construct SOW
    • Contact Center RFP Scoring Tool
    • Contact Center SOW Template and Guide
    [infographic]

    Workshop: Choose a Right-Sized Contact Center Solution

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess Architecture

    The Purpose

    Shortlist and decide upon a right-sized contact center architecture.

    Key Benefits Achieved

    A high-level decision for a right-sized architecture

    Activities

    1.1 Define vision and mission statements.

    1.2 Identify infrastructure metrics of success.

    1.3 Confirm key performance indicators for contact center operations.

    1.4 Complete architecture assessment.

    1.5 Confirm right-sized architecture.

    Outputs

    Project outline

    Metrics of success

    KPIs confirmed

    Quickly narrow down right-sized architecture

    Decision on right-sized contact center architecture

    2 Gather Requirements

    The Purpose

    Build business requirements and define key deliverables to achieve stakeholder buy-in and shortlist potential vendors.

    Key Benefits Achieved

    Key deliverables defined and a shortlist of no more than five vendors

    Sections 7-8 of the Contact Center Playbook completed

    Activities

    2.1 Hold focus groups with key stakeholders.

    2.2 Gather business, nonfunctional, and functional requirements.

    2.3 Define key deliverables.

    2.4 Shortlist five vendors that appear meet those requirements.

    Outputs

    User requirements identified

    Business Requirements Document completed

    Key deliverables defined

    Shortlist of five vendors

    3 Initial Vendor Scoring

    The Purpose

    Compare and evaluate shortlisted vendors against gathered requirements.

    Key Benefits Achieved

    Have a strong overview of which vendors are preferred for issuing RFP/RFQ

    Section 9 of the Contact Center Playbook

    Activities

    3.1 Input requirements to the Contact Center RFP Scoring Tool. Define which are mandatory and which are desirable.

    3.2 Determine which vendors best meet requirements.

    3.3 Compare requirements met with anticipated TCO.

    3.4 Compare and rank vendors.

    Outputs

    An assessment of requirements

    Vendor scoring

    A holistic overview of requirements scoring and vendor TCO

    An initial ranking of vendors to shape RFP process after workshop end

    4 SOW Walkthrough

    The Purpose

    Walk through the Contact Center SOW Template and Guide to identify how much time to allocate per section and who will be responsible for completing it.

    Key Benefits Achieved

    An understanding of a SOW that is designed to avoid major pitfalls with vendor management

    Section 10 of the Contact Center Playbook

    Activities

    4.1 Get familiar with the SOW structure.

    4.2 Identify which sections will demand greater time allocation.

    4.3 Strategize how to avoid potential pitfalls.

    4.4 Confirm reviewer responsibilities.

    Outputs

    A broad understanding of a SOW’s key sections

    A determination of how much time should be allocated for reviewing major sections

    A list of ways to avoid major pitfalls with vendor management

    A list of reviewers, the sections they are responsible for reviewing, and their time allocation for their review

    5 Communicate and Implement

    The Purpose

    Finalize deliverables and plan post-workshop communications.

    Key Benefits Achieved

    A completed Contact Center Playbook that justifies each decision of this workshop

    Activities

    5.1 Finalize deliverables.

    5.2 Support communication efforts.

    5.3 Identify resources in support of priority initiatives.

    Outputs

    Contact Center Playbook delivered

    Post-workshop engagement to confirm satisfaction

    Follow-up research that complements the workshop or leads workshop group in relevant new directions

    IT Strategy

    • Buy Link or Shortcode: {j2store}20|cart{/j2store}
    • Related Products: {j2store}20|crosssells{/j2store}
    • Up-Sell: {j2store}20|upsells{/j2store}
    • member rating overall impact (scale of 10): 9.3/10
    • member rating average dollars saved: $105,465
    • member rating average days saved: 35
    • Parent Category Name: Strategy and Governance
    • Parent Category Link: strategy-and-governance
    Success depends on IT initiatives clearly aligned to business goals.

    Determine the Future of Microsoft Project in Your Organization

    • Buy Link or Shortcode: {j2store}357|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $125,999 Average $ Saved
    • member rating average days saved: 50 Average Days Saved
    • Parent Category Name: Project Management Office
    • Parent Category Link: /project-management-office
    • You use Microsoft tools to manage your work, projects, and/or project portfolio.
    • Its latest offering, Project for the web, is new and you’re not sure what to make of it. Microsoft says it will soon replace Microsoft Project and Project Online, but the new software doesn’t seem to do what the old software did.
    • The organization has adopted M365 for collaboration and work management. Meetings happen on Teams, projects are scoped a bit with Planner, and the operations group uses Azure Boards to keep track of what they need to get done.
    • Despite your reservations about the new project management software, Microsoft software has become even more ubiquitous.

    Our Advice

    Critical Insight

    • The various MS Project offerings (but most notably the latest, Project for the web) hold the promise of integrating with the rest of M365 into a unified work management solution. However, out of the box, Project for the web and the various platforms within M365 are all disparate utilities that need to be pieced together in a purpose-built manner to make use of them for holistic work management purposes. If you’re looking for a cohesive product out of the box, look elsewhere. If you’re looking to assemble a wide array of work, project, and portfolio management functions across different functions and departments, you may have found what you seek.
    • Rather than choosing tools based on your gaps, assess your current maturity level so that you optimize your investment in the Microsoft landscape.

    Impact and Result

    Follow Info-Tech’s path in this blueprint to:

    • Perform a tool audit to trim your work management tool landscape.
    • Navigate the MS Project and M365 licensing landscape.
    • Make sense of what to do with Project for the web and take the right approach to rolling it out (i.e. DIY or MS Gold Partner driven) based upon your needs.
    • Create an action plan to inform next steps.

    After following the program in this blueprint, you will be prepared to advise the organization on how to best leverage the rapidly shifting work management options within M365 and the place of MS Project within it.

    Determine the Future of Microsoft Project in Your Organization Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should make sense of the MS Project and M365 landscapes, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Determine your tool needs

    Assess your work management tool landscape, current state maturity, and licensing needs to inform a purpose-built work management action plan.

    • M365 Task Management Tool Guide
    • M365 Project Management Tool Guide
    • M365 Project Portfolio Management Tool Guide
    • Tool Audit Workbook
    • Force Field Analysis Tool
    • Microsoft Project & M365 Licensing Tool
    • Project Portfolio Management Maturity Assessment Workbook (With Tool Analysis)
    • Project Management Maturity Assessment Workbook (With Tool Analysis)

    2. Weigh your MS Project implementation options

    Get familiar with Project for the web’s extensibility as well as the MS Gold Partner ecosystem as you contemplate the best implementation approach(s) for your organization.

    • None
    • None

    3. Finalize your implementation approach

    Prepare a boardroom-ready presentation that will help you communicate your MS Project and M365 action plan to PMO and organizational stakeholders.

    • Microsoft Project & M365 Action Plan Template

    Infographic

    Workshop: Determine the Future of Microsoft Project in Your Organization

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess Driving Forces and Risks

    The Purpose

    Assess the goals and needs as well as the risks and constraints of a work management optimization.

    Take stock of your organization’s current work management tool landscape.

    Key Benefits Achieved

    Clear goals and alignment across workshop participants as well as an understanding of the risks and constraints that will need to be mitigated to succeed.

    Current-state insight into the organization’s work management tool landscape.

    Activities

    1.1 Review the business context.

    1.2 Explore the M365 work management landscape.

    1.3 Identify driving forces for change.

    1.4 Analyze potential risks.

    1.5 Perform current-state analysis on work management tools.

    Outputs

    Business context

    Current-state understanding of the task, project, and portfolio management options in M365 and how they align with the organization’s ways of working

    Goals and needs analysis

    Risks and constraints analysis

    Work management tool overview

    2 Determine Tool Needs and Process Maturity

    The Purpose

    Determine your organization’s work management tool needs as well as its current level of project management and project portfolio management process maturity.

    Key Benefits Achieved

    An understanding of your tooling needs and your current levels of process maturity.

    Activities

    2.1 Review tool audit dashboard and conduct the final audit.

    2.2 Identify current Microsoft licensing.

    2.3 Assess current-state maturity for project management.

    2.4 Define target state for project management.

    2.5 Assess current-state maturity for project portfolio management.

    2.6 Define target state for project portfolio management.

    Outputs

    Tool audit

    An understanding of licensing options and what’s needed to optimize MS Project options

    Project management current-state analysis

    Project management gap analysis

    Project portfolio management current-state analysis

    Project portfolio management gap analysis

    3 Weigh Your Implementation Options

    The Purpose

    Take stock of your implementation options for Microsoft old project tech and new project tech.

    Key Benefits Achieved

    An optimized implementation approach based upon your organization’s current state and needs.

    Activities

    3.1 Prepare a needs assessment for Microsoft 365 and Project Plan licenses.

    3.2 Review the business case for Microsoft licensing.

    3.3 Get familiar with Project for the web.

    3.4 Assess the MS Gold Partner Community.

    3.5 Conduct a feasibility test for PFTW.

    Outputs

    M365 and Project Plan needs assessment

    Business case for additional M365 and MS Project licensing

    An understand of Project for the web and how to extend it

    MS Gold Partner outreach plan

    A go/no-go decision for extending Project for the web on your own

    4 Finalize Implementation Approach

    The Purpose

    Determine the best implementation approach for your organization and prepare an action plan.

    Key Benefits Achieved

    A purpose-built implementation approach to help communicate recommendations and needs to key stakeholders.

    Activities

    4.1 Decide on the implementation approach.

    4.2 Identify the audience for your proposal.

    4.3 Determine timeline and assign accountabilities.

    4.4 Develop executive summary presentation.

    Outputs

    An implementation plan

    Stakeholder analysis

    A communication plan

    Initial executive presentation

    5 Next Steps and Wrap-Up (offsite)

    The Purpose

    Finalize your M365 and MS Project work management recommendations and get ready to communicate them to key stakeholders.

    Key Benefits Achieved

    Time saved in developing and communicating an action plan.

    Stakeholder buy-in.

    Activities

    5.1 Complete in-progress deliverables from previous four days.

    5.2 Set up review time for workshop deliverables and to discuss next steps.

    Outputs

    Finalized executive presentation

    A gameplan to communicate your recommendations to key stakeholders as well as a roadmap for future optimization

    Further reading

    Determine the Future of Microsoft Project in Your Organization

    View your task management, project management, and project portfolio management options through the lens of M365.

    EXECUTIVE BRIEF

    Analyst Perspective

    Microsoft Project is an enigma

    Microsoft Project has dominated its market since being introduced in the 1980s, yet the level of adoption and usage per license is incredibly low.

    The software is ubiquitous, mostly considered to represent its category for “Project Management.” Yet, the software is conflated with its “Portfolio Management” offerings as organizations make platform decisions with Microsoft Project as the incorrectly identified incumbent.

    And incredibly, Microsoft has dominated the next era of productivity software with the “365” offerings. Yet, it froze the “Project” family of offerings and introduced the not-yet-functional “Project for the web.”

    Having a difficult time understanding what to do with, and about, Microsoft Project? You’re hardly alone. It’s not simply a question of tolerating, embracing, or rejecting the product: many who choose a competitor find they’re still paying for Microsoft Project-related licensing for years to come.

    If you’re in the Microsoft 365 ecosystem, use this research to understand your rapidly shifting landscape of options.

    (Barry Cousins, Project Portfolio Management Practice Lead, Info-Tech Research Group)

    Executive Summary

    Your Challenge

    You use Microsoft (MS) tools to manage your work, projects, and/or project portfolio.

    Their latest offering, Project for the web, is new and you’re not sure what to make of it. Microsoft says it will soon replace Microsoft Project and Project Online, but the new software doesn’t seem to do what the old software did.

    The organization has adopted M365 for collaboration and work management. Meetings happen on Teams, projects are scoped a bit with Planner, and the operations group uses Azure Boards to keep track of what they need to get done.

    Despite your reservations about the new project management software, Microsoft software has become even more ubiquitous.

    Common Obstacles

    M365 provides the basic components for managing tasks, projects, and project portfolios, but there is no instruction manual for making those parts work together.

    M365 isn’t the only set of tools at play. Business units and teams across the organization have procured other non-Microsoft tools for work management without involving IT.

    Microsoft’s latest project offering, Project for the web, is still evolving and you’re never sure if it is stable or ready for prime time. The missing function seems to involve the more sophisticated project planning disciplines, which are still important to larger, longer, and costlier projects.

    Common Obstacles

    Follow Info-Tech’s path in this blueprint to:

    • Perform a tool audit to trim your work management tool landscape.
    • Navigate the MS Project and M365 licensing landscape.
    • Make sense of what to do with Project for the web and take the right approach to rolling it out (i.e. DIY or MS Gold Partner driven) for your needs.
    • Create an action plan to inform next steps.

    After following the program in this blueprint, you will be prepared to advise the organization on how to best leverage the rapidly shifting work management options within M365 and the place of MS Project within it.

    M365 and, within it, O365 are taking over

    Accelerated partly by the pandemic and the move to remote work, Microsoft’s market share in the work productivity space has grown exponentially in the last two years.

    70% of Fortune 500 companies purchased 365 from Sept. 2019 to Sept. 2020. (Thexyz blog, 2020)

    In its FY21 Q2 report, Microsoft reported 47.5 million M365 consumer subscribers – an 11.2% increase from its FY20 Q4 reporting. (Office 365 for IT Pros, 2021)

    As of September 2020, there were 258,000,000 licensed O365 users. (Thexyz blog, 2020)

    In this blueprint, we’ll look at what the what the phenomenal growth of M365 means for PMOs and project portfolio practitioners who identify as Microsoft shops

    The market share of M365 warrants a fresh look at Microsoft’s suite of project offerings

    For many PMO and project portfolio practitioners, the footprint of M365 in their organizations’ work management cultures is forcing a renewed look at Microsoft’s suite of project offerings.

    The complicating factor is this renewed look comes at a transitional time in Microsoft’s suite of project and portfolio offerings.

    • The market dominance of MS Project Server and Project Online are wanning, with Microsoft promising the end-of-life for Online sometime in the coming years.
    • Project Online’s replacement, Project for the web, is a viable task management and lightweight project management tool, but its viability as a replacement for the rigor of Project Online is at present largely a question mark.
    • Related to the uncertainty and promise around Project for the web, the Dataverse and the Power Platform offer a glimpse into a democratized future of work management tools but anything specific about that future has yet to solidify.

    Microsoft Project has 66% market share in the project management tool space. (Celoxis, 2018)

    A copy of MS project is sold or licensed every 20 seconds. (Integent, 2013)

    MS Project is evolving to meet new work management realities

    It also evolved to not meet the old project management realities.

    • The lines between traditional project management and operational task management solutions are blurring as organizations struggle to keep up with demands.
    • To make the software easier to use, modern work management doesn’t involve the complexities from days past. You won’t find anywhere to introduce complex predecessor-successor relationships, unbalanced assignments with front-loading or back-loading, early-start/late-finish, critical path, etc.
    • “Work management” is among the latest buzzwords in IT consulting. With Project for the web (PFTW), Azure Boards, and Planner, Microsoft is attempting to compete with lighter and better-adopted tools like Trello, Basecamp, Asana, Wrike, and Monday.com.
    • Buyers of project and work management software have struggled to understand how PFTW will still be usable if it gets the missing project management function from MS Project.

    Info-Tech Insight

    Beware of the Software Granularity Paradox.

    Common opinion 1: “Plans and estimates that are granular enough to be believable are too detailed to manage and maintain.”

    Common opinion 2: “Plans simple enough to publish aren’t detailed enough to produce believable estimates.”

    In other words, software simple enough to get widely adopted doesn’t produce believable plans. Software that can produce believable plans is too complex to use at scale.

    A viable task and project management option must walk the line between these dichotomies.

    M365 gives you the pieces, but it’s on PMO users to piece them together in a viable way

    With the new MS Project and M365, it’s on PMOs to avoid the granularity paradox and produce a functioning solution that fits with the organization’s ways of working.

    Common perception still sees Microsoft Project as a rich software tool. Thus, when we consider the next generation of Microsoft Project, it’s easy to expect a newer and friendlier version of what we knew before.

    In truth, the new solution is a collection of partially integrated but largely disparate tools that each satisfy a portion of the market’s needs. While it looks like a rich collection of function when viewed through high-level requirements, users will find:

    • Overlaps, where multiple tools satisfy the same functional requirement (e.g. “assign a task”)
    • Gaps, where a tool doesn’t quite do enough and you’re forced to incorporate another tool (e.g. reverting back to Microsoft Project for advanced resource planning)
    • Islands, where tools don’t fluently talk to each other (e.g. Planner data integrated in real-time with portfolio data, which requires clunky, unstable, decentralized end-user integrations with Microsoft Power Automate)
    A colourful arrangement of Microsoft programs arranged around a pile of puzzle pieces.

    Info-Tech's approach

    Use our framework to best leverage the right MS Project offerings and M365 components for your organization’s work management needs.

    The Info-Tech difference:

    1. A simple to follow framework to help you make sense of a chaotic landscape.
    2. Practical and tactical tools that will help you save time.
    3. Leverage industry best practices and practitioner-based insights.
    An Info-Tech framework titled 'Determine the Future of Microsoft Project in Your Organization, subtitle 'View your task, project, and portfolio management options through the lens of Microsoft 365'. There are four main sections titled 'Background', 'Approaches', 'Deployments', and 'Portfolio Outcomes'. In '1) Background' are 'Analyze Content', 'Assess Constraints', and 'Determine Goals and Needs'. In '2) Approaches' are 'DIY: Are you ready to do it yourself?' 'Info-Tech: Can our analysts help?', and 'MS Gold Partner: Are you better off with a third party?'. In '3) Deployments' are five sections: 'Personal Task Management', Barriers to Portfolio Outcomes: Isolated to One Person. 'Team Task Management', Barriers to Portfolio Outcomes: Isolated to One Team. 'Project Portfolio Management', Barriers to Portfolio Outcomes: Isolated to One Project. 'Project Management', Barriers to Portfolio Outcomes: Functionally Incomplete. 'Enterprise Project and Portfolio Management', Barriers to Portfolio Outcomes: Underadopted. In '4) Portfolio Outcomes' are 'Informed Steering Committee', 'Increased Project Throughput', 'Improved Portfolio Responsiveness', 'Optimized Resource Utilization', and 'Reduced Monetary Waste'.

    Determine the Future of Microsoft Project in Your Organization

    View your task, project, and portfolio management options through the lens of Microsoft 365.

    1. Background

    • Analyze Content
    • Assess Constraints
    • Determine Goals and Needs

    2. Approaches

    • DIY – Are you ready to do it yourself?
    • Info-Tech – Can our analysts help?
    • MS Gold Partner – Are you better off with a third party?

    3. Deployments

      Task Management

    • Personal Task Management
      • Who does it? Knowledge workers
      • What is it? To-do lists
      • Common Approaches
        • Paper list and sticky notes
        • Light task tools
      • Applications
        • Planner
        • To Do
      • Level of Rigor 1/5
      • Barriers to Portfolio Outcomes: Isolated to One Person
    • Team Task Management
      • Who does it? Groups of knowledge workers
      • What is it? Collaborative to-do lists
      • Common Approaches
        • Kanban boards
        • Spreadsheets
        • Light task tools
      • Applications
        • Planner
        • Azure Boards
        • Teams
      • Level of Rigor 2/5
      • Barriers to Portfolio Outcomes: Isolated to One Team
    • Project Management

    • Project Portfolio Management
      • Who does it? PMO Directors, Portfolio Managers
      • What is it?
        • Centralized list of projects
        • Request and intake handling
        • Aggregating reporting
      • Common Approaches
        • Spreadsheets
        • PPM software
        • Roadmaps
      • Applications
        • Project for the Web
        • Power Platform
      • Level of Rigor 3/5
      • Barriers to Portfolio Outcomes: Isolated to One Project
    • Project Management
      • Who does it? Project Managers
      • What is it? Deterministic scheduling of related tasks
      • Common Approaches
        • Spreadsheets
        • Lists
        • PM software
        • PPM software
      • Applications
        • Project Desktop Client
      • Level of Rigor 4/5
      • Barriers to Portfolio Outcomes: Functionally Incomplete
    • Enterprise Project and Portfolio Management

    • Enterprise Project and Portfolio Management
      • Who does it? PMO and ePMO Directors, Portfolio Managers, Project Managers
      • What is it?
        • Centralized request and intake handling
        • Resource capacity management
        • Deterministic scheduling of related tasks
      • Common Approaches
        • PPM software
      • Applications
        • Project Online
        • Project Desktop Client
        • Project Server
      • Level of Rigor 5/5
      • Barriers to Portfolio Outcomes: Underadopted

    4. Portfolio Outcomes

    • Informed Steering Committee
    • Increased Project Throughput
    • Improved Portfolio Responsiveness
    • Optimized Resource Utilization
    • Reduced Monetary Waste

    Info-Tech's methodology for Determine the Future of MS Project for Your Organization

    1. Determine Your Tool Needs

    2. Weigh Your MS Project Implementation Options

    3. Finalize Your Implementation Approach

    Phase Steps

    1. Survey the M365 Work Management Tools
    2. Perform a Process Maturity Assessment to Help Inform Your M365 Starting Point
    3. Consider the Right MS Project Licenses for Your Stakeholders
    1. Get Familiar With Extending Project for the Web Using Power Apps
    2. Assess the MS Gold Partner Community
    1. Prepare an Action Plan

    Phase Outcomes

    1. Work Management Tool Audit
    2. MS Project and Power Platform Licensing Needs
    3. Project Management and Project Portfolio Management Maturity Assessment
    1. Project for the Web Readiness Assessment
    2. MS Gold Partner Outreach Plan
    1. MS Project and M365 Action Plan Presentation

    Insight Summary

    Overarching blueprint insight: Microsoft Parts Sold Separately. Assembly required.

    The various MS Project offerings (but most notably the latest, Project for the web) hold the promise of integrating with the rest of M365 into a unified work management solution. However, out of the box, Project for the web and the various platforms within M365 are all disparate utilities that need to be pieced together in a purpose-built manner to make use of them for holistic work management purposes.

    If you’re looking for a cohesive product out of the box, look elsewhere. If you’re looking to assemble a wide array of work, project, and portfolio management functions across different functions and departments, you may have found what you seek

    Phase 1 insight: Align your tool choice to your process maturity level.

    Rather than choosing tools based on your gaps, make sure to assess your current maturity level so that you optimize your investment in the Microsoft landscape.

    Phase 2 insight: Weigh your options before jumping into Microsoft’s new tech.

    Microsoft’s new Project plans (P1, P3, and P5) suggest there is a meaningful connection out of the box between its old tech (Project desktop, Project Server, and Project Online) and its new tech (Project for the web).

    However, the offerings are not always interoperable.

    Phase 3 insight: Keep the iterations small as you move ahead with trials and implementations.

    Organizations are changing as fast as the software we use to run them.

    If you’re implementing parts of this platform, keep the changes small as you monitor the vendors for new software versions and integrations.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Key deliverable: Microsoft Project & M365 Action Plan Template

    The Action Plan will help culminate and present:

    • Context and Constraints
    • DIY Implementation Approach
    Or
    • MS Partner Implementation Approach
    • Future-State Vision and Goals
    Samples of Info-Tech's key deliverable 'Microsoft Project and M365 Action Plan Template'.

    Tool Audit Workbook

    Sample of Info-Tech deliverable 'Tool Audit Workbook'.

    Assess your organization's current work management tool landscape and determine what tools drive value for individual users and teams and which ones can be rationalized.

    Force Field Analysis

    Sample of Info-Tech deliverable 'Force Field Analysis'.

    Document the driving and resisting forces for making a change to your work management tools.

    Maturity Assessments

    Sample of Info-Tech deliverable 'Maturity Assessments'.

    Use these assessments to identify gaps in project management and project portfolio management processes. The results will help guide process improvement efforts and measure success and progress.

    Microsoft Project & M365 Licensing Tool

    Sample of Info-Tech deliverable 'Microsoft Project and M365 Licensing Tool'.

    Determine the best licensing options and approaches for your implementation of Microsoft Project.

    Curate your work management tools to harness valuable portfolio outcomes

    • Increase Project Throughput

      Do more projects by ensuring the right projects and the right amount of projects are approved and executed.
    • Support an Informed Steering Committee

      Easily compare progress of projects across the portfolio and enable the leadership team to make decisions.
    • Improve portfolio responsiveness

      Make the portfolio responsive to executive steering when new projects and changing priorities need rapid action.
    • Optimize Resource Utilization

      Assign the right resources to approved projects and minimize the chronic over-allocation of resources that leads to burnout.
    • Reduce Monetary Waste

      Terminate low-value projects early and avoid sinking additional funds into unsuccessful ventures.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 6 to 8 calls over the course of 3 to 4 months.

      Introduction

    • Call #1: Scope requirements, objectives, and your specific challenges.
    • Phase 1

    • Call #2: Explore the M365 work management landscape.
    • Call #3: Discuss Microsoft Project Plans and their capabilities.
    • Call #4: Assess current-state maturity.
    • Phase 2

    • Call #5: Get familiar with extending Project for the web using Power Apps.
    • Call #6: Assess the MS Gold Partner Community.
    • Phase 3

    • Call #7: Determine approach and deployment.
    • Call #8: Discuss action plan.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Day 1
    Assess Driving Forces and Risks

    Day 2
    Determine Tool Needs and Process Maturity

    Day 3
    Weigh Your Implementation Options

    Day 4
    Finalize Implementation Approach

    Day 5
    Next Steps and Wrap-Up (offsite)

    Activities

    • 1.1 Review the business context.
    • 1.2 Explore the M365 work management landscape.
    • 1.3 Identify driving forces for change.
    • 1.4 Analyze potential risks.
    • 1.5 Perform current-state analysis on work management tools.
    • 2.1 Review tool audit dashboard and conduct the final audit.
    • 2.2 Identify current Microsoft licensing.
    • 2.3 Assess current-state maturity for project management.
    • 2.4 Define target state for project management.
    • 2.5 Assess current-state maturity for project portfolio management.
    • 2.6 Define target state for project portfolio management.
    • 3.1 Prepare a needs assessment for Microsoft 365 and Project Plan licenses.
    • 3.2 Review the business case for Microsoft licensing.
    • 3.3 Get familiar with Project for the web.
    • 3.4 Assess the MS Gold Partner Community.
    • 3.5 Conduct a feasibility test for PFTW.
    • 4.1 Decide on the implementation approach.
    • 4.2 Identify the audience for your proposal.
    • 4.3 Determine timeline and assign accountabilities.
    • 4.4 Develop executive summary presentation.
    • 5.1 Complete in-progress deliverables from previous four days.
    • 5.2 Set up review time for workshop deliverables and to discuss next steps.

    Deliverables

    1. Force Field Analysis
    2. Tool Audit Workbook
    1. Tool Audit Workbook
    2. Project Management Maturity Assessment
    3. Portfolio Management Maturity Assessment
    1. Microsoft Project and M365 Licensing Tool
    1. Microsoft Project & M365 Action Plan
    1. Microsoft Project & M365 Action Plan

    Determine the Future of Microsoft Project for Your Organization

    Phase 1: Determine Your Tool Needs

    Phase 1: Determine Your Tool Needs

    Phase 2: Weigh Your Implementation Options Phase 3: Finalize Your Implementation Approach
    • Step 1.1: Survey the M365 work management landscape
    • Step 1.2: Explore the Microsoft Project Plans and their capabilities
    • Step 1.3: Assess the maturity of your current PM & PPM capabilities
    • Step 2.1: Get familiar with extending Project for the web using Power Apps
    • Step 2.2: Assess the MS Gold Partner Community
    • Step 3.1: Prepare an action plan

    Phase Outcomes

    • Tool Audit
    • Microsoft Project Licensing Analysis
    • Project Management Maturity Assessment
    • Project Portfolio Management Maturity Assessments

    Step 1.1

    Survey the M365 Work Management Landscape

    Activities

    • 1.1.1 Distinguish between task, project, and portfolio capabilities
    • 1.1.2 Review Microsoft’s offering for task, project, and portfolio management needs
    • 1.1.4 Assess your organizational context and constraints
    • 1.1.3 Explore typical deployment options

    This step will walk you through the following activities:

    • Assessing your organization’s context for project and project portfolio management
    • Documenting the organization’s constraints
    • Establishing the organization’s goals and needs

    This step involves the following participants:

    • PMO Director
    • Resource Managers
    • Project Managers
    • Knowledge Workers

    Outcomes of Step

    • Knowledge of the Microsoft ecosystem as it relates to task, project, and portfolio management
    • Current organizational context and constraints

    Don’t underestimate the value of interoperability

    The whole Microsoft suite is worth more than the sum of its parts … if you know how to put it together.

    38% of the worldwide office suite market belongs to Microsoft. (Source: Statistica, 2021)

    1 in 3 small to mid-sized organizations moving to Microsoft Project say they are doing so because it integrates well with Office 365. (Source: CBT Nuggets, 2018)

    There’s a gravity to the Microsoft ecosystem.

    And while there is no argument that there are standalone task management tools, project management tools, or portfolio management tools that are likely more robust, feature-rich, and easier to adopt, it’s rare that you find an ecosystem that can do it all, to an acceptable level.

    That is the value proposition of Microsoft: the ubiquity, familiarity, and versatility. It’s the Swiss army knife of software products.

    The work management landscape is evolving

    With M365, Microsoft is angling to become the industry leader, and your organization’s hub, for work management.

    Workers lose up to 40% of their time multi-tasking and switching between applications. (Bluescape, 2018)

    25 Context switches – On average, workers switch between 10 apps, 25 times a day. (Asana, 2021)

    “Work management” is among the latest buzzwords in IT consulting.

    What is work management? It was born of a blurring of the traditional lines between operational or day-to-day tasks and project management tasks, as organizations struggle to keep up with both operational and project demands.

    To make the software easier to use, modern work management doesn’t involve the complexities from days past. You won’t find anywhere to introduce complex predecessor-successor relationships, unbalanced assignments with front-loading or back-loading, early-start/late-finish, critical path, etc.

    Indeed, with Project for the web, Azure Boards, Planner, and other M365 utilities, Microsoft is attempting to compete with lighter and better-adopted tools (e.g. Trello, Wike, Monday.com).

    The Microsoft world of work management can be understood across three broad categories

    1. Task Management

      Task management is essentially the same as keeping track of a to-do list. While you can have a project-related task, you can also have a non-project-related task. The sum of project and non-project tasks make up the work that you need to complete.
    2. Project Management

      Project management (PM) is a methodical approach to planning and guiding project processes from start to finish. Implementing PM processes helps establish repeatable steps and controls that enable project success. Documentation of PM processes leads to consistent results and dependable delivery on expectations.
    3. Portfolio Management

      Project portfolio management (PPM) is a strategic approach to approving, prioritizing, resourcing, and reporting on project. In addition, effective PPM should nurture the completion of projects in the portfolio in the most efficient way and track the extent to which the organization is realizing the intended benefits from completed projects.

    The slides ahead explain each of these modes of working in the Microsoft ecosystem in turn. Further, Info-Tech’s Task, Project, and Project Portfolio Management Tool Guides explain these areas in more detail.

    Use Info-Tech’s Tool Guides assess your MS Project and M365 work management options

    Lean on Info-Tech’s Tool Guides as you navigate Microsoft’s tasks management, project management, and project portfolio management options.

    • The slides ahead take you through a bird’s-eye view of what your MS Project and M365 work management options look like across Info-Tech’s three broad categories
    • In addition to these slides, Info-Tech has three in-depth tool guides that take you through your operational task management, project management, and project portfolio management options in MS Project and M365.
    • These tool guides can be leveraged as you determine whether Microsoft has the required toolset for your organization’s task, project, and project portfolio management needs.

    Download Info-Tech’s Task Management, Project Management, and Project Portfolio Management Tool Guides

    Task Management Overview

    What is task management?

    • It is essentially the same as keeping track of a to-do list. While you can have a project-related task, you can also have a non-project-related task. The sum of project and non-project tasks make up the work that you need to complete.

    What are the benefits of task management using applications within the MS suite?

    • Many organizations already own the tools and don't have to go out and buy something separately.
    • There is easy integration with other MS applications.

    What is personal task management?

    • Tools that allow you to structure work that is visible only to you. This can include work from tasks you are going to be completing for yourself and tasks you are completing as part of a larger work effort.

    What is team task management?

    • Tools that allow users to structure work that is visible to a group. When something is moved or changed, it affects what the group is seeing because it is a shared platform.

    Get familiar with the Microsoft product offerings for task management

    A diagram of Microsoft products and what they can help accomplish. It starts on the right with 'Teams' and 'Outlook'. Both can flow through to 'Personal Task Management' with products 'Teams Tasks' and 'To-Do', but Teams also flows into 'Team Task Management' with products 'Planner' and 'Project for the web'. See the next two slides for more details on these modes of working.

    Download the M365 Task Management Tool Guide

    Personal Task Management

    The To-Do list

    • Who does it?
      • Knowledge workers
    • What is it?
      • How each knowledge worker organizes their individual work tasks in M365
    • When is it done?
      • As needed throughout the day
    • Where is it done?
      • Paper
      • Digital location
    • How is it done?
      • DIY and self-developed
      • Usually not repeatable and evolves depending on work location and tools available
      • Not governed

    Microsoft differentiator:

    Utilities like Planner and To-Do make it easier to turn what are often ad hoc approaches into a more repeatable process.

    Team Task Management

    The SharedTo-Do list

    • Who does it?
      • Groups of knowledge workers
    • What is it?
      • Temporary and permanent collections of knowledge workers
    • When is it done?
      • As needed or on a pre-determined cadence
    • Where is it done?
      • Paper
      • Digital location
    • How is it done?
      • User norms are established organically and adapted based upon the needs of the team.
      • To whatever extent processes are repeatable in the first place, they remain repeatable only if the team is a collective.
      • Usually governed within the team and not subject to wider visibility.

    Microsoft differentiator:

    Teams has opened personal task management tactics up to more collaborative approaches.

    Project Management Overview

    2003

    Project Server: This product serves many large enterprise clients, but Microsoft has stated that it is at end of life. It is appealing to industries and organizations where privacy is paramount. This is an on-premises system that combines servers like SharePoint, SQL, and BI to report on information from Project Desktop Client. To realize the value of this product, there must be adoption across the organization and engagement at the project-task level for all projects within the portfolio.

    2013

    Project Online: This product serves many medium enterprise clients. It is appealing for IT departments who want to get a rich set of features that can be used to intake projects, assign resources, and report on project portfolio health. It is a cloud solution built on the SharePoint platform, which provides many users a sense of familiarity. However, due to the bottom-up reporting nature of this product, again, adoption across the organization and engagement at the project task level for all projects within the portfolio is critical.

    2020

    Project for the web: This product is the newest on the market and is quickly being evolved. Many O365 enthusiasts have been early adopters of Project for the web despite its limited features when compared to Project Online. It is also a cloud solution that encourages citizen developers by being built on the MS Power Platform. This positions the product well to integrate with Power BI, Power Automate, and Power Apps. It is, so far, the only MS product that lends itself to abstracted portfolio management, which means it doesn’t rely on project task level engagement to produce portfolio reports. The portfolio can also run with a mixed methodology by funneling Project, Azure Boards, and Planner boards into its roadmap function.

    Get familiar with the Microsoft product offerings for project management

    A diagram of Microsoft products and what they can help accomplish in Personal and Team Project Management. Products listed include 'Project Desktop Client', 'Project Online', 'SharePoint', 'Power Platform', 'Azure DevOps', 'Project for the web', Project Roadmap', 'Project Home', and 'Project Server'. See the next slide for more details on personal and team project management as modes of working.

    Download the M365 Project Management Tool Guide

    Project Management

    Orchestrating the delivery of project work

    • Who does it?
      • Project managers
    • What is it?
      • Individual project managers developing project plans and schedules in the MS Project Desktop Client
    • When is it done?
      • Throughout the lifecycle of the project
    • Where is it done?
      • Digital location
    • How is it done?
      • Used by individual project managers to develop and manage project plans.
      • Common approaches may or may not involve reconciliation of resource capacity through integration with Active Directory.
      • Sometimes usage norms are established by organizational project management governance standards, though individual use of the desktop client is largely ungoverned.

    Microsoft differentiator:

    For better or worse, Microsoft’s core solution is veritably synonymous with project management itself and has formally contributed to the definition of the project management space.

    Project Portfolio Management Overview

    Optimize what you’re already using and get familiar with the Power Platform.

    What does PPM look like within M365?

    • The Office suite in the Microsoft 365 suite boasts the world’s most widely used application for the purposes of abstracted and strategic PPM: Excel. For the purposes of PPM, Excel is largely implemented in a suboptimal fashion, and as a result, organizations fail to gain PPM adoption and maturation through its use.
    • Until very recently, Microsoft toolset did not explicitly address abstracted PPM needs.
    • However, with the latest version of M365 and Project for the web, Microsoft is boasting of renewed PPM capabilities from its toolset. These capabilities are largely facilitated through what Microsoft is calling its Power Platform (i.e. a suite of products that includes Power, Power Apps, and Power Automate).

    Explore the Microsoft product offering for abstracted project portfolio management

    A diagram of Microsoft products for 'Adaptive or Abstracted Portfolio Management'. Products listed include 'Excel', 'MS Lists', 'Forms', 'Teams', and the 'Power Platform' products 'Power BI', 'Power Apps', and 'Power Automate'. See the next slide for more details on adaptive or abstracted portfolio management as a mode of working.

    Download the M365 Project Portfolio Management Tool Guide

    Project Portfolio Management

    Doing the right projects, at the right time, with the right resources

    • Who does it?
      • PMO directors; portfolio managers
    • What is it?
      A strategic approach to approving, prioritizing, resourcing, and reporting on projects using applications in M365 and Project for the web. In distinction to enterprise PPM, a top-down or abstracted approach is applied, meaning PPM data is not tied to project task details.
    • Where is it done?
      • Digital tool, either homegrown or commercial
    • How is it done?
      • Currently in M365, PPM approaches are largely self-developed, though Microsoft Gold Partners are commonly involved.
      • User norms are still evolving, along with the software’s (Project for the web) function.

    Microsoft differentiator:

    Integration between Project for the web and Power Apps allows for custom approaches.

    Project Portfolio Management Overview

    Microsoft’s legacy project management toolset has contributed to the definition of traditional or enterprise PPM space.

    A robust and intensive bottom-up approach that requires task level roll-ups from projects to inform portfolio level data. For this model to work, reconciliation of individual resource capacity must be universal and perpetually current.

    If your organization has low or no maturity with PPM, this approach will be tough to make successful.

    In fact, most organizations under adopt the tools required to effectively operate with the traditional project portfolio management. Once adopted and operationalized, this combination of tools gives the executives the most precise view of the current state of projects within the portfolio.

    Explore the Microsoft product offering for enterprise project portfolio management

    A diagram of Microsoft products for 'Enterprise or Traditional Portfolio Management'. Products listed include 'Project Desktop Client', 'SharePoint', 'Project Online', 'Azure DevOps', 'Project Roadmaps', and 'Project Home'. See the next slide for more details on this as a mode of working.

    Download the M365 Project Portfolio Management Tool Guide

    Enterprise Project and Portfolio Management

    Bottom-up approach to managing the project portfolio

    • Who does it?
      • PMO and ePMO directors; portfolio managers
      • Project managers
    • What is it?
      • A strategic approach to approving, prioritizing, resourcing, and reporting on projects using applications in M365 and Project for the web. In distinction to enterprise PPM, a top-down or abstracted approach is applied, meaning PPM data is not tied to project task details.
    • Where is it done?
      • Digital tool that is usually commercial.
    • How is it done?
      • Microsoft Gold Partner involvement is highly likely in successful implementations.
      • Usage norms are long established and customized solutions are prevalent.
      • To be successful, use must be highly governed.
      • Reconciliation of individual resource capacity must be universal and perpetually current.

    Microsoft differentiator:

    Microsoft’s established network of Gold Partners helps to make this deployment a viable option.

    Assess your current tool ecosystem across work management categories

    Use Info-Tech’s Tool Audit Workbook to assess the value and satisfaction for the work management tools currently in use.

    • With the modes of working in mind that have been addressed in the previous slides and in Info-Tech’s Tool Guides, the activity slides ahead encourage you to engage your wider organization to determine all of the ways of working across individuals and teams.
    • Depending on the scope of your work management optimization, these engagements may be limited to IT or may extend to the business.
    • Use Info-Tech’s Tool Audit Workbook to help you gather and make sense of the tool data you collect. The result of this activity is to gain insight into the tools that drive value and fail to drive value across your work management categories with a view to streamline the organization’s tool ecosystem.

    Download Info-Tech’s Tool Audit Workbook

    Sample of Info-Tech's Tool Audit Workbook.

    1.2.1 Compile list of tools

    1-3 hours

    Input: Information on tools used to complete task, project, and portfolio tasks

    Output: Analyzed list of tools

    Materials: Whiteboard/Flip Charts, Tool Audit Workbook

    Participants: Portfolio Manager (PMO Director), PMO Admin Team, Project Managers, Business Stakeholders

    1. Identify the stakeholder groups that are in scope. For each group that you’ve identified, brainstorm the different tools and artifacts that are necessary to get the task, project, and project portfolio management functions done.
    2. Make sure to record the tool name and specify its category (standard document, artifact, homegrown solution, or commercial solution).
    3. Think about and discuss how often the tool is being used for each use case across the organization. Document whether its use is required. Then assess reporting functionality, data accuracy, and cost.
    4. Lastly, give a satisfaction rating for each use case.

    Excerpt from the Tool Audit Workbook

    Excerpt from Info-Tech's Tool Audit Workbook on compiling tools.

    1.2.1 Review dashboard

    1-3 hours

    Input: List of key PPM decision points, List of who is accountable for PPM decisions, List of who has PPM decision-making authority

    Output: Prioritized list of PPM decision-making support needs

    Materials: Whiteboard/Flip Charts, Tool Audit Workbook

    Participants: Portfolio Manager (PMO Director), PMO Admin Team, CIO

    Discuss the outputs of the Dashboards tab to inform your decision maker on whether to pass or fail the tool for each use case.

    Sample of a BI dashboard used to evaluate the usefulness of tools. Written notes include: 'Slice the data based on stakeholder group, tool, use case, and category', and 'Review the results of the questionnaire by comparing cost and satisfaction'.

    1.2.1 Execute final audit

    1 hour

    Input: List of key PPM decision points, List of who is accountable for PPM decisions, List of who has PPM decision-making authority

    Output: Prioritized list of PPM decision-making support needs

    Materials: Whiteboard/Flip Charts, Tool Audit Workbook

    Participants: Portfolio Manager (PMO Director), PMO Admin Team, CIO

    1. Using the information available, schedule time with the leadership team to present the results.
    2. Identify the accountable party to make the final decision on what current tools pass or fail the final audit.
    3. Mind the gap presented by the failed tools and look to possibilities within the M365 and Microsoft Project suite. For each tool that is deemed unsatisfactory for the future state, mark it as “Fail” in column O on tab 2 of the Tool Audit Workbook. This will ensure the item shows in the “Fail” column on tab 4 of the tool when you refresh the data.
    4. For each of the tools that “fail” your audit and that you’re going to make recommendations to rationalize in a future state, try to capture the annual total current-state spending on licenses, and the work modes the tool currently supports (i.e. task, project, and/or portfolio management).
    5. Additionally, start to think about future-state replacements for each tool within or outside of the M365/MS Project platforms. As we move forward to finalize your action plan in the last phase of this blueprint, we will capture and present this information to key stakeholders.

    Document your goals, needs, and constraints before proceeding

    Use Info-Tech’s Force Field Analysis Tool to help weigh goals and needs against risks and constraints associated with a work management change.

    • Now that you have discussed the organization’s ways of working and assessed its tool landscape – and made some initial decisions on some tool options that might need to change across that landscape – gather key stakeholders to define (a) why a change is needed at this time and (b) to document some of the risks and constraints associated with changing.
    • Info-Tech’s Force Field Analysis Tool can be used to capture these data points. It takes an organizational change management approach and asks you to consider the positive and negative forces associated with a work management tool change at this time.
    • The slides ahead walk you through a force field analysis activity and help you to navigate the relevant tabs in the Tool.

    Download Info-Tech's Force Field Analysis Tool

    Sample of Info-Tech's Force Field Analysis Tool.

    1.2.1 Identify goals and needs (1 of 2)

    Use tab 1 of the Force Field Analysis Workbook to assess goals and needs.

    30 minutes

    Input: Opportunities associated with determining the use case for Microsoft Project and M365 in your organization

    Output: Plotted opportunities based on probability and impact

    Materials: Whiteboard/Flip Charts, Force Field Analysis Tool

    Participants: Portfolio Manager (PMO Director), PMO Admin Team, Project Managers

    1. Brainstorm opportunities associated with exploring and/or implementing Microsoft Project and the Microsoft 365 suite of products for task, project, and project portfolio management.
    2. Document relevant opportunities in tab 1 of the Force Field Analysis Tool. For each driving force for the change (note: a driving force can include goals and needs) that is identified, provide a category that explains why the driving force is a concern (i.e. with this force is the organization looking to mature, integrate, scape, or accelerate?).
    3. In addition, assess the ease of achieving or realizing each goal or need and the impact of realizing them on the PMO and/or the organization.
    4. See the next slide for a screenshot that helps you navigate tab 1 of the Tool.

    Download the Force Field Analysis Tool

    1.2.1 Identify goals and needs (2 of 2)

    Screenshot of tab 1 of the Force Field Analysis Workbook.

    Screenshot of tab 1 of the Force Field Analysis Workbook. There are five columns referred to as columns B through F with the headings 'Opportunities', 'Category', 'Source', 'Ease of Achieving', and 'Impact on PMO/Organization'.

    In column B on tab 1, note the specific opportunities the group would like to call out.

    In column C, categorize the goal or need being articulated by the list of drop-down options: will it accelerate the time to benefit? Will it help to integrate systems and data sources? Will it mature processes and the organization overall? Will it help to scale across the organization? Choose the option that best aligns with the opportunity.

    In column D, categorize the source of the goal or need as internal or external.

    In column E, use the drop-down menus to indicate the ease of realizing each goal or need for the organization. Will it be relatively easy to manifest or will there be complexities to implementing it?

    In column F, use the drop-down menus to indicate the positive impact of realizing or achieving each need on the PMO and/or the organization.

    On tab 3 of the Force Field Analysis Workbook, your inputs on tab 1 are summarized in graphical form from columns B to G. On tab 3, these goals and needs results are contrasted with your inputs on tab 2 (see next slide).

    1.2.2 Identify risk and constraints (1 of 2)

    Use tab 2 of the Force Field Analysis Workbook to assess opposing forces to change.

    30 minutes

    Input: Risks associated with determining the use case for Microsoft Project and M365 in your organization

    Output: Plotted risks based on probability and impact

    Materials: Whiteboard/Flip Charts, Force Field Analysis Tool

    Participants: Portfolio Manager (PMO Director), PMO Admin Team, Project Managers

    1. With the same working group from 1.2.1, brainstorm risks, constraints, and other opposing forces pertaining to your potential future state.
    2. Document relevant opposing forces in tab 2 of the Force Field Analysis Tool. For each opposing force for the change (note: a driving force can include goals and needs) that is identified, provide a category that explains why the opposing force is a concern (i.e. will it impact or is it impacted by time, resources, maturity, budget, or culture?).
    3. In addition, assess the likelihood of the risk or constraint coming to light and the negative impact of it coming to light for your proposed change.
    4. See the next slide for a screenshot that helps you navigate tab 2 of the Force Field Analysis Tool.

    Download the Force Field Analysis Tool

    1.2.2 Identify risk and constraints (2 of 2)

    Screenshot of tab 2 of the Force Field Analysis Workbook.

    Screenshot of tab 2 of the Force Field Analysis Workbook. There are five columns referred to as columns B through F with the headings 'Risks and Constraints', 'Category', 'Source', 'Likelihood of Constraint/Risk/Resisting Force Being Felt', and 'Impact to Derailing Goals and Needs'.

    In column B on tab 2, note the specific risks and constraints the group would like to call out.

    In column C, categorize the risk or constraint being articulated by the list of drop-down options: will it impact or is it impacted by time, resources, budget, culture or maturity?

    In column D, categorize the source of the goal or need as internal or external.

    In column E, use the drop-down menus to indicate the likelihood of each risk or constraint materializing during your implementation. Will it definitely occur or is there just a small chance it could come to light?

    In column F, use the drop-down menus to indicate the negative impact of the risk or constraint to achieving your goals and needs.

    On tab 3 of the Force Field Analysis Workbook, your inputs on tab 2 are summarized in graphical form from columns I to N. On tab 3, your risk and constraint results are contrasted with your inputs on tab 1 to help you gauge the relative weight of driving vs. opposing forces.

    Step 1.2

    Explore the Microsoft Project Plans and their capabilities

    Activities

    • 1.1.1 Review the Microsoft 365 licensing features
    • 1.1.2 Explore the Microsoft Project Plan licenses
    • 1.1.3 Prepare a needs assessment for Microsoft 365 and Project Plan licenses

    This step will walk you through the following activities:

    • Review the suite of task management, project management, and project portfolio management options available in Microsoft 365.
    • Prepare a preliminary checklist of required M365 apps for your stakeholders.

    This step usually involves the following participants:

    • PMO/Portfolio Manager
    • Project Managers
    • CIO and other executive stakeholders
    • Other project portfolio stakeholders (project and IT workers)

    Outcomes of Step

    • Preliminary requirements for an M365 project management and project portfolio management tool implementation

    Microsoft recently revamped its project plans to balance its old and new tech

    Access to the new tech, Project for the web, comes with all license types, while Project Online Professional and Premium licenses have been revamped as P3 and P5.

    Navigating Microsoft licensing is never easy, and Project for the web has further complicated licensing needs for project professionals.

    As we’ll cover in step 2.1 of this blueprint, Project for the web can be extended beyond its base lightweight work management functionality using the Power Platform (Power Apps, Power Automate, and Power BI). Depending on the scope of your implementation, this can require additional Power Platform licensing.

    • In this step, we will help you understand the basics of what’s already included in your enterprise M365 licensing as well as what’s new in Microsoft’s recent Project licensing plans (P1, P3, and P5).
    • As we cover toward the end of this step, you can use Info-Tech’s MS Project and M365 Licensing Tool to help you understand your plan and licensing needs. Further assistance on licensing can be found in the Task, Project, and Portfolio Management Tool Guides that accompany this blueprint and Info-Tech’s Modernize Your Microsoft Licensing for the Cloud Era.

    Download Info-Tech’s Modernize Your Microsoft Licensing for the Cloud Era

    Licensing features for knowledge workers

    Please note that licensing packages are frequently subject to change. This is up to date as of August 2021. For the most up-to-date information on licensing, visit the Microsoft website.

    Bundles are extremely common and can be more cost effective than à la carte options for the Microsoft products.

    The biggest differentiator between M365 and O365 is that the M365 product also includes Windows 10 and Enterprise Mobility and Security.

    The color coding in the diagram indicates that the same platform/application suite is available.

    Platform or Application M365 E3 M365 E5 O365 E1 O365 E3 O365 E5
    Microsoft Forms X X X X X
    Microsoft Lists X X X X X
    OneDrive X X X X X
    Planner X X X X X
    Power Apps for Office 365 X X X X X
    Power Automate for Office X X X X X
    Power BI Pro X X
    Power Virtual Agents for Teams X X X X X
    SharePoint X X X X X
    Stream X X X X X
    Sway X X X X X
    Teams X X X X X
    To Do X X X X X

    Get familiar with Microsoft Project Plan 1

    Please note that licensing packages are frequently subject to change. This is up to date as of August 2021. For the most up to date information on licensing, visit the Microsoft website.

    Who is a good fit?

    • New project managers
    • Zero-allocation project managers
    • Individuals and organizations who want to move out of Excel into something less fragile (easily breaking formulas)

    What does it include?

    • Access to Project Home, a landing page to access all project plans you’ve created or have been assigned to.
    • Access to Grid View, Board View, and Timeline (Gantt) View to plan and manage your projects with Project for the web
    • Sharing Project for the web plans across Microsoft Teams channels
    • Co-authoring on project plans

    When does it make sense?

    • Lightweight project management
    • No process to use bottom-up approach for resourcing data
    • Critical-path analysis is not required
    • Organization does not have an appetite for project management rigor

    Get familiar with Microsoft Project Plan 3

    Please note that licensing packages are frequently subject to change. This is up to date as of August 2021. For the most up to date information on licensing, visit the Microsoft website.

    Who is a good fit?

    • Experienced and dedicated project managers
    • Organizations with complex projects
    • Large project teams are required to complete project work
    • Organizations have experience using project management software

    What does it include?

    Everything in Project Plan 1 plus the following:

    • Reporting through Power BI Report template apps (note that there are no pre-built reports for Project for the web)
    • Access to build a Roadmap of projects from Project for the web and Azure DevOps with key milestones, statuses, and deadlines
    • Project Online to submit and track timesheets for project teams
    • MS Project Desktop Client to support resource management

    When does it make sense?

    • Project management is an established discipline at the organization
    • Critical-path analysis is commonly used
    • Organization has some appetite for project management rigor
    • Resources are expected to submit timesheets to allow for more precise resource management data

    Get familiar with Microsoft Project Plan 5

    Please note that licensing packages are frequently subject to change. This is up to date as of August 2021. For the most up to date information on licensing, visit the Microsoft website.

    Who is a good fit?

    • Experienced and dedicated project managers
    • Experienced and dedicated PMO directors
    • Dedicated portfolio managers
    • Organizations proficient at sustaining data in a standard tool

    What does it include?

    Everything in Project Plan 3 plus the following:

    • Portfolio selection and optimization
    • Demand management
    • Enterprise resource planning and management through deterministic task and resource scheduling
    • MS Project Desktop Client to support resource management

    When does it make sense?

    • Project management is a key success factor at the organization
    • Organization employs a bottom-up approach for resourcing data
    • Critical-path analysis is required
    • Formal project portfolio management processes are well established
    • The organization is willing to either put in the time, energy, and resources to learn to configure the system through DIY or is willing to leverage a Microsoft Partner to help them do so

    What’s included in each plan (1 of 2)

    Plan details are up to date as of September 2021. Plans and pricing can change often. Visit the Microsoft website to validate plan options and get pricing details.
    MS Project Capabilities Info-Tech's Editorial Description P1 P3 P5
    Project Home Essentially a landing page that allows you to access all the project plans you've created or that you're assigned to. It amalgamates plans created in Project for the web, the Project for the web app in Power Apps, and Project Online. X X X
    Grid view One of three options in which to create your project plans in Project for the web (board view and timeline view are the other options). You can switch back and forth between the options. X X X
    Board view One of three options in which to create your project plans in Project for the web (grid view and timeline view are the other options). You can switch back and forth between the options. X X X
    Timeline (Gantt) view One of three options in which to create your project plans in Project for the web (board view and grid view are the other options). You can switch back and forth between the options. X X X
    Collaboration and communication This references the ability to add Project for the web project plans to Teams channels. X X X
    Coauthoring Many people can have access to the same project plan and can update tasks. X X X
    Project planning and scheduling For this the marketing lingo says "includes familiar scheduling tools to assign project tasks to team members and use different views like Grid, Board, and Timeline (Gantt chart) to oversee the schedule." Unclear how this is different than the project plans in the three view options above. X X X

    X - Functionality Included in Plan

    O - Functionality Not Included in Plan

    What’s included in each plan (2 of 2)

    Plan details are up to date as of September 2021. Plans and pricing can change often. Visit the Microsoft website to validate plan options and get pricing details.
    MS Project Capabilities Info-Tech's Editorial Description P1 P3 P5
    Reporting This seems to reference Excel reports and the Power BI Report Template App, which can be used if you're using Project Online. There are no pre-built reports for Project for the web, but third-party Power Apps are available. O X X
    Roadmap Roadmap is a platform that allows you to take one or more projects from Project for the web and Azure DevOps and create an organizational roadmap. Once your projects are loaded into Roadmap you can perform additional customizations like color status reporting and adding key days and milestones. O X X
    Timesheet submission Project Online and Server 2013 and 2016 allow team members to submit timesheets if the functionality is required. O X X
    Resource management The rich MS Project client supports old school, deterministic project scheduling at the project level. O X X
    Desktop client The full desktop client comes with P3 and P5, where it acts as the rich editor for project plans. The software enjoys a multi-decade market dominance as a project management tool but was never paired with an enterprise collaboration server engine that enjoyed the same level of success. O X X
    Portfolio selection and optimization Portfolio selection and optimization has been offered as part of the enterprise project and portfolio suite for many years. Most people taking advantage of this capability have used a Microsoft Partner to formalize and operationalize the feature. O O X
    Demand Management Enterprise demand management is targeted at the most rigorous of project portfolio management practices. Most people taking advantage of this capability have used a Microsoft Partner to formalize and operationalize the feature. O O X
    Enterprise resource planning and management The legacy MS Project Online/Server platform supports enterprise-wide resource capacity management through an old-school, deterministic task and resource scheduling engine, assuming scaled-out deployment of Active Directory. Most people succeeding with this capability have used a Microsoft Partner to formalize and operationalize the feature. O O X

    X - Functionality Included in Plan

    O - Functionality Not Included in Plan

    Use Info-Tech’s MS Project and M365 Licensing Tool

    Leverage the analysis in Info-Tech’s MS Project & M365 Licensing Tool to help inform your initial assumptions about what you need and how much to budget for it.

    • The Licensing Tool can help you determine what Project Plan licensing different user groups might need as well as additional Power Platform licensing that may be required.
    • It consists of four main tabs: two set-up tabs where you can validate the plan and pricing information for M365 and MS Project; an analysis tab where you set up your user groups and follow a survey to assess their Project Plan needs; and another analysis tab where you can document your Power Platform licensing needs across your user groups.
    • There is also a business case tab that breaks down your total licensing needs. The outputs of this tab can be used in your MS Project & M365 Action Plan Template, which we will help you develop in phase three of this blueprint.

    Download Info-Tech's Microsoft Project & M365 Licensing Tool

    Sample of Info-Tech's Microsoft Project and M365 Licensing Tool.

    1.2.1 Conduct a needs assessment

    1-2 hours

    Input: List of key user groups/profiles, Number of users and current licenses

    Output: List of Microsoft applications/capabilities included with each license, Analysis of user group needs for Microsoft Project Plan licenses

    Materials: Microsoft Project & 365 Licensing Tool

    Participants: Portfolio Manager (PMO Director), PMO Admin Team, Project Managers

    1. As a group, analyze the applications included in your current or desired 365 license and calculate any additional Power Platform licensing needs.
    2. Screenshot of the 'Application/Capabilities' screen from the 'Microsoft Project and M365 Licensing Tool'.
    3. Within the same group, use the drop-down menus to analyze your high-level MS Project requirements by selecting whether each capability is necessary or not.
    4. Your inputs to the needs assessment will determine the figures in the Business Case tab. Consider exporting this information to PDF or other format to distribute to stakeholders.
    5. Screenshot of the 'Business Case' tab from the 'Microsoft Project and M365 Licensing Tool'.

    Download Info-Tech's Microsoft Project & M365 Licensing Tool

    Step 1.3

    Assess the maturity of your current PM & PPM capabilities

    Activities

    • Assess current state project and project portfolio management processes and tools
    • Determine target state project and project portfolio management processes and tools

    This step will walk you through the following activities:

    • Assess current state project and project portfolio management processes and tools
    • Determine target state project and project portfolio management processes and tools

    This step usually involves the following participants:

    • PMO/Portfolio Manager
    • Project Managers
    • CIO and other executive stakeholders
    • Other project portfolio stakeholders (project and IT workers)

    Outcomes of Step

    • Current and target state maturity for project management and project portfolio management processes

    Project portfolio management and project management are more than tools

    Implementing commercial tools without a matching level of process discipline is a futile exercise, leaving organizations frustrated at the wasted time and money.

    • The tool is only as good as the data that is input. There is often a misunderstanding that a tool will be “automatic.” While it is true that a tool can help make certain processes easier and more convenient by aggregating information, enhancing reporting, and coauthoring, it will not make up the data. If data becomes stale, the tool is no longer valid for accurate decision making.
    • Getting people onboard and establishing a clear process is often the hardest part. As IT folk, it can be easy to get wrapped up in the technology. All too often excitement around tools can drown out the important requisites around people and process. The reality is people and process are a necessary condition for a tool to be successful. Having a tool will not be sufficient to overcome obstacles like poor stakeholder buy-in, inadequate governance, and the absence of a standard operating procedure.

    • Slow is the way to go. When deciding what tools to purchase, start small and scale up rather than going all in and all too often ending up with many unused features and fees.

    "There's been a chicken-egg debate raging in the PPM world for decades: What comes first, the tool or the process? It seems reasonable to say, ‘We don't have a process now, so we'll just adopt the one in the tool.’ But you'll soon find out that the tool doesn't have a process, and you needed to do more planning and analysis before buying the tool." (Barry Cousins, Practice Lead, Project Portfolio Management)

    Assess your process maturity to determine the right tool approach

    Take the time to consider and reflect on the current and target state of the processes for project portfolio management and project management.

    Project Portfolio Management

    • Status and Progress Reporting
      1. Intake, Approval, and Prioritization

        PPM is the practice of selecting the right projects and ensuring the organization has the necessary resources to complete them. PPM should enable executive decision makers to make sense of the excess of demand and give IT the ability to prioritize those projects that are most valuable to the business.
      2. Resource Management

      3. Project Management

        1. Initiation
        2. Planning
        3. Execution
        4. Monitoring and Controlling
        5. Closing
        Tailor a project management framework to fit your organization. Formal methodologies aren’t always the best fit. Take what you can use from formal frameworks and define a right-sized approach to your project management processes.
      4. Project Closure

      5. Benefits Tracking

    Info-Tech’s maturity assessment tools can help you match your tools to your maturity level

    Use Info-Tech’s Project Portfolio Management Maturity Assessment Tool and Project Management Maturity Assessment Tool.

    • The next few slides in this step take you through using our maturity assessment tools to help gauge your current-state and target-state maturity levels for project management (PM) and project portfolio management (PPM).
    • In addition to the process maturity assessments, these workbooks also help you document current-state support tools and desired target-state tools.
    • The outputs of these workbooks can be used in your MS Project & M365 Action Plan Template, which we will help you develop in phase three of this blueprint.

    Download Info-Tech’s Project Portfolio Management Maturity Assessment Tool and Project Management Maturity Assessment Tool

    Samples of Info-Tech's Project Portfolio Management Maturity Assessment Tool and Project Management Maturity Assessment Tool.

    Conduct a gap analysis survey for both project and project portfolio management.

    • Review the category and activity statements: For each gap analysis tab in the maturity assessments, use the comprehensive activity statements to identify gaps for the organization.
    • Assess the current state: To assess the current state, evaluate whether the statement should be labeled as:
      • Absent: There is no evidence of any activities supporting this process.
      • Initial: Activity is ad hoc and not well defined.
      • Defined: Activity is established and there is moderate adherence to its execution.
      • Repeatable: Activity is established, documented, repeatable, and integrated with other phases of the process.
      • Managed: Activity execution is tracked by gathering qualitative and quantitative feedback

    Once this is documented, take some time to describe the type of tool being used to do this (commercial, home-grown, standardized document) and provide additional details, where applicable.

    Define the target state: Repeat the assessment of activity statements for the target state. Then gauge the organizational impact and complexity of improving each capability on a scale of very low to very high.

    Excerpt from Info-Tech's Project Portfolio Management Maturity Assessment Tool, the 'PPM Current State Target State Maturity Assessment Survey'. It has five columns whose purpose is denoted in notes. Column 1 'Category within the respective discipline'; Column 2 'Statement to consider'; Column 3 'Select the appropriate answer for current and target state'; Column 4 'Define the tool type'; Column 5 'Provide addition detail about the tool'.

    Analyze survey results for project and project portfolio management maturity

    Take stock of the gap between current state and target state.

    • What process areas have the biggest gap between current and target state?
    • What areas are aligned across current and target state?

    Identify what areas are currently the least and most mature.

    • What process area causes the most pain in the organization?
    • What process area is the organization’s lowest priority?

    Note the overall current process maturity.

    • After having done this exercise, does the overall maturity come as a surprise?
    • If so, what are some of the areas that were previously overlooked?
    A table and bar graph documenting and analysis of maturity survey results. The table has four columns labelled 'Process Area', 'Current Process Completeness', 'Current Maturity Level', and 'Target State Maturity'. Rows headers in the 'Process Area' column are 'Intake, Approval, and Prioritization', 'Resource Management', 'Portfolio Reporting', 'Project Closure and Benefits Realization', 'Portfolio Administration', and finally 'Overall Maturity'. The 'Current Process Completeness' column's values are in percentages. The 'Current Maturity Level' and 'Target State Maturity' columns' values can be one of the following: 'Absent', 'Initial', 'Defined', 'Repeatable', or 'Managed'. The bar chart visualizes the levels of the 'Target State' and 'Current State' with 'Absent' from 0-20%, 'Initial' from 20-40%, 'Defined' from 40-60%, 'Repeatable' from 60-80%, and 'Managed' from 80-100%.
    • Identify process areas with low levels of maturity
    • Spot areas of inconsistency between current and target state.
    • Assess the overall gap to get a sense of the magnitude of the effort required to get to the target state.
    • 100% doesn’t need to be the goal. Set a goal that is sustainable and always consider the value to effort ratio.

    Screenshot your results and put them into the MS Project and M365 Action Plan Template.

    Review the tool overview and plan to address gaps (tabs 3 & 4)

    Tool Overview:

    Analyze the applications used to support your project management and project portfolio management processes.

    Look for:

    • Tools that help with processes across the entire PM or PPM lifecycle.
    • Tools that are only used for one specific process.

    Reflect on the overlap between process areas with pain points and the current tools being used to complete this process.

    Consider the sustainability of the target-state tool choice

    Screenshot of a 'Tool Overview' table. Chart titled 'Current-to-Target State Supporting Tools by PPM Activity' documenting the current and target states of different supporting tools by PPM Activity. Tools listed are 'N/A', 'Standardized Document', 'Homegrown Tool', and 'Commercial Tool'.

    You have the option to create an action plan for each of the areas of improvement coming out of your maturity assessment.

    This can include:

    • Tactical Optimization Action: What is the main action needed to improve capability?
    • Related Actions: Is there a cross-over with any actions for other capabilities?
    • Timeframe: Is this near-term, mid-term, or long-term?
    • Proposed Start Date
    • Proposed Go-Live Date
    • RACI: Who will be responsible, accountable, consulted, and informed?
    • Status: What is the status of this action item over time?

    Determine the Future of Microsoft Project for Your Organization

    Phase 2: Weigh Your Implementation Options

    Phase 1: Determine Your Tool Needs

    Phase 2: Weigh Your Implementation Options

    Phase 3: Finalize Your Implementation Approach
    • Step 1.1: Survey the M365 work management landscape
    • Step 1.2: Perform a process maturity assessment to help inform your M365 starting point
    • Step 1.3: Consider the right MS Project licenses for your stakeholders
    • Step 2.1: Get familiar with extending Project for the web using Power Apps
    • Step 2.2: Assess the MS Gold Partner Community
    • Step 3.1: Prepare an action plan

    Phase Outcomes

    • A decision on how best to proceed (or not proceed) with Project for the web
    • A Partner outreach plan

    Step 2.1

    Get familiar with extending Project for the web using Power Apps

    Activities

    • Get familiar with Project for the web: how it differs from Microsoft’s traditional project offerings and where it is going
    • Understand the basics of how to extend Project for the web in Power Apps
    • Perform a feasibility test

    This step will walk you through the following activities:

    • Get familiar with Project for the web
    • Understand the basics of how to extend Project for the web in Power Apps
    • Perform a feasibility test to determine if taking a DIY approach to extending Project for the web is right for your organization currently

    This step usually involves the following participants:

    • Portfolio Manager (PMO Director)
    • Project Managers
    • Other relevant PMO stakeholders

    Outcomes of Step

    • A decision on how best to proceed (or not proceed) with Project for the web

    Project for the web is the latest of Microsoft’s project management offerings

    What is Project for the web?

    • First introduced in 2019 as Project Service, Project for the web (PFTW) is Microsoft’s entry into the world of cloud-based work management and lightweight project management options.
    • Built on the Power Platform and leveraging the Dataverse for data storage, PFTW integrates with the many applications that M365 users are already employing in their day-to-day work management and collaboration activities.
    • It is available as a part of your M365 subscription with the minimum activation of P1 license – it comes with P3 and P5 licenses as well.
    • From a functionality and user experience perspective, PFTW is closer to applications like Planner or Azure Boards than it is to traditional MS Project options.

    What does it do?

    • PFTW allows for task and dependency tracking and basic timeline creation and scheduling and offers board and grid view options. It also allows real-time coauthoring of tasks among team members scheduled to the same project.
    • PFTW also comes with a product/functionality Microsoft calls Roadmap, which allows users to aggregate multiple project timelines into a single view for reporting purposes.

    What doesn't it do?

    • With PFTW, Microsoft is offering noticeably less traditional project management functionality than its existing solutions. Absent are table stakes project management capabilities like critical path, baselining, resource load balancing, etc.

    Who is it for?

    • Currently, in its base lightweight project management option, PFTW is targeted toward occasional or part-time project managers (not the PMP-certified set) tasked with overseeing and/or collaborating on small to mid-sized initiatives and projects.

    Put Project for the web in perspective

    Out of the box, PFTW occupies a liminal space when it comes to work management options

    • More than a task management tool, but not quite a full project management tool
    • Not exactly a portfolio management tool, yet some PPM reporting functionality is inherent in the PFTW through Roadmap

    The table to the right shows some of the functionality in PFTW in relation to the task management functionality of Planner and the enterprise project and portfolio management functionality of Project Online.

    Table 2.1a Planner Project for the web Project Online
    Coauthoring on Tasks X X
    Task Planning X X X
    Resource Assignments X X X
    Board Views X X X
    MS Teams Integration X X X
    Roadmap X X
    Table and Gantt Views X X
    Task Dependency Tracking X X
    Timesheets X
    Financial Planning X
    Risks and Issues Tracking X
    Program Management X
    Advanced Portfolio Management X

    Project for the web will eventually replace Project Online

    • As early as 2018 Microsoft has been foreshadowing a transition away from the SharePoint-backed Project environments of Server and Online toward something based in Common Data Service (CDS) – now rebranded as the Dataverse.
    • Indeed, as recently as the spring of 2021, at its Reimagine Project Management online event, Microsoft reiterated its plans to sunset Project Online and transition existing Online users to the new environment of Project for the web – though it provided no firm dates when this might occur.
      • The reason for this move away from Online appears to be an acknowledgment that the rigidity of the tool is awkward in our current dynamic, collaborative, and overhead-adverse work management paradigm.
      • To paraphrase a point made by George Bullock, Sr. Product Marketing Manager, for Microsoft at the Reimagine Project Management event, teams want to manage work as they see fit, but the rigidity of legacy solutions doesn’t allow for this, leading to a proliferation of tools and data sprawl. (This comment was made during the “Overview of Microsoft Project” session during the Reimagine event.)

    PFTW is Microsoft’s proposed future-state antidote to this challenge. Its success will depend on how well users are able to integrate the solution into a wider M365 work management setting.

    "We are committed to supporting our customers on Project Online and helping them transition to Project for the Web. No end-of-support has been set for Project Online, but when the time comes, we will communicate our plans on the transition path and give you plenty of advance notice." (Heather Heide, Program Manager, Microsoft Planner and Project. This comment was made during the “Overview of Microsoft Project” session during the Reimagine event.)

    Project for the web can be extended beyond its base lightweight functionality

    Project for the web can be extended to add more traditional and robust project and project portfolio management functionality using the Power Platform.

    Microsoft plans to sunset Project Online in favor of PFTW will at first be a head-scratcher for those familiar with the extensive PPM functionality in Project Online and underwhelmed by the project and portfolio management in PFTW.

    However, having built the solution upon the Power Platform, Microsoft has made it possible to take the base functionality in PFTW and extend it to create a more custom, organizationally specific user experience.

    • With a little taste of what can be done with PFTW by leveraging the Power Platform – and, in particular, Power Apps – it becomes more obvious how we, as users, can begin to evolve the base tool toward a more traditional PPM solution and how, in time, Microsoft’s developers may develop the next iteration of PFTW into something more closely resembling Project Online.

    Before users get too excited about using these tools to build a custom PPM approach, we should consider the time, effort, and skills required. The slides ahead will take you through a series of considerations to help you gauge whether your PMO is ready to go it alone in extending the solution.

    Extending the tool enhances functionality

    Table 2.1a in this step displayed the functionality in PFTW in relation to the task management tool Planner and the robust PPM functionality in Online.

    The table to the right shows how the functionality in PFTW can differ from the base solution and Project Online when it is extended using the model-driven app option in Power Apps.

    Caveat: The list of functionality and processes in this table is sample data.

    This functionality is not inherent in the solution as soon as you integrate with Power Apps. Rather it must be built – and your success in developing these functions will depend upon the time and skills you have available.

    Table 2.1b Project for the web PFTW extended with PowerApps Project Online
    Critical Path X
    Timesheets X
    Financial Planning X X
    Risks and Issues Tracking X X
    Program Management X
    Status Updates X
    Project Requests X
    Business Cases X
    Project Charters X
    Resource Planning and Capacity Management X X
    Project Change Requests X

    Get familiar with the basics of Power Apps before you decide to go it alone

    While the concept of being able to customize and grow a commercial PPM tool is enticing, the reality of low-code development and application maintenance may be too much for resource-constrained PMOs.

    Long story short: Extending PFTW in Power Apps is time consuming and can be frustrating for the novice to intermediate user.

    It can take days, even weeks, just to find your feet in Power Apps, let alone to determine requirements to start building out a custom model-driven app. The latter activity can entail creating custom columns and tables, determining relationships between tables to get required outputs, in addition to basic design activities.

    Time-strapped and resource-constrained practitioners should pause before committing to this deployment approach. To help better understand the commitment, the slides ahead cover the basics of extending PFTW in Power Apps:

    1. Dataverse environments.
    2. Navigating Power App Designer and Sitemap Designer
    3. Customizing tables and forms in the Dataverse

    See Info-Tech’s M365 Project Portfolio Management Tool Guide for more information on Power Apps in general.

    Get familiar with Power Apps licensing

    Power Apps for 365 comes with E1 through E5 M365 licenses (and F3 and F5 licenses), though additional functionality can be purchased if required.

    While extending Project for the web with Power Apps does not at this time, in normal deployments, require additional licensing from what is included in a E3 or E5 license, it is not out of the realm of possibility that a more complex deployment could incur costs not included in the Power Apps for 365 that comes with your enterprise agreement.

    The table to the right shows current additional licensing options.

    Power Apps, Per User, Per App Plan

    Per User Plan

    Cost: US$10 per user per app per month, with a daily Dataverse database capacity of 40 MB and a daily Power Platform request capacity of 1,000. Cost: US$40 per user per month, with a daily Dataverse database capacity of 250 MB and a daily Power Platform request capacity of 5,000.
    What's included? This option is marketed as the option that allows organizations to “get started with the platform at a lower entry point … [or those] that run only a few apps.” Users can run an application for a specific business case scenario with “the full capabilities of Power Apps” (meaning, we believe, that unlicensed users can still submit data via an app created by a licensed user). What's included? A per-user plan allows licensed users to run unlimited canvas apps and model-driven apps – portal apps, the licensing guide says, can be “provisioned by customers on demand.” Dataverse database limits (the 250 MB and 5,000 request capacity mentioned above) are pooled at the per tenant, not the per user plan license, capacity.

    For more on Power Apps licensing, refer to Info-Tech’s Modernize Your Microsoft Licensing for the Cloud Era for more information.

    What needs to be configured?

    Extending Project for the web requires working with your IT peers to get the right environments configured based upon your needs.

    • PFTW data is stored in the Microsoft Dataverse (formerly Common Data Service or CDS).
    • The organization’s Dataverse can be made up of one to many environments based upon its needs. Environments are individual databases with unique proprieties in terms of who can access them and what applications can store data in them.
    • Project for the web supports three different types of environments: default, production, and sandbox.
    • You can have multiple instances of a custom PFTW app deployed across these environments and across different users – and the environment you choose depends upon the use case of each instance.

    Types of Environments

    • Default Environment

      • It is the easiest to deploy and get started with the PFTW Power App in the default environment. However, it is also the most restricted environment with the least room for configuration.
      • Microsoft recommends this environment for simple deployments or for projects that span the organization. This is because everyone in the organization is by default a member of this environment – and, with the least room for configuration, the app is relatively straightforward.
      • At minimum, you need one project license to deploy PFTW in the default environment.
    • Production Environment

      • This environment affords more flexibility for how a custom app can be configured and deployed. Unlike the default environment, deploying a production environment is a manual process (through the Power Platform Admin Center) and security roles need to be set to limit users who can access the environment.
      • Because users can be limited, production environments can be used to support more advanced deployments and can support diverse processes for different teams.
      • At present, you need at least five Project licenses to deploy to production environments.
    • Sandbox Environment

      • This environment is for users who are responsible for the creation of custom apps. It offers the same functionality as a production environment but allows users to make changes without jeopardizing a production environment.

    Resources to provide your IT colleagues with to help in your PFTW deployment:

    1. Project for the web admin help (Product Documentation, Microsoft)
    2. Advanced deployment for Project for the web (Video, Microsoft)
    3. Get Started with Project Power App (Product Support Documentation, Microsoft)
    4. Project for the Web Security Roles (Product Support Documentation, Microsoft)

    Get started creating or customizing a model-driven app

    With the proper environments procured, you can now start extending Project for the web.

    • Navigate to the environment you would like to extend PFTW within. For the purposes of the slides ahead, we’ll be using a sandbox environment for an example. Ensure you have the right access set up for production and sandbox environments of your own (see links on previous slide for more assistance).
    • To begin extending PFTW, the two core features you need to be familiar with before you start in Power Apps are (1) Tables/Entities and (2) the Power Apps Designer – and in particular the Site Map.

    From the Power Apps main page in 365, you can change your environment by selecting from the options in the top right-hand corner of the screen.

    Screenshot of the Power Apps “Apps” page in a sandbox environment. The Project App will appear as “Project” when the application is installed, though it is also easy to create an app from scratch.

    Model-driven apps are built around tables

    In Power Apps, tables (formerly called entities and still referred to as entities in the Power Apps Designer) function much like tables in Excel: they are containers of columns of data for tracking purposes. Tables define the data for your app, and you build your app around them.

    In general, there are three types of tables:

    • Standard: These are out-of-the box tables included with a Dataverse environment. Most standard tables can be customized.
    • Managed: These are tables that get imported into an environment as part of a managed solution. Managed tables cannot be customized.
    • Custom: These types of tables can either be imported from another solution or created directly in the Dataverse environment. To create custom tables, users need to have System Administrator or System Customizer security roles within the Dataverse.

    Tables can be accessed under Data banner on the left-hand panel of your Power Apps screen.

    The below is a list of standard tables that can be used to customize your Project App.

    A screenshot of the 'Data' banner in 'Power Apps' and a list of table names.

    Table Name

    Display Name

    msdyn_project Project
    msdyn_projectchange Change
    msdyn_projectprogram Program
    msdyn_projectrequest Request
    msdyn_projectrisk Risk
    msdyn_projectissue Issue
    msdyn_projectstatusreport Status

    App layouts are designed in the Power App Designer

    You configure tables with a view to using them in the design of your app in the Power Apps Designer.

    • If you’re customizing a Project for the web app manually installed into your production or sandbox environment, you can access Designer by highlighting the app from your list of apps on the Apps page and clicking “Edit” in the ribbon above.
      • If you’re creating a model-driven app from scratch, Designer will open past the “Create a New App” intro screen.
      • If you need to create separate apps in your environment for different PMOs or business units, it is as easy to create an app from scratch as it is to customize the manual install.
    • The App Designer is where you can design the layout of your model-driven app and employ the right data tables.
    Screenshot of the 'App Designer' screen in 'Power Apps'.

    The Site Map determines the navigation for your app, i.e. it is where you establish the links and pages users will navigate. We will review the basics of the sitemap on the next few slides.

    The tables that come loaded into your Project Power App environment (at this time, 37) via the manual install will appear in the Power Apps Designer in the Entity View pane at the bottom of the page. You do not have to use all of them in your design.

    Navigate the Sitemap Designer

    With the components of the previous two slides in mind, let’s walk through how to use them together in the development of a Project app.

    As addressed in the previous slide, the sitemap determines the navigation for your app, i.e. it is where you establish the links and the pages that users will navigate.

    To get to the Sitemap Designer, highlight the Project App from your list of apps on the Apps page and click “Edit” in the ribbon above. If you’re creating a model-driven app from scratch, Designer will open past the “Create a New App” intro screen.

    • To start designing your app layout, click the pencil icon beside the Site Map logo on the App Designer screen.
    • This will take you into the Sitemap Designer (see screenshot to the right). This is where you determine the layout of your app and the relevant data points (and related tables from within the Dataverse) that will factor into your Project App.
    • In the Sitemap Designer, you simply drag and drop the areas, groups, and subareas you want to see in your app’s user interface (see next slide for more details).
    Screenshot of the 'Sitemap Designer' in 'Power Apps'.

    Use Areas, Groups, and Subareas as building blocks for your App

    Screenshots of the main window and the right-hand panel in the 'Sitemap Designer', and of the subarea pop-up panel where you connect components to data tables. The first two separate elements into 'Area', 'Group', and 'Subarea'.

    Drag and drop the relevant components from the panel on the right-hand side of the screen into the main window to design the core pieces that will be present within your user interface.

    For each subarea in your design, use the pop-up panel on the right-hand side of the screen to connect your component the relevant table from within your Dataverse environment.

    How do Areas, Groups, and Subareas translate into an app?

    Screenshots of the main window in the 'Sitemap Designer' and of a left-hand panel from a published 'Project App'. There are notes defining the terms 'Area', 'Group', and 'Subarea' in the context of the screenshot.

    The names or titles for your Areas and Groups can be customized within the Sitemap Designer.

    The names or titles for your Subareas is dependent upon your table name within the Dataverse.

    Area: App users can toggle the arrows to switch between Areas.

    Group: These will change to reflect the chosen Area.

    Subarea: The tables and forms associated with each subarea.

    How to properly save and publish your changes made in the Sitemap Designer and Power Apps Designer:

    1. When you are done making changes to your components within the Sitemap Designer, and want your changes to go live, hit the “Publish” button in the top right corner; when it has successfully published, select “Save and Close.”
    2. You will be taken back to the Power App Designer homepage. Hit “Save,” then “Publish,” and then finally “Play,” to go to your app or “Save and Close.”

    How to find the right tables in the Dataverse

    While you determine which tables will play into your app in the Sitemap Designer, you use the Tables link to customize tables and forms.

    Screenshots of the tables search screen and the 'Tables' page under the 'Data' banner in 'Power Apps'.

    The Tables page under the Data banner in Power Apps houses all of the tables available in your Dataverse environment. Do not be overwhelmed or get too excited. Only a small portion of the tables in the Tables folder in Power Apps will be relevant when it comes to extending PFTW.

    Find the table you would like to customize and/or employ in your app and select it. The next slides will look at customizing the table (if you need to) and designing an app based upon the table.

    To access all the tables in your environment, you’ll need to ensure your filter is set correctly on the top right-hand corner of the screen, otherwise you will only see a small portion of the tables in your Dataverse environment.

    If you’re a novice, it will take you some time to get familiar with the table structure in the Dataverse.

    We recommend you start with the list of tables listed on slide. You can likely find something there that you can use or build from for most PPM purposes.

    How to customize a table (1 of 3)

    You won’t necessarily need to customize a table, but if you do here are some steps to help you get familiar with the basics.

    Screenshot of the 'Columns' tab, open in the 'msdyn_project table' in 'Power Apps'.

    In this screenshot, we are clicked into the msdyn_project (display name: Project) table. As you can see, there are a series of tabs below the name of the table, and we are clicked into the Columns tab. This is where you can see all of the data points included in the table.

    You are not able to customize all columns. If a column that you are not able to customize does not meet your needs, you will need to create a custom column from the “+Add column” option.

    “Required” or “Optional” status pertains to when the column or field is used within your app. For customizable or custom columns this status can be set when you click into each column.

    How to customize a table (2 of 3)

    Create a custom “Status” column.

    By way of illustrating how you might need to customize a table, we’ll highlight the “msdyn_project_statecode” (display name: Project Status) column that comes preloaded in the Project (msdyn_project) table.

    • The Project Status column only gives you a binary choice. While you are able to customize what that binary choice is (it comes preloaded with “Active” and “Inactive” as the options) you cannot add additional choices – so you cannot set it to red/yellow/green, the most universally adopted options for status in the project portfolio management world.
    • Because of this, let’s look at the effort involved in creating a choice and adding a custom column to your table based upon that choice.
    Screenshots of the '+New choice' button in the 'Choices' tab and the 'New choice' pane that opens when you click it.

    From within the Choices tab, click “+New choice” option to create a custom choice.

    A pane will appear to the right of your screen. From there you can give your choice a name, and under the “Items” header, add your list of options.

    Click save. Your custom choice is now saved to the Choices tab in the Dataverse environment and can be used in your table. Further customizations can be made to your choice if need be.

    How to customize a table (3 of 3)

    Back in the Tables tab, you can put your new choice to work by adding a column to a table and selecting your custom choice.

    Screenshots of the pop-up window that appear when you click '+Add Column', and details of what happens when you select the data type 'Choice'.

    Start by selecting “+ Add Column” at the top left-hand side of your table. A window will appear on the right-hand side of the page, and you will have options to name your column and choose the data type.

    As you can see in this screenshot to the left, data type options include text, number and date types, and many more. Because we are looking to use our custom choice for this example, we are going to choose “Choice.”

    When you select “Choice” as your data type, all of the choice options available or created in your Dataverse environment will appear. Find your custom choice – in this example the one name “RYG Status” – and click done. When the window closes, be sure to select “Save Table.”

    How to develop a Form based upon your table (1 of 3 – open the form editor)

    A form is the interface users will engage with when using your Project app.

    When the Project app is first installed in your environment, the main user form will be lacking, with only a few basic data options.

    This form can be customized and additional tabs can be added to your user interface.

    1. To do this, go to the table you want to customize.
    2. In the horizontal series of tabs at the top of the screen, below the table title select the “Forms” option.
    3. Click on the main information option or select Edit Form for the form with “Main” under its form type. A new window will open where you can customize your form.
    Screenshot of the 'Forms' tab, open in the 'msdyn_project' table in 'Power Apps'.

    Select the Forms tab.

    Start with the form that has “Main” as its Format Type.

    How to develop a Form based upon your table (2 of 3 – add a component)

    Screenshot of the 'Components' window in 'Power Apps' with a list of layouts as a window to the right of the main screen where you can name and format the chosen layout.

    You can add element like columns or sections to your form by selecting the Components window.

    In this example, we are adding a 1-Column section. When you select that option from the menu options on the left of the screen, a window will open to the right of the screen where you can name and format the section.

    Choose the component you would like to add from the layout options. Depending on the table element you are looking to use, you can also add input options like number inputs and star ratings and pull in related data elements like a project timeline.

    How to develop a Form based upon your table (3 of 3 – add table columns)

    Screenshot of the 'Table Columns' window in 'Power Apps' and instructions for adding table columns.

    If you click on the “Table Columns” option on the left-hand pane, all of the column options from within your table will appear in alphabetical order.

    When clicked within the form section you would like to add the new column to, select the column from the list of option in the left-hand pane. The new data point will appear within the section. You can order and format section elements as you would like.

    When you are done editing the form, click the “Save” icon in the top right-hand corner. If you are ready for your changes to go live within your Project App, select the “Publish” icon in the top right-hand corner. Your updated form will go live within all of the apps that use it.

    The good and the bad of extending Project for the web

    The content in this step has not instructed users how to extend PFTW; rather, it has covered three basic core pieces of Power Apps that those interesting in PFTW need to be aware of: Dataverse environments, the Power Apps and Sitemaps Designers, and Tables and associated Forms.

    Because we have only covered the very tip of the iceberg, those interested in going further and taking a DIY approach to extending PFTW will need to build upon these basics to unlock further functionality. Indeed, it takes work to develop the product into something that begins to resemble a viable enterprise project and portfolio management solution. Here are some of the good and the bad elements associated with that work:

    The Good:

    • You can right-size and purpose build: add as much or as little project management rigor as your process requires. Related, you can customize the solution in multiple ways to suit the needs of specific business units or portfolios.
    • Speed to market: it is possible to get up and running quickly with a minimum-viable product.

    The Bad:

    • Work required: to build anything beyond MVP requires independent research and trial and error.
    • Time required: to build anything beyond MVP requires time and skills that many PMOs don’t have.
    • Shadow support costs: ungoverned app creation could have negative support and maintenance impacts across IT.

    "The move to Power Platform and low code development will […increase] maintenance overhead. Will low code solution hit problems at scale? [H]ow easy will it be to support hundreds or thousands of small applications?

    I can hear the IT support desks already complaining at the thought of this. This part of the puzzle is yet to hit real world realities of support because non developers are busy creating lots of low code applications." (Ben Hosking, Software Developer and Blogger, "Why low code software development is eating the world")

    Quick start your extension with the Accelerator

    For those starting out, there is a pre-built app you can import into your environment to extend the Project for the web app without any custom development.

    • If the DIY approach in the previous slides was overwhelming, and you don’t have the budget for a MS Partner route in the near-term, this doesn’t mean that evolving your Project for the web app is unattainable.
    • Thanks to a partnership between OnePlan (one of the MS Gold Partners we detail in the next step) and Microsoft, Project for the web users have access to a free resource to help them evolve the base Project app. It’s called the “Project for the web Accelerator” (commonly referred to as “the Accelerator” for short).
    • Users interested in learning more about, and accessing, this free resource should refer to the links below:
      1. The Future of Microsoft Project Online (source: OnePlan).
      2. Introducing the Project Accelerator (source: Microsoft).
      3. Project for the web Accelerator (source: GitHub)
    Screen shot from one of the dashboards that comes with the Accelerator (image source: GitHub).

    2.1.1 Perform a feasibility test (1 of 2)

    15 mins

    As we’ve suggested, and as the material in this step indicates, extending PFTW in a DIY fashion is not small task. You need a knowledge of the Dataverse and Power Apps, and access to the requisite skills, time, and resources to develop the solution.

    To determine whether your PMO and organization are ready to go it alone in extending PFTW, perform the following activity:

    1. Convene a collection of portfolio, project, and PMO staff.
    2. Using the six-question survey on tab 5 of the Microsoft Project & M365 Licensing Tool (see screenshot to the right) as a jumping off point for a discussion, consider the readiness of your PMO or project organization to undertake a DIY approach to extending and implementing PFTW at this time.
    3. You can use the recommendations on tab 5 of the Microsoft Project & 365 Licensing Tool to inform your next steps, and input the gauge graphic in section 4 of the Microsoft Project & M365 Action Plan Template.
    Screenshots from the 'Project for the Web Extensibility Feasibility Test'.

    Go to tab 5 of the Microsoft Project & M365 Licensing Tool

    See next slide for additional activity details

    2.1.1 Perform a feasibility test (2 of 2)

    Input: The contents of this step, The Project for the Web Extensibility Feasibility Test (tab 5 in the Microsoft Project & 365 Licensing Tool)

    Output: Initial recommendations on whether to proceed and how to proceed with a DIY approach to extending Project for the web

    Materials: The Project for the Web Extensibility Feasibility Test (tab 5 in the Microsoft Project & 365 Licensing Tool)

    Participants: Portfolio Manager (PMO Director), Project Managers, Other relevant PMO stakeholders

    Step 2.2

    Assess the Microsoft Gold Partner Community

    Activities

    • Review what to look for in a Microsoft Partner
    • Determine whether your needs would benefit from reaching out to a Microsoft Partner
    • Review three key Partners from the North American market
    • Create a Partner outreach plan

    This step will walk you through the following activities:

    • Review what to look for in a Microsoft Partner.
    • Determine whether your needs would benefit from reaching out to a Microsoft Partner.
    • Review three key Partners from the North American market.

    This step usually involves the following participants:

    • Portfolio Manager (PMO Director)
    • Project Managers
    • Other relevant PMO stakeholders

    Outcomes of Step

    • A better understanding of MS Partners
    • A Partner outreach plan

    You don’t have to go it alone

    Microsoft has an established community of Partners who can help in your customizations and implementations of Project for the web and other MS Project offerings.

    If the content in the previous step seemed too technical or overly complex in a way that scared you away from a DIY approach to extending Microsoft’s latest project offering (and at some point in the near future, soon to be its only project offering), Project for the web, fear not.

    You do not have to wade into the waters of extending Project for the web alone, or for that matter, in implementing any other MS Project solution.

    Instead, Microsoft nurtures a community of Silver and Gold partners who offer hands-on technical assistance and tool implementation services. While the specific services provided vary from partner to partner, all can assist in the customization and implementation of any of Microsoft’s Project offerings.

    In this step we will cover what to look for in a Partner and how to assess whether you are a good candidate for the services of a Partner. We will also highlight three Partners from within the North American market.

    The basics of the Partner community

    What is a Microsoft Partner?

    Simply put, an MS Gold Partner is a software or professional services organization that provides sales and services related to Microsoft products.

    They’re resellers, implementors, integrators, software manufacturers, trainers, and virtually any other technology-related business service.

    • Microsoft has for decades opted out of being a professional services organization, outside of its very “leading edge” offerings from MCS (Microsoft Consulting Services) for only those technologies that are so new that they aren’t yet supported by MS Partners.
    • As you can see in the chart on the next slide, to become a silver or gold certified partner, firms must demonstrate expertise in specific areas of business and technology in 18 competency areas that are divided into four categories: applications and infrastructure, business applications, data and AI, and modern workplace and security.

    More information on what it takes to become a Microsoft Partner:

    1. Partner Center (Document Center, Microsoft)
    2. Differentiate your business by attaining Microsoft competencies (Document Center, Microsoft)
    3. Partner Network Homepage (Webpage, Microsoft)
    4. See which partner offer is right for you (Webpage, Microsoft)

    Types of partnerships and qualifications

    Microsoft Partner Network

    Microsoft Action Pack

    Silver Competency

    Gold Competency

    What is it?

    The Microsoft Partner Network (MPN) is a community that offers members tools, information, and training. Joining the MPN is an entry-level step for all partners. The Action Pack is an annual subscription offered to entry-level partners. It provides training and marketing materials and access to expensive products and licenses at a vastly reduced price. Approximately 5% of firms in the Microsoft Partner Network (MPN) are silver partners. These partners are subject to audits and annual competency exams to maintain silver status. Approximately 1% of firms in the Microsoft Partner Network (MPN) are gold partners. These partners are subject to audits and annual competency exams to maintain Gold status.

    Requirements

    Sign up for a membership Annual subscription fee While requirements can vary across competency area, broadly speaking, to become a silver partner firms must:
    • Pass regular exams and skills assessments, with at least two individuals on staff with Microsoft Certified Professional Status.
    • Hit annual customer, revenue, and licensing metrics.
    • Pay the annual subscription fee.
    While requirements can vary across competency area, broadly speaking, to become a gold partner firms must:
    • Pass regular exams and skills assessments, with at least two individuals on staff with Microsoft Certified Professional Status.
    • Hit annual customer, revenue, and licensing metrics.
    • Pay the annual subscription fee.

    Annual Fee

    No Cost $530 $1800 $5300

    When would a MS Partner be helpful?

    • Project management and portfolio management practitioners might look into procuring the services of a Microsoft Partner for a variety of reasons.
    • Because services vary from partner to partner (help to extend Project for the web, implement Project Server or Project Online, augment PMO staffing, etc.) we won’t comment on specific needs here.
    • Instead, the three most common conditions that trigger the need are listed to the right.

    Speed

    When you need to get results faster than your staff can grow the needed capabilities.

    Cost

    When the complexity of the purchase decision, implementation, communication, training, configuration, and/or customization cannot be cost-justified for internal staff, often because you’ll only do it once.

    Expertise & Skills

    When your needs cannot be met by the core Microsoft technology without significant extension or customization.

    Canadian Microsoft Partners Spotlight

    As part of our research process for this blueprint, Info-Tech asked Microsoft Canada for referrals and introductions to leading Microsoft Partners. We spent six months collaborating with them on fresh research into the underlying platform.

    These vendors are listed below and are highlighted in subsequent slides.

    Spotlighted Partners:

    Logo for One Plan. Logo for PMO Outsource Ltd. Logo for Western Principles.

    Please Note: While these vendors were referred to us by Microsoft Canada and have a footprint in the Canadian market, their footprints extend beyond this to the North American and global markets.

    A word about our approach

    Photo of Barry Cousins, Project Portfolio Management Practice Lead, Info-Tech Research Group.
    Barry Cousins
    Project Portfolio Management Practice Lead
    Info-Tech Research Group

    Our researchers have been working with Microsoft Project Online and Microsoft Project Server clients for years, and it’s fair to say that most of these clients (at some point) used a Microsoft Partner in their deployment. They’re not really software products, per se; they’re platforms. As a Microsoft Partner in 2003 when Project Server got its first big push, I heard it loud and clear: “Some assembly required. You might only make 7% on the licensing, but the world’s your oyster for services.”

    In the past few years, Microsoft froze the market for major Microsoft Project decisions by making it clear that the existing offering is not getting updates while the new offering (Project for the web) doesn’t do what the old one did. And in a fascinating timing coincidence, the market substantially adopted Microsoft 365 during that period, which enables access to Project for the web.

    Many of Info-Tech’s clients are justifiably curious, confused, and concerned, while the Microsoft Partners have persisted in their knowledge and capability. So, we asked Microsoft Canada for referrals and introductions to leading Microsoft Partners and spent six months collaborating with them on fresh research into the underlying platform.

    Disclosure: Info-Tech conducted collaborative research with the partners listed on the previous slide to produce this publication. Market trends and reactions were studied, but the only clients identified were in case studies provided by the Microsoft Partners. Info-Tech’s customers have been, and remain, anonymous. (Barry Cousins, Project Portfolio Management Practice Lead, Info-Tech Research Group)

    MS Gold Partner Spotlight:

    OnePlan

    Logo for One Plan.
    Headquarters: San Marcos, California, and Toronto, Ontario
    Number of Employees: ~80
    Active Since: 2007 (as EPMLive)
    Website: www.oneplan.ai

    Who are they?

    • While the OnePlan brand has only been the marketplace for a few years, the company has been a major player in MS Gold Partner space for well over a decade.
    • Born out of EPMLive in the mid-aughts, OnePlan Solutions has evolved through a series of acquisitions, including Upland, Tivitie, and most recently Wicresoft.

    What do they do?

    • Software: Its recent rebranding is largely because OnePlan Solutions is as much a software company as it is a professional services firm. The OnePlan software product is an impressive solution that can be used on its own to facilitate the portfolio approaches outlined on the next slide and that can also integrate with the tools your organization is already using to manage tasks (see here for a full rundown of the solutions within the Microsoft stack and beyond OnePlan can integrate with).
    • Beyond its ability to integrate with existing solutions, as a software product, OnePlan has modules for resource planning, strategic portfolio planning, financial planning, time tracking, and more.

    • PPM Consulting Services: The OnePlan team also offers portfolio management consulting services. See the next slide for a list of its approaches to project portfolio management.

    Markets served

    • US, Canada, Europe, and Australia

    Channel Differentiation

    • OnePlan scales to all the PPM needs of all industry types.
    • Additionally, OnePlan offers insights and functionality specific to the needs of BioTech-Pharma.

    What differentiates OnePlan?

    • OnePlan co-developed the Project Accelerator for Project for the web with Microsoft. The OnePlan team’s involvement in developing the Accelerator and making it free for users to access suggests it is aligned to and has expertise in the purpose-built and collaborative vision behind Microsoft’s move away from Project Online and toward the Power Platform and Teams collaboration.
    • 2021 MS Gold Partner of the Year. At Microsoft’s recent Microsoft Inspire event, OnePlan was recognized as the Gold Partner of the Year for Project and Portfolio Management as well as a finalist for Power Apps and Power Automate.
    • OnePlan Approaches: Below is a list of the services or approaches to project portfolio management that OnePlan provides. See its website for more details.
      • Strategic Portfolio Management: Align work to objectives and business outcomes. Track performance against the proposed objectives outcomes.
      • Agile Portfolio Management: Implement Agile practices across the organization, both at the team and executive level.
      • Adaptive Portfolio Management: Allow teams to use the project methodology and tools that best suit the work/team. Maintain visibility and decision making across the entire portfolio.
      • Professional Services Automation: Use automation to operate with greater efficiency.

    "OnePlan offers a strategic portfolio, financial and resource management solution that fits the needs of every PMO. Optimize your portfolio, financials and resources enterprise wide." (Paul Estabrooks, Vice President at OnePlan)

    OnePlan Case Study

    This case study was provided to Info-Tech by OnePlan.

    Brambles

    INDUSTRY: Supply Chain & Logistics
    SOURCE: OnePlan

    Overview: Brambles plays a key role in the delivery or return of products amongst global trading partners such as manufacturers, distributors and retailers.

    Challenge

    Brambles had a variety of Project Management tools with no easy way of consolidating project management data. The proliferation of project management solutions was hindering the execution of a long-term business transformation strategy. Brambles needed certain common and strategic project management processes and enterprise project reporting while still allowing individual project management solutions to be used as part of the PPM platform.

    Solution

    As part of the PMO-driven business transformation strategy, Brambles implemented a project management “operating system” acting as a foundation for core processes such as project intake, portfolio management, resource, and financial planning and reporting while providing integration capability for a variety of tools used for project execution.

    OnePlan’s new Adaptive PPM platform, combining the use of PowerApps and OnePlan, gives Brambles the desired PPM operating system while allowing for tool flexibility at the execution level.

    Results

    • Comprehensive picture of progress across the portfolio.
    • Greater adoption by allowing flexibility of work management tools.
    • Modern portfolio management solution that enables leadership to make confident decision.

    Solution Details

    • OnePlan
    • Project
    • Power Apps
    • Power Automate
    • Power BI
    • Teams

    Contacting OnePlan Solutions

    www.oneplan.ai

    Joe Larscheid: jlarscheid@oneplan.ai
    Paul Estabrooks: pestabrooks@oneplan.ai
    Contact Us: contact@oneplan.ai
    Partners: partner@oneplan.ai

    Partner Resources. OnePlan facilitates regular ongoing live webinars on PPM topics that anyone can sign up for on the OnePlan website.

    For more information on upcoming webinars, or to access recordings of past webinars, see here.

    Additional OnePlan Resources

    1. How to Extend Microsoft Teams into a Collaborative Project, Portfolio and Work Management Solution (on-demand webinar, OnePlan’s YouTube channel)
    2. What Does Agile PPM Mean To The Modern PMO (on-demand webinar, OnePlan’s YouTube channel)
    3. OnePlan is fused with the Microsoft User Experience (blog article, OnePlan)
    4. Adaptive Portfolio Management Demo – Bringing Order to the Tool Chaos with OnePlan (product demo, OnePlan’s YouTube channel)
    5. How OnePlan is aligning with Microsoft’s Project and Portfolio Management Vision (blog article, OnePlan)
    6. Accelerating Office 365 Value with a Hybrid Project Portfolio Management Solution (product demo, OnePlan’s YouTube channel)

    MS Gold Partner Spotlight:

    PMO Outsource Ltd.

    Logo for PMO Outsource Ltd.

    Headquarters: Calgary, Alberta, and Mississauga, Ontario
    Website: www.pmooutsource.com

    Who are they?

    • PMO Outsource Ltd. is a Microsoft Gold Partner and PMI certified professional services firm based in Alberta and Ontario, Canada.
    • It offers comprehensive project and portfolio management offerings with a specific focus on project lifecycle management, including demand management, resource management, and governance and communication practices.

    What do they do?

    • Project Online and Power Platform Expertise. The PMO Outsource Ltd. team has extensive knowledge in both Microsoft’s old tech (Project Server and Desktop) and in its newer, cloud-based technologies (Project Online, Project for the web, the Power Platform, and Dynamics 365). As the case study in two slides demonstrates, PMO Outsource Ltd. Uses its in-depth knowledge of the Microsoft suite to help organizations automate project and portfolio data collection process, create efficiencies, and encourage cloud adoption.
    • PPM Consulting Services: In addition to its Microsoft platform expertise, the PMO Outsource Ltd. team also offers project and portfolio management consulting services, helping organizations evolve their process and governance structures as well as their approaches to PPM tooling.

    Markets served

    • Global

    Channel Differentiation

    • PMO Outsource Ltd. scales to all the PPM needs of all industry types.

    What differentiates PMO Outsource Ltd.?

    • PMO Staff Augmentation. In addition to its technology and consulting services, PMO Outsource Ltd. offers PMO staff augmentation services. As advertised on its website, it offers “scalable PMO staffing solutions. Whether you require Project Managers, Business Analysts, Admins or Coordinators, [PMO Outsource Ltd.] can fulfill your talent search requirements from a skilled pool of resources.”
    • Multiple and easy-to-understand service contract packages. PMO Outsource Ltd. offers many prepackaged service offerings to suit PMOs’ needs. Those packages include “PMO Management, Admin, and Support,” “PPM Solution, Site and Workflow Configuration,” and “Add-Ons.” For full details of what’s included in these services packages, see the PMO Outsource Ltd. website.
    • PMO Outsource Ltd. Services: Below is a list of the services or approaches to project portfolio management that PMO Outsource Ltd. Provides. See its website for more details.
      • Process Automation, Workflows, and Tools. Facilitate line of sight by tailoring Microsoft’s technology to your organization’s needs and creating custom workflows.
      • PMO Management Framework. Receive a professionally managed PPM methodology as well as governance standardization of processes, tools, and templates.
      • Custom BI Reports. Leverage its expertise in reporting and dashboarding to create the visibility your organization needs.

    "While selecting an appropriate PPM tool, the PMO should not only evaluate the standard industry tools but also analyze which tool will best fit the organization’s strategy, budget, and culture in the long run." (Neeta Manghnani, PMO Strategist, PMO Outsource Ltd.)

    PMO Outsource Ltd. Case Study

    This case study was provided to Info-Tech by PMO Outsource Ltd.

    SAMUEL

    INDUSTRY: Manufacturing
    SOURCE: PMO Outsource Ltd.

    Challenge

    • MS Project 2013 Server (Legacy/OnPrem)
    • Out-of-support application and compliance with Office 365
    • Out-of-support third-party application for workflows
    • No capability for resource management
    • Too many manual processes for data maintenance and server administration

    Solution

    • Migrate project data to MS Project Online
    • Recreate workflows using Power Automate solution
    • Configure Power BI content packs for Portfolio reporting and resource management dashboards
    • Recreate OLAP reports from legacy environment using Power BI
    • Cut down nearly 50% of administrative time by automating PMO/PPM processes
    • Save costs on Server hardware/application maintenance by nearly 75%

    Full Case Study Link

    • For full details about how PMO Outsource Ltd. assisted Samuel in modernizing its solution and creating efficiencies, visit the Microsoft website where this case study is highlighted.

    Contacting PMO Outsource Ltd.

    www.pmooutsource.com

    700 8th Ave SW, #108
    Calgary, AB T2P 1H2
    Telephone : +1 (587) 355-3745
    6045 Creditview Road, #169
    Mississauga, ON L5V 0B1
    Telephone : +1 (289) 334-1228
    Information: info@pmooutsource.com
    LinkedIn: https://www.linkedin.com/company/pmo-outsource/

    Partner Resources. PMO Outsource Ltd.’s approach is rooted within a robust and comprehensive PPM framework that is focused on driving strategic outcomes and business success.

    For a full overview of its PPM framework, see here.

    Additional PMO Outsource Ltd. Resources

    1. 5 Benefits of PPM tools and PMO process automation (blog article, PMO Outsource Ltd.)
    2. Importance of PMO (blog article, PMO Outsource Ltd.)
    3. Meet the Powerful and Reimagined PPM tool for Everyone! (video, PMO Outsource Ltd. LinkedIn page)
    4. MS Project Tips: How to add #Sprints to an existing Project? (video, PMO Outsource Ltd. LinkedIn page)
    5. MS Project Tips: How to add a milestone to your project? (video, PMO Outsource Ltd. LinkedIn page)
    6. 5 Benefits of implementing Project Online Tools (video, PMO Outsource Ltd. LinkedIn page)

    MS Gold Partner Spotlight:

    Western Principles

    Logo for Western Principles.

    Headquarters: Vancouver, British Columbia
    Years Active: 16 Years
    Website: www.westernprinciples.com

    Who are they?

    • Western Principles is a Microsoft Gold Partner and UMT 360 PPM software provider based in British Columbia with a network of consultants across Canada.
    • In the last sixteen years, it has successfully conducted over 150 PPM implementations, helping in the implementation, training, and support of Microsoft Project offerings as well as UMT360 – a software solution provider that, much like OnePlan, enhances the PPM capabilities of the Microsoft platform.

    What do they do?

    • Technology expertise. The Western Principles team helps organizations maximize the value they are getting form the Microsoft Platform. Not only does it offer expertise in all the solutions in the MS Project ecosystem, it also helps organizations optimize their use and understanding of Teams, SharePoint, the Power Platform, and more. In addition to the Microsoft platform, Western Principles is partnered with many other technology providers, including UMT360 for strategic portfolio management, the Simplex Group for project document controls, HMS for time sheets, and FluentPro for integration, back-ups, and migrations.
    • PPM Consulting Services: In addition to its technical services and solutions, Western Principles offers PPM consulting and staff augmentation services.

    Markets served

    • Canada

    Channel Differentiation

    • Western Principles scales to all the PPM needs of all industry types, public and private sector.
    • In addition, its website offers persona-specific information based on the PPM needs of engineering and construction, new product development, marketing, and more.

    What differentiates Western Principles?

    • Gold-certified UMT 360 partner. In addition to being a Microsoft Gold Partner, Western Principles is a gold-certified UMT 360 partner. UMT 360 is a strategic portfolio management tool that integrates with many other work management solutions to offer holistic line of sight into the organization’s supply-demand pain points and strategic portfolio management needs. Some of the solutions UMT 360 integrates with include Project Online and Project for the web, Azure DevOps, Jira, and many more. See here for more information on the impressive functionality in UMT360.
    • Sustainment Services. Adoption can be the bane of most PPM tool implementations. Among the many services Western Principles offers, its “sustainment services” stand out. According to Western Principles’ website, these services are addressed to those who require “continual maintenance, change, and repair activities” to keep PPM systems in “good working order” to help maximize ROI.
    • Western Principles Services: In addition to the above, below is a list of some of the services that Western Principles offers. See its website for a full list of services.
      • Process Optimization: Determine your requirements and process needs.
      • Integration: Create a single source of truth.
      • Training: Ensure your team knows how to use the systems you implement.
      • Staff Augmentation: Provide experienced project team members based upon your needs.

    "One of our principles is to begin with the end in mind. This means that we will work with you to define a roadmap to help you advance your strategic portfolio … and project management capabilities. The roadmap for each customer is different and based on where you are today, and where you need to get to." (Western Principles, “Your Strategic Portfolio Management roadmap,” Whitepaper)

    Contacting Western Principles

    www.westernprinciples.com

    610 – 700 West Pender St.
    Vancouver, BC V6C 1G8
    +1 (800) 578-4155
    Information: info@westernprinciples.com
    LinkedIn: https://www.linkedin.com/company/western-principle...

    Partner Resources. Western Principles provides a multitude of current case studies on its home page. These case studies let you know what the firm is working on this year and the type of support it provides to its clientele.

    To access these case studies, see here.

    Additional Western Principles Resources

    1. Program and Portfolio Roll ups with Microsoft Project and Power BI (video, Western Principles YouTube Channel)
    2. Dump the Spreadsheets for Microsoft Project Online (video, Western Principles YouTube Channel)
    3. Power BI for Project for the web (video, Western Principles YouTube Channel)
    4. How to do Capacity Planning and Resource Management in Microsoft Project Online [Part 1 & Part 2] (video, Western Principles YouTube Channel)
    5. Extend & Integrate Microsoft Project (whitepaper, Western Principles)
    6. Your COVID-19 Return-to-Work Plan (whitepaper, Western Principles)

    Watch Info-Tech’s Analyst-Partner Briefing Videos to lean more

    Info-Tech was able to sit down with the partners spotlighted in this step to discuss the current state of the PPM market and Microsoft’s place within it.

    • All three partners spotlighted in this step contributed to Info-Tech’s research process for this publication.
    • For two of the partners, OnePlan and PMO Outsource Ltd., Info-Tech was able to record a conversation where our analysts and the partners discuss Microsoft’s current MS Project offerings, the current state of the PPM tool market, and the services and the approaches of each respective partner.
    • A third video briefing with Western Principles has not happened yet due to logistical reasons. We are hoping we can include a video chat with our peers at Western Principles in the near future.
    Screenshot form the Analyst-Partner Briefing Videos. In addition to the content covered in this step, you can use these videos for further information about the partners to inform your next steps.

    Download Info-Tech’s Analyst-Partner Briefing Videos (OnePlan & PMO Outsource Ltd.)

    2.2.1 Create a partner outreach plan

    1-3 hours

    Input: Contents of this step, List of additional MS Gold Partners

    Output: A completed partner outreach program

    Materials: MS Project & M365 Action Plan Template

    Participants: Portfolio Manager (PMO Director), PMO Admin Team, Project Managers, CIO

    1. With an understanding of the partner ecosystem, compile a working group of PMO peers and stakeholders to produce a gameplan for engaging the MS Gold Partner ecosystem.
      • For additional partner options see Microsoft’s Partner Page.
    2. Using slide 20 in Info-Tech’s MS Project and M365 Action Plan Template, document the Partners you would want or have scheduled briefings with.
      • As you go through the briefings and research process, document the pros and cons and areas of specialized associated with each vendor for your particular work management implementation.

    Download the Microsoft Project & M365 Action Plan Template

    2.2.2 Document your PM and PPM requirements

    1-3 hours

    Input: Project Portfolio Management Maturity Assessment, Project Management Maturity Assessment

    Output: MS Project & M365 Action Plan Template

    Materials: Project Portfolio Management Maturity Assessment, Project Management Maturity Assessment, MS Project & M365 Action Plan Template

    Participants: Portfolio Manager (PMO Director), PMO Admin Team, Project Managers, CIO

    1. As you prepare to engage the Partner Community, you should have a sense of where your project management and project portfolio management gaps are to better communicate your tooling needs.
    2. Leverage tab 4 from both your Project Portfolio Management Assessment and Project Management Assessment from step 1.3 of this blueprint to help document and communicate your requirements. Those tabs prioritize your project and portfolio management needs by highest impact for the organization.
    3. You can use the outputs of the tab to inform your inputs on slide 23 of the MS Project & M365 Action Plan Template to present to organizational stakeholders and share with the Partners you are briefing with.

    Download the Microsoft Project & M365 Action Plan Template

    Determine the Future of Microsoft Project for Your Organization

    Phase 3: Finalize Your Implementation Approach

    Phase 1: Determine Your Tool NeedsPhase 2: Weigh Your Implementation Options

    Phase 3: Finalize Your Implementation Approach

    • Step 1.1: Survey the M365 work management landscape
    • Step 1.2: Perform a process maturity assessment to help inform your M365 starting point
    • Step 1.3: Consider the right MS Project licenses for your stakeholders
    • Step 2.1: Get familiar with extending Project for the web using Power Apps
    • Step 2.2: Assess the MS Gold Partner Community
    • Step 3.1: Prepare an action plan

    Phase Outcomes

    An action plan concerning what to do with MS Project and M365 for your PMO or project organization.

    Step 3.1

    Prepare an action plan

    Activities

    • Compile the current state results
    • Prepare an Implementation Roadmap
    • Complete your presentation deck

    This step will walk you through the following activities:

    • Assess the impact of organizational change for the project
    • Develop your vision for stakeholders
    • Compile the current state results and document the implementation approach
    • Create clarity through a RACI and proposed implementation timeline

    This step usually involves the following participants:

    • Portfolio Manager (PMO Director)
    • PMO Admin Team
    • Business Analysts
    • Project Managers

    Outcomes of Step

    • Microsoft Project and M365 Action Plan

    Assess the impact of organizational change

    Be prepared to answer: “What’s in it for me?”

    Before jumping into licensing and third-party negotiations, ensure you’ve clearly assessed the impact of change.

    Tailor the work effort involved in each step, as necessary:

    1. Assess the impact
      • Use the impact assessment questions to identify change impacts.
    2. Plan for change
      • Document the impact on each stakeholder group.
      • Anticipate their response.
      • Curate a compelling message for each stakeholder group.
      • Develop a communication plan.
    3. Act according to plan
      • Identify your executive sponsor.
      • Enable the sponsor to drive change communication.
      • Coach managers on how they can drive change at the individual level.

    Impact Assessment Questions

    • Will the change impact how our clients/customers receive, consume, or engage with our products/services?
    • Will there be a price increase?
    • Will there be a change to compensation and/or rewards?
    • Will the vision or mission of the job change?
    • Will the change span multiple locations/time zones?
    • Are multiple products/services impacted by this change?
    • Will staffing levels change?
    • Will this change increase the workload?
    • Will the tools of the job be substantially different?
    • Will a new or different set of skills be needed?
    • Will there be a change in reporting relationships?
    • Will the workflow and approvals be changed?
    • Will there be a substantial change to scheduling and logistics?

    Master Organizational Change Management Practices blueprint

    Develop your vision for stakeholders

    After careful analysis and planning, it’s time to synthesize your findings to those most impacted by the change.

    Executive Brief

    • Prepare a compelling message about the current situation.
    • Outline the considerations the working group took into account when developing the action plan.
    • Succinctly describe the recommendations proposed by the working group.

    Goals

    • Identify the goals for the project.
    • Explain the details for each goal to develop the organizational rationale for the project.
    • These goals are the building blocks for the change communication that the executive sponsor will use to build a coalition of sponsors.

    Future State Vision

    • Quantify the high-level costs and benefits of moving forward with this project.
    • Articulate the future- state maturity level for both the project and project portfolio management process.
    • Reiterate the organizational rationale and drivers for change.

    "In failed transformations, you often find plenty of plans, directives, and programs, but no vision…A useful rule of thumb: If you can’t communicate the vision to someone in five minutes or less and get a reaction that signifies both understanding and interest, you are not yet done…" (John P. Kotter, Leading Change)

    Get ready to compile the analysis completed throughout this blueprint in the subsequent activities. The outputs will come together in your Microsoft Project and M365 Action Plan.

    Use the Microsoft Project & M365 Action Plan Template to help communicate your vision

    Our boardroom-ready presentation and communication template can be customized using the outputs of this blueprint.

    • Getting stakeholders to understand why you are recommending specific work management changes and then communicating exactly what those changes are and what they will cost is key to the success of your work management implementation.
    • To that end, the slides ahead walk you through how to customize the Microsoft Project & M365 Action Plan Template.
    • Many of the current-state analysis activities you completed during phase 1 of this blueprint can be directly made use of within the template as can the decisions you made and requirements you documented during phase 2.
    • By the end of this step, you will have a boardroom-ready presentation that will help you communicate your future-state vision.
    Screenshot of Info-Tech's Microsoft Project and M365 Action Plan Template with a note to 'Update the presentation or distribution date and insert your name, role, and organization'.

    Download Info-Tech’s Microsoft Project & M365 Action Plan Template

    3.1.1 Compile current state results

    1-3 hours

    Input: Force Field Analysis Tool, Tool Audit Workbook, Project Management Maturity Assessment Tool, Project Portfolio Management Maturity Assessment Tool

    Output: Section 1: Executive Brief, Section 2: Context and Constraints

    Materials: Microsoft Project and M365 Action Plan Template

    Participants: PMO Director, PMO Admin Team, Business Analysts, Project Managers

    1. As a group, review the results of the tools introduced throughout this blueprint. Use this information along with organizational knowledge to document the business context and current state.
    2. Update the driving forces for change and risks and constraints slides using your outputs from the Force Field Analysis Tool.
    3. Update the current tool landscape, tool satisfaction, and tool audit results slides using your outputs from the Tool Audit Workbook.
    4. Update the gap analysis results slides using your outputs from the Project Management and Project Portfolio Management Maturity Assessment Tools.

    Screenshots of 'Business Context and Current State' screen from the 'Force Field Analysis Tool', the 'Tool Audit Results' screen from the 'Tool Audit Workbook', and the 'Project Portfolio Management Gap Analysis Results' screen from the 'PM and PPM Maturity Assessments Tool'.

    Download the Microsoft Project & M365 Action Plan Template

    3.2.1 Option A: Prepare a DIY roadmap

    1-3 hours; Note: This is only applicable if you have chosen the DIY route

    Input: List of key PPM decision points, List of who is accountable for PPM decisions, List of who has PPM decision-making authority

    Output: Section 3: DIY Implementation Approach

    Materials: Microsoft Project and M365 Action Plan Template

    Participants: PMO Director, PMO Admin Team, Business Analysts, Project Managers

    1. As a group, review the results of the Microsoft Project and M365 Licensing Tool. Use this information along with organizational knowledge and discussion with the working group to complete Section 3: DIY Implementation Approach.
    2. Copy and paste your results from tab 5 of the Microsoft Project and M365 Licensing Tool. Update the Implementation Approach slide to detail the rationale for selecting this option.
    3. Update the Action Plan to articulate the details for total and annual costs of the proposed licensing solution.
    4. Facilitate a discussion to determine roles and responsibilities for the implementation. Based on the size, risk, and complexity of the implementation, create a reasonable timeline.
    Screenshots from the 'Microsoft Project and M365 Action Plan Template' outlining the 'DIY Implementation Approach'.

    Download the Microsoft Project and M365 Action Plan Template

    3.2.1 Option b: Prepare a Partner roadmap

    1-3 hours; Note: This is only applicable if you have chosen the Partner route

    Input: Microsoft Project and M365 Licensing Tool, Information on Microsoft Partners

    Output: Section 4: Microsoft Partner Implementation Route

    Materials: Microsoft Project and M365 Action Plan Template

    Participants: PMO Director, PMO Admin Team, Business Analysts, Project Managers

    1. As a group, review the results of the Microsoft Project and M365 Licensing Tool. Use this information along with organizational knowledge and discussion with the working group to complete Section 4: Microsoft Partner Implementation Route.
    2. Copy and paste your results from tab 5 of the Microsoft Project and M365 Licensing Tool. Update the Implementation Approach slide to detail the rationale for selecting this option.
    3. Develop an outreach plan for the Microsoft Partners you are planning to survey. Set targets for briefing dates and assign an individual to own any back-and-forth communication. Document the pros and cons of each Partner and gauge interest in continuing to analyze the vendor as a possible solution.
    4. Facilitate a discussion to determine roles and responsibilities for the implementation. Based on the size, risk, and complexity of the implementation, create a reasonable timeline.

    Screenshots from the 'Microsoft Project and M365 Action Plan Template' outlining the 'Microsoft Partner Implementation Route'.

    Microsoft Project and M365 Action Plan Template

    3.1.2 Complete your presentation deck

    1-2 hours

    Input: Outputs from the exercises in this blueprint

    Output: Section 5: Future-State Vision and Goals

    Materials: Microsoft Project and M365 Action Plan Template

    Participants: PMO Director, PMO Admin Team, Business Analysts, Project Managers

    1. Put the finishing touches on your presentation deck by documenting your future- state vision and goals.
    2. Prepare to present to your stakeholders.
      • Understand your audience, their needs and priorities, and their degree of knowledge and experiences with technology. This informs what to include in your presentation and how to position the message and goal.
    3. Review the deck beginning to end and check for spelling, grammar, and vertical logic.
    4. Practice delivering the vision for the project through several practice sessions.

    Screenshots from the 'Microsoft Project and M365 Action Plan Template' regarding finishing touches.

    Microsoft Project and M365 Action Plan Template

    Pitch your vision to key stakeholders

    There are multiple audiences for your pitch, and each audience requires a different level of detail when addressed. Depending on the outcomes expected from each audience, a suitable approach must be chosen. The format and information presented will vary significantly from group to group.

    Audience

    Key Contents

    Outcome

    Business Executives

    • Section 1: Executive Brief
    • Section 2: Context and Constraints
    • Section 5: Future-State Vision and Goals
    • Identify executive sponsor

    IT Leadership

    • Sections 1-5 with a focus on Section 3 or 4 depending on implementation approach
    • Get buy-in on proposed project
    • Identify skills or resourcing constraints

    Business Managers

    • Section 1: Executive Brief
    • Section 2: Context and Constraints
    • Section 5: Future-State Vision and Goals
    • Get feedback on proposed plan
    • Identify any unassessed risks and organizational impacts

    Business Users

    • Section 1: Executive Brief
    • Support the organizational change management process

    Summary of Accomplishment

    Problem Solved

    Knowledge Gained
    • How you work: Work management and the various ways of working (personal and team task management, strategic project portfolio management, formal project management, and enterprise project and portfolio management).
    • Where you need to go: Project portfolio management and project management current- and target-state maturity levels.
    • What you need: Microsoft Project Plans and requisite M365 licensing.
    • The skills you need: Extending Project for the web.
    • Who you need to work with: Get to know the Microsoft Gold Partner community.
    Deliverables Completed
    • M365 Tool Guides
    • Tool Audit Workbook
    • Force Field Analysis Tool
    • Project Portfolio Management Maturity Assessment Tool
    • Project Management Maturity Assessment Tool
    • Microsoft Project & M365 Action Plan Template

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information
    workshops@infotech.com
    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

    Photo of Barry Cousins.
    Contact your account representative for more information
    workshops@infotech.com 1-888-670-8889

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Perform a work management tool audit

    Gain insight into the tools that drive value or fail to drive value across your work management landscape with a view to streamline the organization’s tool ecosystem.

    Prepare an action plan for your tool needs

    Prepare the right work management tool recommendations for your IT teams and/or business units and develop a boardroom-ready presentation to communicate needs and next steps.

    Research Contributors and Experts

    Neeta Manghnani
    PMO Strategist
    PMO Outsource Ltd.

    Photo of Neeta Manghnani, PMO Strategist, PMO Outsource Ltd.
    • Innovative, performance-driven executive with significant experience managing Portfolios, Programs & Projects, and technical systems for international corporations with complex requirements. A hands-on, dynamic leader with over 20 years of experience guiding and motivating cross-functional teams. Highly creative and brings a blend of business acumen and expertise in multiple IT disciplines, to maximize the corporate benefit from capital investments.
    • Successfully deploys inventive solutions to automate processes and improve the functionality, scalability and security of critical business systems and applications. Leverages PMO/PPM management and leadership skills to meet the strategic goals and business initiatives.

    Robert Strickland
    Principal Consultant & Owner
    PMO Outsource Ltd.

    Photo of Robert Strickland, Principal Consultant and Owner, PMO Outsource Ltd.
    • Successful entrepreneur, leader, and technologist for over 15 years, is passionate about helping organizations leverage the value of SharePoint, O365, Project Online, Teams and the Power Platform. Expertise in implementing portals, workflows and collaboration experiences that create business value. Strategic manager with years of successful experience building businesses, developing custom solutions, delivering projects, and managing budgets. Strong transformational leader on large implementations with a technical pedigree.
    • A digital transformation leader helping clients move to the cloud, collaborate, automate their business processes and eliminate paper forms, spreadsheets and other manual practices.

    Related Info-Tech Research

    • Develop a Project Portfolio Management Strategy
      Time is money; spend it wisely.
    • Establish Realistic IT Resource Management Practices
      Holistically balance IT supply and demand to avoid overallocation.
    • Tailor Project Management Processes to Fit Your Projects
      Spend less time managing processes and more time delivering results

    Bibliography

    “13 Reasons not to use Microsoft Project.” Celoxis, 14 Sept. 2018. Accessed 17 Sept. 2021.

    Advisicon. “Project Online vs Project for the Web.” YouTube, 13 Nov. 2013. Accessed 17 Sept. 2021.

    Branscombe, Mary. “Is Project Online ready to replace Microsoft Project?” TechRepublic, 23 Jan. 2020. Accessed 17 Sept. 2021.

    Chemistruck, Dan. “The Complete Office 365 and Microsoft 365 Licensing Comparison.” Infused Innovations, 4 April 2019. Accessed 17 Sept. 2021.

    “Compare Project management solutions and costs.” Microsoft. Accessed 17 Sept. 2021.

    Day to Day Dynamics 365. “Microsoft Project for the web - Model-driven app.” YouTube, 29 Oct. 2019. Accessed 17 Sept. 2021.

    “Deploying Project for the web.” Microsoft, 24 Aug. 2021. Accessed 17 Sept. 2021.

    “Differentiate your business by attaining Microsoft competencies.” Microsoft, 26 Jan. 2021. Accessed 17 Sept. 2021.

    “Extend & Integrate Microsoft Project.” Western Principles. Accessed 17 Sept. 2021.

    “Get Started with Project Power App.” Microsoft. Accessed 17 Sept. 2021.

    Hosking, Ben. “Why low code software development is eating the world.” DevGenius, May 2021. Accessed 17 Sept. 2021.

    “How in the World is MS Project Still a Leading PM Software?” CBT Nuggets, 12 Nov. 2018. Accessed 17 Sept. 2021.

    Integent. “Project for the Web - Create a Program Entity and a model-driven app then expose in Microsoft Teams.” YouTube, 25 Mar. 2020. Accessed 17 Sept. 2021.

    “Introducing the Project Accelerator.” Microsoft, 10 Mar. 2021. Accessed 17 Sept. 2021.

    “Join the Microsoft Partner Network.” Microsoft. Accessed 17 Sept. 2021.

    Kaneko, Judy. “How Productivity Tools Can Lead to a Loss of Productivity.” Bluescape, 2 Mar. 2018 Accessed 17 Sept. 2021.

    Kotter, John. Leading Change. Harvard Business School Press, 1996.

    Leis, Merily. “What is Work Management.” Scoro. Accessed 17 Sept. 2021.

    Liu, Shanhong. “Number of Office 365 company users worldwide as of June 2021, by leading country.” Statistica, 2021. Web.

    Manghnani, Neeta. “5 Benefits of PPM tools and PMO process automation.” PMO Outsource Ltd., 11 Apr. 2021. Accessed 17 Sept. 2021.

    “Microsoft 365 and Office 365 plan options.” Microsoft, 31 Aug. 2021. Accessed 17 Sept. 2021.

    “Microsoft 365 for enterprise.” Microsoft. Accessed 17 Sept. 2021

    “Microsoft Office 365 Usage Statistics.” Thexyz blog, 18 Sept. 2020. Accessed 17 Sept. 2021.

    “Microsoft Power Apps, Microsoft Power Automate and Microsoft Power Virtual Agents Licensing Guide.” Microsoft, June 2021. Web.

    “Microsoft Project service description.” Microsoft, 31 Aug. 2021. Accessed 17 Sept. 2021.

    “Microsoft Project Statistics.” Integent Blog, 12 Dec. 2013. Accessed 17 Sept. 2021.

    Nanji, Aadil . Modernize Your Microsoft Licensing for the Cloud Era. Info-Tech Research Group, 12 Mar. 2020. Accessed 17 Sept. 2021.

    “Number of Office 365 company users worldwide as of June 2021, by leading country.” Statista, 8 June 2021. Accessed 17 Sept. 2021.

    “Overcoming disruption in a digital world.” Asana. Accessed 17 Sept. 2021.

    Pajunen, Antti. “Customizing and extending Project for the web.” Day to Day Dynamics 365, 20 Jan. 2020. Accessed 17 Sept. 2021.

    “Partner Center Documentation.” Microsoft. Accessed 17 Sept. 2021.

    Pragmatic Works. “Building First Power Apps Model Driven Application.” YouTube, 21 June 2019. Accessed 17 Sept. 2021.

    “Project architecture overview.” Microsoft, 27 Mar. 2020. Accessed 17 Sept. 2021.

    “Project for the web Accelerator.” GitHub. Accessed 17 Sept. 2021.

    “Project for the web admin help.” Microsoft, 28 Oct. 2019. Accessed 17 Sept. 2021.

    “Project for the Web – The New Microsoft Project.” TPG. Accessed 17 Sept. 2021.

    “Project for the Web Security Roles.” Microsoft, 1 July 2021. Accessed 17 Sept. 2021.

    “Project Online: Project For The Web vs Microsoft Project vs Planner vs Project Online.” PM Connection, 30 Nov. 2020. Accessed 17 Sept. 2021.

    Redmond, Tony. “Office 365 Insights from Microsoft’s FY21 Q2 Results.” Office 365 for IT Pros, 28 Jan. 2021. Accessed 17 Sept. 2021.

    Reimagine Project Management with Microsoft. “Advanced deployment for Project for the web.” YouTube, 4 Aug. 2021. Accessed 17 Sept. 2021.

    Reimagine Project Management with Microsoft. “Overview of Microsoft Project.” YouTube, 29 July 2021. Accessed 17 Sept. 2021.

    “See which partner offer is right for you.” Microsoft. Accessed 17 Sept. 2021.

    Shalomova, Anna. “Microsoft Project for Web 2019 vs. Project Online: What’s Best for Enterprise Project Management?” FluentPro, 23 July 2020. Accessed 17 Sept. 2021.

    Speed, Richard. “One Project to rule them all: Microsoft plots end to Project Online while nervous Server looks on.” The Register, 28 Sept. 2018. Accessed 17 Sept. 2021.

    Spataro, Jared. “A new vision for modern work management with Microsoft Project.” Microsoft, 25 Sept. 2018. Accessed 17 Sept. 2021.

    Stickel, Robert. “OnePlan Recognized as Winner of 2021 Microsoft Project & Portfolio Management Partner of the Year.” OnePlan, 8 July 2021. Accessed 17 Sept. 2021.

    Stickel, Robert. “The Future of Project Online.” OnePlan, 2 Mar. 2021. Accessed 17 Sept. 2021.

    Stickel, Robert. “What It Means to be Adaptive.” OnePlan, 24 May 2021. Accessed 17 Sept. 2021.

    “The Future of Microsoft Project Online.” OnePlan. Accessed 17 Sept. 2021.

    Weller, Joe. “Demystifying Microsoft Project Licensing.” Smartsheet, 10 Mar. 2016. Accessed 17 Sept. 2021.

    Western Principles Inc. “Dump the Spreadsheets for Microsoft Project Online.” YouTube, 2 July 2020. Accessed 17 Sept. 2021.

    Western Principles Inc. “Project Online or Project for the web? Which project management system should you use?” YouTube, 11 Aug. 2020. Accessed 17 Sept. 2021.

    “What is Power Query?” Microsoft, 22 July 2021. Web.

    Wicresoft. “The Power of the New Microsoft Project and Microsoft 365.” YouTube, 29 May 2020. Accessed 17 Sept. 2021.

    Wicresoft. “Why the Microsoft Power Platform is the Future of PPM.” YouTube, 11 June 2020. Accessed 17 Sept. 2021.

    Improve your core processes

    Improve your core processes


    We have over 45 fully detailed
    and interconnected process guides
    for you to improve your operations

    Managing and improving your processes is key to attaining commercial success

    Our practical guides help you to improve your operations

    We have hundreds of practical guides, grouped in many processes in our model. You may not need all of them. I suggest you browse within the belo top-level categories below and choose where to focus your attention. And with Tymans Group's help, you can go one process area at a time.

    If you want help deciding, please use the contact options below or click here.

    Check out our guides

    Our research and guides are priced from €299,00

    • Gert Taeymans Guidance

      Tymans Group Guidance & Consulting

      Tymans Group guidance and (online) consulting using both established and forward-looking research and field experience in our management domains.

      Contact

    • Tymans Group
      & Info-Tech
      Combo

      Get both inputs, all of the Info-tech research (with cashback rebate), and Tymans Group's guidance.

      Contact

    • Info-Tech Research

      Info-Tech offers a vast knowledge body, workshops, and guided implementations. You can buy Info-Tech memberships here at Tymans Group with cashback, reducing your actual outlay.

      Contact

    Register to read more …

    Switching Software Vendors Overwhelmingly Drives Increased Satisfaction

    • Buy Link or Shortcode: {j2store}612|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Selection & Implementation
    • Parent Category Link: /selection-and-implementation

    Organizations risk being locked in a circular trap of inertia from auto-renewing their software. With inertia comes complacency, leading to a decrease in overall satisfaction. Indeed, organizations are uniformly choosing to renew their software – even if they don’t like the vendor!

    Our Advice

    Critical Insight

    Renewal is an opportunity cost. Switching poorly performing software substantially drives increased satisfaction, and it potentially lowers vendor costs in the process. To realize maximum gains, it’s essential to have a repeatable process in place.

    Impact and Result

    Realize the benefits of switching by using Info-Tech’s five action steps to optimize your vendor switching processes:

    1. Identify switch opportunities.
    2. Evaluate your software.
    3. Build the business case.
    4. Optimize selection method.
    5. Plan implementation.

    Switching Software Vendors Overwhelmingly Drives Increased Satisfaction Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Why you should consider switching software vendors

    Use this outline of key statistics to help make the business case for switching poorly performing software.

    • Switching Existing Software Vendors Overwhelmingly Drives Increased Satisfaction Storyboard

    2. How to optimize your software vendor switching process

    Optimize your software vendor switching processes with five action steps.

    [infographic]

    Equip Managers to Effectively Manage Virtual Teams

    • Buy Link or Shortcode: {j2store}600|cart{/j2store}
    • member rating overall impact (scale of 10): 9.7/10 Overall Impact
    • member rating average dollars saved: $20,240 Average $ Saved
    • member rating average days saved: 4 Average Days Saved
    • Parent Category Name: Manage & Coach
    • Parent Category Link: /manage-coach
    • Virtual team members must rely upon collaboration technology to communicate and collaborate.
    • Management practices and approaches that work face to face do not always translate effectively in virtual contexts.
    • Managers cannot rely upon spontaneous social interactions that happen organically when people are colocated to build meaningful and trusting relationships. Space and time need to be created in a virtual environment for this to happen.
    • Observing an employee’s performance or development can be more difficult, and relying on others’ feedback becomes more critical for managing performance and development.

    Our Advice

    Critical Insight

    • Managing virtual teams does not require developing new manager competencies. Instead, managers need to “dial up” competencies they already have and adjust their approaches.
    • Setting clear expectations with virtual teams creates the foundation needed to manage them effectively.
    • Virtual employees crave more meaningful interactions about performance and development with their managers.

    Impact and Result

    • Create a solid foundation for managing virtual teams by setting clear expectations and taking a more planful approach to managing performance and employee development.
    • Dial up key management competencies that you already have. Managers do not need to develop new competencies; they just need to adjust and refocus their approaches.

    Equip Managers to Effectively Manage Virtual Teams Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Equip managers to effectively manage virtual teams

    Equip managers to become more effective with managing remote teams.

    The workbook serves as a reference guide participants will use to support formal training.

    • Training Deck: Equip Managers to Effectively Manage Virtual Teams
    • Workbook: Equip Managers to Effectively Manage Virtual Teams
    • Standard Participant Training Session Evaluation Template

    2. Additional Resources

    Many organizations are developing plans to allow employees more flexible work options, including remote work. Use these resources to help managers and employees make the most of remote work arrangements.

    • Work-From-Home Tips for Managers
    • Work-From-Home Tips for Employees
    • Health & Safety at Home Infographic
    • Wellness and Working From Home
    • Ergonomic Workspaces Infographic
    [infographic]

    Further reading

    Equip Managers to Effectively Manage Virtual Teams

    Learning objectives

    Describe the benefits of virtual teams.

    Create a plan for adopting effective management practices and setting clear expectations with virtual teams.

    Identify potential solutions to the challenges of managing performance and developing members of virtual teams.

    Create an action plan to increase effectiveness in managing virtual teams.

    Target audience

    People managers who manage or plan to manage virtual teams.

    Training length

    Two three-hour sessions

    Training material

    • Use the speaker’s notes in the notes pane section of each slide to plan and practice the training session.
    • Activity slides are scattered throughout this training deck and are clearly numbered in the slide title.
    • Notes in italics are written to the facilitator and are not meant to be read aloud.
    • Download the Workbook for participants to use.

    Suggested materials for activities:

    • Index cards or sticky notes
    • Markers
    • Whiteboard/large table space/flip chart

    Agenda & activities

    Section 1

    Section 2

    10 min

    Welcome: Overview & Introductions

    • Introductions
    10 min

    Welcome: Overview & Introductions

    • Session 1 Review
    • Session 2 Overview
    50 min

    1.1 Introduction to virtual teams

    • What kind of virtual team do you lead?
    • Virtual team benefits and challenges
    55 min

    2.1 Managing wellbeing in a virtual team context

    • Share current practices and challenges regarding wellbeing in virtual teams
    • Identify and discuss proposed solutions
    • Develop draft action plan for managing wellbeing in a virtual team context
    5 min

    Break

    5 min Break
    45 min

    1.2 Laying the foundation for a virtual team

    • Identify behaviors to better inform, interact with, and involve team members
    60 min

    2.2 Managing performance in a virtual team context

    • Share current performance management practices for virtual teams
    • Identify challenges of current practices and propose solutions
    • Develop draft action plan for managing performance in a virtual team context
    10 min

    Break

    10 min Break
    55 min

    1.2 Laying the foundation for a virtual team

    • Identify and share ways you prefer to communicate for different activities
    • Develop draft action plan for laying the foundation for a virtual team
    40 min

    Action planning & conclusion

    • Refine consolidated action plan (three parts) and commit to implementing it
    • Key takeaways
    5 min

    Session 1 Wrap-Up

    Recommended Customization

    Review all slides and adjust the language or content as needed to suit your organizational context and culture.

    The pencil icon to the left denotes slides requiring customization of the slide and/or the speaker’s notes, e.g. adding in an organization-specific process.

    Customization instructions are found in the notes pane.

    Tips

    • Adjust the speaker’s notes on the slides before (or after) any slides you modify or delete to ensure logical transitions between slides.
    • Update the agenda to reflect new timings if major modifications are made.
    • Even seasoned leaders need to be reminded of the basics now and again. Rather than delete more basic slides, cut back on the amount of time spent covering them and frame the content as a refresher.
    • Participant Workbooks
    • Relevant organization-specific documents (see side panel)
    • Training Session Feedback Form

    Required Information

    • Communication guidelines for managers (e.g. cadence of manager interactions)
    • Performance management process and guidelines
    • Employee development guidelines
    • List of available resources (e.g. social collaboration tools)

    Effectively Manage Virtual Teams

    Section 1.1

    Practical foundations for managing teams in a remote environment

    Feasibility of virtual IT teams

    Most organizations are planning some combination of remote and onsite work in 2022.

    This is an image of a bar graph demonstrating the percentage of companies who have the following plans for return to work: Full work-from-home (All employees WFH permanently) - 4% ; No work-from-home permitted	9% ; Partial work-from-home team (Eligible employees can WFH for a certain portion of their work week)	23% ; Balanced work-from-home team (All employees can WFH for a certain portion of their work week)	28% ; Hybrid work-from-home team (Eligible employees WFH on a full-time basis)	37%

    Source: IT Talent Trends, 2022; n=199

    Speaker’s Notes:

    Most organizations are planning some combination of remote and onsite work in 2022 – the highest reported plans for WFH were hybrid, balanced, and partial work-from-home. This builds on our findings in the IT Talent Trends 2022 report.

    Feasibility of virtual IT teams

    What percentage of roles in IT are capable of being performed remotely permanently?

    Approximately what percentage of roles in IT are capable of being performed remotely permanently?

    0% to less than 10%: 3%; 10% to less than 25%: 5%; 25% to less than 50%: 12%; 50% to less than 75%: 30%; 75% to 100%L 50%.

    IT Talent Trends, 2022; n=207

    Speaker’s Notes:

    80% of respondents estimated that 50 to 100% of IT roles can be performed remotely.

    Virtual teams take all kinds of forms

    A virtual team is any team that has members that are not colocated and relies on technology for communications.

    This image depicts the three levels of virtual teams, Municipal; National; Global.

    Speaker’s Notes:

    Before we start, it will be useful to review what we mean by the term “virtual team.” For our purposes we will be defining a virtual team as any team that has members that are not colocated and relies on technology for communications.

    There are a wide variety of virtual work arrangements and a variety of terms used to describe them. For example, some common terms include:

    • “Flexible work arrangements”: Employees have the option to work where they see fit (within certain constraints). They may choose to work from the office, home, a shared office space, the road, etc.
    • “Remote work,” “work from home,” and “telecommuting”: These are just various ways of describing how or where people are working virtually. They all share the idea that these kinds of employees are not colocated.
    • “Multi-office team”: the team members all work in office environments, but they may not always be in the same office as their team members or manager.

    Our definition of virtual work covers all of these terms. It is also distance neutral, meaning that it applies equally to teams that are dispersed globally or regionally or even those working in the same cities but dispersed throughout different buildings. Our definition also applies whether virtual employees work full time or part time.

    The challenges facing managers arise as soon as some team members are not colocated and have to rely on technology to communicate and coordinate work. Greater distances between employees can complicate challenges (e.g. time zone coordination), but the core challenges of managing virtual teams are the same whether those workers are merely located in different buildings in the same city or in different buildings on different continents.

    1.1 What kind of virtual team do you lead?

    15 Minutes

    Working on your own, take five minutes to figure out what kind of virtual team you lead.

    1. How many people on your team work virtually (all, most, or a small percentage)?
    2. How often and how regularly do they tend to work virtually (full time, part time regularly, or part time as needed)?
    3. What kinds of virtual work arrangements are there on your team (multi-site, work from home, mobile employees)?
    4. Where do your workers tend to be physically located (different offices but in the same city/region or globally dispersed)?
    5. Record this information in your workbook.
    6. Discuss as a group.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Size of virtual team
    • Current remote work practices

    Output

    • Documented list of current state of remote work

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Advantages

    Benefits to the organization

    Benefits to employees

    Operational continuity in disaster situations that prevent employees from coming into the office.

    Cost savings: Employees who WFH half the time can save $2,500 to $4,000 per year (Global Workplace Analytics, 2021).

    Cost savings: Organizations save ~$11,000 annually per employee working from home half the time (Global Workplace Analytics, 2021).

    Time savings: Employees who WFH half the time save on average 11 workdays per year (Global Workplace Analytics, 2021).

    Increased attraction: 71% of employees would likely choose one employer over another based on WFH offerings (Owl Labs, 2021).

    Improved wellbeing:

    83% employees agree that WFH would make them happier.

    80% agree that WFH would decrease their stress.

    81% agree that WFH would improve their ability to manage their work-life balance.

    (Owl Labs, 2021)

    Increased retention: 74% of employees would be less likely to leave their employer if they could WFH (Owl Labs, 2021).

    Increased flexibility: 32% of employees rated the “ability to have a flexible schedule” as the biggest benefit of WFH (OWL Labs, 2021).

    Increased productivity: 50% of employees report they would maintain or increase their productivity while working from home (Glassdoor Team, 2020).

    Increased engagement: Offsite employees tend to have higher overall engagement than onsite employees (McLean & Company Engagement Survey, 2020).

    Speaker’s Notes:

    Remote work arrangements are becoming more and more common, and for good reason: there are a lot of benefits to the organization – and to employees.

    #1: Save Money

    Perhaps one of the most common reasons for opting for remote-work arrangements is the potential cost savings. One study found that organizations could save about $11,000 per employee working from home half the time (Global Workplace Analytics, 2021).

    #2 Increased Attraction

    In addition, supporting remote-work arrangements can attract employees. One study found that 71% of employees would likely choose one employer over another based on WFH offerings (Owl Labs, 2019).

    #3 Improve productivity.

    There are also improvements to productivity. Fifty percent of employees report they would maintain or increase their productivity while working from home (Glassdoor Team, 2020).

    Remote work also has benefits to employees.

    #1: Save Money

    As with organizations, employees also benefit financially from remote work arrangements, saving between $2,500 and $4,000 and on average 11 working days while working from home half of the time.

    #2: Improved Wellbeing

    Most employees agree that working from home makes them happier, reduces stress, and provides an improved work-life balance through increased flexibility.

    Challenges

    Organizations

    • Concerns that WFH may stifle innovation (Scientific American, 2021), likely due to the potential lack of collaboration and knowledge sharing.
    • Fewer organic opportunities for informal interaction between employees working from home means active efforts are required to foster organizational culture.

    Leaders

    • 42% of managers believe that monitoring the productivity of their direct reports is a top challenge of WFH (Ultimate Software, 2019).
    • The lack of in-person supervision compounded with a lack of trust in employees leads many leaders to believe that WFH will result in a drop in productivity.

    Employees

    • 20% of employees report collaboration/communication as their top struggle with WFH (Owl Labs, 2021).
    • Employees often experience burnout from working longer hours due to the lack of commute, blurring of work and home life, and the perceived need to prove their productivity.

    Many of these barriers can be addressed by changing traditional mindsets and finding alternative ways of working, but the traditional approach to work is so entrenched that it has been hard to make the shift.

    Speaker’s Notes:

    Many organizations are still grappling with the challenges of remote work. Some are just perceived challenges, while others are quite real.

    Limited innovation and a lack of informal interaction are a potential consequence of failing to properly adapt to the remote-work environment.

    Leaders also face challenges with remote work. Losing in-person supervision has led to the lack of trust and a perceived drop in productivity.

    A study conducted 2021 asked remote workers to identify their biggest struggle with working remotely. The top three struggles remote workers report facing are unplugging after work, loneliness, and collaborating and/or communicating.

    Seeing the struggles remote workers identify is a good reminder that these employees have a unique set of challenges. They need their managers to help them set boundaries around their work; create feelings of connectedness to the organization, culture, and team; and be expert communicators.

    1.2 Virtual teams: benefits and challenges

    20 Minutes

    1. Discuss and list:
      1. Any positives you’ve experienced since managing virtual employees.
      2. Any challenges you’ve had to manage connected to managing virtual employees.
    2. Record information in the workbook.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Personal experiences managing remote teams

    Output

    • List of benefits and challenges of remote work

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Effectively Manage Virtual Teams

    Section 1.2

    Laying the foundations for a virtual team

    The 3i’s: Inform, interact, and involve your way to effective management:

    Inform

    Interact Involve

    ↓ Down

    Connect

    ↑ Up

    Tell employees the whys

    Get to know employees

    Solicit input from employees

    Speaker’s Notes:

    Effectively managing a virtual team really comes down to adopting management approaches that will engage virtual employees.

    Managing a virtual team does not actually require a new management style. The basics of effective management are the same in both colocated and virtual teams; however, the emphasis on certain behaviors and actions we take often differs. Managing a virtual team requires much more thoughtfulness and planning in our everyday interactions with our teams as we cannot rely on the relative ease of face-to-face interactions available to colocated teams.

    The 3i’s Engaging Management Model is useful when interacting with all employees and provides a handy framework for more planful interactions with virtual employees.

    Think of your management responsibilities in these three buckets – they are the most important components of being an effective manager. We’re first going to look at inform and involve before moving on to interact.

    Inform: Relay information down from senior management and leaders to employees. Communicate the rationale behind decisions and priorities, and always explain how they will directly affect employees.

    Why is this important? According to McLean & Company’s Engagement Survey data, employees who say their managers keep them well informed about decisions that affect them are 3.4 times more likely to be engaged (Source: McLean & Company, 2020; N=77,363). Your first reaction to this might be “I already do this,” which may very well be the case. Keep in mind, though, we sometimes tend to communicate on a “need-to-know basis,” especially when we are stressed or short on time. Engaging employees takes more. Always focus on explaining the “why?” or the rationale behind business decisions.

    It might seem like this domain should be the least affected, since important company announcements probably continue in a remote environment. But remember that information like that also flows informally. And even in formal settings, there are question-and-answer opportunities. Or maybe your employee might come to your office to ask for more details. Virtual team members can’t gather around the watercooler. They don’t have the same opportunities to hear information in passing as people who are colocated do, so managers need to make a concerted effort to share information with virtual team members in a clear and timely way.

    Swinging over to the other end, we have involve: Involve your employees. Solicit information and feedback from employees and collaborate with them.

    However, it’s not enough to just solicit their feedback and input; you also need to act on it.

    Make sure you involve your employees in a meaningful way. Such collaboration makes employees feel like a valued part of the team. Not to mention that they often have information and perspectives that can help make your decisions stronger!

    Employees who say their department leaders act on feedback from them are 3.9 times more likely to be engaged than those whose leaders don’t. (Source: McLean & Company, 2020; N=59,779). That is a huge difference!

    Keeping virtual employees engaged and feeling connected and committed to the organization requires planful and regular application of the 3i’s model.

    Finally, Interact: Connect with employees on a personal level; get to know them and understand who they are on a personal and professional level.

    Why? Well, over and above the fact that it can be rewarding for you to build stronger relationships with your team, our data shows that human connection makes a significant difference with employees. Employees who believe their managers care about them as a person are 3.8 times more likely to be engaged than those who do not (Source: McLean & Company, 2017; N=70,927).

    And you might find that in a remote environment, this is the area that suffers the most, since a lot of these interactions tend to be unscripted, unscheduled, and face to face.

    Typically, if we weren’t in the midst of a pandemic, we’d emphasize the importance of allocating some budget to travel and get some face-to-face time with your staff. Meeting and interacting with team members face to face is crucial to building trusting relationships, and ultimately, an effective team, so given the context of our current circumstances, we recommend the use of video when interacting with your employees who are remote.

    Relay information down from senior management to employees.

    Ensure they’ve seen and understand any organization-wide communication.

    Share any updates in a timely manner.

    Connect with employees on a personal level.
    Ask how they’re doing with the new work arrangement.
    Express empathy for challenges (sick family member, COVID-19 diagnosis, etc.).
    Ask how you can support them.
    Schedule informal virtual coffee breaks a couple of times a week and talk about non-work topics.

    Get information from employees and collaborate with them.
    Invite their input (e.g. have a “winning remotely” brainstorming session).
    Escalate any challenges you can’t address to your VP.
    Give them as much autonomy over their work as possible – don’t micromanage.

    1.3 Identify behaviors to inform, interact with, and involve team members

    20 Minutes

    Individually:

    1. Identify one behavior for each of Inform, Interact, and Involve to improve.
    2. Record information in the workbook.

    As a group:

    1. Discuss behaviors to improve for each of Inform, Interact, and Involve and record new ideas to incorporate into your leadership practice.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • 3i's Model
    • Current leadership behaviors to improve

    Output

    • List of behaviors to better inform, interact, and involve team members

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Laying the foundation: Set clear expectations

    Tasks

    • What are the daily and weekly team activities? How do they affect one another?

    Goals

    • Clarify any adjustments to strategy based on the situation; clarify metrics.

    Communication

    • How often and when will you check in? What should they come to you for? What modalities will you use and when?

    Roadblocks

    • Involve your team in deciding how to handle roadblocks and challenges.

    Speaker’s Notes:

    Clear expectations are important in any environment, remote or not. But it is much harder to do in a remote environment. The barrier to seeking clarification is so much higher (For example, email vs. catching someone in hallway, or you can’t notice that a colleague is struggling without them asking).

    Communication – This is one area where the importance actually changes in a remote context. We’ve been talking about a lot of practices that are the same in importance whether you’re in an office or remote, and maybe you just enact them differently. But clarity around communication processes is actually tremendously more important in a remote environment.

    Adopt a five-step process to set specific and documented expectations

    1. Check in with how your team member is doing on a daily basis. Don’t forget to ask how they are doing personally.
    2. Follow up on previously set expectations. Ask how things are going. Discuss if priorities or expectations have changed and update expectations accordingly.
    3. Ask if they are experiencing any roadblocks and collaborate to find solutions.
    4. Provide feedback and recognition as appropriate.
    5. Document newly set expectations – either through a collaboration tool or through email.

    Speaker’s Notes:

    Suggested best practices: Hold daily team check-ins and hold separate individual check-ins. Increase frequency of these.

    During Check-in
    1. Set up a running Teams chat for your team.
    • This is your community. You must be the biggest cheerleader and keep the team feeling like they are contributing. Make sure everyone is involved.
  • Start each workday with a video scrum to discuss what’s coming today for your team.
    • Ask: What are you planning to work on today? Are there any roadblocks I can help with? Technology working OK?
  • Right after your team meeting, set up an “every morning video call” one-on-one meeting with each team member (5-10 minutes max).
    • Ask: What are you working on today? What will your momentum metrics be? What do you need from me?
  • Set up a separate video call at the end of the afternoon to review what everyone did (5 minutes max).
    • Ask: What went well? What went poorly? How can we improve?
  • After a Check-in
    1. Be accessible:
      • Ensure your team knows the best way to get in touch with you.
      • Email is not ideal for informal, frequent contact – use messaging instead.
    2. Be available:
      • Keep a running conversation going in Teams.
      • Respond in a timely manner; address issues quickly so that your team has what they need to succeed.
      • Let your team know if you’ll be away/offline for longer than an hour during the workday and ask them to do the same (e.g. for an appointment).
      • Help address roadblocks, answer questions, clarify priorities, etc.

    Define communication requirements

    • Set up an ongoing communication with your team.
      • E.g. a running conversation on Slack or Teams
    • Schedule daily virtual meetings and check-ins.
      • This can help to maintain a sense of normalcy and conduct a pulse check on your team.
    • Use video for important conversations.
      • Video chat creates better rapport, shows body language, and lessens feelings of isolation, but it can be taxing.
    • Set expectations about communication.
      • Differentiate between day-to-day communication and updates on the state of events.
    • Clearly communicate the collaboration toolkit.
      • What do we have available? What is the purpose of each?

    Speaker’s Notes:

    With organizational expectations set, we need to establish team expectations around how we collaborate and communicate.

    Today there is no lack of technology available to support our virtual communication. We can use the phone, conference calls, videoconferencing, Skype, instant messaging, [insert organization-specific technological tools.], etc.

    However, it is important to have a common understanding of which tools are most appropriate when and for what.

    What are some of the communication channel techniques you’ve found useful in your informal interactions with employees or that you’ve seen work well between employees?

    [Have participants share any technological tools they find useful and why.]

    Check in with your team on communication requirements

    • Should we share our calendars, hours of availability, and/or IM status?
    • How often should we meet as a team and one on one? Should we institute a time when we should not communicate virtually?
    • Which communication channel should we use in what context? How should we decide which communication method to use?
    • Should I share guidelines for email and meeting etiquette (or any other communication methods)?
    • Should we establish a new team charter?
    • What feedback does the team have regarding how we’ve been communicating?

    Speaker’s Notes:

    Whenever we interact, we make the following kinds of social exchanges. We exchange:

    • Information: Data or opinions
    • Emotions: Feelings and evaluations about the data or opinions
    • Motivations: What we feel like doing in response to data or opinions

    We need to make sure that these exchanges are happening as each team member intends. To do this, we have to be sensitive to what information is being conveyed, what emotions are involved in the interaction, and how we are motivating each other to act through the interaction. Every interaction will have intended and unintended effects on others. No one can pay attention to all of these aspects of communication all the time, but if we develop habits that are conducive to successful exchanges in all three areas, we can become more effective.

    In addition to being mindful of the exchange in our communication, as managers it is critical to build trusting relationships and rapport with employees as we saw in the 3i's model. However, in virtual teams we cannot rely on running into someone in the kitchen or hallway to have an informal conversation. We need to be thoughtful and deliberate in our interactions with employees. We need to find alternative ways to build these relationships with and between employees that are both easy and accepted by ourselves and employees. Because of that, it is important to set communication norms and really understand each other’s preferences. For example:

    • Timing of responses. Set the expectation that emails should be responded to within X hours/days unless otherwise noted in the actual email.
    • When it’s appropriate to send an email vs. using instant messaging.
    • A team charter – the team’s objectives, individual roles and responsibilities, and communication and collaboration guidelines.

    1.4 Identify and share ways you prefer to communicate for different activities

    20 Minutes

    1. Brainstorm and list the different types of exchanges you have with your virtual employees and they have with each other.
    2. List the various communication tools in use on your team.
    3. Assign a preferred communication method for each type of exchange

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Current types of exchanges on team
    • Communication methods used

    Output

    • Defined ways to communicate for each communication method

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Effectively Manage Virtual Teams

    Section 2.1
    Balancing wellbeing and performance in a virtual team context

    The pandemic has taken a significant toll on employees’ mental wellbeing

    44% of employees reported declined mental wellbeing since the start of the pandemic.

    • 44% of those who work from home.
    • 34% of those who have other work arrangements (i.e. onsite).
      (Qualtrics, 2020)

    "If one of our colleagues were to fall, break their leg, and get a cast, colleagues would probably rally around that person signing their cast. But, really, we don’t view the health of our brain the same as we do the health of our body."
    – Centre for Addiction and Mental Health (CAMH) Employee

    Speaker’s Notes:

    Despite being over two years into the pandemic, we are still seeing its effect on the physical and mental health of employees.

    The mental health aspect has been often overlooked by organizations, but in order to have a safe, happy, and productive team, you need to give mental health the same level of focus as physical heath. This requires a change in mindset in order for you as a leader to support your team's mental wellbeing during the pandemic and beyond.

    Employees are reporting several key mental wellbeing challenges

    Stress: 67%

    Employees report increasingly high levels of stress from the onset of COVID-19, stating that it has been the most stressful time in their careers.
    (Qualtrics, 2020)

    Anxiety: 57%

    Similarly, employees’ anxiety levels have peaked because of the pandemic and the uncertainty it brings.
    (Qualtrics, 2020)

    Four main themes surrounding stress & anxiety

    • Fear of contracting COVID-19
    • Financial pressures
    • Job security and uncertainty
    • Loneliness caused by social isolation

    Speaker’s Notes:

    The stress and uncertainty about the future caused by the pandemic and its fallout are posing the biggest challenges to employees.

    Organizations shutting down operations, moving to fully remote, or requiring some of their employees to be on site based on the current situation causes a lot of anxiety as employees are not able to plan for what is coming next.

    Adding in the loss of social networks and in-person interactions exacerbates the problem employees are facing. As leaders, it is your job to understand and mitigate these challenges wherever possible.

    Re-examine your workplace barriers to mental wellbeing

    New Barriers

    Old Barriers

    • Childcare/eldercare responsibilities
    • Fear of workplace health risks
    • Work location
    • Lost support networks
    • Changed work schedules
    • Social distancing
    • Workload
    • Fear of stigma
    • Benefits limits
    • Limits to paid time off
    • Lack of manager knowledge

    Key considerations:

    • Work Environment
      • Accessibility of mental wellbeing programs and initiatives
    • Organizational Culture
      • Modeling of wellbeing
      • Paid time off
      • Discussions around mental wellbeing
    • Total Rewards
      • Benefits coverage
      • Employee assistance programs (EAPs)
      • Manager knowledge

    Speaker’s Notes:

    Organizational barriers to mental wellbeing are sadly not new. Workloads, stigma around mental health, lack of sick days, and limits to benefits for mental health supports were challenges before the pandemic. Adding in the new barriers can very easily result in a tipping point for many employees who are simply not equipped to deal with or supported in dealing with the added burden of remote work in a post-pandemic world.

    To provide the needed support to your employees, it’s important to be mindful of the key considerations.

    Holistic employee wellbeing has never been more critical than it is right now

    Employee Wellbeing

    Physical

    The physical body; ensuring a person has the freedom, opportunities, and resources needed to sustainably maintain bodily health.

    Mental

    The psychological ability to cope with information, emotions, desires, and stressors (e.g. change, threats, etc.) in a healthy and balanced way. Essential for day-to-day living and functioning.

    Social

    The state of personal and professional relationships, including personal and community engagement. The capability for genuine, authentic, and mutually affirming interactions with others.

    Financial

    The state of a person’s finances; ensuring that a person feels capable to handle their financial situation and behaviors. The ability to live productively without the weight of financial stress.

    Speaker’s Notes:

    As a manager, you need to be mindful of all of these. Create an atmosphere where people are able to come to you for help if they are struggling in one of these areas. For example, some people might be more comfortable raising physical safety or comfort concerns (personal protective equipment, ergonomics) than concerns about mental health. Or they might feel like their feelings of loneliness are not appropriate to bring into their professional life.

    Wellbeing is a delicate subject, and most of the time, people are reluctant to talk about it. It requires vulnerability. And here’s the thing about it: Your staff will not drive a change in your team around making these topics more acceptable. It has to be the manager. You have to be the one to not just tell but show them that it’s OK to talk about this

    Encourage human-centered workplace behaviors

    Promote empathy as a focus value

    • Listen and show compassion.
    • Allow room for emotions.

    Encourage social connection

    • Leverage networks.
    • Infuse fun where possible.
    • Encourage community and sense of joint purpose.

    Cultivate a growth mindset

    • Encourage mindfulness and resilience.
    • Express gratitude.

    Empower others

    • Ask employees what they need and co-create solutions.
    • Integrate needs of personal and family life with work life.
    • Be clear on accountability.

    Speaker’s Notes:

    As a leader, your focus should be on encouraging the right behaviors on your team and in yourself.
    Show empathy; allowing room for emotion and showing you are willing and able to listen goes a long way to establishing trust.

    A growth mindset applies to resilience too. A person with a growth mindset is more likely to believe that even though they’re struggling now, they will get through it.

    Infuse fun – schedule social check-ins. This is not wasted time, or time off work – it is an integral part of the workday. We have less of it now organically, so you must bring it back deliberately. Remember that theme? We are deliberately reinfusing important organic elements into the workday.

    The last item, empowerment, is interesting – being clear on accountability. Have clear performance expectations. It might sound like telling people what to do would be disempowering, but it’s the opposite. By clarifying the goals of what they need to achieve, you empower them to invent their own “how,” because you and they are both sure they will arrive at the place that you agreed on. We will talk more about this in performance management.

    Emphasize the importance of wellbeing by setting the tone for the team

    Managers must…

    • LEAD BY EXAMPLE
      • Employees look to their managers for cues about how to react in a crisis. If the manager reacts with stress and fear, the team will follow.
    • ENCOURAGE OPEN COMMUNICATION
      • Frequent check-ins and transparent communication are essential during a time of crisis, especially when working remotely.
    • ACKNOWLEDGE THE SITUATION
      • Recognizing the stress that teams may be facing and expressing confidence in them goes a long way.
    • PROMOTE WELLBEING
      • Managers who take care of themselves can better support their teams and encourage them to practice good self-care too.
    • REDUCE STIGMA
      • Reducing stigma around mental health encourages people to come forward with their struggles and get the support they need.

    Speaker’s Notes:

    Emphasize the importance of wellbeing with what you do. If you do not model self-care behavior, people will follow what you do, not what you say.

    Lead by example – Live the behaviors you want to see in your employees. If you show confidence, positivity, and resiliency, it will filter down to your team.

    Encourage open communication – Have regular meetings where your team is able to set the agenda, or allow one-on-ones to be guided by the employee. Make sure these are scheduled and keep them a priority.

    Acknowledge the situation – Pretending things are normal doesn’t help the situation. Talk about the stress that the team is facing and express confidence that you will get through it together.

    Promote wellbeing – Take time off, don’t work when you’re sick, and you will be better able to support your team!

    Reduce stigma – Call it out when you see it and be sure to remind people of and provide access to any supports that the organization has.

    Conduct dedicated conversations around wellbeing

    1. Check in with how each team member is doing frequently and ask how they are doing personally.
    2. Discuss how things are going. Ask: “How is your work situation working out for you so far? Do you feel supported? How are you taking care of yourself in these circumstances?”
    3. Ask if there are any stressors or roadblocks that they have experienced and collaborate to find solutions.
    4. Provide reassurance of your support and confidence in them.
    5. Document the plan for managing stressors and roadblocks – either through a collaboration tool or through email.

    Speaker’s Notes:

    Going back to the idea of a growth mindset – this may be uncomfortable for you as a manager. So here’s a step-by-step guide that over time you can morph into your own style.

    With your team – be prepared to share first and to show it is OK to be vulnerable and address wellbeing seriously.

    1. Make sure you make time for the personal. Ask about their lives and show compassion.
    2. Give opportunities for them to bring up things that might stay hidden otherwise. Ask questions that show you care.
    3. Help identify areas they are struggling with and work with them to move past those areas.
    4. Make sure they feel supported in what they are going through and reassured of their place on the team.
    5. Roll wellbeing into your planning process. This signals to team that you see wellbeing as important, not just a checklist to cover during a team meeting, and are ready to follow through on it.

    Recognize when professional help is needed

    SIGNS OF BURNOUT: Overwhelmed; Frequent personal disclosure; Trouble sleeping and focusing; Frequent time off; Strained relationships; Substance abuse; Poor work performance

    Speaker’s Notes:

    As a leader, it is important to be on the lookout for warning signs of burnout and know when to step in and direct individuals to professional help.

    Poor work performance – They struggle to maintain work performance, even after you’ve worked with them to create coping strategies.

    Overwhelmed – They repeatedly tell you that they feel overwhelmed, very stressed, or physically unwell.

    Frequent personal disclosure – They want to discuss their personal struggles at length on a regular basis.

    Trouble sleeping and focusing – They tell you that they are not sleeping properly and are unable to focus on work.

    Frequent time off – They feel the need to take time off more frequently.

    Strained relationships – They have difficulty communicating effectively with coworkers; relationships are strained.

    Substance abuse – They show signs of substance abuse (e.g. drunk/high while working, social media posts about drinking during the day).

    Keeping an eye out for these signs and being able to step in before they become unmanageable can mean the difference between keeping and losing an employee experiencing burnout.

    Remember: Managers also need support

    • Added burden
    • Lead by example
    • Self-care

    Speaker’s Notes:

    If you’ve got managers under you, be mindful of their unique stressors. Don’t forget to check in with them, too.

    If you are a manager, remember to take care of yourself and check in with your own manager about your own wellbeing.

    2.1 Balance wellbeing and performance in a virtual team context

    30 Minutes

    1. Brainstorm and list current practices and challenges connected to wellbeing on your teams.
    2. Choose one or two wellbeing challenges that are most relevant for your team.
    3. Discuss as a group and identify one solution for each challenge that you can put into action with your own virtual team. Document this under “Action plan to move forward” on the workbook slide “2.1 Balancing wellbeing and performance in a virtual team context.”

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Current practices and challenges connected to wellbeing

    Output

    • Action plan for each challenge listed

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Effectively Manage Virtual Teams

    Section 2.2

    Managing performance in a virtual team context

    Virtual employees are craving more meaningful interactions with their managers

    A survey indicated that, overall, remote employees showed less satisfaction with manager interactions compared to other non-remote employees.

    1. 16% less likely to strongly agree their manager involves them in setting goals at work.
    2. 28% less likely to strongly agree they continually work with their manager to clarify work priorities.
    3. 29% less likely to strongly agree they have reviewed their greatest successes with their manager in the last six months.
    4. 30% less likely to strongly agree they have talked with their manager about progress toward goals in the last six months.

    Speaker’s Notes:

    In many cases, we have put people into virtual roles because they are self-directed and self-motivated workers who can thrive with the kind of autonomy and flexibility that comes with virtual work. As managers, we should expect many of these workers to be proactively interested in how they are performing and in developing their careers.

    It would be a mistake to take a hands-off approach when managing virtual workers. A recent survey indicated that, overall, remote employees showed less satisfaction with manager interactions compared to other non-remote employees. It was also one of the aspects of their work experience they were least satisfied with overall (Gallup, State of the American Workplace, 2017). Simply put, virtual employees are craving more meaningful conversations with their managers.

    While conversations about performance and development are important for all employees (virtual or non-virtual), managers of remote teams can have a significant positive impact on their virtual employees’ experience and engagement at work by making efforts to improve their involvement and support in these areas.

    During this module we will work together to identify ways that each of us can improve how we manage the performance of our virtual employees. At the end of the module everyone will create an action plan that they can put in place with their own teams. In the next module, we go through a similar set of activities to create an action plan for our interactions with employees about their development.

    Building blocks of performance management

    • Goal Setting

    • Setting Expectations

    • Measuring Progress

    • Feedback & Coaching

    Speaker’s Notes:

    [Include a visualization of your existing performance management process in the slide. Walk the participants through the process to remind them of what is expected. While the managers participating in the training should know this, there may be different understandings of it, or it might just be the case that it’s been a while since people looked at the official process. The intention here is merely to ensure everyone is on the same page for the purposes of the activities that follow.]

    Now that we’ve reviewed performance management at a high level, let’s dive into what is currently happening with the performance management of virtual teams.

    I know that you have some fairly extensive material at your organization around how to manage performance. This is fantastic. And we’re going to focus mainly on how things change in a virtual context.

    When measuring progress, how do you as a manager make sure that you are comfortable not seeing your team physically at their desks? This is the biggest challenge for remote managers.

    2.2 Share current performance management practices for virtual teams

    30 Minutes

    1. Brainstorm and list current high-level performance management practices connected to each building block. Record in your workbook.
    2. Discuss current challenges connected to implementing the building blocks with virtual employees.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Current performance management practices
    • Challenges surrounding performance management

    Output

    • Current state of virtual performance management defined

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Communicate the “why”: Cascade organizational goals

    This image depicts the Cascade of Why- organizational goals. Organizational Mission; Organizational Values; Organizational Goals; Department Goals; Team Goals; Individual Goals

    Speaker’s Notes:

    When assisting your employees with their goals, think about the organization’s overall mission and goals to help you determine team and individual goals.

    • Organizational goals: Employee goals should align with organizational goals. Goals may cascade down through the organization.
    • Department or team goals: Create a clear strategy based on high-level goals for the year so employees can link short-term goals to the larger picture.
    • Individual goals: Employees should draw on their individual development plan to help set performance goals.

    Sometimes it’s difficult to get employees thinking about goals and they need assistance from managers. It’s also important to be clear on team goals to help guide employees in setting individual ones.

    The basic idea is to show people how their individual day-to-day work contributes to the overall success of the organization. It gives them a sense of purpose and a rationale, which translates to motivation. And also helps them problem solve with more autonomy.

    You’re giving people a sense of the importance of their own contribution.

    How to set clear expectations for job performance

    Ensure employees have a clear understanding of what’s expected for their role:

    1. Review their metrics so they understand how they’re being evaluated.
    2. Outline daily, weekly, monthly, and quarterly goals.
    3. If needed, help them plan when and how each part of their job should be done and what to prioritize.
    4. Ask them to come to you early if they experience a roadblock so that you can help rather than having them flounder on their own.
    5. Document instances where employees aren’t meeting role or performance expectations.

    Speaker’s Notes:

    Tailor performance goals to address any root causes of poor performance.

    For example:

    • If personal factors are getting in the way, work with the employee (and HR if necessary) to create a strategy to address any impediments to performing in the role.

    Tips for managing performance remotely

    • Reflect on one key question: What needs to happen for my direct reports to continue their work while working remotely?
    • Manage for results – not employee visibility at the office.
    • Use metrics to measure performance. If you don’t have any, define tasks and deliverables as clearly as possible and conduct regular check-ins.
    • Work with the employee to set goals and metrics to measure progress.

    Focus on results: Be flexible about how and when work gets done, as long as team members are hitting their targets.

    • For example, if they have childcare duties from 3 to 5pm during school closures and want to work later in the evening to make up the time, that’s fine – as long as the work gets done.
    • Set clear expectations about which work must be done during normal work hours (e.g. attend team meetings, client calls) and which can be done at other hours.
    • Team members must arrange with you any nonstandard working hours before they start using an altered schedule. It is your responsibility to keep track of hours and any alternate arrangements.
    • Don’t make team members feel constantly monitored (i.e. “Where were you from 10 to 11am?”); trust them until you have reason not to.

    Encourage your team members to unplug: If they’re sending you emails late at night and they haven’t made an alternate work hours agreement with you, encourage them to take time away from work.

    • It’s harder to unplug when working at home, and everyone needs a break to stay productive.

    Avoid micromanagement with holistic performance measures

    Quality

    How well tasks are accomplished

    Behavior

    Related to specific employee actions, skills, or attitudes

    Quantity

    How much work gets done

    Holistic measures demonstrate all the components required for optimal performance. This is the biggest driver in having comfort as a manager of a remote team and avoiding micromanagement. Typically these are set at the organizational level. You may need to adjust for individual roles, etc.

    Speaker's Notes:

    Metrics come in different types. One way to ensure your metrics capture the full picture is to use a mix of different kinds of metrics.

    Some metrics are quantitative: they describe quantifiable or numerical aspects of the goal. This includes timeliness. On the other hand, qualitative metrics have to do with the final outcome or product. And behavioral metrics have to do with employees' actions, skills, or attitudes. Using different kinds of metrics together helps you set holistic measures, which capture all the components of optimal performance toward your goal and prevent gaming the system.

    Let's take an example:

    A courier might have an objective to do a good job delivering packages. An example of a quantitative measure might be that the courier is required to deliver X number of packages per day on time. The accompanying metrics would be the number of packages delivered per day and the ratio of packages delivered on time vs. late.

    Can you see a problem if we use only these quantitative measures to evaluate the courier's performance?

    Wait to see if anyone volunteers an answer. Discuss suggestions.

    That's right, if the courier's only goal is to deliver more packages, they might start to rush, may ruin the packages, and may offer poor customer service. We can help to guard against this by implementing qualitative and behavioral measures as well. For example, a qualitative measure might be that the courier is required to deliver the packages in mint condition. And the metric would be the number of customer complaints about damaged packages or ratings on a satisfaction survey related to package condition.

    For the behavioral aspect, the courier might be required to provide customer-centric service with a positive attitude. The metrics could be ratings on customer satisfaction surveys related to the courier's demeanor or observations by the manager.

    Managing poor performance virtually: Look for key signs

    It’s crucial to acknowledge that an employee might have an “off week” or need time to balance work and life – things that can be addressed with performance management (PM) techniques. Managers should move into the process for performance improvement when:

    1. Performance fluctuates frequently or significantly.
    2. Performance has dropped for an extended period of time.
    3. Expectations are consistently not being met.

    Key signs to look for:

    • PM data/performance-related assessments
    • Continual absences
    • Decreased quality or quantity of output
    • Frequent excuses (e.g. repeated internet outages)
    • Lack of effort or follow-through
    • Missed deadlines
    • Poor communication or lack of responsiveness
    • Failure to improve

    Speaker’s notes:

    • Let’s talk more about identifying low performance.
    • Everybody has off days or weeks. And what if they are new to the role or new to working remotely? Their performance may be low because they need time to adjust. These sort of situations should be managed, but they don’t require moving into the process for performance improvement.
    • When managing employees who are remote or working in a hybrid situation, it is important to be alert to these signs and check in with your employees on a regular basis. Aim to identify and work with employees on addressing performance issues as they arise rather than waiting until it’s too late. Depending on your availability, the needs of the employee, and the complexity of their role, check-ins could occur daily, weekly, and/or monthly. As I mentioned, for remote employees, it’s often better to check-in more frequently but for a shorter period of time.
    • You want to be present in their work life and available to help them manage through roadblocks and stay on track, but try to avoid over-monitoring employees. Micromanaging can impact the manager-employee relationship and lead to the employee feeling that there is a lack of trust. Remember, the employee needs to be responsible for their own performance and improvement.
    • Check-ins should not just be about the work either. Take some time to check in personally. This is particularly important when managing remotely. It enables you to build a personal relationship with the employee and also keeps you aware if there are other personal issues at play that are impacting their work.
    • So, how do you know what does require performance improvement? There are three key things that you should look for that are clear signals that performance improvement is necessary:
      1. Their performance is fluctuating frequently or significantly.
      2. Their performance has dropped for an extended period of time.
      3. Expectations are consistently not being met.
    • What do you think are some key signs to look for that indicate a performance issue is occurring?

    Managing poor performance virtually: Conducting remote performance conversations

    Video calling

    Always use video calls instead of phone calls when possible so that you don’t lose physical cues and body language.

    Meeting invitations

    Adding HR/your leader to a meeting invite about performance may cause undue stress. Think through who needs to participate and whether they need to be included in the invite itself.

    Communication

    Ensure there are no misunderstandings by setting context for each discussion and having the employee reiterate the takeaways back to you.

    Focus on behavior

    Don’t assume the intent behind the behavior(s) being discussed. Instead, just focus on the behavior itself.

    Policies

    Be sure to adhere to any relevant HR policies and support systems. Working with HR throughout the process will ensure none are overlooked.

    Speaker’s notes:

    There are a few best practices you should follow when having performance conversations:

    • First, if you are in a different work environment than your employee, always use video calls instead of phone calls whenever possible so that you don’t miss out on physical cues and body language. If videoconferencing isn’t the norm, encourage them to turn on their video. Be empathic that it can feel awkward but explain the benefits, and you will both have an easier time communicating and understanding each other.
    • As I’ve mentioned, be considerate of the environment they are in. If they are in the office and you are working remotely, be sure to book a private meeting room for them to go to for the conversation. If they are working from home, be sure to check that they are prepared and able to focus on the conversation.
    • Next, carefully consider who you are adding to the meeting invite and whether it’s necessary for them to be there. Adding HR or your leader to a meeting invite may cause undue stress for the employee.
    • Consider the timing of the invite. Don’t send it out weeks in advance. When a performance problem exists, you’ll want to address it as soon as possible. A day or two of notice would be an ideal approach because it gives them a heads up but will not cause them extended stress or worrying.
    • Be considerate about the timing of the meeting and what else they may have scheduled. For example, a Friday afternoon before they are heading off on vacation or right before they are leading an important client call would not be appropriate timing.
    • As we just mentioned clear communication is critical. Ensure there are no misunderstandings by setting context for each discussion and having the employee reiterate takeaways back to you.
    • Focus on the behavior and don’t assume their intent. It can be tempting to say, “I know you didn’t mean to miss the deadline,” but you don’t know what they intended. Often people are not aware of the impact their behavior can have on others.
    • Lastly, be sure to adhere to any relevant HR policies and support systems. Working with HR throughout the process will ensure nothing is overlooked.

    2.3 Identify challenges of current practices and propose solutions

    30 Minutes

    1. Select one or two challenges from the previous activity.
    2. Identify one solution for each challenge that you can put into action with your own virtual team. Document in the workbook.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Current performance management practices
    • Challenges surrounding performance management

    Output

    • Action plan to move forward

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Effectively Manage Virtual Teams

    Optional Section

    Employee development in a virtual team setting

    There are three main development approaches for both colocated and virtual employees

    Formal Training; Relational Learning; Experimental Learning

    Speaker’s Notes:

    As we have seen, our virtual employees crave more meaningful interactions with their managers. In addition to performance conversations, managers should also be having regular discussions with their employees about their employee development plans. One key component of these discussions is career planning. Whether you are thinking shorter term – how to become better at their current role – or longer term – how to advance beyond their current role – discussions about employee development are a great way to engage employees. Employees are ultimately responsible for creating and executing their own development plans, but managers are responsible for making sure that employees have thought through these plans and helping employees identify opportunities for executing those plans.

    To help us think about our own employee development practices, identify challenges they pose when working with virtual employees, and create solutions to these challenges, it is useful to think about employee development opportunities according to three types:

    1. The first kind of development opportunity is formal training. Formal training is organized and has a clearly defined curriculum and desired outcome. It usually takes the form of a group training session (like this one) or training videos or materials that employees can watch individually and on their own time. These opportunities usually end with a test or assignment that can be used to evaluate the degree to which the participant achieved the desired learning outcomes.
    2. The second kind of development opportunity is relational learning. Perhaps the most common form of this type of learning is coaching or mentoring. By establishing a long-term work relationship, checking in with employees about their daily work and development goals, and sharing their own experiences and knowledge, mentors help employees reflect and draw out learning from everyday, on-the-job development activities. Other examples include a peer support group or communities of practice. In these group settings peers share best practices and work together to overcome challenges.
    3. The third kind of development opportunity is experiential learning. This kind of opportunity provides employees the chance to work on real work problems, and the output of the development work can directly benefit the organization. Most people learn best by doing. On-the-job experiences that are challenging or new can force people to use and develop new skills and knowledge based on what worked effectively and what failed. Examples of experiential learning are on-the-job learning for new hires, stretch assignments, or special projects that take the employee beyond their daily routine and allow them to try new activities and develop competencies that they would not have the chance to develop as part of their regular job.

    According to McLean & Company, organizations should use the “70-20-10” rule as a rough guideline when working with employees to create their development plans: 10% of the plan should be dedicated to formal training opportunities, 20% to relational learning, and 70% to experiential learning. Managers should work with employees to identify their performance and career goals, ensure that their development plans are aligned with these goals, and include an appropriate mixture of all three kinds of development opportunities.

    To help identify challenges and solutions, think about how virtual work arrangements will impact the employee’s ability to leverage each type of opportunity at our organization.

    Here are some examples that can help us start thinking about the kinds of challenges virtual employees on our team face:

    Career Planning

    • One challenge can be identifying a career path that is consistent with working virtually. If switching from a virtual arrangement to an onsite arrangement is not a viable option for an employee, some career paths may not feasibly be open to them (at least as the company is currently organized). For example, if an employee would eventually like to be promoted to a senior leadership role in their business function but all senior leaders are required to work onsite at corporate headquarters, the employee will need to consider whether such a move is possible for them. In some cases employees may be willing to do this, but in others they may not. The important thing is to have these conversations with virtual employees and avoid the assumption that all career paths can be done virtually, since that might not be the case

    Formal Training

    • This is probably the least problematic form of employee development for virtual employees. In many cases this kind of training is scheduled well in advance, so virtual employees may be able to join non-virtual employees in person for some group training. When this is not possible (due to distance, budget, or time zone), many forms of group training can be recorded and watched by virtual employees later. Training videos and training materials can also easily be shared with virtual employees using existing collaboration software.

    Relational Learning

    • One major challenge here is developing a mentoring relationship virtually. As we discussed in the module on performance management, developing relationships virtually can be challenging because people cannot rely upon the kind of informal and spontaneous interactions that occur when people are located in the same office. Mentors and mentees will have to put in more effort and planning to get to know each other and they will have to schedule frequent check-ins so that employees can reflect upon their progress and experience (with the help of their mentors) more often.
    • Time zones and technology may pose potential barriers for certain candidates to be mentors. In some cases, employees that are best qualified to be mentors may not be as comfortable with collaborative software as other mentors or their mentees. If there are large time zone differences, some people who would otherwise be interested in acting as a mentor may be dissuaded. Managers need to take this into consideration if they are connecting employees with mentors or if they are thinking of taking on the mentor role themselves.

    Experiential Learning

    • Virtual employees risk being overlooked for special projects due to the “out of sight, out of mind” bias: When special projects come up, the temptation is to look around the room and see who is the best fit. The problem is, however, that in some cases the highest performers or best fit may not physically be in the room. In these cases it is important for managers to take on an advocate role for their employees and remind other managers that they have good virtual employees on their team that should be included or contacted. It is also important for managers to keep their team informed about these opportunities as often as possible.
    • Sometimes certain projects or certain kinds of work just cannot be done virtually in a company for a variety of reasons. The experiential learning opportunities will not be open to virtual employees. If such opportunities are open to the majority of other workers in this role (potentially putting virtual employees’ career development at a disadvantage relative to their peers), managers should work with their virtual employees to identify alternative experiences. Managers may also want to consider advocating for more or for higher quality experiential learning opportunities at the organization.

    Now that we have considered some general examples of challenges and solutions, let’s look at our own employee development practices and think about the practical steps we can take as managers to improve employee development for our virtual employees.

    Employee development basics

    • Career planning & performance improvement
    • Formal training
    • Relational learning
    • Experiential learning

    Speaker’s Notes:

    [Customize this slide according to your organization’s own policies and processes for employee development. Provide useful images that outline this on the slide, and in these notes describe the processes/policies that are in place. Note: In some cases policies or processes may not be designed with virtual employees or virtual teams in mind. That is okay for the purposes of this training module. In the following activities participants will discuss how they apply these policies and processes with their virtual teams. If your organization is interested in adapting its policies/processes to better support virtual workers, it may be useful to record those conversations to supplement existing policies later.]

    Now that we have considered some general examples of challenges and solutions, let’s look at our own employee development practices and think about the practical steps we can take as managers to improve employee development for our virtual employees.

    2.4 Share current practices for developing employees on a virtual team

    30 Minutes

    1. Brainstorm and list current high-level employee development practices. Record in your workbook.
    2. Discuss current challenges connected to developing virtual employees. Record in your workbook.
    3. Identify one solution for each challenge that you can put into action with your own virtual team.
    4. Discuss as a group.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Current employee development practices
    • Challenges surrounding employee development

    Output

    • Action plan to move forward

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Refine Action Plans

    2.5 Refine your action plan and commit to implementing it

    30 Minutes

    1. Review your action plans for consistency and overlap. Highlight any parts you may struggle to complete.
    2. Meeting with your group, summarize your plans to each other. Provide feedback and discuss each other’s action plans.
    3. Discuss how you can hold each other accountable.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Action items from previous activities.

    Output

    • Action plan to move forward

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Summary of Accomplishment

    • We do not need to go out and learn a new set of manager responsibilities to better manage our virtual teams; rather, we have to “dial up” certain responsibilities we already have or adjust certain approaches that we already take.
    • It is important to set clear expectations. While managers are ultimately responsible for making sure expectations are set and are clearly communicated, they are not the only ones with responsibilities. Employees and managers need to work together to overcome the challenges that virtual work involves.
    • Virtual employees crave meaningful interactions with their managers and team. Managers must take charge in fostering an atmosphere of openness around wellbeing and establish effective performance management strategies. By being proactive with our virtual teams’ wellness and mindful of our performance management habits, we can take significant steps toward keeping these employees engaged and productive.
    • Effective management in virtual contexts requires being more deliberate than is typical in non-virtual contexts. By working as a group to identify challenges and propose solutions, we have helped each other create action plans that we can use going forward to continually improve our management practices.

    If you would like additional support, have our analysts guide you through an info-tech workshop or guided implementation.

    Contact your account representative for more information

    workshops@infotech.com

    1-888-670-8889

    Speaker’s Notes:

    First, let’s take a moment to summarize the key things we have learned today:

    1. We do not need to go out and learn a new set of manager competencies to better manage our virtual teams; rather, we have to “dial up” certain competencies we already have or adjust certain approaches that we already take. In many cases we just need to be more aware of the challenges that virtual communication poses and be more planful in our approaches.
    2. It is important to set clear expectations. While managers are ultimately responsible for making sure expectations are set and clearly communicated, they are not the only ones with responsibilities. Employees and managers need to work together to overcome the challenges that virtual work involves. Making sure that teams have meaningful conversations about expectations, come to a shared understanding of them, and record them will create a firm foundation for all other interactions on the virtual team.
    3. Virtual employees crave meaningful interactions with their managers related to performance and employee development. By creating action plans for improving these kinds of interactions with our teams, we can take significant steps toward keeping these employees engaged and productive.
    4. Effective performance management and employee development in virtual contexts require more planfulness than is required in non-virtual contexts. By working as a group to identify challenges and propose solutions, we have helped each other create action plans that we can use going forward to continually improve our management practices.

    Is there anything that anyone has learned that is not on this list and that they would like to share with the group?

    Finally, were there any challenges identified today that were not addressed?

    [Note to facilitator: Take note of any challenges not addressed and commit to getting back to the participants with some suggested solutions.]

    Additional resources

    Manager Training: Lead Through Change

    Train managers to navigate the interpersonal challenges associated with change management and develop their communication and leadership skills. Upload this LMS module into your learning management system to enable online training.

    Manager Training: Build a Better Manager: Manage Your People

    Management skills training is needed, but organizations are struggling to provide training that makes a long-term difference in the skills managers use in their day to day.

    Many training programs are ineffective because they offer the wrong content, deliver it in a way that is not memorable, and are not aligned with the IT department’s business objectives.

    Blueprint: Manage Poor Performance While Working From Home

    Assess and improve remote work performance with our ready-to-use tools.

    Works Cited

    April, Richard. “10 KPIs Every Sales Manager Should Measure in 2019.” HubSpot, 24 June 2019. Web.

    Banerjea, Peter. “5 Powerful Strategies for Managing a Remote Sales Team.” Badger - Maps for field sales, n.d. Web.

    Bibby, Adrianne. “5 Employers’ Awesome Quotes about Work Flexibility.” FlexJobs, 9 January 2017. Web.

    Brogie, Frank. “The 14 KPIs every field sales rep should strive to improve.” Repsly, 2018. Web.

    Dunn, Julie. “5 smart tips for leading field sales teams.” LevelEleven, March 2015. Web.

    Edinger, Scott. “How great sales leaders coach.” Forbes, 2013. Web.

    “Employee Outlook: Employee Views on Working Life.” CIPD, April 2016. Web.

    Hall, Becki. “The 5 biggest challenges facing remote workers (and how to solve them).” interact, 7 July 2017. Web.

    Hofstede, Geert. “National Cultural Dimensions.” Hofstede Insights, 2012. Web.

    “Inventory of U.S. Greenhouse Gas Emissions and Sinks: 1990-2014 (EPA 430-R-16-002).” Environmental Protection Agency (EPA), 15 April 2016.

    “Latest Telecommuting Statistics.” Global Workplace Analytics, June 2021. Web.

    Knight, Rebecca. “How to manage remote direct reports.” Harvard Business Review, 2015. Web.

    “Rewards and Recognition: 5 ways to show remote worker appreciation.” FurstPerson, 2019. Web.

    Palay, Jonathan. "How to build your sales management cadence." CommercialTribe, 22 March 2018. Web.

    “Sales Activity Management Matrix.” Asian Sales Guru, 2019. Web.

    Smith, Simone. “9 Things to Consider When Recognizing Remote Employees.” hppy, 2018. Web.

    “State of Remote Work 2017.” OWL Labs, 2021. Web.

    “State of the American Workplace.” Gallup, 2017. Web.

    “Telework Savings Potential.” Global Workplace Analytics, June 2021. Web.

    “The Future of Jobs Employment Trends.” World Economic Forum, 2016. Web.

    “The other COVID-19 crisis: Mental health.” Qualtrics, 14 April 2020. Web.

    Thompson, Dan. “The straightforward truth about effective sales leadership.” Sales Hacker, 2017. Web.

    Tsipursky, Gleb. “Remote Work Can Be Better for Innovation Than In-Person Meetings.” Scientific American, 14 Oct. 2021. Web.

    Walsh, Kim. “New sales manager? Follow this guide to crush your first quarter.” HubSpot, May 2019. Web.

    “What Leaders Need to Know about Remote Workers: Surprising Differences in Workplace Happiness and Relationships.” TINYpulse, 2016.

    Zenger, Jack, and Joe Folkman. “Feedback: The Leadership Conundrum.” Talent Quarterly: The Feedback Issue, 2015.

    Contributors

    Anonymous CAMH Employee

    Reinforce End-User Security Awareness During Your COVID-19 Response

    • Buy Link or Shortcode: {j2store}311|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Endpoint Security
    • Parent Category Link: /endpoint-security

    Without the control over the areas in which employees are working, businesses are opening themselves up to a greater degree of risk during the pandemic. How does a business raise awareness for employees who are going to be working remotely?

    Our Advice

    Critical Insight

    • An expanding remote workforce requires training efforts to evolve to include the unique security threats that face remote end users.
    • By presenting security as a personal and individualized issue, you can make this new personal focus a driver for your organizational security awareness and training program.

    Impact and Result

    • Teach remote end users how to recognize current cyberattacks before they fall victim and turn them into active barriers against cyberattacks.
    • Use Info-Tech’s blueprint and materials to build a customized training program that uses best practices.

    Reinforce End-User Security Awareness During Your COVID-19 Response Research & Tools

    Start here

    COVID-19 is forcing many businesses to expand their remote working capabilities further than before. Using this blueprint, see how to augment your existing training or start from scratch during a remote work situation.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Reinforce End-User Security Awareness During Your COVID-19 Response Storyboard
    • Security Awareness and Training Program Development Tool
    • Security Awareness and Training Metrics Tool
    • End-User Security Knowledge Test Template

    1. Training Materials

    Use Info-Tech’s training materials to get you started on remote training and awareness.

    • Training Materials – Phishing
    • Training Materials – Incident Response
    • Training Materials – Cyber Attacks
    • Training Materials – Web Usage
    • Training Materials – Physical Computer Security
    • Training Materials – Mobile Security
    • Training Materials – Passwords
    • Training Materials – Social Engineering
    • Security Training Email Templates
    [infographic]

    Identify and Manage Operational Risk Impacts on Your Organization

    • Buy Link or Shortcode: {j2store}230|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management

    More than any other time, our world is changing. As a result, organizations – and their vendors – need to be able to adapt their plans to accommodate risk on an unprecedented level.

    A new threat will impact your organization's operations at some point. Make sure your plans are flexible enough to manage the inevitable consequences and that you understand where those threats may originate.

    Our Advice

    Critical Insight

    • Identifying and managing a vendor’s potential operational impact on your organization requires multiple people in the organization across several functions. Those people all need coaching on the potential changes in the market and how these changes may affect operations.
    • Organizational leadership is often taken unaware during crises, and their plans lack the flexibility to adjust to significant market upheavals.

    Impact and Result

    Vendor management practices educate organizations on the different potential risks from vendors in your market and suggest creative and alternative ways to avoid and help manage them.

    • Prioritize and classify your vendors with quantifiable, standardized rankings.
    • Prioritize focus on your high-risk vendors.
    • Standardize your processes for identifying and monitoring vendor risks to manage potential impacts with our Operational Risk Impact Tool.

    Identify and Manage Operational Risk Impacts on Your Organization Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify and Manage Operational Risk Impacts to Your Organization Storyboard – Use this research to better understand the negative impacts of vendor actions to your brand reputation.

    Use this research to identify and quantify the potential operational impacts caused by vendors. Utilize Info-Tech's approach to look at the operational impact from various perspectives to better prepare for issues that may arise.

    • Identify and Manage Operational Risk Impacts to Your Organization Storyboard

    2. Operational Risk Impact Tool – Use this tool to help identify and quantify the operational impacts of negative vendor actions.

    By playing the “what if” game and asking probing questions to draw out – or eliminate - possible negative outcomes, everyone involved adds their insight into parts of the organization to gather a comprehensive picture of potential impacts.

    • Operational Risk Impact Tool
    [infographic]

    Further reading

    Identify and Manage Operational Risk Impacts on Your Organization

    Understand internal and external vendor risks to avoid potential disaster.

    Analyst perspective

    Organizations need to be aware of the operational damage vendors may cause to plan around those impacts effectively.

    Frank Sewell

    Organizations must be mindful that operational risks come from internal and external vendor sources. Missing either component in the overall risk assessment can significantly impact day-to-day business processes that cost revenue, delay projects, and lead to customer dissatisfaction.

    Frank Sewell,

    Research Director, Vendor Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    More than any other time, our world is changing rapidly. As a result, organizations – and their vendors – need to be able to adapt their plans to accommodate risk on an unprecedented level.

    A new threat will impact your organization's operations at some point. Make sure your plans are flexible enough to manage the inevitable consequences and that you understand where those threats may originate.

    Common Obstacles

    Identifying and managing a vendor’s potential operational impact on your organization requires multiple people in the organization across several functions. Those people all need coaching on the potential changes in the market and how these changes may affect operations.

    Organizational leadership is often taken unaware during crises, and their plans lack the flexibility to adjust to significant market upheavals.

    Info-Tech's Approach

    Vendor management practices educate organizations on the different potential risks from vendors in your market and suggest creative and alternative ways to avoid and help manage them.

    Prioritize and classify your vendors with quantifiable, standardized rankings.

    Prioritize focus on your high-risk vendors.

    Standardize your processes for identifying and monitoring vendor risks to manage potential impacts with our Operational Risk Impact Tool.

    Info-Tech Insight

    Organizations must evolve their risk assessments to be more adaptive to respond to threats in the market. Ongoing monitoring of the vendors tied to company operations, and understanding where those vendors impact your operations, is imperative to avoiding disasters.

    Info-Tech’s multi-blueprint series on vendor risk assessment

    There are many individual components of vendor risk beyond cybersecurity.

    There are many components to vendor risk, including: Financial, Reputational, Operational, Strategic, Security, Regulatory & Compliance.

    This series will focus on the individual components of vendor risk and how vendor management practices can facilitate organizations’ understanding of those risks.

    Out of Scope:
    This series will not tackle risk governance, determining overall risk tolerance and appetite, or quantifying inherent risk.

    Operational risk impacts

    Potential losses to the organization due to incidents that affect operations.

    • In this blueprint we’ll explore operational risks, particularly from third-party vendors, and their impacts.
    • Identify potentially disruptive events to assess the overall impact on organizations and implement adaptive measures to identify, manage, and monitor vendor performance.
    Operational

    The world is constantly changing

    The IT market is constantly reacting to global influences. By anticipating changes, leaders can set expectations and work with their vendors to accommodate them.

    When the unexpected happens, being able to adapt quickly to new priorities ensures continued long-term business success.

    Below are some things no one expected to happen in the last few years:

    27%

    Businesses are changing their internal processes around TPRM in response to the Pandemic.

    70%

    Of organizations attribute a third-party breach to too much privileged access.

    85%

    Of breaches involved human factors (phishing, poor passwords, etc.).

    Assess internal and external operational risk impacts

    Due diligence and consistent monitoring are the keys to safeguarding your organization.

    Two sides of the Same Coin

    Internal

    • Poorly vetted supplemental staff
    • Bad system configurations
    • Lack of relevant skills
    • Poor vendor performance
    • Failure to follow established processes
    • Weak contractual accountability
    • Unsupportable or end-of-life system components

    External

    • Cyberattacks
    • Supply Chain Issues
    • Geopolitical Disruptions
    • Vendor Acquisitions
    • N-Party Non-Compliance
    • Vendor Fraud

    Operational risk is the risk of losses caused by flawed or failed processes, policies, systems, or events that disrupt business operations.

    - Wikipedia

    Internal operational risk

    Vendors operating within your secure perimeter can open your organization to substantial risk.

    Frequently monitor your internal process around vendor management to ensure safe operations.

    • Poorly vetted supplemental staff
    • Bad system configurations
    • Lack of relevant skills
    • Poor vendor performance
    • Failure to follow established processes
    • Weak contractual accountability
    • Unsupportable or end-of-life system components

    Info-Tech Insight

    You may have solid policies, but if your employees and vendors are not following them, they will not protect the organization.

    External operational risks

    • Cyberattacks
    • Supplier issues and geopolitical instability
    • Vendor acquisitions
    • N-party vendor non-compliance

    Identify and manage operational risks

    Poorly configured systems

    Failing to ensure that your vendor-supported systems are properly configured and that your vendors are meeting your IT change control and configuration standards is more commonplace than expected. Proper oversight and management of your support vendors are crucial to ensure they are meeting expectations in this regard.

    Failure to follow processes

    Most companies have policies and procedures around IT change and configuration control, security standards, risk management, vendor performance standards, etc. While having these processes is a good start, failure to perform continuous monitoring and management of these leads to increased risks of incidents.

    Supply chain disruptions

    Awareness of the supply chain's complications, and each organization's dependencies, are increasing for everyone. However, most organizations still do not understand the chain of n-party vendors that support their specific vendors or how interruptions in their supply chains could affect them. The 2022 Toyota shutdown due to Kojima is a perfect example of how one essential parts vendor could shut down your operations.

    What to look for

    Identify operational risk impacts

    • Does the vendor have a business continuity plan they will share for your review?
    • Is the vendor operating on old hardware that may be out of warranty or at end of life?
    • Is the vendor operating on older software or shareware that may lack the necessary patches?
    • Does the vendor self-audit, or do they use a vetted third-party audit firm to issue a SOC report annually?
    • Does the vendor have sufficient personnel in acceptable regions to support your operations?
    • Is the vendor willing to make concessions on contractual protections, or are they only offering “one-sided” agreements with “as-is” warranties?

    Operational risks

    Not knowing where your risks come from creates additional risks to operations.

    • Supply chain disruptions and global shortages.
      • Geopolitical disruptions and natural disasters have caused unprecedented interruptions to business. Do you know where your critical vendors are getting their supplies? Are you aware of their business continuity plans to accommodate for those interruptions?
    • Poor vendor performance.
      • Organizations need to understand where vendors are acting in their operations and manage the impact of replacing that vendor and cutting their losses rather than continuing to throw good money away after a bad performance.
    • Vendor acquisitions.
      • A lot of acquisition is going on in the market today. Large companies are buying competitors, imposing new terms on customers, or removing competing products from the market. Understand your options if a vendor is acquired by a company with which you do not wish to be in a relationship.

    It is important to identify where potential risks to your operations may come from to manage and potentially eliminate them from impacting your organization.

    Info-Tech Insight

    Most organizations realize that their vendors could operationally affect them if an incident occurs. Still, they fail to follow the chain of events that might arise from those incidents to understand the impact fully.

    Prepare your vendor risk management for success

    Due diligence will enable successful outcomes.

    1. Obtain top-level buy-in; it is critical to success.
    2. Build enterprise risk management (ERM) through incremental improvement.
    3. Focus initial efforts on the “big wins” to prove the process works.
    4. Use existing resources.
    5. Build on any risk management activities that already exist in the organization.
    6. Socialize ERM throughout the organization to gain additional buy‑in.
    7. Normalize the process long term with ongoing updates and continuing education for the organization.

    How to assess third-party operational risk

    1. Review Organizational Operations

      Understand the organization’s operational risks to prepare for the “what if” game exercise.
    2. Identify and Understand Potential Operational Risks

      Play the “what if” game with the right people at the table.
    3. Create a Risk Profile Packet for Leadership

      Pull all the information together in a presentation document.
    4. Validate the Risks

      Work with leadership to ensure that the proposed risks are in line with their thoughts.
    5. Plan to Manage the Risks

      Lower the overall risk potential by putting mitigations in place.
    6. Communicate the Plan

      It is important not only to have a plan but also to socialize it in the organization for awareness.
    7. Enact the Plan

      Once the plan is finalized and socialized, put it in place with continued monitoring for success.

    Insight summary

    Operational risk impacts often come from unexpected places and have unforeseen impacts. Knowing where your vendors place in critical business processes and those vendors' business continuity plans concerning your organization should be a priority for those who manage the vendors.

    Insight 1

    Organizations fail to plan for vendor acquisitions appropriately.

    Vendors routinely get acquired in the IT space. Does your organization have appropriate safeguards from inadvertently entering a negative relationship? Do you have plans around replacing critical vendors purchased in such a manner?

    Insight 2

    Organizations often fail to understand how they factor into a vendor’s business continuity plan.

    If one of your critical vendors goes down, do you know how they intend to re-establish business? Do you know how you factor into their priorities?

    Insight 3

    Organizations need to have a comprehensive understanding of how their vendor-managed systems integrate with Operations.

    Do you understand where in the business processes vendor-supported systems lie? Do you have contingencies around disruptions that account for those pieces missing from the process?

    Identifying operational vendor risk

    Who should be included in the discussion

    • While it is true that executive-level leadership defines the strategy for an organization, it is vital for those making decisions to make informed decisions.
    • Getting input from operational experts at your organization will enhance your organization's long-term potential for success.
    • Involving those who not only directly manage vendors but also understand your business processes will aid in determining the forward path for relationships with your current vendors and identifying new emerging potential partners.

    See the blueprint Build an IT Risk Management Program

    Review your operational plans for new risks on a regular basis.

    Keep in mind Risk = Likelihood x Impact (R=L*I).

    Impact (I) tends to remain the same, while Likelihood (L) is becoming closer to 100% as threat actors become more prevalent

    Managing vendor operational risk impacts

    What can we realistically do about the risks?

    • Review vendors’ business continuity plans and disaster recovery testing.
      • Understand your priority in their plans.
    • Institute proper contract lifecycle management.
      • Make sure to follow corporate due diligence and risk assessment policies and procedures.
      • Failure to do so consistently can be a recipe for disaster.
    • Develop IT governance and change control.
    • Introduce continual risk assessment to monitor the relevant vendor markets.
      • Regularly review your operational plans for new risks and evolving likelihoods.
      • Risk = Likelihood x Impact (R=L*I).
        • Impact (I) tends to remain the same and be well understood, while Likelihood (L) may often be considered 100%.
    • Be adaptable and allow for innovations that arise from the current needs.
      • Capture lessons learned from prior incidents to improve over time and adjust your plans accordingly.

    Organizations need to review their organizational risk plans, considering the placement of vendors in their operations.

    Pandemics, extreme weather, and wars that affect global supply chains are current realities, not unlikely scenarios.

    Ongoing improvement

    Incorporating lessons learned

    • Over time, despite everyone’s best observations and plans, incidents will catch us off guard.
    • When it happens, follow your incident response plans and act accordingly.
    • An essential step is to document what worked and what did not – collectively known as the “lessons learned.”
    • Use the lessons learned document to devise, incorporate, and enact a better risk management process.

    Sometimes disasters occur despite our best plans to manage them.

    When this happens, it is important to document the lessons learned and improve our plans going forward.

    The "what if" game

    1-3 hours

    Vendor management professionals are in an excellent position to help senior leadership identify and pull together resources across the organization to determine potential risks. By playing the "what if" game and asking probing questions to draw out – or eliminate – possible adverse outcomes, everyone involved adds their insight into parts of the organization to gather a comprehensive picture of potential impacts.

    • Break into smaller groups (or if too small, continue as a single group).
    • Use the Operational Risk Impact Tool to prompt discussion on potential risks. Keep this discussion flowing organically to explore all potentials but manage the overall process to keep the discussion pertinent and on track.
    • Collect the outputs and ask the subject matter experts (SMEs) for management options for each one in order to present a comprehensive risk strategy. You will use this to educate senior leadership so that they can make an informed decision to accept or reject the solution.

    Download the Operational Risk Impact Tool

    Input

    • List of identified potential risk scenarios scored by likelihood and operational impact
    • List of potential management of the scenarios to reduce the risk

    Output

    • Comprehensive operational risk profile on the specific vendor solution

    Materials

    • Whiteboard/flip charts
    • Operational Risk Impact Tool to help drive discussion

    Participants

    • Vendor Management – Coordinator
    • Organizational Leadership
    • Operations Experts (SMEs)
    • Legal/Compliance/Risk Manager

    High risk example from tool

    Sample Questions to Ask to Identify Impacts. Lists questions impact score, weight, question and comments or notes.

    Being overly reliant on a single talented individual can impose risk to your operations. Make sure you include resiliency in your skill sets for critical business practices.

    Impact score and level. Each score for impacts are unique to the organization.

    Low risk example from tool

    Sample Questions to Ask to Identify Impacts. Lists questions impact score, weight, question and comments or notes. Impact score and level. Each score for impacts are unique to the organization.

    Summary

    Seek to understand all aspects of your operations.

    • Organizations need to understand and map out where vendors are critical to their operations.
    • Those organizations that consistently follow their established risk assessment and due diligence processes will be better positioned to avoid disasters.
    • Bring the right people to the table to outline potential risks in the market and your organization.
    • Understand how your vendors prioritize your organization in their business continuity processes.
    • Incorporate “lessons learned” from prior incidents into your risk management process to build better plans for future issues.

    Organizations must evolve their operational risk assessments considering their vendor portfolio.

    Ongoing monitoring of the market and the vendors tied to company operations is imperative to avoiding disaster.

    Related Info-Tech Research

    Identify and Manage Financial Risk Impacts on Your Organization

    • Vendor management practices educate organizations on the different potential financial impacts that vendors may incur and suggest systems to help manage them.
    • Standardize your processes for identifying and monitoring vendor risks to manage financial impacts with our Financial Risk Impact Tool.

    Identify and Manage Reputational Risk Impacts on Your Organization

    • Vendor management practices educate organizations on the different potential risks to vendors in your market and suggest creative and alternative ways to avoid and help manage them.
    • Standardize your processes for identifying and monitoring vendor risks to manage potential impacts on your reputation and brand with our Reputational Risk Impact Tool.

    Identify and Manage Strategic Risk Impacts on Your Organization

    • Vendor management practices educate organizations on the different potential risks to vendors in your market and suggest creative and alternative ways to avoid and help manage them.
    • Standardize your processes for identifying and monitoring vendor risks to manage potential impacts on your strategic plan with our Strategic Risk Impact Tool.

    Bibliography

    “Weak Cybersecurity is taking a toll on Small Businesses.” Tripwire. August 7, 2022.

    SecureLink 2022 White Paper SL_Page_EA+PAM (rocketcdn.me)

    Member Poll March 2021 "Guide: Evolving Work Environments Impact of Covid-19 on Profile and Management of Third Parties.“ Shared Assessments. March 2021.

    “Operational Risk.” Wikipedia.

    Tonello, Matteo. “Strategic Risk Management: A Primer for Directors.” Harvard Law School Forum on Corporate Governance, August 23, 2012.

    Frigo, Mark L., and Richard J. Anderson. “Embracing Enterprise Risk Management: Practical Approaches for Getting Started.” COSO, 2011.

    Migrate to Office 365 Now

    • Buy Link or Shortcode: {j2store}292|cart{/j2store}
    • member rating overall impact (scale of 10): 9.3/10 Overall Impact
    • member rating average dollars saved: $19,928 Average $ Saved
    • member rating average days saved: 9 Average Days Saved
    • Parent Category Name: End-User Computing Applications
    • Parent Category Link: /end-user-computing-applications
    • As Microsoft continues to push Office 365, the transition to Office 365 has likely already been decided, but uncertainty surrounds the starting point and the best path forward.
    • The lack of a clear migration process that considers all the relevant risks and opportunities creates significant ambiguity around an Office 365 migration.
    • As organizations migrate to Office 365, the change in Office’s licensing structure presents obscurity in spending that could cost the business tens of thousands of unnecessary dollars spent if not approached strategically.
    • The fear of overlooking risks regarding the cloud, data, and existing infrastructure threatens to place IT in a position of project paralysis.

    Our Advice

    Critical Insight

    • Many businesses are opting for a one-size-fits-all licensing strategy. Without selecting licensing to suit actual user needs, you will oversupply users and overspend on licensing.
    • Jumping into an Office 365 migration project without careful thought of the risks of a cloud migration will lead to project halt and interruption. Intentionally plan in order to expose risk to develop project foresight for a smooth migration.
    • A migration to Office 365 represents a significant change in the way users interact with Office. Be careful not to forget about the user as you take on the project. Engage the users consistently for a smooth transition.

    Impact and Result

    • Start by evaluating the business, users, and infrastructure requirements to ensure that all needs are clearly defined and the best fit-for-purpose migration plan can be decided on.
    • Assess the underlying risk associated with a migration to the cloud and build mitigation strategies to counter risk or impending issues and identify project interruptions before they happen.
    • Build a roadmap through a logical step-by-step process to outline major milestones and develop a communication plan to engage users throughout the migration. Demonstrate IT’s due diligence by relaying the project findings and results back to the business using Info-Tech’s Office 365 migration plan.

    Migrate to Office 365 Now Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should migrate to Office 365 now, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Evaluate requirements and licensing

    Evaluate the business, user, and infrastructure requirements to ensure that all needs are clearly defined and the best fit-for-purpose migration plan can be decided on.

    • Migrate to Office 365 Now – Phase 1: Evaluate Requirements and Licensing
    • Office 365 Migration Plan Report
    • Office 365 Migration Workbook

    2. Mitigate key risks of the cloud

    Expose key cloud risks across five major areas and build mitigation strategies to counter risk and gain foresight for migration.

    • Migrate to Office 365 Now – Phase 2: Mitigate Key Risks of the Cloud

    3. Build the roadmap

    Outline major milestones of migration and build the communication plan to transition users smoothly. Complete the Office 365 migration plan report to present to business stakeholders.

    • Migrate to Office 365 Now – Phase 3: Build the Roadmap
    • End-User Engagement Template
    [infographic]

    Workshop: Migrate to Office 365 Now

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Evaluate Office 365 License Needs

    The Purpose

    Review corporate and project goals.

    Review and prioritize relevant services and applications to shape the migration path.

    Review Office 365 license models.

    Profile end users to rightsize licensing.

    Estimate dollar impact of new licensing model.

    Key Benefits Achieved

    Corporate goals for Office 365.

    Prioritized migration path of applications.

    Decision on user licensing structure.

    Projected cost of licensing.

    Activities

    1.1 Outline corporate and project goals to paint the starting line.

    1.2 Review and prioritize services.

    1.3 Rightsize licensing.

    Outputs

    Clear goals and metrics for migration

    Prioritized list of applications

    Effective licensing structure

    2 Assess Value, Readiness, and Risks

    The Purpose

    Conduct value and readiness assessment of current on-premises services.

    Identify and evaluate risks and challenges.

    Assess IT’s readiness to own and manage Office 365.

    Key Benefits Achieved

    Completed value and readiness assessment.

    Current targets for service and deployment models.

    List of perceived risks according to five major risk areas.

    Assessed IT’s readiness to own and manage Office 365.

    Established go/caution/stop for elected Office 365 services.

    Activities

    2.1 Assess value and readiness.

    2.2 Identify key risks.

    2.3 Identify changes in IT skills and roles.

    Outputs

    Cloud service appropriateness assessment

    Completed risk register

    Reorganization of IT roles

    3 Mitigate Risks

    The Purpose

    Review Office 365 risks and discuss mitigation strategies.

    Key Benefits Achieved

    Completed risks and mitigation strategies report.

    Activities

    3.1 Build mitigation strategies.

    3.2 Identify key service requests.

    3.3 Build workflows.

    Outputs

    Defined roles and responsibilities

    Assigned decision rights

    List of staffing gaps

    4 Build the Roadmap

    The Purpose

    Build a timeline of major milestones.

    Plan and prioritize projects to bridge gaps.

    Build a communication plan.

    Review Office 365 strategy and roadmap.

    Key Benefits Achieved

    Milestone roadmap.

    Critical path of milestone actions.

    Communication plan.

    Executive report.

    Activities

    4.1 Outline major milestones.

    4.2 Finalize roadmap.

    4.3 Build and refine the communication plan.

    Outputs

    Roadmap plotted projects, decisions, mitigations, and user engagements

    Finalized roadmap across timeline

    Communication and training plan

    Select and Use SDLC Metrics Effectively

    • Buy Link or Shortcode: {j2store}150|cart{/j2store}
    • member rating overall impact (scale of 10): 9.4/10 Overall Impact
    • member rating average dollars saved: $2,991 Average $ Saved
    • member rating average days saved: 32 Average Days Saved
    • Parent Category Name: Development
    • Parent Category Link: /development
    • Your organization wants to implement (or revamp existing) software delivery metrics to monitor performance as well as achieve its goals.
    • You know that metrics can be a powerful tool for managing team behavior.
    • You also know that all metrics are prone to misuse and mismanagement, which can lead to unintended consequences that will harm your organization.
    • You need an approach for selecting and using effective software development lifecycle (SDLC) metrics that will help your organization to achieve its goals while minimizing the risk of unintended consequences.

    Our Advice

    Critical Insight

    • Metrics are powerful, dangerous, and often mismanaged, particularly when they are tied to reward or punishment. To use SDLC metrics effectively, know the dangers, understand good practices, and then follow Info-Tech‘s TAG (team-oriented, adaptive, and goal-focused) approach to minimize risk and maximize impact.

    Impact and Result

    • Begin by understanding the risks of metrics.
    • Then understand good practices associated with metrics use.
    • Lastly, follow Info-Tech’s TAG approach to select and use SDLC metrics effectively.

    Select and Use SDLC Metrics Effectively Research & Tools

    Start here – read the Executive Brief

    Understand both the dangers and good practices related to metrics, along with Info-Tech’s TAG approach to the selection and use of SDLC metrics.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Understand the dangers of metrics

    Explore the significant risks associated with metrics selection so that you can avoid them.

    • Select and Use SDLC Metrics Effectively – Phase 1: Understand the Risks of Metrics

    2. Know good practices related to metrics

    Learn about good practices related to metrics and how to apply them in your organization, then identify your team’s business-aligned goals to be used in SDLC metric selection.

    • Select and Use SDLC Metrics Effectively – Phase 2: Know Good Practices Related to Metrics
    • SDLC Metrics Evaluation and Selection Tool

    3. Rank and select effective SDLC metrics for your team

    Follow Info-Tech’s TAG approach to selecting effective SDLC metrics for your team, create a communication deck to inform your organization about your selected SDLC metrics, and plan to review and revise these metrics over time.

    • Select and Use SDLC Metrics Effectively – Phase 3: Rank and Select Effective SDLC Metrics for Your Team
    • SDLC Metrics Rollout and Communication Deck
    [infographic]

    Workshop: Select and Use SDLC Metrics Effectively

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand the Dangers of Metrics

    The Purpose

    Learn that metrics are often misused and mismanaged.

    Understand the four risk areas associated with metrics: Productivity loss Gaming behavior Ambivalence Unintended consequences

    Productivity loss

    Gaming behavior

    Ambivalence

    Unintended consequences

    Key Benefits Achieved

    An appreciation of the dangers associated with metrics.

    An understanding of the need to select and manage SDLC metrics carefully to avoid the associated risks.

    Development of critical thinking skills related to metric selection and use.

    Activities

    1.1 Examine the dangers associated with metric use.

    1.2 Share real-life examples of poor metrics and their impact.

    1.3 Practice identifying and mitigating metrics-related risk.

    Outputs

    Establish understanding and appreciation of metrics-related risks.

    Solidify understanding of metrics-related risks and their impact on an organization.

    Develop the skills needed to critically analyze a potential metric and reduce associated risk.

    2 Understand Good Practices Related to Metrics

    The Purpose

    Develop an understanding of good practices related to metric selection and use.

    Introduce Info-Tech’s TAG approach to metric selection and use.

    Identify your team’s business-aligned goals for SDLC metrics.

    Key Benefits Achieved

    Understanding of good practices for metric selection and use.

    Document your team’s prioritized business-aligned goals.

    Activities

    2.1 Examine good practices and introduce Info-Tech’s TAG approach.

    2.2 Identify and prioritize your team’s business-aligned goals.

    Outputs

    Understanding of Info-Tech’s TAG approach.

    Prioritized team goals (aligned to the business) that will inform your SDLC metric selection.

    3 Rank and Select Your SDLC Metrics

    The Purpose

    Apply Info-Tech’s TAG approach to rank and select your team’s SDLC metrics.

    Key Benefits Achieved

    Identification of potential SDLC metrics for use by your team.

    Collaborative scoring/ranking of potential SDLC metrics based on their specific pros and cons.

    Finalize list of SDLC metrics that will support goals and minimize risk while maximizing impact.

    Activities

    3.1 Select your list of potential SDLC metrics.

    3.2 Score each potential metric’s pros and cons against objectives using a five-point scale.

    3.3 Collaboratively select your team’s first set of SDLC metrics.

    Outputs

    A list of potential SDLC metrics to be scored.

    A ranked list of potential SDLC metrics.

    Your team’s first set of goal-aligned SDLC metrics.

    4 Create a Communication and Rollout Plan

    The Purpose

    Develop a rollout plan for your SDLC metrics.

    Develop a communication plan.

    Key Benefits Achieved

    SDLC metrics.

    A plan to review and adjust your SDLC metrics periodically in the future.

    Communication material to be shared with the organization.

    Activities

    4.1 Identify rollout dates and responsible individuals for each SDLC metric.

    4.2 Identify your next SDLC metric review cycle.

    4.3 Create a communication deck.

    Outputs

    SDLC metrics rollout plan

    SDLC metrics review plan

    SDLC metrics communication deck

    Find Value With Cloud Asset Management

    • Buy Link or Shortcode: {j2store}61|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Asset Management
    • Parent Category Link: /asset-management
    • Spending on cloud platforms and software-as-a-service (SaaS) is growing, and with spending comes waste.
    • The barriers are drastically lower for purchasing SaaS and cloud services as compared to traditional IT components.
    • Skills gap: IT asset managers tend not to have the skills to optimize spending on cloud platforms.
    • New space, new tools: The IT asset management market space is still developing cloud asset management and SaaS management capabilities. Practitioners must rely on cloud optimization tools in the meantime.

    Our Advice

    Critical Insight

    • IT asset managers are uniquely suited to provide value here. They already optimize costs and manage assets.
    • Scope creep is a killer. Focus first on your highest value, highest risk cloud instances.
    • Don’t completely centralize. Central oversight is powerful, but outsource some responsibility to the business.

    Impact and Result

    • Introduce governance: Work with developers, power business users, and infrastructure groups to define a governance approach to cloud assets and to SaaS.
    • Standardize high-impact, low-effort cloud services: Focus your efforts where they will have the most value and in places where you can provide early value.
    • Update your processes: Ensure that your asset registers and your configuration management database is up to date when cloud assets are provisioned and quiesced.

    Find Value With Cloud Asset Management Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should implement IT asset management for cloud instances and SaaS, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define cloud asset management

    Define when a cloud instance is an asset, and what it means for the asset to be managed.

    • Find Value With Cloud Asset Management – Phase 1: Define Cloud Asset Management
    • Cloud Asset Management Standard Operating Procedures
    • Cloud Instance Provisioning Standards Checklist

    2. Build cloud asset management practices

    Develop an approach to auditing and optimizing cloud assets.

    • Find Value With Cloud Asset Management – Phase 2: Build Cloud Asset Management Practices
    • Cloud Asset Management Policy
    • Monthly Cloud Asset Optimization Checklist
    • Strategic Infrastructure Roadmap Tool
    [infographic]

    Prepare Your Organization to Successfully Embrace the “New Normal”

    • Buy Link or Shortcode: {j2store}422|cart{/j2store}
    • member rating overall impact (scale of 10): 9.3/10 Overall Impact
    • member rating average dollars saved: $61,749 Average $ Saved
    • member rating average days saved: 2 Average Days Saved
    • Parent Category Name: DR and Business Continuity
    • Parent Category Link: /business-continuity
    • The COVID-19 pandemic is creating significant challenges across every sector, but even the deepest crisis will eventually pass. However, many of the changes it has brought to how organizations function are here to stay.
    • As an IT leader, it can be challenging to envision what this future state will look like and how to position IT as a trusted partner to the business to help steer the ship as the crisis abates.

    Our Advice

    Critical Insight

    • Organizations need to cast their gaze into the “New Normal” and determine an appropriate strategy to stabilize their operations, mitigate ongoing challenges, and seize new opportunities that will be presented in a post-COVID-19 world.
    • IT needs to understand the key trends and permanent changes that will exist following the crisis and develop a proactive roadmap for rapidly adapting their technology stack, processes, and resourcing to adjust to the new normal.

    Impact and Result

    • Info-Tech recommends a three-step approach for adapting to the new normal: begin by surveying crucial changes that will occur as a result of the COVID-19 pandemic, assess their relevance to your organization’s unique situation, and create an initiatives roadmap to support the new normal.
    • This mini-blueprint will examine five key themes: changing paradigms for remote work, new product delivery models, more self-service options for customers, greater decentralization and agility for organizational decision making, and a renewed emphasis on security architecture.

    Prepare Your Organization to Successfully Embrace the “New Normal” Research & Tools

    Read the Research

    Understand the five key trends that will persist after the pandemic has passed and create a roadmap of initiatives to help your organization adapt to the "New Normal."

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Prepare Your Organization to Successfully Embrace the “New Normal” Storyboard
    [infographic]

    Build a Data Classification MVP for M365

    • Buy Link or Shortcode: {j2store}67|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: End-User Computing Applications
    • Parent Category Link: /end-user-computing-applications
    • Resources are the primary obstacle to getting a foot hold in O365 governance, whether it is funding or FTE resources.
    • Data is segmented and is difficult to analyze when you can’t see it or manage the relationships between sources.
    • Organizations expect results early and quickly and a common obstacle is that building a proper data classification framework can take more than two years and the business can't wait that long.

    Our Advice

    Critical Insight

    • Data classification is the lynchpin to ANY effective governance of O/M365 and your objective is to navigate through this easily and effectively and build a robust, secure, and viable governance model.
    • Start your journey by identifying what and where your data is and how much data you have. You need to understand what sensitive data you have and where it is stored before you can protect it or govern that data.
    • Ensure there is a high-level leader who is the champion of the governance objective.

    Impact and Result

    • Using least complex sensitivity labels in your classification are your building blocks to compliance and security in your data management schema; they are your foundational steps.

    Build a Data Classification MVP for M365 Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build a Data Classification MVP for M365 Deck – A guide for how to build a minimum-viable product for data classification that end users will actually use.

    Discover where your data resides, what governance helps you do, and what types of data you're classifying. Then build your data and security protection baselines for your retention policy, sensitivity labels, workload containers, and both forced and unforced policies.

    • Build a Data Classification MVP for M365 Storyboard
    [infographic]

    Further reading

    Build a Data Classification MVP for M365

    Kickstart your governance with data classification users will actually use!

    Executive Summary

    Info-Tech Insight

    • Creating an MVP gets you started in data governance
      Information protection and governance are not something you do once and then you are done. It is a constant process where you start with the basics (a minimum-viable product or MVP) and enhance your schema over time. The objective of the MVP is reducing obstacles to establishing an initial governance position, and then enabling rapid development of the solution to address a variety of real risks, including data loss prevention (DLP), data retention, legal holds, and data labeling.
    • Define your information and protection strategy
      The initial strategy is to start looking across your organization and identifying your customer data, regulatory data, and sensitive information. To have a successful data protection strategy you will include lifecycle management, risk management, data protection policies, and DLP. All key stakeholders need to be kept in the loop. Ensure you keep track of all available data and conduct a risk analysis early. Remember, data is your highest valued intangible asset.
    • Planning and resourcing are central to getting started on MVP
      A governance plan and governance decisions are your initial focus. Create a team of stakeholders that include IT and business leaders (including Legal, Finance, HR, and Risk), and ensure there is a top-level leader who is the champion of the governance objective, which is to ensure your data is safe, secure, and not prone to leakage or theft, and maintain confidentiality where it is warranted.

    Executive Summary

    Your Challenge
    • Today, the amount of data companies are gathering is growing at an explosive rate. New tools are enabling unforeseen channels and ways of collaborating.
    • Combined with increased regulatory oversight and reporting obligations, this makes the discovery and management of data a massive undertaking. IT can’t find and protect the data when the business has difficulty defining its data.
    • The challenge is to build a framework that can easily categorize and classify data yet allows for sufficient regulatory compliance and granularity to be useful. Also, to do it now because tomorrow is too late.
    Common Obstacles

    Data governance has several obstacles that impact a successful launch, especially if governing M365 is not a planned strategy. Below are some of the more common obstacles:

    • Resources are the primary obstacle to starting O365 governance, whether it is funding or people.
    • Data is segmented and is difficult to analyze when you can’t see it or manage the relationships between sources.
    • Organizations expect results early and quickly and a common obstacle is that building a "proper data classification framework” is a 2+ year project and the business can't wait that long.
    Info-Tech’s Approach
    • Start with the basics: build a minimum-viable product (MVP) to get started on the path to sustainable governance.
    • Identify what and where your data resides, how much data you have, and understand what sensitive data needs to be protected.
    • Create your team of stakeholders, including Legal, records managers, and privacy officers. Remember, they own the data and should manage it.
    • Categorization comes before classification, and discovery comes before categorization. Use easy-to-understand terms like high, medium, or low risk.

    Info-Tech Insight

    Data classification is the lynchpin to any effective governance of O/M365 and your objective is to navigate through this easily and effectively and build a robust, secure, and viable governance model. Start your journey by identifying what and where your data is and how much data do you have. You need to understand what sensitive data you have and where it is stored before you can protect or govern it. Ensure there is a high-level leader who is the champion of the governance objectives. Data classification fulfills the governance objectives of risk mitigation, governance and compliance, efficiency and optimization, and analytics.

    Questions you need to ask

    Four key questions to kick off your MVP.

    1

    Know Your Data

    Do you know where your critical and sensitive data resides and what is being done with it?

    Trying to understand where your information is can be a significant project.

    2

    Protect Your Data

    Do you have control of your data as it traverses across the organization and externally to partners?

    You want to protect information wherever it goes through encryption, etc.

    3

    Prevent Data Loss

    Are you able to detect unsafe activities that prevent sharing of sensitive information?

    Data loss prevention (DLP) is the practice of detecting and preventing data breaches, exfiltration, or unwanted destruction of sensitive data.

    4

    Govern Your Data

    Are you using multiple solutions (or any) to classify, label, and protect sensitive data?

    Many organizations use more than one solution to protect and govern their data, making it difficult to determine if there are any coverage gaps.

    Classification tiers

    Build your schema.

    Pyramid visualization for classification tiers. The top represents 'Simplicity', and the bottom 'Complexity' with the length of the sides at each level representing the '# of policies' and '# of labels'. At the top level is 'MVP (Minimum-Viable Product) - Confidential, Internal (Subcategory: Personal), Public'. At the middle level is 'Regulated - Highly Confidential, Confidential, Sensitive, General, Internal, Restricted, Personal, Sub-Private, Public'. And a the bottom level is 'Government (DOD) - Top Secret (TS), Secret, Confidential, Restricted, Official, Unclassified, Clearance'

    Info-Tech Insight

    Deciding on how granular you go into data classification will chiefly be governed by what industry you are in and your regulatory obligations – the more highly regulated your industry, the more classification levels you will be mandated to enforce. The more complexity you introduce into your organization, the more operational overhead both in cost and resources you will have to endure and build.

    Microsoft MIP Topology

    Microsoft Information Protection (MIP), which is Microsoft’s Data Classification Services, is the key to achieving your governance goals. Without an MVP, data classification will be overwhelming; simplifying is the first step in achieving governance.

    A diagram of multiple offerings all connected to 'MIP Data Classification Service'. Circled is 'Sensitivity Labels' with an arrow pointing back to 'MIP' at the center.
    (Source: Microsoft, “Microsoft Purview compliance portal”)

    Info-Tech Insight

    Using least-complex sensitivity labels in your classification are your building blocks to compliance and security in your data management schema; they are your foundational steps.

    MVP RACI Chart

    Data governance is a "takes a whole village" kind of effort.

    Clarify who is expected to do what with a RACI chart.

    End User M365 Administrator Security/ Compliance Data Owner
    Define classification divisions R A
    Appy classification label to data – at point of creation A R
    Apply classification label to data – legacy items R A
    Map classification divisions to relevant policies R A
    Define governance objectives R A
    Backup R A
    Retention R A
    Establish minimum baseline A R

    What and where your data resides

    Data types that require classification.

    Logos for 'Microsoft', 'Office 365', and icons for each program included in that package.
    M365 Workload Containers
    Icon for MS Exchange. Icon for MS SharePoint.Icon for MS Teams. Icon for MS OneDrive. Icon for MS Project Online.
    Email
    • Attachments
    Site Collections, Sites Sites Project Databases
    Contacts Teams and Group Site Collections, Sites Libraries and Lists Sites
    Metadata Libraries and Lists Documents
    • Versions
    Libraries and Lists
    Teams Conversations Documents
    • Versions
    Metadata Documents
    • Versions
    Teams Chats Metadata Permissions
    • Internal Sharing
    • External Sharing
    Metadata
    Permissions
    • Internal Sharing
    • External Sharing
    Files Shared via Teams Chats Permissions
    • Internal Sharing
    • External Sharing

    Info-Tech Insight

    Knowing where your data resides will ensure you do not miss any applicable data that needs to be classified. These are examples of the workload containers; you may have others.

    Discover and classify on- premises files using AIP

    AIP helps you manage sensitive data prior to migrating to Office 365:
    • Use discover mode to identify and report on files containing sensitive data.
    • Use enforce mode to automatically classify, label, and protect files with sensitive data.
    Can be configured to scan:
    • SMB files
    • SharePoint Server 2016, 2013
    Stock image of a laptop uploading to the cloud with a padlock and key in front of it.
    • Map your network and find over-exposed file shares.
    • Protect files using MIP encryption.
    • Inspect the content in file repositories and discover sensitive information.
    • Classify and label file per MIP policy.
    Azure Information Protection scanner helps discover, classify, label, and protect sensitive information in on-premises file servers. You can run the scanner and get immediate insight into risks with on-premises data. Discover mode helps you identify and report on files containing sensitive data (Microsoft Inside Track and CIAOPS, 2022). Enforce mode automatically classifies, labels, and protects files with sensitive data.

    Info-Tech Insight

    Any asset deployed to the cloud must have approved data classification. Enforcing this policy is a must to control your data.

    Understanding governance

    Microsoft Information Governance

    Information Governance
    • Retention policies for workloads
    • Inactive and archive mailboxes

    Arrow pointing down-right

    Records Management
    • Retention labels for items
    • Disposition review

    Arrow pointing down-left

    Retention and Deletion

    ‹——— Connectors for Third-Party Data ———›

    Information governance manages your content lifecycle using solutions to import, store, and classify business-critical data so you can keep what you need and delete what you do not. Backup should not be used as a retention methodology since information governance is managed as a “living entity” and backup is a stored information block that is “suspended in time.” Records management uses intelligent classification to automate and simplify the retention schedule for regulatory, legal, and business-critical records in your organization. It is for that discrete set of content that needs to be immutable.
    (Source: Microsoft, “Microsoft Purview compliance portal”)

    Retention and backup policy decision

    Retention is not backup.

    Info-Tech Insight

    Retention is not backup. Retention means something different: “the content must be available for discovery and legal document production while being able to defend its provenance, chain of custody, and its deletion or destruction” (AvePoint Blog, 2021).

    Microsoft Responsibility (Microsoft Protection) Weeks to Months Customer Responsibility (DLP, Backup, Retention Policy) Months to Years
    Loss of service due to natural disaster or data center outage Loss of data due to departing employees or deactivated accounts
    Loss of service due to hardware or infrastructure failure Loss of data due to malicious insiders or hackers deleting content
    Short-term (30 days) user error with recycle bin/ version history (including OneDrive “File Restore”) Loss of data due to malware or ransomware
    Short-term (14 days) administrative error with soft- delete for groups, mailboxes, or service-led rollback Recovery from prolonged outages
    Long-term accidental deletion coverage with selective rollback

    Understand retention policy

    What are retention policies used for? Why you need them as part of your MVP?

    Do not confuse retention labels and policies with backup.

    Remember: “retention [policies are] auto-applied whereas retention label policies are only applied if the content is tagged with the associated retention label” (AvePoint Blog, 2021).

    E-discovery tool retention policies are not turned on automatically.

    Retention policies are not a backup tool – when you activate this feature you are unable to delete anyone.

    “Data retention policy tools enable a business to:

    • “Decide proactively whether to retain content, delete content, or retain and then delete the content when needed.
    • “Apply a policy to all content or just content meeting certain conditions, such as items with specific keywords or specific types of sensitive information.
    • “Apply a single policy to the entire organization or specific locations or users.
    • “Maintain discoverability of content for lawyers and auditors, while protecting it from change or access by other users. […] ‘Retention Policies’ are different than ‘Retention Label Policies’ – they do the same thing – but a retention policy is auto-applied, whereas retention label policies are only applied if the content is tagged with the associated retention label.

    “It is also important to remember that ‘Retention Label Policies’ do not move a copy of the content to the ‘Preservation Holds’ folder until the content under policy is changed next.” (Source: AvePoint Blog, 2021)

    Definitions

    Data classification is a focused term used in the fields of cybersecurity and information governance to describe the process of identifying, categorizing, and protecting content according to its sensitivity or impact level. In its most basic form, data classification is a means of protecting your data from unauthorized disclosure, alteration, or destruction based on how sensitive or impactful it is.

    Once data is classified, you can then create policies; sensitive data types, trainable classifiers, and sensitivity labels function as inputs to policies. Policies define behaviors, like if there will be a default label, if labeling is mandatory, what locations the label will be applied to, and under what conditions. A policy is created when you configure Microsoft 365 to publish or automatically apply sensitive information types, trainable classifiers, or labels.

    Sensitivity label policies show one or more labels to Office apps (like Outlook and Word), SharePoint sites, and Office 365 groups. Once published, users can apply the labels to protect their content.

    Data loss prevention (DLP) policies help identify and protect your organization's sensitive info (Microsoft Docs, April 2022). For example, you can set up policies to help make sure information in email and documents is not shared with the wrong people. DLP policies can use sensitive information types and retention labels to identify content containing information that might need protection.

    Retention policies and retention label policies help you keep what you want and get rid of what you do not. They also play a significant role in records management.

    Data examples for MVP classification

    • Examples of the type of data you consider to be Confidential, Internal, or Public.
    • This will help you determine what to classify and where it is.
    Internal Personal, Employment, and Job Performance Data
    • Social Security Number
    • Date of birth
    • Marital status
    • Job application data
    • Mailing address
    • Resume
    • Background checks
    • Interview notes
    • Employment contract
    • Pay rate
    • Bonuses
    • Benefits
    • Performance reviews
    • Disciplinary notes or warnings
    Confidential Information
    • Business and marketing plans
    • Company initiatives
    • Customer information and lists
    • Information relating to intellectual property
    • Invention or patent
    • Research data
    • Passwords and IT-related information
    • Information received from third parties
    • Company financial account information
    • Social Security Number
    • Payroll and personnel records
    • Health information
    • Self-restricted personal data
    • Credit card information
    Internal Data
    • Sales data
    • Website data
    • Customer information
    • Job application data
    • Financial data
    • Marketing data
    • Resource data
    Public Data
    • Press releases
    • Job descriptions
    • Marketing material intended for general public
    • Research publications

    New container sensitivity labels (MIP)

    New container sensitivity labels

    Public Private
    Privacy
    1. Membership to group is open; anyone can join
    2. “Everyone except external guest” ACL onsite; content available in search to all tenants
    1. Only owner can add members
    2. No access beyond the group membership until someone shares it or changes permissions
    Allowed Not Allowed
    External guest policy
    1. Membership to group is open; anyone can join
    2. “Everyone except external guest” ACL onsite; content available in search to all tenants
    1. Only owner can add members
    2. No access beyond the group membership until someone shares it or changes permissions

    What users will see when they create or label a Team/Group/Site

    Table of what users will see when they create or label a team/group/site highlighting 'External guest policy' and 'Privacy policy options' as referenced above.
    (Source: Microsoft, “Microsoft Purview compliance portal”)

    Info-Tech Insights

    Why you need sensitivity container labels:
    • Manage privacy of Teams Sites and M365 Groups
    • Manage external user access to SPO sites and teams
    • Manage external sharing from SPO sites
    • Manage access from unmanaged devices

    Data protection and security baselines

    Data Protection Baseline

    “Microsoft provides a default assessment in Compliance Manager for the Microsoft 365 data protection baseline" (Microsoft Docs, June 2022). This baseline assessment has a set of controls for key regulations and standards for data protection and general data governance. This baseline draws elements primarily from NIST CSF (National Institute of Standards and Technology Cybersecurity Framework) and ISO (International Organization for Standardization) as well as from FedRAMP (Federal Risk and Authorization Management Program) and GDPR (General Data Protection Regulation of the European Union).

    Security Baseline

    The final stage in M365 governance is security. You need to implement a governance policy that clearly defines storage locations for certain types of data and who has permission to access it. You need to record and track who accesses content and how they share it externally. “Part of your process should involve monitoring unusual external sharing to ensure staff only share documents that they are allowed to” (Rencore, 2021).

    Info-Tech Insights

    • Controls are already in place to set data protection policy. This assists in the MVP activities.
    • Finally, you need to set your security baseline to ensure proper permissions are in place.

    Prerequisite baseline

    Icon of crosshairs.
    Security

    MFA or SSO to access from anywhere, any device

    Banned password list

    BYOD sync with corporate network

    Icon of a group.
    Users

    Sign out inactive users automatically

    Enable guest users

    External sharing

    Block client forwarding rules

    Icon of a database.
    Resources

    Account lockout threshold

    OneDrive

    SharePoint

    Icon of gears.
    Controls

    Sensitivity labels, retention labels and policies, DLP

    Mobile application management policy

    Building baselines

    Sensitivity Profiles: Public, Internal, Confidential; Subcategory: Highly Confidential

    Microsoft 365 Collaboration Protection Profiles

    Sensitivity Public External Collaboration Internal Highly Confidential
    Description Data that is specifically prepared for public consumption Not approved for public consumption, but OK for external collaboration External collaboration highly discouraged and must be justified Data of the highest sensitivity: avoid oversharing, internal collaboration only
    Label details
    • No content marking
    • No encryption
    • Public site
    • External collaboration allowed
    • Unmanaged devices: allow full access
    • No content marking
    • No encryption
    • Private site
    • External collaboration allowed
    • Unmanaged devices: allow full access
    • Content marking
    • Encryption
    • Private site
    • External collaboration allowed but monitored
    • Unmanaged devices: limited web access
    • Content marking
    • Encryption
    • Private site
    • External collaboration disabled
    • Unmanaged devices: block access
    Teams or Site details Public Team or Site open discovery, guests are allowed Private Team or Site members are invited, guests are allowed Private Team or Site members are invited, guests are not allowed
    DLP None Warn Block

    Please Note: Global/Compliance Admins go to the 365 Groups platform, the compliance center (Purview), and Teams services (Source: Microsoft Documentation, “Microsoft Purview compliance documentation”)

    Info-Tech Insights

    • Building baseline profiles will be a part of your MVP. You will understand what type of information you are addressing and label it accordingly.
    • Sensitivity labels are a way to classify your organization's data in a way that specifies how sensitive the data is. This helps you decrease risks in sharing information that shouldn't be accessible to anyone outside your organization or department. Applying sensitivity labels allows you to protect all your data easily.

    MVP activities

    PRIMARY
    ACTIVITIES
    Define Your Governance
    The objective of the MVP is reducing barriers to establishing an initial governance position, and then enabling rapid progression of the solution to address a variety of tangible risks, including DLP, data retention, legal holds, and labeling.
    Decide on your classification labels early.

    CATEGORIZATION





    CLASSIFICATION

    MVP
    Data Discovery and Management
    AIP (Azure Information Protection) scanner helps discover, classify, label, and protect sensitive information in on-premises file servers. You can run the scanner and get immediate insight into risks with on-premises data.
    Baseline Setup
    Building baseline profiles will be a part of your MVP. You will understand what type of information you are addressing and label it accordingly. Microsoft provides a default assessment in Compliance Manager for the Microsoft 365 data protection baseline.
    Default M365 settings
    Microsoft provides a default assessment in Compliance Manager for the Microsoft 365 data protection baseline. This baseline assessment has a set of controls for key regulations and standards for data protection and general data governance.
    SUPPORT
    ACTIVITIES
    Retention Policy
    Retention policy is auto-applied. Decide whether to retain content, delete content, or retain and then delete the content.
    Sensitivity Labels
    Automatically enforce policies on groups through labels; classify groups.
    Workload Containers
    M365: SharePoint, Teams, OneDrive, and Exchange, where your data is stored for labels and policies.
    Unforced Policies
    Written policies that are not enforceable by controls in Compliance Manager such as acceptable use policy.
    Forced Policies
    Restrict sharing controls to outside organizations. Enforce prefix or suffix to group or team names.

    ACME Company MVP for M/O365

    PRIMARY
    ACTIVITIES
    Define Your Governance


    Focus on ability to use legal hold and GDPR compliance.

    CATEGORIZATION





    CLASSIFICATION

    MVP
    Data Discovery and Management


    Three classification levels (public, internal, confidential), which are applied by the user when data is created. Same three levels are used for AIP to scan legacy sources.

    Baseline Setup


    All data must at least be classified before it is uploaded to an M/O365 cloud service.

    Default M365 settings


    Turn on templates 1 8 the letter q and the number z

    SUPPORT
    ACTIVITIES
    Retention Policy


    Retention policy is auto-applied. Decide whether to retain content, delete content, or retain and then delete the content.

    Sensitivity Labels


    Automatically enforce policies on groups through labels; classify groups.

    Workload Containers


    M365: SharePoint, Teams, OneDrive, and Exchange, where your data is stored for labels and policies.

    Unforced Policies


    Written policies that are not enforceable by controls in Compliance Manager such as acceptable use policy.

    Forced Policies


    Restrict sharing controls to outside organizations. Enforce prefix or suffix to group or team names.

    Related Blueprints

    Govern Office 365

    Office 365 is as difficult to wrangle as it is valuable. Leverage best practices to produce governance outcomes aligned with your goals.

    Map your organizational goals to the administration features available in the Office 365 console. Your governance should reflect your requirements.

    Migrate to Office 365 Now

    Jumping into an Office 365 migration project without careful thought of the risks of a cloud migration will lead to project halt and interruption. Intentionally plan in order to expose risk and to develop project foresight for a smooth migration.

    Microsoft Teams Cookbook

    Remote work calls for leveraging your Office 365 license to use Microsoft Teams – but IT is unsure about best practices for governance and permissions. Moreover, IT has few resources to help train end users with Teams best practices

    IT Governance, Risk & Compliance

    Several blueprints are available on a broader topic of governance, from Make Your IT Governance Adaptable to Improve IT Governance to Drive Business Results and Build an IT Risk Management Program.

    Bibliography

    “Best practices for sharing files and folders with unauthenticated users.” Microsoft Build, 28 April 2022. Accessed 2 April 2022.

    “Build and manage assessments in Compliance Manager.” Microsoft Docs, 15 June 2022. Web.

    “Building a modern workplace with Microsoft 365.” Microsoft Inside Track, n.d. Web.

    Crane, Robert. “June 2020 Microsoft 365 Need to Know Webinar.” CIAOPS, SlideShare, 26 June 2020. Web.

    “Data Classification: Overview, Types, and Examples.” Simplilearn, 27 Dec. 2021. Accessed 11 April 2022.

    “Data loss prevention in Exchange Online.” Microsoft Docs, 19 April 2022. Web.

    Davies, Nahla. “5 Common Data Governance Challenges (and How to Overcome Them).” Dataversity. 25 October 2021. Accessed 5 April 2022.

    “Default labels and policies to protect your data.” Microsoft Build, April 2022. Accessed 3 April 2022.

    M., Peter. "Guide: The difference between Microsoft Backup and Retention." AvePoint Blog, 9 Oct. 2021. Accessed 4 April 2022.

    Meyer, Guillaume. “Sensitivity Labels: What They Are, Why You Need Them, and How to Apply Them.” nBold, 6 October 2021. Accessed 2 April 2022.

    “Microsoft 365 guidance for security & compliance.” Microsoft, 27 April 2022. Accessed 28 April 2022.

    “Microsoft Purview compliance portal.” Microsoft, 19 April 2022. Accessed 22 April 2022.

    “Microsoft Purview compliance documentation.” Microsoft, n.d. Accessed 22 April 2022.

    “Microsoft Trust Center: Products and services that run on trust.” Microsoft, 2022. Accessed 3 April 2022.

    “Protect your sensitive data with Microsoft Purview.” Microsoft Build, April 2022. Accessed 3 April 2022.

    Zimmergren, Tobias. “4 steps to successful cloud governance in Office 365.” Rencore, 9 Sept. 2021. Accessed 5 April 2022.

    Start Making Data-Driven People Decisions

    • Buy Link or Shortcode: {j2store}427|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Leadership Development Programs
    • Parent Category Link: /leadership-development-programs
    • Ninety-one percent of IT leaders believe that analytics is important for talent management but 59% use no workforce analytics at all, although those who use analytics are much more effective than those who don't.
    • The higher the level of analytics used, the higher the level of effectiveness of the department as a whole.

    Our Advice

    Critical Insight

    • You don't need advanced metrics and analytics to see a return on people data. Begin by getting a strong foundation in place and showing the ROI on a pilot project.
    • Complex analyses will never make up for inadequate data quality. Spend the time up front to audit and improve data quality if necessary, no matter which stage of analytics proficiency you are at.
    • Ensure you collect and analyze only data that is essential to your decision making. More is not better, and excess data can detract from the overall impact of analytics.

    Impact and Result

    • Build a small-scale foundational pilot, which will allow you to demonstrate feasibility, refine your costs estimate, and show the ROI on people analytics for your budgeting meeting.
    • Drive organizational change incrementally by identifying and communicating with the stakeholders for your people analytics pilot.
    • Choose basic analytics suitable for organizations of all sizes and understand the building blocks of data quality to support more further analytics down the line.

    Start Making Data-Driven People Decisions Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should strategically apply people analytics to your IT talent management.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define the problem and apply the checklist

    From choosing the right data for the right problem to evaluating your progress toward data-driven people decisions, follow these steps to build your foundation to people analytics.

    • Start Making Data-Driven People Decisions – Phase 1: Define the Problem and Apply the Checklist
    • People Analytics Strategy Template
    • Talent Metrics Library
    [infographic]

    Enhance Your Solution Architecture Practices

    • Buy Link or Shortcode: {j2store}157|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $33,359 Average $ Saved
    • member rating average days saved: 11 Average Days Saved
    • Parent Category Name: Development
    • Parent Category Link: /development
    • In today’s world, business agility is essential to stay competitive. Quick responses to business needs through efficient development and deployment practices is critical for business value delivery.
    • A mature solution architecture practice is the basic necessity for a business to have technical agility.

    Our Advice

    Critical Insight

    Don’t architect for normal situations. That is a shallow approach and leads to decisions that may seem “right” but will not be able to stand up to system elasticity needs.

    Impact and Result

    • Understand the different parts of a continuous security architecture framework and how they may apply to your decisions.
    • Develop a solution architecture for upcoming work (or if there is a desire to reduce tech debt).

    Enhance Your Solution Architecture Practices Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Solution Architecture Practices Deck – A deck to help you develop an approach for or validate existing solution architecture capability.

    Translate stakeholder objectives into architecture requirements, solutions, and changes. Incorporate architecture quality attributes in decisions to increase your architecture’s life. Evaluate your solution architecture from multiple views to obtain a holistic perspective of the range of issues, risks, and opportunities.

    • Enhance Your Solution Architecture Practices – Phases 1-3

    2. Solution Architecture Template – A template to record the results from the exercises to help you define, detail, and make real your digital product vision.

    Identify and detail the value maps that support the business, and discover the architectural quality attribute that is most important for the value maps. Brainstorm solutions for design decisions for data, security, scalability, and performance.

    • Solution Architecture Template
    [infographic]

    Workshop: Enhance Your Solution Architecture Practices

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Vision and Value Maps

    The Purpose

    Document a vision statement for the solution architecture practice (in general) and/or a specific vision statement, if using a single project as an example.

    Document business architecture and capabilities.

    Decompose capabilities into use cases.

    Key Benefits Achieved

    Provide a great foundation for an actionable vision and goals that people can align to.

    Develop a collaborative understanding of business capabilities.

    Develop a collaborative understanding of use cases and personas that are relevant for the business.

    Activities

    1.1 Develop vision statement.

    1.2 Document list of value stream maps and their associated use cases.

    1.3 Document architectural quality attributes needed for use cases using SRME.

    Outputs

    Solution Architecture Template with sections filled out for vision statement canvas and value maps

    2 Continue Vision and Value Maps, Begin Phase 2

    The Purpose

    Map value stream to required architectural attributes.

    Prioritize architecture decisions.

    Discuss and document data architecture.

    Key Benefits Achieved

    An understanding of architectural attributes needed for value streams.

    Conceptual understanding of data architecture.

    Activities

    2.1 Map value stream to required architectural attributes.

    2.2 Prioritize architecture decisions.

    2.3 Discuss and document data architecture.

    Outputs

    Solution Architecture Template with sections filled out for value stream and architecture attribute mapping; a prioritized list of architecture design decisions; and data architecture

    3 Continue Phase 2, Begin Phase 3

    The Purpose

    Discuss security and threat assessment.

    Discuss resolutions to threats via security architecture decisions.

    Discuss system’s scalability needs.

    Key Benefits Achieved

    Decisions for security architecture.

    Decisions for scalability architecture.

    Activities

    3.1 Discuss security and threat assessment.

    3.2 Discuss resolutions to threats via security architecture decisions.

    3.3 Discuss system’s scalability needs.

    Outputs

    Solution Architecture Template with sections filled out for security architecture and scalability design

    4 Continue Phase 3, Start and Finish Phase 4

    The Purpose

    Discuss performance architecture.

    Compile all the architectural decisions into a solutions architecture list.

    Key Benefits Achieved

    A complete solution architecture.

    A set of principles that will form the foundation of solution architecture practices.

    Activities

    4.1 Discuss performance architecture.

    4.2 Compile all the architectural decisions into a solutions architecture list.

    Outputs

    Solution Architecture Template with sections filled out for performance and a complete solution architecture

    Further reading

    Enhance Your Solution Architecture Practice

    Ensure your software systems solution is architected to reflect stakeholders’ short- and long-term needs.

    Analyst Perspective

    Application architecture is a critical foundation for supporting the growth and evolution of application systems. However, the business is willing to exchange the extension of the architecture’s life with quality best practices for the quick delivery of new or enhanced application functionalities. This trade-off may generate immediate benefits to stakeholders, but it will come with high maintenance and upgrade costs in the future, rendering your system legacy early.

    Technical teams know the importance of implementing quality attributes into architecture but are unable to gain approval for the investments. Overcoming this challenge requires a focus of architectural enhancements on specific problem areas with significant business visibility. Then, demonstrate how quality solutions are vital enablers for supporting valuable application functionalities by tracing these solutions to stakeholder objectives and conducting business and technical risk and impact assessments through multiple business and technical perspectives.

    this is a picture of Andrew Kum-Seun

    Andrew Kum-Seun
    Research Manager, Applications
    Info-Tech Research Group

    Enhance Your Solution Architecture

    Ensure your software systems solution is architected to reflect stakeholders’ short- and long-term needs.

    EXECUTIVE BRIEF

    Executive Summary

    Your Challenge

    • Most organizations have some form of solution architecture; however, it may not accurately and sufficiently support the current and rapidly changing business and technical environments.
    • To enable quick delivery, applications are built and integrated haphazardly, typically omitting architecture quality practices.

    Common Obstacles

    • Failing to involve development and stakeholder perspectives in design can lead to short-lived architecture and critical development, testing, and deployment constraints and risks being omitted.
    • Architects are experiencing little traction implementing solutions to improve architecture quality due to the challenge of tracing these solutions back to the right stakeholder objectives.

    Info-Tech's Approach

    • Translate stakeholder objectives into architecture requirements, solutions, and changes. Incorporate architecture quality attributes in decisions to increase your architecture’s life.
    • Evaluate your solution architecture from multiple views to obtain a holistic perspective of the range of issues, risks, and opportunities.
    • Regularly review and recalibrate your solution architecture so that it accurately reflects and supports current stakeholder needs and technical environments.

    Info-Tech Insight

    Well-received applications can have poor architectural qualities. Functional needs often take precedence over quality architecture. Quality must be baked into design, execution, and decision-making practices to ensure the right tradeoffs are made.

    A badly designed solution architecture is the root of all technical evils

    A well-thought-through and strategically designed solution architecture is essential for the long-term success of any software system, and by extension, the organization because:

    1. It will help achieve quality attribute requirements (security, scalability, performance, usability, resiliency, etc.) for a software system.
    2. It can define and refine architectural guiding principles. A solution architecture is not only important for today but also a vision for the future of the system’s ability to react positively to changing business needs.
    3. It can help build usable (and reusable) services. In a fast-moving environment, the convenience of having pre-made plug-and-play architectural objects reduces the risk incurred from knee-jerk reactions in response to unexpected demands.
    4. It can be used to create a roadmap to an IT future state. Architectural concerns support transition planning activities that can lead to the successful implementation of a strategic IT plan.

    Demand for quick delivery makes teams omit architectural best practices, increasing downstream risks

    In its need for speed, a business often doesn’t see the value in making sure architecture is maintainable, reusable, and scalable. This demand leads to an organizational desire for development practices and the procurement of vendors that favor time-to-market over long-term maintainability. Unfortunately, technical teams are pushed to omit design quality and validation best practices.

    What are the business impacts of omitting architecture design practices?

    Poor quality application architecture impedes business growth opportunities, exposes enterprise systems to risks, and consumes precious IT budgets in maintenance that could otherwise be used for innovation and new projects.

    Previous estimations indicate that roughly 50% of security problems are the result of software design. […] Flaws in the architecture of a software system can have a greater impact on various security concerns in the system, and as a result, give more space and flexibility for malicious users.(Source: IEEE Software)

    Errors in software requirements and software design documents are more frequent than errors in the source code itself according to Computer Finance Magazine. Defects introduced during the requirements and design phase are not only more probable but also more severe and more difficult to remove. (Source: iSixSigma)

    Design a solution architecture that can be successful within the constraints and complexities set before you

    APPLICATION ARCHITECTURE…

    … describes the dependencies, structures, constraints, standards, and development guidelines to successfully deliver functional and long-living applications. This artifact lays the foundation to discuss the enhancement of the use and operations of your systems considering existing complexities.

    Good architecture design practices can give you a number of benefits:

    Lowers maintenance costs by revealing key issues and risks early. The Systems Sciences Institute at IBM has reported that the cost to fix an error found after product release was 4 to 5 times as much as one uncovered during design.(iSixSigma)

    Supports the design and implementation activities by providing key insights for project scheduling, work allocation, cost analysis, risk management, and skills development.(IBM: developerWorks)

    Eliminates unnecessary creativity and activities on the part of designers and implementers, which is achieved by imposing the necessary constraints on what they can do and making it clear that deviation from constraints can break the architecture.(IBM: developerWorks)

    Use Info-Tech’s Continuous Solution Architecture (CSA) Framework for designing adaptable systems

    Solution architecture is not a one-size-fits-all conversation. There are many design considerations and trade-offs to keep in mind as a product or services solution is conceptualized, evaluated, tested, and confirmed. The following is a list of good practices that should inform most architecture design decisions.

    Principle 1: Design your solution to have at least two of everything.

    Principle 2: Include a “kill switch” in your fault-isolation design. You should be able to turn off everything you release.

    Principle 3: If it can be monitored, it should be. Use server and audit logs where possible.

    Principle 4: Asynchronous is better than synchronous. Asynchronous design is more complex but worth the processing efficiency it introduces.

    Principle 5: Stateless over stateful: State data should only be used if necessary.

    Principle 6: Go horizonal (scale out) over vertical (scale up).

    Principle 7: Good architecture comes in small packages.

    Principle 8: Practice just-in-time architecture. Delay finalizing an approach for as long as you can.

    Principle 9: X-ilities over features. Quality of an architecture is the foundation over which features exist. A weak foundation can never be obfuscated through shiny features.

    Principle 10: Architect for products not projects. A product is an ongoing concern, while a project is short lived and therefore only focused on what is. A product mindset forces architects to think about what can or should be.

    Principle 11: Design for rollback: When all else fails, you should be able to stand up the previous best state of the system.

    Principle 12: Test the solution architecture like you test your solution’s features.

    CSA should be used for every step in designing a solution’s architecture

    Solution architecture is a technical response to a business need, and like all complex evolutionary systems, must adapt its design for changing circumstances.

    The triggers for changes to existing solution architectures can come from, at least, three sources:

    1. Changing business goals
    2. Existing backlog of technical debt
    3. Solution architecture roadmap

    A solution’s architecture is cross-cutting and multi-dimensional and at the minimum includes:

    • Product Portfolio Strategy
    • Application Architecture
    • Data Architecture
    • Information Architecture
    • Operational Architecture

    along with several qualitative attributes (also called non-functional requirements).

    This image contains a chart which demonstrates the relationship between changing hanging business goals, Existing backlog of technical debt, Solution architecture roadmap, and Product Portfolio Strategy, Application Architecture, Data Architecture, Information Architecture and, Operational Architecture

    Related Research: Product Portfolio Strategy

    Integrate Portfolios to Create Exceptional Customer Value

    • Define an organizing principle that will structure your projects and applications in a way that matters to your stakeholders.
    • Bridge application and project portfolio data using the organizing principle that matters to communicate with stakeholders across the organization.
    • Create a dashboard that brings together the benefits of both project and application portfolio management to improve visibility and decision making.

    Deliver on Your Digital Portfolio Vision

    • Recognize that a vision is only as good as the data that backs it up. Lay out a comprehensive backlog with quality built in that can be effectively communicated and understood through roadmaps.
    • Your intent is only a dream if it cannot be implemented ; define what goes into a release plan via the release canvas.
    • Define a communication approach that lets everyone know where you are heading.

    Related Research: Data, Information & Integration Architecture

    Build a Data Architecture Roadmap

    • Have a framework in place to identify the appropriate solution for the challenge at hand. Our three-phase practical approach will help you build a custom and modernized data architecture.
    • Identify and prioritize the business drivers in which data architecture changes would create the largest overall benefit and determine the corresponding data architecture tiers that need to be addressed.
    • Discover the best-practice trends, measure your current state, and define the targets for your data architecture tactics.
    • Build a cohesive and personalized roadmap for restructuring your data architecture. Manage your decisions and resulting changes.

    Build a Data Pipeline for Reporting and Analytics

    • Understand your high-level business capabilities and interactions across them – your data repositories and flows should be just a digital reflection thereof.
    • Divide your data world in logical verticals overlaid with various speed data progression lanes, i.e. build your data pipeline – and conquer it one segment at a time.
    • Use the most appropriate database design pattern for a given phase/component in your data pipeline progression.

    Related Research:Operational Architecture

    Optimize Application Release Management

    • Acquire release management ownership. Ensure there is appropriate accountability for the speed and quality of the releases passing through the entire pipeline.
    • A release manager has oversight over the entire release process and facilitates the necessary communication between business stakeholders and various IT roles.
    • Instill holistic thinking. Release management includes all steps required to push release and change requests to production along with the hand-off to Operations and Support. Increase the transparency and visibility of the entire pipeline to ensure local optimizations do not generate bottlenecks in other areas.
    • Standardize and lay a strong release management foundation. Optimize the key areas where you are experiencing the most pain and continually improve.

    Build Your Infrastructure Roadmap

    • Increased communication. More information being shared to more people who need it.
    • Better planning. More accurate information being shared.
    • Reduced lead times. Less due diligence or discovery work required as part of project implementations.
    • Faster delivery times. Less low-value work, freeing up more time for project work.

    Related Research:Security Architecture

    Identify Opportunities to Mature the Security Architecture

    • A right-sized security architecture can be created by assessing the complexity of the IT department, the operations currently underway for security, and the perceived value of a security architecture within the organization. This will bring about a deeper understanding of the organizational infrastructure.
    • Developing a security architecture should also result in a list of opportunities (i.e. initiatives) that an organization can integrate into a roadmap. These initiatives will seek to improve security operations and strengthen the IT department’s understanding of security’s role within the organization.
    • A better understanding of the infrastructure will help to save time on determining the correct technologies required from vendors, and therefore, cut down on the amount of vendor noise.
    • Creating a defensible roadmap will assist with justifying future security spend.

    Key deliverable:

    Solution Architecture Template
    Record the results from the exercises to help you define, detail, and make real your digital product vision.

    Blueprint Deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    This image contains screenshots of the deliverables which will be discussed later in this blueprint

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.

    Guided Implementation

    Our team knows that we need to fix a process, but we need assistance to determine where to focus. some check-ins along the way would help keep us on track

    Workshop

    We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place

    Consulting

    Our team does not have the time or the knowledge to take this project on. we need assistance through the entirety of this project.

    Diagnostics and consistent frameworks are used throughout all four options

    Workshop Overview

    Contact your account representative for more information. workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4
    Exercises
    1. Articulate an architectural vision
    2. Develop dynamic value stream maps
    1. Create a conceptual map between the value stream, use case, and required architectural attribute
    2. Create a prioritized list of architectural attributes
    3. Develop a data architecture that supports transactional and analytical needs
    1. Document security architecture risks and mitigations
    2. Document scalability architecture
    1. Document performance-enhancing architecture
    2. Bring it all together
    Outcomes
    1. Architecture vision
    2. Dynamic value stream maps (including user stories/personas)
    1. List of required architectural attributes
    2. Architectural attributes prioritized
    3. Data architecture design decisions
    1. Security threat and risk analysis
    2. Security design decisions
    3. Scalability design decisions
    1. Performance design decisions
    2. Finalized decisions

    Guided Implementation

    What does a typical GI on this topic look like?

    A Guided Implementation (GI) is series of calls with an Info-Tech analyst to help implement our best practices in your organization.
    This GI is between 8 to 10 calls over the course of approximately four to six months.

    Phase 1 Phase 2 Phase 2
    Call #1:
    Articulate an architectural vision.
    Call #4:
    Continue discussion on value stream mapping and related use cases.
    Call #6:
    Document security design decisions.
    Call #2:
    Discuss value stream mapping and related use cases.
    Call #5:
    • Map the value streams to required architectural attribute.
    • Create a prioritized list of architectural attributes.
    Call #7:
    • Document scalability design decisions.
    • Document performance design decisions.
    Call #3:
    Continue discussion on value stream mapping and related use cases.
    Call #8:
    Bring it all together.

    Phase 1: Visions and Value Maps

    Phase 1

    1.1 Articulate an Architectural Vision
    1.2 Develop Dynamic Value Stream Maps
    1.3 Map Value Streams, Use Cases, and Required Architectural Attributes
    1.4 Create a Prioritized List of Architectural Attributes

    Phase 2

    2.1 Develop a Data Architecture That Supports Transactional and Analytical Needs
    2.2 Document Security Architecture Risks and Mitigations

    Phase 3

    3.1 Document Scalability Architecture
    3.2 Document Performance Enhancing Architecture
    3.3 Combine the Different Architecture Design Decisions Into a Unified Solution Architecture

    This phase will walk you through the following activities:

    • Determine a vision for architecture outcomes
    • Draw dynamic value stream maps
    • Derive architectural design decisions
    • Prioritize design decisions

    This phase involves the following participants:

    • Business Architect
    • Product Owner
    • Application Architect
    • Integration Architect
    • Database Architect
    • Enterprise Architect

    Enhance Your Solution Architecture Practice

    Let’s get this straight: You need an architectural vision

    If you start off by saying I want to architect a system, you’ve already lost. Remember what a vision is for!

    An architectural vision...

    … is your North Star

    Your product vision serves as the single fixed point for product development and delivery.

    … aligns stakeholders

    It gets everyone on the same page.

    … helps focus on meaningful work

    There is no pride in being a rudderless ship. It can also be very expensive.

    And eventually...

    … kick-starts your strategy

    We know where to go, we know who to bring along, and we know the steps to get there. Let’s plan this out.

    An architectural vision is multi-dimensional

    Who is the target customer (or customers)?

    What is the key benefit a customer can get from using our service or product?

    Why should they be engaged with you?

    What makes our service or product better than our competitors?

    (Adapted from Crossing the Chasm)

    Info-Tech Insight

    It doesn’t matter if you are delivering value to internal or external stakeholders, you need a product vision to ensure everyone understands the “why.”

    Use a canvas as the dashboard for your architecture

    The solution architecture canvas provides a single dashboard to quickly define and communicate the most important information about the vision. A canvas is an effective tool for aligning teams and providing an executive summary view.

    This image contains a sample canvas for you to use as the dashboard for your architecture. The sections are: Solution Name, Tracking Info, Vision, Business Goals, Metrics, Personas, and Stakeholders.

    Leverage the solution architecture canvas to state and inform your architecture vision

    This image contains the sample canvas from the previous section, with annotations explaining what to do for each of the headings.

    1.1 Craft a vision statement for your solution’s architecture

    1. Use the product canvas template provided for articulating your solution’s architecture.

    *If needed, remove or add additional data points to fit your purposes.

    There are different statement templates available to help form your product vision statements. Some include:

    • For [our target customer], who [customer’s need], the [product] is a [product category or description] that [unique benefits and selling points]. Unlike [competitors or current methods], our product [main differentiators].
    • We believe (in) a [noun: world, time, state, etc.] where [persona] can [verb: do, make, offer, etc.], for/by/with [benefit/goal].
    • To [verb: empower, unlock, enable, create, etc.] [persona] to [benefit, goal, future state].
    • Our vision is to [verb: build, design, provide] the [goal, future state] to [verb: help, enable, make it easier to...] [persona].

    (Adapted from Crossing the Chasm)

    Download the Solution Architecture Template and document your vision statement.

    Input

    • Business Goals
    • Product Portfolio Vision

    Output

    • Solution Architecture Vision

    Materials

    • Whiteboard/Flip Charts

    Participants

    • Business Architect
    • Product Owner
    • IT Leadership
    • Business Leadership

    Solution Architecture Canvas: Refine your vision statement

    This image contains a screenshot of the canvas from earlier in the blueprint, with only the annotation for Solution Name: Vision, unique value proposition, elevator pitch, or positioning statement.

    Understand your value streams before determining your solution’s architecture

    Business Strategy

    Sets and communicates the direction of the entire organization.

    Value Stream

    Segments, groups, and creates a coherent narrative as to how an organization creates value.

    Business Capability Map

    Decomposes an organization into its component parts to establish a common language across the organization.

    Execution

    Implements the business strategy through capability building or improvement projects.

    Identify your organization’s goals and define the value streams that support them

    Goal

    Revenue Growth

    Value Streams

    Stream 1- Product Purchase
    Stream 2- Customer Acquisition
    stream 3- Product Financing

    There are many techniques that help with constructing value streams and their capabilities.

    Domain-driven design is a technique that can be used for hypothesizing the value maps, their capabilities, and associated solution architecture.

    Read more about domain-driven design here.

    Value streams can be external (deliver value to customers) or internal (support operations)

      External Perspective

    1. Core value streams are mostly externally facing: they deliver value to either an external/internal customer and they tie to the customer perspective of the strategy map.
    • E.g. customer acquisition, product purchase, product delivery

    Internal Perspective

  • Support value streams are internally facing: they provide the foundational support for an organization to operate.
    • E.g. employee recruitment to retirement

    Key Questions to Ask While Evaluating Value Streams

    • Who are your customers?
    • What benefits do we deliver to them?
    • How do we deliver those benefits?
    • How does the customer receive the benefits?
    This image contains an example of value streams. The main headings are: Customer Acquisitions, Product Purchase, Product Delivery, Confirm Order, Product Financing, and Product Release.

    Value streams highlight the what, not the how

    Value chains set a high-level context, but architectural decisions still need to be made to deal with the dynamism of user interaction and their subsequent expectations. User stories (and/or use cases) and themes are great tools for developing such decisions.

    Product Delivery

    1. Order Confirmation
    2. Order Dispatching
    3. Warehouse Management
    4. Fill Order
    5. Ship Order
    6. Deliver Order

    Use Case and User Story Theme: Confirm Order

    This image shows the relationship between confirming the customer's order online, and the Online Buyer, the Online Catalog, the Integrated Payment, and the Inventory Lookup.

    The use case Confirming Customer’s Online Order has four actors:

    1. An Online Buyer who should be provided with a catalog of products to purchase from.
    2. An Online Catalog that is invoked to display its contents on demand.
    3. An Integrated Payment system for accepting an online form of payment (credit card, Bitcoins, etc.) in a secure transaction.
    4. An Inventory Lookup module that confirms there is stock available to satisfy the Online Buyer’s order.

    Info-Tech Insight

    Each use case theme links back to a feature(s) in the product backlog.

    Related Research

    Deliver on Your Digital Portfolio Vision

    • Recognize that a vision is only as good as the data that backs it up. Lay out a comprehensive backlog with quality built in that can be effectively communicated and understood through roadmaps.
    • Your intent is only a dream if it cannot be implemented – define what goes into a release plan via the release canvas.
    • Define a communication approach that lets everyone know where you are heading.

    Document Your Business Architecture

    • Recognize the opportunity for architecture work, analyze the current and target states of your business strategy, and identify and engage the right stakeholders.
    • Model the business in the form of architectural blueprints.
    • Apply business architecture techniques such as strategy maps, value streams, and business capability maps to design usable and accurate blueprints of the business.
    • Drive business architecture forward to promote real value to the organization.
    • Assess your current projects to determine if you are investing in the right capabilities. Conduct business capability assessments to identify opportunities and to prioritize projects.

    1.2 Document dynamic value stream maps

    1. Create value stream maps that support your business objectives.
    • The value stream maps could belong to existing or new business objectives.
  • For each value stream map:
    • Determine use case(s), the actors, and their expected activity.

    *Refer to the next slide for an example of a dynamic value stream map.

    Download the Solution Architecture Template for documentation of dynamic value stream map

    Input

    • Business Goals
    • Some or All Existing Business Processes
    • Some or All Proposed New Business Processes

    Output

    • Dynamic Value Stream Maps for Multiple Use Roles and Use Cases

    Materials

    • Whiteboard/Flip Charts

    Participants

    • Business Architect
    • Product Owner
    • Application Architect
    • Integration Architect

    Example: Dynamic value stream map

    Loan Provision*

    *Value Stream Name: Usually has the same name as the capability it illustrates.

    Loan Application**; Disbursement of Fund**; Risk Management**; Service Accounts**

    **Value Stream Components: Specific functions that support the successful delivery of a value stream.

    Disbursement of Funds

    This image shows the relationship between depositing the load into the applicant's bank account, and the Applicant's bank, the Loan Applicant, and the Loan Supplier.

    Style #1:

    The use case Disbursement of Funds has three actors:

    1. A Loan Applicant who applied for a loan and got approved for one.
    2. A Loan Supplier who is the source for the funds.
    3. The Applicant’s Bank that has an account into which the funds are deposited.

    Style # 2:

    Loan Provision: Disbursement of Funds
    Use Case Actors Expectation
    Deposit Loan Into Applicant’s Bank Account
    1. Loan Applicant
    2. Loan Supplier
    3. Applicant’s Bank
    1. Should be able to see deposit in bank account
    2. Deposit funds into account
    3. Accept funds into account

    Mid-Phase 1 Checkpoint

    By now, the following items are ideally completed:

    • Mid-Phase 1 Checkpoint

    Start with an investigation of your architecture’s qualitative needs

    Quality attributes can be viewed as the -ilities (e.g. scalability, usability, reliability) that a software system needs to provide. A system not meeting any of its quality attribute requirements will likely not function as required. Examples of quality attributes are:

    1. Slow system response time
    2. Security breaches that result in loss of personal data
    3. A product feature upgrade that is not compatible with previous versions
    Examples of Qualitative Attributes
    Performance Compatibility Usability Reliability Security Maintainability
    • Response Time
    • Resource Utilization
    • System Capacity
    • Interoperability
    • Accessibility
    • User Interface
    • Intuitiveness
    • Availability
    • Fault Tolerance
    • Recoverability
    • Integrity
    • Non-Repudiation
    • Modularity
    • Reusability
    • Modifiability
    • Testability

    Focus on quality attributes that are architecturally significant.

    • Not every system requires every quality attribute.
    • Pay attention to those attributes without which the solution will not be able to satisfy a user’s abstract* expectation.
    • This set can be considered Architecturally Significant Requirements (ASR). ASR concern scenarios have the most impact on the architecture of the software system.
    • ASR are fundamental needs of the system and changing them in the future can be a costly and difficult exercise.

    *Abstract since attributes like performance and reliability are not directly measurable by a user.

    Stimulus Response Measurement Environmental Context

    For applicable use cases: (*Adapted from S Carnegie Mellon University, 2000)

    1. Determine the Stimulus (temporal, external, or internal) that puts stress on the system. For example, a VPN-accessed hospital management system is used for nurses to login at 8am every weekday.
    2. Describe how the system should Respond to the stimulus. For example, the hospital management system should complete a nurse login under 10ms on initiation of the HTTPS request.
    3. Set a Measurement criteria for determining the success of the response to the stimulus. For example, the system should be able to successfully respond to 98% of the HTTPS requests the first time.
    4. Note the environmental context under which the stimulus occurs, including any unusual conditions in effect.
    • The hospital management system needs to respond in under 10ms under typical load or peak load?
    • What is the time variance of peak loads, for example, an e-commerce system during a Black Friday sale?
    • How big is the peak load?

    Info-Tech Insight

    Three out of four is bad. Don’t architect for normal situations because the solution will be fragile and prone to catastrophic failure under unexpected events.
    Read article: Retail sites crash under weight of online Black Friday shoppers.

    Discover and evaluate the qualitative attributes needed for use cases or user stories

    Deposit Loan Into Applicant’s Bank Account

    Assume analysis is being done for a to-be developed system.

    User Loan Applicant
    Expectations On login to the web system, should be able to see accurate bank balance after loan funds are deposited.
    User signs into the online portal and opens their account balance page.
    Expected Response From System System creates a connection to the data source and renders it on the screen in under 10ms.
    Measurement Under Normal Loads:
    • Response in 10ms or less
    • Data should not be stale
    Under Peak Loads:
    • Response in 15ms or less
    • Data should not be stale
    Quality Attribute Required Required Attribute # 1: Performance
    • Design Decision: Reduce latency by placing authorization components closer to user’s location.
    Required Attribute # 2: Data Reliability
    • Design Decision: Use event-driven ETL pipelines.
    Required Attribute # 3: Scalability
    • Design Decision: Following Principle # 4 of the CSA (JIT Architecture), delay decision until necessary.

    Use cases developed in Phase 1.2 should be used here. (Adapted from the ATAM Utility Tree Method for Quality Attribute Engineering)

    Reduce technical debt while you are at it

    Deposit Loan Into Applicant’s Bank Account

    Assume analysis is being done for a to-be developed system.

    UserLoan Applicant
    ExpectationsOn login to the web system, should be able to see accurate bank balance after loan funds are deposited.
    User signs into the online portal and opens their account balance page.
    Expected Response From SystemSystem creates a connection to the data source and renders it on the screen in under 10ms.
    MeasurementUnder Normal Loads:
    • Response in 10ms or less
    • Data should not be stale
    Under Peak Loads:
    • Response in 15ms or less
    • Data should not be stale
    Quality Attribute RequiredRequired Attribute # 1: Performance
    • Design Decision: Reduce latency by placing authorization components closer to user’s location.

    Required Attribute # 2: Data Reliability

    • Expected is 15ms or less under peak loads, but average latency is 21ms.
    • Design Decision: Use event-driven ETL pipelines.

    Required Attribute # 3: Scalability

    • Data should not be stale and should sync instantaneously, but in some zip codes data synchronization is taking 8 hours.
    • Design Decision: Investigate integrations and flows across application, database, and infrastructure. (Note: A dedicated section for discussing scalability is presented in Phase 2.)

    1.3 Create a conceptual map between the value streams, use cases, and required architectural attributes

    1. For selected use cases completed in Phase 1.2:
    • Map the value stream to its associated use cases.
    • For each use case, list the required architectural quality attributes.

    Download the Solution Architecture Template for mapping value stream components to their required architectural attribute.

    Input

    • Use Cases
    • User Roles
    • Stimulus to System
    • Response From System
    • Response Measurement

    Output

    • List of Architectural Quality Attributes

    Materials

    • Whiteboard/Flip Charts

    Participants

    • Business Architect
    • Application Architect
    • Integration Architect
    • Database Architect
    • Infrastructure Architect

    Example for Phase 1.3

    Loan Provision

    Loan Application → Disbursement of Funds → Risk Management → Service Accounts

    Value Stream Component Use Case Required Architectural Attribute
    Loan Application UC1: Submit Loan Application
    UC2: Review Loan Application
    UC3: Approve Loan Application
    UCn: ……..
    UC1: Resilience, Data Reliability
    UC2: Data Reliability
    UC3: Scalability, Security, Performance
    UCn: …..
    Disbursement of Funds UC1: Deposit Funds Into Applicant’s Bank Account
    UCn: ……..
    UC1: Performance, Scalability, Data Reliability
    Risk Management ….. …..
    Service Accounts ….. …..

    1.2 Document dynamic value stream maps

    1. Create value stream maps that support your business objectives.
    • The value stream maps could belong to existing or new business objectives.
  • For each value stream map:
    • Determine use case(s), the actors, and their expected activity.

    *Refer to the next slide for an example of a dynamic value stream map.

    Download the Solution Architecture Template for documentation of dynamic value stream map

    Input

    • Business Goals
    • Some or All Existing Business Processes
    • Some or All Proposed New Business Processes

    Output

    • Dynamic Value Stream Maps for Multiple Use Roles and Use Cases

    Materials

    • Whiteboard/Flip Charts

    Participants

    • Business Architect
    • Product Owner
    • Application Architect
    • Integration Architect

    Example: Dynamic value stream map

    Loan Provision*

    *Value Stream Name: Usually has the same name as the capability it illustrates.

    Loan Application**; Disbursement of Fund**; Risk Management**; Service Accounts**

    **Value Stream Components: Specific functions that support the successful delivery of a value stream.

    Disbursement of Funds

    This image shows the relationship between depositing the load into the applicant's bank account, and the Applicant's bank, the Loan Applicant, and the Loan Supplier.

    Style #1:

    The use case Disbursement of Funds has three actors:

    1. A Loan Applicant who applied for a loan and got approved for one.
    2. A Loan Supplier who is the source for the funds.
    3. The Applicant’s Bank that has an account into which the funds are deposited.

    Style # 2:

    Loan Provision: Disbursement of Funds
    Use Case Actors Expectation
    Deposit Loan Into Applicant’s Bank Account
    1. Loan Applicant
    2. Loan Supplier
    3. Applicant’s Bank
    1. Should be able to see deposit in bank account
    2. Deposit funds into account
    3. Accept funds into account

    Mid-Phase 1 Checkpoint

    By now, the following items are ideally completed:

    • Mid-Phase 1 Checkpoint

    Start with an investigation of your architecture’s qualitative needs

    Quality attributes can be viewed as the -ilities (e.g. scalability, usability, reliability) that a software system needs to provide. A system not meeting any of its quality attribute requirements will likely not function as required. Examples of quality attributes are:

    1. Slow system response time
    2. Security breaches that result in loss of personal data
    3. A product feature upgrade that is not compatible with previous versions
    Examples of Qualitative Attributes
    Performance Compatibility Usability Reliability Security Maintainability
    • Response Time
    • Resource Utilization
    • System Capacity
    • Interoperability
    • Accessibility
    • User Interface
    • Intuitiveness
    • Availability
    • Fault Tolerance
    • Recoverability
    • Integrity
    • Non-Repudiation
    • Modularity
    • Reusability
    • Modifiability
    • Testability

    Focus on quality attributes that are architecturally significant.

    • Not every system requires every quality attribute.
    • Pay attention to those attributes without which the solution will not be able to satisfy a user’s abstract* expectation.
    • This set can be considered Architecturally Significant Requirements (ASR). ASR concern scenarios have the most impact on the architecture of the software system.
    • ASR are fundamental needs of the system and changing them in the future can be a costly and difficult exercise.

    *Abstract since attributes like performance and reliability are not directly measurable by a user.

    Stimulus Response Measurement Environmental Context

    For applicable use cases: (*Adapted from S Carnegie Mellon University, 2000)

    1. Determine the Stimulus (temporal, external, or internal) that puts stress on the system. For example, a VPN-accessed hospital management system is used for nurses to login at 8am every weekday.
    2. Describe how the system should Respond to the stimulus. For example, the hospital management system should complete a nurse login under 10ms on initiation of the HTTPS request.
    3. Set a Measurement criteria for determining the success of the response to the stimulus. For example, the system should be able to successfully respond to 98% of the HTTPS requests the first time.
    4. Note the environmental context under which the stimulus occurs, including any unusual conditions in effect.
    • The hospital management system needs to respond in under 10ms under typical load or peak load?
    • What is the time variance of peak loads, for example, an e-commerce system during a Black Friday sale?
    • How big is the peak load?

    Info-Tech Insight

    Three out of four is bad. Don’t architect for normal situations because the solution will be fragile and prone to catastrophic failure under unexpected events.
    Read article: Retail sites crash under weight of online Black Friday shoppers.

    Discover and evaluate the qualitative attributes needed for use cases or user stories

    Deposit Loan Into Applicant’s Bank Account

    Assume analysis is being done for a to-be developed system.

    User Loan Applicant
    Expectations On login to the web system, should be able to see accurate bank balance after loan funds are deposited.
    User signs into the online portal and opens their account balance page.
    Expected Response From System System creates a connection to the data source and renders it on the screen in under 10ms.
    Measurement Under Normal Loads:
    • Response in 10ms or less
    • Data should not be stale
    Under Peak Loads:
    • Response in 15ms or less
    • Data should not be stale
    Quality Attribute Required Required Attribute # 1: Performance
    • Design Decision: Reduce latency by placing authorization components closer to user’s location.
    Required Attribute # 2: Data Reliability
    • Design Decision: Use event-driven ETL pipelines.
    Required Attribute # 3: Scalability
    • Design Decision: Following Principle # 4 of the CSA (JIT Architecture), delay decision until necessary.

    Use cases developed in Phase 1.2 should be used here. (Adapted from the ATAM Utility Tree Method for Quality Attribute Engineering)

    Reduce technical debt while you are at it

    Deposit Loan Into Applicant’s Bank Account

    Assume analysis is being done for a to-be developed system.

    UserLoan Applicant
    ExpectationsOn login to the web system, should be able to see accurate bank balance after loan funds are deposited.
    User signs into the online portal and opens their account balance page.
    Expected Response From SystemSystem creates a connection to the data source and renders it on the screen in under 10ms.
    MeasurementUnder Normal Loads:
    • Response in 10ms or less
    • Data should not be stale
    Under Peak Loads:
    • Response in 15ms or less
    • Data should not be stale
    Quality Attribute RequiredRequired Attribute # 1: Performance
    • Design Decision: Reduce latency by placing authorization components closer to user’s location.

    Required Attribute # 2: Data Reliability

    • Expected is 15ms or less under peak loads, but average latency is 21ms.
    • Design Decision: Use event-driven ETL pipelines.

    Required Attribute # 3: Scalability

    • Data should not be stale and should sync instantaneously, but in some zip codes data synchronization is taking 8 hours.
    • Design Decision: Investigate integrations and flows across application, database, and infrastructure. (Note: A dedicated section for discussing scalability is presented in Phase 2.)

    1.3 Create a conceptual map between the value streams, use cases, and required architectural attributes

    1. For selected use cases completed in Phase 1.2:
    • Map the value stream to its associated use cases.
    • For each use case, list the required architectural quality attributes.

    Download the Solution Architecture Template for mapping value stream components to their required architectural attribute.

    Input

    • Use Cases
    • User Roles
    • Stimulus to System
    • Response From System
    • Response Measurement

    Output

    • List of Architectural Quality Attributes

    Materials

    • Whiteboard/Flip Charts

    Participants

    • Business Architect
    • Application Architect
    • Integration Architect
    • Database Architect
    • Infrastructure Architect

    Prioritize architectural quality attributes to ensure a right-engineered solution

    Trade-offs are inherent in solution architecture. Scaling systems may impact performance and weaken security, while fault-tolerance and redundancy may improve availability but at higher than desired costs. In the end, the best solution is not always perfect, but balanced and right-engineered (versus over- or under-engineered).

    Loan Provision

    Loan Application → Disbursement of Funds → Risk Management → Service Accounts

    1. Map architecture attributes against the value stream components.
    • Use individual use cases to determine which attributes are needed for a value stream component.
    This image contains a screenshot of the table showing the importance of scalability, resiliance, performance, security, and data reliability for loan application, disbursement of funds, risk management, and service accounts.

    In our example, the prioritized list of architectural attributes are:

    • Security (4 votes for Very Important)
    • Data Reliability (2 votes for Very Important)
    • Scalability (1 vote for Very Important and 1 vote for Fairly Important) and finally
    • Resilience (1 vote for Very Important, 0 votes for Fairly Important and 1 vote for Mildly Important)
    • Performance (0 votes for Very Important, 2 votes for Fairly Important)

    1.4 Create a prioritized list of architectural attributes (from 1.3)

    1. Using the tabular structure shown on the previous slide:
    • Map each value stream component against architectural quality attributes.
    • For each mapping, indicate its importance using the green, blue, and yellow color scheme.

    Download the Solution Architecture Template and document the list of architectural attributes by priority.

    Input

    • List of Architectural Attributes From 1.3

    Output

    • Prioritized List of Architectural Attributes

    Materials

    • Whiteboard/Flip Charts

    Participants

    • Business Architect
    • Application Architect
    • Integration Architect
    • Database Architect
    • Infrastructure Architect

    End of Phase 1

    At the end of this Phase, you should have completed the following activities:

    • Documented a set of dynamic value stream maps along with selected use cases.
    • Using the SRME framework, identified quality attributes for the system under investigation.
    • Prioritized quality attributes for system use cases.

    Phase 2: Multi-Purpose Data and Security Architecture

    Phase 1

    1.1 Articulate an Architectural Vision
    1.2 Develop Dynamic Value Stream Maps
    1.3 Map Value Streams, Use Cases, and Required Architectural Attributes
    1.4 Create a Prioritized List of Architectural Attributes

    Phase 2

    2.1 Develop a Data Architecture That Supports Transactional and Analytical Needs
    2.2 Document Security Architecture Risks and Mitigations

    Phase 3

    3.1 Document Scalability Architecture
    3.2 Document Performance Enhancing Architecture
    3.3 Combine the Different Architecture Design Decisions Into a Unified Solution Architecture

    This phase will walk you through the following activities:

    • Understand the scalability, performance, resilience, and security needs of the business.

    This phase involves the following participants:

    • Business Architect
    • Product Owner
    • Application Architect
    • Integration Architect
    • Database Architect
    • Enterprise Architect

    Enhance Your Solution Architecture Practice

    Fragmented data environments need something to sew them together

    • A full 93% of enterprises have a multi-cloud strategy, with 87% having a hybrid-cloud environment in place.
    • On average, companies have data stored in 2.2 public and 2.2 private clouds as well as in various on-premises data repositories.
    This image contains a breakdown of the cloud infrastructure, including single cloud versus multi-cloud.

    Source: Flexera

    In addition, companies are faced with:

    • Access and integration challenges (Who is sending the data? Who is getting it? Can we trust them?)
    • Data format challenges as data may differ for each consumer and sender of data
    • Infrastructure challenges as data repositories/processors are spread out over public and private clouds, are on premises, or in multi-cloud and hybrid ecosystems
    • Structured vs. unstructured data

    A robust and reliable integrated data architecture is essential for any organization that aspires to be relevant and impactful in its industry.

    Data’s context and influence on a solution’s architecture cannot be overestimated

    Data used to be the new oil. Now it’s the life force of any organization that has serious aspirations of providing profit-generating products and services to customers. Architectural decisions about managing data have a significant impact on the sustainability of a software system as well as on quality attributes such as security, scalability, performance, and availability.

    Storage and Processing go hand in hand and are the mainstay of any data architecture. Due to their central position of importance, an architecture decision for storage and processing must be well thought through or they become the bottleneck in an otherwise sound system.

    Ingestion refers to a system’s ability to accept data as an input from heterogenous sources, in different formats, and at different intervals.

    Dissemination is the set of architectural design decisions that make a system’s data accessible to external consumers. Major concerns involve security for the data in motion, authorization, data format, concurrent requests for data, etc.

    Orchestration takes care of ensuring data is current and reliable, especially for systems that are decentralized and distributed.

    Data architecture requires alignment with a hybrid data management plan

    Most companies have a combination of data. They have data they own using on-premises data sources and on the cloud. Hybrid data management also includes external data, such as social network feeds, financial data, and legal information amongst many others.

    Data integration architectures have typically been put in one of two major integration patterns:

    Application to Application Integration (or “speed matters”) Analytical Data Integrations (or “send it to me when its all done”)
    • This domain is concerned with ensuring communication between processes.
    • Examples include patterns such as Service-Oriented Architecture, REST, Event Hubs and Enterprise Service Buses.
    • This domain is focused on integrating data from transactional processes towards enterprise business intelligence. It supports activities that require well-managed data to generate evidence-based insights.
    • Examples of this pattern are ELT, enterprise data warehouses, and data marts.

    Sidebar

    Difference between real-time, batch, and streaming data movements

    Real-Time

    • Reacts to data in seconds or even quicker.
    • Real-time systems are hard to implement.

    Batch

    • Batch processing deals with a large volume of data all at once and data-related jobs are typically completed simultaneously in non-stop, sequential order.
    • Batch processing is an efficient and low-cost means of data processing.
    • Execution of batch processing jobs can be controlled manually, providing further control over how the system treats its data assets.
    • Batch processing is only useful if there are no requirements for data to be fresh and current. Real-time systems are suited to processing data that requires these attributes.

    Streaming

    • Stream processing allows almost instantaneous analysis of data as it streams from one device to another.
    • Since data is analyzed quickly, storage may not be a concern (since only computed data is stored while raw data can be dispersed).
    • Streaming requires the flow of data into the system to equal the flow of data computing, otherwise issues of data storage and performance can rise.

    Modern data ingestion and dissemination frameworks keep core data assets current and accessible

    Data ingestion and dissemination frameworks are critical for keeping enterprise data current and relevant.

    Data ingestion/dissemination frameworks capture/share data from/to multiple data sources.

    Factors to consider when designing a data ingestion/dissemination architecture

    What is the mode for data movement?

    • The mode for data movement is directly influenced by the size of data being moved and the downstream requirements for data currency.
    • Data can move in real-time, as a batch, or as a stream.

    What is the ingestion/dissemination architecture deployment strategy?

    • Outside of critical security concerns, hosting on the cloud vs. on premises leads to a lower total cost of ownership (TCO) and a higher return on investment (ROI).

    How many different and disparate data sources are sending/receiving data?

    • Stability comes if there is a good idea about the data sources/recipient and their requirements.

    What are the different formats flowing through?

    • Is the data in the form of data blocks? Is it structured, semi-unstructured, or unstructured?

    What are expected performance SLAs as data flow rate changes?

    • Data change rate is defined as the size of changes occurring every hour. It helps in selecting the appropriate tool for data movement.
    • Performance is a derivative of latency and throughput, and therefore, data on a cloud is going to have higher latency and lower throughput then if it is kept on premises.
    • What is the transfer data size? Are there any file compression and/or file splits applied on the data? What is the average and maximum size of a block object per ingestion/dissemination operation?

    What are the security requirements for the data being stored?

    • The ingestion/dissemination framework should be able to work through a secure tunnel to collect/share data if needed.

    Sensible storage and processing strategy can improve performance and scalability and be cost-effective

    The range of options for data storage is staggering...

    … but that’s a good thing because the range of data formats that organizations must deal with is also richer than in the past.

    Different strokes for different workloads.

    The data processing tool to use may depend upon the workloads the system has to manage.

    Expanding upon the Risk Management use case (as part of the Loan Provision Capability), one of the outputs for risk assessment is a report that conducts a statistical analysis of customer profiles and separates those that are possibly risky. The data for this report is spread out across different data systems and will need to be collected in a master data management storage location. The business and data architecture team have discussed three critical system needs, noted below:

    Data Management Requirements for Risk Management Reporting Data Design Decision
    Needs to query millions of relational records quickly
    • Strong indexing
    • Strong caching
    • Message queue
    Needs a storage space for later retrieval of relational data
    • Data storage that scales as needed
    Needs turnkey geo-replication mechanism with document retrieval in milliseconds
    • Add NoSQL with geo-replication and quick document access

    Keep every core data source on the same page through orchestration

    Data orchestration, at its simplest, is the combination of data integration, data processing, and data concurrency management.

    Data pipeline orchestration is a cross-cutting process that manages the dependencies between your data integration tasks and scheduled data jobs.

    A task or application may periodically fail, and therefore, as a part of our data architecture strategy, there must be provisions for scheduling, rescheduling, replaying, monitoring, retrying, and debugging the entire data pipeline in a holistic way.

    Some of the functionality provided by orchestration frameworks are:

    • Job scheduling
    • Job parametrization
    • SLAs tracking, alerting, and notification
    • Dependency management
    • Error management and retries
    • History and audit
    • Data storage for metadata
    • Log aggregation
    Data Orchestration Has Three Stages
    Organize Transform Publicize
    Organizations may have legacy data that needs to be combined with new data. It’s important for the orchestration tool to understand the data it deals with. Transform the data from different sources into one standard type. Make transformed data easily accessible to stakeholders.

    2.1 Discuss and document data architecture decisions

    1. Using the value maps and associated use cases from Phase 1, determine the data system quality attributes.
    2. Use the sample tabular layout on the next slide or develop one of your own.

    Download the Solution Architecture Template for documenting data architecture decisions.

    Input

    • Value Maps and Use Cases

    Output

    • Initial Set of Data Design Decisions

    Materials

    • Whiteboard/Flip Charts

    Participants

    • Business Architect
    • Application Architect
    • Integration Architect
    • Database Architect
    • Infrastructure Architect

    Example: Data Architecture

    Data Management Requirements for Risk Management Reporting Data Design Decision
    Needs to query millions of relational records quickly
    • Strong indexing
    • Strong caching
    • Message queue
    Needs a storage space for later retrieval of relational data
    • Data storage that scales as needed
    Needs turnkey geo-replication mechanism with document retrieval in milliseconds
    • Add NoSQL with geo-replication and quick document access

    There is no free lunch when making the most sensible security architecture decision; tradeoffs are a necessity

    Ensuring that any real system is secure is a complex process involving tradeoffs against other important quality attributes (such as performance and usability). When architecting a system, we must understand:

    • Its security needs.
    • Its security threat landscape.
    • Known mitigations for those threats to ensure that we create a system with sound security fundamentals.

    The first thing to do when determining security architecture is to conduct a threat and risk assessment (TRA).

    This image contains a sample threat and risk assessment. The steps are Understand: Until we thoroughly understand what we are building, we cannot secure it. Structure what you are building, including: System boundary, System structure, Databases, Deployment platform; Analyze: Use techniques like STRIDE and attack trees to analyze what can go wrong and what security problems this will cause; Mitigate: The security technologies to use, to mitigate your concerns, are discussed here. Decisions about using single sign-on (SSO) or role-based access control (RBAC), encryption, digital signatures, or JWT tokens are made. An important part of this step is to consider tradeoffs when implementing security mechanisms; validate: Validation can be done by experimenting with proposed mitigations, peer discussion, or expert interviews.

    Related Research

    Optimize Security Mitigation Effectiveness Using STRIDE

    • Have a clear picture of:
      • Critical data and data flows
      • Organizational threat exposure
      • Security countermeasure deployment and coverage
    • Understand which threats are appropriately mitigated and which are not.
    • Generate a list of initiatives to close security gaps.
    • Create a quantified risk and security model to reassess program and track improvement.
    • Develop measurable information to present to stakeholders.

    The 3A’s of strong security: authentication, authorization, and auditing

    Authentication

    Authentication mechanisms help systems verify that a user is who they claim to be.

    Examples of authentication mechanisms are:

    • Two-Factor Authentication
    • Single Sign-On
    • Multi-Factor Authentication
    • JWT Over OAUTH

    Authorization

    Authorization helps systems limit access to allowed features, once a user has been authenticated.

    Examples of authentication mechanisms are:

    • RBAC
    • Certificate Based
    • Token Based

    Auditing

    Securely recording security events through auditing proves that our security mechanisms are working as intended.

    Auditing is a function where security teams must collaborate with software engineers early and often to ensure the right kind of audit logs are being captured and recorded.

    Info-Tech Insight

    Defects in your application software can compromise privacy and integrity even if cryptographic controls are in place. A security architecture made after thorough TRA does not override security risk introduced due to irresponsible software design.

    Examples of threat and risk assessments using STRIDE and attack trees

    STRIDE is a threat modeling framework and is composed of:

    • Spoofing or impersonation of someone other than oneself
    • Tampering with data and destroying its integrity
    • Repudiation by bypassing system identity controls
    • Information disclosure to unauthorized persons
    • Denial of service that prevents system or parts of it from being used
    • Elevation of privilege so that attackers get rights they should not have
    Example of using STRIDE for a TRA on a solution using a payment system This image contains a sample attack tree.
    Spoofing PayPal Bad actor can send fraudulent payment request for obtaining funds.
    Tampering PayPal Bad actor accesses data base and can resend fraudulent payment request for obtaining funds.
    Repudiation PayPal Customer claims, incorrectly, their account made a payment they did not authorize.
    Disclosure PayPal Private service database has details leaked and made public.
    Denial of Service PayPal Service is made to slow down through creating a load on the network, causing massive build up of requests
    Elevation of Privilege PayPal Bad actor attempts to enter someone else’s account by entering incorrect password a number of times.

    2.2 Document security architecture risks and mitigations

    1. Using STRIDE, attack tree, or any other framework of choice:
    • Conduct a TRA for use cases identified in Phase 1.2
  • For each threat identified through the TRA, think through the implications of using authentication, authorization, and auditing as a security mechanism.
  • Download the Solution Architecture Template for documenting data architecture decisions.

    Input

    • Dynamic Value Stream Maps

    Output

    • Security Architecture Risks and Mitigations

    Materials

    • Whiteboard/Flip Charts

    Participants

    • Business Architect
    • Product Owner
    • Security Team
    • Application Architect
    • Integration Architect

    Examples of threat and risk assessments using STRIDE

    Example of using STRIDE for a TRA on a solution using a payment system
    Threat System Component Description Quality Attribute Impacted Resolution
    Spoofing PayPal Bad actor can send fraudulent payment request for obtaining funds. Confidentiality Authorization
    Tampering PayPal Bad actor accesses data base and can resend fraudulent payment request for obtaining funds. Integrity Authorization
    Repudiation PayPal Customer claims, incorrectly, their account made a payment they did not authorize. Integrity Authentication and Logging
    Disclosure PayPal Private service database has details leaked and made public. Confidentiality Authorization
    Denial of Service PayPal Service is made to slow down through creating a load on the network, causing massive build up of requests Availability N/A
    Elevation of Privilege PayPal Bad actor attempts to enter someone else’s account by entering incorrect password a number of times. Confidentiality, Integrity, and Availability Authorization

    Phase 3: Upgrade Your System’s Availability

    Phase 1

    1.1 Articulate an Architectural Vision
    1.2 Develop Dynamic Value Stream Maps
    1.3 Map Value Streams, Use Cases, and Required Architectural Attributes
    1.4 Create a Prioritized List of Architectural Attributes

    Phase 2

    2.1 Develop a Data Architecture That Supports Transactional and Analytical Needs
    2.2 Document Security Architecture Risks and Mitigations

    Phase 3

    3.1 Document Scalability Architecture
    3.2 Document Performance Enhancing Architecture
    3.3 Combine the Different Architecture Design Decisions Into a Unified Solution Architecture

    This phase will walk you through the following activities:

    • Examine architecture for scalable and performant system designs
    • Integrate all design decisions made so far into a solution design decision log

    This phase involves the following participants:

    • Business Architect
    • Product Owner
    • Application Architect
    • Integration Architect
    • Database Architect
    • Enterprise Architect

    Enhance Your Solution Architecture Practice

    In a cloud-inspired system architecture, scalability takes center stage as an architectural concern

    Scale and scope of workloads are more important now than they were, perhaps, a decade and half back. Architects realize that scalability is not an afterthought. Not dealing with it at the outset can have serious consequences should an application workload suddenly exceed expectations.

    Scalability is …

    … the ability of a system to handle varying workloads by either increasing or decreasing the computing resources of the system.

    An increased workload could include:

    • Higher transaction volumes
    • A greater number of users

    Architecting for scalability is …

    … not easy since organizations may not be able to accurately judge, outside of known circumstances, when and why workloads may unexpectedly increase.

    A scalable architecture should be planned at the:

    • Application Level
    • Infrastructure Level
    • Database Level

    The right amount and kind of scalability is …

    … balancing the demands of the system with the supply of attributes.

    If demand from system > supply from system:

    • Services and products are not useable and deny value to customers.

    If supply from system > demand from system:

    • Excess resources have been paid for that are not being used.

    When discussing the scalability needs of a system, investigate the following, at a minimum:

    • In case workloads increase due to higher transaction volumes, will the system be able to cope with the additional stress?
    • In situations where workloads increase, will the system be able to support the additional stress without any major modifications being made to the system?
    • Is the cost associated with handling the increased workloads reasonable for the benefit it provides to the business?
    • Assuming the system doesn’t scale, is there any mechanism for graceful degradation?

    Use evidence-based decision making to ensure a cost-effective yet appropriate scaling strategy

    The best input for an effective scaling strategy is previously gathered traffic data mapped to specific circumstances.

    In some cases, either due to lack of monitoring or the business not being sure of its needs, scalability requirements are hard to determine. In such cases, use stated tactical business objectives to design for scalability. For example, the business might state its desire to achieve a target revenue goal. To accommodate this, a certain number of transactions would need to be conducted, assuming a particular conversion rate.

    Scaling strategies can be based on Vertical or Horizontal expansion of resources.
    Pros Cons
    Vertical
    Scale up through use of more powerful but limited number of resources
    • May not require frequent upgrades.
    • Since data is managed through a limited number of resources, it is easier to share and keep current.
    • Costly upfront.
    • Application, database, and infrastructure may not be able to make optimal use of extra processing power.
    • As the new, more powerful resource is provisioned, systems may experience downtime.
    • Lacks redundancy due to limited points of failure.
    • Performance is constrained by the upper limits of the infrastructure involved.
    Horizontal
    Scale out through use of similarly powered but larger quantity of resources
    • Cost-effective upfront.
    • System downtime is minimal, when scaling is being performed.
    • More redundance and fault-tolerance is possible since there are many nodes involved, and therefore, can replace failed nodes.
    • Performance can scale out as more nodes are added.
    • Upgrades may occur more often than in vertical scaling.
    • Increases machine footprints and administrative costs over time.
    • Data may be partitioned on multiple nodes, leading to administrative and data currency challenges.

    Info-Tech Insight

    • Scalability is the one attribute that sparks a lot of trade-off discussions. Scalable solutions may have to compromise on performance, cost, and data reliability.
    • Horizontal scalability is mostly always preferable over vertical scalability.

    Sidebar

    The many flavors of horizontal scaling

    Traffic Shard-ing

    Through this mechanism, incoming traffic is partitioned around a characteristic of the workload flowing in. Examples of partitioning characteristics are user groups, geo-location, and transaction type.

    Beware of:

    • Lack of data currency across shards.

    Copy and Paste

    As the name suggests, clone the compute resources along with the underlying databases. The systems will use a load balancer as the first point of contact between itself and the workload flowing in.

    Beware of:

    • Though this is a highly scalable model, it does introduce risks related to data currency across all databases.
    • In case master database writes are frequent, it could become a bottleneck for the entire system.

    Productization Through Containers

    This involves breaking up the system into specific functions and services and bundling their business rules/databases into deployable containers.

    Beware of:

    • Too many containers introduce the need to orchestrate the distributed architecture that results from a service-oriented approach.

    Start a scalability overview with a look at the database(s)

    To know where to go, you must know where you are. Before introducing architectural changes to database designs, use the right metrics to get an insight into the root cause of the problem(s).

    In a nutshell, the purpose of scaling solutions is to have the technology stack do less work for the most requested services/features or be able to effectively distribute the additional workload across multiple resources.

    For databases, to ensure this happens, consider these techniques:

    • Reuse data through caching on the server and/or the client. This eliminates the need for looking up already accessed data. Examples of caching are:
      • In-memory caching of data
      • Caching database queries
    • Implement good data retrieval techniques like indexes.
    • Divide labor at the database level.
      • Through setting up primary-secondary distribution of data. In such a setup, the primary node is involved in writing data to itself and passes on requests to secondary nodes for fulfillment.
      • Through setting up database shards (either horizontally or vertically).
        • In a horizontal shard, a data table is broken into smaller pieces with the same data model but unique data in it. The sum total of the shared databases contains all the data in the primary data table.
        • In a vertical shard, a data table is broken into smaller pieces, but each piece may have a subset of the data columns. The data’s corresponding columns are put into the table where the column resides.

    Info-Tech Insight

    A non-scalable architecture has more than just technology-related ramifications. Hoping that load balancers or cloud services will manage scalability-related issues is bound to have economic impacts as well.

    Sidebar

    Caching Options

    CSA PRINCIPLE 5 applies to any decision that supports system scalability.
    “X-ilities Over Features”

    Database Caching
    Fetches and stores result of database queries in memory. Subsequent requests to the database for the same queries will investigate the cache before making a connection with the database.
    Tools like Memcached or Redis are used for database caching.

    Precompute Database Caching
    Unlike database caching, this style of caching precomputes results of queries that are popular and frequently used. For example, a database trigger could execute several predetermined queries and have them ready for consumption. The precomputed results may be stored in a database cache.

    Application Object Caching
    Stores computed results in a cache for later retrieval. For data sources, which are not changing frequently and are part of a computation output, application caching will remove the need to connect with a database.

    Proxy Caching
    Caches retrieved web pages on a proxy server and makes them available for the next time the page is requested.

    The intra- and inter-process communication of the systems middle tier can become a bottleneck

    To synchronize or not to synchronize?

    A synchronous request (doing one thing at a time) means that code execution will wait for the request to be responded to before continuing.

    • A synchronous request is a blocking event and until it is completed, all following requests will have to wait for getting their responses.
    • An increasing workload on a synchronous system may impact performance.
    • Synchronous interactions are less costly in terms of design, implementation, and maintenance.
    • Scaling options include:
    1. Vertical scale up
    2. Horizontal scale out of application servers behind a load balancer and a caching technique (to minimize data retrieval roundtrips)
    3. Horizonal scale out of database servers with data partitioning and/or data caching technique

    Use synchronous requests when…

    • Each request to a system sets the necessary precondition for a following request.
    • Data reliability is important, especially in real-time systems.
    • System flows are simple.
    • Tasks that are typically time consuming, such as I/O, data access, pre-loading of assets, are completed quickly.

    Asynchronous requests (doing many things at the same time) do not block the system they are targeting.

    • It is a “fire and forget” mechanism.
    • Execution on a server/processor is triggered by the request, however, additional technical components (callbacks) for checking the state of the execution must be designed and implemented.
    • Asynchronous interactions require additional time to be spent on implementation and testing.
    • With asynchronous interactions, there is no guarantee the request initiated any processing until the callbacks check the status of the executed thread.

    Use asynchronous requests when…

    • Tasks are independent in nature and don’t require inter-task communication.
    • Systems flows need to be efficient.
    • The system is using event-driven techniques for processing.
    • Many I/O tasks are involved.
    • The tasks are long running.

    Sidebar

    Other architectural tactics for inter-process communication

    STATELESS SERVICES VERSUS STATEFUL SERVICES
    • Does not require any additional data, apart from the bits sent through with the request.
    • Without implementing a caching solution, it is impossible to access the previous data trail for a transaction session.
    • In addition to the data sent through with the request, require previous data sent to complete processing.
    • Requires server memory to store the additional state data. With increasing workloads, this could start impacting the server’s performance.
    It is generally accepted that stateless services are better for system scalability, especially if vertical scaling is costly and there is expectation that workloads will increase.
    MICROSERVICES VERSUS SERVERLESS FUNCTIONS
    • Services are designed as small units of code with a single responsibility and are available on demand.
    • A microservices architecture is easily scaled horizontally by adding a load balancer and a caching mechanism.
    • Like microservices, these are small pieces of code designed to fulfill a single purpose.
    • Are provided only through cloud vendors, and therefore, there is no need to worry about provisioning of infrastructure as needs increase.
    • Stateless by design but the life cycle of a serverless function is vendor controlled.
    Serverless function is an evolving technology and tightly controlled by the vendor. As and when vendors make changes to their serverless products, your own systems may need to be modified to make the best use of these upgrades.

    A team that does not measure their system’s scalability is a team bound to get a 5xx HTTP response code

    A critical aspect of any system is its ability to monitor and report on its operational outcomes.

    • Using the principle of continuous testing, every time an architectural change is introduced, a thorough load and stress testing cycle should be executed.
    • Effective logging and use of insightful metrics helps system design teams make data-driven decisions.
    • Using principle of site reliability engineering and predictive analytics, teams can be prepared for any unplanned exaggerated stimulus on the system and proactively set up remedial steps.

    Any system, however well architected, will break one day. Strategically place kill-switches to counter any failures and thoroughly test their functioning before releasing to production.

    • Using Principles 2 and 9 of the CSA, (include kill-switches and architect for x-ilities over features), introduce tactics at the code and higher levels that can be used to put a system in its previous best state in case of failure.
    • Examples of such tactics are:
      • Feature flags for turning on/off code modules that impact x-ilities.
      • Implement design patterns like throttling, autoscaling, and circuit breaking.
      • Writing extensive log messages that bubble up as exceptions/error handling from the code base. *Logging can be a performance drag. Use with caution as even logging code is still code that needs CPU and data storage.

    Performance is a system’s ability to satisfy time-bound expectations

    Performance can also be defined as the ability for a system to achieve its timing requirements, using available resources, under expected full-peak load:

    (International Organization for Standardization, 2011)

    • Performance and scalability are two peas in a pod. They are related to each other but are distinct attributes. Where scalability refers to the ability of a system to initiate multiple simultaneous processes, performance is the system’s ability to complete the processes within a mandated average time period.
    • Degrading performance is one of the first red flags about a system’s ability to scale up to workload demands.
    • Mitigation tactics for performance are very similar to the tactics for scalability.

    System performance needs to be monitored and measured consistently.

    Measurement Category 1: System performance in terms of end-user experience during different load scenarios.

    • Response time/latency: Length of time it takes for an interaction with the system to complete.
    • Turnaround time: Time taken to complete a batch of tasks.
    • Throughput: Amount of workload a system is capable of handling in a unit time period.

    Measurement Category 2: System performance in terms of load managed by computational resources.

    • Resource utilization: The average usage of a resource (like CPU) over a period. Peaks and troughs indicate excess vs. normal load times.
    • Number of concurrent connections: Simultaneous user requests that a resource like a server can successfully deal with at once.
    • Queue time: The turnaround time for a specific interaction or category of interactions to complete.

    Architectural tactics for performance management are the same as those used for system scalability

    Application Layer

    • Using a balanced approach that combines CSA Principle 7 (Good architecture comes in small packages) and Principle 10 (Architect for products, not projects), a microservices architecture based on domain-driven design helps process performance. Microservices use lightweight HTTP protocols and have loose coupling, adding a degree of resilience to the system as well. *An overly-engineered microservices architecture can become an orchestration challenge.
    • The code design must follow standards that support performance. Example of standards is SOLID*.
    • Serverless architectures can run application code from anywhere – for example, from edge servers close to an end user – thereby reducing latency.

    Database Layer

    • Using the right database technologies for persistence. Relational databases have implicit performance bottlenecks (which get exaggerated as data size grows along with indexes), and document store database technologies (key-value or wide-column) can improve performance in high-read environments.
    • Data sources, especially those that are frequently accessed, should ideally be located close to the application servers. Hybrid infrastructures (cloud and on premises mixed) can lead to latency when a cloud-application is accessing on-premises data.
    • Using a data partitioning strategy, especially in a domain-driven design architecture, can improve the performance of a system.

    Performance modeling and continuous testing makes the SRE a happy engineer

    Performance modeling and testing helps architecture teams predict performance risks as the solution is being developed.
    (CSA Principle 12: Test the solution architecture like you test your solution’s features)

    Create a model for your system’s hypothetical performance testing by breaking an end-to-end process or use case into its components. *Use the SIPOC framework for decomposition.

    This image contains an example of modeled performance, showing the latency in the data flowing from different data sources to the processing of the data.

    In the hypothetical example of modeled performance above:

    • The longest period of latency is 15ms.
    • The processing of data takes 30ms, while the baseline was established at 25ms.
    • Average latency in sending back user responses is 21ms – 13ms slower than expected.

    The model helps architects:

    • Get evidence for their assumptions
    • Quantitatively isolate bottlenecks at a granular level

    Model the performance flow once but test it periodically

    Performance testing measures the performance of a software system under normal and abnormal loads.

    Performance testing process should be fully integrated with software development activities and as automated as possible. In a fast-moving Agile environment, teams should attempt to:

    • Shift-left performance testing activities.
    • Use performance testing to pinpoint performance bottlenecks.
    • Take corrective action, as quickly as possible.

    Performance testing techniques

    • Normal load testing: Verifies the system’s behavior under the expected normal load to ensure that its performance requirements are met. Load testing can be used to measure response time, responsiveness, turnaround time, and throughput.
    • Expected maximum load testing: Like the normal load testing process, ensures system meets its performance requirements under expected maximum load.
    • Stress testing: Evaluates system behavior when processing loads beyond the expected maximum.

    *In a real production scenario, a combination of these tests are executed on a regular basis to monitor the performance of the system over a given period.

    3.1-3.2 Discuss and document initial decisions made for architecture scalability and performance

    1. Use the outcomes from either or both Phases 1.3 and 1.4.
    • For each value stream component, list the architecture decisions taken to ensure scalability and performance at client-facing and/or business-rule layers.

    Download the Solution Architecture Template for documenting data architecture decisions.

    Input

    • Output From Phase 1.3 and/or From Phase 1.4

    Output

    • Initial Set of Design Decisions Made for System Scalability and Performance

    Materials

    • Whiteboard/Flip Charts

    Participants

    • Business Architect
    • Application Architect
    • Integration Architect
    • Database Architect
    • Infrastructure Architect

    Example: Architecture decisions for scalability and performance

    Value Stream Component Design Decision for User Interface Layer Design Decisions for Middle Processing Layer
    Loan Application Scalability: N/A
    Resilience: Include circuit breaker design in both mobile app and responsive websites.
    Performance: Cache data client.
    Scalability: Scale vertically (up) since loan application processing is very compute intensive.
    Resilience: Set up fail-over replica.
    Performance: Keep servers in the same geo-area.
    Disbursement of Funds *Does not have a user interface Scalability: Scale horizontal when traffic reaches X requests/second.
    Resilience: Create microservices using domain-driven design; include circuit breakers.
    Performance: Set up application cache; synchronous communication since order of data input is important.
    …. …. ….

    3.3 Combine the different architecture design decisions into a unified solution architecture

    Download the Solution Architecture Template for documenting data architecture decisions.

    Input

    • Output From Phase 1.3 and/or From Phase 1.4
    • Output From Phase 2.1
    • Output From Phase 2.2
    • Output From 3.1 and 3.2

    Output

    • List of Design Decisions for the Solution

    Materials

    • Whiteboard/Flip Charts

    Participants

    • Business Architect
    • Application Architect
    • Integration Architect
    • Database Architect
    • Infrastructure Architect

    Putting it all together is the bow that finally ties this gift

    This blueprint covered the domains tagged with the yellow star.

    This image contains a screenshot of the solution architecture framework found earlier in this blueprint, with stars next to Data Architecture, Security, Performance, and Stability.

    TRADEOFF ALERT

    The right design decision is never the same for all perspectives. Along with varying opinions, comes the “at odds with each other set” of needs (scalability vs. performance, or access vs. security).

    An evidence-based decision-making approach using a domain-driven design strategy is a good mix of techniques for creating the best (right?) solution architecture.

    This image contains a screenshot of a table that summarizes the themes discussed in this blueprint.

    Summary of accomplishment

    • Gained understanding and clarification of the stakeholder objectives placed on your application architecture.
    • Completed detailed use cases and persona-driven scenario analysis and their architectural needs through SRME.
    • Created a set of design decisions for data, security, scalability, and performance.
    • Merged the different architecture domains dealt with in this blueprint to create a holistic view.

    Bibliography

    Ambysoft Inc. “UML 2 Sequence Diagrams: An Agile Introduction.” Agile Modeling, n.d. Web.

    Bass, Len, Paul Clements, and Rick Kazman. Software Architecture in Practices: Third Edition. Pearson Education, Inc. 2003.

    Eeles, Peter. “The benefits of software architecting.” IBM: developerWorks, 15 May 2006. Web.

    Flexera 2020 State of the Cloud Report. Flexera, 2020. Web. 19 October 2021.

    Furdik, Karol, Gabriel Lukac, Tomas Sabol, and Peter Kostelnik. “The Network Architecture Designed for an Adaptable IoT-based Smart Office Solution.” International Journal of Computer Networks and Communications Security, November 2013. Web.

    Ganzinger, Matthias, and Petra Knaup. “Requirements for data integration platforms in biomedical research networks: a reference model.” PeerJ, 5 February 2015. (https://peerj.com/articles/755/).

    Garlan, David, and Mary Shaw. An Introduction to Software Architecture. CMU-CS-94-166, School of Computer Science Carnegie Mellon University, January 1994.

    Gupta, Arun. “Microservice Design Patterns.” Java Code Geeks, 14 April 2015. Web.

    How, Matt. The Modern Data Warehouse in Azure. O’Reilly, 2020.

    ISO/IEC 17788:2014: Information technology – Cloud computing, International Organization for Standardization, October 2014. Web.

    ISO/IEC 18384-1:2016: Information technology – Reference Architecture for Service Oriented Architecture (SOA RA), International Organization for Standardization, June 2016. Web.

    ISO/IEC 25010:2011(en) Systems and software engineering — Systems and software Quality Requirements and Evaluation (SQuaRE) — System and software quality models. International Organization for Standardization, March 2011. Web.

    Kazman, R., M. Klein, and P. Clements. ATAM: Method for Architecture Evaluation. S Carnegie Mellon University, August 2000. Web.

    Microsoft Developer Network. “Chapter 16: Quality Attributes.” Microsoft Application Architecture Guide. 2nd Ed., 13 January 2010. Web.

    Microsoft Developer Network. “Chapter 2: Key Principles of Software Architecture.” Microsoft Application Architecture Guide. 2nd Ed., 13 January 2010. Web.

    Microsoft Developer Network. “Chapter 3: Architectural Patterns and Styles.” Microsoft Application Architecture Guide. 2nd Ed., 14 January 2010. Web.

    Microsoft Developer Network. “Chapter 5: Layered Application Guidelines.” Microsoft Application Architecture Guide. 2nd Ed., 13 January 2010. Web.

    Mirakhorli, Mehdi. “Common Architecture Weakness Enumeration (CAWE).” IEEE Software, 2016. Web.

    Moore, G. A. Crossing the Chasm, 3rd Edition: Marketing and Selling Disruptive Products to Mainstream Customers (Collins Business Essentials) (3rd ed.). Harper Business, 2014.

    OASIS. “Oasis SOA Reference Model (SOA RM) TC.” OASIS Open, n.d. Web.

    Soni, Mukesh. “Defect Prevention: Reducing Costs and Enhancing Quality.” iSixSigma, n.d. Web.

    The Open Group. TOGAF 8.1.1 Online, Part IV: Resource Base, Developing Architecture Views. TOGAF, 2006. Web.

    The Open Group. Welcome to the TOGAF® Standard, Version 9.2, a standard of The Open Group. TOGAF, 2018. Web.

    Watts, S. “The importance of solid design principles.” BMC Blogs, 15 June 2020. 19 October 2021.

    Young, Charles. “Hexagonal Architecture–The Great Reconciler?” Geeks with Blogs, 20 Dec 2014. Web.

    APPENDIX A

    Techniques to enhance application architecture.

    Consider the numerous solutions to address architecture issues or how they will impact your application architecture

    Many solutions exist for improving the layers of the application stack that may address architecture issues or impact your current architecture. Solutions range from capability changes to full stack replacement.

    Method Description Potential Benefits Risks Related Blueprints
    Business Capabilities:
    Enablement and enhancement
    • Introduce new business capabilities by leveraging unused application functionalities or consolidate redundant business capabilities.
    • Increase value delivery to stakeholders.
    • Lower IT costs through elimination of applications.
    • Increased use of an application could overload current infrastructure.
    • IT cannot authorize business capability changes.
    Use Info-Tech’s Document Your Business Architecture blueprint to gain better understanding of business and IT alignment.
    Removal
    • Remove existing business capabilities that don’t contribute value to the business.
    • Lower operational costs through elimination of unused and irrelevant capabilities.
    • Business capabilities may be seen as relevant or critical by different stakeholder groups.
    • IT cannot authorize business capability changes.
    Use Info-Tech’s Build an Application Rationalization Framework to rationalize your application portfolio.
    Business Process:
    Process integration and consolidation
    • Combine multiple business processes into a single process.
    • Improved utilization of applications in each step of the process.
    • Reduce business costs through efficient business processes.
    • Minimize number of applications required to execute a single process.
    • Significant business disruption if an application goes down and is the primary support for business processes.
    • Organizational pushback if process integration involves multiple business groups.
    Business Process (continued):
    Process automation
    • Automate manual business processing tasks.
    • Reduce manual processing errors.
    • Improve speed of delivery.
    • Significant costs to implement automation.
    • Automation payoffs are not immediate.
    Lean business processes
    • Eliminate redundant steps.
    • Streamline existing processes by focusing on value-driven steps.
    • Improve efficiency of business process through removal of wasteful steps.
    • Increase value delivered at the end of the process.
    • Stakeholder pushback from consistently changing processes.
    • Investment from business is required to fit documentation to the process.
    Outsource the process
    • Outsource a portion of or the entire business process to a third party.
    • Leverage unavailable resources and skills to execute the business process.
    • Loss of control over process.
    • Can be costly to bring the process back into the business if desired in the future.
    Business Process (continued):
    Standardization
    • Implement standards for business processes to improve uniformity and reusability.
    • Consistently apply the same process across multiple business units.
    • Transparency of what is expected from the process.
    • Improve predictability of process execution.
    • Process bottlenecks may occur if a single group is required to sign off on deliverables.
    • Lack of enforcement and maintenance of standards can lead to chaos if left unchecked.
    User Interface:
    Improve user experience (UX)
    • Eliminate end-user emotional, mechanical, and functional friction by improving the experience of using the application.
    • UX encompasses both the interface and the user’s behavior.
    • Increase satisfaction and adoption rate from end users.
    • Increase brand awareness and user retention.
    • UX optimizations are only focused on a few user personas.
    • Current development processes do not accommodate UX assessments
    Code:
    Update coding language
    Translate legacy code into modern coding language.
    • Coding errors in modern languages can have lesser impact on the business processes they support.
    • Modern languages tend to have larger pools of coders to hire.
    • Increase availability of tools to support modern languages.
    • Coding language changes can create incompatibilities with existing infrastructure.
    • Existing coding translation tools do not offer 100% guarantee of legacy function retention.
    Code (continued):
    Open source code
    • Download pre-built code freely available in open source communities.
    • Code is rapidly evolving in the community to meet current business needs.
    • Avoid vendor lock-in from proprietary software
    • Community rules may require divulgence of work done with open source code.
    • Support is primarily provided through community, which may not address specific concerns.
    Update the development toolchain
    • Acquire new or optimize development tools with increased testing, build, and deployment capabilities.
    • Increase developer productivity.
    • Increase speed of delivery and test coverage with automation.
    • Drastic IT overhauls required to implement new tools such as code conversion, data migration, and development process revisions.
    Update source code management
    • Optimize source code management to improve coding governance, versioning, and development collaboration.
    • Ability to easily roll back to previous build versions and promote code to other environments.
    • Enable multi-user development capabilities.
    • Improve conflict management.
    • Some source code management tools cannot support legacy code.
    • Source code management tools may be incompatible with existing development toolchain.
    Data:
    Outsource extraction
    • Outsource your data analysis and extraction to a third party.
    • Lower costs to extract and mine data.
    • Leverage unavailable resources and skills to translate mined data to a usable form.
    • Data security risks associated with off-location storage.
    • Data access and control risks associated with a third party.
    Update data structure
    • Update your data elements, types (e.g. transactional, big data), and formats (e.g. table columns).
    • Standardize on a common data definition throughout the entire organization.
    • Ease data cleansing, mining, analysis, extraction, and management activities.
    • New data structures may be incompatible with other applications.
    • Implementing data management improvements may be costly and difficult to acquire stakeholder buy-in.
    Update data mining and data warehousing tools
    • Optimize how data is extracted and stored.
    • Increase the speed and reliability of the data mined.
    • Perform complex analysis with modern data mining and data warehousing tools.
    • Data warehouses are regularly updated with the latest data.
    • Updating data mining and warehousing tools may create incompatibilities with existing infrastructure and data sets.
    Integration:
    Move from point-to-point to enterprise service bus (ESB)
    • Change your application integration approach from point-to-point to an ESB.
    • Increase the scalability of enterprise services by exposing applications to a centralized middleware.
    • Reduce the number of integration tests to complete with an ESB.
    • Single point of failure can cripple the entire system.
    • Security threats arising from centralized communication node.
    Leverage API integration
    • Leverage application programming interfaces (APIs) to integrate applications.
    • Quicker and more frequent transfers of lightweight data compared to extract, load, transfer (ETL) practices.
    • Increase integration opportunities with other modern applications and infrastructure (including mobile devices).
    • APIs are not as efficient as ETL when handling large data sets.
    • Changing APIs can break compatibility between applications if not versioned properly.

    Present Security to Executive Stakeholders

    • Buy Link or Shortcode: {j2store}262|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $2,000 Average $ Saved
    • member rating average days saved: 10 Average Days Saved
    • Parent Category Name: Governance, Risk & Compliance
    • Parent Category Link: /governance-risk-compliance
    • There is a disconnect between security leaders and executive stakeholders on what information is important to present.
    • Security leaders find it challenging to convey the necessary information to obtain support for security objectives.
    • Changes to the threat landscape and shifts in organizational goals exacerbate the issue, as they impact security leaders' ability to prioritize topics to be communicated.
    • Security leaders struggle to communicate the importance of security to a non-technical audience.

    Our Advice

    Critical Insight

    Security presentations are not a one-way street. The key to a successful executive security presentation is having a goal for the presentation and ensuring that you have met your goal.

    Impact and Result

    • Developing a thorough understanding of the security communication goals.
    • Understanding the importance of leveraging highly relevant and understandable data.
    • Developing and delivering presentations that will keep your audience engaged and build trust with your executive stakeholders.

    Present Security to Executive Stakeholders Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Present Security to Executive Stakeholders – A step-by-step guide to communicating security effectively to obtain support from decision makers.

    Use this as a guideline to assist you in presenting security to executive stakeholders.

    • Present Security to Executive Stakeholders Storyboard

    2. Security Presentation Templates – A set of security presentation templates to assist you in communicating security to executive stakeholders.

    The security presentation templates are a set of customizable templates for various types of security presentation including:

    • Present Security to Executive Stakeholders Templates

    Infographic

    Further reading

    Present Security to Executive Stakeholders

    Learn how to communicate security effectively to obtain support from decision makers.

    Analyst Perspective

    Build and deliver an effective security communication to your executive stakeholders.

    Ahmad Jowhar

    As a security leader, you’re tasked with various responsibilities to ensure your organization can achieve its goals while its most important assets are being protected.

    However, when communicating security to executive stakeholders, challenges can arise in determining what topics are pertinent to present. Changes in the security threat landscape coupled with different business goals make identifying how to present security more challenging.

    Having a communication framework for presenting security to executive stakeholders will enable you to effectively identify, develop, and deliver your communication goals while obtaining the support you need to achieve your objectives.

    Ahmad Jowhar
    Research Specialist, Security & Privacy

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    • Many security leaders struggle to decide what to present and how to present security to executive stakeholders.
    • Constant changes in the security threat landscape impacts a security leader’s ability to prioritize topics to be communicated.
    • There is a disconnect between security leaders and executive stakeholders on what information is important to present.
    • Security leaders struggle to communicate the importance of security to a non-technical audience.
    • Developing a thorough understanding of security communication goals.
    • Understanding the importance of leveraging highly relevant and understandable data.
    • Developing and delivering presentations that will keep your audience engaged and build trust with your executive stakeholders.

    Info-Tech Insight

    Security presentations are not a one-way street. The key to a successful executive security presentation is having a goal for the presentation and verifying that you have met your goal.

    Your challenge

    As a security leader, you need to communicate security effectively to executive stakeholders in order to obtain support for your security objectives.

    • When it comes to presenting security to executive stakeholders, many security leaders find it challenging to convey the necessary information in order to obtain support for security objectives.
    • This is attributed to various factors, such as an increase in the threat landscape, changes to industry regulations and standards, and new organizational goals that security has to align with.
    • Furthermore, with the limited time to communicate with executive stakeholders, both in frequency and duration, identifying the most important information to address can be challenging.

    76% of security leaders struggle in conveying the effectiveness of a cybersecurity program.

    62% find it difficult to balance the risk of too much detail and need-to-know information.

    41% find it challenging to communicate effectively with a mixed technical and non-technical audience.

    Source: Deloitte, 2022

    Common obstacles

    There is a disconnect between security leaders and executive stakeholders when it comes to the security posture of the organization:

    • Executive stakeholders are not confident that their security leaders are doing enough to mitigate security risks.
    • The issue has been amplified, with security threats constantly increasing across all industries.
    • However, security leaders don’t feel that they are in a position to make themselves heard.
    • The lack of organizational security awareness and support from cross-functional departments has made it difficult to achieve security objectives (e.g. education, investments).
    • Defining an approach to remove that disconnect with executive stakeholders is of utmost importance for security leaders, in order to improve their organization’s security posture.

    9% of boards are extremely confident in their organization’s cybersecurity risk mitigation measures.

    77% of organizations have seen an increase in the number of attacks in 2021.

    56% of security leaders claimed their team is not involved when leadership makes urgent security decisions.

    Source: EY, 2021
    The image contains a screenshot of an Info-Tech Thoughtmodel titled: Presenting Security to Executive Stakeholders.

    Info-Tech’s methodology for presenting security to executive stakeholders

    1. Identify communication goals

    2. Collect information to support goals

    3. Develop communication

    4. Deliver communication

    Phase steps

    1. Identify drivers for communicating to executives
    2. Define your goals for communicating to executives
    1. Identify data to collect
    2. Plan how to retrieve data
    1. Plan communication
    2. Build a compelling communication document
    1. Deliver a captivating presentation
    2. Obtain/verify goals

    Phase outcomes

    A defined list of drivers and goals to help you develop your security presentations

    A list of data sources to include in your communication

    A completed communication template

    A solidified understanding of how to effectively communicate security to your stakeholders

    Develop a structured process for communicating security to your stakeholders

    Security presentations are not a one-way street
    The key to a successful executive security presentation is having a goal for the presentation and verifying that you have met your goal.

    Identifying your goals is the foundation of an effective presentation
    Defining your drivers and goals for communicating security will enable you to better prepare and deliver your presentation, which will help you obtain your desired outcome.

    Harness the power of data
    Leveraging data and analytics will help you provide quantitative-based communication, which will result in a more meaningful and effective presentation.

    Take your audience on a journey
    Developing a storytelling approach will help engage with your audience.

    Win your audience by building a rapport
    Establishing credibility and trust with executive stakeholders will enable you to obtain their support for security objectives.

    Tactical insight
    Conduct background research on audience members (i.e. professional background) to help understand how best to communicate with them and overcome potential objections.

    Tactical insight
    Verifying your objectives at the end of the communication is important, as it ensures you have successfully communicated to executive stakeholders.

    Project deliverables

    This blueprint is accompanied by a supporting deliverable which includes five security presentation templates.

    Report on Security Initiatives
    Template showing how to inform executive stakeholders of security initiatives.

    Report on Security Initiatives.

    Security Metrics
    Template showing how to inform executive stakeholders of current security metrics that would help drive future initiatives.

    Security Metrics.

    Security Incident Response & Recovery
    Template showing how to inform executive stakeholders of security incidents, their impact, and the response plan.

    Security Incident Response & Recovery

    Security Funding Request
    Template showing how to inform executive stakeholders of security incidents, their impact, and the response plan.

    Security Funding Request

    Key template:

    Security and Risk Update

    Template showing how to inform executive stakeholders of proactive security and risk initiatives.

    Blueprint benefits

    IT/InfoSec benefits

    Business benefits

    • Reduce effort and time spent preparing cybersecurity presentations for executive stakeholders by having templates to use.
    • Enable security leaders to better prepare what to present and how to present it to their executive stakeholders, as well as driving the required outcomes from those presentations.
    • Establish a best practice for communicating security and IT to executive stakeholders.
    • Gain increased awareness of cybersecurity and the impact executive stakeholders can have on improving an organization’s security posture.
    • Understand how security’s alignment with the business will enable the strategic growth of the organization.
    • Gain a better understanding of how security and IT objectives are developed and justified.

    Measure the value of this blueprint

    Phase

    Measured Value (Yearly)

    Phase 1: Identify communication goals

    Cost to define drivers and goals for communicating security to executives:

    16 FTE hours @ $233K* =$1,940

    Phase 2: Collect information to support goals

    Cost to collect and synthesize necessary data to support communication goals:

    16 FTE hours @ $233K = $1,940

    Phase 3: Develop communication

    Cost to develop communication material that will contextualize information being shown:

    16 FTE hours @ $233K = $1,940

    Phase 4: Deliver communication

    Potential Savings:

    Total estimated effort = $5,820

    Our blueprint will help you save $5,820 and over 40 FTE hours

    * The financial figure depicts the annual salary of a CISO in 2022

    Source: Chief Information Security Officer Salary.” Salary.com, 2022

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Phase 1

    Identify communication goals

    Phase 1 Phase 2 Phase 3 Phase 4

    1.1 Identify drivers for communicating to executives

    1.2 Define your goals for communicating to executives

    2.1 Identify data to collect

    2.2 Plan how to retrieve data

    3.1 Plan communication

    3.2 Build a compelling communication document

    4.1 Deliver a captivating presentation

    4.2 Obtain/verify support for security goals

    This phase will walk you through the following activities:

    • Understanding the different drivers for communicating security to executive stakeholders
    • Identifying different communication goals

    This phase involves the following participants:

    • Security leader

    1.1. Identify drivers for communicating to executive stakeholders

    As a security leader, you meet with executives and stakeholders with diverse backgrounds, and you aim to showcase your organization’s security posture along with its alignment with the business’ goals.

    However, with the constant changes in the security threat landscape, demands and drivers for security could change. Thus, understanding potential drivers that will influence your communication will assist you in developing and delivering an effective security presentation.

    39% of organizations had cybersecurity on the agenda of their board’s quarterly meeting.

    Source: EY, 2021.

    Info-Tech Insight

    Not all security presentations are the same. Keep your communication strategy and processes agile.

    Know your drivers for security presentations

    By understanding the influences for your security presentations, you will be able to better plan what to present to executive stakeholders.

    • These meetings, which are usually held once per quarter, provide you with less than one hour of presentation time.
    • Hence, it is crucial to know why you need to present security and whether these drivers are similar across the other presentations.

    Understanding drivers will also help you understand how to present security to executive stakeholders.

    • These drivers will shape the structure of your presentation and help determine your approach to communicating your goals.
    • For example, financial-based presentations that are driven by budget requests might create a sense of urgency or assurance about investment in a security initiative.

    Identify your communication drivers, which can stem from various initiatives and programs, including:

    • Results from internal or external audit reports.
    • Upcoming budget meetings.
    • Briefing newly elected executive stakeholders on security.

    When it comes to identifying your communication drivers, you can collaborate with subject matter experts, like your corporate secretary or steering committees, to ensure the material being communicated will align with some of the organizational goals.

    Examples of drivers for security presentations

    Audit
    Upcoming internal or external audits might require updates on the organization’s compliance

    Organizational restructuring
    Restructuring within an organization could require security updates

    Merger & Acquisition
    An M&A would trigger presentations on organization’s current and future security posture

    Cyber incident
    A cyberattack would require an immediate presentation on its impact and the incident response plan

    Ad hoc
    Provide security information requested by stakeholders

    1.2. Define your goals for communicating to executives

    After identifying drivers for your communication, it’s important to determine what your goals are for the presentation.

    • Communication drivers are mainly triggers for why you want to present security.
    • Communication goals are the potential outcomes you are hoping to obtain from the presentation.
    • Your communication goals would help identify what data and metrics to include in your presentation, the structure of your communication deck, and how you deliver your communication to executive stakeholders.

    Identifying your communication goals could require the participation of the security team, IT leadership, and other business stakeholders.

    • As a group, brainstorm the security goals that align with your business goals for the coming year.
      • Aim to have at least two business goals that align with each security goal.
    • Identify what benefits and value the executive stakeholders will gain from the security goal being presented.
      • E.g. Increased security awareness, updates on organization's security posture.
    • Identify what the ask is for this presentation.
      • E.g. Approval for increasing budget to support security initiatives, executive support to implement internal security programs.

    Info-Tech Insight

    There can be different reasons to communicate security to executive stakeholders. You need to understand what you want to get out of your presentation.

    Examples of security presentation goals

    Educate
    Educate the board on security trends and/or latest risks in the industry

    Update
    Provide updates on security initiatives, relevant security metrics, and compliance posture

    Inform
    Provide an incident response plan due to a security incident or deliver updates on current threats and risks

    Investment
    Request funding for security investments or financial updates on past security initiatives

    Ad hoc
    Provide security information requested by stakeholders

    Phase 2

    Collect information to support goals

    Phase 1Phase 2Phase 3Phase 4

    1.1 Identify drivers for communicating to executives

    1.2 Define your goals for communicating to executives

    2.1 Identify data to collect

    2.2 Plan how to retrieve data

    3.1 Plan communication

    3.2 Build a compelling communication document

    4.1 Deliver a captivating presentation

    4.2 Obtain/verify support for security goals

    This phase will walk you through the following activities:

    • Understanding what types of data to include in your security presentations
    • Defining where and how to retrieve data

    This phase involves the following participants:

    • Security leader
    • Network/security analyst

    2.1 Identify data to collect

    After identifying drivers and goals for your communication, it’s important to include the necessary data to justify the information being communicated.

    • Leveraging data and analytics will assist in providing quantitative-based communication, which will result in a more meaningful and effective presentation.
    • The data presented will showcase the visibility of an organization’s security posture along with potential risks and figures on how to mitigate those risks.
    • Providing analysis of the quantitative data presented will also showcase further insights on the figures, allow the audience to better understand the data, and show its relevance to the communication goals.

    Identifying data to collect doesn’t need to be a rigorous task; you can follow these steps to help you get started:

    • Work with your security team to identify the main type of data applicable to the communication goals.
      • E.g. Financial data would be meaningful to use when communicating a budget presentation.
    • Identify supporting data linked to the main data defined.
      • E.g. If a financial investment is made to implement a security initiative, then metrics on improvements to the security posture will be relevant.
    • Show how both the main and supporting data align with the communication goals.
      • E.g. Improvement in security posture would increase alignment with regulation standards, which would result in additional contracts being awarded and increased revenue.

    Info-Tech Insight

    Understand how to present your information in a way that will be meaningful to your audience, for instance by quantifying security risks in financial terms.

    Examples of data to present

    Educate
    Number of organizations in industry impacted by data breaches during past year; top threats and risks affecting the industries

    Update
    Degree of compliance with standards (e.g. ISO-27001); metrics on improvement of security posture due to security initiatives

    Inform
    Percentage of impacted clients and disrupted business functions; downtime; security risk likelihood and financial impact

    Investment
    Capital and operating expenditure for investment; ROI on past and future security initiatives

    Ad hoc
    Number of security initiatives that went over budget; phishing test campaign results

    2.2 Plan how to retrieve the data

    Once the data that is going to be used for the presentation has been identified, it is important to plan how the data can be retrieved, processed, and shared.

    • Most of the data leveraged for security presentations are structured data, which are highly organized data that are often stored in a relational and easily searchable database.
      • This includes security log reports or expenditures for ongoing and future security investments.
    • Retrieving the data, however, would require collaboration and cooperation from different team members.
    • You would need to work with the security team and other appropriate stakeholders to identify where the data is stored and who the data owner is.

    Once the data source and owner has been identified, you need to plan how the data would be processed and leveraged for your presentation

    • This could include using queries to retrieve the relevant information needed (e.g. SQL, Microsoft Excel).
    • Verify the accuracy and relevance of the data with other stakeholders to ensure it is the most appropriate data to be presented to the executive stakeholders.

    Info-Tech Insight

    Using a data-driven approach to help support your objectives is key to engaging with your audience.

    Plan where to retrieve the data

    Identifying the relevant data sources to retrieve your data and the appropriate data owner enables efficient collaboration between departments collecting, processing, and communicating the data and graphics to the audience.

    Examples of where to retrieve your data

    Data Source

    Data

    Data Owner

    Communication Goal

    Audit & Compliance Reports

    Percentage of controls completed to be certified with ISO 27001; Number of security threats & risks identified.

    Audit Manager;

    Compliance Manager;

    Security Leader

    Ad hoc, Educate, Inform

    Identity & Access Management (IAM) Applications

    Number of privileged accounts/department; Percentage of user accounts with MFA applied

    Network/Security Analyst

    Ad hoc, Inform, Update

    Security Information & Event Management (SIEM)

    Number of attacks detected and blocked before & after implementing endpoint security; Percentage of firewall rules that triggered a false positive

    Network/Security Analyst

    Ad hoc, Inform, Update

    Vulnerability Management Applications

    Percentage of critical vulnerabilities patched; Number of endpoints encrypted

    Network/Security Analyst

    Ad hoc, Inform, Update

    Financial & Accounting Software

    Capital & operating expenditure for future security investments; Return on investment (ROI) on past and current security investments

    Financial and/or Accounting Manager

    Ad hoc, Educate, Investments

    Phase 3

    Develop communication

    Phase 1Phase 2Phase 3Phase 4

    1.1 Identify drivers for communicating to executives

    1.2 Define your goals for communicating to executives

    2.1 Identify data to collect

    2.2 Plan how to retrieve data

    3.1 Plan communication

    3.2 Build a compelling communication document

    4.1 Deliver a captivating presentation

    4.2 Obtain/verify support for security goals

    This phase will walk you through the following activities:

    • Identifying a communication strategy for presenting security
    • Identifying security templates that are applicable to your presentation

    This phase involves the following participants:

    • Security leader

    3.1 Plan communication: Know who your audience is

    • When preparing your communication, it's important to understand who your target audience is and to conduct background research on them.
    • This will help develop your communication style and ensure your presentation caters to the expected audience in the room.

    Examples of two profiles in a boardroom

    Formal board of directors

    The executive team

    • In the private sector, this will include an appointed board of shareholders and subcommittees external to the organization.
    • In the public sector, this can include councils, commissions, or the executive team itself.
    • In government, this can include mayors, ministers, and governors.
    • The board’s overall responsibility is governance.
    • This audience will include your boss and your peers internal to the organization.
    • This category is primarily involved in the day-to-day operations of the organization and is responsible for carrying out the strategic direction set by the board.
    • The executive team’s overall responsibility is operations.

    3.1.1 Know what your audience cares about

    • Understanding what your executive stakeholders value will equip you with the right information to include in your presentations.
    • Ensure you conduct background research on your audience to assist you in knowing what their potential interests are.
    • Your background research could include:
      • Researching the audience’s professional background through LinkedIn.
      • Reviewing their comments from past executive meetings.
      • Researching current security trends that align with organizational goals.
    • Once the values and risks have been identified, you can document them in notes and share the notes with subject matter experts to verify if these values and risks should be shared in the coming meetings.

    A board’s purpose can include the following:

    • Sustaining and expanding the organization’s purpose and ability to execute in a competitive market.
    • Determining and funding the organization’s future and direction.
    • Protecting and increasing shareholder value.
    • Protecting the company’s exposure to risks.

    Examples of potential values and risks

    • Business impact
    • Financial impact
    • Security and incidents

    Info-Tech Insight
    Conduct background research on audience members (e.g. professional background on LinkedIn) to help understand how best to communicate to them and overcome potential objections.

    Understand your audience’s concerns

    • Along with knowing what your audience values and cares about, understanding their main concerns will allow you to address those items or align them with your communication.
    • By treating your executive stakeholders as your project sponsors, you would build a level of trust and confidence with your peers as the first step to tackling their concerns.
    • These concerns can be derived from past stakeholder meetings, recent trends in the industry, or strategic business alignments.
    • After capturing their concerns, you’ll be equipped with the necessary understanding on what material to include and prioritize during your presentations.

    Examples of potential concerns for each profile of executive stakeholders

    Formal board of directors

    The executive team

    • Business impact (What is the impact of IT in solving business challenges?)
    • Investments (How will it impact organization’s finances and efficiency?)
    • Cybersecurity and risk (What are the top cybersecurity risks, and how is IT mitigating those risks to the business?)
    • Business alignment (How do IT priorities align to the business strategy and goals?)
    • IT operational efficiency (How is IT set up for success with foundational elements of IT’s operational strategy?)
    • Innovation & transformation priorities (How is IT enabling the organization’s competitive advantage and supporting transformation efforts as a strategic business partner?)

    Build your presentation to tackle their main concerns

    Your presentation should be well-rounded and compelling when it addresses the board’s main concerns about security.

    Checklist:

    • Research your target audience (their backgrounds, board composition, dynamics, executive team vs. external group).
    • Include value and risk language in your presentation to appeal to your audience.
    • Ensure your content focuses on one or more of the board’s main concerns with security (e.g. business impact, investments, or risk).
    • Include information about what is in it for them and the organization.
    • Research your board’s composition and skillsets to determine their level of technical knowledge and expertise. This helps craft your presentation with the right amount of technology vs. business-facing information.

    Info-Tech Insight
    The executive stakeholder’s main concerns will always boil down to one important outcome: providing a level of confidence to do business through IT products, services, and systems – including security.

    3.1.2 Take your audience through a security journey

    • Once you have defined your intended target and their potential concerns, developing the communication through a storytelling approach will be the next step to help build a compelling presentation.
    • You need to help your executive stakeholders make sense of the information being conveyed and allow them to understand the importance of cybersecurity.
    • Taking your audience through a story will allow them to see the value of the information being presented and better resonate with its message.
    • You can derive insights for your storytelling presentation by doing the following:
      • Provide a business case scenario on the topic you are presenting.
      • Identify and communicate the business problem up front and answer the three questions (why, what, how).
      • Quantify the problems in terms of business impact (money, risk, value).

    Info-Tech Insight
    Developing a storytelling approach will help keep your audience engaged and allow the information to resonate with them, which will add further value to the communication.

    Identify the purpose of your presentation

    You should be clear about your bottom line and the intent behind your presentation. However, regardless of your bottom line, your presentation must focus on what business problems you are solving and why security can assist in solving the problem.

    Examples of communication goals

    To inform or educate

    To reach a decision

    • In this presentation type, it is easy for IT leaders to overwhelm a board with excessive or irrelevant information.
    • Focus your content on the business problem and the solution proposed.
    • Refrain from too much detail about the technology – focus on business impact and risk mitigated. Ask for feedback if applicable.
    • In this presentation type, there is a clear ask and an action required from the board of directors.
    • Be clear about what this decision is. Once again, don’t lead with the technology solution: Start with the business problem you are solving, and only talk about technology as the solution if time permits.
    • Ensure you know who votes and how to garner their support.

    Info-Tech Insight
    Nobody likes surprises. Communicate early and often. The board should be pre-briefed, especially if it is a difficult subject. This also ensures you have support when you deliver a difficult message.

    Gather the right information to include in your boardroom presentation

    Once you understand your target audience, it’s important to tailor your presentation material to what they will care about.

    Typical IT boardroom presentations include:

    • Communicating the value of ongoing business technology initiatives.
    • Requesting funds or approval for a business initiative that IT is spearheading.
    • Security incident response/Risk/DRP.
    • Developing a business program or an investment update for an ongoing program.
    • Business technology strategy highlights and impacts.
    • Digital transformation initiatives (value, ROI, risk).

    Info-Tech Insight
    You must always have a clear goal or objective for delivering a presentation in front of your board of directors. What is the purpose of your board presentation? Identify your objective and outcome up front and tailor your presentation’s story and contents to fit this purpose.

    Info-Tech Insight
    Telling a good story is not about the message you want to deliver but the one the executive stakeholders want to hear. Articulate what you want them to think and what you want them to take away, and be explicit about it in your presentation. Make your story logically flow by identifying the business problem, complication, the solution, and how to close the gap. Most importantly, communicate the business impacts the board will care about.

    Structure your presentation to tell a logical story

    To build a strong story for your presentation, ensure you answer these three questions:

    WHY

    Why is this a business issue, or why should the executive stakeholders care?

    WHAT

    What is the impact of solving the problem and driving value for the company?

    HOW

    How will we leverage our resources (technology, finances) to solve the problem?

    Examples:

    Scenario 1: The company has experienced a security incident.

    Intent: To inform/educate the board about the security incident.

    WHY

    The data breach has resulted in a loss of customer confidence, negative brand impact, and a reduction in revenue of 30%.

    WHAT

    Financial, legal, and reputational risks identified, and mitigation strategies implemented. IT is working with the PR team on communications. Incident management playbook executed.

    HOW

    An analysis of vulnerabilities was conducted and steps to address are in effect. Recovery steps are 90% completed. Incident management program reviewed for future incidents.

    Scenario 2: Security is recommending investments based on strategic priorities.

    Intent: To reach a decision with the board – approve investment proposal.

    WHY

    The new security strategy outlines two key initiatives to improve an organization’s security culture and overall risk posture.

    WHAT

    Security proposed an investment to implement a security training & phishing test campaign, which will assist in reducing data breach risks.

    HOW

    Use 5% of security’s budget to implement security training and phishing test campaigns.

    Time plays a key role in delivering an effective presentation

    What you include in your story will often depend on how much time you have available to deliver the message.

    Consider the following:

    • Presenting to executive stakeholders often means you have a short window of time to deliver your message. The average executive stakeholder presentation is 15 minutes, and this could be cut short due to other unexpected factors.
    • If your presentation is too long, you risk overwhelming or losing your audience. You must factor in the time constraints when building your board presentation.
    • Your executive stakeholders have a wealth of experience and knowledge, which means they could jump to conclusions quickly based on their own experiences. Ensure you give them plenty of background information in advance. Provide your presentation material, a brief, or any other supporting documentation before the meeting to show you are well prepared.
    • Be prepared to have deep conversations about the topic, but respect that the executive stakeholders might not be interested in hearing the tactical information. Build an elevator pitch, a one-pager, back-up slides that support your ask and the story, and be prepared to answer questions within your allotted presentation time to dive deeper.

    Navigating through Q&A

    Use the Q&A portion to build credibility with the board.

    • It is always better to say, “I’m not certain about the answer but will follow up,” than to provide false or inaccurate information on the spot.
    • When asked challenging or irrelevant questions, ensure you have an approach to deflect them. Questions can often be out of scope or difficult to answer in a group. Find what works for you to successfully navigate through these questions:
      • “Let’s work with the sub-committee to find you an answer.”
      • “Let’s take that offline to address in more detail.”
      • “I have some follow-up material I can provide you to discuss that further after our meeting.”
    • And ensure you follow up! Make sure to follow through on your promise to provide information or answers after the meeting. This helps build trust and credibility with the board.

    Info-Tech Insight
    The average board presentation is 15 minutes long. Build no more than three or four slides of content to identify the business problem, the business impacts, and the solution. Leave five minutes for questions at the end, and be prepared with back-up slides to support your answers.

    Storytelling checklist

    Checklist:

    • Tailor your presentation based on how much time you have.
    • Find out ahead of time how much time you have.
    • Identify if your presentation is to inform/educate or reach a decision.
    • Identify and communicate the business problem up front and answer the three questions (why, what, how).
    • Express the problem in terms of business impact (risk, value, money).
    • Prepare and send pre-meeting collateral to the members of the board and executive team.
    • Include no more than 5-6 slides for your presentation.
    • Factor in Q&A time at the end of your presentation window.
    • Articulate what you want them to think and what you want them to take away – put it right up front and remind them at the end.
    • Have an elevator speech handy – one or two sentences and a one-pager version of your story.
    • Consider how you will build your relationship with the members outside the boardroom.

    3.1.3 Build a compelling communication document

    Once you’ve identified your communication goals, data, and plan to present to your stakeholders, it’s important to build the compelling communication document that will attract all audiences.

    A good slide design increases the likelihood that the audience will read the content carefully.

    • Bad slide structure (flow) = Audience loses focus
      • You can have great content on a slide, but if a busy audience gets confused, they’ll just close the file or lose focus. Structure encompasses horizontal and vertical logic.
    • Good visual design = Audience might read more
      • Readers will probably skim the slides first. If the slides look ugly, they will already have a negative impression. If the slides are visually appealing, they will be more inclined to read carefully. They may even use some slides to show others.
    • Good content + Good structure + Visual appeal = Good presentation
      • A presentation is like a house. Good content is the foundation of the house. Good structure keeps the house strong. Visual appeal differentiates houses.

    Slide design best practices

    Leverage these slide design best practices to assist you in developing eye-catching presentations.

    • Easy to read: Assume reader is tight on time. If a slide looks overwhelming, the reader will close the document.
    • Concise and clear: Fewer words = more skim-able.
    • Memorable: Use graphics and visuals or pithy quotes whenever you can do so appropriately.
    • Horizontal logic: Good horizontal logic will have slide titles that cascade into a story with no holes or gaps.
    • Vertical logic: People usually read from left to right, top to bottom, or in a Z pattern. Make sure your slide has an intuitive flow of content.
    • Aesthetics: People like looking at visually appealing slides, but make sure your attempts to create visual appeal do not detract from the content.

    Your presentation must have a logical flow

    Horizontal logic

    Vertical logic

    • Horizontal logic should tell a story.
    • When slide titles are read in a cascading manner, they will tell a logical and smooth story.
    • Title & tagline = thesis (best insight).
    • Vertical logic should be intuitive.
    • Each step must support the title.
    • The content you intend to include within each slide is directly applicable to the slide title.
    • One main point per slide.

    Vertical logic should be intuitive

    The image contains a screenshot example of a bad design layout for a slide. The image contains a screenshot example of a good design layout for a slide.

    The audience is unsure where to look and in what order.

    The audience knows to read the heading first. Then look within the pie chart. Then look within the white boxes to the right.

    Horizontal and vertical logic checklists

    Horizontal logic

    Vertical logic

    • List your slide titles in order and read through them.
    • Good horizontal logic should feel like a story. Incomplete horizontal logic will make you pause or frown.
    • After a self-test, get someone else to do the same exercise with you observing them.
    • Note at which points they pause or frown. Discuss how those points can be improved.
    • Now consider each slide title proposed and the content within it.
    • Identify if there is a disconnect in title vs. content.
    • If there is a disconnect, consider changing the title of the slide to appropriately reflect the content within it, or consider changing the content if the slide title is an intended path in the story.

    Make it easy to read

    The image contains a screenshot that demonstrates an uneasy to read slide. The image contains a screenshot that demonstrates an easy to read slide.
    • Unnecessary coloring makes it hard on the eyes
    • Margins for title at top is too small
    • Content is not skim-able (best to break up the slide)

    Increase skim-ability:

    • Emphasize the subheadings
    • Bold important words

    Make it easier on the eyes:

    • Declutter and add sections
    • Have more white space

    Be concise and clear

    1. Write your thoughts down
      • This gets your content documented.
      • Don’t worry about clarity or concision yet.
    2. Edit for clarity
      • Make sure the key message is very clear.
      • Find your thesis statement.
    3. Edit for concision
      • Remove unnecessary words.
      • Use the active voice, not passive voice (see below for examples).

    Passive voice

    Active voice

    “There are three things to look out for” (8 words)

    “Network security was compromised by hackers” (6 words)

    “Look for these three things” (5 words)

    “Hackers compromised network security” (4 words)

    Be memorable

    The image contains a screenshot of an example that demonstrates a bad example of how to be memorable. The image contains a screenshot of an example that demonstrates a good example of how to be memorable.

    Easy to read, but hard to remember the stats.

    The visuals make it easier to see the size of the problem and make it much more memorable.

    Remember to:

    • Have some kind of visual (e.g. graphs, icons, tables).
    • Divide the content into sections.
    • Have a bit of color on the page.

    Aesthetics

    The image contains a screenshot of an example of bad aesthetics. The image contains a screenshot of an example of good aesthetics.

    This draft slide is just content from the outline document on a slide with no design applied yet.

    • Have some kind of visual (e.g. graphs, icons, tables) as long as it’s appropriate.
    • Divide the content into sections.
    • Have a bit of color on the page.
    • Bold or italicize important text.

    Why use visuals?

    How graphics affect us

    Cognitively

    • Engage our imagination
    • Stimulate the brain
    • Heighten creative thinking
    • Enhance or affect emotions

    Emotionally

    • Enhance comprehension
    • Increase recollection
    • Elevate communication
    • Improve retention

    Visual clues

    • Help decode text
    • Attract attention
    • Increase memory

    Persuasion

    • 43% more effective than text alone
    Source: Management Information Systems Research Center

    Presentation format

    Often stakeholders prefer to receive content in a specific format. Make sure you know what you require so that you are not scrambling at the last minute.

    • Is there a standard presentation template?
    • Is a hard-copy handout required?
    • Is there a deadline for draft submission?
    • Is there a deadline for final submission?
    • Will the presentation be circulated ahead of time?
    • Do you know what technology you will be using?
    • Have you done a dry run in the meeting room?
    • Do you know the meeting organizer?

    Checklist to build compelling visuals in your presentation

    Leverage this checklist to ensure you are creating the perfect visuals and graphs for your presentation.

    Checklist:

    • Do the visuals grab the audience’s attention?
    • Will the visuals mislead the audience/confuse them?
    • Do the visuals facilitate data comparison or highlight trends and differences in a more effective manner than words?
    • Do the visuals present information simply, cleanly, and accurately?
    • Do the visuals display the information/data in a concentrated way?
    • Do the visuals illustrate messages and themes from the accompanying text?

    3.2 Security communication templates

    Once you have identified your communication goals and plans for building your communication document, you can start building your presentation deck.

    These presentation templates highlight different security topics depending on your communication drivers, goals, and available data.

    Info-Tech has created five security templates to assist you in building a compelling presentation.

    These templates provide support for presentations on the following five topics:

    • Security Initiatives
    • Security & Risk Update
    • Security Metrics
    • Security Incident Response & Recovery
    • Security Funding Request

    Each template provides instructions on how to use it and tips on ensuring the right information is being presented.

    All the templates are customizable, which enables you to leverage the sections you need while also editing any sections to your liking.

    The image contains screenshots of the Security Presentation Templates.

    Download the Security Presentation Templates

    Security template example

    It’s important to know that not all security presentations for an organization are alike. However, these templates would provide a guideline on what the best practices are when communicating security to executive stakeholders.

    Below is an example of instructions to complete the “Security Risk & Update” template. Please note that the security template will have instructions to complete each of its sections.

    The image contains a screenshot of the Executive Summary slide. The image contains a screenshot of the Security Goals & Objectives slide.

    The first slide following the title slide includes a brief executive summary on what would be discussed in the presentation. This includes the main security threats that would be addressed and the associated risk mitigation strategies.

    This slide depicts a holistic overview of the organization’s security posture in different areas along with the main business goals that security is aligning with. Ensure visualizations you include align with the goals highlighted.

    Security template example (continued)

    The image contains a screenshot example of the Top Threats & Risks. The image contains a screenshot example of the Top Threats & Risks.

    This slide displays any top threats and risks an organization is facing. Each threat consists of 2-3 risks and is prioritized based on the negative impact it could have on the organization (i.e. red bar = high priority; green bar = low priority). Include risks that have been addressed in the past quarter, and showcase any prioritization changes to those risks.

    This slide follows the “Top Threats & Risks” slide and focuses on the risks that had medium or high priority. You will need to work with subject matter experts to identify risk figures (likelihood, financial impact) that will enable you to quantify the risks (Likelihood x Financial Impact). Develop a threshold for each of the three columns to identify which risks require further prioritization, and apply color coding to group the risks.

    Security template example (continued)

    The image contains a screenshot example of the slide, Risk Analysis. The image contains a screenshot example of the slide, Risk Mitigation Strategies & Roadmap.

    This slide showcases further details on the top risks along with their business impact. Be sure to include recommendations for the risks and indicate whether further action is required from the executive stakeholders.

    The last slide of the “Security Risk & Update” template presents a timeline of when the different initiatives to mitigate security risks would begin. It depicts what initiatives will be completed within each fiscal year and the total number of months required. As there could be many factors to a project’s timeline, ensure you communicate to your executive stakeholders any changes to the project.

    Phase 4

    Deliver communication

    Phase 1Phase 2Phase 3Phase 4

    1.1 Identify drivers for communicating to executives

    1.2 Define your goals for communicating to executives

    2.1 Identify data to collect

    2.2 Plan how to retrieve data

    3.1 Plan communication

    3.2 Build a compelling communication document

    4.1 Deliver a captivating presentation

    4.2 Obtain/verify support for security goals

    This phase will walk you through the following activities:

    • Identifying a strategy to deliver compelling presentations
    • Ensuring you follow best practices for communicating and obtaining your security goals

    This phase involves the following participants:

    • Security leader

    4.1 Deliver a captivating presentation

    You’ve gathered all your data, you understand what your audience is expecting, and you are clear on the outcomes you require. Now, it’s time to deliver a presentation that both engages and builds confidence.

    Follow these tips to assist you in developing an engaging presentation:

    • Start strong: Give your audience confidence that this will be a good investment of their time. Establish a clear direction for what’s going to be covered and what the desired outcome is.
    • Use your time wisely: Odds are, your audience is busy, and they have many other things on their minds. Be prepared to cover your content in the time allotted and leave sufficient time for discussion and questions.
    • Be flexible while presenting: Do not expect that your presentation will follow the path you have laid out. Anticipate jumping around and spending more or less time than you had planned on a given slide.

    Keep your audience engaged with these steps

    • Be ready with supporting data. Don’t make the mistake of not knowing your content intimately. Be prepared to answer questions on any part of it. Senior executives are experts at finding holes in your data.
    • Know your audience. Who are you presenting to? What are their specific expectations? Are there sensitive topics to be avoided? You can’t be too prepared when it comes to understanding your audience.
    • Keep it simple. Don’t assume that your audience wants to learn the details of your content. Most just want to understand the bottom line, the impact on them, and how they can help. More is not always better.
    • Focus on solving issues. Your audience members have many of their own problems and issues to worry about. If you show them how you can help make their lives easier, you’ll win them over.

    Info-Tech Insight
    Establishing credibility and trust with executive stakeholders is important to obtaining their support for security objectives.

    Be honest and straightforward with your communication

    • Be prepared. Being properly prepared means not only that your update will deliver the value that you expect, but also that you will have confidence and the flexibility you require when you’re taken off track.
    • Don’t sugarcoat it. These are smart, driven people that you are presenting to. It is neither beneficial nor wise to try to fool them. Be open and transparent about problems and issues. Ask for help.
    • No surprises. An executive stakeholder presentation is not the time or the place for a surprise. Issues seen as unexpected or contentious should always be dealt with prior to the meeting with those most impacted.

    Hone presentation skills before meeting with the executive stakeholders

    Know your environment

    Be professional but not boring

    Connect with your audience

    • Your organization has standards for how people are expected to dress at work. Make sure that your attire meets this standard – don’t be underdressed.
    • Think about your audience – would they appreciate you starting with a joke, or do they want you to get to the point as quickly as possible?
    • State the main points of your presentation confidently. While this should be obvious, it is essential. Your audience should be able to clearly see that you believe the points you are stating.
    • Present with lots of energy, smile, and use hand gestures to support your speech.
    • Look each member of the audience in the eye at least once during your presentation. Avoid looking at the ceiling, the back wall, or the floor. Your audience should feel engaged – this is essential to keeping their attention on you.
    • Never read from your slides. If there is text on a slide, paraphrase it while maintaining eye contact.

    Checklist for presentation logistics

    Optimize the timing of your presentation:

    • Less is more: Long presentations are detrimental to your cause – they lead to your main points being diluted. Keep your presentation short and concise.
    • Keep information relevant: Only present information that is important to your audience. This includes the information that they are expecting to see and information that connects to the business.
    • Expect delays: Your audience will likely have questions. While it is important to answer each question fully, it will take away from the precious time given to you for your presentation. Expect that you will not get through all the information you have to present.

    Script your presentation:

    • Use a script to stay on track: Script your presentation before the meeting. A script will help you present your information in a concise and structured manner.
    • Develop a second script: Create a script that is about half the length of the first script but still contains the most important points. This will help you prepare for any delays that may arise during the presentation.
    • Prepare for questions: Consider questions that may be asked and script clear and concise answers to each.
    • Practice, practice, practice: Practice your presentation until you no longer need the script in front of you.

    Checklist for presentation logistics (continued)

    Other considerations:

    • After the introduction of your presentation, clearly state the objective – don’t keep people guessing and consequently lose focus on your message.
    • After the presentation is over, document important information that came up. Write it down or you may forget it soon after.
    • Rather than create a long presentation deck full of detailed slides that you plan to skip over during the presentation, create a second, compact deck that contains only the slides you plan to present. Send out the longer deck after the presentation.

    Checklist for delivering a captivating presentation

    Leverage this checklist to ensure you are prepared to develop and deliver an engaging presentation.

    Checklist:

    • Start with a story or something memorable to break the ice.
    • Go in with the end state in mind (focus on the outcome/end goal and work back from there) – What’s your call to action?
    • Content must compliment your end goal, filter out any content that doesn’t compliment the end goal.
    • Be prepared to have less time to speak. Be prepared with shorter versions of your presentation.
    • Include an appendix with supporting data, but don’t be data heavy in your presentation. Integrate the data into a story. The story should be your focus.

    Checklist for delivering a captivating presentation (continued)

    • Be deliberate in what you want to show your audience.
    • Ensure you have clean slides so the audience can focus on what you’re saying.
    • Practice delivering your content multiple times alone and in front of team members or your Info-Tech counselor, who can provide feedback.
    • How will you handle being derailed? Be prepared with a way to get back on track if you are derailed.
    • Ask for feedback.
    • Record yourself presenting.

    4.2 Obtain and verify support on security goals

    Once you’ve delivered your captivating presentation, it’s imperative to communicate with your executive stakeholders.

    • This is your opportunity to open the floor for questions and clarify any information that was conveyed to your audience.
    • Leverage your appendix and other supporting documents to justify your goals.
    • Different approaches to obtaining and verifying your goals could include:
      • Acknowledgment from the audience that information communicated aligns with the business’s goals.
      • Approval of funding requests for security initiatives.
      • Written and verbal support for implementation of security initiatives.
      • Identifying next steps for information to communicate at the next executive stakeholder meeting.

    Info-Tech Insight
    Verifying your objectives at the end of the presentation is important, as it ensures you have successfully communicated to executive stakeholders.

    Checklist for obtaining and verify support on security goals

    Follow this checklist to assist you in obtaining and verifying your communication goals.

    Checklist:

    • Be clear about follow-up and next steps if applicable.
    • Present before you present: Meet with your executive stakeholders before the meeting to review and discuss your presentation and other supporting material and ensure you have executive/CEO buy-in.
    • “Be humble, but don’t crumble” – demonstrate to the executive stakeholders that you are an expert while admitting you don’t know everything. However, don’t be afraid to provide your POV and defend it if need be. Strike the right balance to ensure the board has confidence in you while building a strong relationship.
    • Prioritize a discussion over a formal presentation. Create an environment where they feel like they are part of the solution.

    Summary of Accomplishment

    Problem Solved

    A better understanding of security communication drivers and goals

    • Understanding the difference between communication drivers and goals
    • Identifying your drivers and goals for security presentation

    A developed a plan for how and where to retrieve data for communication

    • Insights on what type of data can be leveraged to support your communication goals
    • Understanding who you can collaborate with and potential data sources to retrieve data from

    A solidified communication plan with security templates to assist in better presenting to your audience

    • A guideline on how to prepare security presentations to executive stakeholders
    • A list of security templates that can be customized and used for various security presentations

    A defined guideline on how to deliver a captivating presentation to achieve your desired objectives

    • Clear message on best practices for delivering security presentations to executive stakeholders
    • Understanding how to verify your communication goals have been obtained

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com

    1-888-670-8889

    Related Info-Tech Research

    Build an Information Security Strategy
    This blueprint will walk you through the steps of tailoring best practices to effectively manage information security.

    Build a Security Metrics Program to Drive Maturity
    This blueprint will assist you in identifying security metrics that can tie to your organizational goals and build those metrics to achieve your desired maturity level.

    Bibliography

    Bhadauriya, Amit S. “Communicating Cybersecurity Effectively to the Board.” Metricstream. Web.
    Booth, Steven, et al. “The Biggest Mistakes Made When Presenting Cyber Security to Senior Leadership or the Board, and How to Fix Them.” Mandiant, May 2019. Web.
    Bradford, Nate. “6 Slides Every CISO Should Use in Their Board Presentation.” Security Boulevard, 9 July 2020. Web.
    Buckalew, Lauren, et al. “Get the Board on Board: Leading Cybersecurity from the Top Down.” Newsroom, 2 Dec. 2019. Web.
    Burg, Dave, et al. “Cybersecurity: How Do You Rise above the Waves of a Perfect Storm?” EY US - Home, EY, 22 July 2021. Web.
    Carnegie Endowment for International Peace. Web.
    “Chief Information Security Officer Salary.” Salary.com, 2022. Web.
    “CISO's Guide to Reporting to the Board - Apex Assembly.” CISO's Guide To Reporting to the Board. Web.
    “Cyber Security Oversight in the Boardroom” KPMG, Jan. 2016. Web.
    “Cybersecurity CEO: My 3 Tips for Presenting in the Boardroom.” Cybercrime Magazine, 31 Mar. 2020. Web.
    Dacri , Bryana. Do's & Don'ts for Security Professionals Presenting to Executives. Feb. 2018. Web.
    Froehlich, Andrew. “7 Cybersecurity Metrics for the Board and How to Present Them: TechTarget.” Security, TechTarget, 19 Aug. 2022. Web.
    “Global Board Risk Survey.” EY. Web.
    “Guidance for CISOs Presenting to the C-Suite.” IANS, June 2021. Web.
    “How to Communicate Cybersecurity to the Board of Directors.” Cybersecurity Conferences & News, Seguro Group, 12 Mar. 2020. Web.
    Ide, R. William, and Amanda Leech. “A Cybersecurity Guide for Directors” Dentons. Web.
    Lindberg, Randy. “3 Tips for Communicating Cybersecurity to the Board.” Cybersecurity Software, Rivial Data Security, 8 Mar. 2022. Web.
    McLeod, Scott, et al. “How to Present Cybersecurity to Your Board of Directors.” Cybersecurity & Compliance Simplified, Apptega Inc, 9 Aug. 2021. Web.
    Mickle, Jirah. “A Recipe for Success: CISOs Share Top Tips for Successful Board Presentations.” Tenable®, 28 Nov. 2022. Web.
    Middlesworth, Jeff. “Top-down: Mitigating Cybersecurity Risks Starts with the Board.” Spiceworks, 13 Sept. 2022. Web.
    Mishra, Ruchika. “4 Things Every CISO Must Include in Their Board Presentation.” Security Boulevard, 17 Nov. 2020. Web.
    O’Donnell-Welch, Lindsey. “CISOs, Board Members and the Search for Cybersecurity Common Ground.” Decipher, 20 Oct. 2022. Web.

    Bibliography

    “Overseeing Cyber Risk: The Board's Role.” PwC, Jan. 2022. Web.
    Pearlson, Keri, and Nelson Novaes Neto. “7 Pressing Cybersecurity Questions Boards Need to Ask.” Harvard Business Review, 7 Mar. 2022. Web.
    “Reporting Cybersecurity Risk to the Board of Directors.” Web.
    “Reporting Cybersecurity to Your Board - Steps to Prepare.” Pondurance ,12 July 2022. Web.
    Staynings, Richard. “Presenting Cybersecurity to the Board.” Resource Library. Web.
    “The Future of Cyber Survey.” Deloitte, 29 Aug. 2022. Web.
    “Top Cybersecurity Metrics to Share with Your Board.” Packetlabs, 10 May 2022. Web.
    Unni, Ajay. “Reporting Cyber Security to the Board? How to Get It Right.” Cybersecurity Services Company in Australia & NZ, 10 Nov. 2022. Web.
    Vogel, Douglas, et al. “Persuasion and the Role of Visual Presentation Support.” Management Information Systems Research Center, 1986.
    “Welcome to the Cyber Security Toolkit for Boards.” NCSC. Web.

    Research Contributors

    • Fred Donatucci, New-Indy Containerboard, VP, Information Technology
    • Christian Rasmussen, St John Ambulance, Chief Information Officer
    • Stephen Rondeau, ZimVie, SVP, Chief Information Officer

    M&A Runbook for Infrastructure and Operations

    • Buy Link or Shortcode: {j2store}60|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Strategy and Organizational Design
    • Parent Category Link: /strategy-and-organizational-design
    • I&O is often the last to be informed of an impending M&A deal.
    • The business doesn’t understand the necessary requirements or timeline for integration.
    • It’s hard to prioritize when you’re buried under a mountain of work.
    • Documentation may be lacking or nonexistent, and members of the target organization may be uncooperative.

    Our Advice

    Critical Insight

    • Manage expectations. The business often expects integration in days or weeks, not months or years. You need to set them straight.
    • Open your checkbook and prepare to hire. Integration will require a temporary increase in resources.
    • Tackle organizational and cultural change. People are harder to integrate than technology. Culture change is the hardest part, and the integration plan should address it.

    Impact and Result

    • Tailor your approach based on the business objectives of the merger or acquisition.
    • Separate the must-haves from the nice-to-haves.
    • Ensure adequate personnel and budget.
    • Plan for the integration into normal operations.

    M&A Runbook for Infrastructure and Operations Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how to partner with the business to conquer the challenges in your next merger or acquisition.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Establish goals

    Partner with the business to determine goals and establish high-level scope.

    • M&A Runbook for Infrastructure and Operations – Phase 1: Establish Goals
    • I&O M&A Project Napkin

    2. Conduct discovery

    Find out what the target organization’s I&O looks like.

    • M&A Runbook for Infrastructure and Operations – Phase 2: Conduct Discovery
    • I&O M&A Discovery Letter Template
    • I&O M&A Discovery Template
    • I&O M&A Workbook
    • I&O M&A Risk Assessment Tool

    3. Plan short-term integration

    Build a plan to achieve a day 1 MVP.

    • M&A Runbook for Infrastructure and Operations – Phase 3: Plan Short-Term Integration
    • I&O M&A Short-Term Integration Capacity Assessment Tool

    4. Map long-term integration

    Chart a roadmap for long-term integration.

    • M&A Runbook for Infrastructure and Operations – Phase 4: Map Long-Term Integration
    • I&O M&A Long-Term Integration Portfolio Planning Tool
    [infographic]

    Workshop: M&A Runbook for Infrastructure and Operations

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 High-Level Scope

    The Purpose

    Establish goals and conduct discovery.

    Key Benefits Achieved

    Alignment with business goals

    Documentation of target organization’s current state

    Activities

    0.1 Consult with stakeholders.

    0.2 Establish M&A business goals.

    0.3 Conduct target discovery.

    0.4 Document own environment.

    0.5 Clarify goals.

    Outputs

    Stakeholder communication plan

    M&A business goals

    I&O M&A Discovery Template

    Current state of organization

    2 Target Assessment

    The Purpose

    Assess risk and value of target organization.

    Key Benefits Achieved

    Accurate scope of I&O integration

    Risk mitigation plans

    Value realization strategies

    Activities

    1.1 Scope I&O M&A project.

    1.2 Assess risks.

    1.3 Assess value.

    Outputs

    I&O M&A Project Napkin

    Risk assessment

    Value assessment

    3 Day 1 Integration Project Plan

    The Purpose

    Establish day 1 integration project plan.

    Key Benefits Achieved

    Smoother day 1 integration

    Activities

    2.1 Determine Day 1 minimum viable operating model post M&A.

    2.2 Identify gaps.

    2.3 Build day 1 project plan.

    2.4 Estimate required resources.

    Outputs

    Day 1 project plan

    4 Long-Term Project Plan

    The Purpose

    Draw long-term integration roadmap.

    Key Benefits Achieved

    Improved alignment with M&A goals

    Greater realization of the deal’s value

    Activities

    3.1 Set long-term future state goals.

    3.2 Create a long-term project plan.

    3.3 Consult with business stakeholders on the long-term plan.

    Outputs

    Long-term integration project plan

    5 Change Management and Continual Improvement

    The Purpose

    Prepare for organization and culture change.

    Refine M&A I&O integration process.

    Key Benefits Achieved

    Smoother change management

    Improved M&A integration process

    Activities

    4.1 Complete a change management plan.

    4.2 Conduct a process post-mortem.

    Outputs

    Change management plan

    Process improvements action items

    AI and the Future of Enterprise Productivity

    • Buy Link or Shortcode: {j2store}329|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $12,399 Average $ Saved
    • member rating average days saved: 10 Average Days Saved
    • Parent Category Name: Innovation
    • Parent Category Link: /innovation
    • We’re witnessing a fundamental transformation in how businesses operate and productivity is achieved.
    • Advances in narrow but powerful forms of artificial intelligence (AI) are being driven by a cluster of factors.
    • Applications for enterprise AI aren’t waiting for the emergence of a general AI. They’re being rapidly deployed in task-specific domains. From robotic process automation (RPA) to demand forecasting, from real-world robotics to AI-driven drug development, AI is boosting enterprise productivity in significant ways.

    Our Advice

    Critical Insight

    Algorithms are becoming more advanced, data is now richer and easier to collect, and hardware is cheaper and more powerful. All of this is true and contributes to the excitement around enterprise AI applications, but the biggest difference today is that enterprises are redesigning their processes around AI, rather than simply adding AI to their existing processes.

    Impact and Result

    This report outlines six emerging ways AI is being used in the enterprise, with four future scenarios outlining their possible trajectories. These are designed to guide strategic decision making and facilitate future-focused ideation.

    AI and the Future of Enterprise Productivity Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Read the trend report

    This report outlines six emerging ways AI is being used in the enterprise, with four future scenarios outlining their possible trajectories. These are designed to guide strategic decision making and facilitate future-focused ideation.

    • AI and the Future of Enterprise Productivity Trend Report
    • AI and the Future of Enterprise Productivity Trend Report (PDF)
    [infographic]