Define Your Virtual and Hybrid Event Requirements

  • Buy Link or Shortcode: {j2store}64|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: End-User Computing Applications
  • Parent Category Link: /end-user-computing-applications

Your organization is considering holding an event online, or has been, but:

  • The organization (both on the business and IT sides) may not have extensive experience hosting events online.
  • It is not immediately clear how your formerly in-person event’s activities translate to a virtual environment.
  • Like the work-from-home transformation, bringing events online instantly expands IT’s role and responsibilities.

Our Advice

Critical Insight

If you don't begin with strategy, you will fit your event to technology, instead of the other way around.

Impact and Result

To determine your requirements:

  • Determine the scope of the event.
  • Narrow down your list of technical requirements.
  • Use Info-Tech’s Rapid Application Selection Framework to select the right software solution.

Define Your Virtual and Hybrid Event Requirements Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Define Your Virtual and Hybrid Event Requirements Storyboard – Use this storyboard to work through key decision points involved in creating digital events.

This deck walks you through key decision points in creating virtual or hybrid events. Then, begin the process of selecting the right software by putting together the first draft of your requirements for a virtual event software solution.

  • Define Your Virtual and Hybrid Event Requirements Storyboard

2. Virtual Events Requirements Tool – Use this tool to begin selecting your requirements for a digital event solution.

The business should review the list of features and select which ones are mandatory and which are nice to have or optional. Add any features not included.

  • Virtual/Hybrid Event Software Feature Analysis Tool
[infographic]

Further reading

Define Your Virtual and Hybrid Event Requirements

Accelerate your event scoping and software selection process.

Analyst Perspective

When events go virtual, IT needs to cover its bases.

The COVID-19 pandemic imposed a dramatic digital transformation on the events industry. Though event ticket and registration software, mobile event apps, and onsite audio/visual technology were already important pieces of live events, the total transformation of events into online experiences presented major challenges to organizations whose regular business operations involve at least one annual mid-sized to large event (association meetings, conferences, trade shows, and more).

Many organizations worked to shift to online, or virtual events, in order to maintain business continuity. As time went on, and public gatherings began to restart, a shift to “hybrid” events began to emerge—events that accommodate both in-person and virtual attendance. Regardless of event type, this pivot to using virtual event software, or digital event technology, brings events more closely into IT’s areas of responsibility. If you don't begin with strategy, you risk fitting your event to technology, instead of the other way around.

If virtual and hybrid events are becoming standard forms of delivering content in your organization, use Info-Tech’s material to help define the scope of the event and your requirements, and to support your software selection process.

Photo of Emily Sugerman
Emily Sugerman
Research Analyst, Infrastructure & Operations
Info-Tech Research Group

Executive Summary

Your Challenge

The organization (both on the business and IT sides) may not have extensive experience hosting events online.

It is not immediately clear how a formerly in-person event’s activities translate to a virtual environment.

Like the work-from-home transformation, bringing events online expands IT’s role and responsibilities.

Common Obstacles

It is not clear what technological capabilities are needed for the event, which capabilities you already own, and what you may need to purchase.

Though virtual events remove some barriers to attendance (distance, travel), it introduces new complications and considerations for planners.

Hybrid events introduce another level of complexity.

Info-Tech’s Approach

In order to determine your requirements:

Determine the scope of the event.

Narrow down your list of technical requirements.

Use Info-Tech’s Rapid Application Selection Framework to select the right software solution.

Info-Tech Insight

If you don't begin with strategy, you will fit your event to technology, instead of the other way around.

Your challenge

The solution you have been using for online events does not meet your needs.

Though you do have some tools that support large meetings, it is not clear if you require a larger and more comprehensive virtual event solution. There is a need to determine what type of technology you might need to purchase versus leveraging what you already have.

It is difficult to quickly and practically identify core event requirements and how they translate into technical capabilities.

Maintaining or improving audience engagement is a perpetual challenge for virtual events.

38%
of event professionals consider virtual event technology “a tool for reaching a wider audience as part of a hybrid strategy.”

21%
consider it “a necessary platform for virtual events, which remain my go-to event strategy.”

40%
prioritize “mid-budget all-in-one event tech solution that will prevent remote attendees from feeling like second-class participants.”

Source: Virtual Event Tech Guide, 2022

Common obstacles

These barriers make this challenge difficult to address for many organizations.

Events with networking objectives are not always well served by webinars, which are traditionally more limited in their interactive elements.

Events that include the conducting of organizational/association business (like voting) may have bylaws that make selecting a virtual solution more challenging.

Maintaining attendee engagement is more challenging in a virtual environment.

Prior to the pandemic, your organization may not have been as experienced in putting on fully virtual events, putting more responsibility in your corner as IT. Navigating virtual events can also require technological competencies that your attendee userbase may not universally possess.

Technological limitations and barriers to access can exclude potential attendees just as much as bringing events online can open up attendance to new audiences.

Opportunity: Virtual events can significantly increase an event’s reach

Events held virtually during the pandemic noted significant increases in attendees.

“We had 19,000 registrations from all over the world, almost 50 times the number of people we had expected to host in Amsterdam. . . . Most of this year’s [2020] attendees would not have been able to participate in a physical GrafanaCon in Amsterdam. That was a huge win.” – Raj Dutt, Grafana Labs CEO[5]

Event In-person Online 2022
Microsoft Build 2019: 6,000 attendees 2020: 230,000+ registrants[1] The 2022 conference was also held virtually[3]
Stanford Institute for Human-Centered Artificial Intelligence A few hundred attendees expected for the original (cancelled) 2020 in-person conference 2020: 30,000 attendees attended the “COVID-19 and AI” virtual conference[2] The 2022 Spring Conference was a hybrid event[4]

[1] Kelly, 2020; [2] Price, 2020; [3] Stanford Digital Economy Lab, 2022; [4] Warren, 2022; [5] Fast Company, 2020

Info-Tech’s methodology for defining virtual/hybrid event requirements

A diagram that shows defining event scope, creating list of requirements, and selecting software.

Event planning phases

Apply project management principles to your virtual/hybrid event planning process.

Online event planning should follow the same established principles as in-person event planning.
Align the event’s concept and objectives with organizational goals.

A diagram of event planning phases
Source: Adapted from Event Management Body of Knowledge, CC BY 4.0

Gather inputs to the planning processes

Acquire as much of this information as possible before you being the planning process.

Budget: Determine your organization’s budget for this event to help decide the scope of the event and the purchasing decisions you make as you plan.

Internal human resources: Identify who in your organization is usually involved in the organization of this event and if they are available to organize this one.

List of communication and collaboration tools: Acquire the list of the existing communication and collaboration tools you are currently licensed for. Ensure you know the following information about each tool:

  • Type of license
  • License limitations (maximum number of users)
  • Internal or external-facing tool (or capable of both)
  • Level of internal training and competency on the tool

Decision point: Relate event goals to organizational goals

What is driving the event?

Your organization may hold a variety of in-person events that you now wish, for various reasons, to hold fully or partially online. Each event likely has a slightly different set of goals.

Before getting into the details of how to transition your event online, return to the business/organizational goals the event is serving.

Ensure each event (and each component of each event) maps back to an organizational goal.

If a component of the event does not align to an organizational goal, assess whether it should remain as part of the event.

Common organizational goals

  • Increase revenue
  • Increase productivity
  • Attract and retain talent
  • Improve change management
  • Carry out organizational mission
  • Identify new markets
  • Increase market share
  • Improve customer service
  • Launch new product/service

Common event goals

  • Education/training
  • Knowledge transfer
  • Decision making
  • Professional development
  • Sales/lead generation
  • Fundraising
  • Entertainment
  • Morale boosting
  • Recognition of achievement

Decision point: Identify your organization’s digital event vision

What do you want the outcome of this event to be?

Attendee goals: Who are your attendees? Why do they attend this event? What attendee needs does your event serve? What is your event’s value proposition? Are they intrinsically or extrinsically motivated to attend?

Event goals: From the organizer perspective, why do you usually hold this event? Who are your stakeholders?

Organizational goals: How do the event goals map to your organizational goals? Is there a clear understanding of what the event’s larger strategic purpose is.

Common attendee goals

Education: our attendees need to learn something new that they cannot learn on their own.
Networking: our attendees need to meet people and make new professional connections.
Professional development: our attendees have certain obligations to keep credentials updated or to present their work publicly to advance their careers.
Entertainment: our attendees need to have fun.
Commerce: our attendees need to buy and sell things.

Decision point: Level of external event production

Will you be completely self-managed, reliant on external event production services, or somewhere in the middle?

You can review this after working through the other decision points and the scope becomes clearer.

A diagram that shows Level of external event production, comparing Completely self-managed vs Fully externally-managed.

Decision point: Assign event planning roles

Who will be involved in planning the event? Fill/combine these roles as needed.

Planning roles Description
Project manager Shepherd event planning until completion while ensuring project remains on schedule and on budget.
Event manager Correspond with presenters during leadup to event, communicate how to use online event tools/platform, perform tests with presenters/exhibitors, coordinate digital event staff/volunteers.
Program planner Select the topics, speakers, activity types, content, streams.
Designer and copywriter Design the event graphics; compose copy for event website.
Digital event technologist Determine event technology requirements; determine how event technology fits together; prepare RFP, if necessary, for new hardware/software.
Platform administrator Set up registration system/integrate registrations into platform(s) of choice; upload video files and collateral; add livestream links; add/delete staff roles and set controls and permissions; collect statistics and recordings after event.
Commercial partner liaison Recruit sponsors and exhibitors (offer sponsorship packages); facilitate agreement/contract between commercial partners and organization; train commercial partners on how to use event technology; retrieve lead data.
Marketing/social media Plan and execute promotional campaigns (email, social media) in the lead up to, and during, the event. Post-event, send follow-up communications, recording files, and surveys.

Decision point: Assign event production roles

Who will be involved in running the event?

Event production roles Description
Hosts/MCs Address attendees at beginning and end of event, and in-between sessions
Provide continuity throughout event
Introduce sessions
Producers Prepare presenters for performance
Begin and end sessions
Use controls to share screens, switch between feeds
Send backchannel messages to presenters (e.g., "Up next," "Look into webcam")
Moderators Admit attendees from waiting room
Moderate incoming questions from attendees
Manage slides
Pass questions to host/panelists to answer
Moderate chat
IT support Manage event technology stack
Respond to attendee technical issues
Troubleshoot network connectivity problems
Ensure audio and video operational
Start and stop session recording
Save session recordings and files (chat, Q&As)

Decision point: Map attendee goals to event goals to organizational goals

Input: List of attendee benefits, List of event goals, List of organizational goals
Output: Ranked list of event goals as they relate to attendee needs and organizational goals
Materials: Whiteboard/flip charts
Participants: Planning team

  1. Define attendee benefits:
    1. List the attendee benefits derived from your event (as many as possible).
    2. Rank attendee benefits from most to least important.
  2. Define event goals:
    1. List your event goals (as many as possible).
    2. Draw a connecting line to your ranked list of attendee benefits.
    3. Identify if any event goals exist with no clear relationship to attendee benefits. Discuss whether this event goal needs to be re-envisioned. If it connects to no discernible attendee benefits, consider removing it. Otherwise, figure out what attendee benefits the event goal provides.
  3. Define organizational goals:
    1. Acquire a list of your organization’s main strategic goals.
    2. Draw a connecting line from each event goal to the organizational goal it supports.
    3. If most of your event goals do not immediately seem to support an organizational goal, discuss why this is. Try to find the connection. If you cannot, discuss whether the event should proceed or be rethought.

Decision point: Break down your event into its constituent components

Identify your event archetype

Decompose the event into its component parts

Identify technical requirements that help meet event goals

Benefits:

  • Clarify how formerly in-person events map to virtual archetypes.
  • Ensure your virtual event planning is anchored to organizational goals from the outset.
  • Streamline your virtual event tech stack planning later.

Decision point: Determine your event archetype

Analyze your event’s:

  • Main goals.
  • The components and activities that support those goals.
  • How these components and activities fall into people- vs. content-centric activities, and real-time vs. asynchronous activities.
  1. Conference
  2. Trade show
  3. Annual general meeting
  4. Department meeting
  5. Town hall
  6. Workshop

A diagram that shows people- vs. content-centric activities, and real-time vs. asynchronous activities

Info-Tech Insight

Begin the digital event planning process by understanding how your event’s content is typically consumed. This will help you make decisions later about how best to deliver the content virtually.

Conference

Goals: Education/knowledge transfer; professional advancement; networking.

Major content

  • Call for proposals/circulation of abstracts
  • Keynotes or plenary address: key talk addressed to large audience
  • Panel sessions: multiple panelists deliver address on common theme
  • Poster sessions: staffed/unstaffed booths demonstrate visualization of major research on a poster
  • Association meetings (see also AGM archetype): professional associations hold AGM as one part of a larger conference agenda

Community

  • Formal networking (happy hours, social outings)
  • Informal networking (hallway track, peer introductions)
  • Business card exchange
  • Pre- and post-event correspondence

Commercial Partners

  • Booth reps: Publishing or industry representatives exhibit products/discuss collaboration

A quadrants matrix of conference

Trade show

Objectives: Information transfer; sales; lead generation.

Major content

  • Live booth reps answer questions
  • Product information displayed
  • Promotional/information material distributed
  • Product demonstrations at booths or onstage
  • Product samples distributed to attendees

Community interactions

  • Statements of intent to buy
  • Lead generation (badge scanning) of booth visitors
  • Business card exchange
  • Pre- and post-event correspondence

A quadrants matrix of Trade show

Annual general meeting

Objectives: Transparently update members; establish governance and alignment.

Meeting events

  • Updates provided to members on organization’s activities/finances
  • Decisions made regarding organization’s direction
  • Governance over organization established (elections)
  • Speakers addressing large audience from stage
  • In-camera sessions
  • Translation of proceedings
  • Real-time weighted voting
  • Minutes taken during meeting

Administration

  • Notice given of meeting within mandated time period
  • Agenda circulated prior to meeting
  • Distribution of proxy material
  • Minutes distributed

A quadrants matrix of Annual general meeting

Department meeting

Objectives: Information transfer of company agenda/initiatives; group decision making.

Major content

  • Agenda circulated prior to meeting
  • Updates provided from senior management/leadership to employees on organization’s initiatives and direction
  • Employee questions and feedback addressed
  • Group decision making
  • Minutes taken during meeting
  • Minutes or follow-up circulated

A quadrants matrix of department meeting

Town hall meeting

Objectives: Update public; answer questions; solicit feedback.

Major content

  • Public notice of meeting announced
  • Agenda circulated prior to meeting
  • Speakers addressing large audience from stage
  • Presentation of information pertinent to public interest
  • Audience members line up to ask questions/provide feedback
  • Translation of proceedings
  • Recording of meeting archived

A quadrants matrix of Town hall meeting

Workshop

Objectives: Make progress on objective; achieve consensus; knowledge transfer.

Major content

  • Scheduling of workshop
  • Agenda circulated prior to meeting
  • Facilitator leads group activities
  • Participants develop alignment on project
  • Progress achieved on workshop project
  • Feedback on workshop shared with facilitator

A quadrants matrix of Workshop

Decision point: Analyze your event’s purpose and value

Use the event archetypes to help you identify your event’s core components and value proposition.

  1. Attendee types: Who typically attends your event? Exclusively internal participants? External participants? A mix of the two?
  2. Communication: How do participants usually communicate with each other during this event? How do they communicate with the event organizers? Include both formal types of communication (listening to panel sessions) and informal (serendipitous conversations in the hallway).
  3. Connection: What types of connections do your attendees need to experience? (networking with peers; interactions with booth reps; consensus building with colleagues).
  4. Exchange of material: What kind of material is usually exchanged at this event and between whom? (Pamphlets, brochures, business cards, booth swag).
  5. Engagement: How do you usually retain attendees' attention and make sure they remain engaged throughout the event?
  6. Length: How long does the event typically last?
  7. Location and setup: Where does the event usually take place and who is involved in its setup?
  8. Success metrics: How do you usually measure your event's success?

Info-Tech Insight

Avoid trying to exactly reproduce the formerly in-person event online. Instead, identify the value proposition of each event component, then determine what its virtual expression could be.

Example: Trade show

Goals: Information transfer; sales; lead generation.

  1. Identify event component(s)
  2. Document its face-to-face expression(s)
  3. Identify the expression’s value proposition
  4. Translate the value proposition to a virtual component that facilitates overall event goal

Event component

Face-to-face expression

Value proposition of component

Virtual expression

Attendee types Paying attendees Revenue for event organizer; sales and lead generation for booth rep Access to virtual event space
Attendee types Booth rep Revenue for event organizer; information source for paying attendees Access to virtual event space
Communication/connection Conversation between booth rep and attendee Lead generation for booth rep; information to inform decision making for attendee Ability to enter open video breakout session staffed by booth reps OR

Ability to schedule meeting times with booth rep

Multiple booth reps on hand to monitor different elements of the booth (one person to facilitate the discussion over video, another to monitor chat and Q&A)
Communication/connection Serendipitous conversation between attendees Increased attendee contacts; fun Multiple attendees can attend the booth’s breakout session simultaneously and participate in web conferencing, meeting chat, or submit questions to Q&A
Communication/connection Badges scanned at booth/email sign-up sheets filled out at table Lead generation for exhibitors List of visitors to booth shared with exhibitor (if consent given by attendees)

Ability for attendees to request to be contacted for more information
Exchange of material Catering (complimentary coffee, pastries) Obviate the need for attendees to leave the event for refreshments N/A: not included in virtual event
Exchange of material Pamphlets, product literature, swag Portable information for attendee decision making Downloadable files (pdf)
Location Responsibility of both the organizers (tables, chairs, venue) and booth reps (posters, handouts) Booth reps need a dedicated space where they can be easily found by attendees and advertise themselves Booth reps need access to virtual platform to upload files, images, provide booth description
Engagement Attendees able to visit all booths by strolling through space Event organizers have a captive audience who is present in the immediacy of the event site Attendees motivated to stay in the event space and attend booths through gamification strategies (points awarded for number of booths visited or appointments booked)
Length of event 2 full days Attendees travel to event site and spend the entire 2 days at the event, allowing them to be immersed in the event and absorb as much information in as little time as possible Exhibitors’ visiting hours will be scheduled so they work for both attendees attending in Eastern Standard Time and Pacific Time
Metrics for success -Positive word of mouth
-Number of registrations
These metrics can be used to advertise to future exhibitors and attendees Number of virtual booths visited

Number of file downloads

Survey sent to attendees after event (favorite booths, preferred way to interact with exhibitors, suggestions for improvement, most valuable part of experience)

Plan your metrics

Use the analytics and reporting features available in your event technology toolset to capture the data you want to measure. Decide how each metric will impact your planning process for the next event.

Examples of metrics:

  • Number of overall participants/registrants: Did you have more or fewer registrants/attendees than previous iterations of the event? What is the difference between number of registrants and number of real attendees?
  • Locations of participants: Where are people participating from? How many are attending for the first time? Are there new audiences you can pursue next time?
  • Most/least popular sessions: How long did people stay in the sessions and the event overall?
  • Most/least popular breakout rooms and discussion boards: Which topics should be repeated/skipped next time?
  • Social media mentions: Which topics received the most engagement on social media?
  • Surveys: What do participants report enjoying most? Least?
  • Technical failures: Can your software report on failures? Identify what technical problems arose and prepare a plan to mitigate them next time.

Ensure the data you capture feeds into better planning for the next event

Determine compliance requirements

A greater event reach also means new data privacy considerations, depending on the location of your guests.

General Data Protection Regulation (GDPR)

Concerns over the collection of personal electronic data may not have previously been a part of your event planning considerations. However, now that your event is online, it’s wise to explore which data protection regulations apply to you. Remember, even if your organization is not located in the EU, if any of your attendees are European data subjects you may still be required to comply with GDPR, which involves the notification of data collected, allowing for opt-out options and the right to have data purged. The data must be collected for a specific purpose; if that purpose is expired, it can no longer be retained. You also have an obligation to report any breaches.

Accessibility requirements

What kind of accessibility laws are you subject to (AODA, WCAG2)? Regardless of compliance requirements, it is a good idea to ensure the online event follows accessibility best practices.

Decision point: Set event policies

What event policies need to be documented?
How will you communicate them to attendees?

Code of conduct

One trend in the large event and conference space in recent years has been the development of codes of conduct that attendees are required to abide by to continue participating in the event.
Now that your event is online, consider whether your code of conduct requires updating. Are there new types of appropriate/inappropriate online behavior that you need to define for your attendees?

Harassment reporting

If your organization has an event harassment reporting process, determine how this process will transfer over to the digital event.
Ensure the reporting process has an owner and a clear methodology to follow to deal with complaints, as well as a digital reporting channel (a dedicated email or form) that is only accessed by approved staff to protect sensitive information.

Develop a risk management plan

Plan for how you will mitigate technical risks during your virtual event
Provide presenters with a process to follow if technical problems arise.

  • Presenter’s internet connection cuts out
  • Attendees cannot log in to event platform
  • Attendees cannot hear/see video feed
  • What process will be followed when technical problems occur: ticketing system; chatbot; generic email accessible by all IT support assigned

Testing/Rehearsal

Test audio hardware: Ensure speakers use headphones/earbuds and mics (they do not have to be fancy/expensive). Relying on the computer/laptop mic can lead to more ambient noise and potential feedback problems.

Check lighting: Avoid backlighting. Reposition speakers so they are not behind windows. Ask them to open/close shades. Add lamps as needed.

Prevent interruptions: Before the event, ask panelists to turn phone and computer notifications to silent. Put a sign on the door saying Do not Disturb.

Control audience view of screenshare: If your presenters will be sharing their screens, teach them how this works on the platform they are using. Advise them to exit out of any other application that is not part of their presentation, so they do not share the wrong screen unintentionally. Advise them to remove anything from the desktop that they do not want the audience to see, in case their desktop becomes visible at any point.

Control audience view of physical environment: Before the event, advise participants to turn their cameras on and examine their backgrounds. Remove anything the audience should not be able to see.

Test network connectivity: Send the presenters a link to a speed test and check their internet speed.

Emergency contact: Exchange cell phone numbers for emergency backchannel conversations if problems arise on the day of the event.

Set expectations: Presenting to an online audience feels very different to a live crowd. Prepare presenters for a lack of applause and lack of ability to see their audience, and that this does not mean the presentation was unsuccessful.

Identify requirements

To determine what kind of technical requirements you need to build the virtual expression of your event, consult the Virtual Event Platform Requirements Tool.

  1. If you have determined that the requirements you wish to use for the event exceed the capabilities of your existing communication and collaboration toolset, identify whether these gaps tip the scale toward purchasing a new tool. Use the requirement gaps to make the business case for purchasing a new tool.
  2. Use the Virtual Event Platform Requirements Tool to create a list of requirements.
  3. Consult the Software Reviews category for Virtual Event Platform Data Quadrant and Emotional Footprint reports.
  4. Assemble your documentation for approvals and the Rapid Application Selection Process.

A photo of Detailed Feature Analysis Worksheet.

Download the Virtual/Hybrid Event Software Feature Analysis Tool

Rapid Application Selection Framework and Contract Review

A photo of Rapid Application Selection Framework
Launch Info-Tech’s Rapid Application Selection Framework.

Using the requirements you’ve just gathered as a base, use Info-Tech’s complete framework to improve the efficiency and effectiveness of software selection.

Once you’ve selected a vendor(s), review the contract. Does it define an exit strategy? Does it define when your data will be deleted? Does it set service-level agreements that you find acceptable? Leverage Info-Tech’s contract review service once you have selected the virtual event solution and have received a contract from the vendor.

Further research

Photo of Run Better Meetings
Run Better Meetings

Bibliography

Dutt, Raj. “7 Lessons from This Company’s First-Ever Virtual Conference.” Fast Company, 29 Jul 2020. Web.

Kelly, Samantha Murphy. “Microsoft Build Proves Splashy Tech Events Can Thrive Online.” CNN, 21 May 2020. Web.

“Phases.” Event Management Body of Knowledge (EMBOK), n.d. Web.

Price, Michael. “As COVID-19 Forces Conferences Online, Scientists Discover Upsides of Virtual Format.” Science, 28 Apr 2020. Web.

“Stanford HAI Spring Conference - Key Advances in Artificial Intelligence.” Stanford Digital Economy Lab, 2022. Web.

“Virtual Event Tech Guide 2022.” Skift Meetings, April 2022. Web.

Warren, Tom. “Microsoft Build 2022 Will Take Place May 24th–26th.” The Verge, 30 March 2022. Web.

Contributors

6 anonymous contributors

AI and the Future of Enterprise Productivity

  • Buy Link or Shortcode: {j2store}329|cart{/j2store}
  • member rating overall impact (scale of 10): 9.0/10 Overall Impact
  • member rating average dollars saved: $12,399 Average $ Saved
  • member rating average days saved: 10 Average Days Saved
  • Parent Category Name: Innovation
  • Parent Category Link: /innovation
  • We’re witnessing a fundamental transformation in how businesses operate and productivity is achieved.
  • Advances in narrow but powerful forms of artificial intelligence (AI) are being driven by a cluster of factors.
  • Applications for enterprise AI aren’t waiting for the emergence of a general AI. They’re being rapidly deployed in task-specific domains. From robotic process automation (RPA) to demand forecasting, from real-world robotics to AI-driven drug development, AI is boosting enterprise productivity in significant ways.

Our Advice

Critical Insight

Algorithms are becoming more advanced, data is now richer and easier to collect, and hardware is cheaper and more powerful. All of this is true and contributes to the excitement around enterprise AI applications, but the biggest difference today is that enterprises are redesigning their processes around AI, rather than simply adding AI to their existing processes.

Impact and Result

This report outlines six emerging ways AI is being used in the enterprise, with four future scenarios outlining their possible trajectories. These are designed to guide strategic decision making and facilitate future-focused ideation.

AI and the Future of Enterprise Productivity Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Read the trend report

This report outlines six emerging ways AI is being used in the enterprise, with four future scenarios outlining their possible trajectories. These are designed to guide strategic decision making and facilitate future-focused ideation.

  • AI and the Future of Enterprise Productivity Trend Report
  • AI and the Future of Enterprise Productivity Trend Report (PDF)
[infographic]

Build a More Effective Go-to-Market Strategy

  • Buy Link or Shortcode: {j2store}559|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Marketing Solutions
  • Parent Category Link: /marketing-solutions
  • A weak or poorly defined Go-to-Market strategy is often the root cause of slow product revenue growth or missed product revenue targets.
  • Many agile-driven product teams rush to release, skipping key GTM steps leaving Sales and Marketing misaligned and not ready to fully monetize precious product investments.
  • Guessing at buyer persona and journey or competitive SWOT analyses – two key deliverables of an effective GTM strategy – cause poor marketing and sales outcomes.
  • Without the sales and product-aligned business case for launch called for in a successful GTM strategy, companies see low buyer adoption, wasted sales and marketing investments, and a failure to claim product and launch campaign success.

Our Advice

Critical Insight

  • Having an updated and compelling Go-to-Market strategy is a critical capability – as important as financial strategy, sales operations, and even corporate business development, given its huge impact on the many drivers of sustainable growth.
  • Establishing alignment through the GTM process builds long-term operational strength.
  • With a sound GTM strategy, marketers give themselves a 50% greater chance of product launch success.

Impact and Result

  • Align stakeholders on a common vision and execution plan prior to the Build and Launch phases.
  • Build a foundation of buyer and competitive understanding to drive a successful product hypothesis, then validate with buyers.
  • Deliver a team-aligned launch plan that enables launch readiness and outlines commercial success.

Build a More Effective Go-to-Market Strategy Research & Tools

Build Your Go-to-Market Strategy

Use this storyboard and its deliverables to build a baseline market, understand your buyer, and gain competitive insights. It will also help you design your initial product and business case, and align stakeholder plans to prep for build.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

  • Build a More Effective Go-to-Market Strategy – Executive Brief

    Almost there!

    Please enter your email and a few details and you're on your way to an efficient process.

    Download ×
  • Build a More Effective Go-to-Market Strategy – Phases 1-3
  • Go-to-Market Strategy Presentation Template
  • Go-to-Market Strategy RACI and Launch Checklist Workbook
  • Product Market Opportunity Sizing Workbook
  • Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

Infographic

Workshop: Build a More Effective Go-to-Market Strategy

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Align on GTM Vision & Plan, Craft Initial Strategy

The Purpose

Align on GTM vision and plan; craft initial strategy.

Key Benefits Achieved

Confidence that market opportunity is sufficient.

Deeper buyer understanding to drive product design and messaging and launch campaign asset design.

Steering committee approval for next phase.

Activities

1.1 Outline a vision for GTM, roles required, identify Steering Committee lead, workstream leads, and teams.

1.2 Capture GTM strategy hypothesis by working through initial draft of the Go-to-Market Strategy Presentation and business case.

1.3 Capture team knowledge on buyer persona and journey and competitive SWOT.

1.4 Identify info./data gaps, sources, and plan for capturing/gathering including buyer interviews.

Outputs

Documented Steering Committee and Working team.

Aligned on GTM vision and process.

Documented buyer persona and journey. Competitive SWOT analysis.

Document team knowledge on initial GTM strategy, buyer personas, and business case.

2 Identify Initial Business Case, Sales Forecast, and Launch Plan

The Purpose

Identify Initial Business Case, Sales Forecast, and Launch Plan.

Key Benefits Achieved

Confidence in size of market opportunity.

Alignment of Sales and Product on product forecast.

Assessment of marketing tech stack.

Initial business case.

Activities

2.1 Size Product Market Opportunity and initial revenue forecast.

2.2 Craft initial product hypothesis from buyer interviews including feature priorities, pricing, packaging, competitive differentiation, channel/route to market.

2.3 Craft initial launch campaign, product release and sales and CX readiness plans.

2.4 Identify launch budgets across each investment area.

2.5 Discuss initial product launch business case and key activities.

Outputs

Product Serviceable Obtainable Market (SOM), Serviceable Available Market (SAM) and Total Available Market (TAM).

Definition of product-market fit, uniqueness, and competitive differentiation.

Preliminary campaign, targets, and readiness plans.

Incremental budgets for each key stakeholder area.

Preliminary product launch business case.

3 Develop Launch Plans (I of II)

The Purpose

Develop final Launch plans and budgets in product and marketing.

Key Benefits Achieved

Align Product release/launch plans with the marketing campaign for launch.

Understand incremental budgets from product and marketing for launch.

Activities

3.1 Apply product interviews to scope, MVP, roadmap, competitive differentiation, pricing, feature prioritization, routes to market, and sales forecast.

3.2 Develop a more detailed launch campaign plan complete with asset-types, messaging, digital plan to support buyer journey, media buy plan and campaign metrics.

Outputs

Minimally Viable Product defined with feature prioritization. Product competitive differentiation documented Routes to market identified Sales forecast aligned with product team expectations.

Marketing campaign launch plan Content marketing asset-creation/acquisition plan Campaign targets and metrics.

4 Develop Launch Plans (II of II)

The Purpose

Develop final Launch Plans and budgets for remaining areas.

Key Benefits Achieved

Align Product release/launch plans with the marketing campaign for launch.

Understand incremental budgets from Product and Marketing for launch.

Activities

4.1 Develop detailed launch/readiness plans with final budgets for: Sales enablement , Sales training, Tech stack, Customer onboarding & success, Product marketing, AR, PR, Corp Comms/Internal Comms, Customer Events, Employee Events, etc.

Outputs

Detailed launch plans, budgets for Product Marketing, Sales, Customer Success, and AR/PR/Corp. Comms.

5 Present Final Business Case

The Purpose

To gain approval to move to Build and Launch phases.

Key Benefits Achieved

Align business case with Steering Committee expectations

Approvals to Build and Launch targeted offering

Activities

5.1 Review final launch/readiness plans with final budgets for all key areas.

5.2 Move all key findings into Steering Committee presentation slides.

5.3 Present to Steering Committee; receive feedback.

5.4 Incorporate Steering Committee feedback; update finial business case.

Outputs

Combined budgets across all areas. Final launch/readiness plans.

Final Steering Committee-facing slides.

Final approvals for Build and Launch.

Further reading

Build a More Effective Go-to-Market Strategy

Maximize GTM success through deeper market and buyer understanding and competitive differentiation and launch team readiness that delivers target revenues.

Table of Contents

Section Title
1 Executive Brief
  • Executive Summary
  • Analyst Perspective
  • Go-to-Market (GTM) strategy critical success factors
  • Key GTM challenges
  • Essential deliverables for GTM success
  • Benefits of a more effective GTM Strategy
  • Our methodology to support your success
  • Insight Summary
  • Blueprint deliverables and guided implementation steps
2 Build baseline market, buyer, and competitive insights
  • Establish your team
  • Build buyer personas and journeys – develop initial messaging
  • Build initial product hypothesis
  • Size product market opportunity
  • Outline your key tech, app, and digital requirements
  • Develop your competitive differentiation
  • Select routes to market
3 Design initial product and business case
  • Branding check
  • Formulate packaging and pricing
  • Craft buyer-valid product concept
  • Build campaign plan and targets
  • Develop budgets for creative, content, and media purchases
  • Draft product business case
  • Update GTM Strategy deck
4 Align stakeholder plans to prep for build
  • Assess tech/tools support for all GTM phases
  • Outline sales enablement and customer success plan
  • Build awareness plan
  • Finalize business case
  • Final GTM plan deck

Executive Brief

Analyst Perspective

Go-to-Market Strategy.

A successful go-to-market (GTM) strategy aligns marketing, product, sales and customer success, sees decision making based on deep buyer understanding, and tests many basic assumptions often overlooked in today’s agile-driven product development/management environment.

The disciplines you build using our methodology will not only support your team’s effort building and launching more successful products, but also can be modified for use in other strategic initiatives such as branding, M&A integration, expanding into new markets, and other initiatives that require a cross-functional and multidisciplined process.

Photo of Jeff Golterman, Managing Director, SoftwareReviews Advisory.

Jeff Golterman
Managing Director
SoftwareReviews Advisory

Executive Summary

An ineffective go-to-market strategy is often a root cause of:
  • Failure to attain new product revenue targets.
  • A loss of customer focus and poor new product/feature release buyer adoption.
  • Product releases misaligned with marketing, sales, and customer success readiness.
  • Low win rates compared to key competitors’.
  • Low contact-to-lead conversion rates.
  • Loss of executive/investor support for further new product development and marketing investments.
Hurdles to go-to-market success include:
  • An unclear product-market opportunity.
  • A lack of well defined and prioritized buyer personas and needs that are well understood.
  • Poor competitive analysis that fails to pinpoint key areas of competitive differentiation.
  • Guessing at buyer journey and buyer-described ideal engagement within your lead gen engine.
  • A business case that calls for levels of customer value delivery (vs. feature MVPs) that can actually deliver wins and targeted revenue goals.
Apply SoftwareReviews approach for greater GTM success.

Our blueprint is designed to help you:

  • Align stakeholders on a common vision and execution plan prior to the build and launch phases.
  • Build a foundation of buyer and competitive understanding to drive a successful product hypothesis, then validate with buyers.
  • Deliver a team-aligned launch plan that enables launch readiness and outlines commercial success.

SoftwareReviews Insight

Creating a compelling go-to-market strategy, and keeping it current, is a critical software company function – as important as financial strategy, sales operations, and even corporate business development – given its huge impact on the many drivers of sustainable growth.

Go-to-Market Strategy Critical Success Factors

Your GTM Strategy is where a multi-disciplined team builds a strong foundation for overall product plan, build, launch, and manage success

A GTM Strategy is not all art and not all science but requires both. Software leaders will establish a set of core capabilities upon which they will plan, build, launch and manage product success. Executives, when resourcing their GTM strategies, will begin with:
  • Strong Program Leadership – An experienced Program Manager will guide the team through each step of GTM Strategy and test team readiness before advancing to the next step.
  • Few Shortcuts – Successful teams will have navigated the process through all steps together at least once. Then future launches can skip steps where prior decisions still hold.
  • Stakeholder Buy-In – Strong collaboration among Sales, Marketing, and Product wins the day.
  • Strong Team Skills – Success depends on having the right talent, making the right decisions, and delivering the right outcomes enabled with the right set of technologies and integrated to reach the right buyers at the right moment.
  • Discipline and perseverance – Given that GTM Strategy is not easy, it’s not surprising that 75% of marketers cite a significant level of dissatisfaction with the outcomes of their GTM plan, build, and launch phases.
Diagram titled 'Go-to-Market Phases' with phases 'Manage', 'Launch', 'Build', and highlighted as 'This blueprint focus': 'Plan'.

SoftwareReviews Advisory Insight:
Marketers who get GTM Strategy “right” give themselves a 50% greater chance of Build and Launch success.

Sample of the 'PLAN' section of the GTM Strategy optimization diagram shown later.

Go-to-Market Success is Challenging

Getting GTM right is like winning an Olympic first-place crew finish. It takes teamwork, practice, and well-functioning tools and equipment.

Stock image of a rowing team.

  • The goal of any Go-to-Marketing Strategy is not only to do it right once, but to do it over and over consistently.
  • A lack of GTM consistency often results in decelerating growth, and a weak GTM Strategy is likely the root cause when companies observe any of the following challenges:
    • Product opportunity is unclear and well-defined business cases are lacking
    • Buyer adoption slows of new features and launch revenue targets are missed
    • Sales and marketing are not ready when development releases new features
    • Sales win/loss ratios drop as customers tell us products are not competitively differentiated
    • Loss of executive support for new product investments
  • A company experiencing any one of these symptoms will find a remedy in plugging gaps in the way they Go-to-Market.

“Figuring out a Go-to-Market approach is no trivial exercise – it separates the companies that will be successful and sustainable from those that won’t.” (Harvard Business Review)

Slowing growth may be due to missing GTM Strategy essentials

Marketers – Large and Small – will further test their GTM Strategy strength by asking “Are we missing any of the following?”

  • Product, Marketing, and Sales Alignment
  • Buyer personas and journeys
  • Product market opportunity size
  • Competitively differentiated product hypothesis
  • Buyer validated commercial concept
  • Sales revenue plan and program cost budget
  • Compelling business case for build and launch

SoftwareReviews Advisory Insight:

Marketers will go through the GTM Strategy process together across all disciplines at least once in order to establish a consistent process, make key foundational decisions (e.g. tech stack, channel strategy, pricing structure, etc.), and assess strengths and weaknesses to be addressed. Future releases to existing products don’t need to be re-thought but instead check-listed against prior foundational decisions.

Is Your GTM Strategy Led and Staffed Properly?

Staffing tree outlining GTM Strategy essentials. At the top are 'Steering Committee: CEO/GM in larger company, CFO/Senior Finance, Key functional leaders'. Next is 'Program Manager: Leads the GTM program. Workstream leads are “dotted line” for the program.' Followed by 'Workstream Leads: (PM) Product Marketing – Program leadership, (PD) Product Mgt. – Aligned with PM, (MO) Marketing Ops – SMB optional, (BR) Branding/Creative – SMB optional, (CI) Competitive Intel. – SMB optional, (DG) Demand Gen./Field Marketing. – crucial, (SE) Sales Enablement – crucial, (PR) PR/AR/Comms – SMB optional, and (CS) Customer Success – SMB optional'. In a 'Large Enterprise' each role is assigned to a separate person, but in a 'Small' Enterprise each person has multiple roles. 'SMB – as employees wear many hats, teams comprise members with requisite skills vs. specific roles/titles.'

Benefits of a more effective go-to-market strategy

Our research shows a more effective GTM Strategy delivers key benefits, including:
  • Increased product development ROI – with a finance-aligned business case, a buyer-validated value proposition, and the readiness of marketing and sales to product launch.
  • Launch campaign effectiveness – increases dramatically when messaging resonates with buyers and where they are in their journey.
  • Seller effectiveness – increases with buyer validated value proposition, competitive differentiation, and the ability to articulate to buyers.
  • Executive support – is achieved when an aligned sales, marketing, and product team proves consistent in delivering against release targets over and over again.

SoftwareReviews Advisory Insight:
Many marketers experiencing the value of the GTM Steering Committee, extend its use into a “Product and Pricing Council” (PPC) in order to move product-related decision making from ad-hoc to structured, and to reinforce GTM Strategy guardrails and best practices across the company.

“Go-to-Market Strategies aren’t just for new products or services, they can also be used for:
  • Acquiring other businesses
  • Changing your business’s focus
  • Announcing a new feature
  • Entering a new market
  • Rebranding
  • Positioning or repositioning

And while each GTM strategy is unique, there are a series of steps that every product marketer should follow.” (Product Marketing Alliance)

Is your GTM Strategy optimized?

Large detailed layout of the steps needed to 'Make Your Go-to-Market Strategy More Successful'. 'GTM Planning Success Can Be Elusive'; '75% of high-tech marketers desire a more effective GTM strategy...'. Steps: '1 Your Challenges - Are You Feeling Any of These Pains?', '2 Framework - Stay Aligned', '3 Planning - Check Your GTM Plan Steps', '4 Insight - Deliver Key Output', and '5 Results - Reap Key Benefits'. Source: SoftwareReviews, powered by Info-Tech Research Group.

Marketers, in order to optimize a go-to-market strategy, will:

  1. Self assess for symptoms of a sub-optimized approach.
  2. Align marketing, sales, product, and customer success with a common vision and execution plan.
  3. Diagnose for missing steps.
  4. Ensure creation of key deliverables.
  5. And then be able to reap the rewards.

Who benefits from an optimized go-to-market strategy?

This research is designed for:
  • High-tech marketers who are:
    • Looking to improve any aspect of their go-to-market strategy.
    • Looking for a checklist of roles and responsibilities across the product planning, build, and launch processes.
    • Looking to foster better alignment among key stakeholders such as product marketing, product management, sales, field marketing/campaigners, and customer success.
    • Looking to build a stronger business case for new product development and launch.
This research will help you:
  • Explain the benefits of a more effective go-to-market strategy to stakeholders.
  • Size the market opportunity for a product/solution.
  • Organize stakeholders for GTM operational success.
  • More easily present the GTM strategy to executives and colleagues.
  • Build and present a solid business case for product build and launch.
This research will also assist:
  • High-tech marketing and product leaders who are:
    • Looking for a framework of best practices to improve and scale their GTM planning.
    • Looking to align team members from all the key teams that support high-tech product planning, build, launch, and manage.
This research will help them:
  • Align stakeholders on an overall GTM strategy.
  • Coordinate tasks and activities involved across plan, build, launch, and manage – the product lifecycle.
  • Avoid low market opportunity pursuits.
  • Avoid poorly defined product launch business cases.
  • Build competence in managing cross-functional complex programs.

SoftwareReviews’ Approach

1

Build baseline market, buyer, and competitive insights

Sizing your opportunity, building deep buyer understanding, competitive differentiation, and routes to market are fundamental first steps.

2

Design initial product and business case

Validate positioning and messaging against brand, develop packaging and pricing, and develop digital approach, launch campaign approach and supporting budgets across all areas.

3

Align stakeholder plans to prep for build

Rationalize product release and concept to sales/financial plan and further develop customer success, PR/AR, MarTech, and analytics/metrics plans.

Our methodology provides a step-by-step approach to build a more effective go-to-market strategy

1.Build baseline market, buyer, and competitive insights 2. Design initial product and business case 3. Align stakeholder plans to prep for build
Phase Steps
  1. Select Steering Committee, GTM team, and outline roles and responsibilities. Build an aligned vision.
  2. Build initial product hypothesis based on sales and buyer “jobs to be done” research.
  3. Size the product market opportunity.
  4. Outline digital and tech requirements to support the full GTM process.
  5. Clarify target buyer personas and the buyer journey.
  6. Identify competitive gaps, parity, and differentiators.
  7. Select the most effective routes to market.
  8. Craft initial GTM Strategy presentation for executive review and status check.
  1. Compare emerging messaging and positioning with existing brand for consistency.
  2. Formulate packaging and pricing.
  3. Build a buyer-validated product concept.
  4. Build an initial campaign plan and targets.
  5. Develop initial budgets across all areas.
  6. Draft an initial product business case.
  7. Update GTM Strategy for executive review and status check.
  1. Assess technology and tools support for GTM strategy as well as future phases of GTM build, launch, and manage.
  2. Outline support for customer onboarding and ongoing engagement.
  3. Build an awareness plan covering media, social media, and industry analysts.
  4. Finalize product business case with collaborative input from product, sales, and marketing.
  5. Develop a final executive presentation for request for approval to proceed to GTM build phase.
Phase Outcomes
  1. Properly sized market opportunity and a unique buyer value proposition
  2. Buyer persona and journey mapping with buyer needs and competitive SWOT
  3. Tech stack modernization requirements
  4. First draft of business case
  1. Customer-validated value proposition and product-market fit
  2. Initial product business case with sales alignment
  3. Initial launch plans including budgets across all areas
  1. Key stakeholders and their plans are fully aligned
  2. Executive sign-off to move to GTM build phases

Insight summary

Your go-to-market strategy ability is a strategic asset

Having an updated and compelling go-to-market strategy is a critical capability – as important as financial strategy, sales operations, and even corporate business development – given its huge impact on the many drivers of sustainable growth.

Build the GTM Steering Committee into a strategic decision-making body

Many marketers experiencing the value of the GTM Steering Committee extend its use into a “Product and Pricing Council” (PPC) in order to move product-related decision making from ad-hoc to structured, and to reinforce GTM Strategy guardrails and best practices across the company.

A strong MarTech apps and analytics stack differentiates GTM leaders from laggards

Marketers that collaborate closely with Marketing Ops., Sales Ops., and IT early in the process of a go-to-market strategy will be best able to assess whether current website/digital, marketing applications, CRM/sales automation apps, and tools can support the complete Go-to-Market process effectively.

Establishing alignment through the GTM process builds long term operational strength

Marketers will go through the GTM Strategy process together across all disciplines at least once in order to establish a consistent process, make key foundational decisions (e.g. tech stack, channel strategy, pricing structure, etc.), and assess strengths and weaknesses to be addressed.

Build speed and agility

Future releases to existing products don’t need be re-thought but instead check-listed against prior foundational decisions.

GTM Strategy builds launch success

Marketers who get GTM Strategy “right” give themselves a 50% greater chance of build and launch success.

Blueprint deliverables

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

Key deliverable:

Go-to-Market Strategy Presentation Template

Capture key findings for your GTM Strategy within the Go-to-Market Strategy Presentation Template.

Sample of the key deliverable, the Go-to-Market Strategy Presentation Template.

Go-to-Market Strategy RACI and Launch Checklist Workbook

Includes a RACI model and launch checklist that helps scope your working team’s roles and responsibilities.

Sample of the Go-to-Market Strategy RACI and Launch Checklist Workbook deliverable.

Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

Capture launch incremental costs that, when weighed against the forecasted revenue, illustrate gross margins as a crucial part of the business case.

Sample of the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook deliverable.

Product Market Opportunity Sizing

While not a deliverable of this blueprint per se, the Product Market Opportunity blueprint is required.

Sample of the Product Market Opportunity Sizing deliverable. This blueprint calls for downloading the following additional blueprint:

Buyer Persona and Journey blueprint

While not a deliverable of this blueprint per se, the Buyer Persona and Journey blueprint is required

Sample of the Buyer Persona and Journey blueprint deliverable.

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

Guided Implementation

Workshop

Consulting

"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."
Included within advisory membership Optional add-ons

Guided Implementation

A Guided Implementation (GI) is a series of calls with a SoftwareReviews Advisory analyst to help implement our best practices in your organization.

For guidance on marketing applications, we can arrange a discussion with an Info-Tech analyst.

Your engagement managers will work with you to schedule analyst calls.

What does our GI on Build a More Effective Go-to-Market Strategy look like?

Build baseline market, buyer, and competitive insights

Design initial product and business case

Align stakeholder plans to prep for build

Call #1: Share GTM vision and outline team activities for the GTM Strategy process. Plan next call – 1 week.

Call #2: Outline product market opportunity approach and steps to complete. Plan next call – 1 week.

Call #3: Hold a series of inquiries to do a modernization check on tech stack. Plan next call – 2 weeks.

Call #4: Discuss buyer interview process, persona, and journey steps. Plan next call – 2 weeks.

Call #5: Outline competitive differentiation analysis, routes to market, and review of to-date business case. Plan next call – 1 week.

Call #6: Discuss brand strength/weakness, pricing, and packaging approach. Plan next call – 3 weeks.

Call #7: Outline needs to craft assets with right messaging across campaign launch plan and budget. Outline needs to create plans and budgets across rest of marketing, sales, CX, and product. Plan next call – 1 week.

Call #8: Review template and approach for initial business case and sales and product alignment. Plan next call – 1 week.

Call #9: Review initial business case and launch plans across marketing, sales, CX, and product. Plan next call – 1 week.

Call #10: Discuss plans/needs/budgets for tech stack modernization. Plan next call – 3 days.

Call #11: Discuss plans/needs/budgets for CX readiness for launch. Plan next call – 3 days.

Call #12: Discuss plans/needs/budgets for digital readiness for launch. Plan next call – 3 days.

Call #13: Discuss plans/needs/budgets for marketing and sales readiness for launch. Plan next call – 3 days.

Call #14: Review final business case and coach on Steering Committee Presentation. Plan next call – 1 week.

A Go-to-Market Workshop Overview

Contact your engagement manager for more information.
Day 1 Day 2 Day 3 Day 4 Day 5
Align on GTM Vision & Plan, Craft Initial Strategy
Identify Initial Business Case, Sales Forecast and Launch Plan
Develop Launch Plans (i of ii)
Develop Launch Plans (ii of ii)
Present Final Business Case to Steering Committee
Activities

1.1 Outline a vision for GTM and roles required, identify Steering Committee lead, workstream leads, and teams.

1.2 Capture GTM strategy hypothesis by working through initial draft of GTM Strategy Presentation and business case.

1.3 Capture team knowledge on buyer persona and journey and competitive SWOT.

1.4 Identify information/data gaps and sources and plan for capturing/gathering including buyer interviews.

Plan next day 2-3 weeks after buyer persona/journey interviews.

2.1 Size product market opportunity and initial revenue forecast.

2.2 Craft initial product hypothesis from buyer interviews including feature priorities, pricing, packaging, competitive differentiation, and channel/route to market.

2.3 Craft initial launch campaign, product release, sales, and CX readiness plans.

2.4 Identify launch budgets across each investment area.

2.5 Discuss initial product launch business case and key activities.

Plan next day 2-3 weeks after product hypothesis-validation interviews with customers and prospects.

3.1 Apply product interviews to scope, MVP, and roadmap competitive differentiation, pricing, feature prioritization, routes to market and sales forecast.

3.2 Develop more detailed launch campaign plan complete with asset-types, messaging, digital plan to support buyer journey, media buy plan and campaign metrics.

4.1 Develop detailed launch/readiness plans with final budgets for:

  • Sales enablement
  • Sales training
  • Tech stack
  • Customer onboarding & success
  • Product marketing
  • AR
  • PR
  • Corp comms/Internal comms
  • Customer events
  • Employee events
  • etc.

5.1 Review final launch/readiness plans with final budgets for all key areas.

5.2 Move all key findings up into Steering Committee presentation slides.

5.3 Present to Steering Committee, receive feedback.

5.4 incorporate Steering Committee feedback; update finial business case.

Deliverables
  1. Documented Steering Committee and working team, aligned on GTM vision and process.
  2. Document team knowledge on initial GTM strategy, buyer persona and business case.
  1. Definition of product market fit, uniqueness and competitive differentiation.
  2. Preliminary product launch business case, campaign, targets, and readiness plans.
  1. Detailed launch plans, budgets for product and marketing launch.
  1. Detailed launch plans, budgets for product marketing, sales, customer success, and AR/PR/Corp. comms.
  1. Final GTM Strategy, launch plan and business case.
  2. Approvals to move to GTM build and launch phases.

Build a More Effective Go-to-Market Strategy

Phase 1

Build baseline market, buyer, and competitive insights

Phase 1

1.1 Select Steering Cmte/team, build aligned vision for GTM

1.2 Buyer personas, journey, initial messaging

1.3 Build initial product hypothesis

1.4 Size market opportunity

1.5 Outline digital/tech requirements

1.6 Competitive SWOT

1.7 Select routes to market

1.8 Craft GTM Strategy deck

Phase 2

2.1 Brand consistency check

2.2 Formulate packaging and pricing

2.3 Craft buyer-valid product concept

2.4 Build campaign plan and targets

2.5 Develop cost budgets across all areas

2.6 Draft product business case

2.7 Update GTM Strategy deck

Phase 3

3.1 Assess tech/tools support for all GTM phases

3.2 Outline sales enablement and Customer Success plan

3.3 Build awareness plan

3.4 Finalize business case

3.5 Final GTM Plan deck

This phase will walk you through the following activities:

  • Steering Committee and Team formulation
  • A vision for go-to-market strategy
  • Initial product hypothesis
  • Market Opportunity sizing
  • Tech stack/digital requirements
  • Buyer persona and journey
  • Competitive gaps, parity, differentiators
  • Routes to market
  • GTM Strategy deck

This phase involves the following stakeholders:

  • Steering Committee
  • Working group leaders

To complete this phase, you will need:

Go-to-Market Strategy Presentation Template Go-to-Market Strategy RACI and Launch Checklist Workbook Buyer Persona and Journey blueprint Product Market Opportunity Sizing Workbook
Sample of the Go-to-Market Strategy Presentation Template deliverable. Sample of the Go-to-Market Strategy RACI and Launch Checklist Workbook deliverable. Sample of the Buyer Persona and Journey blueprint deliverable. Sample of the Product Market Opportunity Sizing Workbook deliverable.
Use the Go-to-Market Strategy Presentation Template to document the results from the following activities:
  • Documenting your GTM Strategy stakeholders
  • Documenting your GTM Strategy working team
Use the Go-to-Market Strategy RACI and Launch Checklist Workbook to:
  • Review the scope of roles and responsibilities required
  • Document the roles and responsibilities of your teams
Use the Buyer Persona and Journey blueprint to:
  • Interview sales and customers/prospects to inform product concepts, understand persona and later, flush out buyer journey
Use the Product Market Opportunity Sizing blueprint to:
  • Project Serviceable Obtainable Market (SOM), Serviceable Available Market (SAM), and Total Available Market (TAM) from your current penetrated market

Step 1.1

Identify a GTM Program Steering Committee and Team. Build an Aligned Vision for Your Go-to-Market Strategy Approach

Activities
  • 1.1.1 Identify the Steering Committee of key stakeholders whose support will be critical to success
  • 1.1.2 Select your go-to-market strategy program team
  • 1.1.3 Discuss an overview of the GTM process and program roles and responsibilities with stakeholders and GTM workstream leads
  • 1.1.4 Develop a Go-to-Market launch, tiering, time-line, and overall program plan
  • 1.1.5 Work with each workstream lead on their overall project plan and incremental budget requirements

This step will walk you through the following activities:

  • Identify stakeholders – your Steering Committee
  • Identify team members
  • Present a vision of GTM Strategy

This step involves the following participants:

  • Steering Committee
  • Program workstream leads

Outcomes of this step

  • Steering Committee identified
  • Team members identified
  • All aligned on the GTM process
  • Go-to-market strategy timeline and program plan
Phase 1 - Formulate a hypothesis and run discovery on key fundamentals
Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5 Step 1.6 Step 1.7 Step 1.8

1.1.1 Identify stakeholders critical to success

1-2 hours

Input: Steering Committee interviews, Recognition of Steering Committee interest

Output: List of GTM Strategy stakeholders as Steering Committee members

Materials: Following slide outlining the key responsibilities required of the Steering Committee members, A high-Level timeline of GTM Strategy phases and key milestone meetings

Participants: CMO, sponsoring executive, Functional leads - Marketing, Product Marketing, Product Management, Sales, Customer Success

  1. The GTM Strategy initiative manager should meet with the CMO to determine who will comprise the Steering Committee for your GTM Strategy.
  2. Finalize selection of steering committee members.
  3. Meet with members to outline their roles and responsibilities and ensure their willingness to participate.
  4. Document the steering committee members and the milestone/presentation expectations for reporting project progress and results.

SoftwareReviews Advisory Insight:
Go To Market Steering Committee’s can become an important ongoing body to steer overall product, pricing and other GTM decisions. Some companies have done so by adding the CEO and CFO to this committee and designated it as a permanent body that meets monthly to give go/no decisions to “all things product related” across all products and business units. Leaders that use this tool well, stay aligned, demonstrate consistency across business units and leverage outcomes across business units to drive greater scale.

Go-to-Market Strategy Stakeholders

Understand that aligning key stakeholders around the way your company goes to market is an essential company function.

Title Key Roles Supporting an Effective Go-to-Market Strategy
Go-to-Market Strategy Sponsor
  • Owns the function at the management/C-suite level
  • Responsible for breaking down barriers and ensuring alignment with organizational strategy
  • CMO, VP of Marketing, and in SMB Providers, the CEO
Go-to-Market Strategy Program Manager
  • Typically a senior member of the marketing team
  • Responsible for organizing the GTM Strategy process, preparing summary executive-level communications and approval requests
  • Program manages the GTM Strategy process, and in many cases, the continued phases of build and launch.
  • Product Marketing Director, or other marketing director, that has strong program management skills, has run large scale marketing and/or product programs, and is familiar with the stakeholder roles and enabling technologies
Functional Workstream Leads
  • Works alongside the Go-to-Market Strategy Initiative Manager on a specific product launch, campaign, rebranding, new market development, etc. and ensures their functional workstreams are aligned with the GTM Strategy
  • With typical GTM B2B a representative from each of the following functions will comprise the team:
    • Product Marketing, Product Management, Field Marketing, Creative, Marketing Ops/Digital, PR/Corporate Comms/AR, Social Media Marketing, Sales Operations, Sales Enablement/Training, and Customer Success
Digital, Marketing/Sales Ops/IT Team
  • Comprised of individuals whose application and tech tools knowledge and skills are crucial to supporting the entire marketing tech stack and its integration with Sales/CRM
  • Responsible for choosing technology that supports the business requirements behind Go-to-Market Strategy, and eventually the build and launch phases as well
  • Digital Platforms, CRM, Marketing Applications and Analytics managers
Steering Committee
  • Comprised of C-suite/management-level individuals that guide key decisions, approve of requests, and mitigate any functional conflicts
  • Responsible for validating goals and priorities, defining the scope, enabling adequate resourcing, and managing change especially among C-level leaders in Sales & Product
  • CMO, CTO/CPO, CRO, Head of Customer Success

Download the Go-to-Market Strategy Presentation Template

Roles vary by company size. Launch success depends on clear responsibilities

Sample of the Go-to-Market Strategy RACI and Launch Checklist Workbook.

Download the Go-to-Market Strategy RACI and Launch Checklist Workbook

Success improves when you align & assign
  • Go-to-Market, build, and launch success improves when:
    • Phases and steps are outlined
    • Key activities are documented
    • Roles/functions are described
    • At the intersection of activities and role, whether the role is “Responsible,” “Accountable,” “Consulted,” or “Informed” is established across the team
  • Leaders will hold a workshop to establish RACI that fits with the scope and scale of your organization.
  • Confusion, conflict, and friction can be dramatically reduced/eliminated with RACI adoption and practice.
  • Review the RACI model and launch checklist within the Go-to-Market Strategy RACI and Launch Checklist Workbook in order to identify the full scope of roles and responsibilities needed.

Go-to-Market Strategy Working Team

Consider the skills and knowledge required for GTM Strategy as well as build and launch functions when choosing teams.

Work with functional leaders to select workstream leads

Workstream leads should be strong in collaboration, coordination of effort among others, knowledgeable about their respective function, and highly organized as they may be managing a team of colleagues within their function to deliver their responsible portion of GTM.

Required Skills/Knowledge

  • Target Buyer
  • Product Roadmap
  • Brand
  • Competitors
  • Campaigns/Lead Gen
  • Sales Enablement
  • Media/Analysts
  • Customer satisfaction

Suggested Functions

  • Product Marketing
  • Product Management
  • Creative Director
  • Competitive Intelligence
  • Demand Gen./Field Marketing
  • Sales Ops/Training/Enablement
  • PR/AR/Corporate Comms.
  • Customer Success
Roles Required in Successful GTM Strategy
For SMB companies, as employees wear many different hats, assign people that have the requisite skills and knowledge vs. the role title.

Download the Go-to-Market Strategy RACI and Launch Checklist Workbook

1.1.2 Select the GTM Strategy working team

1-2 hours

Input: Stakeholders and leaders across the various functions outlined to the left

Output: List of go-to-market strategy team members

Materials: Go-to-Market Strategy Workbook

Participants: Initiative Manager, CMO, Sponsoring executive, Departmental Leads – Sales, Marketing, Product Marketing, Product Management (and others), Marketing Applications Director, Senior Digital Business Analyst

  1. The GTM Strategy Initiative Manager should meet with the GTM Strategy Sponsor and functional leaders of workstream areas/functions to determine which team members will serve as Steering Committee members and who will serve as workstream leads.
  2. The working team for your go-to-market strategy should have the following roles represented in the working team:
    • Depending on the initiative and the size of the organization, the team will vary.
    • Key business leaders in key areas – Product Marketing, Field Marketing, Digital Marketing, Inside Sales, Sales, Marketing Ops., Product Management, and IT – should be involved.
  3. Document the members of your go-to-market strategy team in the Go-to-Market Strategy Presentation slide entitled “Our Team.”

Download the Go-To-Market Strategy RACI and Launch Checklist Workbook

1.1.3 Develop a timeline for key milestones

1 hour

Timeline for Key Milestones with row headers 'Go-to-Market Phases', 'Major Milestones', and 'Key Phase Activities'. The phases (each column) and their associated activities are 'PLAN - Create buyer-validated product concept, size opportunity, and build business case', 'BUILD - Build product and enable readiness across the rest of marketing sales and customer success', 'LAUNCH - Release product, launch campaigns, and measure progress toward objectives', and then post-phase is 'MANAGE'. Notes in the 'Major Milestones' row: 'Outline key dates', 'Update with 'Today's Date' as you make progress', and 'Use GTM Plan major milestones or create your own'.

GTM Program Managers:

  1. Will establish key program milestones working collaboratively with the Steering Cmte. and workstream leads.
  2. Outline key ”Market-facing” or external deliverables & dates, as well as internal.
  3. More detailed deliverable plans are called for working with workstream leads.
  4. This high-level overview will be used in regular Steering Cmte. and working team meets
  5. Record in the Go-to-Market Strategy Presentation

Download the Go-to-Market Strategy Presentation Template

1.1.5 Share your GTM strategy vision with your team

1-2 hours

Input: N/A

Output: Team understanding of an effective go-to-market strategy, team roles and responsibilities and initial product and launch concept.

Materials: The Build a More Effective Go-to-Market Strategy Executive Brief

Participants: GTM Program Manager, CMO, Sponsoring executive, Workstream leads

  1. Download the Build a More Effective Go-to-Market Strategy Executive Brief and add the additional slides on Team Composition and Key Milestones you have created in prior steps as appropriate.
  2. Convene the Steering Committee and Working Team and take them through the Build a More Effective Go-to-Market Strategy Executive Brief with your additional slides to:
    1. Communicate team composition, roles and responsibilities, and key GTM Strategy program milestones.
    2. Educate them on what comprises a complete GTM Strategy from the Executive Brief.
  3. Optional: As a SoftwareReviews Advisory client, invite a SoftwareReviews analyst to present the Executive Brief if that is of help to you and your team.

Go to the Build a More Effective Go-to-Market Strategy Executive Brief

GTM program managers and workstream leads will collaborate on detailed project plans

Timeline titled 'Workstreams Status' with a legend of shapes and colors, activities listed as row headers, timeline sections 'EXPLORE', 'DESIGN', 'ALIGN', and 'BUILD', and a column at the end of the timelines for the name of the workstream lead. Notes: 'Change names to actual workstream. Create separate pages for each', 'Overlay colored bars to indicate on/off track', 'Describe major deliverables & due dates', 'Outline major milestones', 'Update with your actual month and week-ending dates', 'Add workstream lead names'.

Program managers will:

  • Outline an overall more detailed way of tracking GTM program workstreams, key dates and on/off track status

Program managers & workstream leads will:

  • Call out each key workstream and workstream lead
  • Outline key deliverables and due dates
  • Track weekly for communicating status to Steering Cmte and working team meetings

Use the Launch Checklist when building out full project plans

Sample Launch Checklist table with project info above, and table columns 'Component', 'Owner', 'Start Date', 'Finish Date', 'G2M Plan', and 'Build'.

Download the Go-to-Market Strategy RACI and Launch Checklist Workbook

Continuous improvement is enabled with a repeatable process
  • With ownership assigned and set-back schedules in place, product marketing and management leaders can take the guesswork out of the GTM plan and build and launch process for the entire team.
  • “Lighter” versions are created for lower-tier releases.
  • Checklists ensure “we haven’t missed anything” and drive clarity among the team.
  • Articulating where we are now and what’s next increases management confidence.
  • Rinse and repeat improves overall quality and drives scale.

1.1.6 Develop a project plan for each workstream

Work with your workstream leads to see them develop a detailed project plan that spans all their deliverables for a GTM Strategy
  1. It’s essential that GTM initiative managers can rely upon workstream leads to provide the status of their respective workstreams in a shared environment for easy weekly updating and reporting.
  2. We suggest the following approach:
    1. GTM initiative managers should maintain a copy of the GTM Strategy Presentation in a shared drive so workstream leads can provide updates.
    2. Workstream leads should work with their GTM initiative manager to populate a version of the workstream tracker shown on the previous slide that enables team status reporting.
    3. Additional slides that actually show “work completed” (e.g. images of assets created, training plans, screen caps of software functionality, etc.) should be reviewed each week as well.
    4. GTM initiative leaders/program managers are advised to summarize the to-date work completed across the team into the Go-To-Market Product and Launch Business Case slides to demonstrate progress to the Steering Committee.
  3. The goal is to keep tracking manageable. Because status is most easily shown during Steering Committee and Working Team meetings using PowerPoint, we recommend a simple approach to program management by using PowerPoint.
Using the Go-to-Market Strategy Presentation:
3-4 hours Initial, 1-2 hours weekly
  1. Work with your workstream leads to create a slide for each workstream that will contain all the key milestones.
  2. Some teams will choose to use project management software, others a PowerPoint representation, which makes for easy presentation during status meets.
  3. Use the following resources:
    • In the Go-to-Market Strategy RACI and Launch Checklist Workbook, reference the Launch Checklist.
    • In the Go-to-Market Presentation, use the Appendix slides and complete for each workstream.
  4. The GTM initiative manager must be able to track status with workstream leads and present status to the rest of the team during Steering Committee and workstream lead meetings.

Download the Go-to-Market Strategy Presentation Template

Download the Go-To-Market Strategy RACI and Launch Checklist Workbook

Step 1.2

Hold Interviews With Sales Then Customers and Prospects to Inform Your Initial Product Concept

Activities
  • 1.2.1 Use the SoftwareReviews Buyer Persona and Journey Interview Guide and Data Capture Tool found within the SoftwareReviews Buyer Persona and Journey blueprint.
  • 1.2.2 Follow the instructions within the above blueprint and hold interviews with Sales and customers and prospects to inform your buyer persona, initial product hypothesis, and buyer journey.
  • 1.2.3 Flush out the initial product and launch concept using the slides found within the Go-to-Market Strategy Presentation Template. You will continually refine the Go-to-Market Strategy Presentation Template such that you turn the Product and Launch descriptions into a business case for product build and launch. We advise you and your team to populate the slides to begin to inform an initial concept, then hold interviews with Sales, customers, and prospects to refine. The best way to capture customer and prospect insights is to use the Buyer Persona and Journey blueprint.

This step will walk you through the following activities:

  • Schedule time with sales/sales advisory to flush out the product concept
  • Develop your customer and prospect interviewee list
  • Consolidate findings for your GTM Strategy program slide deck

This step involves the following participants:

  • Sales/sales advisory, product management, initiative leader (product marketing)
  • Customers and prospects

Outcomes of this step

  • Guidance from sales on product concept
  • Initial guidance from customers and prospective buyers
  • Agreement to proceed further

Phase 1 - Formulate a hypothesis and run discovery on key fundamentals

Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5 Step 1.6 Step 1.7 Step 1.8

Documenting buyer personas enables success beyond marketing

Documenting buyer personas has several essential benefits to marketing, sales, and product teams:
  • Achieve a better understanding of your target buyer – by building a detailed buyer persona for each type of buyer and keeping it fresh, you take a giant step in becoming a customer-centric organization.
  • Align the team on a common definition – will happen when you build buyer personas collaboratively and among teams that touch the customer.
  • Improved lead generation – increases dramatically when messaging and marketing assets across your lead generation engine better resonate with buyers because you have taken the time to understand them deeply.
  • More effective selling – is possible when sellers apply persona development output to their interactions with prospects and customers.
  • Better product-market fit – increases when product teams more deeply understand for whom they are designing products. Documenting buyer challenges, pain points, and unmet buyer needs gives product teams what they need to optimize product adoption.
“It’s easier buying gifts for your best friend or partner than it is for a stranger, right? You know their likes and dislikes, you know the kind of gifts they’ll have use for, or the kinds of gifts they’ll get a kick out of. Customer personas work the same way. By knowing what your customer wants and needs, you can present them with content targeted specifically to those wants and needs.” (Emma Bilardi, Product Marketing Alliance, July 8, 2020)

Buyer persona attributes that need defining

A well defined buyer persona enables us to:

  • Clarify target org-types, identify buying decision makers and key personas, and determine how they make decisions
  • Align colleagues around a common definition of target buyer(s) to drive improvements in messaging and engagement across marketing, sales, and customer success
  • Identify specific asset-types and tools that, when activated within our lead gen engine and in the hands of sellers, helps a buyer move through a decision process
Functional – “to find them”
Job Role Titles Org Chart Dynamics Buying Center Firmographics

Emotive – “what they do and jobs to be done”
Initiatives – What programs/projects the persona is tasked with and what are their feelings and aspirations about these initiatives? Motivations? Build credibility? Get promoted? Challenges – Identify the business issues, problems, and pain points, that impede attainment of objectives. What are their fears, uncertainties, and doubts about these challenges? Buyer need – They may have multiple needs; which need is most likely met with the offering? Terminology – What are the keywords/phrases they organically use to discuss the buyer need or business issue?

Decision Criteria – “how they decide”
Buyer role – List decision-making criteria and power level. The five common buyer roles are champion, influencer, decision maker, user, and ratifier (purchaser/negotiator). Evaluation and decision criteria – The lens, either strategic, financial, or operational, through which the persona evaluates the impact of purchase.

Solution Attributes – “what the ideal solution looks like”
Steps in “Jobs to be Done” Elements of the “Ideal Solution” Business outcomes from ideal solution Opportunity scope – other potential users Acceptable price for value delivered Alternatives that see consideration Solution sourcing – channel, where to buy

Behavioral Attributes – “how to approach them successfully”
Content preferences – List the persona’s content preferences, could be blog, infographic, demo, video, or other, vs. long-form assets (e.g. white paper, presentation, analyst report). Interaction preferences – Which among in-person meetings, phone calls, emails, video conferencing, conducting research via web, mobile, and social. Watering holes – Which physical or virtual places do they go to network or exchange info with peers e.g. LinkedIn, etc.

Buyer journeys are constantly shifting

If you haven’t re-mapped buyer journeys recently, you may be losing to competitors that have. Leaders re-map buyer journeys frequently.
  • The multi-channel buyer journey is constantly changing – today’s B2B buyer uses industry research sites, vendor content marketing assets, software reviews sites, contacts with vendor salespeople, events participation, peer networking, consultants, emails, social media sites, and electronic media to research purchasing decisions.
  • COVID has dramatically decreased face-to-face – we estimate a B2B buyer spent between 20-25% more time online researching software buying decisions in 2021 than they did pre-COVID. This has diminished the importance of face-to-face selling and has given dramatic rise to digital selling and outbound marketing.
  • Content marketing has exploded – but without mapping the buyer journey and knowing where (by channel) and when (which buyer journey step) to offer content marketing assets, we will fail to convert prospects into buyers.

SoftwareReviews Advisory Insight:
Marketers are advised to update their buyer journey annually and with greater frequency when the human vs. digital mix is effected due to events such as COVID, and as emerging media such as Augmented Reality shifts asset-type usage and engagement options.

“Two out of three B2B buyers today prefer remote human interactions or digital self service.

And during August 2020-February 2021, use of digital self service leapt by 10%” (McKinsey & Company, 2021.)

Challenges of not mapping persona and journey

A lack of buyer persona and journey understanding is frequently the root cause of the following symptoms:
  • Lead generation results are way below expectations.
  • Inconsistent product-market fit.
  • Sellers have low success rates doing discovery with new prospects.
  • Website abandonment rates are really high.

These challenges are often attributed to messaging and talk tracks that fail to resonate with prospects and products that fail to meet the needs of targeted buyers.

SoftwareReviews Advisory Insight:
Marketers developing buyer personas and journeys that lack agreement among Marketing, Sales, and Product of personas to target will squander precious time and resources throughout the customer targeting and acquisition process.

“Forty-four percent of B2B marketers have already discovered the power of personas.” (Boardview, 2016.)

1.2.1 Interview Sales and customers/prospects

12 - 15 Hours, over course of 2-3 weeks

Input: Insights from Sellers, Insights from customers and prospects

Output: Completed slides outlining buyer persona, buyer journey, overall product concept, and detailed features and capabilities needed

Materials: Create a Buyer Persona and Journey blueprint, Go-to-Market Strategy Presentation

Participants: Product management lead, GTM Program Manager, Select sellers, Workstream leads that wish to participate in interviews

  1. Using the Create a Buyer Journey and Persona Journey blueprint:
    • Follow the instructions to interview a group of Sellers, and most importantly, several customers and prospects
      • For this stage in the GTM Strategy process, the goal is to validate your initial product and launch concept.
      • We urge getting through all the interview questions with interviewees as the answers inform:
        • Product market fit and Minimal Viable Product
        • Competitive differentiation
        • Messaging, positioning, and campaign targeting
        • Launch campaign asset creation.
    • Place summary findings into the Go-to-Market Strategy Presentation, and for reference, place the Buyer Persona and Journey Summaries into the Go-to-Market Strategy Presentation Appendix.

Download the Go-to-Market Strategy Presentation Template

Download the Create a Buyer Journey and Persona Journey blueprint

Step 1.3

Update Your Product Concept

Activities
  • 1.3.1 Based on Sales and Customer/Prospect interviews, update:
    • Your product concept slide
    • Detailed prioritization of features and capabilities

This step calls for the following activities:

  • Update the product concept slide based on interview findings
  • Update/create the stack-ranking of buyer requested feature and capability priorities

This step involves the following participants:

  • Product management lead
  • GTM initiative leader
  • Select workstream leads who sat in on interview findings

Outcomes of this step

  • Advanced product concept
  • Prioritized features for development during Build phase
  • Understanding of MVP to deliver customer value and deal “wins”

Phase 1 - Formulate a hypothesis and run discovery on key fundamentals

Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5 Step 1.6 Step 1.7 Step 1.8

1.3.1 Update Product and Launch concept

2 Hours

Input: Insights from Sellers, Insights from customers and prospects

Output: Completed slides outlining product concept and detailed features and capabilities needed

Materials: Go-to-Market Strategy Presentation

Participants: Product management lead, GTM Program Manager, Select sellers, Workstream leads that wish to participate in interviews

  1. Using the Go-to-Market Strategy Presentation:
    • With interview findings, update the Product and Launch Concept, Buyer Journey, and Capture Key Features/Capabilities of High Importance to Buyers slides

Download the Go-to-Market Strategy Presentation Template

Product and Launch Concept

At this early stage, summarize findings from concept interviews to guide further discovery, as well as go-to-market concepts and initial campaign concepts in upcoming steps.

Job Function Attributes

Target Persona(s):
Typical Title:
Buying Center/functional area/dept.:

Firmographics:
Industry specific/All:
Industry subsegments:
Sizes (by revenues, # of employees):
Geographical focus:

Emotive Attributes

Initiative descriptions: Buyer description of project/program/initiative. What terms used?

Business issues: What are the business issues related to this initiative? How is this linked to a CEO-level mission-critical priority?

Key challenges: What business/process hurdles need to be overcome?

Pain points: What are the pain points to the business/personally in their role related to the challenges that drove them to seek a solution?

Success motivations: What motivates our persona to be successful in this area?

Solution and Opportunity

Steps to do the job: What are the needed steps to do this job today?

Key features and capabilities: What are the key solution elements the buyer sees in the ideal solution? (See additional detail slide with prioritized features.)

Key business outcomes: In business terms, what value (e.g. cost/time/FTE savings, deals won, smarter, etc.) is expected by implementing this solution?

Other users/opportunities: Are there other users in the role team/company that would benefit from this solution?

Pricing/Packaging

What is an acceptable price to pay for this solution? Based on financial benefits and ROI hurdles, what’s a good price to pay? A high price? What are packaging options? Any competitive pricing to compare?

Alternatives/Competition

What are alternatives to this solution: How else would you solve this problem? Are there other solutions you’ve investigated?

Channel Preferences

Where would it be most convenient to buy?: Direct from provider? Channel partner/reseller? Download from the web?

Decision Criteria Attributes

Decision maker – Role, criteria/decision lens:
User(s) – Role, criteria/decision lens:
Influencer(s) – Role, criteria/decision lens:
Ratifier(s) – Role, criteria/decision lens:

Behavioral Attributes

Interaction preferences: Best way for us to reach this role? Email? At events? Texting? Video calls?

Content types: Which content types (specifics; videos, short blog/article, longer whitepapers, etc.) help us stay educated about this initiative area?

Content sources: What news, data, and insight sources (e.g. specifics) do you use to stay abreast of what’s important for this initiative area?

Update the Go-to-Market Strategy Presentation with findings from Sales and customer/prospect interviews.

Capture key features/capabilities of high importance to buyers

Ask buyers during interviews, as outlined in the Buyer Persona and Journey blueprint, to describe and rate key features by need. You will also review with buyers during the GTM Build phase, so it’s important to establish high priority features now.

Example bar chart for 'Buyer Feature Importance Ratings' where 'Buyer Need' is rated for each 'Feature'.
  • List key feature areas for buyer importance rating.
  • Establish a rating scheme.
      E.g. a rating of:
    • 4.5 or higher = critical ROI driver
    • 3.5 to 4.5 = must haves
    • 2 to 3.5 = nice to have
    • Less than 2 = low importance
  • Have buyers rate each possible feature 0-5 after explaining the rating scheme. Ask – are we missing any key features?
  • Update this slide, found within the Go-to-Market Strategy Presentation, with customer/prospect interview findings.
Perform the same buyer interviews for non-feature “capabilities” such as:
  • Ease of use, security, availability of training, service model, etc. – and other “non-feature” areas that you need for your product hypothesis.

Step 1.4

Size the Product Market Opportunity

Activities
  • 1.3.1 Based on the product concept, size, and the product market opportunity and with a focus on your “Obtainable Market”:
    • Clarify the definitions used to size market opportunity.
    • Source data both internally and externally.
    • Calculate the available, obtainable market for your software product.

This step will walk you through the following activities:

  • Review market sizing definitions and identify required data
  • Identify the target market for your software application
  • Source market and internal data that will support your market sizing
  • Document and validate with team members

This step involves the following participants:

  • GTM initiative leader
  • CMO, select workstream leads

Outcomes of this step

  • Definitions on market sizing views
  • Data sourcing established
  • Market sizing and estimated penetration calculations

Phase 1 - Formulate a hypothesis and run discovery on key fundamentals

Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5 Step 1.6 Step 1.7 Step 1.8

Market opportunity sizing definitions

Your goal is to assess whether or not the opportunity is significantly sized and if you are well positioned to capture it

  1. This exercise is designed to help size the market opportunity for this particular product GTM launch and not the market opportunity for the entire product line or company. First a few market sizes to define:
    1. Penetrated – is your current revenues and can be expressed in your percentage vs. competitors’.
    2. Serviceable Obtainable Market (SOM) – larger than your currently penetrated market, and a percentage of SAM that can realistically be achieved. It accounts for your current limitations to reach and your ability to sell to buyers. It is restricted by your go-to-market ability and reduced by competitive market share. SOM answers: What increased market can we obtain by further penetrating accounts within current geographical coverage and go-to-market abilities and within our ability to finance our growth?
    3. Serviceable Available Market (SAM) – larger than SOM yet smaller than TAM, SAM accounts for current products and current go-to-market capabilities and answers: What if every potential buyer bought the products we have today and via the type of go-to-market (GTM) especially geographical coverage, we have today? SAM calls for applying our current GTM into unpenetrated portions of currently covered customer segments and regions.
    4. Total Available Market (TAM) – larger than SAM, TAM sizes a market assuming we could penetrate other customer segments within currently covered regions without regard for resources, capabilities, or competition. It answers the question: If every potential buyer within our available market – covered regions – bought, how big would the market be?
    5. Total Global Market – estimates market opportunity if all orgs in all segments and regions bought – with full disregard for resources and without the restrictions of our current GTM abilities.
    6. Develop your market opportunity sizing using the Product Market Opportunity Sizing Workbook.

Download the Product Market Opportunity Sizing Workbook

SoftwareReviews Advisory Insight:
Product marketers that size the product market opportunity and account for the limitations posed by competitors, current sales coverage, brand permission, and awareness, provide their organizations with valuable insights into which inhibitors to growth should be addressed.

Visualization of market opportunity sizes as circles within bigger circles, 'Penetrated Market' being the smallest and 'Global Market' being the largest.

1.4.1 Size the product market opportunity

Your goal is two-fold: Determine the target market size, and develop a realistic 12–24 month forecast to support your business case
  1. Open the Product Market Opportunity Sizing Workbook.
  2. Follow the instructions within.
  3. When finished, download the Go-to-Market Strategy Presentation and update the Product Market Opportunity Size slide with your calculated Product Market Opportunity Size.

Download the Product Market Opportunity Sizing Workbook

Download the Go-to-Market Strategy Presentation Template

“Segmentation, targeting and positioning are the three pillars of modern marketing. Great segmentation is the bedrock for GTM success but is overlooked by so many.” (Product Marketing Alliance)

Step 1.5

Outline Digital and Tech Requirements

Activities

Designing your go-to-market strategy does not require a robust customer experience management (CXM) platform, but implementing your strategy during the next steps of Go-to-Market – Build then Launch – certainly does.

Review info-Tech’s CXM blueprint to build a more complete, end-to-end customer interaction solution portfolio that encompasses CRM alongside other critical components.

The CXM blueprint also allows you to develop strategic requirements for CRM based on customer personas and external market analysis called for during your GTM Strategy design.

Diagram of 'Customer Relationship Management' surrounded by its components: 'Web Experience Management Platform', 'E-Commerce & Point-of-Sale Solutions', 'Social Media Management Platform', 'Customer Intelligence Platform', 'Customer Service Management Tools', and 'Marketing Management Suite'.

These steps outlined in the CXM blueprint, will help you:

  • Assess your CRM application(s) and the environment in which they exist. Take a business-first strategy to prioritize optimization efforts.
  • Validate CRM capabilities, user satisfaction, issues around data, vendor management, and costs to build out an optimization strategy
  • Pull this all together to develop a prioritized optimization roadmap.

This step involves the following participants:

  • Marketing Operations, Digital, IT
  • Project workstream leads as appropriate

Outcomes of this step

  • After inquiries with appropriate analysts, client will be able to assess what new application and technology support is required to support Go To Market process.

Phase 1 - Formulate a hypothesis and run discovery on key fundamentals

Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5 Step 1.6 Step 1.7 Step 1.8

Step 1.6

Identify features and capabilities that will drive competitive differentiation

Activities
  • 1.6.1 Hold a session with key stakeholders including sales, customer success, product, and product marketing to develop a hypothesis of features and capabilities vs. competitors: differentiators, parity areas, and gaps (DPG).
  • Optional for clients with buyer reviews and key competitive reviews within target product category:
    • 1.6.2 Request from SoftwareReviews a 2X2 Matrix Report of Importance vs. Satisfaction for both features and capabilities within your product market/category to identify areas of competitive DPG.
    • 1.6.3 Hold an Inquiry with covering ITRG analysts in your product category to have them validate key areas of competitive DPG.
  • 1.6.4 Document competitive DPG and build out your hypothesis for product build as you ready for customer interviews to validate that hypothesis.

This step will provide processes to help you:

  • Understand and document competitive differentiation, parity, and gaps

This step involves the following participants:

  • Project workstream leads in product marketing, competitive intelligence, product management, and customer success

Outcomes of this step

  • Develop a clear understanding of what differentiated capabilities to promote, which parity items to mention in marketing, and which areas are competitive gaps
  • Develop a hypothesis of what areas need to be developed during the Build phase of the Go-to-Market lifecycle

Phase 1 - Formulate a hypothesis and run discovery on key fundamentals

Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5 Step 1.6 Step 1.7 Step 1.8

Assess current capabilities and competitive differentiation vs. buyer needs

Taking buyer needs ratings from step 1.3, assess your current and key competitive capabilities against buyer needs for both feature and non-feature capabilities. Incorporate into your initial product hypothesis.

Example bar chart for 'Competitive Differentiation, Parity and Gaps – Features' comparing ratings of 'Buyer Need', 'Our Current Capabilities', and 'Competitive Capabilities' for each 'Feature'.

  • Rank features in order of buyer need from step 1.3.
  • Prioritize development needs where current capabilities are rated low. Spot areas for competitive differentiation especially in high buyer-need areas.
Perform the analysis for non-feature capabilities such as:
  • ease of use
  • security
  • availability of training
  • service model

Optional: Validate feature and capability importance with buyer reviews

Request from your SoftwareReviews Engagement Manager the “Importance vs. Satisfaction” analysis for your product(s) feature and non-feature capabilities under consideration for your GTM Strategy

Satisfaction
Fix Promote
Importance

Low Satisfaction
High Importance

These features are important to their market and will highlight any differentiators to avoid market comparison.

High Satisfaction
High Importance

These are real strengths for the organization and should be promoted as broadly as possible.

Low Satisfaction
Low Importance

These features are not important for the market and are unlikely to drive sales if marketing material focuses on them. Rationalize investment in these areas.

High Satisfaction
Low Importance

Features are relatively strong, so highlight that these features can meet customer needs
Review Maintain

Overall Category Product Feature Satisfaction Importance

  • Importance is based on how strongly satisfaction for a feature of a software suite correlates to the overall Likeliness to Recommend
  • Importance is relative – low scores do not necessarily indicate the product is not important, just that it’s not as important as other features

(Optional for clients with buyer reviews and key competitive reviews within target product category.)

Optional: Feature importance vs. satisfaction

Example: ERP “Vendor A” ratings and recommended key actions. Incorporate this analysis into your product concept if updating an existing solution. Have versions of the below run for specific competitors.

Importance vs. Satisfaction map for Features, as shown on the previous slide, but with examples mapped onto it using a legend, purple squares are 'Enterprise Resource Planning' and green triangles are 'Vendor A'.

Features in the “Fix” quadrant should be addressed in this GTM Strategy cycle.

Features in the “Review” quadrant are low in both buyer satisfaction and importance, so vendors are wise to hold on further investments and instead focus on “Fix.”

Features in the “Promote” quadrant are high in buyer importance and satisfaction, and should be called out in marketing and selling.

Features in the “Maintain” quadrant are high in buyer satisfaction, but lower in importance than other features – maintain investments here.

(Optional for clients with buyer reviews and key competitive reviews within target product category.)

Optional: Capabilities importance vs. satisfaction

Example: ERP “Vendor A” capabilities ratings and recommended key actions. Incorporate this analysis into your product concept for non-feature areas if updating an existing solution. Have versions of the below run for specific competitors.

Importance vs. Satisfaction map for Capabilities with examples mapped onto it using a legend, purple squares are 'Enterprise Resource Planning' and green triangles are 'Vendor A'.

Capabilities in the “Fix” quadrant should be addressed in this GTM Strategy cycle.

Capabilities in the “Review” quadrant are low in both buyer satisfaction and importance, so vendors are wise to hold on further investments and instead focus on “Fix.”

Capabilities in the “Promote” quadrant are high in buyer importance and satisfaction, and should be called out in marketing and selling.

Capabilities in the “Maintain” quadrant are high in buyer satisfaction, but lower in importance than other features – maintain investments here.

(Optional for clients with buyer reviews and key competitive reviews within target product category.)

Develop a competitively differentiated value proposition

Combining internal competitive knowledge with insights from buyer interviews and buyer reviews; establish which key features that will competitively differentiate your product when delivered

Example bar chart for 'Competitive Differentiation, Parity and Gaps – Features and Capabilities' comparing ratings of 'Your Product' and 'Competitor A' with high buyer importance at the top, low at the bottom, and rankings of each 'Differentiator', 'Parity', and 'Gap'.

  • Identify what buyers need that will differentiate your product features and company capabilities from key competitors.
  • Determine which features and company capabilities, ideally lower in buyer importance, can achieve/maintain competitive parity.
  • Determine which features and company capabilities, ideally much lower in buyer importance, that can exist in a state of competitive gap.

Step 1.7

Select the Most Effective Routes to Market

Activities
  • 1.7.1 Understand a framework for deciding how to approach evaluating each available channel including freemium/ecommerce, inside sales, field sales, and channel partner.
  • 1.7.2 Gather data that will inform option consideration.
  • 1.7.3 Apply to decision framework and present to key stakeholders for a decision.

This step will provide processes to help you:

  • Understand the areas to consider when choosing a sales channel
  • Support your decision by making a specific channel recommendation

This step involves the following participants:

  • Project workstream leads in Sales, Sales Operations, Product Marketing, and Customer Success

Outcomes of this step

  • Clarity around channel choice for this specific go-to-market strategy cycle
  • Pros and cons of choices with rationale for selected channel

Phase 1 - Formulate a hypothesis and run discovery on key fundamentals

Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5 Step 1.6 Step 1.7 Step 1.8

Your “route-to-market” – channel strategy

Capture buyer channel preferences in Step 1.3, and research alternatives using the following framework

Inside vs. Field Sales – Selling software during COVID has taught us that you can successfully sell software using virtual conferencing tools, social media, the telephone, and even texting and webchat – so is the traditional model of field/territory-based sellers being replaced with inside/virtual sellers who can either work at home, or is there a benefit to being in the office with colleagues?

Solutions vs. Individual Products – Do your buyers prefer to buy a complete solution from a channel partner or a solutions integrator that puts all the pieces together, and can handle training and servicing, for a more complete buyer solution?

Channel Partner vs. Build Sales Force – Are there channel partners that, given your product is targeting a new buyer with whom you have no relationship, can leverage their existing relationships, quicken adoption of your products, and lower your cost of sales?

Fully Digital – Is your application one where users can get started for free then upgrade with more advanced features without the use of a field or inside sales person? Do you possess the e-commerce platform to support this?

While there are other considerations beyond the above to consider, decide which channel approach will work best for this GTM Strategy.

Flowchart on how to capture 'Buyer Channel Preferences' with five possible outcomes: 'Freemium/e-commerce', 'Use specified channel partner', 'Establish channel partner', 'Use Inside Sales', and 'Use Field Sales'.

Channel Partnerships are Expanding

“One estimate is that for every dollar a firm spends on its SaaS platform, it spends four times that amount with systems integrators and other channel partners.

And as technologies are embedded inside other products, services, and solutions, effective selling requires more partners.

Salesforce, for example, is recruiting thousands of new partners, while Microsoft is reportedly adding over 7,000 partners each month.” (HBR, 2021)

Step 1.8

Craft an Initial GTM Strategy Presentation for Executive Review and Status Check

Activities
  • 1.8.1 Finalize the set of slides within the Go-to-Market Strategy Presentation that best illustrates the many key findings and recommended decisions that have been made during the Explore phase of the GTM Strategy.
    • Test whether all key deliverables have been created, especially those that must be in place in order to support future phases and steps.
    • Schedule a Steering Committee meeting and present your findings with the goal to gain support to proceed to the Design phase of GTM Strategy.

This step will provide processes to help you:

  • Work with your colleagues to consolidate the findings from Phase 1 of the GTM Strategy
  • Create a slide deck with your colleagues for presentation to the Steering Committee to gain approvals to proceed to Phase 2

This step involves the following participants:

  • Project workstream leads in Sales, Sales Operations, Product Marketing, and Customer Success
  • Steering Committee

Outcomes of this step

  • Slide deck to present to the Steering Committee
  • Approvals to move to Phase 2 of the GTM Strategy

Phase 1 - Formulate a hypothesis and run discovery on key fundamentals

Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5 Step 1.6 Step 1.7 Step 1.8

1.8.1 Build your GTM Strategy deck for Steering Committee approval

  1. As you near completion of the Go-to-Market Strategy Phase, Explore Step, an important test to pass before proceeding to the Design step of GTM Strategy, is to answer several key questions:
    1. Have you properly sized the market opportunity for the focus of this GTM cycle?
    2. Have you defined a unique value proposition of what buyers are looking for?
    3. And have you aligned stakeholders on the target customer persona and flushed out an accurate buyer journey?
  2. If the answer is “no” you need to return to these steps and ensure completion.
  3. Pull together a summary review deck, schedule a meeting with the Steering Committee, present to-date findings for approval to move on to Phase 2.

Download the Go-to-Market Strategy Presentation Template

Sample of the 'PLAN' section of the GTM Strategy optimization diagram with 'GTM Explore Review' circled in red.

The presentation you create contains:

  • Team composition and roles and responsibilities
  • Steps in overall process
  • Goals and objectives
  • Timelines and work plan
  • Initial product and launch concept
  • Buyer persona and journey
  • Competitive differentiation
  • Channel strategy

Build a More Effective Go-to-Market Strategy

Phase 2

Design your initial product and business case

Phase 1

1.1 Select Steering Cmte/team, build aligned vision for GTM

1.2 Buyer personas, journey, initial messaging

1.3 Build initial product hypothesis

1.4 Size market opportunity

1.5 Outline digital/tech requirements

1.6 Competitive SWOT

1.7 Select routes to market

1.8 Craft GTM Strategy deck

Phase 2

2.1 Brand consistency check

2.2 Formulate packaging and pricing

2.3 Craft buyer-valid product concept

2.4 Build campaign plan and targets

2.5 Develop cost budgets across all areas

2.6 Draft product business case

2.7 Update GTM Strategy deck

Phase 3

3.1 Assess tech/tools support for all GTM phases

3.2 Outline sales enablement and Customer Success plan

3.3 Build awareness plan

3.4 Finalize business case

3.5 Final GTM Plan deck

This phase will walk you through the following activities:

  • Branding consistency check
  • Formulate packaging and pricing
  • Craft buyer-validated product concept
  • Build initial campaign plan and targets
  • Develop budgets for creative, content, and media purchases
  • Draft product business case
  • Update GTM Strategy deck

This phase involves the following stakeholders:

  • Steering Committee
  • Working group leaders

To complete this phase, you will need:

Go-to-Market Strategy Presentation TemplateGo-to-Market Strategy RACI and Launch Checklist WorkbookBuyer Persona and Journey blueprintGo-to-Market Strategy Cost Budget and Revenue Forecast Workbook
Sample of the Go-to-Market Strategy Presentation Template deliverable.Sample of the Go-to-Market Strategy RACI and Launch Checklist Workbook deliverable.Sample of the Buyer Persona and Journey blueprint deliverable.Sample of the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook deliverable.
Use the Go-to-Market Strategy Presentation Template to document the results from the following activities:
  • Documenting your GTM strategy stakeholders
  • Documenting your GTM strategy working team
Use the Go-to-Market Strategy RACI and Launch Checklist Workbook to:
  • Review the scope of roles and responsibilities required
  • Document the roles and responsibilities of your teams
Use the Buyer Persona and Journey blueprint to:
  • Interview sales and customers/prospects to inform product concepts, understand persona and later, flesh out buyer journeys
Use the Go-to-Market Cost Budget and Revenue Forecast Workbook to:
  • Tally budgets from across key functions involved in GTM Strategy
  • Compare with forecasted revenues to assess gross margins

Step 2.1

Compare Emerging Messaging and Positioning With Existing Brand for Consistency

Activities

Share messaging documented with the buyer journey with branding/creative and/or Marketing VP/CMO to ensure consistency with overall corporate messaging. Use the “Brand Diagnostic” on the following slide as a quick check.

For those marketers that see the need for a re-brand, please:
Download the Go-to-Market Strategy Presentation Template

Later during the Build phase of GTM, marketing assets, digital platforms, sales enablement, and sales training will be created where actual messaging can be written with brand guidelines aligned.

This step is to assess whether you we need to budget extra funds for any rebranding.

This step will walk you through the following activities:

  • After completing the buyer journey and identifying messaging, test with branding/CMO that new messaging aligns with current:
    • Company positioning
    • Messaging
    • Brand imagery

This step involves the following participants:

  • Project lead
  • Product marketing
  • Branding/creative
  • CMO

Outcomes of this step

  • Check – Y/N on brand alignment
  • Adjustments made to current branding or new product messaging to gain alignment

Phase 2 – Validate designs with buyers and solidify product business case

Step 2.1 Step 2.2 Step 2.3 Step 2.4 Step 2.5 Step 2.6 Step 2.7

Brand identity

Re-think tossing a new product into the same old marketing engine. Ask if your branding today and on this new offering needs help.

If you answer “no” to any of the following questions, you may need to re-think your brand. Does your brand:

  • recognize buyer pain points and convey clear pain-relief?
  • convey unique value that is clearly distanced from key competitors?
  • resonate with how target personas see themselves (e.g. rebellious, intelligent, playful, wise, etc.) and convey the “feeling” (e.g. relief, security, confidence, inspiration, etc.) buyers seek?
  • offer proof points via customer testimonials (vs. claimed value)?
  • tell a truly customer-centric story that is all about them (vs. what you want them to know about you)?
  • use words (e.g. quality, speed, great service, etc.) that equate to how buyers actually see you? Is your tone of voice going to resonate with your target buyer?
  • present in a clean, simple, and truly unique way? And will your brand identity stand the test of time?
  • represent feedback gleaned from prospects as well as customers?

“Nailing an impactful brand identity is a critical part of Growth Marketing.

Without a well-crafted and maintained brand identity, your marketing will always feel flat and one-dimensional.” (Lean Labs, 2021)

Step 2.2

Formulate Packaging and Pricing

Activities
  • 2.2.1 Leverage what was learned in Phase 1 from buyer interviews to create an initial packaging and initial pricing approach.
    • Packaging success is driven by knowing what the buyer values are, how newly proposed functionality may work with other applications, and how well the buyer(s) work in teams.
    • Develop pricing using cost-plus, value/ROI, and competitive/market pricing comparisons.

This step will walk you through the following activities:

  • Approaches to establishing price points for software products
  • Checking if pricing supports emerging product revenue plan

This step involves the following participants:

  • Project lead
  • Product Marketing
  • Product Management
  • Pricing (if a function)

Outcomes of this step

  • Pricing that is validated through buyer interviews and consistent with overall company pricing guardrails
  • Packaging that can be delivered

Phase 2 – Validate designs with buyers and solidify product business case

Step 2.1 Step 2.2 Step 2.3 Step 2.4 Step 2.5 Step 2.6 Step 2.7

2.2.1 Formulate packaging and pricing

Goal: Incorporate buyer benefits into your MVP that delivers the buyer value that compels them to purchase and drives the business case

  1. Leverage findings from buyer interviews and feature prioritization found in Step 1.3 to arrive at initial feature inclusion.
  2. Leverage feedback from customer interviews and competitive pricing analysis to arrive at an initial target price offer.
  3. Go to the Go-to-Market Strategy Presentation and use the slides labeled “Go-to-Market Strategy, Overall Project Plan.”

Download the Go-to-Market Strategy Presentation Template

Refer to the findings from buyer persona interviews

Sample of the Buyer Persona and Journey blueprint deliverable.

Step 2.3

Build a Buyer-Validated Product Concept

Activities
  • 2.2.1 Add to your initial product concept from Phase 1, the pricing and packaging approach.
    • Take the concept out to buyers to get their feedback – not on UX design, that will come later, but to ensure the value is clear to the buyers, and to raise confidence in the product concept.
    • As with previous customer and prospect interviews, use the Buyer Persona and Journey blueprint with its accompanying interview guide and focus on the product related questions.
    • Generate your slides to present and discuss with buyers, capture feedback, and refine the product concept.

This step will walk you through the following activities:

  • Hold buyer interviews to review the product design
  • Validate concept and commercial variables – not UX design, that comes later

This step involves the following participants:

  • Project lead
  • Product Marketing
  • Product Management

Outcomes of this step

  • Customer validated product concept that meets the business plan

Phase 2 – Validate designs with buyers and solidify product business case

Step 2.1 Step 2.2 Step 2.3 Step 2.4 Step 2.5 Step 2.6 Step 2.7

2.3.1 The best new product hypothesis doesn’t always come from your best customers

Goal: Validate your product concept and business case

  1. Key areas to validate during product concept feedback:
    1. Feature/capability-build priorities – Which set of features and capabilities (i.e. service model, etc.) must be delivered in a minimum viable product (MVP) that delivers unique and competitively differentiating buyer value so we have win rates that support the business case?
    2. Packaging/Pricing – Are their features/capabilities that are not in base offering but offered as add-ons or not at all? Are their different packaging options that must be delivered given different customer segments and appropriate price points? (E.g. a small- to-medium sized business (SMB) version, Freemium, or Basic vs. Premium offerings?
    3. Routes to Market/Channel – Ensure you validate your channel strategy as work/effort will be needed to arrive at channel sales and marketing enablement.

Download the Go-to-Market Strategy Presentation Template

“Innovation opportunities almost always come from understanding a company’s worst customers or customers it doesn’t serve” (Harvard Business School Press, 1997)

2.3.2 How your prospects buy will inform upcoming campaign design

Goal: During product validation interviews, further validate the buyer journey to identify asset types to be created/sourced for launch campaign design

  1. Leverage findings from buyer interviews with a focus on buyer journey questions/answers found in Step 1.3 and further validated during product concept feedback in step 2.3.
  2. Your goal is to uncover the following key areas (see next slide for illustration):
    1. Validate the steps buyers take throughout the buyer journey – when you validate buyer steps and what the buyer is doing and thinking as they make a buying decision determines if you are supporting the right process.
    2. Validate the human vs. non-human/digital interaction type for each step – this determines whether your lead gen engine or your salesforce (or channel partner) will deliver the marketing assets and sales collateral.
    3. Describe the asset-types most valued by buyers during each step – this will provide the guidance your demand gen/field marketers need to either work with product marketing and creative to design and build, or source the right marketing asset and sales collateral for your lead gen engine and to support sales enablement.
    4. Identify which channels – this will give your digital team the guidance they need to design the “where” to place the assets within your lead gen engine. Feedback from customer interviews and competitive pricing analysis to arrive at an initial target price for offering is shown on the next slide.
  3. Use the Go-to-Market Strategy Presentation to complete the buyer journey slide with key findings.

Download the Go-to-Market Strategy Presentation Template

Refer to the findings from buyer persona interviews

Sample of the Buyer Persona and Journey blueprint deliverable.

Answers you need to map buyer journey

Your buyer interviews – whether during earlier steps or here during product concept validation – will give specific answers to all areas in green text below. Understanding channels, asset-types, and crafting your key messaging are essential for next steps.

Table outlining an example buyer's journey with fields in green text that are to be to replaced with answers from your buyer interviews.

Step 2.4

Build Your Initial Campaign Plan and Targets

Activities
  • 2.4.1. While product management and marketing is working on the business case, the campaign team is designing their launch campaign.
  • Expand from the product concept and build out the entire launch campaign identifying dates, CTA’s, channels, and asset types needed that will be built during the Build phase.

This step will walk you through the following activities:

  • Outline deployment plan of activities and outcomes
  • Draw up specs for needed assets, web-page changes, emails, target segments, and targets for leads generated

This step involves the following participants:

  • Project lead
  • Field Marketing
  • Product Marketing

Outcomes of this step

  • The initial draft of the campaign plan that outlines multichannel activities, dates, and assets that need to be sourced and/or created

Phase 2 – Validate designs with buyers and solidify product business case

Step 2.1 Step 2.2 Step 2.3 Step 2.4 Step 2.5 Step 2.6 Step 2.7

2.4.1 Document your campaign plan

2 hours

On the following Awareness and Lead Gen Engine slide:
  1. Tailor the slide to describe your lead generation engine as you will use it when you get to latter steps to describe the activities in your lead gen engine and weigh them for go-to-market strategy.
  2. Use the template to see what makes up a typical lead gen and awareness building engine to see what you may be missing, as well as to record your current engine “parts.”
    • Note: The “Goal” image in upper right is meant as a reminder that marketers should establish a goal for Sales Qualified Leads (SQL’s) delivered to field sales for each campaign.

On the Product and Launch Concept slides:

  1. Update the slides with findings from 2.3 and 2.4.

Download the Go-to-Market Strategy Presentation Template

“Only 32% of marketers – and 29% of B2B marketers – said the process of planning campaigns went very well. Just over half were sure they had selected the right business goal for a given marketing project and only 42% were confident they identified the right audience – which is, of course, a critical determinant for achieving success.” (MIT Sloan Management Review)

Launch campaign

Our Goal for [Campaign name] is to generate X SQL’s

Flowchart of the steps to take when a campaign is launched, from 'Organic Website Visits' and 'Go Live' to future 'Sales Opportunities'. A key is present to decipher various icons.

Awareness

PR/EXTERNAL COMMS:

Promote release in line with company story

  • [Executive Name] interview with [Publication Y] on [Launch Topic X] – Mo./Day
  • Press Release on new enhancements – Mo./Day
  • [Executive Name] interview with [Publication Z] on [Launch Topic X] – Mo./Day
ANALYST RELATIONS:

Receive analyst feedback pre-launch and brief with final releases messaging/positioning

  • Inquiry with [Key Analysts] on [Launch Topic X] – Mo./Day, pre launch
  • Press Release shared on new enhancements – Launch day minus two days
  • Analyst briefing with [Key Analysts] on [Launch Topic X] – Launch day minus two days

Download the Go-to-Market Strategy Presentation Template

2.4.2 Campaign targets

Goal: Establish a Marketing-Influenced Win target that will be achieved for this launch

We advise setting a target for the launch campaign. Here is a suggested approach:
  1. Understand what % of all sales wins are touched by marketing either through first or last touch attribution. This is the % of Marketing-Influenced Wins (MIWs).
  2. Determine what sales wins are needed to attain product revenue targets for this launch.
  3. Apply the actual company MIW % to the number of deals that must be closed to achieve target product launch revenues. This becomes the MIW target for this launch campaign.
  4. Then, using your average marketing funnel conversion rates working backwards from MIWs to Opportunities, Sales Accepted Leads (SALs), Sales Qualified Leads (SQLs), Marketing Qualified Leads (MQLs), up to website visits.
  5. Update the slides with findings from 2.3 and 2.4.

Download the Go-to-Market Strategy Presentation Template

“Marketing should quantify its contribution to the business. One metric many clients have found valuable is Marketing Influenced Wins (MIW). Measured by what % of sales wins had a last-touch marketing attribution, marketers in the 30% – 40% MIW range are performing well.” (SoftwareReviews Advisory Research)

Step 2.5

Develop Initial Budgets Across All Areas

Activities
  • 2.5.1 Use the Go-to-Market Budget Workbook and work with your workstream leads.
    • Capture the costs associated with this GTM Strategy and Launch.
    • Summarize your GTM budget in the Go-to-Market Strategy Presentation, including the details behind the gross margin calculation for your GTM Strategy/campaign if required.

This step will walk you through the following activities:

  • Field marketing, product marketing, creative, others to identify the specific budget elements needed for this campaign/launch

This step involves the following participants:

  • Project lead
  • Field Marketing
  • Product Marketing
  • Branding/creative

Outcomes of this step

  • The initial marketing budget for this campaign/launch

Phase 2 – Validate designs with buyers and solidify product business case

Step 2.1 Step 2.2 Step 2.3 Step 2.4 Step 2.5 Step 2.6 Step 2.7

Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

2.5.1 Develop your GTM Strategy/product launch campaign budget

Goal: Work with your workstream leads to identify all incremental costs associated with this GTM strategy and product launch

  1. Use the Go-to-Market Budget Workbook and adjust to include the areas that are identified by your workstream leads as being applicable to this GTM Strategy and Launch.
    • These should be incremental costs to normal operating and capital budgets and those areas that are fully approved for inclusion by your Steering Committee/Sponsoring Executive.
  2. Begin to Catalog all applicable costs to include all key areas such as:
    • Technology costs for internal use (typically from Marketing Ops), and “core” to product technology costs working with the product team
    • Channel marketing programs, agency (e.g. branding, naming, web design, SEO, content marketing, etc.), T&E, paid media, events, marketing assets, etc.
  3. Note that in the Align Step – Step 3, you will see your workstream leads each develop their individual contributions to both the launch plan as well a budget.

  4. Summarize your initial GTM budget findings in the Go-to-Market Strategy Presentation, including the details behind the gross margin calculation for your GTM Strategy/campaign if required. Again, you will flush out the final costs within each workstream areas in Phase 3, ”Align.”

Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

Download the Go-to-Market Strategy Presentation Template

Step 2.6

Draft Initial Product Business Case

Activities
  • 2.6.1 Here’s where you begin to pull together all the essential elements of your final business case.
    • For many organizations that require a view of return on investment, you will begin here to shape the key elements that your organization requires for a complete business case to go ahead with the needed investments.
    • The goal is to compare estimated costs to estimated revenues to ensure acceptable margins will be delivered for this GTM strategy/product launch.
    • The culmination of work to get to this calculation will continue through Phase 3; however, the following slide illustrates the kind of visualization that will be possible with our approach.

This step will walk you through the following activities:

  • A product revenue forecast is created, alignment with sales/sales targets is created for a minimum viable product (MVP) that meets the buyer’s needs at the price point established/validated

This step involves the following participants:

  • Project lead
  • Product management
  • Product marketing
  • Sales leadership

Outcomes of this step

  • The important measures of:
    • Product revenue forecast
    • Supported MVP features

Phase 2 – Validate designs with buyers and solidify product business case

Step 2.1 Step 2.2 Step 2.3 Step 2.4 Step 2.5 Step 2.6 Step 2.7

Gross Margin Estimates – part of a complete product business case

Your goal: Earn more than you spend! This projection of estimated gross margins should be part of your product launch business case. The GTM initiative lead and workstream leads are charged with estimating incremental costs, and product and sales must work together on the revenue forecast.

Net Return

We estimate our 12 month gross profit to be ….

Quarterly Revenues

Based on sales forecast, our quarterly/monthly revenues are ….

Estimated Expenses

Incremental up-front costs are expected to be ….

Example 'P&L waterfall for Product X Launch' with notes. Green bars are 'Increase', red bars are 'Decrease', and blue bars are 'Total'. Red bar note: 'Your estimated incremental up-front costs', Green bar note: 'Your estimated net incremental revenues vs. costs', Blue bar note: 'Your estimated net gross profit for this product launch and campaign', 'END' note: 'Extend for suitable period'.

2.6.1 Develop your initial product business case

Goal: Focused on the Product Concept areas related to product Market Fit, Buyer Needs and Market Opportunity, Product Managers will summarize in order to gain approval for Build

  1. Using the Go-to-Market Strategy Presentation, product managers should ensure the product concept slide(s) support the rationale to move to Build phase. Key areas include:
    1. Adequate market opportunity size – that is worth the incremental investment
    2. Acceptable costs/investment to pursue the opportunity – design, creative services for branding, web design, product naming, asset creation, copywriting, translation services not available in-house
    3. Well-defined product market fit – review buyer interviews that identify buyer pain points and ideas that will deliver needed business value
    4. Buyer-validated commercials – buyer-validated pricing and packaging
    5. Product development budget and staffing support to build viable MVP & beyond roadmap – development budget and staffing is in place/budgeted to deliver MVP by target date and continue to ensure attainment of product revenue targets
    6. Unique product value proposition that is competitively differentiated – to drive acceptable win rates
    7. Product Sales Forecast – that when compared to costs meets company investment hurdle rates
    8. Sales Leadership support for achieving sales forecast and supported sales/channel resourcing plan – sales leadership has taken on forecasted revenues as an incremental sales quota and has budget for additional hiring, enablement, and training for attainment.
  2. Go to the Go-to-Market Strategy Presentation and complete the slides summarizing these key areas that support the business case for the next phases of Build and Launch.

Product Business Case Checklist:

  • Acceptably large enough product market opportunity
  • Well-defined competitive differentiation
  • Buyer-validated product-market fit
  • Buyer-validated and competitive commercials (i.e. pricing, packaging)
  • An MVP with roadmap that aligns to buyer needs and buyer-validated price points
  • A 24–36 month sales forecast with CRO sign-up and support for attainment
  • Costs of launch vs. forecasted revenues to gauge gross margins

Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

Download the Go-to-Market Strategy Presentation Template

Step 2.7

Update the GTM Strategy Presentation Deck for Executive Review and Sign-off

Activities
  • 2.7.1 Update the deck with Phase 2 findings culminating in the business case.

This step will walk you through the following activities:

  • Drop into the GTM Strategy deck the summary findings from the team’s work
  • Write an executive summary that garners executive support for needed funds, signed-up-for sales targets, agreed upon launch timing
  • Steering Committee alignment on above and next steps

This step involves the following participants:

  • Project lead
  • Steering Committee
  • Workstream leads

Outcomes of this step

  • Executive support for the GTM Strategy plan and approval to proceed to Phase 3

Phase 2 – Validate designs with buyers and solidify product business case

Step 2.1 Step 2.2 Step 2.3 Step 2.4 Step 2.5 Step 2.6 Step 2.7

2.7.1 Update your GTM Strategy deck for Design Steering Committee approval

  1. As you near completion of the Go-to-Market Strategy Phase – Design Step, while your emerging business case is important, it will be finalized in the Align Step.
  2. An important test to pass before proceeding to the Align step of the GTM Strategy, is to answer several key questions:
    1. Have you validated the product value proposition with buyers?
    2. Is the competitive differentiation clear for this offering?
    3. Did Sales support the business case by signing up for the incremental quota?
    4. Has product defined an MVP that aligns with the buyer value needed to drive purchases?
    • If the answer is “no” you need to return to these steps and ensure completion
  3. Pull together a summary review deck, schedule a meeting with the Steering Committee, and present to-date findings for approval to move onto Phase 3.

Download the Go-to-Market Strategy Presentation Template

Sample of the 'PLAN' section of the GTM Strategy optimization diagram with 'GTM Design Review' circled in red.

The presentation you create contains:

  • Timelines and a work plan
  • Expanded product concept to include your packaging and pricing approach
  • Feedback from buyers on validated product concept especially commercial elements
  • Expanded campaign plan and marketing budget
  • Initial product business case

Build a More Effective Go-to-Market Strategy

Phase 3

Align stakeholder plans to prep for build

Phase 1

1.1 Select Steering Cmte/team, build aligned vision for GTM

1.2 Buyer personas, journey, initial messaging

1.3 Build initial product hypothesis

1.4 Size market opportunity

1.5 Outline digital/tech requirements

1.6 Competitive SWOT

1.7 Select routes to market

1.8 Craft GTM Strategy deck

Phase 2

2.1 Brand consistency check

2.2 Formulate packaging and pricing

2.3 Craft buyer-valid product concept

2.4 Build campaign plan and targets

2.5 Develop cost budgets across all areas

2.6 Draft product business case

2.7 Update GTM Strategy deck

Phase 3

3.1 Assess tech/tools support for all GTM phases

3.2 Outline sales enablement and Customer Success plan

3.3 Build awareness plan

3.4 Finalize business case

3.5 Final GTM Plan deck

This phase will walk you through the following activities:

  1. Assess tech/tools support for all GTM phases
  2. Map lead generation plan
  3. Outline Customer Success plan
  4. Build awareness plan (PR/AR, etc.)
  5. Finalize product business case
  6. Final GTM planning deck and Steering Committee review

This phase involves the following stakeholders:

  • Steering Committee
  • Working group leaders

To complete this phase, you will need:

Go-to-Market Strategy Presentation Template Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook
Sample of the Go-to-Market Strategy Presentation Template deliverable. Sample of the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook deliverable.
Use the Go-to-Market Strategy Presentation Template to document the results from the following activities:
  • Documenting your GTM Strategy Stakeholders
  • Documenting your GTM Strategy Working Team
Use the Go-to-Market Cost Budget and Revenue Forecast Workbook to:
  • Tally budgets from across key functions involved in the GTM Strategy
  • Compare with forecasted revenues to assess gross margins

Step 3.1

Assess Technology and Tools Support for Your GTM Strategy as Well as Future Phases of GTM

Activities
  • 3.1.1 Have Marketing Operations document what tech stack improvements are required in order to get the team to a successful launch. Understand costs and implementation timelines and work it into the Go-to-Market Budget Workbook.

This step will walk you through the following activities:

  • After completing your initial survey in Step 1, complete requirements building for needed technology and tools acquisition/upgrade in campaign management, sales opportunity management, and analytics.

This step involves the following participants:

  • Project lead
  • Marketing operations/digital
  • IT

Outcomes of this step

  • Build a business requirement against which to evaluate new/upgraded vendor tools to support the entire GTM process

Phase 3 – Align functional plans with a compelling business case for product build

Step 3.1 Step 3.2 Step 3.3 Step 3.4 Step 3.5

3.1.1 Technology plan and investments

Goal: Outline the results of our analysis and Info-Tech analyst guidance regarding supporting systems, tools, and technologies to support our go-to-market strategy

  1. Plans, timings, and incremental costs related to, but not limited to, the following apps/tools/technologies:
    1. Lead management/Marketing automation
    2. Marketing analytics
    3. Sales Opportunity Management System (OMS) and Configure, Price, and Quote (CPQ) applications
    4. Sales engagement
    5. Sales analytics
    6. Customer service and support/Customer interaction hub
    7. Customer data management and analytics
    8. Customer experience platforms
    9. Marketing content management
    10. Creative tools
    11. Share of voice and social platform management
    12. Etc.
  2. Go to the Go-to-Market Budget Workbook and complete by adding costs identified in above areas that are specific to this go-to-market strategy, Build, and Launch initiative. Record in the Go-to-Market Strategy Presentation completing the areas within the slides related to the Product and Launch Concepts and Business Case.

Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

Download the Go-to-Market Strategy Presentation Template

Step 3.2

Outline Sales Enablement and Support for Customer Success to Include Onboarding and Ongoing Engagement

Activities
  • 3.3.1 Sales Enablement – develop the sales enablement and training plan for Launch to include activities, responsible parties, dates for delivery, etc.

This step will walk you through the following activities:

  • Finalize the customer success training and support plan
  • Onboarding scripts
  • Changes to help screens in application
  • Timing to plan for Quality Acceptance

This step involves the following participants:

  • Project lead
  • Customer Success lead
  • Product management
  • Product marketing

Outcomes of this step

  • Plan for creation of copy, assets, and rollout pan to support clients and client segments for Launch

Phase 3 – Align functional plans with a compelling business case for product build

Step 3.1 Step 3.2 Step 3.3 Step 3.4 Step 3.5

3.2.1 Outline sales enablement

Goal: Outline sales collateral, updates to sales proposals, CPQ, Opportunity Management Systems, and sales training

  1. Describe the requirements for sales enablement to include elements such as:
    1. Sales collateral
    2. Client-facing presentations
    3. Sales proposal updates
    4. Updates to Configure, Price, and Quote (CPQ) applications
    5. Updates to Opportunity Management System (OMS) applications
    6. Sales demo versions of the new product
    7. Sales communication plans
    8. Sales training and certification programs
  2. Go to the Go-to-Market Budget Workbook and add the costs identified in above areas that are specific to this go-to-market strategy, Build, and Launch initiative. Record as well in the Go-to-Market Strategy Presentation completing the areas within the slides related to the Product and Launch Concepts and Business Case.

Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

Download the Go-to-Market Strategy Presentation Template

3.2.2 Outline customer success

Goal: Outline customer support/success requirements and plan

  1. Plans, timings, and incremental costs for the following:
    1. Onboarding scripts for the new solution
    2. Updates to retention lifecycle
    3. FAQ answers
    4. Updates to online help/support system
    5. “How-to” videos
    6. Live chat updates
    7. Updates to “provide feedback” system
    8. Updates to Quarterly Business Review slides
  2. Go to the Go-to-Market Budget Workbook and add the costs identified in above areas that are specific to this go-to-market strategy, Build, and Launch initiative. Record in the Go-to-Market Strategy Presentation and complete the areas within the slides related to the Product and Launch Concepts and Business Case.

Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

Download the Go-to-Market Strategy Presentation Template

Step 3.3

Build an Awareness Plan Covering Media, Social Media, and Industry Analysts

Activities
  • 3.4.1 Corp Comms/PR/AR – develop the overall awareness plans for executive interviews, articles placed, social drops, analyst briefing dates, and internal associate comms if required.

This step will walk you through the following activities:

  • Outline outbound communications plans including press releases, social posts, etc.
  • Describe dates for AR outreach to covering analysts
  • Develop the internal communications plan

This step involves the following participants:

  • Project lead
  • Corporate Comms lead
  • Creative
  • Analyst relations
  • Social media marketing lead

Outcomes of this step

  • Plan for creation of copy, assets, and rollout pan to support awareness building, external communications, and internal communications if required

Phase 3 – Align functional plans with a compelling business case for product build

Step 3.1 Step 3.2 Step 3.3 Step 3.4 Step 3.5

3.3.1 Internal communications plan

Goal: Outline complete internal communications plan. For large-scale changes (i.e. rebranding, M&A, etc.) HR may drive significant volume of employee communications working with Corporate Comms

  1. Plans, timings, and incremental costs for the following:
    1. Complete a comms plan with dates, messages, and channels
    2. Team member roles and responsibilities
    3. Intranet article and posting schedules
    4. Creation of new office signage, merchandise, etc. for employee kits
    5. Pre-launch announcements schedule
    6. Launch day communications, events, and activities
    7. Post launch update schedule and messages for launch success
    8. Incremental staffing and resources/budget requirements
  2. Go to the Go-to-Market Budget Workbook and add costs identified in above areas that are specific to this go-to-market strategy, Build, and Launch initiative. Record as well in the Go-to-Market Strategy Presentation completing the areas related to the Product and Launch Concepts and Business Case.

Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

Download the Go-to-Market Strategy Presentation Template

3.3.2 PR and External Communications Plan

Goal: Outline complete internal communications plan. For large scale changes (i.e. rebranding, M&A, etc.) HR may drive significant volume of employee communications working with Corporate Comms

  1. Plans, timings, and incremental costs for the following:
    1. List of Tier 1 and Tier 2 media authors covering the [product/initiative] market area
    2. Schedule of launch briefings, with any non-analyst influencers
    3. Timing of press releases
    4. Required supporting executives and stakeholders for each of the above meetings
    5. Slide deck/media kit for the above and planned questions to support needed feedback
    6. Media Site materials especially to support media questions and requests for briefings
    7. Social postings calendar of activities and key messages plan
    8. Publish data of [product/initiative] relevant articles with set-back schedules
    9. Cultivation of reference customers and client testimonials for media outreach
    10. Requirements for additional staffing to cover product/initiative new market and analysts
    11. Internal and external events calendar to invite media
  2. Go to the Go-to-Market Budget Workbook and add the costs identified in the above areas that are specific to this go-to-market strategy, Build, and Launch initiative. Record in the Go-to-Market Strategy Presentation by completing the areas related to the Product and Launch Concepts and Business Case.

Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

Download the Go-to-Market Strategy Presentation Template

3.3.3 Analyst relations plan

Goal: Outline incremental costs in analyst communications, engagement, and access to research

  1. Plans, timings, and incremental costs for the following:
    1. List of Tier 1 and Tier 2 analysts for the [product/initiative] market area
    2. Schedule of inquiries, pre-launch briefings, launch briefings, and post-launch feedback
    3. Required supporting executives and stakeholders for each of the above meetings
    4. Analyst deck for each of the above and planned questions to support needed feedback
    5. Analyst Site materials to support 2nd and 3rd Tier analysts’ questions and requests for briefings
    6. Social postings calendar of activities and key messages
    7. Resources to respond to analyst blogs and/or social posts regarding your product/initiative area
    8. Timing of important and relevant analyst document/methodology publishing dates with set-back schedules
    9. Cultivation of reference customers and client testimonials to coincide with analyst outreach for research and for buyer review sites/reviews data gathering
    10. Requirements for additional staffing to cover product/initiative new market and analysts
    11. Events calendar where analysts will be presenting on this product/initiative market
  2. Go to the Go-to-Market Budget Workbook and add the costs identified in the above areas that are specific to this go-to-market strategy, Build and Launch initiative. Record in the Go-to-Market Strategy Presentation by completing the areas related to the Product and Launch Concepts and Business Case.

Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

Download the Go-to-Market Strategy Presentation Template

Step 3.4

Finalize Product Business Case With Collaborative Input From Product, Sales, and Marketing

Activities
  • 3.5.1 Convene the team to align sales, marketing, and product around the business case.

This step will walk you through the following activities:

  • Refine the product business case initiated in Phase 2
  • Align product revenue forecast with sales revenue forecast
  • Align MVP features to be developed during “GTM – Build” with customer validated product-market fit

This step involves the following participants:

  • Project lead
  • Product management
  • Product marketing

Outcomes of this step

  • Product business case

Phase 3 – Align functional plans with a compelling business case for product build

Step 3.1 Step 3.2 Step 3.3 Step 3.4 Step 3.5

3.4.1 Final product Build and Launch business case

Goal: Beyond the product business case, factor in costs for technology, campaigning, sales enablement, and customer success in order to gain approval for Build and Launch

  1. Using the Go-to-Market Strategy Presentation, workstream leads and Go-to-Market Initiative leaders will finalize the anticipated incremental costs, and when compared to projected product revenues, present to the Steering Committee including CFO for final approval before moving to Build and Launch.
  2. To present a complete business case, key cost areas include:
    1. All the areas outlined up through Step 3.4 plus:
    2. Technology/MarTech Stack incremental costs
    3. Channel programs, branding/agency, pricing, packaging/product, and T&E incremental costs
    4. Campaign related – creative, content marketing, paid media, events, SEO, lists/data
    5. Sales Enablement, Customer Support/Success incremental costs
    6. Internal communications/events/activities/signage costs
    7. PR/AR/Media incremental costs
  3. Compare to final Sales/Product agreed projected revenues, in order to calculate estimated gross margins

Go to the Go-to-Market Budget Workbook as outlined in prior steps and document final incremental costs and projected revenues and summarize within the Go-to-Market Strategy Presentation.

Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

Download the Go-to-Market Strategy Presentation Template

Product Build and Launch Business Case Checklist:

  • Acceptably large enough product market opportunity
  • Well-defined competitive differentiation
  • Buyer-validated product-market fit
  • Buyer-validated and competitive commercials (i.e. pricing, packaging)
  • An MVP with roadmap that aligns with buyer needs and buyer validated price points
  • A 24–36 month sales forecast with CRO sign-up and support for attainment
  • Incremental product development, tech, marketing, sales, customer success, AR/PR costs vs. forecasted revenues fall within acceptable margins

Step 3.5

Develop Your Final Executive Presentation to Request Approval and Proceed to GTM Build Phase

Activities
  • 3.6.1 Update the Product, Launch, Journey, and Business Case slides included within the Go-to-Market Strategy Presentation Template with Phase 3 findings culminating in the business case.

This step will walk you through the following activities:

  • Update the previously created slides with findings from Phase 3
  • Hold a Steering Committee meeting and present findings for approval

This step involves the following participants:

  • Steering Committee
  • Workstream leads

Outcomes of this step

  • GTM Strategy approved to move to GTM Build

Phase 3 – Align functional plans with a compelling business case for product build

Step 3.1 Step 3.2 Step 3.3 Step 3.4 Step 3.5

3.5.1 Update your GTM Strategy deck for Align Steering Committee approval

  1. As you near completion of the Go-to-Market Strategy Phase – Align Step, an important test to pass before proceeding to the Design step of GTM Strategy, is to answer several key questions:
    1. Are Sales, Product, and Marketing all aligned and in agreement on the business case?
    2. Are the gross margin calculations acceptable to the Steering Committee? CFO? CEO?
  2. If the answer is “no” you need to return to prior steps and ensure completion.
  3. Pull together a summary review deck, schedule a meeting with the Steering Committee, present to-date findings for approval to move on to Build Phase.
  4. Once your final business case is accepted, you are ready to move on to the GTM Build and Launch phases. These phases are covered in sperate SoftwareReviews blueprints.

Download the Go-to-Market Strategy Presentation Template

Sample of the 'PLAN' section of the GTM Strategy optimization diagram with 'GTM Align Review' circled in red.

The presentation you create contains:

  • Timelines and work plan updates
  • Tech stack needs/modifications
  • An expanded product concept to include packaging and pricing approach
  • Asset-type concepts for marketing campaigns, sales collateral, website, and social
  • Outline of initial Launch dates
  • Outline of initial customer success, awareness/PR/AR plans, and sales training plans
  • Final business case

Summary of Accomplishment

Problem Solved – A More Effective Go-to-Market Strategy

By guiding your team through the Go-to-Market planning process applied to an actual GTM Strategy, you have built an important set of capabilities that underpins today’s well-managed software companies. By following the step-by-step process outlined in this blueprint, you have delivered a host of benefits that include the following:

  • Alignment of Product, Marketing, Sales, and Customer Success around a deeper understanding of your target buyers and what it takes to build competitive differentiation.
  • You have calculated your product market opportunity and whether it’s worth the investment in the long-term, and for the short term you have estimated gross margins as an important part of the business case.
  • Built executive support and confidence by leading a disparate team in complex decision making that is fact and evidence based to make more effective go/no go decisions related to investing in new products.
  • And finally, because you and your team have demonstrated their ability to align programs toward a common goal and program-manage a complex initiative through to successful completion, you have led your team to develop the “institutional muscle” to take on equally complex initiatives such as acquisition integration, rebranding, launching in a new region, etc.

Therefore, developing the capabilities to manage a complex go-to-market strategy is akin to building company scalability and is sought after as a professional development opportunity that each executive should have on his/her résumé.

If you would like additional support, contact us and we’ll make sure you get the professional expertise you need.

Contact your account representative for more information.

info@softwarereviews.com 1-888-670-8889

Bibliography

Acosta, Danette. “Average Customer Retention Rate by Industry.” Profitwell.com. Accessed Jan. 2022.

Ashkenas, Ron, and Patrick Finn. “The Go-To-Market Approach Startups Need to Adopt.” Harvard Business Review, June 2016. Accessed Jun. 2021.

Bilardi, Emma. “ How to Create Buyer Personas.” Product Marketing Alliance, July 2020. Accessed Dec. 2021.

Cespedes, Frank V. “Defining a Post-Pandemic Channel Strategy.” Harvard Business Review, Apr. 2021. Accessed Jul. 2021.

Chapman, Lawrence. “A Visual Guide to Product Launches.” Product Marketing Alliance. Accessed Jul. 2021.

Chapman, Lawrence. “Everything You Need To Know About Go-To-Market Strategies.” Product Marketing Alliance. Accessed Jul. 2021.

Christiansen, Clayton. “The Innovators Dilemma.” Harvard Business School Press, 1997.

Drzewicki, Matt. “Digital Marketing Maturity: The Path to Success.” MIT Sloan Management Review. Accessed Dec. 2021.

“Go-To-Market Refresher,” Product Marketing Alliance. Accessed Jul. 2021

Harrison, Liz; Dennis Spillecke, Jennifer Stanley, and Jenny Tsai. “Omnichannel in B2B sales: The new normal in a year that has been anything but.” McKinsey & Company, 15 March, 2021. Accessed Dec. 2021.

Jansen, Hasse. “Buyer Personas – 33 Mind Blowing Stats.” Boardview, 19 Feb. 2016. Accessed Jan. 2022.

Scott, Ryan. “Creating a Brand Identity: 20 Questions to Consider.” Lean Labs, Jun 2021. Accessed Jul. 2021.

Smith, Michael L., and James Erwin. “Role and Responsibility Charting (RACI).” DOCSearch. Accessed Jan. 2022. Web.

“What is the Total Addressable Market (TAM).” Corporate Finance Institute (CFI), n.d. Accessed Jan. 2022.

Related Software Reviews Research

Sample of the Create a Buyer Persona and Journey research Create a Buyer Persona and Journey
  • A successful go-to-market strategy depends upon deep buyer understanding. Our Create a Buyer Persona and Journey blueprint will give you a step-by-step process that when followed will provide you and your team with that deep buyer understanding you need.
  • The Create a Buyer Persona and Journey blueprint provides you with an interview containing over 75 questions that, after capturing buyer answers and insights during interviews, will strengthen your value proposition, product market fit, lead gen engine and sales effectiveness.
Sample of the Optimize Lead Generation With Lead Scoring research Optimize Lead Generation With Lead Scoring
  • Save time and money and improve your sales win rates when you apply our methodology to score contacts with your lead gen engine more accurately and pass better qualified leads over to your sellers.
  • Our methodology teaches marketers to develop your own lead scoring approach based upon lead/contact profile vs. your Ideal Customer Profile (ICP) and scores contact engagement. Applying the methodology to arrive at your own approach to scoring will mean reduced lead gen costs, higher conversion rates, and increased marketing influenced wins.

Identify and Manage Security Risk Impacts on Your Organization

  • Buy Link or Shortcode: {j2store}221|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Vendor Management
  • Parent Category Link: /vendor-management
  • More than any other time, our world is changing. As a result, organizations – and their vendors – need to be able to adapt their plans to accommodate risk on an unprecedented level.
  • A new global change will impact your organization at any given time. Ensure that you monitor threats appropriately and that your plans are flexible enough to manage the inevitable consequences.

Our Advice

Critical Insight

  • Identifying and managing a vendor’s potential security risk impacts on your organization requires multiple people in the organization across several functions. Those people all need coaching on the potential changes in the market and how these changes could introduce new risks.
  • Organizational leadership is often taken unaware during crises, and their plans lack the flexibility needed to adjust to significant market upheavals and surprise incidents.

Impact and Result

  • Vendor management practices educate organizations on the potential risks from vendors in your market and suggest creative and alternative ways to avoid and manage them.
  • Prioritize and classify your vendors with quantifiable, standardized rankings.
  • Prioritize focus on your high-risk vendors.
  • Standardize your processes for identifying and monitoring vendor risks to manage potential impacts with our Security Risk Impact Tool.

Identify and Manage Security Risk Impacts on Your Organization Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Identify and Manage Security Risk Impacts on Your Organization Deck – Use the research to better understand the negative impacts of vendor actions on your security.

Use this research to identify and quantify the potential security impacts caused by vendors. Use Info-Tech’s approach to look at the security impacts from various perspectives to better prepare for issues that may arise.

  • Identify and Manage Security Risk Impacts on Your Organization Storyboard

2. Security Risk Impact Tool – Use this tool to help identify and quantify the security impacts of negative vendor actions.

By playing the “what if” game and asking probing questions to draw out – or eliminate – possible negative outcomes, everyone involved adds their insight into parts of the organization to gather a comprehensive picture of potential impacts.

  • Security Risk Impact Tool
[infographic]

Further reading

Identify and Manage Security Risk Impacts on Your Organization

Know where the attacks are coming from so you know where to protect.

Analyst perspective

It is time to start looking at risk realistically and move away from “trust but verify” toward zero trust.

Frank Sewell, Research Director, Vendor Management

Frank Sewell,
Research Director, Vendor Management
Info-Tech Research Group

We are inundated with a barrage of news about security incidents on what seems like a daily basis. In such an environment, it is easy to forget that there are ways to help prevent such things from happening and that they have actual costs if we relax our diligence.

Most people are aware of defense strategies that help keep their organization safe from direct attack and inside threats. Likewise, they expect their trusted partners to perform the same diligence. Unfortunately, as more organizations use cloud service vendors, the risks with n-party vendors are increasing.

Over the last few years, we have learned the harsh lesson that downstream attacks affect more businesses than we ever expected as suppliers, manufacturers of base goods and materials, and rising transportation costs affect the global economy.

“Trust but verify” – while a good concept – should give way to the more effective zero-trust model in favor of knowing it’s not a matter of if an incident happens but when.

Executive Summary

Your Challenge

More than any other time, our world is changing. As a result, organizations – and their vendors – need to be able to adapt their plans to accommodate risk on an unprecedented level.

A new global change will impact your organization at any given time. Ensure that you monitor threats appropriately and that your plans are flexible enough to manage the inevitable consequences.

Common Obstacles

Identifying and managing a vendor’s potential security risk impacts on your organization requires multiple people in the organization across several functions. Those people all need coaching on the potential changes in the market and how these changes could introduce new risks.

Organizational leadership is often taken unaware during crises, and their plans lack the flexibility needed to adjust to significant market upheavals and surprise incidents.

Info-Tech’s Approach

Vendor management practices educate organizations on the potential risks from vendors in your market and suggest creative and alternative ways to avoid and manage them.

Prioritize and classify your vendors with quantifiable, standardized rankings.

Prioritize focus on your high-risk vendors.

Standardize your processes for identifying and monitoring vendor risks to manage potential impacts with our Security Risk Impact Tool.

Info-Tech Insight
Organizations must evolve their security risk assessments to be more adaptive to respond to global changes in the market. Ongoing monitoring of third-party vendor risks and holding those vendors accountable throughout the vendor lifecycle are critical to preventing disastrous impacts.

Info-Tech’s multi-blueprint series on vendor risk assessment

There are many individual components of vendor risk beyond cybersecurity.

Multi-blueprint series on vendor risk assessment

This series will focus on the individual components of vendor risk and how vendor management practices can facilitate organizations’ understanding of those risks.

Out of Scope:
This series will not tackle risk governance, determining overall risk tolerance and appetite, or quantifying inherent risk.

Security risk impacts

Potential losses to the organization due to security incidents

  • In this blueprint we’ll explore security risks, particularly from third-party vendors, and their impacts.
  • Identify potentially disruptive events to assess the overall impact on organizations and implement adaptive measures to correct security plans.

The world is constantly changing

The IT market is constantly reacting to global influences. By anticipating changes, leaders can set expectations and work with their vendors to accommodate them.

When the unexpected happens, being able to adapt quickly to new priorities ensures continued long-term business success.

Below are some things no one expected to happen in the last few years:

62% 83% 84%
Ransomware attacks spiked 62% globally (and 158% in North America alone). 83% of companies increased organizational focus on third-party risk management in 2020. In a 2020 survey, 84% of organizations reported having experienced a third-party incident in the last three years.
One Trust, 2022 Help Net Security, 2021 Deloitte, 2020

Identify and manage security risk impacts on your organization

Identify and manage security risk impacts on your organization

Due diligence will enable successful outcomes.

What is third-party risk?

Third-Party Vendor: Anyone who provides goods or services to a company or individual in exchange for payment transacted with electronic instructions (Law Insider).

Third-Party Risk: The potential threat presented to organizations’ employee and customer data, financial information, and operations from the organization’s supply chain and other outside parties that provide products and/or services and have access to privileged systems (Awake Security).

It is essential to know not only who your vendors are but also who their vendors are (n-party vendors). Organizations often overlook that their vendors rely on others to support their business, and those layers can add risk to your organization.

Identify and manage security risks

Global Pandemic

Very few people could have predicted that a global pandemic would interrupt business on the scale experienced today. Organizations should look at their lessons learned and incorporate adaptable preparations into their security planning and ongoing monitoring moving forward.

Vendor Breaches

The IT market is an ever-shifting environment; more organizations are relying on cloud service vendors, staff augmentation, and other outside resources. Organizations should hold these vendors (and their downstream vendors) to the same levels of security and standards of conduct that they hold their internal resources.

Resource Shortages

A lack of resources is often overlooked, but it’s easily recognized as a reason for a security incident. All too often, companies are unwilling to dedicate resources to their vendors’ security risk assessment and ongoing monitoring needs. Only once an incident occurs do companies decide it is time to reprioritize.

Manage the Active Directory in the Service Desk

  • Buy Link or Shortcode: {j2store}489|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Service Desk
  • Parent Category Link: /service-desk
  • Actively maintaining the Active Directory is a difficult task that only gets more difficult with issues like stale accounts and privilege creep.
  • Adding permissions without removing them in lateral transfers creates access issues, especially when regulatory requirements like HIPAA require tight controls.
  • With the importance of maintaining and granting permissions within the Active Directory, organizations are hesitant to grant domain admin access to Tier 1 of the service desk. However, inundating Tier 2 analysts with requests to grant permissions takes away project time.

Our Advice

Critical Insight

  • Do not treat the Active Directory like a black box. Strive for accurate data and be proactive by managing your monitoring and audit schedules.
  • Catch outage problems before they happen by splitting monitoring tasks between daily, weekly, and monthly routines.
  • Shift left to save resourcing by employing workflow automation or scripted authorization for Tier 1 technicians.
  • Design actionable metrics to monitor and manage your Active Directory.

Impact and Result

  • Consistent and right-sized monitoring and updating of the Active Directory is key to clean data.
  • Split monitoring activities between daily, weekly, and monthly checklists to raise efficiency.
  • If need be, shift-left strategies can be implemented for identity and access management by scripting the process so that it can be done by Tier 1 technicians.

Manage the Active Directory in the Service Desk Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should manage your Active Directory in the service desk, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Maintain your Active Directory with clean data

Building and maintaining your Active Directory does not have to be difficult. Standardized organization and monitoring with the proper metrics help you keep your data accurate and up to date.

  • Active Directory Standard Operating Procedure
  • Active Directory Metrics Tool

2. Structure your service desk Active Directory processes

Build a comprehensive Active Directory workflow library for service desk technicians to follow.

  • Active Directory Process Workflows (Visio)
  • Active Directory Process Workflows (PDF)
[infographic]

Disaster Recovery Planning

  • Buy Link or Shortcode: {j2store}38|cart{/j2store}
  • Related Products: {j2store}38|crosssells{/j2store}
  • Teaser Video: Visit Website
  • Teaser Video Title: Disaster Recovery Planning
  • member rating overall impact (scale of 10): 9.6/10
  • member rating average dollars saved: $92,268
  • member rating average days saved: 36
  • Parent Category Name: Security and Risk
  • Parent Category Link: /security-and-risk
The show must go on. Make sure your IT has right-sized DR capabilities.

Drive Innovation With an Exponential IT Mindset

  • Buy Link or Shortcode: {j2store}107|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Innovation
  • Parent Category Link: /innovation

To drive a rapid shift towards the adoption of emerging technology, CIOs need:

  • Highly specialized knowledge of emerging technology and trends
  • The ability to engage the business in co-creating value via emerging technology
  • The skills to manage complex enterprise risk
  • Strong governance processes which support enterprise change management

Our Advice

Critical Insight

IT must lead the innovation capabilities that will drive the adoption of emerging technology across the enterprise. In an exponential world, IT needs to adopt business value targets and become a value creator rather limit itself to IT service targets and remain a cost center in the organization.

Impact and Result

Assess your innovation capability in five key areas supporting Exponential IT:

  • Organizational Excellence
  • Insights & Intelligence
  • Agile Ideation
  • Team Capabilities
  • Innovation Operations

Drive Innovation With an Exponential IT Mindset Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Drive Innovation With an Exponential IT Mindset – Learn about the new era of exponential innovation and the capabilities needed to succeed.

This research walks you through how to assess your capabilities to lead enterprise innovation and drive Exponential IT.

  • Drive Innovation With an Exponential IT Mindset Storyboard

2. Innovation Readiness Assessment – Assess your readiness to drive innovation and the adoption of emerging technology.

This tool will facilitate your readiness assessment.

  • Innovation Readiness Assessment
[infographic]

Further reading

Drive Innovation With an Exponential IT Mindset

Are you ready to drive the adoption of autonomous business capabilities?

A diagram that shows exponential IT

Analyst Perspective

IT must develop new capabilities to drive emerging tech adoption

Traditionally, CIOs have struggled to gain the trust of the executive leadership team and be recognized as business leaders rather than just technical leaders. In fact, based on a 2023 study by Info-Tech Research Group, only 36% of CIOs report directly to the CEO with most of the remainder reporting through either the CFO or COO.

Exponential IT requires that CIOs gain a seat at the table and build the capabilities necessary to not only lead the transformation of their business but also drive the innovation that will lead to enterprise adoption of emerging technologies. CIOs will be required to gain a detailed understanding of their business and in-depth knowledge of emerging technologies so that they can match business opportunities with technology capabilities, while managing risk and change.

This research will help CIOs identify the capabilities they need to transform the business, and better understand where they must mature their capabilities to drive Exponential IT.

Photo of Kim Osborne Rodriguez
Kim Osborne Rodriguez
Research Director, CIO Advisory
Info-Tech Research Group

Executive Summary

Your Challenge

To drive a rapid shift toward adopting emerging technology, CIOs need:

  • Highly specialized knowledge of emerging technology and trends
  • The ability to engage the business in co-creating value via emerging technology
  • The skills to manage complex enterprise risk
  • Strong governance processes which support enterprise change management

Common Obstacles

Exponential IT is dramatically shifting how IT engages the business. Many CIOs are unprepared.

  • Innovation is increasingly important for competitive advantage and business growth, narrowing the gap between large and small players.
  • Over 80% of CXOs believe their CIOs are currently unable to drive change within the business.[1]
  • 40% of CXOs anticipate that IT must be able to transform the business to maintain relevance.[1]

Info-Tech's Approach

Is your IT team ready to drive the adoption of emerging technology? Assess your innovation capability in five key areas supporting Exponential IT:

  • Organizational Excellence
  • Insights & Intelligence
  • Agile Ideation
  • Team Capabilities
  • Innovation Operations

[1] Info-Tech CXO-CIO diagnostic benchmark data, 2022, n=76

Info-Tech Insight

IT must lead the innovation capabilities that will drive the adoption of emerging technology across the enterprise. In an exponential world, IT needs to adopt business value targets and become a value creator rather than limit itself to IT service targets and remain a cost center in the organization.

Drive innovation with an Exponential IT mindset

Your ability to capture enterprise value from autonomization relies on your innovation capabilities and potential. Is your IT team ready to drive the adoption of AI-driven business processes? Assess your innovation readiness in five key areas supporting Exponential IT.

A diagram that shows 5 key areas of exponential IT

IT must rapidly mature

If IT leaders cannot lead the transformation, then the business will move forward without them.

Only 3% of CXOs report that their IT department can transform the business. Most IT organizations (81%) still struggle to adequately support the business.

A diagram that shows IT maturity and exponential IT

A diagram that shows IT capabilities Based on a Survey of CXOs (n=76)

Common obstacles

Leverage Exponential IT to drive value from the adoption of emerging tech

The most common obstacles to innovation are cultural, including politics, lack of alignment on goals, misaligned culture, and an inability to act on indicators of change.[1]

CIOs struggle to get a seat at the table and influence change. Info-Tech research shows that only 36% of CIOs report directly to the CEO, with over a third reporting to another C-suite leader such as a COO or CFO.[2]

[1] Harvard Business Review, 2018
[2] Info-Tech Research Group CIO Time Study, 2023

Info-Tech Insight

To drive change, CIOs need to gain the trust of their senior leadership team. Getting a seat at the table should be the first step for any CIO looking to transform their business.

Many CIOs struggle to be seen as business leaders

36%

Only 36% of CIOs report directly to the CEO.

Source: Info-Tech Research Group, 2023.

48%

48% of Boards report that they lack frequent or direct lines of communication with their CIOs.

Source: CIO Dive, 2022

Executive Brief: Case Study

Logo of RBC Royal Bank

  • INDUSTRY: Financial Services
  • SOURCE: Borealis AI

Borealis AI drives AI-powered transformation at Royal Bank of Canada

Borealis AI is a research center backed by RBC Royal Bank, tasked with researching, designing, and building AI products and tools which transform the financial services industry. It gathers researchers with backgrounds in artificial intelligence (AI), computer vision, natural language processing (NLP), computer science, computational finance, mathematics, and machine learning (ML) to create solutions in areas including asynchronous temporal models, non-cooperative learning in competing markets, and causal machine learning from observational data.

Results

Borealis AI has created many innovative products for RBC, including:

  • NOMI Forecast: an award-winning personal financial management tool
  • Turing by Borealis AI: a text-to-SQL database interface using NLP
  • Aiden: an AI-powered electronic trading tool using reinforcement learning

In 2023, Borealis AI won the Best Use of AI for Customer Experience award from The Digital Banker, for the NOMI Forecast app, which has been downloaded by nearly a million RBC clients since launching in 2021.


"NOMI Forecast is a cutting-edge AI solution that uses deep learning to offer timely and accurate predictions of our clients' cashflow. Powered by our unique datasets, these AI models have been trained to deliver personalized experiences for RBC clients,"
— Foteini Agrafioti, Chief Science Officer at RBC and Head of Borealis AI

IT needs to connect emerging technology with business opportunities

A diagram that shows exponential innovation, emerging technology, business opportunities.

Emerging tech is driving business change

A diagram that shows exponential innovation and its 5 elements.

Innovation is critical for business success, but succeeding is more difficult than ever

Emerging tech brings new challenges for organizations looking to create a competitive advantage. Access to sophisticated tools with minimal upfront costs have lowered the barriers to entry and democratized innovation, particularly among smaller players. The explosion of data processing & collaboration tools has allowed more focused and data-driven innovation efforts through analysis and insights, increasing the competitive advantage for those who get it right.

This has led to an accelerated pace of change as autonomous business processes start driving their own market shifts. The rise of autonomous business processes creates exponential reward, but also exponential risk for early adopters.

Innovation is increasingly critical for competitive growth

IT innovation leadership explains 75% of the variation in satisfaction with IT (Source: Info-Tech Research Group survey, n=305) and is the fourth-highest priority for IT end users.

A 7-year review by McKinsey (2020) showed that the most innovative companies[1] outperformed the market by upwards of 30%.

A 25-year study by Business Development Canada & Statistics Canada showed that innovation was more important to business success than management, human resources, marketing, or finance.

[1]Top innovators are defined as companies which were listed on Fast Company World's 50 Most Innovative Companies for 2+ years.

Adapt your approach to innovation

Both traditional and exponential (AI-driven) innovation is important for business success

IT as a fast execution engine

Ideal for developing new methods, products, or services which provide value to the organization

Can be led by IT or the business, depending on the scope of innovation (IT generally leads IT/internal innovation while the business leads customer-focused innovation)

Often follows the pace of the business

IT is a fast executor on requests generated by the business

Leverages Agile to develop new ideas and products, and uses DevOps to put into production


Use Info-Tech's research to Build your Enterprise Innovation Program

IT as an exponential innovation leader

Ideal for driving the enterprise adoption of emerging tech and autonomous business capabilities

Led by IT, which brings the understanding of emerging technology and can link opportunities to business problems

Driven by a faster pace of change, which requires more frequent assessment of emerging technology

IT is a fast executor on ideas and uses partnerships to drive execution

Leverages Agile, machine learning operations (MLOps), DataOps and product design to test and implement ideas

Use this research to successfully drive innovation with an Exponential IT mindset

Measure the value of this blueprint

Transformation efforts fail over 75% of the time[1] resulting in millions of dollars of lost revenue[2]

Our research indicates that most organizations would take months to prepare this type of assessment without our resources. That's nearly 70 work hours spent researching and gathering data to support due diligence, for a total cost of thousands of dollars. Improve your success rate by understanding what's needed to successfully drive innovation.

[1] Lombard, 2022
[2] FutureCIO, 2022

A photo of Establish a baseline

A diagram that shows Estimated time commitment without Info-Tech's research (person-hours)

Establish a baseline

Gauge the effectiveness of this research by completing the following table before and after using this blueprint:

A diagram that shows Establish a baseline

How to use this research

Five tips to get the most out of your readiness assessment

  1. Each category consists of five competencies, with a maximum of five points each. The maximum score on this assessment is 100 points.
  2. Effectiveness levels range from basic (Level 1) to advanced (Level 5). Level 1 is generally considered the baseline for most effectively operating organizations. If your organization is struggling with Level 1 competencies, focus on those before pursuing higher maturity areas.
  3. This assessment is qualitative. Complete the assessment to the best of your ability, based on the scoring rubric provided. If you fall between levels, use the lower one in your assessment.
  4. The scoring rubric may not perfectly fit the processes and practices within every organization. Consider the spirit of the description and score accordingly.
  5. Other industry- and region-specific competencies may be required to succeed at exponential innovation. The competencies in this assessment are a starting point, and internal validation and assessments should be conducted to uncover additional competencies and skills.

Assess your innovation readiness:

1. Organizational Excellence

  • Innovation mandate
  • Transformational leadership
  • Culture of innovation
  • Vision & strategy

Organizational excellence sets the stage for innovation.

"Innovation distinguishes between a leader and a follower." – Steve Jobs, Apple Founder

Without strong leadership, innovation efforts are almost certain to fail. Innovation requires buy-in and support, a leader who walks the talk, culture which supports risk taking and allows failure, and a clear and compelling vision. Without these elements in place, transformation efforts are a fifteen times more likely to fail [1] – and waste time and money along the way.

[1] Lombard, 2022.

Focus on innovation to deliver business value

Satisfaction drives IT value, and innovation leadership drives satisfaction with IT

Strong leadership is critical to the success of innovation. A global survey of 600 business leaders pointed to leadership as the best predictor of innovation success[1] and showed a strong correlation between leadership ability and innovation capabilities.

Innovation leadership starts with a mandate from the senior leadership team and requires a clearly articulated vision and strategy to deliver the intended benefits to the organization. A survey of 270 business leaders showed that over a third of them struggled with articulating the right strategy or vision, hindering their efforts to innovate.[2]

45% of business leaders report that cultural issues stifle their innovation efforts, and 55% report unhealthy politics which cause infighting that negatively affects their organization.[2]

[1] McKinsey, 2008
[2] Harvard Business Review, 2018

The importance of leadership

75% of high IT satisfaction scores are associated with a strong ability to lead innovation.
Source: Info-Tech Research Group survey, n=305

Struggling to get a seat at the table?

It can be challenging to drive innovation efforts without trust and buy-in from senior leadership. Start with small initiatives and build your reputation by consistently delivering on your commitments.

Leadership starts with a mandate

Build your innovation leadership with the following capabilities:

Innovation mandate: There is strong support and trust from the senior leadership team, which gives IT leaders the opportunity to lead innovation despite any temporary failure. IT leaders are well-informed about and have input into business decisions.

Transformational leadership: IT leaders are influential change agents, not only within their organization but across their industry or community. They inspire others and actively collaborate with external partners, driving change beyond their organization.

Culture of innovation: Innovative cultures generally demonstrate ten behaviors that are most closely correlated with innovation success: growth mindset, learning-focused, psychological safety, curiosity, trust, willingness to fail, collaboration, diverse perspectives, autonomy, and appropriate risk-taking. These behaviors are embedded in the organization and strongly demonstrated in daily work.

Vision & strategy: The innovation vision and strategy are continuously refined and adapted to changing market and emerging technology trends. Emerging technology innovation is second nature in the organization, and it becomes a leader in driving change across the industry.

Additional resources for Organizational Excellence

Photo of Build your Enterprise Innovation Program

Build your Enterprise Innovation Program

Define your innovation mandate
Articulate your vision and guiding principles
Build a culture of innovation

Photo of Manage Your CXO Relations

Manage Your CXO Relations

Successfully manage CXO relationships to get a seat at the table and build your mandate to drive innovation

Photo of CIO

Become a Transformational CIO

Build the capabilities to drive transformation as an IT leader in your organization

Assess your innovation readiness:

2. Insights & Intelligence

  • Business context
  • Strategic foresight
  • Emerging tech expertise
  • Strategic alignment

The foundation of innovation is data.

"Without data you're just another person with an opinion." – Edwards Deming, Statistician

Having comprehensive and accurate data about the problems you hope to solve is critical to realizing the benefits of innovation. Build your understanding of the business and ability to predict how trends will impact your industry, then stay on top of emerging tech and align solutions with strategic business capabilities.

Act on strategic indicators

Build the ability to go from data to intelligence to insights

Info-Tech data shows that businesses are 93% more likely to be satisfied with IT when their IT teams have a better understanding of the business. Teams need to understand who your organization serves, how it delivers value, and what its goals are.

When seeking to capitalize on emerging technology opportunities, businesses face an execution challenge. 82% of business leaders report being able to identify leading indicators of change, but less than two thirds of them are confident in their ability to act on those indicators.[1]

A report by Leadership IQ noted that only 29% of the 21,008 employees surveyed considered their leader's vision consistently well aligned with the organizational vision.[2] Strategic alignment is not just important from a results perspective. It impacts employee motivation: employees with strong leadership alignment are 24% more likely to give their best at work.[2]

[1] Harvard Business Review, 2018
[2] Leadership IQ, 2020

Strategic Foresight Challenges

82% of business leaders say they can correctly identify leading indicators of change…

…however, only 58% feel confident in their abilities to act on these indicators.

Source: Harvard Business Review, 2018

You must understand the business

Develop key insights and intelligence with the following capabilities:

Business context: IT actively participates in the business as a value creator and innovator, proactively disrupting the business and driving the adoption of emerging tech that drives exponential value.

Strategic foresight: IT not only embraces emerging technologies, but actively drives innovation and disruption through their adoption. IT is adept at using trends to drive exploration and can quickly execute on initiatives.

Emerging tech expertise: There is an expert-level understanding of emerging technologies including their capabilities, limitations, risks, trends, and potential use cases. IT proactively drives the adoption of emerging technology.

Strategic alignment: IT proactively uses the business strategy to drive adoption of emerging technology and identify new opportunities. Each initiative has clear metrics and targets which directly impact business targets.

Additional resources for Intelligence & Insights

Photo of Tech Trends 2023

Tech Trends 2023

Like a chess grandmaster, CIOs must play both sides of the board. Emerging technologies present opportunities to attack, but it's necessary to protect from a volatile board.

Photo of innovation

Establish a Foresight Capability

To be recognized and validated as a forward-thinking CIO, you must establish a structured approach to innovation that considers external trends alongside internal processes.

Photo of Build a Business-Aligned IT Strategy

Build a Business-Aligned IT Strategy

Elicit the business context and identify strategic initiatives that are most important to the organization while building a plan to execute on it.

Assess your innovation readiness:

3. Agile Ideation

  • Data-driven decision making
  • Ability to identify opportunities
  • Business engagement
  • Risk management

IT must use data to drive the ideation process, engaging the business to identify opportunities – all while managing risk.

"Innovation is key. Only those who have the agility to change with the market and innovate quickly will survive."- Robert Kiyosaki, Entrepreneur & Author

Many Agile concepts are used in the process of innovation, regardless of whether the formal Agile methodology is used. Fast iterations ("fail fast"), lessons learned, and risk management are equally important for ideation as they are for execution. This category evaluates IT's ability to drive the ideation process at the enterprise level.

Use data to drive agility

Effectively using data has a threefold impact in the quality of decisions

A diagram that shows data-driven journey

Agility is critical for innovation, particularly when adopting emerging technology. AI and other emerging technologies are accelerating the pace of change and driving a necessary increase in how quickly organizations must adapt.

Data is also critical when building a case for change. A survey of over 1,000 senior business leaders showed that organizations that effectively use data to drive decision making are three times more likely to report significant improvements in the quality of their decisions.[1]

[1] Harvard Business School Online, 2019

Start with the business

The business must be involved in ideation. Develop the skills needed to engage the business and identify challenges and opportunities.

Engage the business to deliver value

Build your proficiency in the following ideation capabilities:

Data-driven decision making: Data is proactively collected from multiple internal and external sources to inform innovation strategies. Continuous monitoring of innovation provides a strong rationale for outcomes and benefits. Data governance, quality, and privacy measures are in place to ensure data quality.

Ability to identify opportunities: IT actively shapes the future of the organization and the industry by proactively identifying business opportunities for emerging technology and leading the way in their adoption. Experiments and pilots are often industry firsts.

Business engagement: IT enables the business by engaging at all levels to identify and refine emerging technology opportunities. They effectively communicate benefits and risks in business terms, while understanding business needs and challenges. IT collaborates with the business to establish innovation centers or communities of practice.

Risk management: There is a proactive and holistic approach to risk management, considering both opportunities and threats associated with emerging technology adoption. IT and the business continually anticipate and monitor emerging risks, evaluate the effectiveness of risk management practices, and adapt them to evolving technology landscapes.

Additional resources for Agile Ideation

Photo of Develop Your Agile Approach for a Successful Transformation

Develop Your Agile Approach for a Successful Transformation

Understand Agile fundamentals, principles, and practices so you can apply them effectively in your organization.

Photo of Build an IT Risk Management Program

Build an IT Risk Management Program

Risk is inevitable. Without a formal management program, you may be unaware of your greatest IT risks.

Reacting to risks after they occur can be costly and devastating, yet this is one of the most common tactics used by IT departments.

Photo of business innovation

Kick-Start IT-Led Business Innovation

Business demand for new technology is intensifying pressure to innovate and executive stakeholders expect more from IT. If IT is not considered a source of innovation, its perceived value decreases, and the threat of shadow IT grows. Don't wait to start finding and capitalizing on opportunities for IT-led innovation.

Assess your innovation readiness:

4. Team Capabilities

  • Resourcing & investment
  • Talent & skills
  • Change management
  • Partnerships & ecosystem

Ensure you have the right resources and skills needed to drive innovation.

"The best way to predict the future is to invent it." – Alan Kay, Computer Scientist

Resourcing and skills are critical building blocks for driving innovation, and without a strong understanding of emerging technology and the processes needed to adopt it, organizations will falter at driving change.

Develop the right resourcing, skills, change management, and partnerships to drive Exponential IT.

Develop key skills

Scaled Agile (SAFe): Scaled Agile is a framework for implementing Agile and lean methodologies at the enterprise level or outside of a single team.

Development operations (DevOps): A methodology for software development which includes practices and tools that support the development lifecycle.

Data operations (DataOps): A set of tools and processes that support data management within an organization. Typically used when training AI on a specialized data set.

Analytics: The systematic analysis of information used to discover, interpret, and communicate insights gleaned from patterns in data. Analytics typically generate insights that support data-driven decision making.

Machine learning operations (MLOps): Tools and processes that support the development of machine learning (ML) models, including AI and large language models (LLM). Can include expertise in computer science, natural language processing (NLP), computer vision, computational algorithms, mathematics, and ML expertise.

Artificial intelligence operations (AIOps): Leveraging AI to develop autonomous business processes at the enterprise level.

Mature your emerging technology capabilities

Agile: Build the methodologies to drive execution
DevOps: Drive the software development lifecycle
DataOps: Effectively manage data
Analytics: Develop insights from data
MLOps: Develop machine learning tools
AIOps: Build autonomous business processes

Manage the building blocks of innovation

Resourcing & investment: IT manages a well-defined and substantial budget dedicated to innovation, which is integrated into the overall strategic planning and decision-making processes. Investments are made in a holistic and forward-looking manner, considering the long-term implications and potential disruption caused by emerging technologies.

Talent & skills: Teams exhibit thought leadership and innovate within emerging technologies, including advanced machine learning engineering, MLOps, DataOps, and analytics. Employees actively contribute to the advancement of these technologies, engage in research and development, and explore new applications and use cases.

Change management: This is a core competency led by change champions and change management professionals. There is a strategic approach to driving and sustaining change, focusing on long-term adoption and continuous improvement. Change management is embedded in the organizational culture, and there is a proactive effort to foster change agility and build change capability at all levels.

Partnerships & ecosystems: IT builds an orchestrated innovation ecosystem for the adoption of emerging technology. They take a proactive role in orchestrating collaboration among ecosystem partners. The organization acts as a catalyst for innovation, bringing together diverse partners to address complex challenges and drive transformative solutions.

Additional resources for Team Capabilities

Photo of Drive Technology Adoption

Drive Technology Adoption

The project isn't over if the new product or system isn't being used. How do you ensure that what you've put in place will not be ignored or only partially adopted? People are more complicated than any new system and managing them through change requires careful planning.

Photo of team discussion

Extend Agile Practices Beyond IT

Further the benefits of Agile by extending a scaled Agile framework to the business.

Not all lessons from scaling Agile to IT are transferable. IT Agile scaling processes are tailored to IT's scope, team, and tools, which may not account for diverse attributes within your organization.

Photo of Managing Exponential Value Relationships

Managing Exponential Value Relationships

Successfully managing outcome-based relationships requires a higher degree of trust than traditional vendor relationships. Building trust comes from sharing risks and rewards between organizations and vendors.

Assess your innovation readiness:

5. Innovation Execution

  • Governance
  • Embedded security
  • Infrastructure
  • Ability to execute

Can you deliver results? Develop the capability to execute on innovative ideas.

"What good is an idea if it remains an idea? Try. Experiment. Fail. Try again. Change the world." – Simon Sinek, Author, Motivational Speaker

The foundational elements of innovation significantly overlap with the activities you must do to excel at core IT operations. Build your ability to execute quickly on innovative ideas and build the trust of the enterprise.

Rapidly execute on innovative ideas

IT must be able to successfully manage the foundational capabilities of innovation

The foundational capabilities of innovation are central to many core IT processes: governance, security, supporting infrastructure, and the ability to execute on ideas are all critical to running an effective IT shop.

IT governance is a critical and embedded practice ensuring information and technology investments, risks, and resources are aligned in the organization's best interests while producing business value. Effective governance ensures that the right technology investments are made at the right time to support and enable your organization's mission, vision, and goals.

A diagram that shows Info-Tech's IT Governance Framework and Security Framework

Build foundational capabilities

The ability to rapidly execute on ideas is fundamental not only to innovation but also running an effective IT organization.

Develop foundational IT capabilities

The ability to execute is based on key foundational capabilities, including:

Governance: Adaptable and automated governance guides effective innovation and supports the adoption of emerging technology. Decision making is flexible and can move quickly to enable the implementation of new technologies. Responsibility and authority are aligned across all levels of the organization.

Embedded security: Security and privacy controls are embedded in the applications and technologies deployed across the enterprise. Security is built into the organizational culture, with a strong focus on promoting security awareness and fostering a security-first mindset.

Infrastructure: IT infrastructure is modern, adaptive, and future-proof. Infrastructure should support a range of emerging technology applications, including the flexibility to adapt to future use cases. There is a focus on agility, scalability, flexibility, and interoperability.

Ability to execute: The IT team drives rapid innovation across the organization and can reliably execute and collaborate with internal and external partners. They are pivotal in driving innovation initiatives that align with the organization's strategic objectives. Agile methodologies and practices are embedded in the culture of the team.

Additional resources for Innovation Execution

Photo of Make Your IT Governance Adaptable

Make Your IT Governance Adaptable

Produce more value from IT by developing a governance framework optimized for your current needs and context, with the ability to adapt as your needs shift.

Create the foundation and ability to delegate and empower governance to enable agile delivery.

Photo of Build an Information Security Strategy

Build an Information Security Strategy

Many security leaders struggle to decide how best to prioritize their scarce information security resources.

The need to move from a reactive security approach toward a strategic planning approach is clear. The path to getting there is less so.

Photo of Exploit Disruptive Infrastructure Technology

Exploit Disruptive Infrastructure Technology

Accurate predicting isn't easy. Most IT leaders fail to realize how quickly technology increases in capability. Even for the tech savvy, it's difficult to predict which specific technologies will become disruptive.

Activity 1: Assess your readiness for exponential innovation

Input: Core competencies; Knowledge of internal processes and capabilities
Output: Readiness assessment
Materials: Exponential Innovation Assessment Tool; Whiteboard/Flip charts
Participants: Executive leadership team, including CIO; Other internal stakeholders of vendor partnerships

1-3 hours

  1. Gather key stakeholders from across your organization to participate in the readiness assessment exercise.
  2. As a group, review the core competencies from the following five sections and determine where your organization's effectiveness lies for each competency. Record your responses in the Exponential Innovation Assessment Tool.

Download the Exponential Innovation Assessment Tool

Interpret your results

Understand your readiness and determine the next steps to operationalize exponential innovation.

Once you have completed the readiness assessment, use Info-Tech's maturity ladder to identify next steps and recommendations.

It is usually very challenging to lead innovation with a total score less than 50. Lower maturity organizations should focus on maturing the foundational aspects of innovation, such as those in the Innovation Execution and Team Capabilities categories, and core IT processes.

For higher maturity organizations (those with total scores 50 or higher), first focus on getting all capabilities to a minimum of Level 3, then work on progressing maturity starting with foundational categories and working upwards:

A diagram that shows innovation readiness

Determine your readiness

A diagram that shows Innovation Maturity ladder

Activity 2: Create an action plan

Input: Readiness assessment
Output: Action plan to improve maturity of capabilities
Materials: Exponential Innovation Assessment Tool; Whiteboard/Flip charts
Participants: Executive leadership team, including CIO; Other internal stakeholders of vendor partnerships

1 hour

  1. Gather the stakeholders who participated in the readiness assessment exercise.
  2. As a group, review the results of the readiness assessment. Were there any surprises? Do the results reflect your understanding of the organization's maturity?
  3. Determine which areas are likely to limit the organization's innovation capability, based on lowest scoring areas and relative importance to the organization.
  4. Break out into groups and have each group identify three actions the organization could take to mature the lowest scoring areas.
  5. Bring the group back together and prioritize the actions. Note who will be accountable for each next step.
  6. Identify additional Info-Tech research that can assist with improving your maturity (see additional resources in this blueprint).

Author

Photo of Kim Osborne Rodriguez
Kim Osborne Rodriguez
Research Director, CIO Advisory
Info-Tech Research Group

Kim is a professional engineer and Registered Communications Distribution Designer (RCDD) with over a decade of experience in management and engineering consulting spanning healthcare, higher education, and commercial sectors. She has worked on some of the largest hospital construction projects in Canada, from early visioning and IT strategy through to design, specifications, and construction administration. She brings a practical and evidence-based approach, with a track record of supporting successful projects.

Kim holds a Bachelor's degree in Honours Mechatronics Engineering and an option in Management Sciences from University of Waterloo.

Research Contributors and Experts

Photo of Jack Hakimian
Jack Hakimian
Senior Vice President
Info-Tech Research Group

Jack has more than 25 years of Technology and Management Consulting experience. He has served multi-billion-dollar organizations in multiple industries including Financial Services and Telecommunications. Jack also served many large public sector institutions.

He is a frequent speaker and panelist at technology and innovation conferences and events and holds a Master's degree in Computer Engineering and an MBA from the ESCP-EAP European School of Management.


Photo of Mark Tauschek
Mark Tauschek
Vice President, Infrastructure & Operations Research
Info-Tech Research Group

Mark has hands-on network design and deployment experience across verticals including healthcare, education, manufacturing, retail, and entertainment. He has extensive knowledge in the areas of technology research, process development, vendor selection, and project management. He holds specific expertise in wireless networking and mobile technologies.

Mark holds an MBA from the Richard Ivey School of Business at the University of Western Ontario and many professional wireless technology certifications.


Photo of Michael Tweedie
Michael Tweedie
Practice Lead, CIO Strategy
Info-Tech Research Group

Mike Tweedie brings over 25 years as a technology executive. He's led several large transformation projects across core infrastructure, application and IT services as the head of Technology at ADP Canada. He was also the Head of Engineering and Service Offerings for a large French IT services firm, focused on cloud adoption and complex ERP deployment and management.

Mike holds a Bachelor's degree in Architecture from Ryerson University.


Photo of Donna Bales
Donna Bales
Principal Research Director
Info-Tech Research Group

Donna Bales is a Principal Research Director in the CIO Practice at Info-Tech Research Group specializing in research and advisory services in IT risk, governance, and compliance. She brings over 25 years of experience in strategic consulting and product development and has a history of success in leading complex, multi-stakeholder industry initiatives.

Donna has a Bachelor's degree in Economics from the University of Western Ontario.


Photo of Isabelle Hertanto
Isabelle Hertanto
Principal Research Director, Security & Privacy
Info-Tech Research Group

Isabelle Hertanto has over 15 years of experience delivering specialized IT services to the security and intelligence community. As a former federal officer for Public Safety Canada, Isabelle trained and led teams on data exploitation and digital surveillance operations in support of Canadian national security investigations. Since transitioning into the private sector, Isabelle has held senior management and consulting roles across a variety of industry sectors, including retail, construction, energy, healthcare, and the broader Canadian public sector.


Photo of Aaron Shum
Aaron Shum
Vice President, Security, Privacy, Risk & Compliance
Info-Tech Research Group

Aaron Shum is a Vice President in the Security & Privacy Research and Advisory Practice at Info-Tech Research Group. With 25+ years of experience across IT, InfoSec, and Data Privacy, he currently specializes in helping organizations implement comprehensive information security and cybersecurity programs and comply with data privacy regulations such as the European Union's General Data Protection Regulation and the California Privacy Rights Act.


Photo of Reiaz Somji
Reiaz Somji
Managing Director, Consulting
Info-Tech Research Group

As a client-focused strategist with strong organizational acumen, Reiaz leverages his 20+ years of management consulting experience to help C-suite executives and managers navigate the integration of changing technology with business goals. He is currently a managing director in Info-Tech's consulting division and leads its Infrastructure practice.


Photo of Hans Eckman
Hans Eckman
Principal Research Director, Applications
Info-Tech Research Group

Hans Eckman is a business transformation leader helping organizations connect business strategy and innovation to operational excellence. He supports Info-Tech members in SDLC optimization, Agile and DevOps implementation, CoE/CoP creation, innovation program development, application delivery, and leadership development. Hans is based out of Atlanta, Georgia.


Photo of Irina Sedenko
Irina Sedenko
Research Director, Data & Analytics
Info-Tech Research Group

Irina brings more than 20 years of information management experience and demonstrated expertise in big data, advanced analytics, machine learning, and AI. Her experience includes designing and implementing enterprise content management systems, defining data and analytics strategy to support business goals and objectives, creating data governance to enable data initiatives, and providing guidance to the client teams. She led teams through data lake implementation to enable advanced analytics capabilities and has hands-on data science and machine learning experience.

Research Contributors

Photo of Bill Macgowan
Bill Macgowan
Director, Smart Building Digitization
Cisco


Photo of Barry Wiech
Barry Wiech
Chief Digital and Information Officer
Sime Darby Industrial


Photo of Tim Dunn
Tim Dunn
Chief Information Officer
Department of Energy & Public Works (Queensland)


Photo of Sudip Ghosh
Sudip Ghosh
Group Manager, Office of the CIO
Star Entertainment Group



Samantha Rose
Contract Manager
Department of Energy & Public Works (Queensland)

Bibliography

Altringer, Beth. "A New Model for Innovation in Big Companies." Harvard Business Review. 19 Nov. 2013. Accessed 15 June 2023. https://hbr.org/2013/11/a-new-model-for-innovation-in-big-companies

Bar Am, Jordan et al. "Innovation in a Crisis: Why it is More Critical Than Ever." McKinsey & Company, 17 June 2020. Accessed 15 June 2023. https://www.mckinsey.com/capabilities/strategy-and-corporate-finance/our-insights/innovation-in-a-crisis-why-it-is-more-critical-than-ever

Barsh, Joanna et al. "Leadership and Innovation." McKinsey Quarterly, 1 Jan 2008. Accessed 7 July 2023. https://www.mckinsey.com/capabilities/strategy-and-corporate-finance/our-insights/leadership-and-innovation

Borealis AI. "RBC Wins Best Use of AI for Customer Experience for NOMI Forecast." Borealis AI Blog, 28 Apr 2023. Accessed 13 June 2023. https://www.borealisai.com/news/rbc-wins-best-use-of-ai-for-customer-experience-for-nomi-forecast/

Boston Consulting Group, "Most Innovative Companies 2022." BGC, 15 Sept. 2022. Accessed 15 June 2023. https://www.bcg.com/en-ca/publications/2022/innovation-in-climate-and-sustainability-will-lead-to-green-growth

BrainyQuote. "Innovation Quotes." Accessed 19 June 2023. https://www.brainyquote.com/topics/innovation-quotes

Christensen, Clayton M. The Innovator's Dilemma: When New Technologies Cause Great Firms to Fail. Harvard Business Review Press, 2016.

Cleroux, Pierre. The "I" Word. BDC. Accessed 1 Aug 2023. https://www.bdc.ca/en/articles-tools/blog/innovation-no-1-factor-business-success

FutureCIO Editors. "Failed transformation can result in US$6 million in lost revenue." FutureCIO, 29 Apr 2022. Accessed 10 Jul 2023. https://futurecio.tech/failed-transformation-can-result-in-us6-million-in-lost-revenue/

Goodreads. "W. Edwards Deming Quotes." Accessed 19 June 2023. https://www.goodreads.com/quotes/7327935-without-data-you-re-just-another-person-with-an-opinion

Haefner, Naomi et al. "Artificial intelligence and innovation management: A review, framework, and research agenda." Technological Forecasting and Social Change, Volume 162, 2021. Accessed 15 June 2023. https://www.sciencedirect.com/science/article/pii/S004016252031218X

IBM. "The new AI innovation equation." IBM Website. 13 Oct 2016. Accessed 15 June 2023. https://www.ibm.com/watson/advantage-reports/future-of-artificial-intelligence/ai-innovation-equation.html

Isomaki, Atte. "60+ Innovation Quotes and What They Can Teach You." Viima, 19 Mar 2019. Accessed 6 July 2023. https://www.viima.com/blog/innovation-quotes

Kay, Alan. "The best way to predict the future is to invent it." Quote Park, 3 June 2021. Accessed 15 June 2023. https://quotepark.com/quotes/1893243-alan-kay-the-best-way-to-predict-the-future-is-to-invent-it/

Kirsner, Scott. "The Biggest Obstacles to Innovation in Large Companies." Harvard Business Review, 30 July 2018. Accessed 15 June 2023. https://hbr.org/2018/07/the-biggest-obstacles-to-innovation-in-large-companies

Kiyosaki, Robert. "Innovation is key. Only those who have the agility to change with the market and innovate quickly will survive." AZ Quotes, 11 Dec. 2013. Accessed 15 June 2023.

Leadership IQ. "The State Of Leadership Development." Leadership IQ, 2020. Accessed 6 July 2023. https://www.leadershipiq.com/blogs/leadershipiq/leadership-development-state

Lombard, Charl. "Defining Digital: A New Approach to Digital Transformation." Info-Tech LIVE Conference, 2022. https://tymansgrpup.com/videos/defining-digital-a-new-approach-to-digital-transformation

Murphy, Mark. "A Shocking Number Of Leaders Are Not Aligned With Their Companies' Visions." Forbes, 28 Aug 2020. Accessed 6 Jul 2023. https://www.forbes.com/sites/markmurphy/2020/08/28/a-shocking-number-of-leaders-are-not-aligned-with-their-companies-visions

Seymour, Harriet et al. "How to unlock a scientific approach to change management with powerful data insights." IBM, 11 Jan 2023. Accessed 6 July 2023. https://www.ibm.com/blog/how-to-unlock-a-scientific-approach-to-change-management-with-powerful-data-insights/

Sinek, Simon. "What good is an idea if it remains an idea? Try. Experiment. Fail. Try again. Change the world." Praxie, n.d. https://praxie.com/top-innovation-quotes/

Stobierski, Tim. "The Advantages of Data-Driven Decision-Making." Harvard Business School Online, 26 Aug 2019. Accessed 6 July 2023. https://online.hbs.edu/blog/post/data-driven-decision-making

Torres, Roberto. "How tech leaders can earn C-suite trust." CIO Dive, 1 Jul 2022. Accessed 7 Jul 2023. https://www.ciodive.com/news/C-suite-trust-CIO-executives/626476/

Tushman, Michael et al. "Change Management Is Becoming Increasingly Data-Driven. Companies Aren't Ready." Harvard Business Review, 23 Oct 2017. Accessed 6 Jul 2023. https://hbr.org/2017/10/change-management-is-becoming-increasingly-data-driven-companies-arent-ready

Weick, Karl and Kathleen Sutcliffe. Managing the Unexpected: Sustained Performance in a Complex World, Third Edition. John Wiley & Sons, 2015.

Secrets of SAP S-4HANA Licensing

  • Buy Link or Shortcode: {j2store}231|cart{/j2store}
  • member rating overall impact (scale of 10): 9.0/10 Overall Impact
  • member rating average dollars saved: $25,000 Average $ Saved
  • member rating average days saved: 10 Average Days Saved
  • Parent Category Name: Vendor Management
  • Parent Category Link: /vendor-management
  • With the relatively slow uptake of the S/4HANA platform, the pressure is immense for SAP to maintain revenue growth.
  • SAP’s definitions and licensing rules are complex and vague, making it extremely difficult to purchase with confidence while remaining compliant.
  • Aggressive audit tactics may be used to speed up the move to HANA.

Our Advice

Critical Insight

  • Mapping SAP products to HANA can be highly complex, leading to overspending and an inability to reduce future spend.
  • The deployment model chosen will directly impact commercial pathways forward.
  • Beware of digital (indirect) access licensing and compliance concerns.
  • Without having a holistic negotiation strategy, it is easy to hit a common obstacle and land into SAP’s playbook, requiring further spend.

Impact and Result

  • Build a business case to evaluate S/4HANA.
  • Understand the S/4HANA roadmap and map current functionality to ensure compatibility.
  • Understand negotiating pricing and commercial terms.
  • Learn the “SAP way” of conducting business, which includes a best-in-class sales structure, unique contracts, and license use policies combined with a hyper-aggressive compliance function.

Secrets of SAP S/4HANA Licensing Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should explore the secrets of SAP S/4HANA licensing, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Establish requirements

Determining SAP’s fit within your organization is critical. Start off by building a business case to assess overarching drivers and justification for change, any net new business benefits and long-term sustainability. Oftentimes the ROI is negative, but the investment sets the stage for long-term growth.

2. Evaluate licensing options

Your deployment model is more important than you think. Selecting a deployment model will dictate your licensing options followed by your contractual pathways forward.

  • SAP License Summary and Analysis Tool
  • SAP Digital Access Licensing Pricing Tool

3. Negotiation and license management

Know what’s in the contract. Each customer agreement is different and there may be existing terms that are beneficial. Depending on how much is spent, anything can be up for negation.

  • SAP S/4HANA Terms and Conditions Evaluator
[infographic]

Fast Track Your GDPR Compliance Efforts

  • Buy Link or Shortcode: {j2store}372|cart{/j2store}
  • member rating overall impact (scale of 10): 10.0/10 Overall Impact
  • member rating average dollars saved: $25,779 Average $ Saved
  • member rating average days saved: 30 Average Days Saved
  • Parent Category Name: Governance, Risk & Compliance
  • Parent Category Link: /governance-risk-compliance
  • Organizations often tackle compliance efforts in an ad hoc manner, resulting in an ineffective use of resources.
  • The alignment of business objectives, information security, and data privacy is new for many organizations, and it can seem overwhelming.
  • GDPR is an EU regulation that has global implications; it likely applies to your organization more than you think.

Our Advice

Critical Insight

  • Financial impact isn’t simply fines. A data controller fined for GDPR non-compliance may sue its data processor for damage.
  • Even day-to-day activities may be considered processing. Screen-sharing from a remote location is considered processing if the data shown onscreen contains personal data!
  • This is not simply an IT problem. Organizations that address GDPR in a siloed approach will not be as successful as organizations that take a cross-functional approach.

Impact and Result

  • Follow a robust methodology that applies to any organization and aligns operational and situational GDPR scope. Info-Tech's framework allows organizations to tackle GDPR compliance in a right-sized, methodical approach.
  • Adhere to a core, complex GDPR requirement through the use of our documentation templates.
  • Understand how the risk of non-compliance is aligned to both your organization’s functions and data scope.
  • This blueprint will guide you through projects and steps that will result in quick wins for near-term compliance.

Fast Track Your GDPR Compliance Efforts Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should fast track your GDPR compliance efforts, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Understand your compliance requirements

Understand the breadth of the regulation’s requirements and document roles and responsibilities.

  • Fast Track Your GDPR Compliance Efforts – Phase 1: Understand Your Compliance Requirements
  • GDPR RACI Chart

2. Define your GDPR scope

Define your GDPR scope and prioritize initiatives based on risk.

  • Fast Track Your GDPR Compliance Efforts – Phase 2: Define Your GDPR Scope
  • GDPR Initiative Prioritization Tool

3. Satisfy documentation requirements

Understand the requirements for a record of processing and determine who will own it.

  • Fast Track Your GDPR Compliance Efforts – Phase 3: Satisfy Documentation Requirements
  • Record of Processing Template
  • Legitimate Interest Assessment Template
  • Data Protection Impact Assessment Tool
  • A Guide to Data Subject Access Requests

4. Align your data breach requirements and security program

Document your DPO decision and align security strategy to data privacy.

  • Fast Track Your GDPR Compliance Efforts – Phase 4: Align Your Data Breach Requirements & Security Program

5. Prioritize your GDPR initiatives

Prioritize any initiatives driven out of Phases 1-4 and begin developing policies that help in the documentation effort.

  • Fast Track Your GDPR Compliance Efforts – Phase 5: Prioritize Your GDPR Initiatives
  • Data Protection Policy
[infographic]

Workshop: Fast Track Your GDPR Compliance Efforts

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Understand Your Compliance Requirements

The Purpose

Kick-off the workshop; understand and define GDPR as it exists in your organizational context.

Key Benefits Achieved

Prioritize your business units based on GDPR risk.

Assign roles and responsibilities.

Activities

1.1 Kick-off and introductions.

1.2 High-level overview of weekly activities and outcomes.

1.3 Identify and define GDPR initiative within your organization’s context.

1.4 Determine what actions have been done to prepare; how have regulations been handled in the past?

1.5 Identify key business units for GDPR committee.

1.6 Document business units and functions that are within scope.

1.7 Prioritize business units based on GDPR.

1.8 Formalize stakeholder support.

Outputs

Prioritized business units based on GDPR risk

GDPR Compliance RACI Chart

2 Define Your GDPR Scope

The Purpose

Know the rationale behind a record of processing.

Key Benefits Achieved

Determine who will own the record of processing.

Activities

2.1 Understand the necessity for a record of processing.

2.2 Determine for each prioritized business unit: are you a controller or processor?

2.3 Develop a record of processing for most-critical business units.

2.4 Perform legitimate interest assessments.

2.5 Document an iterative process for creating a record of processing.

Outputs

Initial record of processing: 1-2 activities

Initial legitimate interest assessment: 1-2 activities

Determination of who will own the record of processing

3 Satisfy Documentation Requirements and Align With Your Data Breach Requirements and Security Program

The Purpose

Review existing security controls and highlight potential requirements.

Key Benefits Achieved

Ensure the initiatives you’ll be working on align with existing controls and future goals.

Activities

3.1 Determine the appetite to align the GDPR project to data classification and data discovery.

3.2 Discuss the benefits of data discovery and classification.

3.3 Review existing incident response plans and highlight gaps.

3.4 Review existing security controls and highlight potential requirements.

3.5 Review all initiatives highlighted during days 1-3.

Outputs

Highlighted gaps in current incident response and security program controls

Documented all future initiatives

4 Prioritize GDPR Initiatives

The Purpose

Review project plan and initiatives and prioritize.

Key Benefits Achieved

Finalize outputs of the workshop, with a strong understanding of next steps.

Activities

4.1 Analyze the necessity for a data protection officer and document decision.

4.2 Review project plan and initiatives.

4.3 Prioritize all current initiatives based on regulatory compliance, cost, and ease to implement.

4.4 Develop a data protection policy.

4.5 Finalize key deliverables created during the workshop.

4.6 Present the GDPR project to key stakeholders.

4.7 Workshop executive presentation and debrief.

Outputs

GDPR framework and prioritized initiatives

Data Protection Policy

List of key tools

Communication plans

Workshop summary documentation

Select an EA Tool Based on Business and User Need

  • Buy Link or Shortcode: {j2store}274|cart{/j2store}
  • member rating overall impact (scale of 10): 10.0/10 Overall Impact
  • member rating average dollars saved: $62,999 Average $ Saved
  • member rating average days saved: 18 Average Days Saved
  • Parent Category Name: Architecture Domains
  • Parent Category Link: /architecture-domains
  • A mature EA function is increasingly becoming an organizational priority to drive innovation, provide insight, and define digital capabilities.
  • Proliferation of digital technology has increased complexity, straining the EA function to deliver insights.
  • An EA tool increases the efficiency with which the EA function can deliver insights, but a large number of organizations have not a selected an EA tool that suits their needs.

Our Advice

Critical Insight

  • EA tool value largely comes from tying organizational context and requirements to the selection process.
  • Organizations that have selected an EA tool often fail to have it adopted and show its true value. To ensure successful adoption and value delivery, the EA tool selection process must account for the needs of business stakeholders and tool users.

Impact and Result

  • Link the need for the EA tool to your organization’s EA value proposition. The connection enables the EA tool to address the future needs of stakeholders and the design style of the EA team.
  • Use Info-Tech’s EA Solution Recommendation Tool to create a shortlist of EA tools that is suited to the preferences of the organization.
  • Gather additional information on the shortlist of EA tool vendors to narrow down the selection using the EA Tool Request for Information Template.

Select an EA Tool Based on Business and User Need Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should procure an EA tool in the digital age, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

  • Select an EA Tool Based on Business and User Need – Executive Brief
  • Select an EA Tool Based on Business and User Need – Phases 1-3

1. Make the case

Decide if an EA tool is needed in your organization and define the requirements of EA tool users.

  • Select an EA Tool Based on Business and User Need – Phase 1: Make the Case
  • EA Value Proposition Template
  • EA Tool User Requirements Template

2. Shortlist EA tools

Determine your organization’s preferences in terms of product capabilities and vendor characteristics.

  • Select an EA Tool Based on Business and User Need – Phase 2: Shortlist EA Tools
  • EA Solution Recommendation Tool

3. Select and communicate the process

Gather information on shortlisted vendors and make your final decision.

  • Select an EA Tool Based on Business and User Need – Phase 3: Select and Communicate the Process
  • EA Tool Request for Information Template
  • EA Tool Demo Script Template
  • Request for Proposal (RFP) Template
  • EA Tool Selection Process Template
[infographic]

Streamline Application Maintenance

  • Buy Link or Shortcode: {j2store}402|cart{/j2store}
  • member rating overall impact (scale of 10): 9.5/10 Overall Impact
  • member rating average dollars saved: 20 Average Days Saved
  • member rating average days saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
  • Parent Category Name: Maintenance
  • Parent Category Link: /maintenance
  • Application maintenance teams are accountable for the various requests and incidents coming from a variety business and technical sources. The sheer volume and variety of requests create unmanageable backlogs.
  • The increasing complexity and reliance on technology within the business has set unrealistic expectations on maintenance teams. Stakeholders expect teams to accommodate maintenance without impact on project schedules.

Our Advice

Critical Insight

  • Improving maintenance’s focus and attention may mean doing less but more valuable work. Teams need to be realistic about what can be committed and be prepared to justify why certain requests have to be pushed down the backlog (e.g. lack of business value, high risks).
  • Maintenance must be treated like any other development activity. The same intake and prioritization practices and quality standards must be upheld, and best practices followed.

Impact and Result

  • Justify the necessity of streamlined maintenance. Gain a grounded understanding of stakeholder objectives and concerns, and validate their achievability against the current state of the people, process, and technologies involved in application maintenance.
  • Strengthen triaging and prioritization practices. Obtain a holistic picture of the business and technical impacts, risks, and urgencies of each accepted maintenance requests in order to justify its prioritization and relevance within your backlog. Identify opportunities to bundle requests together or integrate them within project commitments to ensure completion.
  • Establish and govern a repeatable process. Develop a maintenance process with well-defined stage gates, quality controls, and roles and responsibilities, and instill development best practices to improve the success of delivery.

Streamline Application Maintenance Research & Tools

Start here – read the Executive Brief

Read our Executive Brief to understand the common struggles found in application maintenance, their root causes, and the Info-Tech methodology to overcoming these hurdles.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Understand your maintenance priorities

Understand the stakeholder priorities driving changes in your application maintenance practice.

  • Streamline Application Maintenance – Phase 1: Assess the Current Maintenance Landscape
  • Application Maintenance Operating Model Template
  • Application Maintenance Resource Capacity Assessment
  • Application Maintenance Maturity Assessment

2. Instill maintenance governance

Identify the appropriate level of governance and enforcement to ensure accountability and quality standards are upheld across maintenance practices.

  • Streamline Application Maintenance – Phase 2: Develop a Maintenance Release Schedule

3. Enhance triaging and prioritization practices

Build a maintenance triage and prioritization scheme that accommodates business and IT risks and urgencies.

  • Streamline Application Maintenance – Phase 3: Optimize Maintenance Capabilities

4. Streamline maintenance delivery

Define and enforce quality standards in maintenance activities and build a high degree of transparency to readily address delivery challenges.

  • Streamline Application Maintenance – Phase 4: Streamline Maintenance Delivery
  • Application Maintenance Business Case Presentation Document
[infographic]

Workshop: Streamline Application Maintenance

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Understand Your Maintenance Priorities

The Purpose

Understand the business and IT stakeholder priorities driving the success of your application maintenance practice.

Understand any current issues that are affecting your maintenance practice.

Key Benefits Achieved

Awareness of business and IT priorities.

An understanding of the maturity of your maintenance practices and identification of issues to alleviate.

Activities

1.1 Define priorities for enhanced maintenance practices.

1.2 Conduct a current state assessment of your application maintenance practices.

Outputs

List of business and technical priorities

List of the root-cause issues, constraints, and opportunities of current maintenance practice

2 Instill Maintenance Governance

The Purpose

Define the processes, roles, and points of communication across all maintenance activities.

Key Benefits Achieved

An in-depth understanding of all maintenance activities and what they require to function effectively.

Activities

2.1 Modify your maintenance process.

2.2 Define your maintenance roles and responsibilities.

Outputs

Application maintenance process flow

List of metrics to gauge success

Maintenance roles and responsibilities

Maintenance communication flow

3 Enhance Triaging and Prioritization Practices

The Purpose

Understand in greater detail the process and people involved in receiving and triaging a request.

Define your criteria for value, impact, and urgency, and understand how these fit into a prioritization scheme.

Understand backlog management and release planning tactics to accommodate maintenance.

Key Benefits Achieved

An understanding of the stakeholders needed to assess and approve requests.

The criteria used to build a tailored prioritization scheme.

Tactics for efficient use of resources and ideal timing of the delivery of changes.

A process that ensures maintenance teams are always working on tasks that are valuable to the business.

Activities

3.1 Review your maintenance intake process.

3.2 Define a request prioritization scheme.

3.3 Create a set of practices to manage your backlog and release plans.

Outputs

Understanding of the maintenance request intake process

Approach to assess the impact, urgency, and severity of requests for prioritization

List of backlog management grooming and release planning practices

4 Streamline Maintenance Delivery

The Purpose

Understand how to apply development best practices and quality standards to application maintenance.

Learn the methods for monitoring and visualizing maintenance work.

Key Benefits Achieved

An understanding of quality standards and the scenarios for where they apply.

The tactics to monitor and visualize maintenance work.

Streamlined maintenance delivery process with best practices.

Activities

4.1 Define approach to monitor maintenance work.

4.2 Define application quality attributes.

4.3 Discuss best practices to enhance maintenance development and deployment.

Outputs

Taskboard structure and rules

Definition of application quality attributes with user scenarios

List of best practices to streamline maintenance development and deployment

5 Finalize Your Maintenance Practice

The Purpose

Create a target state built from appropriate metrics and attainable goals.

Consider the required items and steps for the implementation of your optimization initiatives.

Key Benefits Achieved

A realistic target state for your optimized application maintenance practice.

A well-defined and structured roadmap for the implementation of your optimization initiatives.

Activities

5.1 Refine your target state maintenance practices.

5.2 Develop a roadmap to achieve your target state.

Outputs

Finalized application maintenance process document

Roadmap of initiatives to achieve your target state

Identify and Manage Financial Risk Impacts on Your Organization

  • Buy Link or Shortcode: {j2store}218|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Vendor Management
  • Parent Category Link: /vendor-management
  • As vendors become more prevalent in organizations, organizations increasingly need to understand and manage the potential financial impacts of vendors’ actions.
  • It is only a matter of time until a vendor mistake impacts your organization. Make sure you are prepared to manage the adverse financial consequences.

Our Advice

Critical Insight

  • Identifying and managing a vendor’s potential financial impact requires multiple people in the organization across several functions – and those people all need educating on the potential risks.
  • Organizational leadership is often unaware of decisions on organizational risk appetite and tolerance, and they assume there are more protections in place against risk impact than there truly are.

Impact and Result

  • Vendor management practices educate organizations on the different potential financial impacts that vendors may incur and suggest systems to help manage them.
  • Prioritize and classify your vendors with quantifiable, standardized rankings.
  • Prioritize focus on your high-risk vendors.
  • Standardize your processes for identifying and monitoring vendor risks to manage financial impacts with our Financial Risk Impact Tool.

Identify and Manage Financial Risk Impacts on Your Organization Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Identify and Manage Financial Risk Impact on Your Organization Deck – Use the research to better understand the negative financial impacts of vendor actions.

Use this research to identify and quantify the potential financial impacts of vendors’ poor performance. Use Info-Tech’s approach to look at the financial impact from various perspectives to better prepare for issues that may arise.

  • Identify and Manage Financial Risk Impacts on Your Organization Storyboard

2. “What If” Financial Risk Impact Tool – Use this tool to help identify and quantify the financial impacts of negative vendor actions.

By playing the “what if” game and asking probing questions to draw out – or eliminate – possible negative outcomes, everyone involved adds their insight into parts of the organization to gather a comprehensive picture of potential impacts.

  • Financial Risk Impact Tool
[infographic]

Further reading

Identify and Manage Financial Risk Impacts on Your Organization

Good vendor management practices help organizations understand the costs of negative vendor actions.

Analyst Perspective

Vendor actions can have significant financial consequences for your organization.

Photo of Frank Sewell, Research Director, Vendor Management, Info-Tech Research Group.

Vendors are becoming more influential and essential to the operation of organizations. Often the sole risk consideration of a business is whether the vendor meets a security standard, but vendors can negatively impact organizations’ budgets in various ways. Fortunately, though inherent risk is always present, organizations can offset the financial impacts of high-risk vendors by employing due diligence in their vendor management practices to help manage the overall risks.

Frank Sewell
Research Director, Vendor Management
Info-Tech Research Group

Executive Summary

Your Challenge

As vendors become more prevalent in organizations, organizations increasingly need to understand and manage the potential financial impacts of vendors’ actions.

It is only a matter of time until a vendor mistake impacts your organization. Make sure you are prepared to manage the adverse financial consequences.

Common Obstacles

Identifying and managing a vendor’s potential financial impact requires multiple people in the organization across several functions – and those people all need educating on the potential risks.

Organizational leadership is often unaware of decisions on organizational risk appetite and tolerance, and they assume there are more protections in place against risk impact than there truly are.

Info-Tech’s Approach

Vendor management practices educate organizations on the different potential financial impacts that vendors may incur and suggest systems to help manage them.

Prioritize and classify your vendors with quantifiable, standardized rankings.

Prioritize focus on your high-risk vendors.

Standardize your processes for identifying and monitoring vendor risks to manage financial impacts with our Financial Risk Impact Tool.

Info-Tech Insight

Companies without good vendor management risk initiatives will take on more risk than they should. Solid vendor management practices are imperative –organizations must evolve to ensure that vendors deliver services according to performance objectives and that risks are managed accordingly.

Info-Tech’s multi-blueprint series on vendor risk assessment

There are many individual components of vendor risk beyond cybersecurity.

Cube with each multiple colors on each face, similar to a Rubix cube, and individual components of vendor risk branching off of it: 'Financial', 'Reputational', 'Operational', 'Strategic', 'Security', and 'Regulatory & Compliance'.

This series will focus on the individual components of vendor risk and how vendor management practices can facilitate organizations’ understanding of those risks.

Out of scope:
This series will not tackle risk governance, determining overall risk tolerance and appetite, or quantifying inherent risk.

Financial risk impact

Potential losses to the organization due to financial risks

In this blueprint, we’ll explore financial risks and their impacts.

Identifying negative actions is paramount to assessing the overall financial impact on your organization, starting in the due diligence phase of the vendor assessment and continuing throughout the vendor lifecycle.

Cube with each multiple colors on each face, similar to a Rubix cube, and the vendor risk component 'Financial' highlighted.

Unbudgeted financial risk impact

The costs of adverse vendor actions, such as a breach or an outage, are increasing. By knowing these potential costs, leaders can calculate how to avoid them throughout the lifecycle of the relationship.

Loss of business represents the largest share of the breach

38%

Avg. $1.59M
Global average cost of a vendor breach

$4.2M

Percentage of breaches in 2020 caused by business associates

40.2%

23.2% YoY
(year over year)
(Source: “Cost of a Data Breach Report 2021,” IBM, 2021) (Source: “Vendor Risk Management – A Growing Concern,” Stern Security, 2021)

Example: Hospital IT System Outage

Hospitals often rely on vendors to manage their data center environments but rarely understand the downstream financial impacts if that vendor fails to perform.

For example, a vendor implements a patch out of cycle with no notice to the IT group. Suddenly all IT systems are down. It takes 12 hours for the IT teams to return systems to normal. The downstream impacts are substantial.

  • There is no revenue capture during outage (patient registration, payments).
    • The financial loss is significant, impacting cash on hand and jeopardizing future projects.
  • Clinicians cannot access the electronic health record (EHR) system and shift to downtime paper processes.
    • This can cause potential risks to patient health, such as unknown drug interactions.
    • This could also incur lawsuits, fines, and penalties.
  • Staff must manually add the paper records into the EHR after the incident is corrected.
    • Staff time is lost on creating paper records and overtime is required to reintroduce those records into EMR.
  • Staff time and overtime pay on troubleshooting and solving issues take away from normal operations and could cause delays, having downstream effects on the timing of other projects.

Insight Summary

Assessing financial impacts is an ongoing, educative, and collaborative multidisciplinary process that vendor management initiatives are uniquely designed to coordinate and manage for organizations.

Insight 1 Vendors are becoming more and more crucial to organizations’ overall operations, and most organizations have a poor understanding of the potential impacts they represent.

Is your vendor solvent? Do they have enough staff to accommodate your needs? Has their long-term planning been affected by changes in the market? Are they unique in their space?

Insight 2 Financial impacts from other risk types deserve just as much focus as security alone, if not more.

Examples include penalties and fines, loss of revenue due to operational impacts, vendor replacement costs, hidden costs in poorly understood contracts, and lack of contractual protections.

Insight 3 There is always an inherent risk in working with a vendor, but organizations should financially quantify how much each risk may impact their budget.

A significant concern for organizations is quantifying different types of risks. When a risk occurs, the financial losses are often poorly understood, with unbudgeted financial impacts.

Three stages of vendor financial risk assessment

Assess risk throughout the complete vendor lifecycle

  1. Pre-Relationship Due Diligence: The initial pre-relationship due diligence stage is a crucial point to establish risk management practices. Vendor management practices ensure that a potential vendor’s risk is categorized correctly by facilitating the process of risk assessment.
  2. Monitor & Manage: Once the relationship is in place, organizations should enact ongoing management efforts to ensure they are both getting their value from the vendor and appropriately addressing any newly identified risks.
  3. Termination: When the termination of the relationship arrives, the organization should validate that adequate protections that were established while forming a contract in the pre-relationship stage remain in place.

Inherent risks from negative actions are pervasive throughout the entire vendor lifecycle. Collaboratively understanding those risks and working together to put proper management in place enables organizations to get the most value out of the relationship with the least amount of risk.

Flowchart for 'Assessing Financial Risk Impacts', beginning with 'New Vendor' to 'Sourcing' to the six components of 'Vendor Management'. After a gamut of assessments such as ''What If' Game' one can either 'Accept' to move on to 'Pre-Relationship', 'Monitor & Manage', and eventually to 'Termination', or not accept and circle back to 'Sourcing'.

Stage 1: Pre-relationship assessment

Do these as part of your due diligence

  • Review and negotiate contract terms and conditions.
    • Ensure that you have the protections to make you whole in the event of an incident, in the event that another entity purchases the vendor, and throughout the entire lifecycle of your relationship with the vendor.
    • Make sure to negotiate your post-termination protections in the initial agreement.
  • Perform a due-diligence financial assessment.
    • Make sure the vendor is positioned in the market to be able to service your organization.
  • Perform an initial risk assessment.
    • Identify and understand all potential factors that may cause financial impacts to your organization.
    • Include total cost of ownership (TCO) and return of investment (ROI) as potential impact offsets.
  • Review case studies – talk to other customers.
    • Research who else has worked with the vendor to get “the good, the bad, and the ugly” stories to form a clear picture of a potential relationship with the vendor.
  • Use proofs of concept.
    • It is essential to know how the vendor and their solutions will work in the environment before committing resources and to incorporate them into organizational strategic plans.
  • Limit vendors’ ability to increase costs over the years. It is not uncommon for a long-term relationship to become more expensive than a new one over time when the increases are unmanaged.
  • Vendor audits can be costly and a significant distraction to your staff. Make sure to contractually limit them.
  • Many vendors enjoy significant revenue from unclear deliverables and vague expectations that lead to change requests at unknown rates – clarifying expectations and deliverables and demanding negotiated rate sheets before engagement will save budget and strengthen the relationship.

Visit Info-Tech’s VMO ROI Calculator and Tracker

The “what if” game

1-3 hours

Input: List of identified potential risk scenarios scored by likelihood and financial impact, List of potential management of the scenarios to reduce the risk

Output: Comprehensive financial risk profile on the specific vendor solution

Materials: Whiteboard/flip charts, Financial Risk Impact Tool to help drive discussion

Participants: Vendor Management – Coordinator, IT Operations, Legal/Compliance/Risk Manager, Finance/Procurement

Vendor management professionals are in an excellent position to collaboratively pull together resources across the organization to determine potential risks. By playing the “what if” game and asking probing questions to draw out – or eliminate – possible negative outcomes, everyone involved adds their insight into parts of the organization to gather a comprehensive picture of potential impacts.

  1. Break into smaller groups (or if too small, continue as a single group).
  2. Use the Financial Risk Impact Tool to prompt discussion on potential risks. Keep this discussion flowing organically to explore all potential risks but manage the overall process to keep the discussion on track.
  3. Collect the outputs and ask the subject matter experts for management options for each one in order to present a comprehensive risk strategy. You will use this to educate senior leadership so that they can make an informed decision to accept or reject the solution.

Download the Financial Risk Impact Tool

Stage 2.1: Monitor the financial risk

Ongoing monitoring activities

Never underestimate the value of keeping the relationship moving forward.

Examples of items and activities to monitor include;

Stock photo of a worker being trained on a computer.
  • Fines
  • Data leaks
  • Performance
  • Credit monitoring
  • Viability/solvency
  • Resource capacity
  • Operational impacts
  • Regulatory penalties
  • Increases in premiums
  • Security breaches (infrastructure)

Info-Tech Insight

Many organizations do not have the resources to dedicate to annual risk assessments of all vendors.

Consider timing ongoing risk assessments to align with contract renewal, when you have the most leverage with the vendor.

Visit Info-Tech’s Risk Register Tool

Stage 2.2: Manage the financial risk

During the lifecycle of the vendor relationship

  • Renew risk assessments annually.
  • Focus your efforts on highly ranked risks.
  • Is there a new opportunity to negotiate?
  • Identify and classify individual vendor risk.
  • Are there better existing contracts in place?
  • Review financial health checks at the same time.
  • Monitor and schedule contract renewals and new service/module negotiations.
  • Perform business alignment meetings to reassess the relationship.
  • Ongoing operational meetings should be supplemental, dealing with day-to-day issues.
  • Develop performance metrics and hold vendors accountable to established service levels.
Stock image of a professional walking an uneven line over the words 'Risk Management'.

Stage 3: Termination

An essential and often overlooked part of the vendor lifecycle is the relationship after termination

  • The risk of a vendor keeping your data for “as long as they want” is high.
    • Data retention becomes a “forever risk” in today’s world of cyber issues if you do not appropriately plan.
  • Ensure that you always know where data resides and where people are allowed to access that data.
    • If there is a regulatory need to house data only in specific locations, ensure that it is explicit in agreements.
  • Protect your data through language in initial agreements that covers what needs to happen when the relationship with the vendor terminates.
    • Typically, all the data that the vendor has retained is returned and/or destroyed at your sole discretion.
Stock image of a sign reading 'Closure'.

Related Info-Tech Research

Stock photo of two co-workers laughing. Design and Build an Effective Contract Lifecycle Management Process
  • Achieve measurable savings in contract time processing, financial risk avoidance, and dollar savings
  • Understand how to identify and mitigate risk to save the organization time and money.
Stock image of reports and file folders. Identify and Reduce Agile Contract Risk
  • Manage Agile contract risk by selecting the appropriate level of protections for an Agile project.
  • Focus on the correct contract clauses to manage Agile risk.
Stock photo of three co-workers gathered around a computer screen. Jump Start Your Vendor Management Initiative
  • Vendor management must be an IT strategy. Solid vendor management is an imperative – IT organizations must develop capabilities to ensure that services are delivered by vendors according to service level objectives and that risks are mitigated according to the organization's risk tolerance.
  • Gain visibility into your IT vendor community. Understand how much you spend with each vendor and rank their criticality and risk to focus on the vendors you should be concentrating on for innovative solutions.

External audit company

External IT audit of your company

Based on experience
Implementable advice
human-based and people-oriented

Do you seek an external expert to help you prepare for a thorough IT audit of your company? Tymans Group serves as a consulting company with extensive expertise in helping small and medium enterprises. Read on and learn more about how our consulting firm can help your company with an external IT audit.

Why should you organize an external IT audit of your company?

Regularly preparing for an IT audit of your company with the help of of an experienced consultancy company like Tymans Group is a great way to discover any weaknesses within your IT and data security management systems, as well as your applications and data architecture, before the real audits by your regulator happen After all, you can only tackle any possible issues when you know their exact nature and origin. Additionally, the sooner you are aware of any security threats in your company thanks to an external audit, the smaller the chances outside forces will be able to take advantage of these threats to harm your business.

Security and risk management

Our security and risk services

Security strategy

Security Strategy

Embed security thinking through aligning your security strategy to business goals and values

Read more

Disaster Recovery Planning

Disaster Recovery Planning

Create a disaster recovey plan that is right for your company

Read more

Risk Management

Risk Management

Build your right-sized IT Risk Management Program

Read more

Check out all our services

Receive practical solutions when using our guides to prepare you for an external audit.

If you hire our consultancy firm to prepare for an external IT audit in your firm, our guides will allow you to thoroughly analyze your systems and protocols to discover flaws and threats. Based on this analysis, your firm will receive concrete advice and practical solutions on dealing with the findings of in advance of an external audit. Besides identifying threats, the findings of will also offer your business insights in possible optimizations and processes which could benefit from automation. As such, you benefit from our consultancy company’s extensive experience in corporate security management and IT.

Book an appointment with our consultancy company to get ahead of an external audit.

If you hire our consulting company to help you prepare for an IT audit of your firm, you will receive guides that enable you to make a critical analysis of your IT security, as well as practical solutions based on our holistic approach. We are happy to tell you more about our services for small and medium business and to offer insights into any issues you may be facing. Our help is available offline and online, through one-hour talks with our expert Gert Taeymans. Contact us to set up an appointment online or on-site now.

Continue reading

Manage Poor Performance While Working From Home

  • Buy Link or Shortcode: {j2store}599|cart{/j2store}
  • member rating overall impact (scale of 10): 9.0/10 Overall Impact
  • member rating average dollars saved: $1,600 Average $ Saved
  • member rating average days saved: 18 Average Days Saved
  • Parent Category Name: Manage & Coach
  • Parent Category Link: /manage-coach
  • For many, emergency WFH comes with several new challenges such as additional childcare responsibilities, sudden changes in role expectations, and negative impacts on wellbeing. These new challenges, coupled with previously existing ones, can result in poor performance. Owing to the lack of physical presence and cues, managers may struggle to identify that an employee’s performance is suffering. Even after identifying poor performance, it can be difficult to address remotely when such conversations would ideally be held in person.

Our Advice

Critical Insight

  • Poor performance must be managed, despite the pandemic. Evaluating root causes of performance issues is more important than ever now that personal factors such as lack of childcare and eldercare for those working from home are complicating the issue.

Impact and Result

  • Organizations need to have a clear process for improving performance for employees working remotely during the COVID-19 pandemic. Provide managers with resources to help them identify performance issues and uncover their root causes as part of addressing overall performance. This will allow managers to connect employees with the required support while working with them to improve performance.

Manage Poor Performance While Working From Home Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Follow the remote performance improvement process

Determine how managers can identify poor performance remotely and help them navigate the performance improvement process while working from home.

  • Manage Poor Performance While Working From Home Storyboard
  • Manage Poor Performance While Working From Home: Manager Guide
  • Manage Poor Performance While Working From Home: Infographic

2. Clarify roles and leverage resources

Clarify roles and responsibilities in the performance improvement process and tailor relevant resources.

  • Wellness and Working From Home
[infographic]

Further reading

Manage Poor Performance While Working From Home

Assess and improve remote work performance with our ready-to-use tools.

Executive Summary

McLean & Company Insight

Poor performance must be managed, despite the pandemic. Evaluating root causes of performance issues is more important than ever now that personal factors such as lack of childcare and eldercare for those working from home are complicating the issue.

Situation

COVID-19 has led to a sudden shift to working from home (WFH), resulting in a 72% decline in in-office work (Ranosa, 2020). While these uncertain times have disrupted traditional work routines, employee performance remains critical, as it plays a role in determining how organizations recover. Managers must not turn a blind eye to performance issues but rather must act quickly to support employees who may be struggling.

Complication

For many, emergency WFH comes with several new challenges such as additional childcare responsibilities, sudden changes in role expectations, and negative impacts on wellbeing. These new challenges, coupled with previously existing ones, can result in poor performance. Owing to the lack of physical presence and cues, managers may struggle to identify that an employee’s performance is suffering. Even after identifying poor performance, it can be difficult to address remotely when such conversations would ideally be held in person.

Solution

Organizations need to have a clear process for improving performance for employees working remotely during the COVID-19 pandemic. Provide managers with resources to help them identify performance issues and uncover their root causes as part of addressing overall performance. This will allow managers to connect employees with the required support while working with them to improve performance.

Manage Poor Performance While Working From Home is made up of the following resources:

1

Identify

2

Initiate

3

Deploy

4

a) Follow Up
b) Decide
Storyboard

This storyboard is organized by the four steps of the performance improvement process: identify, initiate, deploy, and follow up/decide. These will appear on the left-hand side of the slides as a roadmap.

The focus is on how HR can design the process for managing poor performance remotely and support managers through it while emergency WFH measures are in place. Key responsibilities, email templates, and relevant resources are included at the end.

Adapt the process as necessary for your organization.

Manager Guide

The manager guide contains detailed advice for managers on navigating the process and focuses on the content of remote performance discussions.

It consists of the following sections:

  • Identifying poor performance.
  • Conducting performance improvement discussions.
  • Uncovering and addressing root causes of poor performance.
Manager Infographic

The manager infographic illustrates the high-level steps of the performance improvement process for managers in a visually appealing and easily digestible manner.

This can be used to easily outline the process, providing managers with a resource to quickly reference as they navigate the process with their direct reports.

In this blueprint, “WFH” and “remote working” are used interchangeably.

This blueprint will not cover the performance management framework; it is solely focused on managing performance issues.

For information on adjusting the regular performance management process during the pandemic, see Performance Management for Emergency Work-From-Home.

Identify how low performance is normally addressed

A process for performance improvement is not akin to outlining the steps of a performance improvement plan (PIP). The PIP is a development tool used within a larger process for performance improvement. Guidance on how to structure and use a PIP will be provided later in this blueprint.

Evaluate how low performance is usually brought to the attention of HR in a non-remote situation:
  • Do managers approach HR for an employee transfer or PIP without having prior performance conversations with the employee?
  • Do managers come to HR when they need support in developing an employee in order to meet expectations?
  • Do managers proactively reach out to HR to discuss appropriate L&D for staff who are struggling?
  • Do some departments engage with the process while others do not?
Poor performance does not signal the immediate need to terminate an employee. Instead, managers should focus on helping the struggling employee to develop so that they may succeed.
Evaluate how poor performance is determined:
  • Do managers use performance data or concrete examples?
  • Is it based on a subjective assessment by the manager?
Keep in mind that “poor performance” now might look different than it did before the pandemic. Employees must be aware of the current expectations placed on them before they can be labeled as underperforming – and the performance expectations must be assessed to ensure they are realistic.

For information on adjusting performance expectations during the pandemic, see Performance Management for Emergency Work-From-Home.

The process for non-union and union employees will likely differ. Make sure your process for unionized employees aligns with collective agreements.

Determine how managers can identify poor performance of staff working remotely

1

Identify

2

Initiate

3

Deploy

4

a) Follow Up
b) Decide
Identify: Determine how managers can identify poor performance.
In person, it can be easy to see when an employee is struggling by glancing over at their desk and observing body language. In a remote situation, this can be more difficult, as it is easy to put on a brave face for the half-hour to one-hour check-in. Advise managers on how important frequent one-one-ones and open communication are in helping identify issues when they arise rather than when it’s too late.

Managers must clearly document and communicate instances where employees aren’t meeting role expectations or are showing other key signs that they are not performing at the level expected of them.

What to look for:
  • PM data/performance-related assessments
  • Continual absences
  • Decreased quality or quantity of output
  • Frequent excuses (e.g. repeated internet outages)
  • Lack of effort or follow-through
  • Missed deadlines
  • Poor communication or lack of responsiveness
  • Failure to improve
It’s crucial to acknowledge an employee might have an “off week” or need time to adjust to working from home, which can be addressed with performance management techniques. Managers should move into the process for performance improvement when:
  • Performance fluctuates frequently or significantly.
  • Performance has dropped for an extended period of time.
  • Expectations are consistently not being met.

While it’s important for managers to keep an eye out for decreased performance, discourage them from over-monitoring employees, as this can lead to a damaging environment of distrust.

Support managers in initiating performance conversations and uncovering root causes

1

Identify

2

Initiate

3

Deploy

4

a) Follow Up
b) Decide
Initiate: Require that managers have several conversations about low performance with the employee.
Before using more formal measures, ensure managers take responsibility for connecting with the employee to have an initial performance conversation where they will make the performance issue known and try to diagnose the root cause of the issue.

Coach managers to recognize behaviors associated with the following performance inhibitors:

Personal Factors

Personal factors, usually outside the workplace, can affect an employee’s performance.

Lack of clarity

Employees must be clear on performance expectations before they can be labeled as a poor performer.

Low motivation

Lack of motivation to complete work can impact the quality of output and/or amount of work an employee is completing.

Inability

Resourcing, technology, organizational change, or lack of skills to do the job can all result in the inability of an employee to perform at their best.

Poor people skills

Problematic people skills, externally with clients or internally with colleagues, can affect an employee’s performance or the team’s engagement.

Personal factors are a common performance inhibitor due to emergency WFH measures. The decreased divide between work and home life and the additional stresses of the pandemic can bring up new cases of poor performance or exacerbate existing ones. Remind managers that all potential root causes should still be investigated rather than assuming personal factors are the problem and emphasize that there can be more than one cause.

Ensure managers continue to conduct frequent performance conversations

Once an informal conversation has been initiated, the manager should schedule frequent one-on-one performance conversations (above and beyond performance management check-ins).

1

Identify

2

Initiate

3

Deploy

4

a) Follow Up
b) Decide
Explain to managers the purpose of these discussions is to:
  • Continue to probe for root causes.
  • Reinforce role expectations and performance targets.
  • Follow up on any improvements.
  • Address the performance issue and share relevant resources (e.g. HR or employee assistance program [EAP]).
Given these conversations will be remote, require managers to:
  • Use video whenever possible to read physical cues and body language.
  • Bookend the conversation. Starting each meeting by setting the context for the discussion and finishing with the employee reiterating the key takeaways back will ensure there are no misunderstandings.
  • Document the conversation and share with HR. This provides evidence of the conversations and helps hold managers accountable.
What is HR’s role? HR should ensure that the manager has had multiple conversations with the employee before moving to the next step. Furthermore, HR is responsible for ensuring manages are equipped to have the conversations through coaching, role-playing, etc.

For more information on the content of these conversations or for material to leverage for training purposes, see Manage Poor Performance While Working From Home: Manager Guide.

McLean & Company Insight

Managers are there to be coaches, not therapists. Uncovering the root cause of poor performance will allow managers to pinpoint supports needed, either within their expertise (e.g. coaching, training, providing flexible hours) or by directing the employee to proper external resources such as an EAP.

Help managers use formal performance improvement tools with remote workers

1

Identify

2

Initiate

3

Deploy

4

a) Follow Up
b) Decide
Deploy: Use performance improvement tools.
If initial performance conversations were unsuccessful and performance does not improve, refer managers to performance improvement tools:
  • Suggest any other available support and resources they have not yet recommended (e.g. EAP).
  • Explore options for co-creation of a development plan to increase employee buy-in. If the manager has been diligent about clarifying role expectations, invite the employee to put together their own action plan for meeting performance goals. This can then be reviewed and finalized with the manager.
  • Have the manager use a formal PIP for development and to get the employee back on track. Review the development plan or PIP with the manager before they share it with the employee to ensure it is clear and has time bound, realistic goals for improvement.
Using a PIP solely to avoid legal trouble and terminate employees isn’t true to its intended purpose. This is what progressive discipline is for.In the case of significant behavior problems, like breaking company rules or safety violations, the manager will likely need to move to progressive discipline. HR should advise managers on the appropriate process.

When does the issue warrant progressive discipline? If the action needs to stop immediately, (e.g. threatening or inappropriate behavior) and/or as outlined in the collective agreement.

Clarify remote PIP stages and best practices

1

Identify

2

Initiate

3

Deploy

4

a) Follow Up
b) Decide
Sample Stages:
1. Written PIP
  • HR reviews and signs off on PIP
  • Manager holds meeting to provide employee with PIP
  • Employee reviews the PIP
  • Manager and employee provide e-signatures
  • Signed PIP is given to HR
2. Possible Extension
3. Final Notice
  • Manager provides employee with final notice if there has been no improvement in agreed time frame
  • Copy of signed final notice letter given to HR

Who is involved?

The manager runs the meeting with the employee. HR should act as a support by:

  • Ensuring the PIP is clear, aligned with the performance issue, and focused on development, prior to the meeting.
  • Pointing to resources and making themselves available prior to, during, and after the meeting.
    • When should HR be involved? HR should be present in the meeting if the manager has requested it or if the employee has approached HR beforehand with concerns about the manager. Keep in mind that if the employee sees HR has been unexpectedly invited to the video call, it could add extra stress for them.
  • Reviewing documentation and ensuring expectations and the action plan are reasonable and realistic.

Determine the length of the PIP

  • The length of the initial PIP will often depend on the complexity of the employee’s role and how long it will reasonably take to see improvements. The minimum (before a potential extension) should be 30-60 days.
  • Ensure the action plan takes sustainment into account. Employees must be able to demonstrate improvement and sustain improved performance in order to successfully complete a PIP.

Timing of delivery

Help the manager determine when the PIP meeting will occur (what day, time of day). Take into account the schedule of the employee they will be meeting with (e.g. avoid scheduling right before an important client call).

1

Identify

2

Initiate

3

Deploy

4

a) Follow Up
b) Decide

Follow up: If the process escalated to step 3 and is successful.

What does success look like? Performance improvement must be sustained after the PIP is completed. It’s not enough to simply meet performance improvement goals and expectations; the employee must continue to perform.

Have the manager schedule a final PIP review with the employee. Use video, as this enables the employee and manager to read body language and minimize miscommunication/misinterpretation.

  • If performance expectations have been met, instruct managers to document this in the PIP, inform the employee they are off the PIP, and provide it to HR.

The manager should also continue check-ins with the employee to ensure sustainment and as part of continued performance management.

  • Set a specific timeline, e.g. every two weeks or every month. Choose a cadence that works best for the manager and employee.

OR

Decide: Determine action steps if the process is unsuccessful.

If at the end of step 3 performance has not sufficiently improved, the organization (HR and the manager) should either determine if the employee could/should be temporarily redeployed while the emergency WFH is still in place, if a permanent transfer to a role that is a better fit is an option, or if the employee should be let go.

See the Complete Manual for COVID-19 Layoffs blueprint for information on layoffs in remote environments.

Managers, HR, and employees all have a role to play in performance improvement

Managers
  • Identify the outcomes the organization is looking for and clearly outline and communicate the expectations for the employee’s performance.
  • Diagnose root cause(s) of the performance issue.
  • Support employee through frequent conversations and feedback.
  • Coach for improved performance.
  • Visibly recognize and broadcast employee achievements.
Employees
  • Have open and honest conversations with their manager, acknowledge their accountability, and be receptive to feedback.
  • Set performance goals to meet expectations of the role.
  • Prepare for frequent check-ins regarding improvement.
  • Seek support from HR as required.
HR
  • Provide managers with a process, training, and support to improve employee performance.
  • Coach managers to ensure employees have been made aware of their role expectations and current performance and given specific recommendations on how to improve.
  • Reinforce the process for improving employee performance to ensure that adequate coaching conversations have taken place before the formal PIP.
  • Coach employees on how to approach their manager to discuss challenges in meeting expectations.

HR should conduct checkpoints with both managers and employees in cases where a formal PIP was initiated to ensure the process for performance improvement is being followed and to support both parties in improving performance.

Email templates

Use the templates found on the next slides to draft communications to employees who are underperforming while working from home.

Customize all templates with relevant information and use them as a guide to further tailor your communication to a specific employee.

Customization Recommendations

Review all slides and adjust the language or content as needed to suit the needs of the employee, the complexity of their role, and the performance issue.

  • The pencil icon to the left denotes slides requiring customization of the text. Customize text in grey font and be sure to convert all font to black when you are done.

Included Templates

  1. Performance Discussion Follow-Up
  2. PIP Cover Letter

This template is not a substitute for legal advice. Ensure you consult with your legal counsel, labor relations representative, and union representative to align with collective agreements and relevant legislation.

Sample Performance Discussion Follow-Up

Hello [name],

Thank you for the commitment and eagerness in our meeting yesterday.

I wanted to recap the conversation and expectations for the month of [insert month].

As discussed, you have been advised about your recent [behavior, performance, attendance, policy, etc.] where you have demonstrated [state specific issue with detail of behavior/performance of concern]. As per our conversation, we’ll be working on improvement in this area in order to meet expectations set out for our employees.

It is expected that employees [state expectations]. Please do not hesitate to reach out to me if there is further clarification needed or you if you have any questions or concerns. The management team and I are committed to helping you achieve these goals.

We will do a formal check-in on your progress every [insert day] from [insert time] to review your progress. I will also be available for daily check-ins to support you on the right track. Additionally, you can book me in for desk-side coaching outside of my regular desk-side check-ins. If there is anything else I can do to help support you in hitting these goals, please let me know. Other resources we discussed that may be helpful in meeting these objectives are [summarize available support and resources]. By working together through this process, I have no doubt that you can be successful. I am here to provide support and assist you through this.

If you’re unable to show improvements set out in our discussion by [date], we will proceed to a formal performance measure that will include a performance improvement plan. Please let me know if you have any questions or concerns; I am here to help.

Please acknowledge this email and let me know if you have any questions.

Thank you,

PIP Cover Letter

Hello [name] ,

This is to confirm our meeting on [date] in which we discussed your performance to date and areas that need improvement. Please find the attached performance improvement plan, which contains a detailed action plan that we have agreed upon to help you meet role expectations over the next [XX days]. The aim of this plan is to provide you with a detailed outline of our performance expectations and provide you the opportunity to improve your performance, with our support.

We will check in every [XX days] to review your progress. At the end of the [XX]-day period, we will review your performance against the role expectations set out in this performance improvement plan. If you don’t meet the performance requirements in the time allotted, further action and consequences will follow.

Should you have any questions about the performance improvement plan or the process outlined in this document, please do not hesitate to discuss them with me.

[Employee name], it is my personal objective to help you be a fully productive member of our team. By working together through this performance improvement plan, I have no doubt that you can be successful. I am here to provide support and assist you through the process. At this time, I would also like to remind you about the [additional resources available at your organization, for example, employee assistance program or HR].

Please acknowledge this email and let me know if you have any questions.

Thank you,

Prepare and customize manager guide and resources

Sample of Manage Poor Performance While Working From Home: Manager Guide. Manage Poor Performance While Working From Home: Manager Guide

This tool for managers provides advice on navigating the process and focuses on the content of remote performance discussions.

Sample of Set Meaningful Employee Performance Measures. Set Meaningful Employee Performance Measures

See this blueprint for information on setting holistic measures to inspire employee performance.

Sample of Manage Poor Performance While Working From Home: Infographic. Manage Poor Performance While Working From Home: Infographic

This tool illustrates the high-level steps of the performance improvement process.

Sample of Wellness and Working From Home: Infographic. Wellness and Working From Home: Infographic

This tool highlights tips to manage physical and mental health while working from home.

Sample of Build a Better Manager: Team Essentials. Build a Better Manager: Team Essentials

See this solution set for more information on kick-starting the effectiveness of first-time IT managers with essential management skills.

Sample of Leverage Agile Goal Setting for Improved Employee Engagement & Performance. Leverage Agile Goal Setting for Improved Employee Engagement & Performance

See this blueprint for information on dodging the micromanaging foul and scoring with agile short-term goal setting.

Bibliography

Arringdale, Chris. “6 Tips For Managers Trying to Overcome Performance Appraisal Anxiety.” TLNT. 18 September 2015. Accessed 2018.

Borysenko, Karlyn. “What Was Management Thinking? The High Cost of Employee Turnover.” Talent Management and HR. 22 April 2015. Accessed 2018.

Cook, Ian. “Curbing Employee Turnover Contagion in the Workplace.” Visier. 20 February 2018. Accessed 2018.

Cornerstone OnDemand. Toxic Employees in the Workplace. Santa Monica, California: Cornerstone OnDemand, 2015. Web.

Dewar, Carolyn and Reed Doucette. “6 elements to create a high-performing culture.” McKinsey & Company. 9 April 2018. Accessed 2018.

Eagle Hill. Eagle Hill National Attrition Survey. Washington, D.C.: Eagle Hill, 2015. Web.

ERC. “Performance Improvement Plan Checklist.” ERC. 21 June 2017. Accessed 2018.

Foster, James. “The Impact of Managers on Workplace Engagement and Productivity.” Interact. 16 March 2017. Accessed 2018.

Godwins Solicitors LLP. “Employment Tribunal Statistics for 2015/2016.” Godwins Solicitors LLP. 8 February 2017. Accessed 2018.

Mankins, Michael. “How to Manage a Team of All-Stars.” Harvard Business Review. 6 June 2017. Accessed 2018.

Maxfield, David, et al. The Value of Stress-Free Productivity. Provo, Utah: VitalSmarts, 2017. Web.

Murphy, Mark. “Skip Your Low Performers When Starting Performance Appraisals.” Forbes. 21 January 2015. Accessed 2018.

Quint. “Transforming into a High Performance Organization.” Quint Wellington Redwood. 16 November 2017. Accessed 2018.

Ranosa, Rachel. "COVID -19: Canadian Productivity Booms Despite Social Distancing." Human Resources Director, 14 April 2020. Accessed 2020.

Evolve Your Business Through Innovation

  • Buy Link or Shortcode: {j2store}330|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Innovation
  • Parent Category Link: /innovation
  • Innovation teams are tasked with the responsibility of ensuring that their organizations are in the best position to succeed while the world is in a period of turmoil, chaos, and uncertainty.
  • CIOs have been expected to help the organization transition to remote work and collaboration instantaneously.
  • CEOs are under pressure to redesign, and in some cases reinvent, their business model to cope with and compete in a new normal.

Our Advice

Critical Insight

It is easy to get swept up during a crisis and cling to past notions of normal. Unfortunately, there is no controlling the fact that things have changed fundamentally, and it is now incumbent upon you to help your organization adapt and evolve. Treat this as an opportunity because that is precisely what this is.

Impact and Result

There are some lessons we can learn from innovators who have succeeded through past crises and from those who are succeeding now.

There are a number of tactics an innovation team can employ to help their business evolve during this time:

  1. Double down on digital transformation (DX)
  2. Establish a foresight capability
  3. Become a platform for good

Evolve Your Business Through Innovation Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Evolve your business through innovation

Download our guide to learn what you can do to evolve your business and innovate your way through uncertainty.

  • Evolve Your Business Through Innovation Storyboard
[infographic]

IT Metrics and Dashboards During a Pandemic

  • Buy Link or Shortcode: {j2store}118|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Performance Measurement
  • Parent Category Link: /performance-measurement

The ways you measure success as a business are based on the typical business environment, but during a crisis like a pandemic, the business environment is rapidly changing or significantly different.

  • How do you assess the scope of the risk?
  • How do you quickly align your team to manage new risks?
  • How do you remain flexible enough to adapt to a rapidly changing situation?

Our Advice

Critical Insight

Measure what you have the data for and focus on managing the impacts to your employees, customers, and suppliers. Be willing to make decisions based on imperfect data. Don’t forget to keep an eye on the long-term objectives and remember that how you act now can reflect on your business for years to come.

Impact and Result

Use Info-Tech’s approach to:

  • Quickly assess the risk and identify critical items to manage.
  • Communicate what your decisions are based on so teams can either quickly align or challenge conclusions made from the data.
  • Quickly adjust your measures based on new information or changing circumstances.
  • Use the tools you already have and keep it simple.

IT Metrics and Dashboards During a Pandemic Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out how to develop your temporary crisis dashboard.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Consider your organizational goals

Identify the short-term goals for your organization and reconsider your long-term objectives.

  • Crisis Temporary Measures Dashboard Tool

2. Build a temporary data collection and dashboard method

Determine your tool for data collection and your data requirements and collect initial data.

3. Implement a cadence for review and action

Determine the appropriate cadence for reviewing the dashboard and action planning.

[infographic]

Design Your Cloud Operations

  • Buy Link or Shortcode: {j2store}462|cart{/j2store}
  • member rating overall impact (scale of 10): 10.0/10 Overall Impact
  • member rating average dollars saved: 20 Average Days Saved
  • member rating average days saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
  • Parent Category Name: Operations Management
  • Parent Category Link: /i-and-o-process-management
  • Traditional IT capabilities, activities, organizational structures, and culture need to adjust to leverage the value of cloud, optimize spend, and manage risk.
  • Different stakeholders across previously separate teams rely on one another more than ever, but rules of engagement do not yet exist.

Our Advice

Critical Insight

Define your target cloud operations state first, then plan how to get there. If you begin by trying to reconstruct on-prem operations in the cloud, you will build an operations model that is the worst of both worlds.

Impact and Result

  • Assess your key workflows’ maturity for life in the cloud and evaluate your readiness and need for new ways of working
  • Identify the work that must be done to deliver value in cloud services
  • Design your cloud operations framework and communicate it clearly and succinctly to secure buy-in

Design Your Cloud Operations Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Design Your Cloud Operations Deck – A step-by-step storyboard to help guide you through the activities and tools in this project.

This storyboard will help you assess your cloud maturity, understand relevant ways of working, and create a meaningful design of your cloud operations that helps align team members and stakeholders.

  • Design Your Cloud Operations – Storyboard
  • Cloud Operations Design Sketchbook
  • Roadmap Tool

2. Planning and design tools.

Use these templates and tools to assess your current state, design the cloud operations organizing framework, and create a roadmap.

  • Cloud Maturity Assessment

3. Communication tools.

Use these templates and tools to plan how you will communicate changes to key stakeholders and communicate the new cloud operations organizing framework in an executive presentation.

  • Cloud Operations Communication Plan
  • Cloud Operations Organizing Framework: Executive Brief

Infographic

Workshop: Design Your Cloud Operations

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Day 1

The Purpose

Establish Context

Key Benefits Achieved

Alignment on target state

Activities

1.1 Assess current cloud maturity and areas in need of improvement

1.2 Identify the drivers for organizational redesign

1.3 Review cloud objectives and obstacles

1.4 Develop organization design principles

Outputs

Cloud maturity assessment

Project drivers

Cloud challenges and objectives

Organization design principles

2 Day 2

The Purpose

Establish Context

Key Benefits Achieved

Understanding of cloud workstreams

Activities

2.1 Evaluate new ways of working

2.2 Develop a workstream target statement

2.3 Identify cloud work

Outputs

Workstream target statement

Cloud operations workflow diagrams

3 Day 3

The Purpose

Design the Organization

Key Benefits Achieved

Visualization of the cloud operations future state

Activities

3.1 Design a future-state cloud operations diagram

3.2 Create a current-state cloud operations diagram

3.3 Define success indicators

Outputs

Future-state cloud operations diagram

Current-state cloud operations diagram

Success indicators

4 Day 4

The Purpose

Communicate the Changes

Key Benefits Achieved

Alignment and buy-in from stakeholders

Activities

4.1 Create a roadmap

4.2 Create a communication plan

Outputs

Roadmap

Communication plan

Further reading

It’s “day two” in the cloud. Now what?

EXECUTIVE BRIEF

Analysts’ Perspective

The image contains a picture of Andrew Sharp.

Andrew Sharp

Research Director

Infrastructure & Operations Practice

It’s “day two” in the cloud. Now what?

Just because you’re in the cloud doesn’t mean everyone is on the same page about how cloud operations work – or should work.

You have an opportunity to implement new ways of working. But if people can’t see the bigger picture – the organizing framework of your cloud operations – it will be harder to get buy-in to realize value from your cloud services.

Use Info-Tech’s methodology to build out and visualize a cloud operations organizing framework that defines cloud work and aligns it to the right areas.

The image contains a picture of Nabeel Sherif.

Nabeel Sherif

Principal Research Director

Infrastructure & Operations Practice

The image contains a picture of Emily Sugerman.

Emily Sugerman

Research Analyst

Infrastructure & Operations Practice

Scott Young

Principal Research Director

Infrastructure & Operations Practice

Executive Summary

Your Challenge

Common Obstacles

Info-Tech’s Approach

Widespread cloud adoption has created new opportunities and challenges:

  • Traditional IT capabilities, activities, organizational structures, and culture need to adjust to leverage the value of cloud, optimize spend, and manage risk.
  • Different stakeholders across previously separate teams rely on one another more than ever, but rules of engagement do not yet exist, leading to a lack of direction, employee frustration, missed work, inefficiency, and unacceptable risk.
  • Many organizations have bought their way into a SaaS portfolio. Now, as key applications leave their network, I&O leaders still have accountability for these apps, but little visibility and control over them.
  • Few organizations are, or will ever be, cloud only. Your operations will be both on-prem and in-cloud for the foreseeable future and you must be able to accommodate both.
  • Traditional infrastructure siloes no longer work for cloud operations, but key stakeholders are wary of significant change.

Clearly communicate the need for operations changes:

  • Identify current challenges with cloud operations. Assess your readiness and fit for new ways of working involved in cloud operations: DevOps, SRE, Platform Engineering, and more.
  • Use Info-Tech’s templates to design a cloud operations organizing framework. Define cloud work, and align work to the right work areas.
  • Communicate the design. Gain buy-in from your key stakeholders for the considerable organizational change management required to achieve durable change.

Info-Tech Insight

Define your target cloud operations state first, then plan how to get there. If you begin by trying to reconstruct on-prem operations in the cloud, you will build an operations model that is the worst of both worlds.

Your Challenge

Traditional IT capabilities, activities, organizational structures, and culture need to adjust to leverage the value of cloud, optimize spend, and manage risk.

  • As key applications leave for the cloud, I&O teams are still expected to manage access, spend, and security but may have little or no visibility or control over the applications themselves.
  • The automation and self-service capabilities of cloud aren’t delivering the speed the business expected because teams don’t work together effectively.
  • Business leaders purchase their own cloud solutions because, from their point of view, IT’s processes are cumbersome and ineffective.
  • Accounting practices and governance mechanisms haven’t adjusted to enable new development practices and technologies.
  • Security and cost management requirements may not be accounted for by teams acquiring or developing solutions.
  • All of this contributes to frustration, missed work, wasteful spending, and unacceptable risk.

Obstacles, by the numbers:

85% of respondents reported security in the cloud was a serious concern.

73% reported balancing responsibilities between a central cloud team and business units was a top concern.

The average organization spent 13% more than they’d budgeted on cloud – even when budgets were expected to increase by 29% in the next year.

32% of all cloud spend was estimated to be wasted spend.

56% of operations professionals said their primary focus is cloud services.

81% of security professionals thought it was difficult to get developers to prioritize bug fixes.

42% of security professionals felt bugs were being caught too late in the development process.

1. Flexera 2022 State of the Cloud Report. 2. GitLab DevSecOps 2021 Survey

Cloud operations are different, but IT departments struggle to change

  • There’s no sense of urgency in the organization that change is needed, particularly from teams that aren’t directly involved in operations. It can be challenging to make the case that change is needed.
  • Beware “analysis paralysis”! With so many options, philosophies, approaches, and methodologies, it’s easy to be overwhelmed by choice and fail to make needed changes.
  • The solution to the problem requires organizational changes beyond the operations team, but you don’t have the authority to make those changes directly. Operations can influence the solution, but they likely can’t direct it.
  • Behavior, culture, and organizations take time and work to change. Progress is usually evolutionary – but this can also mean it feels like it’s happening too slowly.
  • It’s not just cloud, and it probably never will be. You’ll need to account for operating both on-premises and cloud technologies for the foreseeable future.

Follow Info-Tech’s Methodology

1. Ensure alignment with the risks and drivers of the business and understand your organization’s strengths and gaps for a cloud operations world.

2. Understand the balance of different types of deliveries you’re responsible for in the cloud.

3. Reduce risk by reinforcing the key operational pillars of cloud operations to your workstreams.

4. Identify “work areas,” decide which area is responsible for what tasks and how work areas should interact in order to best facilitate desired business outcomes.

The image contains a screenshot of a diagram demonstrating Info-Tech's Methodology, as described in the text above.

Info-Tech Insight

Start by designing operations around the main workflow you have for cloud services; i.e. If you mostly build or host in cloud, build the diagram to maximize value for that workflow.

Operating Framework Elements

Proper design of roles and responsibilities for each cloud workflow category will help reduce risk by reinforcing the key operational pillars of cloud operations.

We base this on a composite of the well-architected frameworks established by the top global cloud providers today.

Workflow Categories

  • Build
  • Host
  • Consume

Key Pillars

  • Performance
  • Reliability
  • Cost Effectiveness
  • Security
  • Operational Excellence

Risks to Mitigate

  • Changes to Support Model
  • Changes to Security & Governance
  • Changes to Skills & Roles
  • Replicating Old Habits
  • Misaligned Stakeholders

Cloud Operations Design

Info-Tech’s Methodology

Assess Maturity and Ways of Working

Define Cloud Work

Design Cloud Operations

Communicate and Secure Buy-in

Assess your key workflows’ maturity for “life in the cloud,” related to Key Operational Pillars. Evaluate your readiness and need for new ways of working.

Identify the work that must be done to deliver value in cloud services.

Define key cloud work areas, the work they do, and how they should share information and interact.

Outline the change you recommend to a range of stakeholders. Gain buy-in for the plan.

Blueprint deliverables

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals.

Cloud Maturity Assessment

Assess the intensity and cloud maturity of your IT operations for each of the key cloud workstreams: Consume, Host, and Build

The image contains screenshots of the Cloud Maturity Assessment.

Communication Plan

Identify stakeholders, what’s in it for them, what the impact will be, and how you will communicate over the course of the change.

The image contains a screenshot of the Communcation Plan.

Cloud Operations Design Sketchbook

Capture the diagram as you build it.

The image contains a screenshot of the Cloud Operations Design Sketchbook.

Roadmap Tool

Build a roadmap to put the design into action.

The image contains a screenshot of the Roadmap Tool.

Key deliverable:

Cloud Operations Organizing Framework

The Cloud Operations Organizing Framework is a communication tool that introduces the cloud operations diagram and establishes its context and justification.

The image contains a screenshot of the Cloud Operations Organizing Framework.

Project Outline

Phase 1: Establish Context

1.1: Identify challenges, opportunities, and cloud maturity

1.2: Evaluate new ways of working

1.3: Define cloud work

Phase 2: Design the organization and communicate changes

2.1: Design a draft cloud operations diagram

2.2: Communicate changes

Outputs

Cloud Services Objectives and Obstacles

Cloud Operations Workflow Diagrams

Cloud Maturity Assessment

Draft Cloud Operations Diagram

Communication Plan

Roadmap Tool

Cloud Operations Organizing Framework

Project benefits

Benefits for IT

Benefits for the business

  • Define the work required to effectively deliver cloud services to deliver business value.
  • Define key roles for operating cloud services.
  • Outline an operations diagram that visually communicates what key work areas do and how they interact.
  • Communicate needed changes to key stakeholders.
  • Receive more value from cloud services when the organization is structured to deliver value including:
    • Avoiding cost overruns
    • Securing services
    • Providing faster, more effective delivery
    • Increasing predictability
    • Reducing error rates

Calculate the value of Info-Tech’s Methodology

The value of the project is the delivery of organizational change that improves the way you manage cloud services

Example Goal

How this blueprint can help

How you might measure success/value

Streamline Responsibilities

The operations team is spending too much time fighting applications fires, which is distracting it from needed platform improvements.

  • Identify shared and separate responsibilities for development and platform operations teams.
  • Focus the operations team on securing and automating cloud platform(s).
  • Reduce time wasted on back and forth between development and operations teams (20 hrs. per employee per year x 50 staff = 1000 hrs.).
  • Deliver automation features that reduces development lead time by one hour per sprint (40 devs x 20 sprints per yr. x 1 hr. = 800 hrs.).

Improve Cost Visibility

The teams responsible for cost management today don’t have the authority, visibility, or time to effectively find wasted spend.

The teams responsible for cost management today don’t have the authority, visibility, or time to effectively find wasted spend.

  • Ensure operations contributes to visibility and execution of cost governance.
  • $1,000,000 annual spend on cloud services.
  • Of this, assume 32% is wasted spend ($320k).1
  • New cost management function has a target to cut waste by half next year saving ~$160k.
  • Cost visibility and capture metrics (e.g. accurate tagging metrics, right-sizing execution).
1. Average wasted cloud spend across all organizations, from the 2022 Flexera State of the Cloud Report

Understand your cloud vision and strategy before you redesign operations

Guide your operations redesign with an overarching cloud vision and strategy that aligns to and enables the business’s goals.

Cloud Vision

The image contains a screenshot of the Define Your Cloud Vision.

Cloud Strategy

It is difficult to get or maintain buy-in for changes to operations without everyone on the same page about the basic value proposition cloud offers your organization.

Do the workload and risk analysis to create a defensible cloud vision statement that boils down into a single statement: “This is how we want to use the cloud.”

Once you have your basic cloud vision, take the next step by documenting a cloud strategy.

Establish your steering committee with stakeholders from IT, business, and leadership to work through the essential decisions around vision and alignment, people, governance, and technology.

Your cloud operations design should align to a cloud strategy document that provides guidelines on establishing a cloud council, preparing staff for changing skills, mitigating risks through proper governance, and setting a direction for migration, provisioning, and monitoring decisions.

Key Insights

Focus on the future, not the present

Define your target cloud operations state first, then plan how to get there. If you begin by trying to reconstruct on-prem operations in the cloud, you will build an operations model that is the worst of both worlds.

Responsibilities change in the cloud

Understand what you mean by cloud work

Focus where it matters

Cloud is a different way of consuming IT resources and applications and it requires a different operational approach than traditional IT.

In most cases, cloud operations involves less direct execution and more service validation and monitoring

Work that is invisible to the customer can still be essential to delivering customer value. A lot of operations work is invisible to your organization’s customers but is required to deliver stability, security, efficiency, and more.

Cloud work is not just applications that have been approved by IT. Consider how unsanctioned software purchased by the business will be integrated and managed.

Start by designing operations around the main workflow you have for cloud services. If you mostly build or host in the cloud, build the diagram to maximize value for that workflow.

Design principles will often change over time as the organization’s strategy evolves.

Identify skills requirements and gaps as early as possible to avoid skills gaps later. Whether you plan to acquire skills via training or cross-training, hiring, contracting, or outsourcing, effectively building skills takes time.

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

Guided Implementation

Workshop

Consulting

“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

Diagnostics and consistent frameworks used throughout all four options

Guided Implementation

What does a typical GI on this topic look like?

Phase 1

Phase 2

Call #1: Scope requirements, objectives, and your specific challenges

Calls #2&3: Assess cloud maturity and drivers for org. redesign

Call #4: Review cloud objectives and obstacles

Call #5: Evaluate new ways of working and identify cloud work

Calls #6&7: Create your Cloud Operations diagram

Call #8: Create your communication plan and build roadmap

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

Workshop Overview

Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889

Day 1

Day 2

Day 3

Day 4

Day 5

Establish Context

Design the Organization and Communicate Changes

Next Steps and
Wrap-Up (offsite)

Activities

1.1 Assess current cloud maturity and areas in need of improvement

1.2 Identify the drivers for organizational redesign

1.3 Review cloud objectives and obstacles

1.4 Develop organization design principles

2.1 Evaluate new ways of working

2.2 Develop a workstream target statement

2.3 Identify cloud work

3.1 Design a future-state cloud operations diagram

3.2 Create a current state cloud operations diagram

3.3 Define success indicators

4.1 Create a roadmap

4.2 Create a communication plan

5.1 Complete in-progress deliverables from previous four days.

5.2 Set up review time for workshop deliverables and to discuss next steps.

Deliverables

  1. Cloud Maturity Assessment
  2. Cloud Challenges and Objectives
  1. Workstream target statement
  2. Cloud Operations Workflow Diagrams
  1. Future and current state cloud operations diagrams
  1. Roadmap
  2. Communication Plan

Cloud Operations Organizing Framework.

Phase 1:

Establish context

Phase 1

Phase 2

1.1 Establish operating model design principals by identifying goals & challenges, workstreams, and cloud maturity

1.2 Evaluate new ways of working

1.3 Identify cloud work

2.1 Draft an operating model

2.2 Communicate proposed changes

Phase Outcomes:

Define current maturity and which workstreams are important to your organization.

Understand new operating approaches and which apply to your workstream balance.

Identify a new target state for IT operations.

Before you get started

Set yourself up for success with these three steps:

  • This methodology and the related slides are intended to be executed via intensive, collaborative working sessions using the rest of this slide deck.
  • Ensure the working sessions are successful by working through these steps before you start work on defining your cloud operations.

1. Identify an operations design working group

2. Review cloud vision and strategy

3. Create a working folder

This should be a group with insight into current cloud challenges, and with the authority to drive change. This group is the main audience for the activities in this blueprint.

Review your established planning work and documentation.

Create a repository to house your notes and any work in progress.

Create a working folder

15 minutes

Create a central repository to support transparency and collaboration. It’s an obvious step, but one that’s often forgotten.

  1. Download all the documents associated with this blueprint to a shared repository accessible to all participants. Keep separate folders for templates and work-in-progress.
  2. Share the link to the repository with all attendees. Include links to the repository in any meeting invites you set up as working sessions for the project.
  3. Use the repository for all the work you do in the activities listed in this blueprint.

Step 1.1: Identify goals and challenges, workstreams, and cloud maturity

Participants

  • Operations Design Working Group, which may include:
    • Cloud owners
    • Platform/Applications Team leads
    • Infra & Ops managers

Outcomes

  • Identify your current cloud maturity and areas in need of improvement.
  • Define the advantages you expect to realize from cloud services and any obstacles you have to overcome to meet those objectives.
  • Identify the reasons why redesigning cloud operations is necessary.
  • Develop organization design principles.

“Start small: Begin with a couple services. Then, based on the feedback you receive from Operations and the business, modify your approach and keep increasing your footprint.” – Nenad Begovic

Cloud changes operational activities, tactics, and goals

As you adopt cloud services, the operations core mission remains . . .

  • IT operations are expected to deliver stable, efficient, and secure IT services.

. . . but operational activities are evolving.

  • Core IT operational processes remain relevant, such as incident or capacity management, but opportunities to automate or outsource operations tasks will change how that work is done.
  • As you rely more on automation and outsourcing, the team may see less direct execution in its day-to-day work and more solution design and validation.
  • Outsourcing frees the team from operational toil but reduces the direct control over your end-to-end solution and increases your reliance on your vendor.
  • Pay-as-you-go pricing models present opportunities for streamlined delivery and cost rationalization but require you to rethink how you do cost and asset management.
  • It’s very easy for the business to buy a SaaS solution without consulting IT, which can lead to duplicated functionality, integration challenges, security threats, and more.

Design a model for cloud operations that helps you achieve value from your cloud environment.

“As operating models shift to the cloud, you still need the same people and processes. However, the shift is focused on a higher level of operations. If your people no longer focus on server uptime, then their success metrics will change. When security is no longer protected by the four walls of a datacenter, your threat profile changes.

(Microsoft, “Understand Cloud Operating Models,” 2022)

Operational responsibilities are shared with a range of stakeholders

When using a vendor-operated public cloud, IT exists in a shared responsibility model with the cloud service provider, one that is further differentiated by the type of cloud service model in use: broadly, software-as a service (SaaS), platform-as-a-service (PaaS), or infrastructure-as-a-service (IaaS).

Your IT operations organization may still reflect a structure where IT retains control over the entire infrastructure stack from facilities to application and defines their operational roles and processes accordingly.

If the organization chooses a co-location facility, they outsource facility responsibility to a third-party provider, but much of the rest of the traditional IT operating model remains the same. The operations model that worked for an entirely premises-based environment is very different from one that is made up of, for instance, a portfolio of SaaS applications, where your control is limited to the top of the infrastructure stack at the application layer.

Once an organization migrates workloads to the cloud, IT gives up an increasing amount of control to the vendor, and its traditional operational roles & responsibilities necessarily change.

The image contains a screenshot that demonstrates what the cloud service models are.

Align operations with customer value

  • Decisions about operational design should be made with customer value in mind. Remember that cloud adoption should be an enabler of adaptability in the face of changing business needs!
  • Think about how the operations team is indispensable to the value received by your customer. Think about the types of changes that can add to the value your customers receive.
  • A focus on value will help you establish and explain the rationale and urgency required to deliver on needed changes. If you can’t explain how the changes you propose will help deliver value, your proposal will come across as change for the sake of change.
The image contains a screenshot of a diagram to demonstrate how operational design decisions need to be made with customer value in mind.

Info-Tech Insight

Work that is invisible to the customer can still be essential to delivering customer value. A lot of operations work is invisible to your organization’s customers but required to deliver stability, security, efficiency, and more.

A new consumption model means a different mix of activities

Evolving to cloud-optimal operations also means re-assessing and adapting your team’s approach to achieving cloud maturity, especially with respect to how automation and standardization can be leveraged to best achieve optimization in cloud.

Traditional ITDesignExecuteValidateSupportMonitor
CloudDesignExecuteValidateSupportMonitor

Info-Tech Insight

Cloud is a different way of consuming IT resources and applications and requires a different operational approach than traditional IT.

In most cases, cloud operations involves less direct execution and more service validation and monitoring.

The Service Models in cloud correspond to the way your organization delivers IT

Service Model

Example

Function

Software-as-a-Service (SaaS)

Salesforce.com

Office 365

Workday

Consume

Platform-as-a-Service (PaaS)

Azure Stack

AWS SageMaker

WordPress

Build

Infrastructure-as-a-Service (IaaS)

Microsoft Azure

Amazon EC2

Google Cloud Platform

Host

Define how you plan to use cloud services

Your cloud operations will include different tasks, teams, and workflows, depending on whether you consume cloud services, build them, or host on them.

Function

Business Need

Service Model

Example Tasks

Consume

“I need a commodity, off-the-shelf service that we can configure to our organization’s needs.

Software-as-a-Service (SaaS)

Onboard and add users to a new SaaS offering. Vendor management of SaaS providers. Configure/integrate the SaaS offering to meet business needs.

Build

“I need to create significantly customized or net-new products and services.”

Platform-as-a-Service (PaaS) & Infrastructure as-a-Service (IaaS)

Create custom applications. Build and maintain a container platform. Manage CI/CD pipelines and tools. Share infrastructure and applications patterns.

Host

“I need compute, storage, and networking components that reflect key cloud characteristics (on-demand self-service, metered usage, etc.).”

Infrastructure-as-a-Service (IaaS)

Stand up compute, networking, and storage resources to host a COTS application. Plan to increase storage capacity to support future demand.

Align to the well-architected framework

  • Each cloud provider has defined a well-architected framework (WAF) that defines effective deployment and operations for their services.
  • WAFs embody a set of best practices and design principles to leverage the cloud in a more efficient, secure, and cost-effective manner.
  • While each vendor’s WAF has its own definitions and nuances, they collectively share a set of key principles, or “pillars,” that define the desired outcome of any cloud deployment.
  • These pillars address the key areas of risk when migrating to a public cloud platform.

“In order to accelerate public cloud adoption, you need to focus on infrastructure-as-code and script everything you can. Unlike traditional operations, CloudOps focuses on creating scripts: a script for task A, a script for task B, etc.”

– Nenad Begovic

Pillars

  • Reliability
  • Security
  • Cost Optimization
  • Operational Excellence
  • Performance Efficiency

General Best Practice Capability Areas

  • Host
  • Network
  • Data
  • Identity Management
  • Cost/Subscription Management

Assess cloud maturity

2 hours

  1. Download a copy of the Cloud Maturity Assessment Tool.
  2. As a group, work through:
    • The balance of your operations activities from a Host/Build/Consume perspective. What are you responsible for delivering now? How do you expect things will change in the future?
    • Which workstreams to focus on. Are there activity categories that are critical or non-critical or that don’t represent a significant portion of overall work? Conversely, are there workstreams that you feel are subject to particular risk when moving to cloud?
  3. Fill out the Maturity Quiz tab in the Cloud Maturity Assessment Tool for the workstreams you have chosen to focus on.
InputOutput
  • Insight into and experience with your current cloud environment.
  • Maturity scoring for key workload streams as they align to the pillars of a general well-architected cloud framework
MaterialsParticipants
  • Whiteboard/Flip chart
  • Operating model template
  • Cloud platform SMEs

Download theCloud Maturity Assessment Tool

Identify the drivers for organizational redesign

Whiteboard Activity

An absolute must-have in any successful redesign is a shared understanding and commitment to changing the status quo.

Without a clear and urgent call to action, the design changes will be seen as change for the sake of change and therefore entirely safe to ignore.

Take up the following questions as a group:

  1. What kind of organizational change is needed?
  2. Why do we think the need for this change is urgent?
  3. What do we think will happen if no change occurs? What’s the worst-case scenario?

Record your answers so you can reference and use them in the communication materials you’ll create in Phase 2.

InputOutput
  • Cloud maturity assessment
  • Objectives and obstacles
  • Insight into existing challenges stemming from organizational design challenges
  • A list of reasons that form a compelling argument for organizational change
MaterialsParticipants
  • Whiteboard/Flip chart
  • Cloud Operations Design Working Group

“We know, for example, that 70 percent of change programs fail to achieve their goals, largely due to employee resistance and lack of management support. We also know that when people are truly invested in change it is 30 percent more likely to stick.”

– Ewenstein, Smith, Sologar

McKinsey (2015)

Consider the value of change from advantage and obstacle perspectives

Consider what you intend to achieve and the obstacles to overcome to help identify the changes required to achieve your desired future state.

Advantage Perspective

Ideas for Change

Obstacle Perspective

What advantages do cloud services offer us as an organization?

For example:

  • Enhance service features.
  • Enhance user experience.
  • Provide ubiquitous access.
  • Scalability to align with demand.
  • Automate or outsource routine tasks.

What obstacles prevent us from realizing value in cloud services?

For example:

  • Inadequate stability and reliability
  • Difficult to observe or monitor workloads
  • Challenges ensuring cloud security
  • Insufficient access to relevant skills

Review risks and challenges

Changes to Support Model

  • Have we identified who is on the cloud ops team?
  • Do we know where we are procuring skills (internal IT vs. third party) and for how long?
  • Do we know where we are in the migration process?

Changes to security & governance

  • Have we identified how our attack surface changes in the cloud?
  • Do we have guardrails in place to govern self-provisioning users?
  • Are we managing cost overage risks?

Replicating old habits

  • Have we made concrete plans to leverage cloud capabilities to standardize and automate outputs?
  • Are we simply reproducing existing systems in the cloud?

Changes to Skills & Roles

  • Is our staff excited to learn new skills and technologies? Are our specialists prepared to acquire generalist skills to support cloud services?
  • Do we have training plans created and aligned to our technology roadmap?
  • Do we know what head count we need?

Misaligned stakeholders

  • Have we identified our key stakeholders and teams? Have we considered what changes will impact them and how?
  • Are we meeting regularly and collaborating effectively with our peers, or are we siloed?

Review cloud objectives and obstacles

Whiteboard Activity

1 hour

  1. With your working group, review why you’re using cloud in the first place. What advantages do you expect to realize by adopting cloud services? If we achieve what we’ve set out to do, what should that look and feel like to us, our organization, and our organization’s customers?
    • You should have identified cloud drivers and objectives in your cloud vision and strategy – leverage and validate what you already have!
  2. Next, identify obstacles that are preventing you from fully realizing the value of cloud services.
  3. Finally, brainstorm initial ideas for change. What could we start doing that could help us better use cloud in the future? Are there changes to how we need to organize ourselves to collaborate more effectively?
InputOutput
  • Insight into and experience with your current cloud environment
  • Identified key business outcomes you expect to realize by adopting cloud services
  • Identified challenges and obstacles that are preventing you from realizing key outcomes
MaterialsParticipants
  • Whiteboard/Flip chart
  • Cloud operations design working group.

Commonly cited advantages and obstacles

Cloud Advantages/Objectives

  • Deliver faster on commitments to the business by removing infrastructure provisioning as a bottleneck.
  • Simplify capacity management on flexible cloud-based infrastructure.
  • Reduce capital spending on IT infrastructure.
  • Create sandboxes/innovation practices to experiment with and develop new functionality on cloud platforms.
  • Easily enable ubiquitous access to key corporate services.
  • Minimize the expense and effort required to maintain a data center – power & cooling, cabling, or physical hardware.
  • Leverage existing automation tools from cloud vendors to speed up integration and deployment.
  • Direct costs for specific services can improve transparency and cost allocation, allowing IT to directly “show-back” or charge-back cloud costs to specific cost centers.

Obstacles

Need to speed up provisioning of PaaS/IaaS/data resources to development and project teams.

No time to develop and improve platform services and standards due to other responsibilities.

We constantly run up unexpected cloud costs.

Not enough time for continuous learning and development.

The business will buy SaaS apps and only let us know after they’ve been purchased, leading to overlapping functionality; gaps in compliance, security, or data protection requirements; integration challenges; cost inefficiencies; and more.

Role descriptions haven’t kept up with tech changes.

Obvious opportunities to rationalize costs aren’t surfaced (e.g. failing to make use of existing volume licensing agreements).

Skills needed to properly operate cloud solutions aren’t identified until breakdowns happen.

Establish organization design principles

You’ve established a need for organizational change. What will that change look like?

Design principles are concise, direct statements that describe how you will design your organization to achieve key objectives and address key challenges.

This is a critically important step for several reasons:

  • A set of clear, concise statements that describe what the design should achieve provides parameters that will help you create and evaluate different design options.
  • A focused, facilitated discussion to create those statements will help uncover conflicting assumptions between key stakeholders.
  • A comprehensive description of the various ways the organization should change makes it easier to identify misaligned or incompatible objectives.
  • A description of what your organization should look like in the future will help you identify where changes will be required .

Examples of design principles:

  1. We will create a path to review and publish effective application/platform patterns.
  2. A single governing body should have oversight into all cloud costs.
  3. Development must happen only on approved cloud platforms.
  4. Application teams must address operational issues that derive from the applications they’ve created.
  5. Security practices should be embedded into approved cloud platforms and be automatically applied wherever possible.
  6. Focus is on improving developer experience on cloud platforms.

Info-Tech Insight

Design principles will often change as the organization’s strategy evolves.

Align design principles to your objectives

Developing design principles starts with your key objectives. What do we absolutely have to get right to deliver value through cloud services?

Once you have your direction set, work through the points in the star model to establish how you will meet your objectives and deliver value. Each point in the star is an important element in your design – taken together, it paints a holistic picture of your future-state organization.

The changes you choose to implement that affect capabilities, structure, processes, rewards, and people should be self-reinforcing. Each point in the star is connected to, and should support, the other points.

“There is no one-size-fits-all organization design that all companies – regardless of their particular strategy needs – should subscribe to.”

– Jay Galbraith, “The Star Model”

The image contains a screenshot of a modified versio of Jay Galbraith's Star Model of Organizational Design.

Establish design principles

Track your findings in the table on the next slide.

  1. Review the cloud objectives and challenges from the previous activity. As a group, decide from that list: what are the key objectives you are trying to achieve? What are the things you absolutely must get right to get value from cloud services?
  2. Work through the following questions as a group:
    • What capabilities or technologies do we need to adopt or leverage differently?
    • How must our structure change? How will power shift in the new structure?
    • Will our new structure require changes to processes or information sharing?
    • How must we change how we motivate or reward employees?
    • What new skills or knowledge is required? How will we acquire those skills or knowledge?
InputOutput
  • Cloud objectives and challenges
  • Different viewpoints into how your organization must change to realize objectives and overcome challenges
  • Organizational design principles for cloud operations
MaterialsParticipants
  • Whiteboard/Flip charts
  • Cloud operations design working group

Design principles (example)

What is our key objective?

  • Rapidly develop innovative cloud services aligned to business value.

What capabilities or technologies do we need to adopt or leverage differently?

  • We will adopt more agile development techniques to make smaller changes, faster.
  • We will standardize and automate tasks that are routine and repeatable.

How must our structure change? How will power shift in the new structure?

  • Embed development teams within business units to better align to business unit needs.
  • Create a focused cloud platform team to develop infrastructure services.

Will our new structure require changes to processes or information sharing?

  • Development teams will take on responsibility for application support.
  • Platform teams will be deeply embedded with development teams on new projects to build new infrastructure functionality.

How must we change how we motivate or reward employees?

  • We will highlight innovative work across the company.
  • We will encourage experimentation and risk-taking.

What new skills or knowledge is required, and how will we acquire it?

  • We will focus on acquiring skills most closely aligned to our technology roadmap.
  • We will ensure budget is available for training employees who ask for it.
  • We will contract to find skills we cannot develop in-house and use engagements as an opportunity to learn internally.

Step 1.2: Evaluate new ways of working

Participants

Cloud Operations Design Working Group

Outcomes

Shared understanding of the horizon of work possibilities:

  • Ways to work
  • Ways to govern and learn

Consider the different approaches on the following slides, how they change operational work, and decide which approaches are the right fit for you.

Evaluate new ways of working

Cut through the hype

  • There are new approaches/ways of working that deal head on with the persistent breakdowns and headaches that come with operations management – work thrown over the wall from development, manual and repetitive work, siloed teams, and more.
  • Many of these approaches emphasize an operations-aware approach to solutions development and apply techniques traditionally associated with AppDev to Operations.
  • Cloud services present opportunities to outsource/automate away routine tasks.

“DevOps is a set of practices, tools, and a cultural philosophy that automates and integrates the processes between software development and IT teams. It emphasizes team empowerment, cross-team communication and collaboration, and technology automation.”

– Atlassian, “DevOps”

“ITIL 4 brings ITIL up to date by…embracing new ways of working, such as Lean, Agile, and DevOps.”

– ITIL Foundation: ITIL 4 Edition

“Over time, left to their own devices, the SRE team should end up with very little operational load and almost entirely engage in development tasks, because the service basically runs and repairs itself.”

– Ben Treynor Sloss, “Site Reliability Engineering”

The more things change, the more they stay the same:

  • Core processes remain, but they may be done differently, and new technologies and services create new challenges.
  • Not all approaches are right for all organizations, and what’s right for you depends on how you use cloud services.
  • The best solution draws from these management ideas to build an approach to operations that is right for you.

Leverage patterns to think about new ways of approaching operations work

Patterns are strategies, approaches, and philosophies that can help you imagine new ways of working in your own organization.

  • The following slides provide an overview of organizing patterns that are applicable to cloud operations.
  • These are strategies that have been applied successfully elsewhere. Review what they can and cannot do and decide whether they are something you can use in your own organizational design.
  • Not every pattern will apply to every organization. For example, an organization which typically consumes SaaS applications will likely have very little need for SRE approaches and techniques.

Ways to work

  • What work do we do? What skills do we need?
  • How do we create and support systems?

Ways to govern and learn

  • How do we set and enforce rules?
  • How do we create and share knowledge?

Explore Applicable Patterns

Ways to work

Ways to govern and learn

1. DevOps

2. Site Reliability Engineering

3. Platform Engineering

4. Cloud Centre of Excellence

5. Cloud Community of Practice

What is DevOps?

“Look for obstacles constantly and treat them as opportunities to experiment and learn.” – Jez Humble, et al. Lean Enterprise: How High Performance Organizations Innovate at Scale

What it is NOT

What it IS

Why Use It

  • Another word for automation or CI/CD tools.
  • A specific role.
  • A fix-all to address friction between existing siloed application and development teams.
  • An approach that will be successful without getting the basics right first.
  • The right fit for every IT organization or every team.

An operational philosophy that seeks to:

  • Converge accountability for development and operations to align all teams to the goal of delivering customer value.
  • Improve the relationship between Development and Operations teams.
  • Increase the rate of deployment of valuable functionality into production.
  • “A cultural shift giving development teams more control over shipping code to production.” 1
  • You’re doing a lot of custom development.
  • There are opportunities for operations and development teams to work more closely.
  • You want to improve coding quality and throughput.
  • You want to shift the culture of the team to focus on customer value rather than exclusively uptime or new features.
1 DevOps, SRE, and Platform Engineering

What is Site Reliability Engineering (SRE)?

“Hope is not a strategy” – Benjamin Treynor Sloss, Site Reliability Engineering: How Google Runs Production Systems

What it is NOT

What it IS

Why Use It

  • Deeply focussed on a specific technical domain; SRE work “does not discriminate between infrastructure, software, networking, or platforms.” 2
  • A different name for a team of sysadmins.
  • A programming framework or a specific set of technologies.
  • A way to manage COTS software. SRE is less useful when you’re using applications out-of-the-box with minimal customization, integration, or development.
  • An application of skills and approaches from software engineering to improve system reliability.
  • A team responsible for “availability, latency, performance, efficiency, change management, monitoring, emergency response, and capacity planning.”3
  • A team responsible for building systems that become “a platform and workflow that encompasses monitoring, incident management, eliminating single points of failure, [and] failure mitigation.”1
  • You are building services and providing them at scale.
  • You want to improve reliability and reduce “the frequency and impact of failures that can impact the overall reliability of a cloud application.”1
  • You need to define related service metrics and SLOs.
  • To increase the use of automation in operations to avoid mistakes and minimize toil. 3
1 SRE vs Platform Engineering
2. Lakhani, Usman. “ISite Reliability Engineering: What Is It? Why Is It Important for Online Businesses?,” 2020.
3. Sloss, “Introduction,” 2017

What4 is Platform Engineering?

“Platform engineers can act as a shield between developers and the infrastructure”

– Carlos Schults, “What is Platform Engineering? The Concept Behind the Term”

What it is NOT

What it IS

Why Use It

  • A team that manages every aspect of each application on a particular platform.
  • Focussed solely on platform reliability and availability.
  • A different name for a team of sysadmins.
  • Needed for all cloud service deployments. Platform engineers are most useful when you’re building extensively on a particular platform (e.g. AWS, Azure, or your internal cloud).
  • Platform engineers design, build, and manage the infrastructure that supports and hosts work done by developers.
  • The work done by platform engineering allows developers to avoid the repetitive work of setting everything up anew each time.
  • Requires engineers with a deep understanding of cloud services and other platform technologies (e.g. Kubernetes).
  • The big public cloud platforms are built for everyone. You need platform engineering when you need to extensively adapt or manage standard cloud services to support your own requirements.
  • Platform engineers are responsible for creating a secure, stable, maintainable environment that enables developers to do their work faster and without having to manage the underlying technology infrastructure.
1 DevOps, SRE, and Platform Engineering

What is a Cloud Center of Excellence?

You need a strong core to grow a cloud culture.

What it is NOT

What it IS

Why Use It

  • A project management office (PMO) for cloud services.
  • An easy, quick, or temporary fix to cloud governance problems. The CCoE requires champions who provide ongoing support to realize value over time.
  • An approach that’s only for enterprise-sized IT organizations.
  • A standing meeting – members of the CCoE may meet regularly to review progress on their mandate, but work and collaboration need to happen outside of meetings.
  • A cross-functional team responsible for oversight of all cloud initiatives, including architectural, technical, security, financial, contractual, and operational aspects of planned and deployed solutions.
  • The CCoE’s responsibilities typically include governance and continuous improvement; alignment between technical and accounting practices; documentation, training, best practices and standards development; and vendor management.
  • CCoE duties are often part of an existing role rather than a full-time responsibility.
  • You want to enable a core group of cloud experts to promote collaboration and accelerate adoption of cloud services, including members from infrastructure, applications, and security.
  • You need to manage cloud risks, set guidelines and policies, and govern costs across cloud environments.
  • There is an unmet need for training, knowledge sharing, and best practice development across the organization.

What is a Cloud Community of Practice?

“We have to stop optimizing for programmers and start optimizing for users”

– Jeff Atwood

What it is NOT

What it IS

Why Use It

  • A replacement for effective oversight and governance practices, though they may help users navigate and understand governance requirements.
  • A way to advertise cloud to potential new practitioners – engaged members of a CoP are typically already using a particular service.
  • Always exclusively composed of internal staff; in certain cases, a CoP could have external members as well.
  • A network of engaged users and experts who share knowledge and best practices for related technologies, crowdsource solutions to problems, and suggest improvements.
  • Often supported by communication and collaboration tools (e.g. chat channels, knowledge base, forums). May use a range of techniques (e.g. drop-ins, vendor-led training, lunch and learns).
  • Communities of practice may be deliberately created by the organization or develop organically.
  • Communities of practice are an effective way for practitioners to support one another and share ideas and solutions.
  • A CoP can help “shift left” work and help practitioners help themselves.
  • An engaged CoP can help IT to identify improvement opportunities and can also be a channel to communicate updates or changes to practitioners.

Reinforce what we mean by patterns

Patterns are . . .

Ways of Working

  • Sets of habits, processes, and methodologies you want to adopt as part of your operational guidelines and commonly agreed upon definitions.

Patterns are also . . .

Ways to Govern and Learn

  • The formal and informal practices and groups that focus on enabling governance, risk management, and adoption.

Review the implications of each pattern for organizational design

Ways of Working

DevOps

Development teams take on operational work to support the services they create after they are launched to production.

Some DevOps teams may be aligned around a particular function or product rather than a technology – there are individuals with skills on a number of technologies that are part of the same team.

Site Reliability Engineering (SRE)

In the beginning, you can start to adopt SRE practices within existing teams. As demand grows for SRE skills and services, you may decide to create focused SRE roles or teams.

SRE teams may work across applications or be aligned to just infrastructure services or a particular application, or they may focus on tools that help developers manage reliability. SREs may also be embedded long-term with other teams or take on an internal consulting roles with multiple teams.1

Platform Engineering

Platform engineering will often, though not always, be the responsibility of a dedicated team. This team must work very closely with, and tuned into the needs of, its internal customers. There is a constant need to find ways to add value that aren’t already part and parcel of the platform – or its external roadmap.

This team will take on responsibility for the platform, in terms of feature development, automation, availability and reliability, security, and more. They may also be internal consultants or advisors on the platform to developers.

1. Gustavo Franco and Matt Brown, “How SRE teams are organized and how to get started.”

Review the implications of each pattern for organizational design

Ways to Govern and Learn

Cloud Center of Excellence

  • A CCoE is a cross-functional group with technical experts from security, infrastructure, applications, and more.
  • There should, ideally, be someone focused on leading the CCoE full-time – often someone with an architecture background. Team members may work on the CCoE part-time alongside their main role, and dedicate more of their time to the CCoE as needed.
  • As the CCoE is a governance function, it will typically bridge and sit above teams working on cloud services, reporting to the CIO, CTO, or to an architecture function.

Cloud Community of Practice

  • Participation in a community of practice is often above and beyond a core role – it’s a leadership activity taken on by technologically adept experts with a drive to help others.
  • Some organizations will create a role to foster community collaboration, run events, raise opportunities and issues identified by the community with product or technology teams, manage collaboration tools, and more.

Evolve your organization to meet the needs of increased adoption

Your operating model should evolve as you increase adoption of cloud services.

Least Adoption Greatest Adoption

Initial Adoption

Early Centralization

Scaling Up

Full Steam Ahead

  • One or more small agile teams design, build, manage, and operate individual solutions on cloud resources. Solutions provide early value, and identify new opportunities using small, safe-to-fail experiments.
  • Governance is likely done locally to each team. Knowledge sharing, guidelines, and standards are likely informal.
  • Early experience with cloud services help the organization identify where to invest in cloud services to best meet business demands.
  • Accountability and governance over the platform are more clearly defined, possibly still separate from core IT governance processes. Best practices may be shared across teams through a Community of Practice.
  • Operations may be centralized, where valuable, to support monitoring and incident response.
  • Additional product/service-aligned development teams are created to keep up with demand.
  • There is a focused effort to consolidate best practices and platform knowledge, which can be supported through a culture of learning, effective automation, and appropriate tools.
  • The CCoE takes on additional roles in cloud governance, security, operations, and administration.
  • The organization has reached a relatively steady-state for cloud adoption. Innovation and new service development takes place on a stable platform.
  • A Cloud Center of Excellence is accountable for cloud governance across the organization.
Adapted from Microsoft, “Get Started: Align your organization,” 2021

Choose new ways of working that make sense for your team

1 hour

Consider if, and how, the approaches to management and governance you’ve just reviewed can offer value to your organization.

  1. List the organizing/managing ideas listed in the previous slides in the table below.
  2. Define why it’s for you. What benefits do you expect to realize? What challenges do you expect this will help you overcome? How does this align with your key benefits and drivers for moving to cloud?
  3. List risks or challenges to adoption. Why will it be hard to do? What could get in the way of adoption? Why might it not be a good fit?
  4. Identify next steps to adopt proposed practices.

Why it’s for us (drivers)

Risks or challenges to adoption

Next steps to build/adopt it

CCoE

DevOps

InputOutput
  • Related Info-Tech slides on new ways of working.
  • Opportunities and challenges in your own cloud deployment that may be addressed through new ways of working.
  • Identify new ways of working aligned to your goals.
MaterialsParticipants
  • Whiteboard/Flip chart
  • Cloud Operations Design Working Group

Step 1.3: Identify cloud work

Participants

  • Operations Design Working Group

Outcomes

  • Identify core work required to deliver value in key cloud workstreams.

“At first, for many people, the cloud seems vast. But what you actually do is carve out space.”

–DevOps Manager

Identify work

Before you can identify roles and responsibilities, you have to confirm what work you do as an organization and how that work enables you to meet your goals.

  • A comprehensive approach that connects the work you do to your organizational goals will help you identify work that’s falling through the cracks.
  • Identifying work is an opportunity to look at the tasks you regularly execute and ensure they actually drive value.
  • Working through the exercise as a group will help you develop a common language around the work you do.
  • To make the evident obvious: you can’t decide who should be responsible for something if you don’t know about it in the first place.

Defining work can be a lot of … work! We recommend you start by identifying work for the workstream you do most – Build, Consume, or Host – to focus your efforts. You can repeat the exercise as needed.

Map work in workstream diagrams

The image contains a screenshot of the map work in workstream diagrams.

The five Well-Architected Framework pillars. These are principles/directions/guideposts that should inform all cloud work.

The work being done to achieve the workstream target. These are roughly aligned with the three streams on the right.

Workstream Target: A concise statement of the value you aim to achieve through this workstream. All work should help deliver value (directly or indirectly).

Define the scope of the exercise

Whiteboard Activity

20 minutes

Over the next few exercises, you’ll do a deep dive into the work you do in one specific workstream. In this exercise, we’ll decide on a workstream to focus on first.

  1. Are you primarily building, hosting on, or consuming cloud services? Start with the workstream where you’re doing the most work.
  2. If this isn’t sufficient to narrow your focus, look at the workstream that is most closely tied to mission critical applications, or that is most in need of review in terms of what work is done and who does it.
  3. You can narrow the scope further if there’s a very specific sub-area that differs from the rest (e.g. managing your O365 environment vs. managing all SaaS applications).
InputOutput
  • Insight into and experience with your current cloud environment.
  • Your completed cloud maturity assessment.
  • Identify one workstream where you’ll define work first.
MaterialsParticipants
  • None
  • Cloud Operations Design Working Group

Create a workstream target statement

Whiteboard Activity

30 minutes

In this activity, come up with a short sentence to describe what all this work you do is building toward. The target statement helps align participants on why work is being done and helps focus the activity on work that is most important to achieving the target statement.

Start with this common workstream target statement:

“Deliver valuable, secure, available, reliable, and efficient cloud services.”

Now, review and adjust the target statement by working through the questions below:

  1. Return to the earlier exercises in Phase 1.1 where you reviewed your key objectives for cloud services. Does the target statement align with what you’d identified previously?
  2. Who is the customer for the work you do? Would they see the target differently than you’ve described it?
  3. Can you be more specific? Are there value drivers that are more specific to your industry, organization, business functions, or products that are key to the value your customers receive from this workstream?
InputOutput
  • Previous exercises.
  • Workstream target statement.
MaterialsParticipants
  • Whiteboard/Flip chart
  • Cloud Operations Design Sketchbook
  • Cloud Operations Design Working Group

Identify cloud work

1-2 hours

  1. Use the workstream diagram template in the Cloud Operations Design Sketchbook, or draw the template out on a whiteboard and use sticky notes to identify work.
  2. Identify the workstream at the top of the slide. Update the template value statement on the right with the value statement you created in the previous exercise.
  3. Review one or more of the examples in the Cloud Operations Design Sketchbook to get a sense of the level of detail required for this exercise.

Activity instructions continue on the next slide.

Some notes to the facilitator:

  • Working directly from the Cloud Operations Design Sketchbook will save you time with transcription. Sharing the document with participants (e.g. via OneDrive) will allow you to collaborate and edit the document together in real-time.
  • Don’t worry about being too tidy for the moment, just get the information written down and you can clean up the diagram later.
InputOutput
  • Previously identified design principles.
  • An understanding of the work done, and that needs to be done, in your cloud environment.
  • Identify the work that needs to be done to support your key cloud services workstream in the future.
MaterialsParticipants
  • Cloud Operations Design Sketchbook
  • Whiteboard and sticky notes (optional)
  • Cloud Operations Design Working Group

Identify cloud work (cont’d)

4. Work together to identify work, documenting one work item per box. This should focus on future state, so record work whether it’s actually done today or not. Your space is limited on the sheet, so focus on work that is indispensable to delivering the value statement. Use the lists on the right as a reminder of key IT practice areas.

5. As much as possible, align the work items to the appropriate row (Govern & Align, Design & Execute, or Validate, Support & Monitor). You can overlap boxes between rows if needed.

Have you captured work related to:

ITIL practices, such as:

  • Request management
  • Incident & problem management
  • Service catalog
  • Service level management
  • Configuration management

Security-aligned practices, such as:

  • Identity & access management
  • Vulnerability management
  • Security incident management

Financial practices, such as:

  • IT asset management
  • Cost management & budgeting
  • Vendor management
  • Portfolio management

Data-aligned practices, such as:

  • Data integrations
  • Data governance

Technology-specific tasks, such as:

  • Network, Server & Storage
  • Structured/unstructured DBs
  • Composite services
  • IDEs and compilers

Other key practices:

  • Monitoring & observability
  • Continuous improvement
  • Testing & quality assurance
  • Training and knowledge management
  • Manage shadow IT

Info-Tech Insight

Cloud work is not just applications that have been approved by IT. Consider how unsanctioned software purchased by the business will be integrated and managed.

Identify cloud work (cont’d)

6. If you have decided to adopt any of the new ways of working outlined in Step 1.2 (e.g. DevOps, SRE, etc.) review the next slide for examples of the type of work that frequently needs to be done in each of those work models. Add any additional work items as needed.

7. Consolidate boxes and clean up the diagram (e.g. remove duplicate work items, align boxes, clarify language).

8. Do a final review. Is all the work in the diagram truly aligned with the value statement? Is the work identified aligned with the design principles from Step 1.1?

If you used a whiteboard for this exercise, transcribe the output to a copy of the Cloud Operations Design Sketchbook, and repeat the exercise for other key workstreams. You will use this diagram in Phase 2.

Examples of work

Examples of work in the "Host" workstream:

  • Bulk patch servers
  • Add a server
  • Add capacity
  • Develop a new server template
  • Incident management

Examples of work in the "Build" workstream:

  • Provision a production server
  • Provision a test environment
  • Test recovery procedures
  • Add capacity for a service
  • Publish a new pattern
  • Manage capacity/performance for a service
  • Identify wasted spend across services
  • Identify performance bottlenecks
  • Review and shut down idle/unneeded services

Examples of work in the "Consume" workstream:

  • Conduct vendor risk assessments
  • Develop a standard evaluation matrix to compare solutions to existing or potential in-house offerings
  • Onboard a solution
  • Offboard a solution
  • Conduct a renewal
  • Review and negotiate a contract
  • Rationalize software titles

Phase 2:

Design the organization and communicate changes

Phase 1

Phase 2

1.1 Establish operating model design principals by identifying goals & challenges, workstreams, and cloud maturity

1.2 Evaluate new ways of working

1.3 Identify cloud work

2.1 Draft an operating model

2.2 Communicate proposed changes

Phase Outcomes:

Draft your cloud operations diagram, identify key messages and impacts to communicate to your stakeholders, and build out the Cloud Operations Organizing Framework communication deck.

Step 2.1: Identify groups and responsibilities

Participants

  • Operations Design Working Group

Outcomes

  • Cloud Operations Diagram
  • Success Indicators
  • Roadmap

“No-one ever solved a problem by restructuring.”

– Anonymous

Visualize your cloud operations

Create a visual to help you abstract, analyze, and clarify your vision for the future state of your organization in order to align and instruct stakeholders.

Create a visual, high-level view of your organization to help you answer questions such as:

  • “What work do we do? What are the roles and responsibilities of different teams?”
  • “How do we interact between work areas?”
  • “How has our organization changed already, and what additional changes may be needed?”
  • “How do we make technology decisions?”
  • “How do we provide services?”
  • “How might this change be received by people on the ground?”
The image contains a screenshot of the Cloud Operations Diagram Example.

Decide whether to centralize or decentralize

Specialization & Focus: A group or work unit developing a focused concentration of skills, expertise, and activities aligned with an area of focus (such as the ones at right).

Decentralization: Operational teams that report to a decentralized IT or business function, either directly or via a “dotted line” relationship.

Decentralization and Specialization can:

  • Duplicate work.
  • Localize decision-making authority, which can increase agility and responsiveness.
  • Transfer authority and accountability to local and typically smaller teams, clarifying responsibilities and encouraging staff to take ownership for service delivery.
  • Enable the team to focus on complex and rapidly changing technologies or processes.
  • Create islands of expertise, which can get in the way of collaboration, innovation, and decision making across groups and work units and make oversight difficult.
  • Complicate the transfer of resources and knowledge between groups.

Examples: Areas of Focus

Business unit

  • Manufacturing
  • R&D
  • Sales & Marketing

Region

  • Americas
  • EMEA
  • APAC

Service

  • ERP
  • Commercial website

Technology

  • On-premises servers/storage
  • Network
  • Cloud services

Operational process focus

  • Capacity management & planning
  • Incident management
  • Problem management

“The concept of organization design is simple in theory but highly complex in practice. Like any strategic decision, it involves making multiple trade-offs before choosing what is best suited to a business context.”

– Nitin Razdan & Arvind Pandit

Identify key work areas

Balance specialization with effective collaboration

  • Much is said about breaking down organizational silos. But at some level, silos are inevitable – any company with more than one employee will have to divide work up somehow.
  • Dividing up work is a delicate balancing act – ensuring individuals and groups are able to do work that is related, meaningful, and that allows autonomy while allowing for effective collaboration between groups that need to work together to achieve business goals.

Why “work areas”?

Why don’t we just use teams, groups, squads, or departments, or some other more common term for groups of people working together?

  • We are not yet at the point of deciding who in the organization should be aligned to which areas in the design.
  • Describing work areas as teams can shift the conversation to the organizational chart – to who does the work, rather than what needs to be done.

That’s not the goal of this exercise. If the conversation gets stuck on what you do today, it can get in the way of thinking about what you need to do in the future.

Create a future-state cloud operations diagram

1-3 hours

  1. Review the example cloud operations diagram example in your copy of the Cloud Operations Design Sketchbook.
  2. Identify key work areas (e.g. applications, infrastructure, platform engineering, DevOps, security). Add the name of each work area in one of the larger boxes.
    • Go back to your design principles. Did you define any work areas in your design principles that should be represented here?
    • If you have several groups or teams with similar responsibilities, consider lumping them together in one box (e.g. applications teams, 3x DevOps teams).
  3. Copy the tasks from any workstream diagrams you’ve created to the same slide as the organization design diagram. Keep the workstream diagram intact, as you’ll want to be able to refer back to it later.

Activity instructions continue on the next slide.

InputOutput
  • Insight into and experience with your current cloud environment.
  • Cloud Operations Diagram
MaterialsParticipants
  • Whiteboard/Flip charts
  • Cloud Operations
  • Cloud Operations Design Working Group

Cloud operations diagram (cont’d)

1-3 hours

4. As a group, move the work boxes from the workstream diagram into the appropriate work area.

  • Don’t worry about being too tidy for the moment – clean up the diagram when the exercise is done.
  • Make adjustments to the wording of the work boxes if needed.

5. Use the space between work areas to describe how work areas must interact to achieve organizational goals. For example:

  • What information should be shared between groups?
  • What information sharing channels may be used?
  • What processes will be handed-off between groups and how?
  • How often will teams interact?
  • Will interactions be formal or informal?

Create a current-state operations diagram

1 -2 hours

This exercise can be done by one person, then reviewed with the working group at a later time.

This current state diagram helps clarify the changes that may need to happen to get to your future state.

  1. Color code the work boxes for each work area. For example, if you have a “DevOps” work area, make all the work boxes assigned to “DevOps” the same color.
  2. On a separate slide, sketch your existing organization indicating your current teams.
  3. Copy the tasks from the future-state diagram to this current-state chart. Align the tasks to the appropriate groups.
  4. Review the chart with the working group. Discuss: are there teams that are doing work today that will also be done by different teams? Are there groups that may merge into one team? What types of changes may be required?
InputOutput
  • Future-state cloud operations diagram
  • Current-state cloud operations diagram
MaterialsParticipants
  • Cloud Operations Design Sketchbook
  • Projector/screen/virtual meeting
  • Project lead
  • Cloud Operations Design Working Group

Check for biases to make better choices

Use the strategies below to spot and address flaws in your team’s thinking about your future-state design.

Biases

What’s the risk?

Mitigation strategies

Is the team making mistakes due to self-interest, love of a single idea, or groupthink?

Important information may be ignored or left unspoken.

Rigorously check for the other biases, below. Tactfully seek dissenting opinions.

Do recommendations use unreasonable analogies to other successes or failures?

Opportunities or challenges in the current situation may not be sufficiently understood.

Ask for other examples, and check whether the analogies are still valid.

Is the team blinkered by the weight of past decisions?

Doubling-down on bad decisions (sunk costs) or ignoring new opportunities.

Ask yourself what you'd do if you were new to the position or organization.

Does the data support the recommendations?

Data used to make the case isn't a good fit for the challenge, is based on faulty assumptions, or is incomplete.

If you had a year to make the decision, what data would you want? How much can you get?

Are there realistic alternative recommendations?

Alternatives don't exist or are "strawman" options.

Ask for additional options.

Is the recommendation too risk averse or cautious?

Recommendations that may be too risky are ignored, leading to missed opportunities.

Review options to accept, transfer, distribute, or mitigate the risk of the decision.

Framework above adapted from Kahneman, Lovallo, and Sibony (2011)

Be specific with metrics

Thinking of ways you could measure success can help uncover what success actually means to you.

Work collectively to generate success indicators for each key cloud initiative. Success indicators are metrics, with targets, aligned to goals, and if you are able to measure them accurately, they should help you report your progress toward your objectives.

For example, if your driver is “faster access to resources” you might consider indicators like developer satisfaction, project completion time, average time to provision, etc.

There are several reasons you may not publicize these metrics. They may be difficult to calculate or misconstrued as targets, warping behavior in unexpected ways. But managed properly, they have value in measuring operational success!

Examples: Operations redesign project metrics

Key stakeholder satisfaction scores

IT staff engagement scores

Support Delivery of New Functionality

Double number of accepted releases per cycle

80% of key cloud initiatives completed on time, on budget, and in scope

Improve Operational Effectiveness

<1% of servers have more than two major versions out of date

No more than one capacity-related incident per Q

Define success indicators

Whiteboard Activity

45 minutes

  1. On a whiteboard, draw a table with key objectives for the design across the top.
    • What cloud objectives should the redesign help you achieve? Refer back to the design principles from Phase 1.
    • Think about the redesign itself. How will you measure whether the project itself is proceeding according to plan? Consider metrics such as employee engagement scores and satisfaction scores from key stakeholders.
  2. Consider whether the metrics are feasible to track. Record your decisions in your copy of the Cloud Operations Organizing Framework deck.
InputOutput
  • Key design goals
  • Success indicators for your design
MaterialsParticipants
  • Whiteboard
  • Markers
  • Cloud Operations Design Working Group

Populate a roadmap

Tool Activity

45 minutes

  1. In the Roadmap Tool, populate the data entry tab with the initiatives you will take to support changes toward the new cloud operations organizing framework.
  2. Input each of the tasks in the data entry tab and provide a description and rationale behind the task (as needed).
  3. Assign an effort, priority, and cost level to each task (high, medium, low).
  4. Assign an owner to each task – someone who can take points and shepherd the task to completion.
  5. Identify the timeline for each task based on the priority, effort, and cost (short, medium, and long term).
  6. Highlight risk for each task if it will be deferred.
  7. Track the progress of each task with the status column.
InputOutput
  • Cloud Operations Organizing Framework
  • Roadmap/ implementation plan
MaterialsParticipants
  • Roadmap Tool
  • Cloud Operations Design Working Group

Download the Roadmap Tool

Step 2.2: Communicate changes

Participants

  • Operations Design Working Group

Outcomes

  • Build a communication plan for key stakeholders
  • Complete the communication deck Cloud Operations Organizing Framework
  • Build a roadmap

“Words, words, words.”

– Shakespeare

Communicate changes

Which stakeholders will be affected by the changes?

Decision makers: Who do you ultimately need to convince to proceed with any changes you’ve outlined?

Peers: How will managers of other areas be affected by the changes you’re proposing? If you are you suggesting changes to the way that they, or their teams, do their work, you will have to present a compelling case that there’s value in it for them.

Staff: Are you dictating changes or looking for feedback on the path forward?

The image contains a screenshot of the Five Elements of Change that is displayed in a cycle. The five elements are: What is the change? Why are we doing it? How are we going to go about it? How long will it take us? What is the role of each team and individual.

Source: The Qualities of Leadership: Leading Change

Follow these guidelines for good communication

Be relevant

  • Talk about what matters to each stakeholder group.
  • Talk about what matters to the initiative.
  • IT thinks in processes but stakeholders only care about results: talk in terms of results.
  • IT wants to be “understood” but this does not matter to stakeholders; think “what’s in it for them?”
  • Communicate truthfully; do not make false promises or hide bad news.
  • If you expect objections, create a plan to handle them.

Be clear

  • Lead with the point you’re trying to make.
  • Don’t use jargon.
  • Avoid idiomatic language and clichés.
  • Have a third party review draft communications and ask them to tell you the key messages in their own words. If they’re missing the main points, there’s a good chance the draft isn’t clear.

Be consistent

  • Ensure the core message is consistent regardless of audience, channel, or medium.
  • Changing the core message from one group to another can be interpreted as incompetence or an attempt at deception. This will damage your credibility and can lead to a loss of trust.

Be concise

  • Get to the point.
  • Minimize word count wherever possible.

“We tend to use a lot of jargon in our discussions, and that is a sure fire way to turn people away. We realized the message wasn’t getting out because the audience wasn’t speaking the same language. You have to take it down to the next level and help them understand where the needs are.”

– Jeremy Clement, Director of Finance, College of Charleston

Create a communication plan

1 hour

Fill out the table below.

Stakeholder group: Identify key stakeholders who may be impacted by changes to the operations team. This might include IT leadership, management, and staff.

Benefits: What’s in it for them?

Impact: What are we asking in return?

How: What mechanisms or channels will you use to communicate?

When: When (and how often) will you get the message out?

Benefits

Impact

How

When

IT Mgrs.

  • Improve agility, stability
  • Deliver faster against business goals
  • Respond to identified needs
  • Improve confidence in IT
  • Must support the process
  • Change and engagement issues during restructuring may affect staff engagement and productivity
  • Training budget required
  • Present at leadership meeting
  • Kick-off email
  • Sept. leadership meeting
  • Weekly touchpoints
  • Informally throughout project

Ops Staff

  • Clearer direction and clear priorities (Operations mission statement and RACI)
  • Higher-value work – address problems, contribute to plans
  • New skills and training
  • More personal accountability
  • Push toward process consistency
  • Must make time and plan for training during work hours
  • Present at operations team’s offsite meeting
  • AMA channel on Slack
  • 1:1 meetings
  • Add RACI, org. sketch to shared folder
  • Operations offsite
  • Sept. all-hands meeting
  • Ongoing coaching and informal conversations
InputOutput
  • Discussion
  • Communication Plan
MaterialsParticipants
  • Whiteboard/Flip Chart
  • Cloud Operations Design Working Group

Download the Communication Plan Template

Support the transition with a plan to acquire skills

Identify the preferred way to acquire needed skill sets: contracting, outsourcing, training, or hiring.

  • Some cloud projects will change the demand for some skills in the organization, and not all skills should be cultivated internally. Uncertainty about future skills and jobs will cause anxiety for your team and can lead to employee exit.
  • Use Info-Tech’s research to conduct a demand analysis to identify which new and critical skills should be acquired via training or hiring (rather than outsourcing or contracting).
  • Create a roadmap to clarify when training needs to be completed, a budget plan that accounts for training costs, and role descriptions that paint a picture of future work.
  • Within the confines of a collective agreement, managers may be required to retrain staff into new roles before those staff are required to do work in their new jobs. Failing to plan can be more consequential.
  • Remember that in cloud, a wealth of automation opportunities present a great option for offloading tasks as well!

Info-Tech Insight

Identify skills requirements and gaps as early as possible to avoid skills gaps later. Whether you plan to acquire skills via training or cross-training, hiring, contracting, or outsourcing, effectively building skills takes time. Use Info-Tech’s methodology to address skills gaps in a prioritized and rational way.

Involve HR for implementation

Your HR team should help you work through:

  • Which staff and managers will move to which roles, and any headcount changes.
  • Job descriptions, performance metrics, career paths, compensation, and succession planning.
  • Organizational change management and implementation plans.

When do you need to involve HR?

Role changes will result in job description changes.

  • New or changed job descriptions need to be evaluated for impact on pay, title, exempt status, career pathing, and more.
  • This is especially true in more traditional or unionized organizations that require specific and granular job descriptions of responsibilities.
  • Changed jobs will likely require union review and approval.

You anticipate changes to the reporting structure.

  • Work with HR to develop a transition plan including communications, training to new managers, and support to new teams.

You anticipate redundancies.

  • Your HR department can prepare you for difficult discussions, help you navigate labor laws, and support the offboarding process.

You anticipate new positions.

  • Recruitment and hiring takes time. Give HR advance notice to support recruitment, hiring, and onboarding to ensure you hire the right people, with the right skills, at the right time.

Training and development budget is required.

  • If training is a critical part of the onboarding process, don’t just assume funding is available. Work with HR to build your case.

Related Info-Tech Research

Define Your Cloud Vision

Define your cloud vision before it defines you.

Document Your Cloud Strategy

Drive consensus by outlining how your organization will use the cloud.

Map Technical Skills for a Changing Infrastructure & Operations Organization

Be practical and proactive – identify needed technical skills for your future-state environment and the most efficient way to acquire them.

Bibliography

“2021 GitLab DevSecOps Survey.” Gitlab, 2021.
“2022 State of the Cloud Report.” Flexera, 2022.
“DevOps.” Atlassian, ND. Web. 21 July 2022.
Atwood, Jeff. “The 2030 Self-Driving Car Bet.” Coding Horror, 4 Mar 2022. Web. 5 Aug 2022.
Campbell, Andrew. “What is an operating model?” Operational Excellence Society, 12 May 2016. Web. 13 July 2022.
“DevOps.” Atlassian, ND. Web. 21 July 2022.
Ewenstein, Boris, Wesley Smith, Ashvin Sologar. “Changing change management” McKinsey, 1 July 2015. Web. 8 April 2022.
Franco, Gustavo and Matt Brown. “How SRE teams are organized, and how to get started.” Google Cloud Blog, 26 June 2019. Web. July 13 2022.
“Get started: Build a cloud operations team.” Microsoft, 10 May 2021.
ITIL Foundation: ITIL 4 Edition. Axelos, 2019.
Humble, Jez, Joanne Molesky, and Barry O’Reilly. Lean Enterprise: How High Performance Organizations Innovate at Scale. O’Reilly Media, 2015.
Franco, Gustavo and Matt Brown. “How SRE teams are organized and how to get started.” 26 June 2019. Web. 21 July 2022.
Galbraith, Jay. “The Star Model”. ND. Web. 21 July 2022.
Kahnemanm Daniel, Dan Lovallo, and Olivier Sibony. “Before you make that big decision.” Harv Bus Rev. 2011 Jun; 89(6): 50-60, 137. PMID: 21714386.
Kesler, Greg. “Star Model of Organizational Design.” YouTube, 1 Oct 2018. Web Video. 21 Jul 2022.
Lakhani, Usman. “Site Reliability Engineering: What Is It? Why Is It Important for Online Businesses?” Info-Tech. Web. 25 May 2020.
Mansour, Sherif. “Product Management: The role and best practices for beginners.” Atlassian Agile Coach, n.d.
Murphy, Annie, Jamie Kirwin, Khalid Abdul Razak. “Operating Models: Delivering on strategy and optimizing processes.” EY, 2016.
Shults, Carlos. “What is Platform Engineering? The Concept Behind the Term.” liatrio, 3 Aug 2021. Web. 5 Aug 2022.
Sloss, Benjamin Treynor. Site Reliability Engineering Part I: Introduction. O’Reilly Media, 2017.
“SRE vs. Platform Engineering.” Ambassador Labs, 8 Feb 2021.
“The Qualities of Leadership: Leading Change.” Cornelius & Associates, n.d. Web.
“Understand cloud operating models.” Microsoft, 02 Sept. 2022.
Velichko, Ivan. “DevOps, SRE, and Platform Engineering.” 15 Mar 2022.

Research Contributors and Experts

Nenad Begovic

Executive Director, Head of IT Operations

MUFG Investor Services

Desmond Durham

Manager, ICT Planning & Infrastructure

Trinidad & Tobago Unit Trust Corporation

Virginia Roberts

Director, Enterprise IT

Denver Water

Denis Sharp

IT/LEAN Consultant

Three anonymous contributors

Modernize the Network

  • Buy Link or Shortcode: {j2store}501|cart{/j2store}
  • member rating overall impact (scale of 10): 10.0/10 Overall Impact
  • member rating average dollars saved: $16,499 Average $ Saved
  • member rating average days saved: 8 Average Days Saved
  • Parent Category Name: Network Management
  • Parent Category Link: /network-management
  • Business units, functions, and processes are inextricably intertwined with less and less tolerance for downtime.
  • Business demands change rapidly but the refresh horizon for infrastructure remains 5-7 years.
  • The number of endpoint devices the network is expected to support is growing geometrically but historic capacity planning grew linearly.
  • The business is unable to clearly define requirements, paralyzing planning.

Our Advice

Critical Insight

  • Build for your needs. Don’t fall into the trap of assuming what works for your neighbor, your peer, or your competitor will work for you.
  • Deliver on what your business knows it needs as well as what it doesn’t yet know it needs. Business leaders have business vision, but this vision won’t directly demand the required network capabilities to enable the business. This is where you come in.
  • Modern technologies are hampered by vintage processes. New technologies demand new ways of accomplishing old tasks.

Impact and Result

  • Use a systematic approach to document all stakeholder needs and rely on the network technical staff to translate those needs into design constraints, use cases, features, and management practices.
  • Spend only on those emerging technologies that deliver features offering direct benefits to specific business goals and IT needs.
  • Solidify the business case for your network modernization project by demonstrating and quantifying the hard dollar value it provides to the business.

Modernize the Network Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should modernize the enterprise network, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Assess the network

Identify and prioritize stakeholder and IT/networking concerns.

  • Modernize the Network – Phase 1: Assess the Network
  • Network Modernization Workbook

2. Envision the network of the future

Learn about emerging technologies and identify essential features of a modernized network solution.

  • Modernize the Network – Phase 2: Envision Your Future Network
  • Network Modernization Technology Assessment Tool

3. Communicate and execute the plan

Compose a presentation for stakeholders and prepare the RFP for vendors.

  • Modernize the Network – Phase 3: Communicate and Execute the Plan
  • Network Modernization Roadmap
  • Network Modernization Executive Presentation Template
  • Network Modernization RFP Template
[infographic]

Workshop: Modernize the Network

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Assess the Network

The Purpose

Understand current stakeholder and IT needs pertaining to the network.

Key Benefits Achieved

Prioritized lists of stakeholder and IT needs.

Activities

1.1 Assess and prioritize stakeholder concerns.

1.2 Assess and prioritize design considerations.

1.3 Assess and prioritize use cases.

1.4 Assess and prioritize network infrastructure concerns.

1.5 Assess and prioritize care and control concerns.

Outputs

Current State Register

2 Analyze Emerging Technologies and Identify Features

The Purpose

Analyze emerging technologies to determine whether or not to include them in the network modernization.

Identify and shortlist networking features that will be part of the network modernization.

Key Benefits Achieved

An understanding of what emerging technologies are suitable for including in your network modernization.

A prioritized list of features, aligned with business needs, that your modernized network must or should have.

Activities

2.1 Analyze emerging technologies.

2.2 Identify features to support drivers, practices, and pain points.

Outputs

Emerging technology assessment

Prioritize lists of modernized network features

3 Plan for Future Capacity

The Purpose

Estimate future port, bandwidth, and latency requirements for all sites on the network.

Key Benefits Achieved

Planning for capacity ensures the network is capable of delivering until the next refresh cycle and beyond.

Activities

3.1 Estimate port, bandwidth, and latency requirements.

3.2 Group sites according to capacity requirements.

3.3 Create standardized capacity plans for each group.

Outputs

A summary of capacity requirements for each site in the network

4 Communicate and Execute the Plan

The Purpose

Create a presentation to pitch the project to executives.

Compose key elements of RFP.

Key Benefits Achieved

Communication to executives, summarizing the elements of the modernization project that business decision makers will want to know, in order to gain approval.

Communication to vendors detailing the network solution requirements so that proposed solutions are aligned to business and IT needs.

Activities

4.1 Build the executive presentation.

4.2 Compose the scope of work.

4.3 Compose technical requirements.

Outputs

Executive Presentation

Request for Proposal/Quotation

Improve IT Governance to Drive Business Results

  • Buy Link or Shortcode: {j2store}190|cart{/j2store}
  • member rating overall impact (scale of 10): 9.3/10 Overall Impact
  • member rating average dollars saved: $194,553 Average $ Saved
  • member rating average days saved: 32 Average Days Saved
  • Parent Category Name: IT Governance, Risk & Compliance
  • Parent Category Link: /it-governance-risk-and-compliance
  • IT governance is the number-one predictor of value generated by IT, yet many organizations struggle to organize their governance effectively.
  • Current IT governance does not address the changing goals, risks, or context of the organization, so IT spend is not easily linked to value.
  • The right people are not making the right decisions about IT.

Our Advice

Critical Insight

  • Organizations do not have a governance framework in place that optimally aligns IT with the business objectives and direction.
  • Implementing IT governance requires the involvement of key business stakeholders who do not see IT’s value in corporate governance and strategy.
  • The current governance processes are poorly designed, making the time to decisions too long and driving non-compliance.

Impact and Result

  • Use Info-Tech’s four-step process to optimize your IT governance framework.
  • Our client-tested methodology supports the enablement of IT-business alignment, decreases decision-making cycle times, and increases IT’s transparency and effectiveness in decisions around benefits realization, risks, and resources.
  • Successful completion of the IT governance redesign will result in the following outcomes:
    1. Align IT with the business context.
    2. Assess the current governance framework.
    3. Redesign the governance framework.
    4. Implement governance redesign.

Improve IT Governance to Drive Business Results Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should redesign IT governance, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Align IT with the business context

Align IT’s direction with the business using the Statement of Business Context.

  • Redesign IT Governance to Drive Optimal Business Results – Phase 1: Align IT With the Business Context
  • Make the Case for an IT Governance Redesign
  • Stakeholder Power Map Template
  • IT Governance Stakeholder Communication Planning Tool
  • PESTLE Analysis Template
  • Business SWOT Analysis Template
  • Statement of Business Context Template

2. Assess the current governance framework

Evaluate the strengths and weaknesses of current governance using the Current State Assessment.

  • Redesign IT Governance to Drive Optimal Business Results – Phase 2: Assess the Current Governance Framework
  • Current State Assessment of IT Governance

3. Redesign the governance framework

Build a redesign of the governance framework using the Future State Design template.

  • Redesign IT Governance to Drive Optimal Business Results – Phase 3: Redesign the Governance Framework
  • Future State Design for IT Governance
  • IT Governance Terms of Reference

4. Implement governance redesign

Create an implementation plan to jump-start the communication of the redesign and set it up for success.

  • Redesign IT Governance to Drive Optimal Business Results – Phase 4: Implement Governance Redesign
  • Redesign IT Governance to Drive Optimal Business Results Executive Presentation Template
  • IT Governance Implementation Plan
[infographic]

Workshop: Improve IT Governance to Drive Business Results

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Identify the Need for Governance

The Purpose

Identify the need for governance in your organization and engage the leadership team in the redesign process.

Key Benefits Achieved

Establish an engagement standard for the leadership of your organization in the IT governance redesign.

Activities

1.1 Identify stakeholders.

1.2 Make the case for improved IT governance.

1.3 Customize communication plan.

Outputs

Stakeholder Power Map

Make the Case Presentation

Communication Plan

2 Align IT With the Business Context

The Purpose

Create a mutual understanding with the business leaders of the current state of the organization and the state of business it is moving towards.

Key Benefits Achieved

The understanding of the business context will provide an aligned foundation on which to redesign the IT governance framework.

Activities

2.1 Review documents.

2.2 Analyze frameworks.

2.3 Conduct brainstorming.

2.4 Finalize the Statement of Business Context.

Outputs

PESTLE Analysis

SWOT Analysis

Statement of Business Context

3 Assess the Current Governance Framework

The Purpose

Establish a baseline of the current governance framework.

Key Benefits Achieved

Develop guidelines based off results from the current state that will guide the future state design.

Activities

3.1 Create committee profiles.

3.2 Build governance structure map.

3.3 Establish governance guidelines.

Outputs

Current State Assessment

4 Redesign the Governance Framework

The Purpose

Redesign the governance structure and the committees that operate within it.

Key Benefits Achieved

Build a future state of governance where the relationships and processes that are built drive optimal business results.

Activities

4.1 Build governance structure map.

4.2 Create committee profiles.

Outputs

Future State Design

IT Governance Terms of Reference

5 Implement Governance Redesign

The Purpose

Build a roadmap for implementing the governance redesign.

Key Benefits Achieved

Create a transparent and relationship-oriented implementation strategy that will pave the way for a successful redesign implementation.

Activities

5.1 Identify next steps for the redesign.

5.2 Establish communication plan.

5.3 Lead executive presentation.

Outputs

Implementation Plan

Executive Presentation

Further reading

Improve IT Governance to Drive Business Results

Avoid bureaucracy and achieve alignment with a minimalist approach.

ANALYST PERSPECTIVE

Governance optimization is achieved where decision making, authority, and context meet.

"Governance is something that is done externally to IT and well as internally by IT, with the intention of providing oversight to direct the organization to meet goals and keep things on target.

Optimizing IT governance is the most effective way to consistently direct IT spend to areas that provide the most value in producing or supporting business outcomes, yet it is rarely done well.

IT governance is more than just identifying where decisions are made and who has the authority to make them – it must also provide the context and criteria under which decisions are made in order to truly provide business value" (Valence Howden, Director, CIO Practice Info-Tech Research Group)

Our understanding of the problem

This Research is Designed For:

  • CIOs
  • CTOs
  • IT Directors

This Research Will Help You:

  • Achieve and maintain executive and business support for optimizing IT governance.
  • Optimize your governance structure.
  • Build high-level governance processes.
  • Build governance committee charters and set accountability for decision making.
  • Plan the transition to the optimized governance structure and processes.

This Research Will Also Assist:

  • Executive Leadership
  • IT Managers
  • IT Customers
  • Project Managers

This Research Will Help Them:

  • Improve alignment between business decisions and IT initiatives.
  • Establish a mechanism to validate, redirect, and reprioritize IT initiatives.
  • Realize greater value from more effective decision making.
  • Receive a better overall quality of service.

Executive Summary

Situation

  • IT governance is the #1 predictor of value generated by IT, yet many organizations struggle to organize their governance effectively.*
  • Current IT governance does not address the changing goals, risks, or context of the organization so IT spend is not easily linked to value.
  • The right people are not making the right decisions about IT.

Complication

  • Organizations do not have a governance framework in place that optimally aligns IT with the business objectives and direction.
  • Implementing IT governance requires the involvement of key business stakeholders who do not see IT’s value in governance and strategy.
  • The current governance processes are poorly designed, creating long decision-making cycles and driving non-compliance with regulation.

Resolution

  • Use Info-Tech’s four-step process for optimizing your IT governance framework. Our client-tested methodology supports the enablement of IT-business alignment, decreases decision-making cycle times, and increases IT’s transparency and effectiveness in making decisions around benefits realization, risks, and resources.
  • Successful completion of the IT governance redesign will result in the following outcomes:
    1. Align IT with the business context.
    2. Assess the current governance framework.
    3. Redesign the governance framework.
    4. Implement governance redesign.

Info-Tech Insight

  • Establish IT-business fusion. In governance, alignment is not enough. Merge IT and the business through governance to ensure business success.
  • With great governance comes great responsibility. Involve relevant business leaders, who will be impacted by IT outcomes, to take on governing responsibility of IT.
  • Let IT manage and the business govern. IT governance should be a component of enterprise governance, allowing IT leaders to focus on managing.

IT governance is...

An enabling framework for decision-making context and accountabilities for related processes.

A means of ensuring business-IT collaboration, leading to increased consistency and transparency in decision making and prioritization of initiatives.

A critical component of ensuring delivery of business value from IT spend and driving high satisfaction with IT.

IT governance is not...

An annoying, finger-waving roadblock in the way of getting things done.

Limited to making decisions about technology.

Designed tacitly; it is purposeful, with business objectives in mind.

A one-time project; you must review and revalidate the efficiency.

Avoid common misconceptions of IT governance

Don’t blur the lines between governance and management; each has a unique role to play. Confusing these results in wasted time and confusion around ownership.

Governance

A cycle of 'Governance Processes' and 'Management Processes'. On the left side of the cycle 'Governance Processes' begins with 'Evaluate', then 'Direct', then 'Monitor'. This leads to 'Management Processes' on the right side with 'Plan', 'Build', 'Run', and 'Monitor', which then feeds back into 'Evaluate'.

Management

IT governance sets direction through prioritization and decision making, and monitors overall IT performance.

Governance aligns with the mission and vision of the organization to guide IT.

Management is responsible for executing on, operating, and monitoring activities as determined by IT governance.

Management makes decisions for implementing based on governance direction.

The IT Governance Framework

An IT governance framework is a system that will design structures, processes, authority definitions, and membership assignments that lead IT toward optimal results for the business.

Governance is performed in three ways:
  1. Evaluate

    Governance ensures that business goals are achieved by evaluating stakeholder needs, criteria, metrics, portfolio, risk, and definition of value.
  2. Direct

    Governance sets the direction of IT by delegating priorities and determining the decisions that will guide the IT organization.
  3. Monitor

    Governance establishes a framework to monitor performance, compliance to regulation, and progress on expected outcomes.

"Everyone needs good IT, but no one wants to talk about it. Most CFOs would rather spend time with their in-laws than in an IT steering-committee meeting. But companies with good governance consistently outperform companies with bad. Which group do you want to be in?" (Martha Heller, President, Heller Search Associates)

Create impactful IT governance by embedding it within enterprise governance

The business should engage in IT governance and IT should influence the direction of the business.

Enterprise Governance

IT Governance

Authority for enterprise governance falls to the board and executive management.

Responsibilities Include:
  • Provide strategic direction for the organization.
  • Ensure objectives are met.
  • Set the risk standards or profile.
  • Delegate resources responsibly.
–› Engage in –›

‹– Influence ‹–

Governance of IT is a component of enterprise governance.

Responsibilities Include:
  • Build structure, authority, process, and membership designations in a governance framework.
  • Ensure the IT organization is aligned with business goals.
  • Influence the direction of the business to ensure business success.

Identify signals of sub-optimal IT governance within any of these domains

If you notice any of these signals, governance redesign is right for you!

Inability to Realize Benefits

  1. IT is unable to articulate the value of its initiatives or spend.
  2. IT is regularly delegated unplanned projects.
  3. The is no standard approach to prioritization.
  4. Projects do not meet target metrics.

Resource Misallocation

  1. Resources are wasted due to duplication or overlap in IT initiatives.
  2. IT projects fail at an unacceptable rate, leading to wasted resources.
  3. IT’s costs continue to increase without reciprocal performance increase.

Misdiagnosed Risks

  1. Risk appetite is incorrectly identified or not identified at all.
  2. Disagreement on the approach to risk in the organization.
  3. Increasing rate of IT incidents related to risk.
  4. IT is failing to meet regulatory requirements.

Dissatisfied Stakeholders

  1. There are no ways to measure stakeholder satisfaction with IT.
  2. Business strategies and IT strategies are misaligned.
  3. IT’s relationship with key stakeholders is unstable and there is a lack of mutual trust.

A majority of organizations experience significant alignment gaps

The majority of organizations and their key stakeholders experience highly visible gaps in the alignment of IT investments and organizational goals.

There are two bars with percentages of their length marked out for different CXO responses. The possible responses are from '1, Critical Gap' to '7, No Gap'. The top bar says '57% of CXOs identify a major gap in IT's ability to support business goals', and shows 13% answered '1, Critical Gap', 22% answered '2', and 22% answered '3'. The bottom bar says '84% of CXOs often perceive that IT is investing in areas that do not support the business' and shows 38% answered '1, Critical Gap', 33% answered '2', and 13% answered '3'.

88% of CIOs believe that their governance is not effective. (Info-Tech Diagnostics)

Leverage governance as the catalyst for connecting IT and the business

49% of firms are misaligned on current performance expectations for IT.

  • 49% Misaligned
  • 51% Aligned

67% of firms are misaligned on the target role for IT.

  • 34% Highly Misaligned
  • 33% Somewhat Misaligned
  • 33% Aligned

A well-designed IT governance framework will hep you to:

  1. Make sure IT keeps up with the evolving business context.
  2. Align IT with the mission and the vision of the organization.
  3. Optimize the speed and quality of decision making.
  4. Meet regulatory and compliance needs in the external environment.
  5. (Info-Tech Diagnostics)

Align with business goals through governance to attain business-IT fusion

Create a state of business-IT fusion, in which the two become one.

Without business-IT fusion, IT will go in a different direction, leading to a divergence of purpose and outcomes. IT can transform into a fused partner of the business by ensuring that they govern toward the same goal.

Firefighter
  • Delivers lower value
  • Duplication of effort
  • Unclear risk profile
  • High risk exposure
Three sets of arrows, each pointing upward and arranged in an ascending stair pattern. The first, lowest set of arrows has a large blue arrow with a small green arrow veering off to the side, unaligned. The second, middle set of arrows has a large blue arrow with a medium green arrow overlaid on its center, somewhat aligned. The third, highest set of arrows has half of a large blue arrow, and the other half is a large green arrow, aligned. Business Partner
  • Increased speed of decision making
  • Aligned with business priorities
  • Optimized utility of people, financial, and time resources
  • Monitors and mitigates risk and compliance issues

Redesign IT governance in accordance with COBIT and proven good practice

Info-Tech’s approach to governance redesign is rooted in COBIT, the world-class and open-source IT governance standard.

COBIT begins with governance, EDM – Evaluate, Direct, and Monitor.

We build upon these standards with industry best practices and add a practical approach based on member feedback.

This blueprint will help you optimize your governance framework.

The upper image is a pyramid with 'Info-Tech Insights, Analysts, Experts, Clients' on top, 'IT Governance Best Practices' in the middle, and 'COBIT 5' on the bottom, indicating that Info-Tech's Governance guidance is based in COBIT 5. 'This project will focus on EDM01, Set/Maintain Governance Framework.'

Use Info-Tech’s approach to implementing an IT governance redesign

The four phases of Info-Tech’s governance redesign methodology will help you drive greater value for the business.

  1. Align IT With the Business Context
    Align IT’s direction with the business using the Statement of Business Context Template.
  2. Assess the Current Governance Framework
    Evaluate the strengths and weaknesses of current governance using the Current State Assessment of IT Governance.
  3. Redesign the Governance Framework
    Build a redesign of the governance framework using the Future State Design for IT Governance tool.
  4. Implement Governance Redesign
    Create an IT Governance Implementation Plan to jumpstart the communication of the redesign and set it up for success.
  5. Continuously assess your governance framework to ensure alignment.

Leverage Info-Tech’s insights for an optimal redesign process

Common Pitfalls

Info-Tech Solutions

Phase 1

There must be an active understanding of the current and future state of the business for governance to address the changing needs of the business. –›
  1. Make the case for a governance redesign.
  2. Create a custom communication plan to facilitate support.
  3. Establish a collectively agreed upon statement of business context.

Phase 2

Take a proactive approach to revising your governance framework. Understand why you are making decisions before actually making them. –›
  1. Conduct the IT governance current state assessment.
  2. Create governance guidelines for redesign.

Phase 3

Keep the current and future goals in sight to build an optimized governance framework that maintains the minimum bar of oversight required. –›
  1. Redesign the future state of IT governance in your organization.

Phase 4

Don’t overlook the politics and culture of your organization in redesigning your governance framework. –›
  1. Rationalize steps in an implementation plan.
  2. Outline a communication strategy to navigate culture and politics.
  3. Construct an executive presentation to facilitate transparency for the governing framework.

Leverage both COBIT and Info-Tech-defined metrics to evaluate the success of your redesign

These metrics will help you determine the extent to which your governance is supporting your business goals, and whether the governance in place promotes business-IT fusion.

Benefits Realization

  1. Percent of IT-enabled investments where benefit realization is monitored through the full economic life. (COBIT-defined metric)
  2. Percent of enterprise strategic goals and requirements supported by IT strategic goals. (COBIT-defined metric)
  3. Percent of IT services where expected benefits are realized or exceeded. (COBIT-defined metric)

Resources

  1. Satisfaction level of business and IT executives with IT-related costs and capabilities. (COBIT-defined metric)
  2. Average time to turn strategic IT objectives into an agreed-upon and approved initiative. (COBIT-defined metric)
  3. Number of deviations from resource utilization plan.

Risks

  1. Number of security incidents causing financial loss, business disruption, or public embarrassment. (COBIT-defined metric)
  2. Number of issues related to non-compliance with policies. (COBIT-defined metric)
  3. Percentage of enterprise risk assessments that include IT-related risks. (COBIT-defined metric)
  4. Frequency with which the risk profile is updated. (COBIT-defined metric)

Stakeholders

  1. Change in score of alignment with the scope of the planned portfolio of programs and services (using CIO-CXO Alignment Diagnostic).
  2. Percent of executive management roles with clearly defined accountabilities for IT decisions. (COBIT-defined metric)
  3. Percent of business stakeholders satisfied that IT service delivery meets agreed-upon service levels. (COBIT-defined metric)
  4. Percent of key business stakeholders involved in IT governance.

Capture monetary value by establishing and monitoring key metrics

While benefits of governance are often qualitative, the power of effective governance can be demonstrated through quantitative financial gains.

Scenario 1 – Realizing Expected Gains

Scenario 2 – Mitigating Unexpected Losses

Metric

Track the percentage of initiatives that provided expected ROI year over year. The optimization of the governance framework should generate an increase in this metric. Monitor this metric for continuous improvement opportunities. Track the financial losses related to non-compliance with policy or regulation. An optimized governance framework should better protect the organization against policy breach and mitigate the possibility and impact of “rogue” actions.

Formula

ROI of all initiatives / number of initiatives in year 2 – ROI of all initiatives / number of initiatives in year 1

The expected result should be positive.

Cost of non-compliance in year 2 – cost of non-compliance in year 1

The expected result should be negative.

Redesign IT governance to achieve optimal business outcomes

CASE STUDY

Industry: Healthcare
Source: Info-Tech

Situation

The IT governance had been structured based on regulations and had not changed much since it was put in place. However, a move to become an integration and service focused organization had moved the organization into the world of web services, Agile development, and service-oriented architecture.

Complication

The existing process was well defined and entrenched, but did not enable rapid decision making and Agile service delivery. This was due to the number of committees where initiatives were reviewed, made worse by their lack of approval authority. This led to issues moving initiatives forward in the timeframes required to meet clinician needs and committed governmental deadlines.

In addition, the revised organizational mandate had created confusion regarding the primary purpose and function of the organization and impacted the ability to prioritize spend on a limited budget.

To complicate matters further, there was political sensitivity tied to the membership and authority of different governing committees.

Result:

The CEO decided that a project would be initiated by the Enterprise Architecture Group, but managed by an external consultant to optimize and restructure the governance within the organization.

The purpose of using the external consultant was to help remove internal politics from the discussion. This allowed the organization to establish a shared view of the organization’s revised mission and IT’s role in its execution.

The exercise led to the removal of one governing committee and the merger of two others, modification to committee authority and membership, and a refined decision-making context that was agreed to by all parties.

The redesigned governance process led to a 30% reduction in cycle time from intake to decision, and a 15% improvement in alignment of IT spend with strategic priorities.

Use these icons to help direct you as you navigate this research

Use these icons to help guide you through each step of the blueprint and direct you to content related to the recommended activities.

A small monochrome icon of a wrench and screwdriver creating an X.

This icon denotes a slide where a supporting Info-Tech tool or template will help you perform the activity or step associated with the slide. Refer to the supporting tool or template to get the best results and proceed to the next step of the project.

A small monochrome icon depicting a person in front of a blank slide.

This icon denotes a slide with an associated activity. The activity can be performed either as part of your project or with the support of Info-Tech team members, who will come onsite to facilitate a workshop for your organization.

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

Guided Implementation

Workshop

Consulting

"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

Diagnostics and consistent frameworks used throughout all four options

Redesign IT Governance – project overview

Align IT With the Business Context

Assess the Current State

Redesign Governance

Implement Redesign

Supporting Tool icon

Best-Practice Toolkit

1.1 Identify Stakeholders
1.2 Make the Case
1.3 Present to Executives
1.4 Customize Comm. Plan
1.5 Review Documents
1.6 Analyze Frameworks
1.7 Conduct Brainstorming
1.8 Finalize the SoBC
2.1 Create Committee Profiles

2.2 Build a Governance Structure Map

2.3 Establish Governance Guidelines

3.1 Build Governance Structure Map

3.2 Create Committee Profiles

3.3 Leverage Process Specific Governance Blueprints

4.1 Identify Next Steps for the Redesign

4.2 Establish Communication Plan

4.3 Lead Executive Presentation

Guided Implementations

  • Move towards gaining buy-in from the business if necessary. Then identify the major components of the SoBC.
  • Review SoBC and discuss a strategy to engage key stakeholders in the redesign.
  • Explore the process of identifying the four major elements of governance. Build guidelines for the future state.
  • Review the current state of governance and discuss the implications and guidelines.
  • Identify the changes that will need to be made.
  • Review redesigned structure and authority.
  • Review redesigned process and membership.
  • Discuss and review the implementation plan.
  • Prepare the presentation for the executives. Provide support on any final questions.
Associated Activity icon

Onsite Workshop

Module 1:
Align IT with the business context
Module 2:
Assess the current governance framework
Module 3:
Redesign the governance framework
Module 4:
Implement governance redesign
Phase 1 Results:
  • Align IT’s direction with the business.
Phase 2 Results:
  • Evaluate the strengths and weaknesses of current governance and build guidelines.
Phase 3 Results:
  • Establish a redesign of the governance framework.
Phase 4 Results:
  • Create an implementation plan for the communication of the redesign.

Workshop overview

Contact your account representative or email Workshops@InfoTech.com for more information.

Workshop Day 1

Workshop Day 2

Workshop Day 3

Workshop Day 4

Workshop Day 5

Task – Identify the Need for Governance Task – Align IT with the Business Context Task – Assess the Current State Task – Redesign Governance Framework Task – Implement Governance Redesign

Activities

  • 1.1 Identify Stakeholders
  • 1.2 Make the Case
  • 1.3 Present to Executives
  • 1.4 Customize Communication Plan
  • 2.1 Review Documents
  • 2.2 Analyze Frameworks
  • 2.3 Conduct Brainstorming
  • 2.4 Finalize the Statement of Business Context
  • 3.1 Create Committee Profiles
  • 3.2 Build Governance Structure Map
  • 3.3 Establish Governance Guidelines
  • 4.1 Build Governance Structure Map
  • 4.2 Create Committee Profiles
  • 4.3 Leverage Process Specific Governance Blueprints
  • 5.1 Identify Next Steps for the Redesign
  • 5.2 Establish Communication Plan
  • 5.3 Lead Executive Presentation

Deliverables

  1. Make the Case Presentation
  2. Stakeholder Power Map Template
  3. Communication Plan
  1. PESTLE Analysis
  2. SWOT Analysis
  3. Statement of Business Context
  1. Current State Assessment
  1. Future State Design Tool
  2. IT Governance Terms of Reference
  1. Implementation Plan
  2. Executive Presentation

Improve IT Governance to Drive Business Results

PHASE 1

Align IT With the Business Context

Phase 1 outline

Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

Guided Implementation 1: Align IT With the Business Context

Proposed Time to Completion: 2-4 weeks
Step 1.1: Identify the Need for Governance Step 1.2: Create the Statement of Business Context
Start with an analyst kick-off call:
  • Understand the core concepts of IT governance.
  • Create a strategy for key stakeholder support.
  • Identify key communication milestones.
Review findings with analyst:
  • Identify and discuss the process of engaging senior leadership.
  • Review findings from business analysis.
  • Review diagnostic and interview outcomes.
Then complete these activities…
  • Identify stakeholders.
  • Make the case to executives.
  • Build a communication plan.
Then complete these activities…
  • Review business documents.
  • Review the PESTLE and SWOT analyses.
  • Analyze outcomes of CIO-CEO Alignment Diagnostic.
  • Complete the Statement of Business Context.
With these tools & templates:
  • Make the Case for an IT Governance Redesign
  • Stakeholder Power Map Template
  • IT Governance Stakeholder Communication Planning Tool
With these tools & templates:
  • PESTLE Analysis Template
  • Business SWOT Analysis Template
  • CIO-CEO Alignment Diagnostic
  • Statement of Business Context Template

Phase 1: Align IT With the Business Context

1 2 3 4
Align IT With the Business Context Assess the Current Governance Framework Redesign the Governance Framework Implement Governance Redesign

Activities:

  • 1.1 Identify Stakeholders
  • 1.2 Customize Make the Case Presentation
  • 1.3 Present to Executives
  • 1.4 Customize Communication Plan
  • 1.5 Review Business Documents
  • 1.6 Analyze Business Frameworks
  • 1.7 Conduct Brainstorming Efforts
  • 1.8 Finalize the SoBC

Outcomes:

  • Make the case for a governance redesign.
  • Create a custom communication plan to facilitate support for the redesign process.
  • Establish a collectively agreed upon statement of business context.

Set up business-driven governance by gaining an understanding of the business context

Fuse IT with the business by establishing a common context of what the business is trying to achieve. Align IT with the business by developing an understanding of the business state, creating a platform to build a well-aligned governance framework.

"IT governance philosophies can no longer be a ‘black box’ … IT governance can no longer be ignored by senior executives." (Iskandar and Mohd Salleh, University of Malaya, International Journal of Digital Society)

Info-Tech Insight

Get consensus on the changing state of business. There must be an active understanding of the current and future state of the business for governance to address the changing needs of the business.

The source for the governance redesign directive will dictate the route for attaining leadership buy-in

"Without an awareness of IT governance, there is no chance that it will be followed … The higher the percentage of managers who can describe your governance, the higher the governance performance." (Jeanne Ross, Director, MIT Center for Information Systems Research)

The path you will choose for your governance buy-in tactics will be based on the original directive to redesign governance.

Enterprise Directive.
In the case that the redesign is an enterprise directive, jump directly to building a communication plan.

IT Directive.
In the case that the redesign is an IT directive, make the case to get the business on board.

Use the Make the Case presentation template to get buy-in from the business

Supporting Tool icon 1A Convince senior management to redesign governance

INSTRUCTIONS

  1. Identify Stakeholders
    Determine which business stakeholders will be impacted or involved in the redesign process.
  2. Customize the Presentation
    Identify specific pain points regarding IT-business alignment.
  3. Present to Executives
    Present the make the case presentation.

Info-Tech Best Practice

Use the Make the Case customizable deliverable to lead a boardroom-quality presentation proving the specific need for senior executive involvement in the governance redesign.

Determine which business stakeholders will be impacted or involved in the redesign process

Associated Activity icon 1.1 Identify the stakeholders for the IT governance redesign

It is vital to identify key business and IT stakeholders before the IT governance redesign has begun. Consider whose input and influence will be necessary in order to align with the business context and redesign the governance framework accordingly.

Business

  • Shareholders
  • Board
  • Chief Executive Officer
  • –› Example: the CEO wants to know how IT will support the achievement of strategic corporate objectives.
  • Chief Financial Officer
  • Chief Operating Officer
  • Business Executives
  • Business Process Owners
  • Strategy Executive Committee
  • Chief Risk Officer
  • Chief Information Security Officer
  • Architecture Board
  • Enterprise Risk Committee
  • Head of Human Resources
  • Compliance
  • Audit

IT

  • Chief Information Officer
  • –› Example: the CIO would like validation from the business with regards to prioritization criteria.
  • Head Architect
  • Head of Development
  • Head of IT Operations
  • Head of IT Administration
  • Service Manager
  • Information Security Manager
  • Business Continuity Manager
  • Privacy Officer

External

  • Government Agency
  • –› Example: some governments mandate that organizations develop and implement an IT governance framework.
  • Audit Firm

Build a power map to prioritize stakeholders

Associated Activity icon 1.1 2-4 hours

Stakeholders may have competing concerns – that is, concerns that cannot be addressed with one solution. The governance redesigner must prioritize their time to address the concerns of the stakeholders who have the most power and who are most impacted by the IT governance redesign.

Draw a stakeholder power map to visualize the importance of various stakeholders and their concerns, and to help prioritize your time with those stakeholders.

  • Power: How much influence does the stakeholder have? Enough to drive the project forward or into the ground?
  • Involvement: How interested is the stakeholder? How much involvement does the stakeholder have in the project already?
  • Impact: To what degree will the stakeholder be impacted? Will this significantly change the job?
  • Support: Is the stakeholder a supporter of the project? Neutral? A resistor?
A power map of stakeholders with two axes and four quadrants. The vertical axis is 'Low Power' on the bottom and 'High Power' on top. The horizontal axis is 'Low Involvement' on the left and 'High Involvement' on the right. The top left quadrant is labeled 'Keep satisfied' and contains 'CFO', a Strongly Impacted Resistor, and 'COO', a Weakly Impacted Resistor. The top right quadrant is labeled 'Key Players' and contains 'CIO' and 'CEO', both Strongly Impacted Supporters. The bottom left quadrant is labeled 'Minimal effort' and contains 'Marketing Head', a Weakly Impacted Neutral, and 'Production Head', a Moderately Impacted Neutral. The bottom right quadrant is labeled 'Keep informed' and contains 'Director of Ops', a Strongly Impacted Supporter, and 'Chief Architect', a Strongly Impacted Neutral.

Download Info-Tech’s Stakeholder Power Map Template to help you visualize your key stakeholders.

Build a power map to prioritize stakeholders

Associated Activity icon 1.1

It is important to identify who will be impacted and who has power, and the level of involvement they have in the governance redesign. If they have power, will be highly impacted, and are not involved in governance, you have already lost – because they will resist later. You need to get them involved early.

  • Focus on key players – relevant stakeholders who have high power, are highly impacted, and should have a high level of involvement.
  • Engage the stakeholders that are impacted most and have the power to impede the success of redesigning IT governance.
    • For example, if a CFO, who has the power to block project funding, is heavily impacted and not involved, the IT governance redesign success will be put at risk.
  • Some stakeholders may have influence over others so you should focus your efforts on the influencer rather than the influenced.
    • For example, if an uncooperative COO is highly influenced by the Director of Operations, it is recommended to engage the latter.

The same power map of stakeholders with two axes and four quadrants, but with focus points and notes. The vertical axis is 'Low Power' on the bottom and 'High Power' on top. The horizontal axis is 'Low Involvement' on the left and 'High Involvement' on the right. The top left quadrant is labeled 'Keep satisfied' and contains 'CFO', a Strongly Impacted Resistor, and 'COO', a Weakly Impacted Resistor, as well as a dotted line moving 'CFO' to the top right quadrant with the note 'A) needs to be engaged'. The top right quadrant is labeled 'Key Players' and contains 'CIO' and 'CEO', both Strongly Impacted Supporters, as well as the new required position of 'CFO'. The bottom left quadrant is labeled 'Minimal effort' and contains 'Marketing Head', a Weakly Impacted Neutral, and 'Production Head', a Moderately Impacted Neutral. The bottom right quadrant is labeled 'Keep informed' and contains 'Director of Ops', a Strongly Impacted Supporter, and 'Chief Architect', a Strongly Impacted Neutral, as well as a line from 'Director of Ops' to 'COO' in the top left quadrant with a note that reads 'B) Influences'.

Identify specific pain points regarding business-IT alignment

Associated Activity icon 1.2 2-4 hours

INPUT: Signal Questions, CIO-CXO Alignment Diagnostic

OUTPUT: List of Categorized Pain Points

Materials: Make the Case for an IT Governance Redesign

Participants: Identified Key Business Stakeholders

  1. Consider Signals for Redesign
    Refer to the Executive Brief for questions to identify pain points related to governance.
    • Benefits Realization
    • Resources
    • Risks
    • Stakeholders
  2. Conduct CIO-CEO Alignment Diagnostic
    Assess the current state of alignment between the CIO and the major stakeholders of the organization.

See the CEO-CIO Alignment Program for more information.

Conduct the CEO-CIO Alignment Diagnostic

Why CEO-CIO Alignment?

The CEO-CIO Alignment Program helps you understand the gaps between what the CEO wants for IT and what the CIO wants for IT. The program will also evaluate the current state of IT, from a strategic and tactical perspective, based on the CEO’s opinion.

The CEO-CIO Alignment Program helps to:

  • Evaluate how the executive leadership currently feels about the IT organization’s performance along the following dimensions:
    • IT budgeting and staffing
    • IT strategic planning
    • Degree of project success
    • IT-business alignment
  • Answer the question, “What does the CEO want from IT?”
  • Understand the CEO’s perception of and vision for IT in the business.
  • Define the current and target roles for IT. Understanding IT’s current and target roles, in the eyes of the CEO, is crucial to creating IT governance. By focusing the IT governance on achieving the target role, you will ensure that the senior leadership will support the implementation of the IT governance.

To conduct the CEO-CIO Alignment Program, follow the steps outlined below.

  1. Select the senior business leader to participate in the program. While Info-Tech suggests that the CEO participate, you might have other senior stakeholders who should be involved.
  2. Send the survey link to your senior business stakeholder and ensure the survey’s completion.
  3. Complete your portion of the survey.
  4. Hold a meeting to discuss the results and document your findings.

See the CEO-CIO Alignment Program for more information.

Present the “Make the Case” for IT governance redesign

Associated Activity icon 1.3 30 minutes

  1. Review Finalized Stakeholder List
    Consolidate a list of the most important and impactful stakeholders who need further convincing to participate in the governance redesign and implementation.
  2. Present the Deck
    Include the information gathered throughout the discovery into the presentation deck and hold a meeting to review the findings.

Business

  • Shareholders
  • Board
  • Chief Executive Officer
  • Chief Financial Officer
  • Chief Operating Officer
  • Business Executives
  • Strategy Executive Committee
  • Chief Risk Officer
  • Architecture Board
  • Enterprise Risk Committee
  • Head of Human Resources
  • Compliance

IT

  • Chief Information Officer

External

  • Government Agency
  • Audit Firm

Use the Make the Case for an IT Governance Redesign template for more information.

Create a custom communication plan to facilitate support for the redesign process

Supporting Tool icon 1B Create a plan to engage the key stakeholders

INSTRUCTIONS

  1. Identify Stakeholders
    Determine which business stakeholders will be involved (refer to Activity 1.1).
  2. Customize Communication Plan
    Follow up with individual communication plans.

Info-Tech Best Practice

Create personal communication plans to provide individualized engagement, instead of assuming that everyone will respond to the same communication style.

Download the IT Governance Stakeholder Communication Planning Tool for more information.

Create a communication plan to engage key stakeholders

Associated Activity icon 1.4 1 hour
  1. Input Stakeholders
    Determine which business stakeholders will be involved (refer to Activity 1.1). Then, insert their position on the power map, the rationale to inform them, the timing of communications, and what inputs they will be needed to provide.

    Stakeholder role

    Power map position

    Why inform them

    When to inform them

    What we need from them

    Chief Executive Officer
    Chief Financial Officer
    Chief Operating Officer
  2. Identify Communication Strategy
    Outline the most effective communication plan for that stakeholder. Identify how to best communicate to the stakeholders to make sure they are appropriately engaged in the redesign process.

    Vehicle

    Audience

    Purpose

    Frequency

    Owner

    Distribution

    Level of detail

    Status Report IT Managers Project progress and deliverable status Weekly CIO, John Smith Email Details for milestones, deliverables, budget, schedule, issues, next steps
    Status Report Marketing Manager Project progress Monthly CIO, John Smith Email High-level detail for major milestone update and impact to the marketing unit

Establish a collectively agreed upon statement of business context (SoBC)

Supporting Tool icon 1C Document the mutual understanding of the business context

INSTRUCTIONS

  1. Review Business Documents
    Review business documents from broad areas of the business to assess the business context.
  2. Analyze Business Frameworks
    Analyze business frameworks to articulate the current and projected future business context.
  3. Brainstorm With Key Stakeholders
    Conduct stakeholder brainstorming efforts to gain insights from key business stakeholders.
  4. Finalize the SoBC
    Document and sign the SoBC with identified stakeholders.

Info-Tech Best Practice

Use the Statement of Business Context customizable deliverable as a point of reference that will guide the direction of the governance redesign.

Use the Statement of Business Context to identify the critical information needed to guide governance

Components of the SoBC

  1. Mission
    • Who are you as an organization?
    • Who are your internal and external customers?
    • What are your core business functions?

    Example (Higher Education)
    Nurture global leaders and provide avenues for intellectual exploration.
  2. Vision
    • Is your vision statement future-facing?
    • Is your vision statement concise?
    • Is your vision statement achievable?
    • Does your vision statement involve change?

    Example
    Be a catalyst for creating the future leaders of tomorrow through dynamic and immersive educational experiences. The university will be recognized for being a prestigious innovative research hub and educational institution.
Sample of Info-Tech's Statement of Business Context Template with the Mission and Vision Statements.

Use the Statement of Business Context to identify the critical information needed to guide governance (cont.)

More Components of the SoBC

  1. Strategic Objectives
    • What are the strategic initiatives of the organization?
    • Do you have a roadmap to accomplish your mission?
    • What are the primary goals of senior leaders for the organization?

    Example
    1. Meeting government regulation
    2. Revenue generation
    3. Top research quality
    4. High teaching quality
Sample of Info-Tech's Statement of Business Context Template with Strategic Objectives.
  1. State of Business
    • Consider what the current state and future state are.
    • How does the operating model used define the state?
    • How do industry trends shape the business?
    • What internal changes impact the business model?

    Example
    Our organization aims to make quick decisions and navigate the fast-paced industry with agility, uniting the development and operational sides of the business.
Sample of Info-Tech's Statement of Business Context Template with State of the Business.

Leverage core concepts to determine the direction of the organization’s state of the business

  1. Mission
  2. Vision
  3. Strategic Objectives
–›
  1. State of Business

  2. Work through if your organization’s state is small vs. large, public vs. private, and lean vs. DevOps vs. traditional.

Small

IT team is 30 people or less.

Large

IT team is more than 30 people.

Public

Wholly or partly funded by the government.

Private

No government funding is provided.
Lean: The business aims to eliminate any waste of resources (time, effort, or money) by removing steps in the business process that do not create value. Devops/Agile: Our organization aims to make quick decisions and navigate the fast-paced industry with agility. Uniting the development and operational sides of the business. Hierarchical: Departments in the organization are siloed by function. The organization is top-down and hierarchical, and takes more time with decision making.

‹– Multi-State (any combination) –›

Review business documents to assess business context

Associated Activity icon 1.5 2-4 hours

INPUT: Strategic Documents, Financial Documents

OUTPUT: Mission, Vision, Strategic Objectives

Materials: Corporate Documents

Participants: IT Governance Redesign Owner

Start assessing the state of the business context by leveraging easily accessible information. Many organization have strategic plans, documents, and presentations that already include a large portion of the information for the SoBC – use these sources first.

Instructions

  1. Strategic Documents
    Leverage your organization’s strategic documents to gain understanding of the business context.

  2. Documents to Review:
  • Corporate strategy document.
  • Business unit strategy documents.
  • Annual general reports.
  • Financial Documents
    Leverage your organization’s financial documents to gain understanding of the business context.

  • Documents to Review:
    • Look for large capital expenditures.
    • Review operating costs.
    • Business cases submitted.

    Review strategic planning documents

    Overview

    Some organizations (and business units) create an authoritative strategy document. These documents contain the organization’s corporate aspirations and outline initiatives, reorganizations, and shifts in strategy. Additionally, some documents contain strategic analysis (Porter’s Five Forces, etc.).

    Action

    • Read through any of the following:
      • Corporate strategy document
      • Business unit strategy documents
      • Annual general reports
    • Watch out for key future-looking words:
      • We will be…
      • We are planning to…

    Overt Statements

    • Corporate objectives and initiatives are often explicitly stated in these documents. Look for statements that begin with phrases such as “Our corporate objectives are…”
    • Remember that different organizations use different terminology – if you cannot find the word “goal” or “objective” then look for “pillar,” “imperative,” “theme,” etc.
    • Ask a business partner to assist if you need some help.

    Covert, Outdated, and Non-Existent Statements

    • Some corporate objectives and initiatives will be mentioned in passing and will require clarification, for example:
      “As we continue to penetrate new markets, we will be diversifying our manufacturing geography to simplify distribution.”
    • Some corporate strategies may be outdated and therefore of limited use for understanding the state of business – validate the statement to ensure it is up to date.
    • Some organizations lack a strategic plan altogether. Use stakeholder interviews to identify imperatives and validate conflicting statements before moving on.

    Review financial documentation

    Overview

    Departmental budgets highlight the new projects that will launch in the next fiscal year. The overwhelming majority of these projects will have IT implications. Additionally, identifying where the department is spending money will allow you to identify business unit initiatives and operational change.

    Action

    • Scan budgets:
      • Look for large capital expenditures
      • Review operating costs
      • Review business cases submitted
    • Look for abnormalities or changes:
      • What does an increase in spending mean?
      • Does IT need to change as a result?

    Capital Budgets

    • Capital expenditures are driven by projects, which map to corporate goals and initiatives.
    • Look for large capital expenditures and cross-reference the outflows with any project plans that have been collected.
    • If an expenditure cannot be explained by project plans, request additional information.

    Operating Budgets

    • Major changes to operating costs typically reflect changes to a business unit. Some of these changes affect IT capabilities and can be classified as corporate initiatives.
    • Changes that should be classified as corporate initiatives are expansion or contraction of a labor force, outsourcing initiatives, and significant process changes.
    • Changes that should not be classified as corporate initiatives are changes in third-party fees, consulting engagements, and changes caused by inflation or growth.

    Analyze business frameworks to articulate context

    Associated Activity icon 1.6 2-4 hours

    INPUT: Industry Research, Organizational Research, Analysis Templates

    OUTPUT: PESTLE and SWOT Analysis

    Materials: Computer or Whiteboards and Markers

    Participants: IT Governance Redesign Owner

    If corporate documents denoting the key components of the SoBC are not easily available, or do not provide all information required, refer to business analysis frameworks to discover internal and external trends that impact the mission, vision, strategic objectives, and state of the business.

    1. Conduct a PESTLE Analysis
      The PESTLE analysis will support the organization in identifying external factors that impact the business. Keep watch for trends and changes in the industry.
    2. Political

      Economic

      Social

      Technological

      Legal

      Environmental

    3. Conduct a SWOT Analysis
      The SWOT analysis will be more specific to the organization and the industry in which it operates. Identify the unique strengths, weaknesses, opportunities, and threats for your organization.
    4. Strengths

      Weaknesses

      Opportunities

      Threats

    Conduct a PESTLE analysis

    Associated Activity icon 1.6 Conduct a PESTLE analysis
    • Break participants into teams and divide the categories amongst them:
      • Political trends
      • Economic trends
      • Social trends
      • Technological trends
      • Legal trends
      • Environmental trends
    • Have each group identify relevant trends under their respective categories. You must relate each trend back to the business by considering:
      • How does this affect my business?
      • Why do we care?
    • Use the prompt questions on the next slide to help the brainstorming process.
    • Have each team present its list and have remaining teams give feedback and additional suggestions.

    Political. Examine political factors such as taxes, environmental regulations, and zoning restrictions.

    Economic Examine economic factors such as interest rates, inflation rate, exchange rates, the financial and stock markets, and the job market.

    Social. Examine social factors such as gender, race, age, income, disabilities, educational attainment, employment status, and religion.

    Technological. Examine technological factors such as servers, computers, networks, software, database technologies, wireless capabilities, and availability of software as a service.

    Legal. Examine legal factors such as trade laws, labor laws, environmental laws, and privacy laws.

    Environmental. Examine environmental factors such as green initiatives, ethical issues, weather patterns, and pollution.

    Download Info-Tech’s PESTLE Analysis Template to help get started.

    Review these questions to help you conduct a PESTLE analysis

    For each prompt below, always try to answer the question: how does this affect my business?

    Political

    • Will a change in government (at any level) affect your organization?
    • Do inter-government or trade relations affect you?
    • Are there shareholder needs or demands that must be considered?

    Economical

    • How are your costs changing (moving off-shore, fluctuations in markets, etc.)?
    • Do currency fluctuations have an effect on your business?
    • Can you attract and pay for top-quality talent (e.g. desirable location, reasonable cost of living, changes to insurance requirements)?

    Social

    • What are the demographics of your customers or employees?
    • What are the attitudes of your customers or staff (do they require social media, collaboration, transparency of costs, etc.)?
    • What is the general lifecycle of an employee (i.e. is there high turnover)?
    • Is there a market of qualified staff?
    • Is your business seasonal?

    Technological

    • Do you require constant technology upgrades (faster network, new hardware, etc.)?
    • What is the appetite for innovation within your industry or business?
    • Are there demands for increasing data storage, quality, BI, etc.?
    • Are you looking at cloud technologies?
    • What is the stance on “bring your own device”?
    • Are you required to do a significant amount of development work in-house?

    Legal

    • Are there changes to trade laws?
    • Are there changes to regulatory requirements, e.g. data storage policies or privacy policies?
    • Are there union factors that must be considered?

    Environmental

    • Is there a push towards being environmentally friendly?
    • Does the weather have any effect on your business (hurricanes, flooding, etc.)?

    Conduct a SWOT analysis on the business

    Associated Activity icon 1.6 Conduct a business SWOT analysis

    Break the group into two teams.

    Assign team A internal strengths and weaknesses.

    Assign team B external opportunities and threats.

    • Have the teams brainstorm items that fit in their assigned grids. Use the prompt questions on the next slide to help you with your SWOT analysis.
    • Pick someone from each group to fill in the grids on the whiteboard.
    • Conduct a group discussion about the items on the list. Identify implications for IT and opportunities to innovate as you did for the other business and external drivers.
    Helpful
    to achieve the objective
    Harmful
    to achieve the objective
    Internal Origin
    attributes of the organization
    Strength Weaknesses
    External Origin
    attributes of the environment
    Opportunities Threats

    Download Info-Tech’s Business SWOT Analysis Template to help get started.

    Review these questions to help you conduct your SWOT analysis on the business

    Strengths (Internal)

    • What competitive advantage does your organization have?
    • What do you do better than anyone else?
    • What makes you unique (human resources, product offering, experience, etc.)?
    • Do you have location advantages?
    • Do you have price, cost, or quality advantages?
    • Does your organizational culture offer an advantage (hiring the best people, etc.)?

    Weaknesses (Internal)

    • What areas of your business require improvement?
    • Are there gaps in capabilities?
    • Do you have financial vulnerabilities?
    • Are there leadership gaps (succession, poor management, etc.)?
    • Are there reputational issues?
    • Are there factors that are making you lose sales?

    Opportunities (External)

    • Are there market developments or new markets?
    • Industry or lifestyle trends, e.g. move to mobile?
    • Are there geographical changes in the market?
    • Are there new partnerships or M&A opportunities?
    • Are there seasonal factors that can be used to the advantage of the business?
    • Are there demographic changes that can be used to the advantage of the business?

    Threats (External)

    • Are there obstacles that the organization must face?
    • Are there issues with respect to sourcing of staff or technologies?
    • Are there changes in market demand?
    • Are your competitors making changes that you are not making?
    • Are there economic issues that could affect your business?

    Conduct brainstorming efforts to gain insights from key business stakeholders

    Associated Activity icon 1.7 2-4 hours

    INPUT: SoBC Template

    OUTPUT: Completed SoBC

    Materials: Computer, Phone, or Other Mechanism of Connection

    Participants: CEO, CFO, COO, CMO, CHRO, and Business Unit Owners

    There are two ways to gather primary knowledge on the key components of the SoBC:

    1. Stakeholder Interviews
      Approach each individual to have a conversation about the key components of the SoBC. Go through the SoBC and fill it in together.
    2. Stakeholder Survey
      In the case that you are in a very large organization, create a stakeholder survey. Input the key components of the SoBC into an online survey maker and send it off the key stakeholders.

    Use the SoBC as the guide to both the interview and the survey. Be clear about the purpose of understanding the business context when connecting with key business stakeholders to participate in the brainstorming. This is a perfect opportunity to establish or develop a relationship with the stakeholders who will need to buy into the redesigned governance framework since it will involve and impact them significantly.

    Go directly to the information source – the key stakeholders

    Overview

    Talking to key stakeholders will allow you to get a holistic view of the business strategy. You will be able to ask follow-up questions to get a better understanding of abstract or complex concepts. Interviews also allow you to have targeted discussions with specific stakeholders who have in-depth subject-matter knowledge.

    Action

    • Talk to key stakeholders:
      • Structure focused, i.e. CEO or CFO
      • Customer focused, i.e. CMO or Head of Sales
      • Operational focused, i.e. COO
      • Lower-level employees or managers
    • Listen for key pains that IT could alleviate.

    Overcome the Unstructured Nature of Interviews

    • Interviewees will often explicitly state objectives and initiatives.
    • However, interviews are less formal and less structured than objective-oriented strategy documents. Objectives are often stated using informal language.
      “We’re talking rev gen here. That’s the name of the game. If we can get a foothold in India, there’s huge upside potential.” (VP Marketing)
    • Further analysis might translate this into a corporate imperative: increase revenue by growing our market share in India to 8% by January of next year.
    • If an imperative is unclear, ask the stakeholder for more detail.
    • Understand how key stakeholders evaluate, direct, and monitor their own areas of the business; this will give you insight as to their style.

    Receive final sign-off to proceed with developing the IT governance redesign

    Associated Activity icon 1.8 30 minutes

    Document any project assumptions or constraints. Before proceeding with the IT governance activities, validate the statement of business context with senior stakeholders. When consensus has been reached, have them sign the final page of the document.

    How to ensure sign-off:

    • Schedule a meeting with the senior stakeholders and conduct a review of the document. This meeting presents a great opportunity to deliver your interpretation of management expectations and make any modifications.
    • Obtaining stakeholder approval in person ensures there is no miscommunication or misunderstandings around the tasks that need to be accomplished to develop a successful IT governance.
    • This is an iterative process; if senior stakeholders have concerns over certain aspects of the document, revise and review again.
    • Final sign-off should only take place when mutual understanding has been reached.

    Download the SoBC Template and complete for final approval.

    Info-Tech Tip

    In most circumstances, you should have the SoBC validated with the following stakeholders:

    • CIO
    • CEO
    • CFO
    • Business Unit Leaders

    Understand the business context to set the foundation for governance redesign

    CASE STUDY

    Industry: Healthcare
    Source: Info-Tech

    Challenge

    The new business direction to become an integrator shifted focus to faster software iteration and on enabling integration and translation technologies, while moving away from creating complete, top-to-bottom IT solutions to be leveraged by clinicians and patients.

    Internal to the IT organization, this created a different in perspective on what was important to prioritize: foundational elements, web services, development, or data compliance issues. There was no longer agreement on which initiatives should move forward.

    Solution

    A series of mandatory meetings were held with key decision makers and SMEs within the organization in order to re-orient everyone on the overall purpose, goals, and outcomes of the organization.

    All attendees were asked to identify what they saw as the mission and vision of the organization.

    Finally, clinicians and patient representatives were brought in to describe how they were going to use the services the organization was providing and how it would enable better patient outcomes.

    Results

    Identifying the purpose of the work the IT organization was doing and how the services were going to be used realigned the different perspectives in the context of the healthcare outcomes they enabled.

    This activity provided a unifying view of the purpose and the state of the business. Understanding the business context prepared the organization to move forward with the governance redesign.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of an Info-Tech analyst.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    1.1

    Sample of activity 1.1 'Determine which business stakeholders will be impacted or involved in the redesign process'. Identify Relevant Stakeholders

    Build a list of relevant stakeholders and identify their position on the stakeholder power map.

    1.4

    Sample of activity 1.4 'Create a communication plan to engage key stakeholders'. Communication Plan

    Build customized communication plans to engage the key stakeholders in IT governance redesign.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop

    Book a workshop with our Info-Tech analysts:

    1.7

    Sample of activity 1.7 'Review business documents to assess business context'. Gather Business Information

    Review business documents, leverage business analysis tools, and brainstorm with key executives to document the Statement of Business Context.

    1.8

    Sample of activity 1.8 'Receive final sign-off to proceed with developing the IT Governance redesign'. Finalize the Statement of Business Context

    Get final approval and acceptance on the Statement of Business Context that will guide your redesign.

    Improve IT Governance to Drive Business Results

    PHASE 2

    Assess the Current Governance Framework

    Phase 2 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 2: Assess the Current Governance Framework

    Proposed Time to Completion: 2 weeks
    Step 2.1: Outline the Current State AssessmentStep 2.2: Review the Current State Assessment
    Start with an analyst kick-off call:
    • Connect the current business state identified in Phase 1 with the current state of governance.
    • Identify the key elements of current governance.
    • Begin building the structure and committee profiles.
    Review findings with analyst:
    • Review the current governing bodies that were identified.
    • Review the current structure that was identified.
    • Determine the strengths, weaknesses, and guidelines from the implications in the current state assessment.
    Then complete these activities…
    • Identify stakeholders.
    • Make the case to executives.
    • Build a communication plan.
    Then complete these activities…
    • Create committee profiles.
    • Build governance structure map.
    With these tools & templates:
    • Current State Assessment of IT Governance
    With these tools & templates:
    • Current State Assessment of IT Governance

    Phase 2: Assess the Current Governance Framework

    1 2 3 4
    Align IT With the Business Context Assess the Current Governance Framework Redesign the Governance Framework Implement Governance Redesign

    Activities:

    • 2.1 Create Committee Profiles
    • 2.2 Build a Governance Structure Map
    • 2.3 Establish Governance Guidelines

    Outcomes:

    • Use the Current State Assessment of IT Governance to determine governance guidelines.

    Info-Tech Insight

    Don’t be passive; take action! Take an active approach to revising your governance framework. Understand why you are making decisions before actually making them.

    Explore the current governance that exists within your organization

    Your current governance framework will give you a strong understanding of the way the key stakeholders in your business currently view IT governance.

    "Much of the focus of governance today has been on the questions:
    • Are we doing [things] the right way?
    • And are we getting them done well?"
    –› "We need to shift to…
    • Are we doing the right things?
    • Are we getting the benefits?
    • What are the outcomes?
    • What do we want to achieve?
    • How do we make intelligent decisions about what will help us achieve those outcomes?"
    (John Thorp, Author of The Information Paradox)

    Leverage this understanding of IT governance to determine where governance is occurring and how it transpires.

    Conduct a current state assessment

    Supporting Tool icon 2A Assess the current governance framework

    Use this tool to critically assess each governing body to determine the areas of improvement that are necessary in order to achieve optimal business results.

    1. Identify All Governing Bodies
      Some bodies govern intentionally, and some govern through habit and practice. Outline all bodies that take on an element of governance.
    2. Create a Governance Structure Map
      Configure the structural relationships for the governing bodies using the structure map.
    3. Reveal Strengths and Weaknesses
      Identify the strengths and weaknesses of the governance structure, authority definitions, processes, and membership.
    4. Establish Governance Guidelines
      Based on the SoBC, express clear and applicable guidelines to improve on the weaknesses while retaining the strengths of your governance framework.

    Download the Current State Assessment of IT Governance to work toward these outcomes

    Conduct a current state assessment to identify governance guidelines

    Supporting Tool icon 2A Assess the current governance framework

    How to use the Current State Assessment of IT Governance deliverable: Follow the steps below to create a cohesive understanding of the current state of IT governance and the challenges that the current system poses.

    Part A – Committee Profiles

    1. Identify Governing Bodies
    2. Leverage Committee Templates
    3. Create Committee Profiles
      Use the Committee Profile Template

    Part B – Structure Map

    1. Assess Inputs and Outputs to Express Structural Relationships
    2. Create Structure Map
      Use the Governance Structure Map

    Part C – Governance Guidelines

    1. Choose Operating Model Template
    2. Identify Strengths and Weaknesses
    3. Establish Governance Guidelines
      Use the Governance Guideline Template

    What makes up the “governance framework”?

    There are four major elements of the governance framework:

    1. Structure
      Structural relationships are shown by mapping the connections between committees.
    2. Authority
      Each committee will have a purpose and area of decision making that it is accountable for.
    3. Process
      The process includes the inputs, outputs, and activities required for the committee to function.
    4. Membership The individuals or roles who sit on each committee. Take into account members’ knowledge, capability, and political influence.

    Create governing board or committee profiles

    Supporting Tool icon 2A.1 Assess the current governance framework

    Part A – Committee Profiles

    1. Identify Governing Bodies

      Establish where governance happens and who is governing. For different organizations, the governance framework will contain a variety of governing bodies or people. Use a list format to identify governing bodies that exist in your organization.
    2. Leverage Committee Templates

      Use the templates provided. Create a profile for each governing body that currently operates in your IT governance framework as listed in step 1.
    3. Create Committee Profiles

      Identify what they are governing and how they are governing.
      Using the profiles created in step 2, identify each body’s membership roles, purpose, decision areas, inputs, and outputs. Refer to the example text in the template to guide you, but feel free to adjust the text to reflect the reality of your governing body. Screenshot of the 'Committee Template - Executive Management Committee'.
      Consider the following domains of governance:
      (refer to Executive Brief)
      • Benefits realization
      • Risks
      • Resources
      Refer to our examples for some common governing bodies.

    Consistently define the components of governance in the committee profiles

    Membership

    Membership Roles
    Insert information here that reflects who the individuals are that sit on that governing body and what their role is. Include other important information about the individuals’ knowledge, skills, or capabilities that are relevant.

    Authority

    Purpose
    Define why the committee was established in the first place.

    Decision Areas
    Explain the specific areas of decision making this group is responsible for overseeing.

    Process

    Inputs
    Consider the information and materials that are needed to make decisions.

    Outputs
    Describe the outcomes of the committee. Think about decisions that were made through the governance process.

    Screenshot of the components of governance section from the 'Committee Template'.

    Map out relationships on the Governance Map

    Supporting Tool icon 2A.2 Assess the current governance framework

    Part B – Structure Map

    Structure
    1. Assess Inputs and Outputs

      Governing Bodies

      Inputs

      Outputs

      Committee #1
      Committee #2
      Committee #3
      CFO
      IT Director
      CIO
      To understand relationships between governing bodies, list the inputs and outputs for each unique committee that rely on other committees in the table provided.
    2. Create Structure Map
      Sample of the 'Current State Structure Map'. Using the outline provided, create your own governance structure map to represent the way the governing bodies interact and feed into each other. This is crucial to ensure that the governing structure is streamlined. It will ensure that communication occurs efficiently and that there are no barriers to making decisions swiftly.

    Outline the governance structure in the governance structure map

    Associated Activity icon 2.2 30 minutes
    The 'Current State Structure Map' from the last slide, but with added description. There are three tiers of groups. At the bottom is 'Run', described as 'The lowest level of governance will be an oversight of more specific initiatives and capabilities within IT.' 'Design and Build', described as 'The second tier of groups will oversee prioritization of a certain area of governance as well as second-tier decisions that feed into strategic decisions.' At the top is 'Strategy', described as 'These groups will focus on decisions that directly connect to the strategic direction of the organization.' The specific groups laid out in the map are 'Risk and Compliance Committee' which straddle the line between 'Run' and 'Design and Build', 'Portfolio Review Board' and 'IT Steering Committee (ITSC)' both of which straddle the line between 'Design and Build' and 'Strategy', 'Executive Management Committee (EMC)' which is in 'Strategy', and 'Other' in all tiers.

    Identify strengths and weaknesses of the governance framework

    Supporting Tool icon 2A.3 Assess the current governance framework

    Part C – Governance Guidelines

    1. Choose Business State Template Choose the template that represents the identified future state of business in the Statement of Business Context. Mini sample of the 'State of Business' table from the 'Statement of Business Context'.
    2. Identify Strengths and Weaknesses Input the major strengths and weaknesses of your governance that were highlighted in the brainstorming activity. Mini sample of a Strengths and Weaknesses table.
    3. Establish Governance Guidelines Draw your own implications from the strength and weaknesses that will drive the design of your governance in its future state. These guidelines should be concise and easy to implement. Mini sample of an expanded Strengths and Weaknesses table including a row for 'Implication/Guideline'. Note: Refer to the example guidelines in the Current State Assessment of IT Governance after you have considered your own specific guidelines. The examples are supplementary for your convenience.

    Distinguish your business state from the others to ensure implications act as accurate guidelines

    Business State Options

    1

    Small

    IT team is 30 people or less.

    Large

    IT team is more than 30 people.

    2

    Public

    Wholly or partly funded by the government.

    Private

    No government funding is provided.

    3

    Lean: The business aims to eliminate any waste of resources (time, effort, or money) by removing steps in the business process that do not create value.Devops: Our organization aims to make quick decisions and navigate the fast-paced industry with agility. Uniting the development and operational sides of the business. Hierarchical: Departments in the organization are siloed by function. The organization is top-down and hierarchical, and takes more time with decision making.

    ‹– Multi-State (any combination) –›

    Multi-State Example A: If you are small organization that is publicly funded and you are shifting towards a lean methodology, combine the implications of all those groups in a way that fits your organization.

    Multi-State Example B: Your organization is shifting from a more traditional state of operating to combining the development and operations groups. Use hierarchical implications to govern one group and DevOps implications for the other.

    Identify strengths and weaknesses of the governance framework

    Associated Activity icon 2.3 2 hours

    INSTRUCTIONS

    1. Input Strengths of Governance
      Include useful components of the current framework; that may include elements that are operating well, fit the future state, or are required due to regulations or statutes.
    2. Determine Weaknesses and Challenges
      Discuss the pain points of the current governance framework by looking through the lenses of structure, authority, process, or membership.

    Consider:

    • Where is governance not meeting expectations?
    • Are we doing the right things?
    • Are we getting the benefits?
    • What are the outcomes?
    • What do we want to achieve?
    • How do we make intelligent decisions about what will help us achieve those outcomes?
    *Example

    Structure

    Authority

    Process

    Membership

    Strength

    • We must maintain a legal compliance committee due to the high level of legislation in the industry
    • The ITSC gathers and prioritizes investment options, saving time for the EMC
    • The EMC only make decisions on investments that are greater than $200,000
    • The legal board has a narrow focus, allowing it to maintain its necessary purpose efficiently
    • The information flow from ITSC to the EMC allows the EMC to spend their time effectively
    • The CIO sits on the EMC and the ITSC
    • The EMC is made up of senior leadership who have stakes in all areas of the business

    Weakness

    • Wrong number (too many/little groups)
    • Relationship is misaligned (input/output problems)
    • The tier it sits on the map is misguided
    • Duplication of the same tier of decisions in different groups
    • Approval for one specific topic occurs in more than one group
    • Lack of clarity in which group makes which decisions
    • Intake – where the information is coming from is the wrong source/inaccurate
    • Time to decision (too slow)
    • Poor results of governance (redoing projects, low value)
    • There is lack of knowledge in committee membership
    • Misplaced seniority (too Jr./Sr.)
    • Lack of representation in group (breadth across the business or depth of specific area)

    Derive governance implications from strengths and weaknesses

    Associated Activity icon 2.3 2-4 hours

    INSTRUCTIONS

    1. Copy and paste your strengths and weaknesses from part B into the template that reflects your business state.
    2. Draw your own implications from the strengths and weaknesses that will drive the design of your governance in its future state. These guidelines should be concise and practical.
    *Example

    Structure

    Authority

    Process

    Membership

    Strength

    Weakness

    Implication / Guideline

    • Make sure that the decision-making authority for most areas are at the lower tier
    • Governing bodies should be lower in the organization
    • One overarching governing body – directing priorities
    • High authority at a lower point of the organization
    • Highest tier is responsible for major budget shifts
    • High-level tier - reporting and feed in from lower level groups
    • Prioritization and sequencing occur at the mid-tier
    • Lowest governing tiers will have direct links to the customer to allow for interaction
    • Project or initiative owner as the leader of the body

    Note: Use the examples of guidelines provided in the Current State Assessment of IT Governance to help formulate your own.

    Conduct a current state assessment to identify guidelines for the future state of governance

    CASE STUDY

    Industry: Healthcare
    Source: Anonymous

    Challenge

    Over time, the organization had to create a large amount of governing committees and subcommittees in order to comply with governance frameworks applied to them and to meet regulatory compliance requirements.

    The current structure was no longer optimal to meet the newly identified mandate of the organization. However, the organization did not want to start from scratch and scrap the elements that worked, such as the dates and times that had been embedded into the organization.

    Solution

    A current state assessment was planned and executed in order to review what was currently being done and identify what could be retained and what should be added, changed, or removed to improve the governance outcomes.

    The scope involved examining how current and near-term governance needs were, or were not, met through the existing structure, bodies, and their processes.

    The organization investigated governance approaches of organizations with similar governance needs and with similar constraints to model their own.

    Results

    The outputs of this exercise included:

    • A list of effective practices and committee guidelines that could be leveraged with little to no change in the future state.
    • A list of opportunities to streamline the structure and processes.

    These guidelines were used to drive recommendations for improvements to the governance structures and processes in the organization.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of an Info-Tech analyst.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    2.1

    Sample of activity 2.1 'Outline the governance structure in the governance structure map'. Create Current State Structure and Profiles

    Take the time to clearly articulate the current governance framework of your organization. Outline the structure and build the committee profiles for the governing bodies in your organization.

    2.3

    Sample of activity 2.3 'Identify strengths and weaknesses of the governance framework'. Determine Strengths, Weaknesses, and Guidelines

    Evaluate the strengths of your governance framework, the weaknesses that it exhibits, and the guidelines that will help maintain the strengths and alleviate the pains.

    Improve IT Governance to Drive Business Results

    PHASE 3

    Redesign the Governance Framework

    Phase 3 Guided Implementation

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 3: Redesign the Governance Framework

    Proposed Time to Completion: 4 weeks
    Step 3.1: Understand the Redesign Process Step 3.2: Review Governance Structure Step 3.3: Review Governance Committees
    Start with an analyst kick-off call:
    • Review the guidelines from the current state assessment.
    • Begin modifying the governance structure, authorities, processes, and memberships.
    Review findings with analyst:
    • Determine the impact of the guidelines on the structural layout of the framework.
    • Determine the impact of the guidelines on the authority element of the framework.
    Finalize phase deliverable:
    • Determine the impact of the guidelines on the processes within the framework.
    • Determine the impact of the guidelines on the membership element of the framework.
    Then complete these activities…
    • Break down guidelines to make sure they are actionable and realistic.
    • Identify what to add, modify, or remove.
    • Review additional sources of information.
    Then complete these activities…
    • Build and review the governance structure map.
    • Identify additions, changes, or reductions in governing bodies and their areas of authority.
    Then complete these activities…
    • Use the template provided to build committee profiles for each identified committee.
    • Identify the membership, purpose, decision areas, inputs, and outputs of each.
    • Build committee charters if needed.
    With these tools & templates:
    • Current State Assessment
    • Future State Design for IT Governance
    With these tools & templates:
    • Future State Design for IT Governance
    With these tools & templates:
    • Future State Design for IT Governance
    • IT Governance Terms of Reference

    Phase 3: Redesign the Governance Framework

    1 2 3 4
    Align IT With the Business Context Assess the Current Governance Framework Redesign the Governance Framework Implement Governance Redesign

    Activities:

    • 3.1 Build a Governance Structure Map
    • 3.2 Create Committee Profiles
    • 3.3 Leverage Process-Specific Governance Blueprints

    Outcomes:

    • Use the Future State Design for IT Governance template to build the optimal governance framework for your organization.

    Info-Tech Insight

    Keep the current and future goals in sight to build an optimized governance framework that maintains the minimum bar of oversight required.

    Anticipate the outcomes of the Future State Design for IT Governance tool

    Supporting Tool icon 3A Redesign the governance frameworks

    Use this tool to guide your organization toward transformative outcomes gleaned from an optimized governance framework.

    1. Implement Structural Guidelines
      Determine what governing bodies to add, change, or remove from your governance structure.
    2. Create a Governance Structure Map
      Configure the structural relationships for the redesigned governing bodies using the structure map.
    3. Build Effective Committees
      Use the IT Governance Terms of Reference to build profiles for each newly created committee and to alter any existing committees.
    4. Determine Follow-up Governance Support
      Access external material on governance from other Info-Tech blueprints that will help with specific governance areas.

    Download the Future State Design for IT Governance template to work toward these outcomes.

    Use the Future State Design for IT Governance tool to create a custom governance framework for your organization

    Supporting Tool icon 3A Redesign the governance frameworks

    How to use the Future State Design for IT Governance deliverable: Follow the steps below to redesign the future state of IT governance. Use the guidelines to respond to challenges identified in the current governance framework based on the current state assessment.

    Part A – Structure Map

    Part B – Committee Profiles

    1a. Input Structural Guidelines 1b. Input Authority Guidelines 1a. Input Process Guidelines 1b. Input Member Guidelines
    2. Guiding Questions
    Do governing bodies operate at a tier that matches the guidelines?

    Do governing bodies focus on the decisions that align with the guidelines?
    2. Guiding Questions
    Do the process inputs and outputs reflect the structure and authority guidelines?

    Do governing bodies engage the right people who have the roles, capacity, and knowledge to govern?
    3. Add / Change (Tier/Authority) / Remove
    Governing Bodies – Structure
    3. Adapt / Refine
    Governing Bodies – Profiles
    4. Use the Structure Map to Show Redesign Use the IT Governance Terms of Reference for Redesign

    Connect key learnings to initiate governance redesign

    The future state design will reflect the state of business that was identified in Phase 1 along with the guidelines defined in Phase 2 to build a governance framework that promotes business-IT fusion.

    Statement of Business Context –› Current State Assessment

    Identified Future Business State

    Structure
    Authority

    Leverage the structure and authority guidelines to build the governance structure.

    Defined Governance Guidelines

    Process
    Membership

    Leverage the process and membership guidelines to build the governance committees.

    Future State Design

    Use structure and authority guidelines to build a new governance structure map

    Supporting Tool icon 3A.1 Redesign the governance frameworks

    Part A – Structure Map

    Structure
    Authority
    1a. Structural Guidelines1b. Authority Guidelines
    Input the guidelines from the current state assessment to guide the redesign.

    2. Leverage Guiding Questions

    Use the guiding questions provided to assess the needed changes.
    Guiding Questions


    Do governing bodies operate at a tier that matches the guidelines?


    Do governing bodies focus on the decisions that align with the guidelines?
    Build the “where/why” of governance. Consider at what tier each committee will reside and what area of governance will be part of its domain. Modify the current structure; do not start from scratch.

    3. Add / Change (Tier/Authority) / Remove

    Determine changes to structure or authority that will be occurring for each of the current governing bodies. Work within the current structure as much as possible.A mini sample of an 'Add/Change/Remove' table for governing bodies.

    4. Use the Structure Map to Show Redesign

    Create your own governance structure map to represent the way the governing bodies interact and feed into each other. A mini sample of the 'Current State Structure Map' from before.

    Maintain as much of the existing framework as possible in the redesign

    Associated Activity icon 3.1 2-4 hours

    Future State Design

    • Structure
    • Authority

    Info-Tech Best Practice

    Keep the number of added or removed committees as low as possible, while still optimizing. The less change to the structure, the easier it will be to implement.

    Refer to the example to help guide your committee redesign.

      Determine:
    1. Do the guidelines impact committees you already have? Will you have to modify the tier or the authority of those committees?
    2. Do the guidelines require you to build a new committee to meet needs?
    3. Do the guidelines require you to remove a committee that isn’t necessary?

    All Governing Bodies

    Add

    Change

    Remove

    ITSC Structure

    Authority
    Delegate the authority of portfolio investment decisions over $200K to this body
    Portfolio Review Board This committee no longer needs to exist since its authority of portfolio investment decisions over $200K has been redelegated
    Risk and Compliance Committee Create a new governing body to address increasing risk and compliance issues that face the organization

    Outline the new governance structure in the governance structure map in the Future State Design for IT Governance tool

    Associated Activity icon 3.1 The 'Current State Structure Map' from before, but with some abbreviated terms. There are three tiers of groups. At the bottom is 'Run', described as 'The lowest level of governance will be an oversight of more specific initiatives and capabilities within IT.' 'Design and Build', described as 'The second tier of groups will oversee prioritization of a certain area of governance as well as second-tier decisions that feed into strategic decisions.' At the top is 'Strategy', described as 'These groups will focus on decisions that directly connect to the strategic direction of the organization.' The specific groups laid out in the map are 'Risk and Compliance Committee' which straddle the line between 'Run' and 'Design and Build', 'Portfolio Review Board' and 'ITSC' both of which straddle the line between 'Design and Build' and 'Strategy', 'EMC' which is in 'Strategy', and 'Other' in all tiers.

    Use process and membership guidelines along with the IT Governance Terms of Reference to build committees

    Supporting Tool icon 3A.2 Redesign the governance frameworks

    Part B – Committee Profiles

    Process
    Membership
    1a. Process Guidelines 1b. Authority Guidelines
    Input the guidelines from the current state assessment to guide the redesign.

    2. Leverage Guiding Questions

    Use the guiding questions provided to assess the needed changes.
    Guiding Questions
    Do the process inputs and outputs reflect the structure and authority guidelines?

    Do governing bodies engage the right people who have the roles, capacity, and knowledge to govern?
    Build the “what/how” of governance. Build out the process and procedures that each committee will use.

    3. Adapt / Refine Governing Body Profiles

    Using your customized guidelines, create a profile for each committee.

    We have provided templates for some common committees. To make these committee profiles reflective of your organization, use the information you have gathered in your Current State Assessment of IT Governance guidelines.

    For a more detailed approach to building out specific charters for each committee refer to the IT Governance Terms of Reference.

    A mini sample of the 'Committee Template - Executive Management Committee'.

    A mini sample of the 'IT Governance Terms of Reference'.

    Use the IT Governance Terms of Reference to establish operational procedures for governing bodies

    Associated Activity icon 3.2 3-6 hours

    Future State Design

    • Process
    • Membership

    Info-Tech Best Practice

    The people on the committee matter. Governance committee membership does not have to correspond with the organizational structure, but it should correspond with the purpose and decision areas of the governance structure.

    Refer to the example to help guide your committee redesign.

      Determine:
    1. Do the guidelines alter the members needed to achieve the outcomes?
    2. Do the guidelines change the purpose and decision areas of the committee?
    3. How do the new structure’s guidelines impact the inputs and outputs of the governing body?

    Screenshot of the 'Committee Template - Executive Management Committee'.

    Add depth to the committee profiles using the IT Governance Terms of Reference

    Supporting Tool icon 3A.3 Redesign the governance frameworks

    Refer to the sections outlined below to build a committee charter for your governance committees. Four examples are provided in the tool and can be edited for your convenience. They are: Executive Management Committee, IT Steering Committee, Portfolio Review Board, and Risk and Compliance Committee.

    1. Purpose
    2. Goals
    3. Responsibilities
    4. Committee Members
    5. RACI
    6. Procedures
    7. Agenda

    Be sure to embed the domains of governance in the charters so that committees focus on the appropriate elements of benefits realization, risk optimization, and resource optimization.

    Download the IT Governance Terms of Reference for more in-depth committee charters.

    Three pillars of planning effective governance meetings

    The effectiveness of the governance is reliant on the ability to work within operational dependencies that will exist in the governance framework. Consider these questions to guide the duration, frequency, and sequencing of your governing body meetings.

    Frequency

    • What is the quantity of decisions that must be made?
    • Is a rapid or urgent response typically required?

    Duration

    • How long should your meeting run based on your meeting frequency and the volume of work to be accomplished?

    Sequencing

    • Are there other decisions that rely on the outcomes of this meeting?
    • Are there any decisions that must be made first for others to occur?
    A venn diagram of the three pillars of planning effective governance meetings, 'Frequency', 'Duration', and 'Sequencing'.

    Leverage process-specific governance blueprints

    Associated Activity icon 3.3

    If there are specific areas of IT governance that you require further support on, refer to Info-Tech’s library of DIY blueprints, Guided Implementations, and workshops for further support. We cover IT governance in the following areas:

    Enterprise Architecture Governance

    Service Portfolio Governance

    Security Governance

    Titlecard of 'Create a Right-Sized Enterprise Architecture Governance Framework' blueprint. Titlecard of 'Lead Strategic Decision Making With Service Portfolio Management' blueprint. Titlecard of 'Build a Security Governance and Management Plan' blueprint.

    Consider the challenges and solutions when identifying a multi-state reality for your business state

    A multi-state business will face unique challenges in navigating the redesign process with the goal of combining all related business states in governance.

    1. Divergent Governance Models
      Separate the governance groups that need to function differently, and bring them back together at the highest level.
    2. Reflecting the Organizational Structure
      Unlike single-state governance, multi-state organizations should model the governance framework in reflection of the organizational structure.
    3. Combining Implications
      Prioritize which implications are the most important and make sure they work first, then see what else fits (e.g. start with regulation, then insert lean guidelines).

    The multi-state business will not fit into one “box” – consider implications from the overlapping business states.

    As business needs change, ensure that you establish triggers to reassess the design of your governance framework.

    Leverage the outcomes of the Current State Assessment and Statement of Business Context to build the future state

    CASE STUDY

    Industry: Healthcare
    Source: Info-Tech

    Challenge

    Identifying the committees and processes that should be in place in the target state required a lot of different inputs.

    A number of high-profile senior management team members were still resistant to the overall idea of applying governance to their initiatives since they were clinician driven.

    The approach and target state, including the implementation plan, had to be approved and built out.

    Solution

    The information pulled together from the current state assessment, including best practices and jurisdictional scans, were tied together with the updated mandate and future state, and a list of recommended improvements were documented.

    The improvements were presented to the optimization committee and the governance committee members to ensure agreement on the approach and confirm the timeline for agreed improvements.

    Results

    A future state mapping of the new committee structure was created, as well as the revised membership requirements, responsibilities, and terms of reference.

    The approved recommendations were prioritized and turned into an implementation plan, with each improvement being assigned an owner who would be responsible for driving the effort to completion.

    Integration points in other processes, like SDLC, where change would be required were highlighted and included in the implementation plan.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of an Info-Tech analyst.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    3.1

    Sample of activity 3.1 'Maintain as much of the existing framework as possible in the redesign'. Redesign the Governance Structure

    Identify committees that need to be added, ones that must be changed, and the no-longer-needed governing bodies in an optimized and streamlined structure. Draw it out in the governance structure map.

    3.2

    Sample of activity 3.2 'Utilize the IT Governance Terms of Reference to establish operational procedures for governing bodies'. Redesign the Governing Bodies

    Use the IT Governance Terms of Reference and the Committee Template to build a committee profile for each governing body identified. Use these activities to build out and establish the processes of the modified governing groups.

    Improve IT Governance to Drive Business Results

    PHASE 4

    Implement Governance Redesign

    Phase 4 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 4: Implement Governance Redesign

    Proposed Time to Completion: 2-3 weeks
    Step 4.1: Identify Steps for Implementation Step 4.2: Finalized Implementation Plan
    Start with an analyst kick-off call:
    • Identify major steps required to implement the governance redesign.
    • Outline the components and milestones of the implementation plan.
    • Review materials needed for the executive presentation.
    Review findings with analyst:
    • Review the major milestones identified in the implementation plan.
    • Discuss potential challenges and stakeholder objections.
    • Strategize for the executive presentation.
    Then complete these activities…
    • Then complete these activities…
    • Identify next steps for the redesign.
    • Establish a communication plan.
    Then complete these activities…
    • Review the implementation plan.
    • Assess any challenging milestones and build implementation strategies.
    • Finalize the executive presentation.
    With these tools & templates:
    • IT Governance Implementation Plan
    • Redesign IT Governance to Drive Optimal Business Results Executive Presentation Template
    With these tools & templates:
    • IT Governance Implementation Plan
    • Redesign IT Governance to Drive Optimal Business Results Executive Presentation Template

    Phase 4: Implement Governance Redesign

    1 2 3 4
    Align IT With the Business Context Assess the Current Governance Framework Redesign the Governance Framework Implement Governance Redesign

    Activities:

    • 4.1 Identify Next Steps for the Redesign
    • 4.2 Establish a Communication Plan
    • 4.3 Lead the Executive Presentation

    Outcomes:

    • Rationalize steps in the Implementation Plan tool.
    • Construct an executive presentation to facilitate transparency for the governing framework.

    Anticipate and overcome implementation obstacles for the redesign

    Often high-level organizational changes create challenges. We will help you break down the barriers to optimal IT governance by addressing key obstacles.

    Key Obstacles

    Solutions

    Identifying Steps The prioritization must be driven by the common view of what is important for the organization to succeed. Prioritize the IT governance next steps according to the value they are anticipated to provide to the business.
    Communicating the Redesign The redesign of IT governance will bring impactful changes to diverse stakeholders across the organization. This phase will help you plan communication strategies for the different stakeholders.

    Info-Tech Insight

    Don’t overlook the politics and culture of your organization while redesigning your governance framework.

    Create an implementation roadmap to organize a plan for the redesign

    Supporting Tool icon 4A Create an implementation and communication plan

    INSTRUCTIONS

    1. Identify Tasks
      Decide on the order of tasks for your implementation plan. Consider the dependencies of actions and plan the sequence accordingly.
    2. Determine Communication Method
      Identify the most appropriate and impactful method of communicating at each milestone identified in step 1.

    Download the IT Governance Implementation Plan to organize your customized implementation and communication plan.

    Screenshot of a table in the 'IT Governance Implementation Plan'.

    Outline next steps for governance redesign

    Associated Activity icon 4.1

    INPUT: Tasks Identified in the Future State Design

    OUTPUT: Identified Tasks for Implementation as Well as the Audience

    Materials: N/A

    Participants: IT Governance Redesign Owner

    INSTRUCTIONS

    Keep these questions in mind as you analyze and assess what steps to take first in the redesign implementation.

    1. What needs to happen?
      Use the identified changes from the redesign as your guiding list of tasks that need to occur. If they are larger tasks, break them down into smaller parts to make the milestones more achievable.
    2. What are the dependencies?
      Throughout the implementation of the redesign, certain tasks will need to occur to enable other tasks to be performed. Make sure to clearly identify what dependencies exist in the implementation process and clearly identify the order of the tasks.
    3. Who do the changes impact?
      Consider the groups and individuals that will be impacted by changes to the governance framework. This includes key business stakeholders, IT leaders, members of governing boards, and anyone who provides an input or requires an output from one of the committees.

    Use a big-bang approach to implement the IT governance redesign

    While there are other methods to implementing change, the big-bang approach is the most effective for governance redesign and will maintain the momentum of the change as well as the support needed to make it successful.

    Phased

    Parallel

    Big Bang

    Implementation of redesign occurs in steps over a significant period of time.

    Three arrows, each beginning where the previous one ends, separated.

    Components of the redesign are brought into the governance framework, while maintaining some of the old components.

    Three arrows, each beginning slightly after the previous one begins, overlapping.

    Implementation of redesign occurs all at once. This requires significant preparation.

    One large arrow, spanning the length of the other grouped arrows, circled to emphasize.
    • Some committees will be operating under a new structure while others are not, which will undermine the changes being made.
    • This method proliferates a lack of transparency and trust.
    • Releasing IT governance in parallel leads to members sitting on too many boards and spending too much time on governance.
    • There will be a lack of clarity on a committee’s authority.
    • This approach will lead to consistency and transparency in the new process.
    • The change will be clear and fully embedded in the organization with stronger boundaries and well-defined expectations.

    Determine the most effective and impactful communication mediums for relevant stakeholders

    Associated Activity icon 4.2 1 hour

    INSTRUCTIONS

    1. Consider the Individual or Group
      Consider the group and individuals identified in step 4.1. Determine the most appropriate mechanism for communicating with that person or group. Keep in mind: If they are local, how much influence they have and if they are already engaged in the redesign process.
    2. Consider the Message
      The type of message that you are communicating will vary in impact and importance depending on the task. Make sure that the communication medium reflects your message. Keep in mind: If the you are communicating an important or more personal issue, the medium should be more personal as well.

    Screenshot of the same table in the 'IT Governance Implementation Plan'.

    Communicate the changes that result from the redesign

    Plan the message first, then deliver it to your stakeholders through the most appropriate medium to avoid message avoidance or confusion.

    Communication Medium

    Face-to-Face Communication

    Face-to-face communication helps to ensure that the audience is receiving and understanding a clear message, and allows them to voice their concerns and clarify any confusion or questions.

    • Use one-on-one meetings for key stakeholders and large organizational meetings to introduce large changes in the redesign.
    Emails

    Use email to communicate information to broad audiences. In addition, use email as the mass feedback mechanism.

    • Use email to follow up on meetings, or to invite people to next ones, but not as the sole medium of communication.
    Internal Website or Drive

    Use an internal website or drive as an information repository.

    • Store meeting minutes, policies, procedures, terms of reference, and feedback online to ensure transparency.

    Message Delivery

    1. Plan Your Message
      Emphasize what the audience really needs to know and how the change will impact them.
    2. Test Your Message
      If possible, test your communications with a small audience (2-3 people) first to get feedback and adjust messages before delivering them more broadly.
    3. Deliver and Repeat Your Message
      “Tell them what you’re going to tell them, then tell them, then tell them what you told them.”
    4. Gather Feedback and Evaluate Communications
      Evaluate the effectiveness of the communications (through surveys, stakeholder interviews, or metrics) to ensure the message was delivered and received successfully and communication goals were met.

    Construct an executive presentation to facilitate transparency for the governing framework

    Supporting Tool icon 4B Present the redesign to the key business stakeholders

    INSTRUCTIONS

    1. Identify Stakeholders
      Determine which business stakeholders have been the most involved in the redesign process.
    2. Customize Presentation
      Use the deliverables that you have built throughout this redesign to communicate the changes to the structure, authority, processes, and memberships in the governance framework.
    3. Present to Executives
      Present the executive presentation to the key business stakeholders who have been involved in the redesign process.

    Info-Tech best Practice

    Use the Executive Presentation customizable deliverable to lead a boardroom-quality presentation outlining the process and outcomes of the IT governance redesign.

    Present the executive presentation

    Associated Activity icon 4.3 1 hour

    INSTRUCTIONS

    1. Input SoBC Outcomes
      Input the outcomes of the SoBC. Specify the state of the business you have identified through the process of Phase 1.
    2. Input Current State Framework and Guidelines
      Input the outcomes of the current state assessment. Explain the process you used to identify the current governance framework and how you determined the strengths, weaknesses, and guidelines.
    3. Input Redesigned Governance Framework
      Input the governance redesign outcomes. Explain the process you used to modify and reconstruct the governance framework to drive optimal business results. Show the new structure and committee profiles.

    Use the Redesign IT Governance to Drive Optimal Business Results Executive Presentation Template for more information.

    Implement the governance redesign to optimize governance and, in turn, business results

    CASE STUDY

    Industry: Healthcare
    Source: Info-Tech

    Challenge

    Members of the project management group and in the larger SDLC process identified a lack of clarity on how to best govern active projects and initiatives that were moving through the governance process during the changes to the governance framework.

    These projects had already begun under the old frameworks and applying the redesigned governance framework would lead to work duplication and wasted time.

    Solution

    The organization decided that instead of applying the redesign to all initiatives across the organization, it would only be applied to new initiatives and ones that were still working within the first part of the “gating” process, where revised intake information could still be provided.

    Active initiatives that fell into the grandfathered category were identified and could proceed based on the old process. Yet, those that did not receive this status were provided carry-over lead time to revise their documentation during the changes.

    Results

    The implementation plan and timeframes were approved and an official change-over date identified.

    A communication plan was provided, including the grandfathered approach to be used with in-flight initiatives.

    A review cycle was also established for three months after launch to ensure the process was working as expected and would be repeated annually.

    The revised process improved the cycle time by 30% and improved the ability of the organization to govern high-speed requests and decisions.

    Summary of accomplishment

    Insights

    • IT governance requires business leadership.
      Instead of IT managing and governing IT, engage business leaders to take responsibility for governing IT.
    • With great governance comes great responsibility.
      Involve relevant business leaders, who will be impacted by IT outcomes, to share governing authority of IT.
    • Establish IT-business fusion.
      In governance, alignment is not enough. Merge IT and the business through governance to ensure business success.

    Knowledge Gained

    • There must be an active understanding of the current and future state of the business for governance to address the changing needs of the business.
    • Take a proactive approach to revising your governance framework. Understand why you are making decisions before actually making them.
    • Keep the current and future goals in sight to build an optimized governance framework that maintains the minimum bar of oversight required.

    Processes Optimized

    • EDM01 – Establishing a Governance Framework
    • Understanding the four elements of governance:
      • Structure
      • Authority
      • Process
      • Members
    • Embedding the benefits realization criteria, risk optimization, and resource optimization in governance.

    Deliverables Completed

    • Statement of Business Context
    • Current State Assessment of IT Governance
    • Future State Design for IT Governance
    • IT Governance Implementation Plan

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of an Info-Tech analyst.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    4.1

    Sample of activity 4.1 'Outline next steps for governance redesign'. Build and Deploy the Implementation Plan

    Construct a list of tasks and consider the individuals or groups that those tasks will impact when implementing the governance redesign. Ensure consistent and transparent communication for successful outcomes.

    4.3

    Sample of activity 4.3 'Present the Executive Presentation'. Build the Executive Presentation

    Insert the state of business, current state, and future state design outcomes into a presentation to inform the key business stakeholders on the process and outcomes of the governance redesign.

    Research contributors and experts

    Deborah Eyzaguirre, IT Business Relationship Manager, UNT System

    Herbert Kraft, MIS Manager, Prairie Knights Casino

    Roslyn Kaman, CFO, Miles Nadal JCC

    Nicole Haggerty, Associate Professor of Information Systems, Ivey Business School

    Chris Austin, CTO, Ivey Business School

    Adriana Callerio, IT Director Performance Management, Molina Healthcare Inc.

    Joe Evers, Consulting Principal, JcEvers Consulting Corp

    Huw Morgan, IT Research Executive

    Joy Thiele, Special Projects Manager, Dunns Creek Baptist Church

    Rick Daoust, CIO, Cambrian College

    Related Info-Tech Research

    Bibliography

    A.T. Kearney. “The 7 Habits of Highly Effective Governance.” A.T. Kearney, 2008. Web. Nov. 2016.

    Bertolini, Phil. “The Transformational Effect of IT Governance.” Government Finance Review, Dec. 2012. Web. Nov. 2016.

    CGI. “IT Governance and Managed Services – Creative a win-win relationship” CGI Group Inc., 2015. Web. Dec. 2016.

    De Haes, Steven, and Wim Van Grembergen. “An Exploratory Study into the Design of an IT Governance Minimum Baseline through Delphi Research.” Communications of the Association for Information Systems: Vol. 22 , Article 24. 2008. Web. Nov. 2016.

    Deloitte LLP. “The Role of Senior Leaders in IT Governance.” The Wall Street Journal, 22 Jun. 2015. Web. Oct. 2016.

    Dragoon, Alice. “Four Governance Best Practices.” CIO From IDG, 15 Aug. 2003. Web. Dec. 2016.

    du Preez, Gert. “Company Size Matters: Perspectives on IT Governance.” PricewaterhouseCoopers, Aug. 2011. Web. Nov. 2016.

    Hagen, Christian, et. al. “Building a Capability-Driven IT Organization.” A.T. Kearney, Jun. 2011. Web. Nov. 2016.

    Heller, Martha. “Five Best Practices for IT Governance.” CFO.com, 27 Aug. 2012. Web. Oct. 2016.

    Hoch, Detlev, and Payan, Miguel. “Establishing Good IT Governance in the Public Sector.” McKinsey Dusseldorf, Mar. 2008. Web. Oct. 2016.

    Horne, Andrew, and Brian Foster. “IT Governance Is Killing Innovation.” Harvard Business Review, 22 Aug. 2013. Web. Dec. 2016.

    ISACA. “COBIT 5: Enabling Processes.” ISACA, 2012. Web. Oct. 2016.

    IT Governance Institute. “An Executive View of IT Governance.” IT Governance Institute, in association with PricewaterhouseCoopers. 2009. Web. Nov. 2016.

    Bibliography continued

    IT Governance Institute. “IT Governance Roundtable: Defining IT Governance.” IT Governance Institute, 2009. Web. Nov. 2016.

    Macgregor, Stuart. “The linchpin between Corporate Governance and IT Governance.” The Open Group’s EA Forum Johannesburg and Cape Town, Nov. 2013. Web. Nov. 2016.

    Mallette, Debra. “Implementing IT Governance An Introduction.” ISACA San Francisco Chapter, 23 Sep. 2009. Web. Oct. 2016.

    Massachusetts Institute of Technology. “IT Governance Introduction.” MIT Centre for Information System Research, 2016. Web. Nov. 2016.

    Mueller, Lynn, et. al. “IBM IT Governance Approach – Business Performance through IT Execution.” IBM Redbooks, Feb. 2008. Web. Nov. 2016.

    National Computing Centre. “IT Governance: Developing a successful governance strategy.” The National Computing Centre, Nov. 2005. Web. Oct. 2016.

    Pittsburgh ISACA Chapter. “Practical Approach to COBIT 5.0.” Pittsburgh ISACA Chapter, 17 Sep. 2012. Web. Nov. 2016.

    PricewaterhouseCoopers. “Great by governance: Improve IT performance and Value While Managing Risks.” PricewaterhouseCoopers, Nov. 2014. Web. Dec. 2016.

    PricewaterhouseCoopers. “IT Governance in Practice: Insights from leading CIOs.” PricewaterhouseCoopers, 2006. Web. Nov. 2016.

    Routh, Richard L. “IT Governance Part 1 of 2.” Online video clip. YouTube. The Institute of CIO Excellence, 01 Aug. 2012. Web. Nov. 2016.

    Salleh, Noor Akma Mohd, et. al. “IT Governance in Airline Industry: A Multiple Case Study.” International Journal of Digital Society, Dec. 2010. Web. Nov. 2016.

    Bibliography continued

    Speckert, Thomas, et. al. “IT Governance in Organizations Facing Decentralization – Case Study in Higher Education.” Department of Computer and Systems Sciences. Stockholm University, 2014. Web. Nov. 2016.

    Thorp, John. The Information Paradox—Realizing the Business Benefits of Information Technology. Revised Edition, McGraw Hill, 2003 (written jointly with Fujitsu).

    Vandervost, Guido, et. al. “IT Governance for the CxO.” Deloitte, Nov. 2013. Web. Nov. 2016.

    Weill, Peter, and Jeanne W. Ross. “IT Governance: How Top Performers Manage IT Decision Rights for Superior Results.” Boston: Harvard Business School, 2004. Print. Oct. 2016.

    Wong, Daron, et. al. “IT Governance in Oil and Gas: CIO Roundtable, Priorities for Surviving and Thriving in Lean Times.” Online video clip. YouTube. IT Media Group, Jun. 2016. Web. Nov. 2016.

    Build an IT Succession Plan

    • Buy Link or Shortcode: {j2store}476|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $338,474 Average $ Saved
    • member rating average days saved: 17 Average Days Saved
    • Parent Category Name: Lead
    • Parent Category Link: /lead
    • Pending retirements in key roles create workforce risks and potentially impact business continuity.
    • Fifty-six percent of organizations have not engaged in succession planning, so they haven’t identified at-risk key roles or successors for those roles.

    Our Advice

    Critical Insight

    • Just under 60% of organizations haven't tackled succession planning.
    • This means that three out of five organizations don’t know what skills they need for the future or what their key roles truly are. They also haven’t identified at-risk key roles or successors for those roles.
    • In addition, 74% of organizations have no formal process for facilitating knowledge transfer between individuals, so knowledge will be lost.

    Impact and Result

    • Info-Tech's Key Roles Succession Planning Tool will help you assess key role incumbent risk factors as well as identify potential successors and their readiness. Pay particular attention to those employees in key roles that are nearing retirement, and flag them as high risk.
    • Plan for the transfer of critical knowledge held by key role incumbents. Managers and HR leaders see significant tacit knowledge gaps in younger workers; prioritize tacit knowledge in your transfer plan and leverage multiple transfer methods.
    • Explore alternative work arrangements to ensure sufficient time to prepare successors. A key role incumbent must be available to complete knowledge transfer.
    • Define formal transition plans for all employees in at-risk key roles and their successors by leveraging your workforce and succession planning outputs, knowledge transfer strategy, and selected alternative work arrangements.

    Build an IT Succession Plan Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build an IT Succession Plan Deck – A step-by-step document that walks you through how to future-proof your IT team.

    Protect your team and organization from losses associated with departure of people from key roles. This blueprint will help you build an IT succession plan to ensure critical knowledge doesn’t walk out the door and continuity of business when people in key roles leave.

    • Build an IT Succession Plan Storyboard

    2. Critical Role Identifier – A tool to help you determine which roles are most critical to the success of your team.

    The purpose of this tool is to help facilitate a conversation around critical roles.

    • Critical Role Identifier

    3. Key Role Succession Planning Template – A tool that walks you through reviewing your talent, succession planning, and determining successor readiness.

    This tool will help IT leaders work through key steps in succession development for each employee in the team, and present summaries of the findings for easy reference and defensibility.

    • Key Roles Succession Planning Tool

    4. Role Profile Template – A template that helps you outline the minimum requirements for each critical role addressed in succession planning.

    This template is a guide and the categories can be customized to your organization.

    • Role Profile Template

    5. Individual Talent Profile Template – A template to assess an employee against the role profiles of critical roles.

    This profile provides the basis for evidence-based comparison of talent in talent calibration sessions.

    • Individual Talent Profile Template

    6. Role Transition Plan Template – A template to help you plan to implement knowledge transfer and alternative work arrangements.

    As one person exits a role and a successor takes over, a clear checklist-based plan will help ensure a smooth transition.

    • Role Transition Plan Template
    [infographic]

    Further reading

    INFO~TECH RESEARCH GROUP

    Build an IT Succession Plan

    Future-proof your IT team.


    Build an IT Succession Plan

    Future-proof your IT team.

    EXECUTIVE BRIEF

    Executive Summary

    Your Challenge

    Most organizations are unprepared for the loss of employees who hold key roles.

    • The departure of employees in key roles results in the loss of valuable knowledge, core business relationships, and profits.
    • Pending retirements in key roles create workforce risks and potentially impact business continuity.

    Planning and executing on key role transition can take years. CIOs should prepare now to mitigate the risk of loss later.

    Common Obstacles
    • The number of organizations which have not engaged in succession planning is 56%; they haven’t identified at-risk key roles, or successors for those roles.
    • Analyzing key roles at the incumbent and successor level introduces real-life, individual-focused factors that have a major impact on role-related risk.
    Info-Tech’s Approach
    • Plan for the transfer of critical knowledge held by key role incumbents.
    • Explore alternative work arrangements to ensure sufficient time to prepare successors.
    • Define formal transition plans for all employees in at-risk key roles and their successors.

    Info-Tech Insight

    Losing employees in key roles without adequate preparation hinders productivity, knowledge retention, relationships, and opportunities. Implement scalable succession planning to mitigate the risks.

    Most organizations are unprepared for the loss of employees who hold key roles

    Due to the atmosphere of uncertainty.

    Not only do they not have the right processes in place, but they are also ill-equipped to deal with the sheer volume of retirees in the future.

    Over 58% of organizations are unprepared for Baby Boomer retirement. Only 8% said they were very prepared.

    Pie chart with percentages of organizations who are prepared for Baby Boomer retirement.
    (Source: McLean & Company, 2013; N=120)

    A survey done by SHRM and AARP found similar results: 41% of HR professionals said their organizations have done nothing and don’t plan to do anything to prepare for a possible worker shortage as Boomers retire.

    (Source: Poll: Organizations Can Do More to Prepare for Talent Shortage as Boomers Retire)
    This means that three out of five organizations don’t know what skills they need for the future, or what their key roles truly are. They also have not identified at-risk key roles or successors for those roles.
    (Source: McLean & Company, 2013, N=120)

    To make matters worse, 74% of organizations have no formal process for facilitating knowledge transfer between individuals, so knowledge will be lost.

    Pie chart with percentages of organizations with a formal process for facilitating knowledge transfer.
    (Source: McLean & Company, 2013; N=120)

    Most organizations underestimate the costs associated with ignoring succession planning

    “In many cases, executives have no idea what knowledge they are losing.” (TLNT: Lost Knowledge – What Are You and Your Organization Doing About It?”)
    Objections to succession planning now: The risks of this mindset…
    “The recession bought us time to plan for Baby Boomer retirement.” Forty-two percent of organizations believe this to be true and may feel a false sense of security. Assume it takes three years to identify an internal successor for a key role, develop them, and execute the transition. Add the idea that, like most organizations, you don’t have a repeatable process for doing this. Do you still have enough time?
    “The skills possessed by my organization’s Baby Boomers are easy to develop in others internally.” Forty percent of organizations agree with this statement, but given the low rate of workforce planning taking place, most may not actually know the skills and knowledge they need to meet future business goals. These organizations may realize their loss too late.
    “We don’t have the time to invest in succession planning.” Thirty-nine percent of organizations cite this as an obstacle, which is a very real concern. Adopting a simple, scalable process that focuses on the most mission critical key roles will be easier to digest, as well as eliminate time wasted trying to recoup losses in the long run. The costs of not planning are much higher than the costs of planning.
    “We don’t know when our boomers plan to retire, so we can’t really plan for it.” The fact that 42% of organizations do not know employees’ retirement plans is proof positive that they’re operating blind. You can’t plan for something if you don’t have any information about what to plan for or the time frame you’re working against.
    “My organization puts a premium on fresh ideas over experience.” While nearly 45% of organizations prioritize fresh ideas, 50% value experience more. Succession planning and knowledge transfer are important strategies for ensuring experience is retained long enough for it to be passed along in the organization.

    Use Info-Tech’s tools and templates

    Talent Review

    Succession Planning

    Knowledge Transfer

    Key tools and templates to help you complete your project deliverables
    Key Roles Succession Planning Tool
    Critical Role Identifier
    Role Profile Template
    Individual Talent Profile Template
    Key Roles Succession Planning Tool
    Role Profile Template
    Individual Talent Profile Template
    Role Transition Plan Template
    Key Roles Succession Planning Tool
    Role Profile Template
    Individual Talent Profile Template
    Your completed project deliverables

    Critical Role Identifier

    Key Roles Succession Plan

    Key Role Profiles

    Individual Talent Profiles

    Key Role Transition Plans

    Ignoring succession planning could cause significant costs

    Losing knowledge will undermine your strategy in four ways:

    Inefficiency

    Inefficiency due to “reinvention of the wheel.” When workers leave and don’t effectively transfer their knowledge, duplication of effort to solve problems and find solutions occurs.

    Innovation

    Reduced capacity to innovate. Older workers know what works and what doesn’t, what’s new and what’s not. They can identify the status quo faster to make way for novel thinking.

    Competitive Advantage

    Loss of competitive advantage. Losing knowledge and/or established client relationships hurts your asset base and stifles growth.

    Vulnerability

    Increased vulnerability. Losing knowledge can impede your organizational ability to identify, understand, and mitigate risks. You’ll have to learn through experience all over again.

    Succession planning improves performance by reducing the impact of sudden departures

    Business Continuity

    Succession planning limits disruption to daily operations and minimizes recruitment costs:

    • The average time to fill a vacant role externally in the US is approximately 43 days (Workable). Succession planning can reduce this via a talent pool of ready-now successors.
    Engagement & Retention

    Effective succession planning is a tool for engaging, developing, and retaining employees:

    • Of departing employees, 45% cite lack of opportunities for career advancement as the moderate, major, or primary reason they left (McLean & Company Exit Survey, 2018, N=7,530).
    Innovation & Growth

    Knowledge is a strategic asset, and succession planning can help retain, grow, and capitalize on it:

    • Retaining the experience and expertise of individuals departing from critical roles supports and enhances the quality of innovation (Harvard Business Review, 2008).

    Info-Tech’s approach

    Talent Review

    Conduct a talent review to identify key roles

    Short bracket.
    Succession Planning

    Succession planning helps you assess which key roles are most at risk

    Long bracket.
    Knowledge Transfer

    Utilize methods that make it easy to apply the knowledge in day-to-day practice.

    Long bracket.
    Identify Critical Roles Assess Talent Identify Successors Develop Successors Select Successors Identify Critical Knowledge Select Transfer Methods Document Role Transition Plans

    Future-Proofed IT Team
    • Business continuity
    • The right people, in the right positions, at the right time
    • Retention due to employee development & growth
    • IT success
    • Decreased impact of sudden departures
    • Improved performance

    Info-Tech’s methodology for building an IT succession plan

    1. Talent Review 2. Succession Planning 3. Knowledge Transfer
    Phase Steps
    1. Identify critical roles
    2. Assess talent
    1. Identify successor pool
    2. Develop successors
    3. Select successors
    1. Identify critical knowledge
    2. Select knowledge transfer methods
    3. Document role transition plans
    Phase Outcomes
    • Documented business priorities
    • Identified critical roles including required skills and knowledge that support achievement of business strategy
    • Key at-risk roles identified.
    • Potential successors for key roles identified.
    • Gap assessment between key role incumbents and potential successors.
    • Critical knowledge risks identified.
    • Appropriate knowledge transfer methods selected.
    • Documented knowledge transfer initiatives for key role transition plans.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is six to ten calls over the course of four to eight months.

    What does a typical GI on this topic look like?

    Phase 1

    Phase 2

    Phase 3

    Call #1: Scope requirements, objectives, and your specific challenges. Call #2:Review business priorities and clarify criteria weighting.

    Call #3: Review key role criteria. Explain information collection process.

    Call #4: Review risk and readiness assessments.

    Call #5: Analyze gaps between key roles and successors for key considerations.

    Call #6: Feedback and recommendations on critical knowledge risks.

    Call #7: Review selected transfer methods.

    Call #8: Analyze role transition plans for flags.

    Build an IT Succession Plan

    Phase 1

    Talent Review

    Phase 1

    1.1 Identify Critical Roles

    1.2 Assess Talent

    Phase 2

    2.1 Identify Successors

    2.2 Develop Successors

    2.3 Select Successors

    Phase 3

    3.1 Identify Critical Knowledge

    3.2 Select Transfer Methods

    3.3 Document Role Transition Plan

    This phase will walk you through:

    • Identifying your business priorities
    • Identifying your critical roles including required skills and knowledge that support achievement of business strategy

    Tools and resources used:

    • Key Roles Succession Planning Tool
    • Key Role Profile
    • Individual Talent Profile
    • Critical Role Identifier

    This phase involves the following participants:

    • IT leadership/management team
    • HR

    Conduct a talent review to identify key roles

    Sixty percent of organizations have not engaged in formal workforce planning, so they don’t know what skills they need or what their key roles truly are. (Source: McLean & Company, 2013; N=139)
    1. A talent review ensures that each work unit has the right people, in the right place, at the right time to successfully execute the business strategy.
    2. Only 40% of organizations have engaged in some form of workforce planning.
    3. The first step is to identify your business focus; with this information you can start to note the key roles that drive your business strategy.

    Key roles

    Where an organization’s most valued skills and knowledge reside

    Organizations should prepare now to mitigate the risk of loss later.

    Key roles are:

    • Held by the most senior people in the organization, who carry the bulk of leadership and decision-making responsibility.
    • Highly technical or specialized, and therefore difficult to replace.
    • Tied closely to unique or proprietary processes or possess knowledge that cannot be procured externally.
    • Critical to the continuation of business and cannot be left vacant without risking business operations.

    Info-Tech Insight

    Losing employees in key roles without adequate preparation for their departure has a direct impact on the bottom line in terms of disrupted productivity, lost knowledge, severed relationships, and missed opportunities.

    A tree of key roles, starting with CEO and branching down.

    Identifying key roles is the first step in a range of workforce management activities because it helps establish organizational needs and priorities, as well as focusing planning effort.

    A talent review allows you to identify the knowledge and skills you need today and for the long term.

    Knowing what you need is the first step in determining what you have and what you need to keep.

    • A talent review is an analytic planning process used to ensure a work unit has the right people, in the right place, at the right time, and for the right cost in order to successfully execute its business strategy. It allows organizations to:
    • Evaluate workforce demographics, review skills, and conduct position inventories.
    • Evaluate business continuity risk from a talent perspective by identifying potential workforce shortages.
    • Identify critical positions, critical skills for each position, and percentage of critical workers retiring to assess the potential impact of losing them.
    • Look at the effect of loss on new product development, revenues, costs, and business strategic objectives.

    Caution

    A talent review is a high-level planning process which does not take individual employees into consideration. Succession planning looks at individuals and will be discussed in Phase 2.

    A talent review gets you to think in terms of:

    • Where your organization wants to be in five years.
    • What skills the organization needs to meet business goals between now and then.
    • How it can be best positioned for the longer-term future.

    Note: Planning against a time frame longer than five years is difficult because uncertainty in the external business environment will have unforeseen effects. Revisit your plan annually and update it, considering changes.

    Step 1.1

    Identify critical roles

    Activities
    • 1.1.1 Document Business Priorities, Goals, and Challenges
    • 1.1.2 Clarify Key Role Criteria and Weighting
    • 1.1.3 Evaluate Role Importance
    • 1.1.4 Key Role Selection and Comparison
    • 1.1.5 Capture Key Elements of Critical Roles

    The primary goal of this step is to ensure we have effectively identified key roles based on business priorities, goals, and challenges, and to capture the key elements of critical roles.

    Outcomes of this step

    • Documented business priorities, goals, and challenges.
    • Key elements of critical roles captured.
    • Key role criteria and weighting.
    Talent Review
    Step 1.1 Step 1.2

    Business priorities will determine the knowledge and skills you value most

    Venn diagram of business priorities: 'Customer Focus', 'Operational Focus', and 'Product Focus'.
    Note: Most organizations will be a blend of all three, with one predominating
    “I’ve been in the position where the business assumes everyone knows what is required. It’s not until you get people into a room that it becomes clear there is misalignment. It all seems very intuitive but in a lot of cases they haven’t made the critical distinctions regarding what exactly the competencies are. They haven’t spent the time figuring out what they know.” (Anne Roberts, Principal, Leadership Within Inc.)

    1.1.1 Document business priorities

    Input: Business strategic plan

    Output: Completed workforce planning worksheet (Tab 2) of the Key Roles Succession Planning Tool

    Materials: Key Roles Succession Planning Tool

    Participants: IT leadership

    Start by identifying your business priorities based on your strategic plan. The goal of this exercise is to blast away assumptions and make sure leadership has a common understanding of your target.

    With the questions on the previous slide in mind document your business priorities, business goals, and business challenges in Tab 2 of the Key Roles Succession Planning Tool worksheet.

    Get clear answers to these questions:

    • Are we customer focused, product focused, or operationally focused? In other words, is your organization known for:
      • Great customer service or a great customer experience?
      • The lowest price?
      • Having the latest technology, or the best quality product?
    • What are our organizational/departmental business goals? To improve operational effectiveness, are we really talking about reducing operational costs?
    • What are the key business challenges to address within the context of our focus?

    Key Roles Succession Planning Tool

    Clarify what defines a key role

    A key role is crucial to achieving organizational objectives, drives business performance, and includes specialized and rare competencies. Key roles are high in strategic value and rarity – for example, the developer role for a tech company.
    Chart with axes 'Rarity' and 'Strategic Value'. Lowest in both are 'Supporting Roles', Highest in both are 'Critical Roles', and the space in the middle are 'Core Roles'. Look at two dimensions when examining roles:
    • Strategic value refers to the importance of the role in keeping the organization functioning and executing on the strategic objectives.
    • Rarity refers to how difficult it is to find and develop the competencies in the role.

    Info-tech insight

    Traditionally, succession planning has only addressed top management roles. However, until you look at the evidence, you won’t know if these are indeed high-value roles, and you may be missing other critical roles further down the hierarchy.

    Use the Critical Role Identifier to facilitate the identification of critical roles with your leaders.

    1.1.2 Clarify key role criteria & weighting

    Input: Business strategic plan

    Output: Weighted criteria to help identify critical roles

    Materials: Critical Role Identifier

    Participants: IT leadership

    1. Using Tab 2 of the Critical Role Identifier tool, along with the information on the previous slide, determine the relative importance of four criteria as contributing to the importance of a role within the organization.
    2. Rate each of the four criteria: strategic value, rarity, revenue generation, business/operation continuity, and any custom criteria numerically. You might choose only one or two criteria – they all do not need to be included.
    3. Document your decisions in Tab 2 of the Critical Role Identifier.

    Critical Role Identifier

    1.1.3 Evaluate role importance

    Input: List of IT roles

    Output: Full list of roles and a populated Critical Role Selection sheet (Tab 4)

    Materials: Critical Role Identifier

    Participants: IT leadership

    1. Using Tab 3 of the Critical Role Identifier, collect information about IT roles.
    2. Start by listing each role under consideration, and its department or subcategory.
    3. For each criteria statement listed across the top of the sheet, select an option from the drop-down menu to reflect the appropriate answer scale rating. Replace the text in grey with information customized to your team. If criteria has a weighting of zero in Tab 2, the questions associated with that criteria will be greyed out and do not have to be answered.

    Critical Role Identifier

    Identify the key roles that support and drive your business priorities

    Focus on key IT roles instead of all roles to save time and concentrate effort on your highest risk areas.

    Key Roles include:

    • Strategic Roles: Roles that give the greatest competitive advantage. Often these are roles that involve decision-making responsibility.
    • Core Roles: Roles that must provide consistent results to achieve business goals.
    • Proprietary Roles: Roles that are tied closely to unique or proprietary internal processes or knowledge that cannot be procured externally. These are often highly technical or specialized.
    • Required Roles: Roles that support the department and are required to keep it moving forward day-to-day.
    • Influential Roles: Positions filled by employees who are the backbone of the organization, the go-to people who are the corporate culture.
    Ask these questions to identify key roles:
    1. What are the roles that have a significant impact on delivering the business strategy?
    2. What are the key differentiating roles for our organization?
    3. Which roles, if vacant, would leave the organization open to non-compliance with regulatory or legal requirements?
    4. Which roles have a direct impact on the customer?
    5. Which roles, if vacant, would create system, function, or process failure for the organization?

    1.1.4 Key role selection and comparison

    Input: Tab 3 of the Critical Role Identifier

    Output: List of roles from highest to lowest criticality score, List of key roles entered in Tab 2 of the Key Roles Succession Planning Tool

    Materials: Critical Role Identifier, Key Roles Succession Planning Tool

    Participants: IT leadership

    1. Using tab 4 of the Critical Role Identifier, which displays the results of the role importance evaluation, review the weighted criticality score. To add or remove roles or departments make changes on Tab 3.
    2. Use this table to see the scores and roles from highest to lowest based on your weightings and scoring.
    3. In column J, classify the roles as critical, core, or supporting based on the weighted overall score and the individual criteria scores.
      1. Critical – is crucial to achieving organizational objectives, drives business performance, and includes specialized and rare skills.
      2. Core – is related to operational excellence. Highly strategically valuable but easy to find or develop.
      3. Supporting – is important in keeping business functioning; however, the strategic value is low. Competencies are easy to develop.
    4. Once you’ve selected the key roles, transfer them into Tab 2 of the Key Roles Succession Planning Tool worksheet where you have documented your business priorities.

    Critical Role Identifier

    Key Roles Succession Planning Tool

    1.1.5 Capture key elements of critical roles

    Input: Job descriptions, Success profiles, Competency profiles

    Output: List of required skills and knowledge for key roles, Role profiles documented for key roles

    Materials: Key Roles Succession Planning Tool, Role Profile Template

    Participants: IT leadership

    1. Document the minimum requirements for critical roles in column E and F of Tab 2 of the Key Roles Succession Planning Tool. Include elements that drive talent decisions, are measurable, and are oriented to future organizational needs.
    2. Consider how leadership competencies and technical skills tie to business expansion plans, new service offerings, etc.
    3. Use the Role Profile Template to help in this process and to maintain up-to-date information.
    4. Role profiles may be informed by existing job descriptions, success profiles, or competency profiles.
    5. Conduct regular maintenance on your role profiles. Outdated and inaccurate role-related information can make succession planning efforts ineffective.

    Key Roles Succession Planning Tool

    Role Profile Template

    Case Study

    Conduct a “sanity check” by walking through a checklist of all roles to ensure you haven’t missed anything.
    INDUSTRY
    Large Provincial Hospital
    SOURCE
    Payroll Manager
    Challenge
    • Key roles may not be what you think they are.
    • The Payroll Manager of a large Provincial hospital, with 20-year tenure, announced her retirement.
    • Throughout her tenure, this employee took on many tasks outside the scope of her role, including pension calculations/filings and other finance-related tasks that required a high level of specialized knowledge of internal systems.
    Solution
    • Little time or effort was placed on fully understanding what she did day-to-day.
    • Furthermore, the search for a replacement was left far too late, which meant that she vacated the role without training a replacement.
    • Low level roles can become critical to business continuation if they’re occupied by only one person, creating a “single point of failure” if they become vacant.
    Results
    • It wasn’t until after she left that it became obvious how much extra work she was doing, which made it nearly impossible to find a replacement.
    • Her manager found a replacement to take the payroll duties but had to distribute the other duties to colleagues (who were very unhappy about the extra tasks).
    • This role may not seem like a “key role,” but the incumbent turned it into one. Keep tabs on what people are working on to avoid overly nuanced role requirements.

    Step 1.2

    Assess talent

    Activities
    • 1.2.1 Identify Current Incumbents’ Information
    • 1.2.2 Identify Potential Successors and Collect Information

    The primary goal of this step is to assess departmental talent and identify gaps between potential successors and key roles. This analysis is intended to support departmental access to suitable talent ensuring future business success.

    Outcomes of this step

    • Collection of current incumbents’ information.
    • Collection of potential successor information.
    • Gap assessment.

    Talent Review

    Step 1.1 Step 1.2

    Find out key role incumbents’ career plans

    Have career discussions with key role incumbents

    • Do not ask employees directly about their retirement plans as this can be misconstrued as age discrimination – let them take the initiative.
    • To take the spotlight away from older workers and potential feelings of discrimination, supervisors should be having these discussions with their employees at least annually.
    • Having this discussion creates an opportunity for employees to share their retirement plans, if they have any.
    • Warning: This is not the time to make promises about the future. For example, alternative work arrangements cannot be guaranteed without further analysis and planning.
    Do the following:
    1. Book a meeting with employees and ask them to prepare for a career development discussion.
    2. Ask direct questions about motivation, lifestyle preferences, and passions.
    3. Spend the time to understand your employees’ goals and their development needs.
    If an employee discloses that they plan to leave within the next few years:
    1. Gather information about approximate exit dates (non-binding).
    2. Find out their opinions about how they would like to transition out of their role, including any alternative work arrangements they would like to pursue.

    Potential questions to ask during career discussions with key role incumbents

    • Where do you see yourself in five years?
    • What role would you see yourself in after this one?
    • What gets you excited about coming to work?
    • Describe your greatest strengths. How would you like to use those strengths in the future?
    • What is standing in the way of your career goals?
    ** Do not ask employees directly about their retirement plans as this can be misconstrued as age discrimination – let them take the initiative.**
    Stock photo of a smiling employee with grey hair.

    1.2.1 Identify current incumbents' information

    Input: Key roles list, Employee information

    Output: List of key roles with individual incumbent information

    Materials: Key Roles Succession Planning Tool – Succession Plan Worksheet (Tab 3)

    Participants: IT leadership/management team, HR, Current incumbents if necessary

    Identify current incumbents for all key roles and collect information about them.

    Using Tab 3 of the Key Roles Succession Planning Tool identify the incumbent (the person currently in the role) for all key roles.

    Distribute the worksheet to department managers and team leaders to complete the information below for each key role.

    For that incumbent, also document:

    1. Their time in that role.
    2. Their overall performance in current role (does not meet, meets, or exceeds expectations).
    3. Next step in career (target role or retirement).
    4. Time until exit from the current role (known or estimated).
    5. Development needs for next step in career.
    6. Any additional knowledge and skills they possess beyond the role description that is of value to the organization.

    Upon completion, managers and team leaders should review the results with the department leader.

    Key Roles Succession Planning Tool

    Identify potential successors for all key roles

    It’s imperative that multiple sources of information are used to ensure no potential successor is missed and to gain a complete candidate picture.

    Work collaboratively with the management team and HR business partners for names of potential successors.

    The management team includes:

    • The incumbent’s direct supervisor.
    • Managers from the department in which the key role exists.
    • Leaders of teams with which potential successors have worked.
    • The key role incumbent (assuming it’s appropriate to do so).

    Use management roundtable discussions to identify and analyze each potential successor.

    • Participants should come equipped with names of potential successors and be prepared to provide a rationale for their recommendation.
    • Provide all participants with the key role job description in advance of the meeting, including responsibilities and required knowledge and skills.

    Don’t confuse successors with high potentials!

    • Identifying high potential employees involves recognizing those employees who consistently outperform their peers, progress more quickly than their peers, and live the company culture. They are usually striving for leadership roles.
    • While you also want your successors to exemplify these qualities of excellence, succession planning is specifically about identifying the employees who currently possess (or soon will possess) the skills and knowledge required to take over a key role.
    • Remember: Key roles are not limited to leadership roles, so cast a wider net when identifying succession candidates.
    See the following slide for sources of information participants should consult to back up their recommendations and vet succession candidates.

    Determine how employees will be identified for talent assessment

    Description Advice
    Management-nominated employees
    • Managers or skip-level leaders nominate potential successors within or outside their team.
    • Limit bias by requiring management nominations to be based on specific evidence of performance and potential.
    High-potential employees (HiPos)
    • Consider employees who are in an existing high-potential program.
    • Determine whether the HiPo program sufficiently assesses for critical role requirements. Successors must possess the skills and knowledge required for specific critical roles. Expand assessment beyond just HiPo.
    Self-nominated employees
    • Employees are informed about succession planning and asked to indicate their interest in critical roles.
    • Train managers to support the program and to handle difficult conversations (e.g. employee submitted self-nomination and was unsuccessful).
    All employees
    • All employees across a division, geography, function, or leadership level are invited for assessment.
    • While less common, this approach is appropriate for highly inclusive cultures. Be prepared to invest significantly more time and resources.
    When identifying employees, keep the following advice in mind:

    Widen the net

    Don’t limit yourself to the next level down or the same functional group.

    Match transparency

    With less transparency, there are fewer options, and you risk missing out on potential successors.

    Select the appropriate talent assessment methods

    Identify all talent assessment types used in your organization and examine their ability to inform decision-making for critical role assignments. Select multiple sources to ensure a robust talent assessment approach:

    A sound talent assessment methodology will involve both quantitative and qualitative components. Multiple data inputs and perspectives will help ensure relevant information is prioritized and suitable candidates aren’t overlooked.

    However, beware that too many inputs may slow down the process and frustrate managers.

    Beware of biases in talent assessments. A common tendency is for people to recommend successors who are exactly like them or who they like personally, not necessarily the best person for the job. HR must (diplomatically) challenge leaders to use evidence-based assessments.

    Good Successor Information Sources

    • 360-Degree Feedback – (breadth and accuracy)
    • HR-led Interviews – (objectivity and confirmation)
    • Talent Review Meetings – (leadership input)
    • Stretch Assignments – (challenge comfort zones)
    • Competency-Based Aptitude Tests – (objective data)
    • Job Simulations – (real-life testing)
    • Recent Performance Evaluations – (predictor of future performance)

    Prepare to customize the Individual Talent Profile Template

    Ensure the role profile and individual talent profile are synchronized to enable comparing employee qualifications and readiness to critical role requirements. Sample of the Role Profile.

    Role Profile

    A role profile contains information on the skills, competencies, and other minimum requirements for the critical role. It details the type of incumbent that would fit a critical role.
    Stock image of a chain link.

    Use both in conjunction during:

    • Talent assessment
    • Successor identification
    • Successor development
    • Successor selection
    Sample the Individual Talent Profile.

    Individual Talent Profile

    A talent profile provides information about a person. In addition to responding to role profile criteria, it provides information on an employee’s past experiences and performance, career aspirations, and future potential.

    1.2.2 Identify Potential Successors’ Information

    Input: Key roles list, Employee information, Completed role profiles and/or Tab 2 role information.

    Output: List of potential successors for key roles that are selected for talent assessment

    Materials: Key Roles Succession Planning Tool – Succession Plan Worksheet (Tab 3)

    Participants: IT leadership, IT team leads, Employees

    Identify potential successors for key roles and collect critical information.

    Have managers and team leads complete column I on Tab 3 of the Key Roles Succession Planning Tool and review with the department leader.

    There may be more than one potential successor for key roles; this is okay.

    Once the list is compiled, complete an individual talent profile for each potential successor. Record an employee’s:

    1. Employee information
    2. Career goals
    3. Experience and education
    4. Achievements
    5. Competencies
    6. Performance
    7. Any assessment results

    Once the profiles are completed, they can be compared to the role profile to identify development needs.

    Key Roles Succession Planning Tool

    Individual Talent Profile Template

    Build an IT Succession Plan

    Phase 2

    Succession Planning

    Phase 1

    1.1 Identify Critical Roles

    1.2 Assess Talent

    Phase 2

    2.1 Identify Successors

    2.2 Develop Successors

    2.3 Select Successors

    Phase 3

    3.1 Identify Critical Knowledge

    3.2 Select Transfer Methods

    3.3 Document Role Transition Plan

    This phase will walk you through how to:

    • Conduct an assessment to identify “at risk” key role incumbents.
    • Identify potential successors for key roles and collect critical information.
    • Assess gaps between key role incumbents and potential successors.

    Tools and resources used:

    • Key Roles Succession Planning Tool
    • Key Role Profile
    • Individual Talent Profile

    This phase involves the following participants:

    • IT leadership/management team
    • HR

    Succession planning helps you assess which key roles are most at risk

    Drilling down to the incumbent and successor level introduces “real life,” individual-focused factors that have a major impact on role-related risk.

    Succession planning is an organizational process for identifying and developing talent internally to fill key business roles. It allows organizations to:

    • Understand the career plans of employees to allow organizations to plan more accurately.
    • Identify suitable successors for key roles and assess their readiness.
    • Mitigate risks to long-term business continuity and growth.
    • Avoid external replacement costs including headhunting and recruitment, HR administration, and productivity loss.
    • Retain internal tacit knowledge.
    • Increase engagement and retention; keeping talented people reinforces career path opportunities and builds team culture.

    Caution:

    Where the talent review was about high-level strategic planning for talent requirements, succession planning looks at individual employees and plans for which employees will fulfill which key roles next.
    “I ask the questions, What are the risks we have with these particular roles? Is there a way to disperse this knowledge to other members of the group? If yes, then how do we do that?” (Director of HR, Service Industry)

    Succession planning ultimately must drill down to individual people – namely, the incumbent and potential successors.

    This is because individual human beings possess a unique knowledge and skill set, along with their own personal aspirations and life circumstances.

    The risks associated with a key role are theoretical. When people are introduced into the equation, the “real life” risk of loss for that key role can change dramatically.

    Succession Planning

    Funnel titled 'Succession Planning' with 'Critical Roles' at the top of the funnel, 'Critical Knowledge and Skills' as the middle of the funnel, 'Individuals' as the bottom of the funnel, and it drains into 'Incumbent's Potential Successors'.

    Step 2.1

    Identify Successors

    Activities
    • 2.1.1 Conduct Individual Risk Assessment
    • 2.1.2 Successor Readiness Assessment

    This step highlights the relative positioning of all employees assessed for departure risk compared to the potential successors’ readiness, identifying gaps that create risk for the organization, and need mitigation strategies.

    Outcomes of this step

    • Individual risk assessment results – mitigate, manage, accept matrix.
    • Potential successor readiness ranking.
    • Determination on transparency level with successors.

    Succession Planning

    Step 2.1 Step 2.2 Step 2.3

    Decide how to obtain information on employee interest in critical roles

    Not all employees may want to be considered as part of the succession planning program. It might not fit their short- or long-term plans. Avoid misalignment and outline steps to ascertain employee interest.

    Transparency

    • Use your target transparency level to:
      • Determine the degree of employees’ participation in self-assessment.
      • Guide organization-wide and targeted messaging about succession planning (see Step 3).

    Timing

    • Ensure program-level communication has occurred before asking employees about their interests in critical roles, in order to garner more trust and engagement.
    • Decide at what point along the succession planning process (if at all) that employee’s career interests will be collected and incorporated.

    Manager accountability and resources

    • Identify resources needed for managers to conduct targeted career conversations with employees (e.g. training, communication guides, key messaging).
    • If program communication is to be implemented organization-wide, approach accordingly.

    Obtaining employee interest ensures process efficiency because:

    • Time isn’t wasted focusing on candidates who aren’t interested.
    • The assessment group is narrowed down through self-selection.

    Level-set expectations with employees:

    • Communicate that they will be considered for assessment and talent review discussions.
    • Ensure they understand that everyone assessed will not necessarily be identified or selected as a successor.

    Conduct a risk assessment

    Identify key role incumbents who may leave before you’re ready.

    Pay particular attention to those employees nearing retirement and flag them as high risk.

    Understand the impact that employee age has on key role risk. Keep the following in mind when filling out the Individual Risk Assessment of the Key Roles Succession Planning Tool. See the next slide for more details on this.

    High Risk Arrow pointing both ways vertically. Anyone 60 years of age or older, or anyone who has indicated they will be retiring within five years.
    Moderate Risk Employees in their early 50s are still many years away from retirement but have enough years remaining in their career to make a significant move to a new role outside of your organization. Furthermore, they have specialized skills making them more attractive to external organizations.
    Employees in their late 50s are likely more than five years away from retirement but are also less likely than younger employees to leave your organization for another role elsewhere. This is because of increasing personal risk in making such a move, and persistent employer unwillingness to hire older employees.
    Low Risk Technically, when it comes to succession planning for key roles held by employees over the age of 50, no one should be considered “low risk for departure.
    Pull some hard demographic data.

    Compile a report that breaks down employees into age-based demographic groups.

    Flag those over the age of 50 – they’re in the “retirement zone” and could decide to leave at any time.

    Check to see which key role incumbents fall into the “over 50” age demographic. You’ll want to shortlist these people for an individual risk assessment.

    Update this report twice a year to keep it current.

    For those people on your shortlist, gather the information that supervisors gained from the career discussions that took place. Specifically, draw out information that indicates their retirement plans.

    2.1.1 Conduct Individual Risk Assessment

    Input: Completed Succession Plan worksheet

    Output: Risk assessment of key role incumbents, understanding of which key role departures to manage, mitigate, and accept

    Materials: Key Roles Succession Planning Tool – Individual Risk Assessment (Tab 4), Key Roles Succession Planning Tool – Risk Assessment Results (Tab 5)

    Participants: IT leadership/management team

    Assign values for probability of departure and impact of departure using the Key Roles Succession Planning Tool.

    For those in key roles and those over 50, complete the Individual Risk Assessment (Tab 4) of the Key Roles Succession Planning Tool:

    1. Assess each key role incumbent’s probability of departure based on your knowledge. If the person is going to another job, is a known flight risk, or faces dismissal, the probability is high.
      • 0-40: Unlikely to Leave. If the employee is new to the role, highly engaged, or a high potential.
      • 41-60: Unknown. If the employee is sending mixed messages about happiness at work, or sending no messages, it may be difficult to guess.
      • 61-100: Likely to Leave. If the employee is nearing retirement, actively job searching, disengaged, or faces dismissal, then the probability of departure is high.
    2. Assess the role and the individual’s impact of departure on a scale of 1 (no impact) to 100 (devasting impact).
    3. Review the risk assessment results on tab 5 of the planning tool. The employees that appear in the mitigate quadrant are your succession planning priorities.

    Key Roles Succession Planning Tool

    Define readiness criteria for successor identification

    1. Select the types of readiness and the number of levels:

      Readiness by time horizon:

      • Successors are identified as ready based on how long it is estimated they will take to acquire the minimum requirements of the critical role.
      • Levels example: Ready Now, Ready in 1-2 Years, Ready in 3-5 Years.

      Readiness by moves:

      • Successors are identified as ready based on how many position moves they have made or how many developmental experiences they have had.
      • Levels example: Ready Now, Ready after 1 Move, Ready after 2 Moves.
    2. Create definitions for each readiness level:
      Example:

      Performance

      Potential

      Ready Now Definition: Ability to deliver in current role Requirement: Meets or exceeds expectations Definition: Ability to take on greater responsibility Requirement: Demonstrates learning agility
      The 9-box is an effective way to map performance and potential requirements and can guide management decision making in talent review and calibration sessions. See McLean & Company’s 9-Box Job Aid for more information. Sample of the 9-Box Job Aid, a 9-field matrix with axes 'Potential: Low to High' and 'Performance: Low to High'.
      “Time means nothing. If you say someone will be ready in a year, and you’ve done nothing in that year to develop them, they won’t be ready. We look at it as moves or experiences: ready now, ready in one move, ready in two moves.” (Amanda Mathieson, Senior Manager, Talent Management, Tangerine)

    2.1.2 Successor Readiness Assessment

    Input: Individual talent profiles, List of potential successors (Tab 3)

    Output: Readiness ranking for each potential successor

    Materials: Key Roles Succession Planning Tool

    Participants: IT leadership/management team

    Assign values for probability of departure and impact of departure using the Key Roles Succession Planning Tool.

    Using Tab 6 of the Key Roles Succession Planning Tool, evaluate the readiness of each potential successor that you previously identified.

    1. Enter the name, current role, and target role of each potential successor into the spreadsheet.
    2. For each employee, fill in a response from “strongly agree” to “strongly disagree” for the assessment criteria statements listed in column B of Tab 6. This will give you a readiness ranking in row 68.

    Key Roles Succession Planning Tool

    Decide if and how successors will be told about their status in the succession plan

    1. Decide if employees will be told. Be as transparent as possible. This will provide several benefits to your organization (e.g. higher engagement, retention) while managing potential risks (e.g. perception that the process is unfair, reducing motivation to perform).
    2. Decide who will tell them. Decide based on the culture of your organization; are official communications usually conveyed through the direct manager, HR, senior leaders, or steering committee?
    1. Determine how you will tell them.

      Suggested messaging to non-successors:

      • Not being identified as a successor does not mean that an employee is not valued by the organization, nor does it indicate the employee will be let go. It simply means that the organization needs a backup plan to manage risk.
      • Employees can still develop toward a critical role they are interested in, and the organization will continue to evaluate whether they can be a potential successor.
      • It is the employee’s responsibility to own their development and communicate to their manager any interest they have in critical roles.

      Suggested messaging to successors:

      • Being identified as a successor is an investment in employee development – not a guaranteed promotion.
      • Successor status may change based on changes to the critical role itself, or if performance is not on par with expectations.
      • The organization strives to be as fair and objective as possible through evidence-based assessments of performance and potential.

    Case Study

    Failing to have a career aspiration discussion with a potential successor leaves a sales director in a bind.

    INDUSTRY
    Professional Services
    SOURCE
    Confidential
    Challenge
    • A senior sales director in a medium-sized private company knew there would be a key management opportunity opening up in six months. He had one candidate in mind: a key contributor from the sales floor.
    • The sales manager assumed that the sales representative would want the management position and began planning the candidate’s required training in order to get him ready.
    Solution
    • Three months before the position opened up, the manager finally approached the representative about the opportunity, telling the representative that he was an excellent candidate for the role.
    • However, the sales representative was not interested in managing people. He wanted to come in, do a really great day’s worth of work, and then go home and be done. He already loved what he did.
    Results
    • The sales representative turned down the offer point blank, leaving the manager with less than three months to find and groom a new internal successor.
    • The manager failed on several fronts. First, he did not ask the employee about his career aspirations. Second, he did not groom a pool of potential successors for the role, affording no protection in the event that the primary candidate couldn’t or wouldn’t assume the role.

    Step 2.2

    Develop Successors

    Activities
    • 2.2.1 Outline Successor Development Process

    The primary goal of this step is to identify the steps that need to be taken to develop potential successors. Focus on training employees for their future role, not just their current one.

    Outcomes of this step

    • Identified gaps between key role exits and successor readiness.

    Succession Planning

    Step 2.1 Step 2.2 Step 2.3

    2.2.1 Outline Successor Development Process

    Input: Role profiles, Talent profiles, Talent assessments

    Output: Identified gaps between key role exits and successor readiness

    Materials: Key Roles Succession Planning Tool – Successor Identification (Tab 7)

    Participants: IT leadership/management team

    Prepare successors for their next role, not just their current one.

    Use role and talent profiles and any talent assessment results to identify gaps for development.

    1. Outline the steps involved in the individual development planning process for successors. Key steps include identifying development timeline, learning needs, learning resources and strategies, and accomplishment metrics/evidence.
    2. Identify learning elements successor development will involve based on critical role type. For example, coaching and/or mentoring, leadership training, functional skills training, or targeted experiences/projects.
    3. Select metrics with associated timelines to measure the progress of successor development plans. Establish guidelines for employee and manager accountability in developing prioritized competencies.
    4. Determine monitoring cadence of successor development plans (i.e. how often successor development plans will be tracked to ensure timely progress). Identify who will be involved in monitoring the process (e.g. steering committee).

    Info-Tech insight

    Succession planning without integrated efforts for successor development is simply replacement planning. Get successors ready for promotion by ensuring a continuously monitored and customized development plan is in place.

    Integrate knowledge transfer in the successor development process

    1

    Brainstorm ideas to encourage knowledge-sharing and transfer from incumbent to successor.

    2

    Integrate knowledge-transfer methods into the successor development process.
    Identify key knowledge areas to include:
    • Specialized technical knowledge
    • Specialized research and development processes
    • Unique design capabilities/methods/models
    • Special formulas/algorithms/techniques
    • Proprietary production processes
    • Decision-making criteria
    • Innovative sales methods
    • Knowledge about key customers
    • Relationships with key stakeholders
    • Company history and values
    Use multiple methods for effective knowledge transfer.

    Explicit knowledge is easily explained and codified, such as facts and procedures. Knowledge transfer methods tend to be more formal and one-way. For example:

    • Formal documentation of processes and best practices
    • Self-published knowledgebase
    • Formal training sessions

    Tacit knowledge accumulates over years of experience and is hard to articulate. Knowledge transfer methods are often informal and interactive. For example:

    • Mentoring and job shadowing
    • Multigenerational work teams
    • Networks and communities
    Knowledge transfer can occur via a wide range of methods that need to be selected and integrated into daily work to suit the needs of the knowledge to be transferred and of the people involved. See Phase 3 for more details on knowledge transfer.

    Step 2.3

    Select Successors

    The goal of this step is to determine how critical roles will be filled when vacancies arise.

    Outcomes of this step

    • Agreement with HR on the process to fill vacancies when key roles exit.

    Succession Planning

    Step 2.1 Step 2.2 Step 2.3

    Determine how critical roles will be filled when vacancies arise

    Choose one of two approaches to successor selection:
    • Talent review meeting:
      • Conduct a talent review meeting with functional leaders to discuss key open positions and select the right successors. Ascertain successor interest prior to the meeting, if not obtained already.
      • If multiple successors are ready now, use both role and talent profiles to arrive at a final decision.
      • If only one successor is ready now, outline steps for their promotion process. Which leaders should be involved for final approval? What is TA’s role?
    • Talent acquisition (TA) process:
      • Align with TA to implement a formal recruitment process to select the right successor (open application and interview process to talent pool).
      • Decide if a talent review meeting is required afterwards to agree on the final successor or if the interview panel will make the final decision.

    Work together with Talent Acquisition (TA) to outline special treatment of critical role vacancies. Ensure TA is aware of succession plan(s).

    Explicitly determine the level of preference for internal successors versus external hires to your TA team to ensure alignment. This will create an environment where promotion from within is customary.

    Build an IT Succession Plan

    Phase 3

    Knowledge Transfer

    Phase 1

    1.1 Identify Critical Roles

    1.2 Assess Talent

    Phase 2

    2.1 Identify Successors

    2.2 Develop Successors

    2.3 Select Successors

    Phase 3

    3.1 Identify Critical Knowledge

    3.2 Select Transfer Methods

    3.3 Document Role Transition Plan

    This phase will show you to:

    • Identify critical knowledge risks.
    • Select appropriate transfer methods.
    • Document knowledge transfer initiatives for key role transition plans.

    Tools and resources used:

    • Role Transition Plan Template

    This phase involves the following participants:

    • IT leadership/management team
    • HR
    • Incumbent & successor managers

    Mitigate risk – formalize knowledge transfer

    Use Info-Tech’s Mitigate Key IT Employee Knowledge Loss blueprint to build and implement your knowledge transfer plan.

    Effective knowledge transfer allows organizations to:
    • Maintain or improve speed and productivity by ensuring the right people have the right skills to do their jobs well.
    • Increase agility because knowledge is more evenly distributed amongst employees. Multiple people can perform a given task and no one person becomes a bottleneck.
    • Capture and sustain knowledge; creating a knowledge database provides all employees access to the information, now and in the future.
    Knowledge transfer between those in key roles and potential successors yields the highest dividends for:
    • Senior level successions.
    • External hires.
    • Senior expatriate transfers.
    • Developmental stretch assignments.
    • Internal cross-divisional transfers and promotions.
    • High organizational dependency on unique expert knowledge.
    • Critical function/project/team transitions.
    • Large scale reorganizations and mergers & acquisitions.
    (Source: Piktialis and Greenes, 2008)
    Sample of the Mitigate Key IT Employee Knowledge Loss blueprint.

    Mitigate Key IT Employee Knowledge Loss

    Knowledge transfer is complex and must be both multi-faceted and well supported

    Knowledge transfer is the capture, organization, and distribution of knowledge held by individuals to ensure that it is accessible and usable by others.

    Knowledge transfer is not stopping, learning, and returning to work. Nor is it simply implementing a document management system.  Arrow pointing right. Knowledge transfer is a wide range of methods that must be carefully selected and integrated into daily work in order to meet the needs of the knowledge to be transferred and the people involved.

    Knowledge transfer works best when the following techniques are applied

    • Use multiple methods and media to transfer the knowledge.
    • Ensure a two-way interaction between the knowledge source and recipient.
    • Support knowledge transfer with active mentoring.
    • Transfer knowledge at the point of need; that is, when it’s immediately useful.
    • Offer experience-oriented training to reinforce knowledge absorption.
    • Use a knowledge management system to permanently capture knowledge shared.
    Personalization is the key.

    Dwyer & Dwyer say that providing “insights to a particular person (or people) needing knowledge at the time of the requirement” is the difference between knowledge transfer that sticks and knowledge that is forgotten.

    “Designing a system in which the employee must interrupt his or her work to learn or obtain new knowledge is not productive. Focus on ‘teachable moments.” (Karl Kapp, “Tools and Techniques for Transferring Know-How from Boomers to Gamers”)

    Step 3.1

    Identify Critical Knowledge to Transfer

    The goal of this step is to understand what knowledge and skills much be transferred, keeping in mind the various types of knowledge.

    Outcomes of this step

    • Critical knowledge and skills for key roles documented in the Key Role Transition plans.

    Knowledge Transfer

    Step 3.1 Step 3.2 Step 3.3

    Understand what knowledge and skills must be transferred

    There are two basic types of knowledge:

    Explicit knowledge:
    Easily explained and codified, e.g. facts and procedures.
    Image of a head with gears inside. Tacit knowledge:
    Accumulates over years of experience and is hard to verbalize.
    • You should already have a good idea of what knowledge and skills are valued from the worksheets completed earlier.
    • Focus on identifying the knowledge, skills, and relationships essential to the specific incumbent in a key role and what it is he or she does to perform that key role well.
    Document critical knowledge and skills for key roles in the:

    Role Transition Plan Template

    1. Identify key knowledge areas. These include:
      • Specialized technical knowledge and research and development process.
      • Unique design capabilities/methods/models.
      • Special formulas/algorithms/techniques.
      • Proprietary production processes.
      • Decision-making criteria.
      • Innovative sales methods.
      • Knowledge about key customers.
      • Relationships with key stakeholders.
      • Company history and values.
    2. Ask questions of both sources and receivers of knowledge to help determine the best knowledge transfer methods to use.
      • What is the nature of the knowledge? Explicit or tacit?
      • Why is it important to transfer?
      • How will the knowledge be used?
      • What knowledge is critical for success?
      • How will the users find and access it?
      • How will it be maintained and remain relevant and usable?
      • What are the existing knowledge pathways or networks connecting sources to recipients?

    Step 3.2

    Select Knowledge Transfer Methods

    Activities
    • 3.2.1 Select Knowledge Transfer Methods

    This step helps you identify the knowledge transfer methods that will be the most effective, considering the knowledge or skill that needs to be transferred and the individuals involved.

    Outcomes of this step

    • Knowledge transfer methods chosen documented in the Key Role Transition Plans.

    Knowledge Transfer

    Step 3.1 Step 3.2 Step 3.3

    Knowledge transfer methods available

    Be prepared to use various methods to transfer knowledge and use them all liberally.

    The most common knowledge transfer method is simply to have a collaborative culture

    Horizontal bar chart ranking knowledge transfer methods by commonality.
    (Source: McLean & Company, 2013; N=121)

    A basic willingness for a role incumbent to share with a successor is the most powerful item in your tacit knowledge transfer toolkit.

    Formal documentation is critical for explicit knowledge sharing, yet only 40% of organizations use it.

    Rewarding and recognizing employees for doing knowledge transfer well is underutilized yet has emerged as an important reinforcing component of any effective knowledge transfer program.
    Don’t forget it!

    3.2.1 Select Knowledge Transfer Methods

    Input: Role profiles, Talent profiles

    Output: Methods for integrating knowledge transfer into day-to-day practice

    Materials: Role Transition Plan Template

    Participants: IT leadership/management team, HR, Knowledge source, Knowledge recipient

    Utilize methods that make it easy to apply the knowledge in day-to-day practice.

    Select your method according to the following criteria:

    1. The type of knowledge. A soft skill, like professionalism, is best taught via mentoring, while a technical process is best documented and applied on-the-job.
    2. What the knowledge recipient is comfortable with. The recipient may get bored during formal training sessions and retain more during job shadowing.
    3. What the knowledge source is comfortable with. The source may be uncomfortable with blogs and wikis, but comfortable with SharePoint.
    4. The cost. Some methods require an investment in time (e.g. mentoring), while others require an investment in technology (e.g. knowledge bases).
      • The good news is that many supporting technologies may already exist in your organization or can be acquired for free.
      • Methods that cost time may be difficult to get underway since employees may feel they don’t have the time or must change the way they work.

    The more integrated knowledge transfer is in day-to-day activities, the more likely it is to be successful and the lower the time cost. This is because real learning is happening at the same time real work is being accomplished.

    Document the knowledge transfer methods in the Role Transition Plan Template.

    Role Transition Plan Template

    Explore alternative work arrangements

    Ensure sufficient time to prepare successors

    If a key role incumbent isn’t around to complete knowledge transfer, it’s all for naught.

    Alternative work arrangements are critical tools that employers can use to achieve a mutually beneficial solution that mitigates the risk of loss associated with key roles.

    Alternative work arrangements not only support employees who want to keep working, but they allow the business to retain employees that are needed in key roles.

    In a survey from The Conference Board, one out of four older workers indicated that they continue to work because their company provided them with needed flexibility.

    And, nearly half said that more flexibility would make them less likely to retire. (Source: Ivey Business Journal)

    Flexible work options are the most used form of alternative work arrangement

    Horizontal bar chart ranking alternative work arrangements by usage.
    (Source: McLean & Company, N=44)

    Choose the alternative work arrangement that works best for you and the employee

    Alternative Work Arrangement

    Description

    Ideal Use

    Caveats

    Flexible work options Employees work the same number of hours but have flexibility in when and where they work (e.g. from home, evenings). Employees who work fairly independently, with no or few direct reports. Employee may become isolated or disconnected, impeding knowledge transfer methods that require interaction or one-on-one time.
    Contract-based work Working for a defined period of time on a specific project on a non-salaried or non-wage basis. Project-oriented work that requires specialized knowledge or skills. Available work may be sporadic or specific projects more intensive than the employee wants. Knowledge transfer must be built into the contractual arrangement.
    Part-time roles Half-days or a certain number of days per week; indefinite with no end date in mind. Employees whose roles can be readily narrowed and upon whom people and critical processes are not dependent. It may be difficult to break a traditionally full-time job down into a part-time role given the size and nature of associated tasks.
    Graduated retirement Retiring employee has a set retirement date, gradually reducing hours worked per week over time. Roles where a successor has been identified and is available to work alongside the incumbent in an overlapping capacity while he or she learns. The role may only require a single FTE, and the organization may not be able to afford the amount of redundancy inherent in this arrangement.

    The arrangement chosen may be a combination of multiple options

    Alternative Work Arrangement

    Description

    Ideal Use

    Caveats

    Part-year jobs or job sharingWorking part of the year and having the rest of the year off, unpaid.Project-oriented work where ongoing external relationships do not need to be maintained. The employee is unavailable for knowledge transfer activities for a large portion of the year. Another risk is that the employee may opt not to return at the end of the extended time off, with little notice.
    Increased paid time offAdditional vacation days upon reaching a certain age.Best used as recognition or reward for long-term service. This may be a particularly useful retention incentive in organizations that do not offer pension plans. The company may not be able to financially afford to pay for such extensive time off. If the role incumbent is the only one in the role, this may mean crucial work is not being done.
    Altered rolesConcentration of a job description on fewer tasks that allows the employee to focus on his or her specific expertise.Roles where a successor has been identified and is available to work alongside the incumbent, with the incumbent’s new role highly focused on mentoring. The role may only require a single FTE, and the organization may not be able to afford the amount of redundancy inherent in this arrangement.

    Alternative work arrangements require senior management support

    Senior management and other employees must see the value of retaining older workers, or they will not be supportive of these solutions.

    Any changes made to an employee’s work arrangement has an impact on people, processes, and policies.

    If the knowledge and skills of older employees aren’t valued, then:

    • Alternative arrangements will be seen as wasteful accommodation of a low-value employee.
    • Time won’t be allowed to manage the transition properly and make appropriate changes.
    • Other employees may resent any workload spillover.
    Alternate work arrangements can’t be implemented on a whim.

    Make sure alternative work arrangements can be done right and are supported – they’re often solutions that come with additional work. Determine the effects and make appropriate adjustments.

    • Review processes, particularly hand-off and approval points, to ensure tasks will still be handled seamlessly.
    • Assess organizational policies to ensure no violations are occurring or to rework policies (where possible) to accommodate alternative work arrangements.
    • Speak to affected employees to answer questions, identify obstacles, gain support, redefine their job descriptions if required, and make appropriate compensation adjustments. Always provide appropriate training when skills requirements are expanded.

    Step 3.3

    Document Role Transition Plans for all Key Roles

    Activities
    • 3.3.1 Document Role Transition Plans

    The primary goal of this step is to build clear checklist-based plans for each key role to help ensure a smooth transition as a successor takes over.

    Outcomes of this step

    • Completed key role transition plans

    Knowledge Transfer

    Step 3.1 Step 3.2 Step 3.3

    3.3.1 Document Role Transition Plans

    Input: Role profiles, Talent profiles, Talent assessments, Workforce plans

    Output: A clear checklist-based plan to help ensure a smooth transition.

    Materials: Role Transition Plan Template

    Participants: IT leadership/management team, Incumbent, Successor(s), HR

    Define a transition plan for all employees in at-risk key roles, and their successors.

    You should already have a good idea of what knowledge and skills are valued from the worksheets completed earlier. Focus on identifying the knowledge, skills, and relationships essential to the specific incumbent in a key role and what it is they do to perform that key role well.

    Using the Role Transition Plan Template develop a plan to transfer what needs to be transferred from the incumbent to the successor.

    1. Record the incumbent and successor information in the template.
    2. Summarize the key accountabilities and expectations of the incumbent’s role. This summary should highlight specific tasks and initiatives that the successor must take on, including success enablers. Attach the job description for a full description of accountabilities and expectations.
    3. Document the knowledge and skills requirements for the key role, as well as any additional knowledge and skills possessed by the key role incumbent that will aid the successor.
    4. Document any alternative work arrangements to the incumbent’s roles.
    5. Populate the Role Transition Checklist for key transition activities that must be completed by certain dates. A list of sample checklist items has been provided. Add, delete, or modify list items to suit your needs.

    Role Transition Plan Template

    DairyNZ leverages alternative work arrangements

    Ensures successful knowledge transfer
    INDUSTRY
    Agricultural research
    SOURCE
    Rose Macfarlane, General Manager Human Resources, DairyNZ
    Challenge
    • DairyNZ employs many people in specialized science research roles. Some very senior employees are international experts in their field.
    • Several experts have reached or are nearing retirement age. These pending retirements have come as no surprise.
    • However, due to the industry’s lack of development investment in the past, there is a 20–30-year experience gap in the organization for some key roles.
    Solution
    • One principal scientist gave over two years’ notice. His replacement – an external candidate – had been identified in advance and was hired once retirement notice was given.
    • The incumbent’s role was amended. He worked alongside his successor for 18 months in a controlled hand-over process.
    Results
    • The result was ideal in that the advance notice allowed full knowledge transfer to take place.

    Research Contributors and Experts

    Anne Roberts
    Principal, Leadership Within Inc. al,
    • Anne T. Roberts is an experienced organization development professional and executive business coach who works with leaders and their organizations to help them create, articulate and implement their change agenda. Her extensive experience in change management, organizational design, meeting design and facilitation, communication and leadership alignment has helped leaders tap into their creativity, drive and energy. Her ability to work with and coach people at the leadership level on a wide range of topics has them face their own organizational stories.
    Amanda Mathieson
    Senior Manager, Talent Management, Tangerine
    • Amanda is responsible for researching people- and leadership-focused trends, developing thought models, and providing resources, tools, and processes to build and drive the success of leaders in a disruptive world.
    • Her expertise in leadership development, organizational change management, and performance and talent management comes from her experience in various industries spanning pharmaceutical, retail insurance, and financial services. She takes a practical, experiential approach to people and leadership development that is grounded in adult learning methodologies and leadership theory. She is passionate about identifying and developing potential talent, as well as ensuring the success of leaders as they transition into more senior roles.

    Related Info-Tech Research

    Stock image of a brain. Mitigate Key IT Employee Knowledge Loss
    • Transfer IT knowledge before it’s gone.
    • Effective knowledge transfer mitigates risks from employees leaving the organization and is a key asset driving innovation and customer service.
    Stock image of sticky notes being organized on a board. Implement an IT Employee Development Plan
    • There is a growing gap between the competencies organizations have been focused on developing, and what is needed in the future.
    • Employees have been left to drive their own development, with little direction or support and without the alignment of development to organizational needs.

    Bibliography

    “Accommodating Older Workers’ Needs for Flexible Work Options.” Ivey Business Journal, July/August 2005. Accessed Jan 7, 2013.

    Christensen, Kathleen and Marcie Pitt-Catsouphes. “Approaching 65: A Survey of Baby Boomers Turning 65 Years Old”. AARP, Dec. 2010.

    Coyne, Kevin P. and Shawn T. Coyne. “The Baby Boomer Retirement Fallacy and What It Means to You. “ HBR Blog Network. Harvard Business Review, May 16, 2008. Accessed 8 Jan. 2013.

    Dwyer, Kevin and Ngoc Luong Dwyer. “Managing the Baby Boomer Brain Drain: The Impact of Generational Change on Human Resource Management.” ChangeFactory, April 2010. Accessed Jan 9, 2013.

    Gurchiek, Kathy. “Poll: Organizations Can Do More to Prepare for Talent Shortage as Boomers Retire.” SHRM, Nov 17, 2010. Accessed Jan 3, 2013.

    Howden, Daniel. “What Is Time to Fill? KPIs for Recruiters.” Workable, 24 March 2016. Web.

    Kapp, Karl M. “Tools and Techniques for Transferring Know-How from Boomers to Gamers.” Global Business and Organizational Excellence, July/August 2007. Web.

    Piktialis, Diane and Kent A. Greenes. Bridging the Gaps: How to Transfer Knowledge in Today’s Multigenerational Workplace. The Conference Board, 2008.

    Pisano, Gary P. “You need an Innovation Strategy.” Harvard Business Review, June 2015.

    Vilet, Jacque. “Lost Knowledge – What Are You and Your Organization Doing About It?” TLNT, 25 April 2012. Accessed 5 Jan. 2013.

    Manage Your Technical Debt

    • Buy Link or Shortcode: {j2store}108|cart{/j2store}
    • member rating overall impact (scale of 10): 8.5/10 Overall Impact
    • member rating average dollars saved: $60,833 Average $ Saved
    • member rating average days saved: 24 Average Days Saved
    • Parent Category Name: Strategy and Organizational Design
    • Parent Category Link: /strategy-and-organizational-design
    • All organizations, of all sizes, have some amount of technical debt, but very few systematically track, manage, and communicate it.
    • Deferred project work is pushed over to operations, sometimes with little visibility or hand-off, where it gets deprioritized and lost.
    • IT doesn’t have the resources or authority to make needed changes to address the impact of tech debt and can’t make the case for improvement without good data on the problem.
    • Efforts to track technical debt get stuck in the weeds, don’t connect technical issues to business impact, and run out of steam.

    Our Advice

    Critical Insight

    • Technical debt is a type of technical risk, which in turn is business risk. The business, not IT, must make the decision to accept or mitigate risk – but IT must help the business make an informed decision.
    • There are two ways to keep your technical debt at a manageable level – effectively, to mitigate risk: either stop introducing new debt or start paying back what you already have.

    Impact and Result

    • Define and identify your technical debt. Focus on tech debt you think you can actually fix.
    • Conduct a streamlined and targeted business impact analysis to prioritize tech debt based on its ongoing business impact.
    • Identify options to better manage technical debt and present your findings to business decision makers.

    Manage Your Technical Debt Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to understand the business case to manage technical debt, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify your technical debt

    Define, identify, and organize your technical debt in preparation for the technical debt impact analysis.

    • Technical Debt Business Impact Analysis Tool

    2. Measure your technical debt

    Conduct a technical debt business impact analysis.

    • Roadmap Tool

    3. Manage your technical debt

    Identify options to resolve technical debt and summarize the challenge and potential solutions for business decision makers.

    • Technical Debt Executive Summary Presentation
    [infographic]

    Workshop: Manage Your Technical Debt

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define and Identify Technical Debt

    The Purpose

    Create a working definition of technical debt and identify the technical debt in your environment.

    Key Benefits Achieved

    List your technical debt.

    Activities

    1.1 Develop a working definition for technical debt.

    1.2 Discuss your organization’s technical debt risk.

    1.3 Identify 5-10 high-impact technical debts to structure the impact analysis.

    Outputs

    Goals, opportunities, and constraints related to tech debt management

    A list of technical debt

    2 Measure Technical Debt

    The Purpose

    Conduct a more-objective assessment of the business impact of technical debt.

    Key Benefits Achieved

    Identify the most-critical technical debt in your environment, in terms of business risk.

    Activities

    2.1 Review and modify business impact scoring scales.

    2.2 Identify reasonable scenarios to structure the impact analysis.

    2.3 Apply the scoring scale to identify the business impact of each technical debt.

    Outputs

    Business impact scoring scales

    Scenarios to support the impact analysis

    Technical debt impact analysis

    3 Build a Roadmap to Manage Technical Debt

    The Purpose

    Leverage the technical debt impact analysis to identify, compare, and quantify projects that fix technical debt and projects that prevent it.

    Key Benefits Achieved

    Create your plan to manage technical debt.

    Activities

    3.1 Brainstorm projects and action items to manage and pay back critical technical debt. Prioritize projects and action items to build a roadmap.

    3.2 Identify three possible courses of action to pay back each critical technical debt.

    3.3 Identify immediate next steps to manage remaining tech debt and limit the introduction of new tech debt.

    Outputs

    Technical debt management roadmap

    Technical debt executive summary

    Immediate next steps to manage technical debt

    Map Technical Skills for a Changing Infrastructure & Operations Organization

    • Buy Link or Shortcode: {j2store}333|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: 5 Average Days Saved
    • member rating average days saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • Parent Category Name: Strategy and Organizational Design
    • Parent Category Link: /strategy-and-organizational-design
    • Infrastructure & Operations is changing rapidly. It’s a constant challenge to find the right skills to support the next new technology while at the same time maintaining the skills in house that allow you to support your existing platforms.
    • A lack of clarity around required skills makes finding the right skills difficult, and it’s not clear whether you should train, hire, contract, or outsource to address gaps.
    • You need to keep up with changes and new strategy while continuing to support your existing environment.

    Our Advice

    Critical Insight

    • Take a strategic approach to acquiring skills – looking only as far as the needs of the next project will lead to a constant skills shortage with no plan for it to be addressed.
    • Begin by identifying your future state. Identify needed skills in the organization to support planned projects and initiatives, and to mitigate skills-related risks.

    Impact and Result

    • Leverage your infrastructure roadmap and cloud strategy to identify needed skills in your future state environment.
    • Decide how you’ll acquire needed skills based on the characteristics of need for each skill.
    • Communicate the change and create a plan of action for the skills transformation.

    Map Technical Skills for a Changing Infrastructure & Operations Organization Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should map technical skills for a changing Infrastructure & Operations organization, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify skills needs for the future state environment

    Identify what skills are needed based on where the organization is going.

    • Map Technical Skills for a Changing Infrastructure & Operations Organization – Phase 1: Identify Skills Needs for Your Future State Environment
    • Future State Playbook
    • IT/Cloud Solutions Architect
    • IT/Cloud Engineer
    • IT/Cloud Administrator
    • IT/Cloud Demand Billing & Accounting Analyst

    2. Acquire needed skills

    Ground skills acquisition decisions in the characteristics of need.

    • Map Technical Skills for a Changing Infrastructure & Operations Organization – Phase 2: Acquire Needed Skills
    • Technical Skills Map

    3. Maximize the value of the skills map

    Get stakeholder buy-in; leverage the skills map in other processes.

    • Map Technical Skills for a Changing Infrastructure & Operations Organization – Phase 3: Maximize the Value of Your Skills Map
    • Technical Skills Map Communication Deck Template
    [infographic]

    Workshop: Map Technical Skills for a Changing Infrastructure & Operations Organization

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Review Initiatives and Skills-Related Risks

    The Purpose

    Identify process and skills changes required by the future state of your environment.

    Key Benefits Achieved

    Set foundation for alignment between strategy-defined technology initiatives and needed skills.

    Activities

    1.1 Review the list of initiatives and projects with the group.

    1.2 Identify how key support, operational, and deployment processes will change through planned initiatives.

    1.3 Identify skills-related risks and pain points.

    Outputs

    Future State Playbook

    2 Identify Needed Skills and Roles

    The Purpose

    Identify process and skills changes required by the future state of your environment.

    Key Benefits Achieved

    Set foundation for alignment between strategy-defined technology initiatives and needed skills.

    Activities

    2.1 Identify skills required to support the new environment.

    2.2 Map required skills to roles.

    Outputs

    IT/Cloud Architect Role Description

    IT/Cloud Engineer Role Description

    IT/Cloud Administrator Role Description

    3 Create a Plan to Acquire Needed Skills

    The Purpose

    Create a skills acquisition strategy based on the characteristics of need.

    Key Benefits Achieved

    Optimal skills acquisition strategy defined.

    Activities

    3.1 Modify impact scoring scale for key skills decision factors.

    3.2 Apply impact scoring scales to needed skills

    3.3 Decide whether to train, hire, contract, or outsource to acquire needed skills.

    Outputs

    Technical Skills Map

    4 Develop a Communication Plan

    The Purpose

    Create an effective communication plan for different stakeholders across the organization.

    Identify opportunities to leverage the skills map elsewhere.

    Key Benefits Achieved

    Create a concise, clear, consistent, and relevant change message for stakeholders across the organization.

    Activities

    4.1 Review skills decisions and decide how you will acquire skills in each role.

    4.2 Update roles descriptions.

    4.3 Create a change message.

    4.4 Identify opportunities to leverage the skills map in other processes.

    Outputs

    Technical Skills Map Communication Deck

    Cost-Optimize Your Security Budget

    • Buy Link or Shortcode: {j2store}250|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $2,078 Average $ Saved
    • member rating average days saved: 2 Average Days Saved
    • Parent Category Name: Security Strategy & Budgeting
    • Parent Category Link: /security-strategy-and-budgeting
    • The security budget has been slashed and the team needs to do more with less.
    • Mitigating risk is still the top priority, only now we need to reassess effectiveness and efficiency to ensure we are getting the greatest level of protection for the least amount of money.

    Our Advice

    Critical Insight

    A cost-optimized security budget is one that has the greatest impact on risk for the least amount of money spent.

    Impact and Result

    • Focus on business needs and related risks. Review the risk-reduction efficacy of your people, processes, and technology and justify what can be cut and what must stay.
    • Info-Tech will guide you through this process, and by the end of this blueprint you will have a cost-optimized security budget and an executive presentation to explain your revised spending.

    Cost-Optimize Your Security Budget Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should cost-optimize your security budget, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Cost-optimize your technology and managed services

    This phase will help you assess the efficacy of your current technology and service providers.

    • Threat and Risk Assessment Tool
    • In-House vs. Outsourcing Decision-Making Tool

    2. Cost-optimize your staffing

    This phase will help you assess if layoffs are necessary.

    • Security Employee Layoff Selection Tool

    3. Cost-optimize your security strategy

    This phase will help you revise the pending process-based initiatives in your security strategy.

    • Security Cost Optimization Workbook
    • Security Cost Optimization Executive Presentation
    [infographic]

    Build a Strategy for Big Data Platforms

    • Buy Link or Shortcode: {j2store}203|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Big Data
    • Parent Category Link: /big-data
    • The immaturity of the big data market means that organizations lack examples and best practices to follow, and they are often left trailblazing their own paths.
    • Experienced and knowledgeable big data professionals are limited and without creative resourcing; IT might struggle to fill big data positions.
    • The term NoSQL has become a catch-all phrase for big data technologies; however, the technologies falling under the umbrella of NoSQL are disparate and often misunderstood. Organizations are at risk of adopting incorrect technologies if they don’t take the time to learn the jargon.

    Our Advice

    Critical Insight

    • NoSQL plays a key role in the emergence of the big data market, but it has not made relational databases outdated. Successful big data strategies can be conducted using SQL, NoSQL, or a combination of the two.
    • Assign a Data Architect to oversee your initiative. Hire or dedicate someone who has the ability to develop both a short-term and long-term vision and that has hands-on experience with data management, mining and modeling. You will still need someone (like a database administrator) who understands the database, the schemas, and the structure.
    • Understand your data before you attempt to use it. Take a master data management approach to ensure there are rules and standards for managing your enterprise’s data, and take extra caution when integrating external sources.

    Impact and Result

    • Assess whether SQL, NoSQL, or a combination of both technologies will provide you with the appropriate capabilities to achieve your business objectives and gain value from your data.
    • Form a Big Data Team to bring together IT and the business in order to leave a successful initiative.
    • Conduct ongoing training with your personnel to ensure up-to-date skills and end-user understanding.
    • Frequently scan the big data market space to identify new technologies and opportunities to help optimize your big data strategy.

    Build a Strategy for Big Data Platforms Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Develop a big data strategy

    Know where to start and where to focus attention in the implementation of a big data strategy.

    • Storyboard: Build a Strategy for Big Data Platforms

    2. Assess the appropriateness of big data technologies

    Decide the most correct tools to use in order to solve enterprise data management problems.

    • Big Data Diagnostic Tool

    3. Determine the TCO of a scale out implementation

    Compare the TCO of a SQL (scale up) with a NoSQL (scale out) deployment to determine whether NoSQL will save costs.

    • Scale Up vs. Scale Out TCO Tool
    [infographic]

    Customer Service Management Software Selection Guide

    • Buy Link or Shortcode: {j2store}530|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Customer Relationship Management
    • Parent Category Link: /customer-relationship-management
    • The business is unaware of cross-selling opportunities across multiple product lines.
    • Customer service staff attrition rates continue to be high, creating longer response delays for voice channels.
    • Customer service responses are reactive in nature, reinforcing a poor culture for customer experience.

    Our Advice

    Critical Insight

    • After-sales customer service is critical for creating, maintaining, and growing customer relationships. Organizations that fail to provide adequate service will be ill positioned for future customer service and sales efforts.
    • Shift left toward delivering predictive service instead of reactive service to enhance customer experiences.
    • Ensure your key performance indicators accurately reflect the incentives you want to give your customer support staff for delivering appropriate customer service.

    Impact and Result

    • Determine your organization’s customer service maturity (and thus if a standalone CSM tool is relevant).
    • Understand key trends and differentiating features in the CSM marketspace.
    • Evaluate major vendors in the CSM marketspace to discover the best-fitting provider.

    Customer Service Management Software Selection Guide Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Customer Service Management Software Selection Guide – A guide to walk you through the process of selecting CSM software.

    This trends and buyer’s guide will help you:

    • Customer Service Management Software Selection Guide Storyboard

    2. CSM Platform RFP Template – A template to provide vendors with a detailed account of the requirements and the expected capabilities of the desired suite.

    Create your own request for proposal (RFP) for your customer service management suite procurement process by customizing Info-Tech's RFP template.

    • CSM Platform RFP Template

    3. CSM Platform Opportunity Assessment Tool – A tool to assess whether a CSM solution is right for your organization.

    Use this tool to assess your maturity and fit for a CSM solution. It will help identify your current CSM state and assist with the decision to move forward with a new solution or augment certain features.

    • CSM Platform Opportunity Assessment Tool

    4. Software Selection Workbook – A workbook to document your progress as your select software.

    Keep stakeholders engaged with simple and friction-free templates to document your progress for Rapid Application Selection.

    • The Software Selection Workbook

    5. Vendor Evaluation Workbook – A workbook to assess vendor capabilities and compare vendors.

    Leverage a traceable and straightforward Vendor Evaluation Workbook to narrow the field of potential vendors and accelerate the application selection process.

    • The Vendor Evaluation Workbook

    6. CSM Platform RFP Scoring Tool – A tool to support your business in objectively evaluating the CSM vendors being considered for procurement.

    Create an objective and fair scoring process to evaluate the RFPs and demonstrations provided by shortlisted vendors. Within this framework, provide a multidimensional evaluation that analyzes the solution's functional capabilities, architecture, costs, service support, and overall suitability in comparison to the organization's expressed requirements.

    • CSM Platform RFP Scoring Tool

    7. CSM Platform Vendor Demo Script Template – A template to support your business’ evaluation of vendors and their solutions with an effective demonstration.

    Create an organized and streamlined vendor demonstration process by clearly outlining your expectations for the demo. Use the demo as an opportunity to ensure that capabilities expressed by vendors are actually present within the considered solution.

    • CSM Platform Vendor Demo Script Template
    [infographic]

    Further reading

    Customer Service Management Software Selection

    Market trends and buyer’s guide

    Analyst Perspective

    The pandemic and growing younger demographic have shifted the terrain of customer service delivery. Customer service management (CSM) tools ensure organizations enhance customer acquisition, customer retention, and overall revenues into the future.

    It is one thing to research customer service best practices; it is another to experience such service. Whether being put on hold for an hour with a telecommunications company, encountering voice biometric security with a bank, or receiving automated FAQs from a chatbot, we all perform our own primary research in customer service by going about our daily lives. Yet while the pandemic required a shift to this multichannel and digital assistant environment (to account for ongoing agent attrition), this trend was actually just accelerated. A growing younger demographic now prefers online communication channels to voice. Social media (whichever the platform) is a fundamental part of this demographic’s online presence and has instigated the need for customer service delivery to meet customers where they are – for both damage control and enhancing customer relationships.

    Organizations delivering customer service across multiple product lines need to examine what delivery channels they need to satisfy customers, alongside assessing how customer loyalty and cross-selling can increase revenues and company reputation. Customer service management tools can assist and enable the future state.

    Thomas Randall, Ph.D., Research Director

    Thomas Randall, Ph.D.
    Research Director, Info-Tech Research Group

    Executive Summary

    Your Challenge Common Obstacles Info-Tech’s Solution
    • The business is unaware of cross-selling opportunities across multiple product lines.
    • Customer service staff attrition rates continue to be high, creating longer response delays for voice channels.
    • Customer service responses are reactive in nature, reinforcing a poor culture for customer experience.
    • It is not clear if a CSM tool would resolve the business’ challenges or if a better-fitting technology solution is preferable (such as a customer relationship management add-on).
    • The business does not know its customer service maturity well enough to assess the feasibility of adopting a CSM tool.
    This trends and buyer’s guide will help you:
    1. Determine your organization’s customer service maturity (and thus if a standalone CSM tool is relevant).
    2. Understand key trends and differentiating features in the CSM marketspace.
    3. Evaluate major vendors in the CSM marketspace to discover the best-fitting provider.

    The objective at the end of the day is to have a single interface that the front-line staff interacts with. I think that is the holy grail when we look at CSM technology. The objective that everyone has in mind is we'd all like to get to one screen and one window. Ultimately, the end game really hasn't changed: How can we make it easy for the agents and how can we minimize their errors? How can we streamline the process so they can work?
    Colin Taylor, CEO, The Taylor Reach Group

    Customer service management tools form an integral part of your CXM technology portfolio

    Customer service management tools are an integral part of CXM

    Info-Tech’s methodology for selecting the right CSM platform

    1. Contextualize the CSM Landscape 2. Select the Right CSM Vendor
    Phase Steps
    1. Define CSM tools.
    2. Explore CSM trends.
    3. Understand if CSM tools are a good fit for your organization.
    1. Build the business case.
    2. Streamline requirements elicitation for CSM.
    3. Construct the request for proposal (RFP)/vendor evaluation workbook.
    Phase Outcomes
    1. Consensus on scope of CSM and key CSM capabilities
    2. Identify your customer service maturity and use for CSM tools
    1. CSM business case
    2. High-value use cases and requirements
    3. CSM RFP/vendor evaluation workbook

    Info-Tech Insight
    Need help constructing your RFP? Use Info-Tech’s CSM Platform RFP Template!

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2

    Call #1: Discover if CSM tools are right for your organization. Understand what a CSM platform is and discover the “art of the possible.”

    Call #2: Identify right-sized vendors and build the business case to select a CSM platform.

    Call #3: Define your key CSM requirements.

    Call #4: Build procurement items, such as an RFP and demo script.

    Call #5: Evaluate vendors and perform final due diligence.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    The CSM selection process should be broken into segments:

    1. CSM vendor shortlisting with this buyer’s guide
    2. Structured approach to selection
    3. Contract review

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit Guided Implementation Workshop Consulting
    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to his the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options

    Software Selection Engagement

    Five Advisory Calls Over a Five-Week Period to Accelerate Your Selection Process

    Expert analyst guidance over five weeks on average to select and negotiate software

    Save money, align stakeholders, speed up the process, and make better decisions

    Use a repeatable, formal methodology to improve your application selection process

    Better, faster results, guaranteed, included in membership

    Five advisory calls over a five week period to accelerate your selection process

    Book Your Selection Engagement

    Software Selection Workshops

    40 Hours of Advisory Assistance Delivered Online

    Select Better Software, Faster

    40 hours of expert analyst guidance

    Project & stakeholder management assistance

    Save money, align stakeholders, speed up the process, and make better decisions

    Better, faster results, guaranteed, $25,000 standard engagement fee

    Software selection workshops

    Book Your Workshop Engagement

    Customer Service Management (CSM) Software

    Phase 1: Contextualize the CSM Landscape

    Receive and resolve after-sales requests within a unified CSM platform

    MULTIPLE CHANNELS
    Customers may resolve their issues via a variety of channels, including voice, SMS, email, social media, and live webchat.
    KNOWLEDGE BASE
    Provide a knowledge base for FAQs that is both customer facing (via customer portal) and agent facing (for live resolutions).
    ANALYTICS
    Track customer satisfaction, agent performances, ticket resolutions, backlogs, traffic analysis, and other key performance indicators (KPIs).
    COLLABORATION
    Enable agents to escalate and collaborate within a unified platform (e.g. tagging colleagues to flag a relevant customer query).

    Info-Tech Insight
    After-sales customer service is critical for creating, maintaining, and growing customer relationships. Organizations that fail to provide adequate service will be poorly positioned for future customer service and sales efforts.

    Identify your differentiating CSM requirements that align to your use cases

    INTEGRATIONS
    Note what integrations are available for your contact center, CRM, or industry-specific solutions (e.g. inventory management) to get the most out of CSM.

    SENTIMENT ANALYSIS
    Reads, contextualizes, and categorizes tickets by sentiment (e.g. “positive”) before escalating to an appropriate agent.

    AUTO-RESPONSE EDITOR
    Built-in AI provides prewritten responses or auto-pulls the relevant knowledge article, assisting agents with speed to resolution.

    ATTRIBUTES-BASED ROUTING
    Learns over time how best to route tickets to appropriate agents based on skills, availability, or proximity of an agent (e.g. multilingual, local, or specialist agents).

    AUTOMATED WORKFLOWS
    CSM tool providers have varying usability for workflow building and enablement. Ensure your use cases align.

    TICKET PRIORITIZATION
    Adapts and prioritizes customer issues by service-level agreement (SLA), priority, and severity according to inputted KPIs.

    Good technology will not fix a bad process. I don't care how good the technology is. If the use case is wrong and the process is wrong, it's not going to work.
    Colin Taylor, CEO
    The Taylor Reach Group

    Leverage CSM tools to shift left toward predictive customer service

    Real-time Pre-event Post-event
    Channel example: Notifications via SMS or social media. Channel example: Notifications via SMS or social media. Channel example: Working with an agent or live chatbot. Channel example: Working with an agent or live chatbot.
    “Your car may need a check-up for faulty parts.” “Here is a local garage to fix your tire pressure.” “I see you have poor tire pressure. Here is a local garage.” “Thank you for your patience, how can we help?”
    Predictive Service
    The CSM recommends mitigation options to the customer before the issue occurs and before the customer knows they need it.
    Proactive Service
    The issue occurs but the CSM recommends mitigation options to the customer before the customer contacts the organization.
    Real-Time Service
    The organization offers real-time mitigation options while working with the customer to resolve the issue.
    Reactive Service
    The customer approaches the organization after the issue occurs, but the organization has no insight into the event.

    Selecting a CSM tool should form part of your broader CXM strategy

    Organizations should ask whether they need a standalone CSM solution or a CSM as part of a broader suite of CXM tools. The latter is especially relevant if your organization already invests in a CXM platform.

    Matrix of CMS tools as part of CXM strategy

    CSM tools are best-suited for organizations with high product and service complexity

    Customer Service Complexity

    Low complexity refers to primarily transactional inquiries. High complexity refers to service workflows for symptom analysis, problem identification, and solution delivery.

    Product Complexity

    High complexity refers to having a large number of brands and individual SKUs, technologically complex products, and products with many add-ons.

    A matrix showing that a standalone CSM tool is best where customer service complexity and product complexity are both high.

    Info-Tech Insight
    Use Info-Tech’s CSM Platform Opportunity Assessment Tool to discover your organization’s customer service maturity.

    Activity: Discover your customer service maturity

    30 minutes

    1. Complete the CSM Platform Opportunity Assessment Tool.
    2. Evaluate your result and document whether a CSM business case is warranted (or if a separate technology selection process is needed).
    Input Output
    • Understanding of the current state and how complex the organization’s product line and help desk support are
    • Ranking of the importance of each decision point
    • Assessment results that provide a high-level view of whether your organization’s product and customer service complexity warrant a standalone CSM tool
    Materials Participants
    • CSM Platform Opportunity Assessment Tool
    • Shared screen or projection
    • Customer support analyst(s)
    • Infrastructure and Operations lead(s)
    • Representative customer support staff
    • Product management analyst(s)

    Download the CSM Platform Opportunity Assessment Tool

    Finalize whether your organization is well positioned to leverage CSM tools

    Bypass Adopt
    Monochannel approach
    You do not participate in multichannel campaigns or your customer personas are typically limited to one or two channels (e.g. voice or SMS).
    Multichannel approach
    You are pursuing multifaceted, customer-specific campaigns across a multitude of channels.
    Small to mid-sized business with small CX team
    Do not buy what you do not need. Focus on the foundations of customer experience (CX) first before extending into a full-fledged CSM tool.
    Maturing CX department
    Customer service needs are extending into managing budgets, generating and segmenting leads, and measuring channel effectiveness.
    Limited product range
    CSM tools typically gain return on investment (ROI) if the organization has a complex product range and is looking to increase cross-sell opportunities across different customer personas.
    Multiple product lines
    Customer base and product lines are large enough to engage in opportunities for cross- and up-selling.

    Case Study

    AkzoNobel

    INDUSTRY
    Retail

    SOURCE
    Sprinklr (2021)

    Use CSM tools to unify the multichannel experience and reduce response time.

    Challenge Solution Results
    AzkoNobel is a leading global paints and coatings company. AzkoNobel had 60+ fragmented customer service accounts on social media for multiple brands. There was little consistency in customer experience and agent responses. Moreover, the customer journey was not being tracked, resulting in lost opportunities for cross-selling across brands. The result: slow response times (up to one week) and unsatisfied customers, leaving the AzkoNobel brand in a vulnerable state.

    AkzoNobel leveraged Sprinklr, a customer experience software provider, to unify six social channels, 19 accounts, and six brands. Sprinklr aligned governance across social media channels with AzkoNobel’s strategic business goals, emphasizing the need for process, increasing revenue, and streamlining customer service.

    AzkoNobel was able to use keywords from customers’ inbound messaging to put an escalation process in place.

    Since bringing on Sprinklr in 2015-2016, unifying customer service channels under one multichannel platform resulted in:

    • 172% increase in customer engagement.
    • 133% increase in post comments.
    • 80% reduced response times.
    • 47% of inquiries answered within five minutes.
    • $18,500 added revenues via social media responses.

    How it got here: The birth of CSM tools

    CSM developed alongside the telephone and call center, rather than customer relationship management platforms.

    1920s 1950s 1967-1973 1980-1990s 2000-2010s
    The introduction of lines of credit and growth of household appliance innovations meant households were buying products at an unprecedented rate. Department stores would set up customer service sections to assist with live fixes or returns. Following the Great Depression and World War II, process, efficiency, and computational technology became defining features of customer service. These features were played out in call centers as automatic call distribution (ACD) technology began to scale. With the development of private automatic branch exchange (PABX), AT&T introduced the toll-free telephone number. Companies began training staff and departments for customer service and building loyalty. With the development of interactive voice response (IVR) in 1973, call centers became increasingly more efficient at routing. Analog technology shifted to digital and the term “contact center” was coined. These centers began being outsourced internationally. With the advent of the internet, CSM technology (in the early guise of a “help desk”) became equipped with computer telephony integration (CTI). Software as a service (SaaS) and CRM maturation strengthened the retention and organization of customer data. Social media also enhanced consumer power as companies rushed to prevent online embarrassment. This prompted investment in multichannel customer service.

    Where it’s going: The future of CSM tools lies in predictive analytics

    The capabilities below are available today but will mature over the next few years. Use the roadmap as a guide for your year of implementation.

    2023
    Go mobile first
    85% of customers believe a company’s mobile website should be just as good as its desktop website. Enabling user-friendly mobile websites provides an effective channel to keep inbound calls down.

    2024
    Shift from multichannel to omnichannel
    Integrating CSM tools with your broader CXM suite enables customer data to seamlessly travel between channels for an omnichannel experience.

    2025
    Enable predictive service
    CSM tools integrate with Internet of Things (IoT) systems to provide automated notifications that alert staff of issues and mitigate issues with customers before the issue even occurs.

    2026
    Leverage predictive analytics for ML use cases
    Use customers’ historic data and preferences to perform better automated customer service over time (e.g. providing personalized resolutions based on previous customer engagements).

    Context and scenario play a huge role in measuring good customer service. Ensure your KPIs accurately reflect the incentives you want to give your customer support staff for delivering appropriate customer service.
    David Thomas, Customer Service Specialist
    Freedom Mobile
    (Reve Chat, 2022)

    Key trends in CSM technology

    As predictive analytics matures, organizations are making use of CSM tools’ ability to enhance personalization, improve their social media response times, and enable self-service.

    BIOMETRICS
    65% of customers say they would accept voice recognition to authorize their identity when calling a customer support line (GetApp, 2021).

    PERSONALIZATION
    51% of marketers, advocating for personalization across multiple touchpoints saw 300% ROI (KoMarketing, 2020).

    SOCIAL MEDIA
    29% of customers aged 18 to 39 prefer online chat communication before and after purchase (RingCentral, 2020).

    SELF-SERVICE
    92% of customers say they would use a knowledge base for self-service support if it was available (Vanilla, 2020).

    Customer Service Management (CSM) Software

    Phase 2: Select the Right CSM Vendor

    Conduct a business impact assessment to document the case for CSM tool selection

    Business Opportunity
    Determine high-level understanding of the need that must be addressed, along with the project goals and affiliated key metrics. Establish KPIs to measure project success.

    System Diagram
    Determine the impact on the application portfolio and where integration is necessary.

    Risks
    Identify potential blockers and risk factors that will impede selection.

    High-Level Requirements
    Consider the business functions and processes affected.

    People Impact
    Confirm who will be affected by the output of the technology selection.

    Overall Business Case
    Calculate the ROI and the financial implications of the application selection. Highlight the overarching value.

    Activity: Build the business case

    2 hours

    1. Access the Business Impact Assessment within the Software Selection Workbook (linked below). Store the assessment in a shared folder (such as in SharePoint, OneDrive, or Google Drive).
    2. Set aside two hours (does not need to be all at once) to ensure the selection team aligns with the unifying rationale for selection.
    3. Complete the six steps to arrive at a high-level business case. This case can then be shared and communicated with interested parties (e.g. impacted stakeholders).
    InputOutput
    • Drivers for the business opportunity to adopt CSM tools
    • Understanding of key stakeholders
    • Overview of application portfolio
    • Budgetary information
    • Business Impact Assessment, which captures your high-level business case
    MaterialsParticipants
    • Software Selection Workbook
    • Screen sharing or projector
    • Whiteboard and drawing materials
    • Customer support analyst(s)
    • Infrastructure and Operations lead(s)
    • Representative customer support staff
    • Product management analyst(s)

    Download the Software Selection Workbook

    Elicit and prioritize granular requirements for your CSM platform

    Understanding business needs through requirements gathering is key to defining everything about what is being purchased, yet it is an area where people often make critical mistakes.

    Signs of poorly scoped requirements Best practices
    • Requirements focus on how the solution should work instead of what it must accomplish.
    • Multiple levels of detail exist within the requirements, which are inconsistent and confusing.
    • Requirements drill all the way down into system-level detail.
    • Language is technical and dense, leaving some stakeholder groups confused on what they are actually looking for in a solution.
    • Requirements are copied from a market analysis of the art of the possible, abstract from organization’s own customer persona analysis.
    • Get a clear understanding of what the system needs to do and what it is expected to produce. Build customer personas to assist with identifying high-value use cases.
    • Test against the principle of MECE – requirements should be “mutually exclusive and collectively exhaustive.”
    • Use language that is consistent with that of the market and focus on key differentiators – not table stakes.
    • Include the appropriate level of detail, which should be suitable for procurement and sufficient for differentiating vendors.

    Info-Tech Insight
    Review Info-Tech’s requirements gathering methodology to improve your requirements gathering process.

    Choose your route: RFP or otherwise?

    As you gather requirements, decide which procurement route best suits your context.

    RFI (Request for Information) RFQ (Request for Quotation) RFP (Request for Proposal)
    Purpose and Usage

    Gather information about products/services when you know little about what’s available.

    Often followed by an RFP.

    Solicit pricing and delivery information for products/services with clearly defined requirements.

    Best for standard or commodity products/services.

    Solicit formal proposals from vendors to conduct an evaluation and selection process.

    Formal and fair process; identical for each participating vendor.

    Level of Intent

    Fact-finding there is no commitment to engage the vendor.

    Vendors are often reluctant to provide quotes.

    Committed to procure a specific product/service at the lowest price.

    Intent to buy the products/services in the RFP.

    Business case/approval to spend is already obtained.

    Level of Detail High-level requirements and business goals.

    Detailed specifications of what products/services are needed.

    Detailed contract and delivery terms.

    Detailed business requirements and objectives.

    Standard questions and contract term requests for all vendors.

    Response

    Generalized response with high-level product/services.

    Sometimes standard pricing quote.

    Price quote and confirmation of ability to fulfill desired terms.

    Detailed solution description, delivery approach, customized price quote, and additional requested information.

    Product demo and/or hands-on trial.

    Info-Tech Insight
    If you are in a hurry, consider instead issuing Info-Tech’s Vendor Evaluation Workbook. This workbook speeds up the typical procurement process by adding RFP-like requirements (such as operational and technical requirements) while driving the procurement process via emphasis on high-value use cases.

    Download the Vendor Evaluation Workbook

    Activity: Document requirements

    2 hours

    1. Review each tab of Info-Tech’s CSM Platform RFP Scoring Tool to generate use cases and ideas for your requirements building.
    2. Modify and include additional features you may need, using Info-Tech’s CSM Platform RFP Template to assist with structure (if pursuing an RFP process) or Vendor Evaluation Workbook (if an RFP process is not needed). Pay attention to any nonfunctional requirements (such as security or integrations), alongside future trends of CSM. Vendors must be able to scale with your organization’s growth.
    3. You can use the CSM Platform RFP Scoring Tool again when assessing vendor responses.
    Input Output
    • Key use cases that capture your most important customer service support processes
    • Discussion of CSM future trends and differentiating features
    • Confirmation on organization’s significant nonfunctional requirements (e.g. security or integrations)
    • Either a Requirements Workbook to go straight to shortlisted vendor(s) or an RFP document to solicit a broader market response
    Materials Participants
    • CSM Platform RFP Scoring Tool
    • CSM Platform RFP Template
    • Vendor Evaluation Workbook
    • Customer support analyst(s)
    • Infrastructure and Operations lead(s)
    • Other major stakeholders (for requirements elicitation)

    Download the CSM Platform RFP Scoring Tool

    Download the CSM Platform RFP Template

    Once vendor responses are in, turn product demos into investigative interviews

    Avoid vendor glitz and glamour shows by ensuring vendors are concretely applying their solution to your high-value use cases.

    1 Minimize the number of vendors to four to keep up the pace of the selection process.
    2 Provide a demo script that captures your high-value use cases and differentiating requirements.
    3 Ensure demos are booked close together and the selection committee attends all demos.

    Conduct a day of rapid-fire vendor demos

    Zoom in on high-value use cases and answers to targeted questions

    Rapid-fire vendor investigative interview

    Invite vendors to come onsite (or join you via videoconference) to demonstrate the product and answer questions. Use a highly targeted demo script to help identify how a vendor’s solution will fit your organization’s particular business capability needs.

    Give each vendor 90 to 120 minutes to give a rapid-fire presentation. We suggest the following structure:

    • 30 minutes: Company introduction and vision
    • 60 minutes: Walkthrough of two or three high-value demo scenarios
    • 30 minutes: Targeted Q&A from the business stakeholders and procurement team

    To ensure a consistent evaluation, vendors should be asked analogous questions and answers should be tabulated.

    How to challenge the vendors in the investigative interview

    • Change the visualization/presentation.
    • Change the underlying data.
    • Add additional data sets to the artifacts.
    • Test voice quality (if the vendor offers a native telephony channel).
    • Test collaboration capabilities.

    To kick-start scripting your demo scenarios, leverage our CSM Platform Vendor Demo Script Template.

    A vendor scoring model provides a clear anchor point for your evaluation of CRM vendors based on a variety of inputs

    A vendor scoring model is a systematic method for effectively assessing competing vendors. A weighted-average scoring model is an approach that strikes a strong balance between rigor and evaluation speed.

    How do I build a scoring model? What are some of the best practices?
    • Start by shortlisting the key criteria you will use to evaluate your vendors. Functional capabilities should always be a critical category, but you’ll also want to look at criteria such as affordability, architectural fit, and vendor viability.
    • Depending on the complexity of the project, you may break down some criteria into subcategories to assist with evaluation (for example, breaking down functional capabilities into constituent use cases so you can score each one).
    • Once you’ve developed the key criteria for your project, the next step is weighting each criterion. Your weightings should reflect the priorities for the project at hand. For example, some projects may put more emphasis on affordability, others on vendor partnership.
    • Using the information collected in the subsequent phases of this blueprint, score each criterion from 1 to 100, then multiply by the weighting factor. Add up the weighted scores to arrive at the aggregate evaluation score for each vendor on your shortlist.
    • While the criteria for each project may vary, it’s helpful to have an inventory of repeatable criteria that can be used across application selection projects. The next slide contains an example that you can add to or subtract from.
    • Don’t go overboard on the number of criteria: five to ten weighted criteria should be the norm for most projects. The more criteria (and subcriteria) you must score against, the longer it will take to conduct your evaluation. Always remember, link the level of rigor to the size and complexity of your project! It’s possible to create a convoluted scoring model that takes significant time to fill out but yields little additional value.
    • Creation of the scoring model should be a consensus-driven activity among IT, procurement, and the key business stakeholders – it should not be built in isolation. Everyone should agree on the fundamental criteria and weights that are employed.
    • Consider using not just the outputs of investigative interviews and RFP responses to score vendors, but also third-party review services like SoftwareReviews.

    Info-Tech Insight
    Even the best scoring model will still involve some “art” rather than science. Scoring categories such as vendor viability always entail a degree of subjective interpretation.

    Define how you will score vendor responses and demos

    Your key CSM criteria should be informed by the following goals, use cases, and requirements.

    Criteria Description
    Functional Capabilities How well does the vendor align with the top-priority functional requirements identified in your accelerated needs assessment? What is the vendor’s functional breadth and depth?
    Affordability How affordable is this vendor? Consider a three-to-five-year total cost of ownership (TCO) that encompasses not just licensing costs but also implementation, integration, training, and ongoing support costs.
    Architectural Fit How well does this vendor align with your direction from an enterprise architecture perspective? How interoperable is the solution with existing applications in your technology stack? Does the solution meet your deployment model preferences?
    Extensibility How easy is it to augment the base solution with native or third-party add-ons as your business needs may evolve?
    Scalability How easy is it to expand the solution to support increased user, data, and/or customer volumes? Does the solution have any capacity constraints?
    Vendor Viability How viable is this vendor? Are they an established player with a proven track record or a new and untested entrant to the market? What is the financial health of the vendor? How committed are they to the particular solution category?
    Vendor Vision Does the vendor have a cogent and realistic product roadmap? Are they making sensible investments that align with your organization’s internal direction?
    Emotional Footprint How well does the vendor’s organizational culture and team dynamics align to yours?
    Third-Party Assessments and/or References How well-received is the vendor by unbiased third-party sources like SoftwareReviews? For larger projects, how well does the vendor perform in reference checks (and how closely do those references mirror your own situation)?

    Leverage Info-Tech’s Contract Review Services to level the playing field with shortlisted vendors

    You may be faced with multiple products, services, master service agreements, licensing models, service agreements, and more.

    Use Info-Tech’s Contract Review Services to gain insights on your agreements.

    Consider the aspects of a contract review:

    1. Are all key terms included?
    2. Are they applicable to your business?
    3. Can you trust that results will be delivered?
    4. What questions should you be asking from an IT perspective?

    Validate that a contract meets IT’s and the business’ needs by looking beyond the legal terminology. Use a practical set of questions, rules, and guidance to improve your value for dollar spent.

    Book Contract Review Service

    Download Master Contract Review and Negotiation for Software Agreements

    Customer Service Management (CSM) Software

    Vendor Analysis

    Evaluate software category leaders through vendor rankings and awards

    SoftwareReviews

    The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.

    Vendors are ranked by their Composite Score, based on individual feature evaluations, user satisfaction rankings, vendor capability comparisons, and likeliness to recommend the platform.

    The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.

    Vendors are ranked by their Customer Experience (CX) Score, which combines the overall Emotional Footprint rating with a measure of the value delivered by the solution.

    Speak with category experts to dive deeper into the vendor landscape

    SoftwareReviews

    Fact-based reviews of business software from IT professionals.

    Product and category reports with state-of-the-art data visualization.

    Top-tier data quality backed by a rigorous quality assurance process.

    User-experience insight that reveals the intangibles of working with a vendor.

    SoftwareReviews is powered by Info-Tech

    Technology coverage is a priority for Info-Tech, and SoftwareReviews provides the most comprehensive, unbiased data on today’s technology. Combined with the insight of our expert analysts, our members receive unparalleled support in their buying journey.

    Click here to access SoftwareReviews

    Comprehensive software reviews to make better IT decisions

    We collect and analyze the most detailed reviews on enterprise software from real users to give you an unprecedented view into the product and vendor before you buy.

    Microsoft Dynamics 365

    Est. 2003 | WA, USA | MSFT:NASDAQ

    Bio

    To accelerate your digital transformation, you need a new type of business application. One that breaks down the silos between CRM and ERP, that’s powered by data and intelligence, and helps capture new business opportunities. That’s Microsoft Dynamics 365.

    Offices

    Microsoft is located all over the world. For a full list, see Microsoft Worldwide Sites.

    representative Customers

    Stated Industry Specializations

    • Covers an extremely wide range of industries, such as finance, education, government, healthcare, manufacturing, and retail.

    Software review for Microsoft

    SoftwareReviews’ CSM Enterprise Vendor Ranking
    (out of 7)

    Likeliness to Recommend

    • 7th (81%)

    Plan to Renew

    • 6th (93%)

    Satisfaction That Cost Is Fair Relative to Value

    • 2nd (81%)

    Strengths

    • Product Strategy and Rate of Improvement (1st)
    • Ease of Customization (1st)
    • Breadth of Features (2nd)

    Areas to Improve

    • Availability and Quality of Training (5th)
    • Ease of Implementation (7th)
    • Usability and Intuitiveness (7th

    Microsoft Dynamics 365

    History

    Founded 2003 (as Microsoft Dynamics CRM)
    2005 Second version branded Dynamics 3.0.
    2009 Dynamics CRM 4.0 (Titan) passes 1 million user mark.
    2015 Announces availability of CRM Cloud design for FedRAMP compliance.
    2016 Dynamics 365 released as successor to Dynamics CRM.
    2016 Microsoft’s acquisition of LinkedIn provides line of data to 500 million users.
    2021 First-party voice channel added to Dynamics 365.
    2022 Announces Digital Contact Center Platform powered with Nuance AI, MS Teams, and Dynamics 365.

    Microsoft is rapidly innovating in the customer experience technology marketspace. Alongside Dynamics 365’s omnichannel offering, Microsoft is building out its own native contact center platform. This will provide new opportunities for centralization without multivendor management between Dynamics 365, Microsoft Teams, and an additional third-party telephony or contact-center-as-a-service (CCaaS) vendor. SoftwareReviews reports suggest that Microsoft is a market leader in the area of product innovation for CSM, and this area of voice channel capability is where I see most industry interest.

    Of course, Dynamics 365 is not a platform to get only for CSM functionality. Users will typically be a strong Microsoft shop already (using Dynamics 365 for customer relationship management) and are looking for native CSM features to enhance customer service workflow management and self-service.
    Thomas Randall
    Research Director, Info-Tech Research Group

    Info-Tech Insight
    Pricing for Microsoft Dynamics 365 is often contextualized to an organization’s needs. However, this can create complicated licensing structures. Two Info-Tech resources to assist are:

    *This service may be used for other enterprise CSM providers too, including Salesforce, ServiceNow, SAP, and Oracle.
    Contact your account manager to review your access to this service.

    Freshworks

    Est. 2010 | CA, USA | FRSH:NASDAQ

    Bio

    Freshworks' cloud-based customer support software, Freshdesk, makes customer happiness refreshingly easy. With powerful features, an easy-to-use interface, and a freemium pricing model, Freshdesk enables companies of all sizes to provide a seamless multichannel support experience across email, phone, web, chat, forums, social media, and mobile apps. Freshdesk’s capabilities include robust ticketing, SLA management, smart automations, intelligent reporting, and game mechanics to motivate agents.

    Offices

    • Americas: US
    • Asia-Pacific (APAC): Australia, India, Singapore
    • Europe, Middle East, and Africa (EMEA): France, Germany, Netherlands, UK

    Freshworks Representative Customers

    Stated Industry Specializations

    • Automotive
    • Education
    • Energy
    • Finance
    • Healthcare
    • Nonprofit
    • Professional Services
    • Publishing
    • Real Estate
    • Retail
    • Travel

    Software Review of Freshworks

    SoftwareReviews’ CSM Enterprise Vendor Ranking
    (out of 7)

    Likeliness to Recommend

    • 3rd (83%)

    Plan to Renew

    • 4th (94%)

    Satisfaction That Cost Is Fair Relative to Value

    • 3rd (80%)

    Strengths

    • Breadth of Features (1st)
    • Usability and Intuitiveness (1st)
    • Ease of Implementation (2nd)

    Areas to Improve

    • Ease of IT Administration (3rd)
    • Vendor Support (4th)
    • Product Strategy and Rate of Improvement (4th)

    Freshworks

    History

    Founded 2010
    2011 Freshdesk forms a core component of product line.
    2014 Raises significant capital in Series D round: $31M.
    2016 Acquires Airwoot, enabling real-time customer support on social media.
    2019 Raises $150M in Series H funding round.
    2019 Acquires Natero, which predicts, analyzes, and drives customer behavior.
    2021 Surpasses $300M in annual recurring revenues.
    2021 Freshworks posts its IPO listing.

    Freshworks stepped into the SaaS customer support marketspace in 2010 to attract dissatisfied Zendesk eSupport customers, following Zendesk’s large price increases that year (of 300%). After performing well during the pandemic, Freshworks has reinforced its global positioning in the CSM tool marketspace; SoftwareReviews data suggests Freshworks performs very well against its competitors for breadth and intuitiveness of its features.

    Freshworks receives strong recommendations from Info-Tech’s members, boasting a broad product selection that enables opportunities for scaling and receiving a high rate of value return. Of note are Freshworks’ internal customer management solution and its native contact center offering, limiting multivendor management typically required for integrating separate IT service management (ITSM) and CCaaS solutions.
    Thomas Randall
    Research Director, Info-Tech Research Group

    Free Growth Pro Enterprise
    • $0 up to 10 agents
    • Knowledge base
    • Ticket routing
    • Out-of-box analytics
    • $15 agent/month
    • Collision detection
    • Integrations
    • Automated follow-ups
    • $49 agent/month
    • Multiple product lines
    • Personalization
    • CSAT surveys
    • Customer journey
    • $79 agent/month
    • Assist bot and email bot
    • Skill-based routing

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor’s website for latest information.

    Help Scout

    Est. 2006 | MA, USA | HUBS:NYSE

    Bio
    Help Scout is designed with your customers in mind. Provide email and live chat with a personal touch and deliver help content right where your customers need it, all in one place, all for one low price. The customer experience is simple and training staff is painless, but Help Scout still has all the powerful features you need to provide great support at scale. With best-in-class reporting, an integrated knowledge base, 50+ integrations, and a robust API, Help Scout lets your team focus on what really matters: your customers.

    Offices

    • Americas: Canada, Colombia, US
    • APAC: Australia, Japan, Singapore
    • EMEA: Belgium, France, Ireland, Germany, UK

    Questions for support transition

    Stated Industry Specializations

    • eCommerce
    • Education
    • Finance
    • Healthcare
    • Logistics
    • Manufacturing
    • Media
    • Professional Services
    • Property Management
    • Software

    Software Review of Help Scout

    SoftwareReviews’ CSM Enterprise Vendor Ranking
    (out of 7)

    Likeliness to Recommend

    • 4th (82%)

    Plan to Renew

    • 7th (87%)

    Satisfaction That Cost Is Fair Relative to Value

    • 7th (71%)

    Strengths

    • Business Value Created (1st)
    • Ease of Data Integration (1st)
    • Breadth of Features (3rd)

    Areas to Improve

    • Ease of IT Administration (5th)
    • Product Strategy and Rate of Improvement (5th)
    • Quality of Features (6th)

    Help Scout

    History

    Founded 2011
    2015 Raised $6M in Series A funding.
    2015 Rebrands from Brightwurks to Help Scout.
    2015 Named by Appstorm as one of six CSM tools to delight Mac users.
    2016 iOS app released.
    2017 Android app released.
    2020 All employees instructed to work remotely.
    2021 Raises $15M in Series B funding.

    Help Scout provides a simplified, standalone CSM tool that operates like a shared email inbox. Best suited for mid-sized organizations, customers can expect live chat, in-app messaging, and knowledge-base functionality. A particular strength is Help Scout’s integration capabilities, with a wide range of CRM, eCommerce, marketing, and communication APIs available. This strength is also reflected in the data: SoftwareReviews lists Help Scout as first in its CSM category for ease of data integrations.

    Customers who are expecting a broader range of channels (including voice, video cobrowsing, and so on) will not find good return on investment with Help Scout. However, for mid-sized organizations looking to begin maturing their customer service management, Help Scout provides a strong foundation – especially for enhancing in-house collaboration between support staff.
    Thomas Randall
    Research Director, Info-Tech Research Group

    Standard Plus Pro
    • $20 user/month
    • Live chat
    • Up to 25 users
    • 50+ integrations
    • 2 mailboxes
    • $40 user/month
    • Advanced permissions
    • Group users
    • 5 mailboxes
    • $65 user/month
    • HIPAA compliance
    • Onboarding service
    • Dedicated account manager

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor’s website for latest information.

    HubSpot

    Est. 2006 | MA, USA | HUBS:NYSE

    Bio
    HubSpot’s Service Hub brings all your customer service data and channels together in one place and helps scale your support through automation and self-service. The result? More time for proactive service that delights, retains, and grows your customer base. HubSpot provides software and support to help businesses grow better. The overall platform includes marketing, sales, service, and website management products that start free and scale to meet our customers’ needs at any stage of growth.

    Offices

    • Americas: Canada, Colombia, US
    • APAC: Australia, Japan, Singapore
    • EMEA: Belgium, France, Ireland, Germany, UK

    HubSpot Representative Customers

    Stated Industry Specializations

    • Covers an extremely wide range of industries, such as finance, education, healthcare, manufacturing, and retail.

    Software Review for HubSpot

    SoftwareReviews’ CSM Enterprise Vendor Ranking
    (out of 7)

    Likeliness to Recommend

    • 1st (88%)

    Plan to Renew

    • 1st (98%)

    Satisfaction That Cost Is Fair Relative to Value

    • 5th (78%)

    Strengths:

    • Vendor Support (1st)
    • Availability and Quality of Training (1st)
    • Ease of IT Administration (1st)

    Areas to Improve:

    • Ease of Data Integration (5th)
    • Ease of Customization (5th)
    • Breadth of Features (7th)

    HubSpot

    History

    Founded 2006
    2013 Opens first international office in Ireland.
    2014 First IPO listing on NYSE, raising $140M.
    2015 Milestone for acquiring 15,000 customers
    2017 Acquires Kemvi for AI and ML support for sales teams.
    2019 Acquires PieSync for customer data synchronization.
    2021 Yamini Rangan is announced as new CEO.
    2021 Records $1B in revenues.

    HubSpot is a competitive player in the enterprise sales and marketing technology market. Offering an all-in-one platform, HubSpot allows users to leverage its CRM, marketing solutions, content management tool, and CSM tool. Across knowledge management, contact center integration, and customer self-service, SoftwareReviews data pits HubSpot as performing better than its enterprise competitors.

    While customers can leverage HubSpot’s CSM tool independently, watch out for scope creep. HubSpot’s other offerings are tightly integrated and module extensions could quickly add up in price. HubSpot may not be affordable for most regional, mid-sized organizations, and a poor ROI may be expected. For instance, the Pro plan is required to get a knowledge base, which is typically a standard CSM feature – yet the same plan also comes with multicurrency support, which could remain unleveraged.
    Thomas Randall
    Research Director, Info-Tech Research Group

    Free Starter Pro Enterprise
    • $0 month
    • Ticketing
    • Live chat
    • 200 notifications per month
    • $45 month
    • 5,000 email templates
    • White label
    • 500 calling minutes
    • $450 month
    • 30 currencies
    • Knowledge base
    • Up to 300 workflows
    • $1,200 month
    • Conversation intelligence
    • SSO

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor’s website for latest information.

    Salesforce

    Est. 1999 | CA, USA | CRM:NYSE

    Bio

    Service Cloud customer service software gives you faster, smarter customer support. Salesforce provides customer relationship management software and applications focused on sales, customer service, marketing automation, analytics, and application development.

    Offices

    • Americas: US
    • APAC: Australia, India, Singapore
    • EMEA: France, Germany, Netherlands, UK

    Salesforce Representative Customers

    Stated Industry Specializations

    • Covers an extremely wide range of industries, such as finance, education, government, healthcare, manufacturing, and retail.

    Software Review for Salesforce

    SoftwareReviews’ CSM Enterprise Vendor Ranking
    (out of 7)

    Likeliness to Recommend

    • 6th (81%)

    Plan to Renew

    • 2nd (96%)

    Satisfaction That Cost Is Fair Relative to Value

    • 4th (79%)

    Strengths:

    • Usability and Intuitiveness (5th)
    • Breadth of Features (5th)
    • Ease of Implementation (6th)

    Areas to Improve:

    • Ease of IT Administration (7th)
    • Availability and Quality of Training (7th)
    • Ease of Customization (7th)

    Salesforce

    History

    Founded 1999
    2000 Salesforce launches its cloud-based products.
    2003 The first Dreamforce (a leading CX conference) happens.
    2005 Salesforce unveils AppExchange.
    2013 Salesforce acquires ExactTarget and expands Marketing Cloud offering.
    2016 Salesforce acquires Demandware, launches Commerce Cloud.
    2019 Salesforce acquires Tableau to expand business intelligence capabilities.
    2021 Salesforce buys major collaboration vendor Slack.

    Salesforce was an early disruptor in CRM marketspace, placing a strong emphasis on a SaaS delivery model and end-user experience. This allowed Salesforce to rapidly gain market share at the expense of complacent enterprise application vendors. A series of savvy acquisitions over the years has allowed Salesforce to augment its core Sales and Service Clouds with a wide variety of other solutions, from ecommerce to marketing automation – and recently Slack for internal collaboration.

    Salesforce Service Cloud Voice is now available to take advantage of integrating telephony and voice channels into your CRM. This service is still maturing, though, with Salesforce selecting Amazon Connect as its preferred integrator. However, Connect is not necessarily plug-and-play – it is a communications platform as a service, requiring you to build your own contact center solution. This is either a fantastic opportunity for creativity or a time suck of already tied-up resources.
    Thomas Randall
    Research Director, Info-Tech Research Group

    Service Cloud Essentials Service Cloud Professional Service Cloud Enterprise Service Cloud Unlimited
    • $25 user/month
    • Small businesses after basic functionality
    • $75 user/month
    • Mid-market target
    • $150 user/month
    • Enterprise target
    • Web Services API
    • $300 user/month
    • Strong upmarket feature additions

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor’s website for latest information.

    Zendesk

    Est. 2007 | CA, USA | ZEN:NYSE

    Bio

    Zendesk streamlines your support with time-saving tools like ticket views, triggers, and automations. This helps you get straight to what matters most – better customer service and more meaningful conversations. Today, Zendesk is the champion of great service everywhere for everyone and powers billions of conversations, connecting more than 100,000 brands with hundreds of millions of customers over telephony, chat, email, messaging, social channels, communities, review sites, and help centers.

    Offices

    • Americas: Brazil, Canada, US
    • APAC: Australia, China, India, Indonesia, Japan, Korea, Malaysia, Philippines, Singapore, Thailand, Vietnam
    • EMEA: Denmark, France, Germany, Ireland, Italy, Netherlands, Poland, Spain, Sweden, UK

    Zendesk Representative Customers

    Stated Industry Specializations

    • Education
    • Finance
    • Government
    • Healthcare
    • Manufacturing
    • Media
    • Retail
    • Software
    • Telecommunications

    Software Review for Zendesk

    SoftwareReviews’ CSM Enterprise Vendor Ranking
    (out of 7)

    Likeliness to Recommend

    • 5th (81%)

    Plan to Renew

    • 5th (94%)

    Satisfaction That Cost Is Fair Relative to Value

    • 6th (77%)

    Strengths

    • Ease of IT Administration (2nd)
    • Ease of Implementation (5th)
    • Quality of Features (5th)

    Areas to Improve

    • Business Value Created (7th)
    • Vendor Support (7th)
    • Product Strategy and Rate of Improvement (7th)

    Zendesk

    History

    Founded 2007
    2008 Initial seed funding of $500,000.
    2009 Receives $6M through Series B Funding.
    2009 Relocates from Copenhagen to San Francisco.
    2014 Acquires Zopin Technologies.
    2014 Listed on NYSE.
    2015 Acquires We Are Cloud SAS.
    2018 Launches Zendesk Sell.

    Zendesk is a global player in the CSM tool marketspace and works with enterprises across a wide variety of industries. Unlike some other CSM players, Zendesk provides more service channels at its lowest licensing offer, affording organizations a quicker expansion in customer service delivery without making enterprise-grade investments. However, the price of the lowest licensing offer starts much higher than Zendesk’s competitors; organizations will need to consider if the cost to try Zendesk over an annual contract is within budget.

    Unfortunately, SoftwareReviews data suggests that Zendesk may not always provide that immediate value, especially to mid-sized organizations. Zendesk is rated lower for vendor support and business value created. However, Zendesk provides strong functionality that competes with other enterprise players, and mid-sized organizations are continually impressed with Zendesk’s automation workflows.
    Thomas Randall
    Research Director, Info-Tech Research Group

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor’s website for latest information.

    Team Growth Pro
    • $49 user/month
    • Ticketing
    • Email, voice, SMS, and live chat channels
    • $79 user/month
    • AI-powered knowledge management
    • Self-service portal
    • $99 user/month
    • HIPAA compliance
    • Customizable dashboards

    LiveChat

    Est. 2002 | Poland | WSE:LVC

    Bio

    Manage all emails from customers in one app and save time on customer support. LiveChat is a real-time live-chat software tool for ecommerce sales and support that is helping ecommerce companies create a new sales channel. It serves more than 30,000 businesses in over 150 countries, including large brands like Adobe, Asus, LG, Acer, Better Business Bureau, and Air Asia and startups like SproutSocial, Animoto, and HasOffers.

    Offices

    • Americas: US
    • EMEA: Poland

    LiveChat Representative Customers

    Stated Industry Specializations

    • eCommerce
    • Education
    • Finance
    • Software and IT

    Software Review for LiveChat

    SoftwareReviews’ CSM Midmarket Vendor Ranking
    (out of 8)

    Likeliness to Recommend

    • 1st (93%)

    Plan to Renew

    • 4th (92%)

    Satisfaction That Cost Is Fair Relative to Value

    • 5th (83%)

    Strengths

    • Product Strategy and Rate of Improvement (1st)
    • Usability and Intuitiveness (1st)
    • Breadth of Features (1st)

    Areas to Improve

    • Ease of Implementation (5th)
    • Ease of IT Administration (5th)
    • Ease of Customization (7th)

    LiveChat

    History

    Founded 2002
    2006 50% of company stock bought by Capital Partners.
    2008 Capital Partners sells entire stake to Naspers.
    2011 LiveChat buys back majority of stakeholder shares.
    2013 Listed by Red Herring in group of most innovative companies across Europe.
    2014 Listed on Warsaw Stock Exchange.
    2019 HelpDesk is launched.
    2020 Offered services for free to organizations helping mitigate the pandemic.

    LiveChat’s HelpDesk solution for CSM is a relatively recent solution (2019) that is proving very popular for small to mid-sized businesses (SMBs) – especially across Western Europe. SoftwareReviews’ data shows that HelpDesk is well-rated for breadth of features, usability and intuitiveness, and rate of improvement. Indeed, LiveChat has won and been shortlisted for several awards over the past decade for customer feedback, innovation, and fast growth to IPO.

    When shortlisting LiveChat’s HelpDesk, SMBs should be careful of scope creep. LiveChat offers a range of other solutions that are intended to work together. The LiveChat self-titled product is designed to integrate with HelpDesk to provide ticketing, email management, and chat management. Moreover, LiveChat’s AI-based ChatBot (for automated webchat) comes with additional cost (starting at $52 team/month).
    Thomas Randall
    Research Director, Info-Tech Research Group

    Team Plan Enterprise
    • $29 user/month.
    • Customized canned responses
    • Real-time reporting
    • Request quote
    • White labelling
    • Product training
    • Account manager

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor’s website for latest information.

    ManageEngine

    Est. 1996 | India | Privately Owned

    Bio

    SupportCenter Plus is a web-based customer support software that lets organizations effectively manage customer tickets, their account and contact information, and their service contracts, and in the process provide a superior customer experience. ManageEngine is a division of Zoho.

    Offices

    • Americas: Brazil, Colombia, Mexico, US
    • APAC: Australia, China, India, Japan, Singapore
    • EMEA: Netherlands, Saudi Arabia, South Africa, UAE, UK

    ManageEngine Representative Customers

    Stated Industry Specializations

    • None stated but representative customers cover manufacturing, R&D, real estate, and transportation.

    Software Review for ManageEngine

    SoftwareReviews’ CSM Midmarket Vendor Ranking
    (out of 8)

    Likeliness to Recommend

    • 6th (85%)

    Plan to Renew

    • 5th (91%)

    Satisfaction That Cost Is Fair Relative to Value

    • 6th (83%)

    Strengths

    • Ease of Customization (1st)
    • Ease of Implementation (2nd)
    • Ease of IT Administration (2nd)

    Areas to Improve

    • Quality of Features (4th)
    • Usability and Intuitiveness (6th)
    • Availability and Quality of Training (8th)

    ManageEngine

    History

    Founded 1996
    2002 Branches from Zoho to become division focused on IT management.
    2004 Becomes an authorized MySQL Partner.
    2009 Begins shift of offerings into the cloud.
    2010 Tops 35,000 customers.
    2011 Integration with Zoho Assist.
    2015 Integration with Zoho Reports.

    ManageEngine, as a division of Zoho, has its strengths in IT operations management (ITOM). SupportCenter thus scores well in our SoftwareReviews data for ease of customization, implementation, and administration. As ManageEngine is a frequently discussed low-cost vendor in the ITOM market, customers often get good scalability across IT, sales, and marketing teams. Although SupportCenter is aimed at the midmarket and is low cost, organizations have the benefit of ManageEngine’s global presence and backing by Zoho for viability.

    However, because ManageEngine’s focus is ITOM, the breadth and quality of features for SupportCenter are not rated as well compared to its competitors. These features may be “good enough,” but usability and intuitiveness is not scored high. Organizations thinking about SupportCenter are recommended to identify their high-value use cases and perform user acceptance testing before adopting.
    Thomas Randall
    Research Director, Info-Tech Research Group

    Standard* Pro* Enterprise*
    • Account and contact management
    • Knowledge base
    • SLA management
    • Customer portal
    • Active Directory integration
    • Reporting and dashboards
    • Billing contracts
    • Live chat
    • APIs
    • Automation tools

    *Pricing unavailable. Request quote.
    See pricing on vendor’s website for latest information.

    Zoho Desk

    Est. 1996 | India | Privately Owned

    Bio

    Use the power of customer context to improve agent productivity, promote self-service, manage cross-functional service processes, and increase customer happiness. Zoho offers beautifully smart software to help you grow your business. With over 80 million users worldwide, Zoho's 55+ products (including Zoho Desk) aid your sales and marketing, support and collaboration, finance, and recruitment needs – letting you focus only on your business.

    Offices

    • Americas: Brazil, Colombia, Mexico, US
    • APAC: Australia, China, India, Japan, Singapore
    • EMEA: Netherlands, Saudi Arabia, South Africa, UAE, UK

    Zoho Desk Representative Customers

    Stated Industry Specializations

    • Covers an extremely wide range of industries, such as finance, education, government, healthcare, manufacturing, and retail.

    Software Review for Zoho Desk

    SoftwareReviews’ CSM Midmarket Vendor Ranking
    (out of 8)

    Likeliness to Recommend

    • 2nd (90%)

    Plan to Renew

    • 2nd (98%)

    Satisfaction That Cost Is Fair Relative to Value

    • 3rd (83%)

    Strengths

    • Breadth of Features (2nd)
    • Quality of Features (3rd)
    • Ease of Implementation (3rd)

    Areas to Improve

    • Business Value Created (5th)
    • Ease of Data Integration (5th)
    • Product Strategy and Rate of Improvements (5th)

    Zoho Desk

    History

    Founded 1996
    2001 Expands into Japan and shifts focus to SMBs.
    2006 Zoho CRM is launched, alongside first Office suite.
    2008 Reaches 1M users.
    2009 Rebrands from AdventNet to Zoho Corp.
    2011 Zoho Desk is built and launched.
    2017 Zoho One, a suite of applications, is launched.
    2020 Reaches 50M users.

    Zoho Desk is one of the highest scoring CSM tool providers for likelihood to renew and recommend (98% and 90%, respectively). A major reason is that users receive a broad range of functionality for a lower-cost price model. There is also the capacity to scale with Zoho Desk as midmarket customers expand; companies can grow with Zoho and can receive high return on investment in the process.

    However, while Zoho Desk can be used as a standalone CSM tool, there is danger of scope creep with other Zoho products. Zoho now has 50+ applications, all tied into one another. For Zoho Desk, customers may also lean into Zoho Assist (for troubleshooting customer problems via remote access) and Zoho Lens (for reality-based remote assistance, typically for plant machinery or servers). Consequently, customers should keep an eye on business value created if the scope of CSM grows wider.
    Thomas Randall
    Research Director, Info-Tech Research Group

    Standard Pro Enterprise
    • $14 user/month
    • 1 social media channel
    • 5 workflow rules
    • $23 user/month
    • Telephony channel
    • Round-robin ticket assignment
    • Ticket sharing
    • $40 user/month
    • Live chat
    • Contract management SLAs

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor’s website for latest information.

    Summary of AccomplishmentSuccessful selection of a CSM tool

    In this trends and buyer’s guide for CSM tool selection, we engaged in several activities to:

    1. Contextualize the CSM technology marketspace.
    2. Engage in a selection process for CSM tools.

    The result:

    • Understanding of key trends and differentiating features in the CSM marketspace.
    • Determination of your organization’s customer service maturity (and thus if a standalone CSM tool is relevant).
    • Identification of high-value use cases that CSM tools should successfully enable.
    • Evaluation of major vendors in the CSM marketspace to discover the best-fitting provider.
    • Procurement items to finalize selection process.

    If you would like additional support, have our analysts guide you through an Info-Tech workshop or Guided Implementation

    Contact your account representative for more information.
    workshops@infotech.com
    1-888-670-8889

    Related Info-Tech Research

    Governance and Management of Enterprise Software Implementation

    • Being Agile will increase the likelihood of success.

    The Rapid Application Selection Framework

    • Application selection is a critical activity for IT departments. Implement a repeatable, data-driven approach that accelerates application selection efforts.

    Build a Strong Technology Foundation for Customer Experience Management

    • Design an end-to-end technology strategy to drive sales revenue, enhance marketing effectiveness, and create compelling experiences for your customers.

    Bibliography

    Capers, Zach. “How the Pandemic Changed Customer Attitudes Toward Biometric Technology.” GetApp, 21 Feb. 2022. Accessed Nov. 2022.

    Gomez, Jenny. “The Good, the Bad, and the Ugly: A History of Customer Service.” Lucidworks, 15 Jul. 2021. Accessed Nov. 2022.

    Hoory. “History of Customer Service: How Did It All Begin?” Hoory, 24 Mar. 2022. Accessed Nov. 2022.

    Patel, Snigdha. “Top 10 Customer Service Technology Trends to Follow in 2022.” Reve Chat, 21 Feb. 2021. Accessed Nov. 2022.

    RingCentral. “The 2020 Customer Communications Review: A Survey of How Consumers Prefer to Communicate with Businesses.” RingCentral, 2020. Accessed Nov. 2022.

    Robinson-Yu, Sarah. “What is a Knowledgebase? How Can It Help my Business?” Vanilla, 25 Feb. 2022. Accessed Nov. 2022.

    Salesforce. “The Complete History of CRM.” Salesforce, n.d. Accessed Nov. 2022.

    Salesforce. “State of the Connected Customer.” 5th ed. Salesforce, 2022. Accessed Nov. 2022.

    Sprinklr. “How AzkoNobel UK Reduced Response Times and Increased Engagement.” Sprinklr, 2021. Accessed Nov. 2022.

    Vermes, Krystle. “Study: 70% of Marketers Using Advanced Personalization Seeing 200% ROI.” KoMarketing, 2 Jun. 2020. Accessed Nov. 2022.

    Research Contributors and Experts

    Colin Taylor, CEO, The Taylor Research Group

    Colin Taylor
    CEO
    The Taylor Reach Group

    Recognized as one of the leading contact/call center pioneers and experts, Colin has received 30 awards on two continents for excellence in contact center management and has been acknowledged as a leader and influencer on the topics of call/contact centers, customer service, and customer experience, in published rankings on Huffington Post, Call Center Helper, and MindShift. Colin was recognized as number 6 in the global 100 for customer service.

    The Taylor Reach Group is a contact center, call center and customer experience (CX) consultancy specializing in CX consulting and call and contact center consulting, management, performance, technologies, site selection, tools, training development and center leadership training, center audits, benchmarking, and assessments.

    David Thomas, Customer Service Specialist, Freedom Mobile

    David Thomas
    Customer Service Specialist
    Freedom Mobile

    David Thomas has both managerial and hands-on experience with delivering quality service to Freedom Mobile customers. With several years being involved in training customer support and being at the forefront of retail during the pandemic, David has witnessed first-hand how to incentivize staff with the right metrics that create positive experiences for both staff and customers.

    Freedom Mobile Inc. is a Canadian wireless telecommunications provider owned by Shaw Communications. It has 6% market share of Canada, mostly in urban areas of Ontario, British Columbia, and Alberta. Freedom Mobile is the fourth-largest wireless carrier in Canada.

    A special thanks to three other anonymous contributors, all based in customer support and contact center roles for Canada’s National Park Booking Systems’ software provider.

    Innovation

    • Buy Link or Shortcode: {j2store}21|cart{/j2store}
    • Related Products: {j2store}21|crosssells{/j2store}
    • Teaser Video: Visit Website
    • Teaser Video Title: Digital Ethics = Data Equity
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • sidebar graphic: Visit Link
    • Parent Category Name: Strategy and Governance
    • Parent Category Link: /strategy-and-governance
    Innovation is the at heart of every organization, especially in these fast moving times. It does not matter if you are in a supporting or "traditional" sector.  The company performing the service in a faster, better and more efficient way, wins.

    innovation

    Create a Horizontally Optimized SDLC to Better Meet Business Demands

    • Buy Link or Shortcode: {j2store}149|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Development
    • Parent Category Link: /development
    • While teams are used to optimizing their own respective areas of responsibility, there is lack of clarity on the overall core SDLC process resulting in applications being released that are of poor quality.
    • Software development teams are struggling to release on time and within budget.
    • Teams do not understand the overall process, are not communicating well, and traceability is hard to achieve.
    • Each team claims to be optimized yet the final deliverable doesn’t reflect the expected quality.

    Our Advice

    Critical Insight

    • Optimizing can make you worse. One cannot just optimize locally – the SDLC must be optimized in its entirety to ensure traceability across the process.
    • Separate process from framework.
      You don’t need to “Go Agile” or follow other industry jargon to effectively optimize your SDLC.
    • SDLC process improvement is ongoing.
      Start with your team’s current capabilities and optimize. You should set expectations that new improvements will always come in the future.

    Impact and Result

    • Use a systematic framework to bring out local optimizations as potential candidates for SDLC optimization.
    • Prioritize those candidates that will aid in optimizing the overall core SDLC process.
    • Create the necessary governance and control structures to sustain the changes.
    • Use Info-Tech tools and templates to accelerate your process optimization.

    Create a Horizontally Optimized SDLC to Better Meet Business Demands Research & Tools

    Start here – read the Executive Brief

    Read this Executive Brief to understand Info-Tech's approach to SDLC optimization and why the SDLC must be optimized in its entirety to ensure traceability across the process.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Document the current state of the SDLC

    This phase of the blueprint will help in understanding the organization's business priorities, documenting the current SDLC process, and identifing current SDLC challenges.

    • Create a Horizontally Optimized SDLC to Better Meet Business Demands – Phase 1: Document the Current State of the SDLC
    • SDLC Optimization Playbook

    2. Define root causes, determine optimization initiatives, and define target state

    This phase of the blueprint, will help with defining root causes, determining potential optimization initiatives, and defining the target state of the SDLC.

    • Create a Horizontally Optimized SDLC to Better Meet Business Demands – Phase 2: Define Root Causes, Determine Optimization Initiatives, and Define Target State

    3. Develop a rollout strategy for SDLC optimization

    This phase of the blueprint will help with prioritizing initiatives in order to develop a rollout strategy, roadmap, and communication plan for the SDLC optimization.

    • Create a Horizontally Optimized SDLC to Better Meet Business Demands – Phase 3: Develop a Rollout Strategy for SDLC Optimization
    • SDLC Communication Template
    [infographic]

    Workshop: Create a Horizontally Optimized SDLC to Better Meet Business Demands

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Document Your Current SDLC

    The Purpose

    Understand SDLC current state.

    Key Benefits Achieved

    Understanding of your current SDLC state and metrics to measure the success of your SDLC optimization initiative.

    Activities

    1.1 Document the key business objectives that your SDLC delivers upon.

    1.2 Document your current SDLC process using a SIPOC process map.

    1.3 Identify appropriate metrics in order to track the effectiveness of your SDLC optimization.

    1.4 Document the current state process flow of each SDLC phase.

    1.5 Document the control points and tools used within each phase.

    Outputs

    Documented business objectives

    Documented SIPOC process map

    Identified metrics to measure the effectiveness of your SDLC optimization

    Documented current state process flows of each SDLC phase

    Documented control points and tools used within each SDLC phase

    2 Assess Challenges and Define Root Causes

    The Purpose

    Understand current SDLC challenges and root causes.

    Key Benefits Achieved

    Understand the core areas of your SDLC that require optimization.

    Activities

    2.1 Identify the current challenges that exist within each SDLC phase.

    2.2 Determine the root cause of the challenges that exist within each SDLC phase.

    Outputs

    Identified current challenges

    Identified root causes of your SDLC challenges

    3 Determine Your SDLC Optimization Initiatives

    The Purpose

    Understand common best practices and the best possible optimization initiatives to help optimize your current SDLC.

    Key Benefits Achieved

    Understand the best ways to address your SDLC challenges.

    Activities

    3.1 Define optimization initiatives to address the challenges in each SDLC phase.

    Outputs

    Defined list of potential optimization initiatives to address SDLC challenges

    4 Define SDLC Target State

    The Purpose

    Define your SDLC target state while maintaining traceability across your overall SDLC process.

    Key Benefits Achieved

    Understand what will be required to reach your optimized SDLC.

    Activities

    4.1 Determine the target state of your SDLC.

    4.2 Determine the people, tools, and control points necessary to achieve your target state.

    4.3 Assess the traceability between phases to ensure a seamlessly optimized SDLC.

    Outputs

    Determined SDLC target state

    Identified people, processes, and tools necessary to achieve target state

    Completed traceability alignment map and prioritized list of initiatives

    5 Prioritize Initiatives and Develop Rollout Strategy

    The Purpose

    Define how you will reach your target state.

    Key Benefits Achieved

    Create a plan of action to achieve your desired target state.

    Activities

    5.1 Gain the full scope of effort required to implement your SDLC optimization initiatives.Gain the full scope of effort required to implement your SDLC optimization initiatives.

    5.2 Identify the enablers and blockers of your SDLC optimization.

    5.3 Define your SDLC optimization roadmap.

    5.4 Create a communication plan to share initiatives with the business.

    Outputs

    Level of effort required to implement your SDLC optimization initiatives

    Identified enablers and blockers of your SDLC optimization

    Defined optimization roadmap

    Completed communication plan to present your optimization strategy to stakeholders

    Tech Trend Update: If Digital Ethics Then Data Equity

    • Buy Link or Shortcode: {j2store}100|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Innovation
    • Parent Category Link: /innovation

    COVID-19 is driving the need for quick technology solutions, including some that require personal data collection. Organizations are uncertain about the right thing to do.

    Our Advice

    Critical Insight

    Data equity approaches personal data like money, putting the owner in control and helping to protect against unethical systems.

    Impact and Result

    There are some key considerations for businesses grappling with digital ethics:

    1. If partnering, set expectations.
    2. If building, invite criticism.
    3. If imbuing authority, consider the most vulnerable.

    Tech Trend Update: If Digital Ethics Then Data Equity Research & Tools

    Tech Trend Update: If Digital Ethics Then Data Equity

    Understand how to use data equity as an ethical guidepost to create technology that will benefit everyone.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Tech Trend Update: If Digital Ethics Then Data Equity Storyboard
    [infographic]

    Key Metrics for Every CIO

    • Buy Link or Shortcode: {j2store}119|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Performance Measurement
    • Parent Category Link: /performance-measurement
    • As a CIO, you are inundated with data and information about how your IT organization is performing based on the various IT metrics that exist.
    • The information we receive from metrics is often just that – information. Rarely is it used as a tool to drive the organization forward.
    • CIO metrics need to consider the goals of key stakeholders in the organization.

    Our Advice

    Critical Insight

    • The top metrics for CIOs don’t have anything to do with IT.
    • CIOs should measure and monitor metrics that have a direct impact on the business.
    • Be intentional with the metric and number of metrics that you monitor on a regular basis.
    • Be transparent with your stakeholders on what and why you are measuring those specific metrics.

    Impact and Result

    • Measure fewer metrics, but measure those that will have a significant impact on how your deliver value to your organization.
    • Focus on the metrics that you can take action against, rather than simply monitor.
    • Ensure your metrics tie to your top priorities as a CIO.

    Key Metrics for Every CIO Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Key Metrics for Every CIO deck – The top metrics every CIO should measure and act on

    Leverage the top metrics for every CIO to help focus your attention and provide insight into actionable steps.

    • Key Metrics for Every CIO Storyboard
    [infographic]

    Further reading

    Key Metrics for Every CIO

    The top six metrics for CIOs – and they have very little to do with IT

    Analyst Perspective

    Measure with intention

    Be the strategic CIO who monitors the right metrics relevant to their priorities – regardless of industry or organization. When CIOs provide a laundry list of metrics they are consistently measuring and monitoring, it demonstrates a few things.

    First, they are probably measuring more metrics than they truly care about or could action. These “standardized” metrics become something measured out of expectation, not intention; therefore, they lose their meaning and value to you as a CIO. Stop spending time on these metrics you will be unable or unwilling to address.

    Secondly, it indicates a lack of trust in the IT leadership team, who can and should be monitoring these commonplace operational measures. An empowered IT leader will understand the responsibility they have to inform the CIO should a metric be derailing from the desired outcome.

    Photo of Brittany Lutes, Senior Research Analyst, Organizational Transformation Practice, Info-Tech Research Group. Brittany Lutes
    Senior Research Analyst
    Organizational Transformation Practice
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    CIOs need to measure a set of specific metrics that:

    • Will support the organization’s vision, their career, and the IT function all in one.
    • Can be used as a tool to make informed decisions and take appropriate actions that will improve the IT function’s ability to deliver value.
    • Consider the influence of critical stakeholders, especially the end customer.
    • Are easily measured at any point in time.
    Common Obstacles

    CIOs often cannot define these metrics because:

    • We confuse the operational metrics IT leaders need to monitor with strategic metrics CIOs need to monitor.
    • Previously monitored metrics did not deliver value.
    • It is hard to decide on a metric that will prove both insightful and easily measurable.
    • We measure metrics without any method or insight on how to take actionable steps forward.
    Info-Tech’s Approach

    For every CIO, there are six areas that should be a focus, no matter your organization or industry. These six priorities will inform the metrics worth measuring:

    • Risk management
    • Delivering on business objectives
    • Customer satisfaction
    • Employee engagement
    • Business leadership relations
    • Managing to a budget

    Info-Tech Insight

    The top metrics for a CIO to measure and monitor have very little to do with IT and everything to do with ensuring the success of the business.

    Your challenge

    CIOs are not using metrics as a personal tool to advance the organization:
    • Metrics should be used as a tool by the CIO to help inform the future actions that will be taken to reach the organization’s strategic vision.
    • As a CIO, you need to have a defined set of metrics that will support your career, the organization, and the IT function you are accountable for.
    • CIO metrics must consider the most important stakeholders across the entire ecosystem of the organization – especially the end customer.
    • The metrics for a CIO are distinctly different from the metrics you use to measure the operational effectiveness of the different IT functions.
    “CIOs are businesspeople first and technology people second.” (Myles Suer, Source: CIO, 2019.)

    Common obstacles

    These barriers make this challenge difficult to address for many CIOs:
    • CIOs often do not measure metrics because they are not aware of what should or needs to be measured.
    • As a result of not wanting to measure the wrong thing, CIOs can often choose to measure nothing at all.
    • Or they get too focused on the operational metrics of their IT organization, leaving the strategic business metrics forgotten.
    • Moreover, narrowing the number of metrics that are being measured down to an actionable number is very difficult.
    • We rely only on physical data sets to help inform the measurements, not considering the qualitative feedback received.
    CIO priorities are business priorities

    46% of CIOs are transforming operations, focused on customer experiences and employee productivity. (Source: Foundry, 2022.)

    Finances (41.3%) and customers (28.1%) remain the top two focuses for CIOs when measuring IT effectiveness. All other focuses combine for the remaining 30.6%. (Source: Journal of Informational Technology Management, 2018.)

    Info-Tech’s approach

    Organizational goals inform CIO metrics

    Diagram with 'CIO Metrics' at the center surrounded by 'Directive Goals', 'Product/Service Goals', 'IT Goals', and 'Operations Goals', each of which are connected to eachother by 'Customers'.

    The Info-Tech difference:
    1. Every CIO has the same set of priorities regardless of their organization or industry given that these metrics are influenced by similar goals of organizations.
    2. CIO metrics are a tool to help inform the actions that will support each core area in reaching their desired goals.
    3. Be mindful of the goals different business units are using to reach the organization’s strategic vision – this includes your own IT goals.
    4. Directly or indirectly, you will always influence the ability to acquire and retain customers for the organization.

    CIO priorities

    MANAGING TO A BUDGET
    Reducing operational costs and increasing strategic IT spend.
    Table centerpiece for CIO Priorities. DELIVERING ON BUSINESS OBJECTIVES
    Aligning IT initiatives to the vision of the organization.
    CUSTOMER SATISFACTION
    Directly and indirectly impacting customer experience.
    EMPLOYEE ENGAGEMENT
    Creating an IT workforce of engaged and purpose-driven people.
    RISK MANAGEMENT
    Actively knowing and mitigating threats to the organization.
    BUSINESS LEADERSHIP RELATONS
    Establishing a network of influential business leaders.

    High-level process flow

    How do we use the CIO metrics?
    Process flow that starts at 'Consider - Identify and analyze CIO priorities', and is followed by 'Select priorities - Identify the top priorities for CIOs (see previous slide)', 'Create a measure - Determine a measure that aligns to each priority', 'Make changes & improvements - Take action to improve the measure and reach the goal you are trying to achieve', 'Demonstrate progress - Use the metrics to demonstrate progress against priorities'. Using priority-based metrics allows you to make incremental improvements that can be measured and reported on, which makes program maturation a natural process.

    Example CIO dashboard

    Example CIO dashboard.
    * Arrow indicates month-over-month trend

    Harness the value of metric data

    Metrics are rarely used accurately as a tool
    • When you have good metrics, you can:
      • Ensure employees are focused on the priorities of the organization
      • Have insight to make better decisions
      • Communicate with the business using language that resonates with each stakeholder
      • Increase the performance of your IT function
      • Continually adapt to meet changing business demands
    • Metrics are tools that quantifiably indicate whether a goal is on track to being achieved (proactive) or if the goal was successfully achieved (retroactive)
    • This is often reflected through two metric types:
      • Leading Metrics: The metric indicates if there are actions that should be taken in the process of achieving a desired outcome.
      • Lagging Metrics: Based on the desired outcome, the metric can indicate where there were successes or failures that supported or prevented the outcome from being achieved.
    • Use the data from the metrics to inform your actions. Do not collect this data if your intent is simply to know the data point. You must be willing to act.
    "The way to make a metric successful is by understanding why you are measuring it." (Jeff Neyland CIO)

    CIOs measure strategic business metrics

    Keep the IT leadership accountable for operational metrics
    • Leveraging the IT leadership team, empower and hold each leader accountable for the operational metrics specific to their functional area
    • As a CIO, focus on the metrics that are going to impact the business. These are often tied to people or stakeholders:
      • The customers who will purchase the product or service
      • The decision makers who will fund IT initiatives
      • The champions of IT value
      • The IT employees who will be driven to succeed
      • The owner of an IT risk event
    • By focusing on these priority areas, you can regularly monitor aspects that will have major business impacts – and be able to address those impacts.
    As a CIO, avoid spending time on operational metrics such as:
    • Time to deliver
    • Time to resolve
    • Project delivery (scope, time, money)
    • Application usage
    • User experiences
    • SLAs
    • Uptime/downtime
    • Resource costs
    • Ticket resolution
    • Number of phishing attempts
    Info-Tech Insight

    While operational metrics are important to your organization, IT leaders should be empowered and responsible for their management.

    SECTION 1

    Actively Managing IT Risks

    Actively manage IT risks

    The impact of IT risks to your organization cannot be ignored any further
    • Few individuals in an organization understand IT risks and can proactively plan for the prevention of those threats, making the CIO the responsible and accountable individual when it comes to IT risks – especially the components that tie into cybersecurity.
    • When the negative impacts of an IT threat event are translated into terms that can be understood and actioned by all in the organization, it increases the likelihood of receiving the sponsorship and funding support necessary.
    • Moreover, risk management can be used as a tool to drive the organization toward its vision state, enabling informed risk decisions.

    Risk management metric:

    Number of critical IT threats that were detected and prevented before impact to the organization.

    Beyond risk prevention
    Organizations that have a clear risk tolerance can use their risk assessments to better inform their decisions.
    Specifically, taking risks that could lead to a high return on investment or other key organizational drivers.

    Protect the organization from more than just cyber threats

    Other risk-related metrics:
    • Percentage of IT risks integrated into the organization’s risk management approach.
    • Number of risk management incidents that were not identified by your organization (and the potential financial impact of those risks).
    • Business satisfaction with IT actions to reduce impact of negative IT risk events.
    • Number of redundant systems removed from the organizations portfolio.
    Action steps to take:
    • Create a risk-aware culture, not just with IT folks. The entire organization needs to understand how IT risks are preventable.
    • Clearly demonstrate the financial and reputational impact of potential IT risks and ensure that this is communicated with decision-makers in the organization.
    • Have a single source of truth to document possible risk events and report prevention tactics to minimize the impact of risks.
    • Use this information to recommend budget changes and help make risk-informed decisions.

    49%

    Investing in Risk

    Heads of IT “cited increasing cybersecurity protections as the top business initiative driving IT investments this year” (Source: Foundry, 2022.)

    SECTION 2

    Delivering on Business Objectives

    Delivering on business objectives

    Deliver on initiatives that bring value to your organization and stop benchmarking
    • CIOs often want to know how they are performing in comparison to their competitors (aka where do you compare in the benchmarking?)
    • While this is a nice to know, it adds zero value in demonstrating that you understand your business, let alone the goals of your business
    • Every organization will have a different set of goals it is striving toward, despite being in the same industry, sector, or market.
    • Measuring your performance against the objectives of the organization prevents CIOs from being more technical than it would do them good.

    Business Objective Alignment Metric:

    Percentage of IT metrics have a direct line of impact to the business goals

    Stop using benchmarks to validate yourself against other organizations. Benchmarking does not provide:
    • Insight into how well that organization performed against their goals.
    • That other organizations goals are likely very different from your own organization's goals.
    • It often aggregates the scores so much; good and bad performers stop being clearly identified.

    Provide a clear line of sight from IT metrics to business goals

    Other business alignment metrics:
    • Number of IT initiatives that have a significant impact on the success of the organization's goals.
    • Number of IT initiatives that exceed the expected value.
    • Positive impact ($) of IT initiatives on driving business innovation.
    Action steps to take:
    • Establish a library or dashboard of all the metrics you are currently measuring as an IT organization, and align each of them to one or more of the business objectives your organization has.
    • Leverage the members of the organization’s executive team to validate they understand how your metric ties to the business objective.
    • Any metric that does not have a clear line of sight should be reconsidered.
    • IT metrics should continue to speak in business terms, not IT terms.

    50%

    CIOs drive the business

    The percentage of CEOs that recognize the CIO as the main driver of the business strategy in the next 2-3 years. (Source: Deloitte, 2020.)

    SECTION 3

    Impact on Customer Satisfaction

    Influencing end-customer satisfaction

    Directly or indirectly, IT influences how satisfied the customer is with their product or service
    • Now more than ever before, IT can positively influence the end-customer’s satisfaction with the product or service they purchase.
    • From operational redundancies to the customer’s interaction with the organization, IT can and should be positively impacting the customer experience.
    • IT leaders who take an interest in the customer demonstrate that they are business-focused individuals and understand the intention of what the organization is seeking to achieve.
    • With the CIO role becoming a strategic one, understanding why a customer would or would not purchase your organization’s product or service stops being a “nice to have.”

    Customer satisfaction metric:

    What is the positive impact ($ or %) of IT initiatives on customer satisfaction?

    Info-Tech Insight

    Be the one to suggest new IT initiatives that will impact the customer experience – stop waiting for other business leaders to make the recommendation.

    Enhance the end-customer experience with I&T

    Other customer satisfaction metrics:
    • Amount of time CIO spends interacting directly with customers.
    • Customer retention rate.
    • Customer attraction rate.
    Action steps to take:
    • Identify the core IT capabilities that support customer experience. Automation? Mobile application? Personal information secured?
    • Suggest an IT-supported or-led initiative that will enhance the customer experience and meet the business goals. Retention? Acquisition? Growth in spend?
    • This is where operational metrics or dashboards can have a real influence on the customer experience. Be mindful of how IT impacts the customer journey.

    41%

    Direct CX interaction

    In 2022, 41% of IT heads were directly interacting with the end customer. (Source: Foundry, 2022.)

    SECTION 4

    Keeping Employees Engaged

    Keeping employees engaged

    This is about more than just an annual engagement survey
    • As a leader, you should always have a finger on the pulse of how engaged your employees are
    • Employee engagement is high when:
      • Employees have a positive disposition to their place of work
      • Employees are committed and willing to contribute to the organization's success
    • Employee engagement comprises three types of drivers: organizational, job, and retention. As CIO, you have a direct impact on all three drivers.
    • Providing employees with a positive work environment where they are empowered to complete activities in line with their desired skillset and tied to a clear purpose can significantly increase employee engagement.

    Employee engagement metric:

    Number of employees who feel empowered to complete purposeful activities related to their job each day

    Engagement leads to increases in:
    • Innovation
    • Productivity
    • Performance
    • Teamwork
    While reducing costs associated with high turnover.

    Employees daily tasks need to have purpose

    Other employee engagement metrics:
    • Tenure of IT employees at the organization.
    • Number of employees who seek out or use a training budget to enhance their knowledge/skills.
    • Degree of autonomy employees feel they have in their work on a daily basis.
    • Number of collaboration tools provided to enable cross-organizational work.
    Action steps to take:
    • If you are not willing to take actionable steps to address engagement, don’t bother asking employees about it.
    • Identify the blockers to empowerment. Common blockers include insufficient team collaboration, bureaucracy, inflexibility, and feeling unsupported and judged.
    • Ensure there is a consistent understanding of what “purposeful” means. Are you talking about “purposeful” to the organization or the individual?
    • Provide more clarity on what the organization’s purpose is and the vision it is driving toward. Just because you understand does not mean the employees do.

    26%

    Act on engagement

    Only 26% of leaders actually think about and act on engagement every single day. (Source: SHRM, 2022.)

    SECTION 5

    Establishing Trusted Business Relationships

    Establishing trusted business partnerships

    Leverage your relationships with other C-suite executives to demonstrate IT’s value
    • Your relationship with other business peers is critical – and, funny enough, it is impacted by the use of good metrics and data.
    • The performance of your IT team will be recognized by other members of the executive leadership team (ELT) and is a direct reflection of you as a leader.
    • A good relationship with the ELT can alleviate issues if concerns about IT staff surface.
      • Of the 85% of IT leaders working on transformational initiatives, only 30% are trying to cultivate an IT/business partnership (Foundry, 2022).
    • Don’t let other members of the organizations ELT overlook you or the value IT has. Build the key relationships that will drive trust and partnerships.

    Business leadership relationship metric:

    Ability to influence business decisions with trusted partners.

    Some key relationships that are worth forming with other C-suite executives right now include:
    • Chief Sustainability Officer
    • Chief Revenue Officer
    • Chief Marketing Officer
    • Chief Data Officer

    Influence business decisions with trusted partners

    Other business relations metrics:
    • The frequency with which peers on the ELT complain about the IT organization to other ELT peers.
    • Percentage of business leaders who trust IT to make the right choices for their accountable areas.
    • Number of projects that are initiated with a desired solution versus problems with no desired solution.
    Action steps to take:
    • From lunch to the boardroom, it is important you make an effort to cultivate relationships with the other members of the ELT.
    • Identify who the most influential members of the ELT are and what their primary goals or objectives are.
    • Follow through on what you promise you will deliver – if you do not know, do not promise it!
    • What will work for one member of the ELT will not work for another – personalize your approach.

    60%

    Enterprise-wide collaboration

    “By 2023, 60% of CIOs will be primarily measured for their ability to co-create new business models and outcomes through extensive enterprise and ecosystem-wide collaboration.” (Source: IDC, 2021.)

    SECTION 6

    Managing to a Budget

    Managing to a budget

    Every CIO needs to be able to spend within budget while increasing their strategic impact
    • From security, to cloud, to innovating the organization's products and services, IT has a lot of initiatives that demand funds and improve the organization.
    • Continuing to demonstrate good use of the budget and driving value for the organization will ensure ongoing recognition in the form of increased money.
    • 29% of CIOs indicated that controlling costs and expense management was a key duty of a functional CIO (Foundry, 2022).
    • Demonstrating the ability to spend within a defined budget is a key way to ensure the business trusts you.
    • Demonstrating an ability to spend within a defined budget and reducing the cost of operational expenses while increasing spend on strategic initiatives ensures the business sees the value in IT.

    Budget management metric:

    Proportion of IT budget that is strategic versus operational.

    Info-Tech Insight

    CIOs need to see their IT function as its own business – budget and spend like a CEO.

    Demonstrate IT’s ability to spend strategically

    Other budget management metrics:
    • Cost required to lead the organization through a digital transformation.
    • Reduction in operational spend due to retiring legacy solutions.
    • Percentage of budget in the run, grow, and transform categories.
    • Amount of money spent keeping the lights on versus investing in new capabilities.

    Action steps to take:

    • Consider opportunities to automate processes and reduce the time/talent required to spend.
    • Identify opportunities and create the time for resources to modernize or even digitize the organization to enable a better delivery of the products or services to the end customer.
    • Review the previous metrics and tie it back to running the business. If customer satisfaction will increase or risk-related threats decrease through an initiative IT is suggesting, you can make the case for increased strategic spend.

    90%

    Direct CX interaction

    Ninety percent of CIOs expect their budget to increase or remain the same in their next fiscal year. (Source: Foundry, 2022.)

    Research contributors and experts

    Photo of Jeff Neyland. Jeff Neyland
    Chief Information Officer – University of Texas at Arlington
    Photo of Brett Trelfa. Brett Trelfa
    SVP and CIO – Arkansas Blue Cross Blue Shield
    Blank photo template. Lynn Fyhrlund
    Chief Information Officer – Milwaukee County Department of Administrative Services

    Info-Tech Research Group

    Vicki Van Alphen Executive Counselor Ibrahim Abdel-Kader Research Analyst
    Mary Van Leer Executive Counselor Graham Price Executive Counselor
    Jack Hakimian Vice President Research Valence Howden Principal Research Director
    Mike Tweedie CIO Practice Lead Tony Denford Organization Transformation Practice Lead

    Related Info-Tech Research

    Sample of the 'IT Metrics Library'. IT Metrics Library
    • Use this tool to review commonly used KPIs for each practice area
    • Identify KPI owners, data sources, baselines, and targets. It also suggests action and research for low-performing KPIs.
    • Use the "Action Plan" tab to keep track of progress on actions that were identified as part of your KPI review.
    Sample of 'Define Service Desk Metrics That Matter'. Define Service Desk Metrics That Matter
    • Consolidate your metrics and assign context and actions to those currently tracked.
    • Establish tension metrics to see and tell the whole story.
    • Split your metrics for each stakeholder group. Assign proper cadences for measurements as a first step to building an effective dashboard.
    Sample of 'CIO Priorities 2022'. CIO Priorities 2022
    • Understand how to respond to trends affecting your organization.
    • Determine your priorities based on current state and relevant internal factors.
    • Assign the right resources to accomplish your vision.
    • Consider what new challenges outside of your control will demand a response.

    Bibliography

    “Developing and Sustaining Employee Engagement.” SHRM, 2022.

    Dopson, Elise. “KPIs Vs. Metrics: What’s the Difference & How Do You Measure Both?” Databox, 23 Jun. 2021.

    Shirer, Michael, and Sarah Murray. “IDC Unveils Worldwide CIO Agenda 2022 Predictions.” IDC, 27 Oct. 2021.

    Suer, Myles. “The Most Important Metrics to Drive IT as a Business.” CIO, 19 Mar. 2019.

    “The new CIO: Business Savvy.” Deloitte Insights. Deloitte, 2020.

    “2022 State of the CIO: Rebalancing Act: CIO’s Operational Pandemic-Era Innovation.” Foundry, 2022.

    “Why Employee Engagement Matters for Leadership at all Levels.” Walden University, 20 Dec. 2019.

    Zhang, Xihui, et al. “How to Measure IT Effectiveness: The CIO’s Perspective.” Journal of Informational Technology Management, 29(4). 2018.

    Combine Security Risk Management Components Into One Program

    • Buy Link or Shortcode: {j2store}376|cart{/j2store}
    • member rating overall impact (scale of 10): 9.1/10 Overall Impact
    • member rating average dollars saved: $37,798 Average $ Saved
    • member rating average days saved: 32 Average Days Saved
    • Parent Category Name: Governance, Risk & Compliance
    • Parent Category Link: /governance-risk-compliance
    • Companies are aware of the need to discuss and assess risk, but many struggle to do so in a systematic and repeatable way.
    • Rarely are security risks analyzed in a consistent manner, let alone in a systematic and repeatable method to determine project risk as well as overall organizational risk exposure.

    Our Advice

    Critical Insight

    • The best security programs are built upon defensible risk management. With an appropriate risk management program in place, you can ensure that security decisions are made strategically instead of based on frameworks and gut feelings. This will optimize any security planning and budgeting.
    • All risks can be quantified. Security, compliance, legal, or other risks can be quantified using our methodology.

    Impact and Result

    • Develop a security risk management program to create a standardized methodology for assessing and managing the risk that information systems face.
    • Build a risk governance structure that makes it clear how security risks can be escalated within the organization and who makes the final decision on certain risks.
    • Use Info-Tech’s risk assessment methodology to quantifiably evaluate the threat severity for any new or existing project or initiative.
    • Tie together all aspects of your risk management program, including your information security risk tolerance level, threat and risk assessments, and mitigation effectiveness models.

    Combine Security Risk Management Components Into One Program Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should develop and implement a security risk management program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Establish the risk environment

    Lay down the foundations for security risk management, including roles and responsibilities and a defined risk tolerance level.

    • Combine Security Risk Management Components Into One Program – Phase 1: Establish the Risk Environment
    • Security Risk Governance Responsibilities and RACI Template
    • Risk Tolerance Determination Tool
    • Risk Weighting Determination Tool

    2. Conduct threat and risk assessments

    Define frequency and impact rankings then assess the risk of your project.

    • Combine Security Risk Management Components Into One Program – Phase 2: Conduct Threat and Risk Assessments
    • Threat and Risk Assessment Process Template
    • Threat and Risk Assessment Tool

    3. Build the security risk register

    Catalog an inventory of individual risks to create an overall risk profile.

    • Combine Security Risk Management Components Into One Program – Phase 3: Build the Security Risk Register
    • Security Risk Register Tool

    4. Communicate the risk management program

    Communicate the risk-based conclusions and leverage these in security decision making.

    • Combine Security Risk Management Components Into One Program – Phase 4: Communicate the Risk Management Program
    • Security Risk Management Presentation Template
    • Security Risk Management Summary Template
    [infographic]

    Workshop: Combine Security Risk Management Components Into One Program

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish the Risk Environment

    The Purpose

    Build the foundation needed for a security risk management program.

    Define roles and responsibilities of the risk executive.

    Define an information security risk tolerance level.

    Key Benefits Achieved

    Clearly defined roles and responsibilities.

    Defined risk tolerance level.

    Activities

    1.1 Define the security executive function RACI chart.

    1.2 Assess business context for security risk management.

    1.3 Standardize risk terminology assumptions.

    1.4 Conduct preliminary evaluation of risk scenarios to determine your risk tolerance level.

    1.5 Decide on a custom risk factor weighting.

    1.6 Finalize the risk tolerance level.

    1.7 Begin threat and risk assessment.

    Outputs

    Defined risk executive functions

    Risk governance RACI chart

    Defined quantified risk tolerance and risk factor weightings

    2 Conduct Threat and Risk Assessments

    The Purpose

    Determine when and how to conduct threat and risk assessments (TRAs).

    Complete one or two TRAs, as time permits during the workshop.

    Key Benefits Achieved

    Developed process for how to conduct threat and risk assessments.

    Deep risk analysis for one or two IT projects/initiatives.

    Activities

    2.1 Determine when to initiate a risk assessment.

    2.2 Review appropriate data classification scheme.

    2.3 Identify system elements and perform data discovery.

    2.4 Map data types to the elements.

    2.5 Identify STRIDE threats and assess risk factors.

    2.6 Determine risk actions taking place and assign countermeasures.

    2.7 Calculate mitigated risk severity based on actions.

    2.8 If necessary, revisit risk tolerance.

    2.9 Document threat and risk assessment methodology.

    Outputs

    Define scope of system elements and data within assessment

    Mapping of data to different system elements

    Threat identification and associated risk severity

    Defined risk actions to take place in threat and risk assessment process

    3 Continue to Conduct Threat and Risk Assessments

    The Purpose

    Complete one or two TRAs, as time permits during the workshop.

    Key Benefits Achieved

    Deep risk analysis for one or two IT projects/initiatives, as time permits.

    Activities

    3.1 Continue threat and risk assessment activities.

    3.2 As time permits, one to two threat and risk assessment activities will be performed as part of the workshop.

    3.3 Review risk assessment results and compare to risk tolerance level.

    Outputs

    One to two threat and risk assessment activities performed

    Validation of the risk tolerance level

    4 Establish a Risk Register and Communicate Risk

    The Purpose

    Collect, analyze, and aggregate all individual risks into the security risk register.

    Plan for the future of risk management.

    Key Benefits Achieved

    Established risk register to provide overview of the organizational aggregate risk profile.

    Ability to communicate risk to other stakeholders as needed.

    Activities

    4.1 Begin building a risk register.

    4.2 Identify individual risks and threats that exist in the organization.

    4.3 Decide risk responses, depending on the risk level as it relates to the risk tolerance.

    4.4 If necessary, revisit risk tolerance.

    4.5 Identify which stakeholders sign off on each risk.

    4.6 Plan for the future of risk management.

    4.7 Determine how to present risk to senior management.

    Outputs

    Risk register, with an inventory of risks and a macro view of the organization’s risk

    Defined risk-based initiatives to complete

    Plan for securing and managing the risk register

    Deliver on Your Digital Product Vision

    • Buy Link or Shortcode: {j2store}351|cart{/j2store}
    • member rating overall impact (scale of 10): 9.2/10 Overall Impact
    • member rating average dollars saved: $133,318 Average $ Saved
    • member rating average days saved: 30 Average Days Saved
    • Parent Category Name: Development
    • Parent Category Link: /development
    • Product organizations are under pressure to align the value they provide to the organization’s goals and overall company vision.
    • You need to clearly convey your direction, strategy, and tactics to gain alignment, support, and funding from your organization.
    • Products require continuous additions and enhancements to sustain their value. This requires detailed, yet simple communication to a variety of stakeholders.

    Our Advice

    Critical Insight

    • A vision without tactics is an unsubstantiated dream, while tactics without a vision is working without a purpose. You need to have a handle on both to achieve outcomes that are aligned with the needs of your organization.

    Impact and Result

    • Recognize that a vision is only as good as the data that backs it up – lay out a comprehensive backlog with quality built-in that can be effectively communicated and understood through roadmaps.
    • Your intent is only a dream if it cannot be implemented – define what goes into a release plan via the release canvas.
    • Define a communication approach that lets everyone know where you are heading.

    Deliver on Your Digital Product Vision Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build a digital product vision that you can stand behind. Review Info-Tech’s methodology and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define a digital product vision

    Define a digital product vision that takes into account your objectives, business value, stakeholders, customers, and metrics.

    • Deliver on Your Digital Product Vision – Phase 1: Define a Digital Product Vision
    • Digital Product Strategy Template
    • Digital Product Strategy Supporting Workbook

    2. Build a better backlog

    Build a structure for your backlog that supports your product vision.

    • Deliver on Your Digital Product Vision – Phase 2: Build a Better Backlog
    • Product Backlog Item Prioritization Tool

    3. Build a product roadmap

    Define standards, ownership for your backlog to effectively communicate your strategy in support of your digital product vision.

    • Deliver on Your Digital Product Vision – Phase 3: Build a Product Roadmap
    • Product Roadmap Tool

    4. Release and deliver value

    Understand what to consider when planning your next release.

    • Deliver on Your Digital Product Vision – Phase 4: Release and Deliver Value

    5. Communicate the strategy – make it happen

    Build a plan for communicating and updating your strategy and where to go next.

    • Deliver on Your Digital Product Vision – Phase 5: Communicate the Strategy – Make It Happen!

    Infographic

    Workshop: Deliver on Your Digital Product Vision

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define a Digital Product Vision

    The Purpose

    Understand the elements of a good product vision and the pieces that back it up.

    Key Benefits Achieved

    Provide a great foundation for an actionable vision and goals people can align to.

    Activities

    1.1 Build out the elements of an effective digital product vision

    Outputs

    Completed product vision definition for a familiar product via the product canvas

    2 Build a Better Backlog

    The Purpose

    Define the standards and approaches to populate your product backlog that support your vision and overall strategy.

    Key Benefits Achieved

    A prioritized backlog with quality throughout that enables alignment and the operationalization of the overall strategy.

    Activities

    2.1 Introduction to key activities required to support your digital product vision

    2.2 What do we mean by a quality backlog?

    2.3 Explore backlog structure and standards

    2.4 Define backlog data, content, and quality filters

    Outputs

    Articulate the activities required to support the population and validation of your backlog

    An understanding of what it means to create a quality backlog (quality filters)

    Defining the structural elements of your backlog that need to be considered

    Defining the content of your backlog and quality standards

    3 Build a Product Roadmap

    The Purpose

    Define standards and procedures for creating and updating your roadmap.

    Key Benefits Achieved

    Enable your team to create a product roadmap to communicate your product strategy in support of your digital product vision.

    Activities

    3.1 Disambiguating backlogs vs. roadmaps

    3.2 Defining audiences, accountability, and roadmap communications

    3.3 Exploring roadmap visualizations

    Outputs

    Understand the difference between a roadmap and a backlog

    Roadmap standards and agreed-to accountability for roadmaps

    Understand the different ways to visualize your roadmap and select what is relevant to your context

    4 Define Your Release, Communication, and Next Steps

    The Purpose

    Build a release plan aligned to your roadmap.

    Key Benefits Achieved

    Understand what goes into defining a release via the release canvas.

    Considerations in communication of your strategy.

    Understand how to frame your vision to enable the communication of your strategy (via an executive summary).

    Activities

    4.1 Lay out your release plan

    4.2 How to introduce your product vision

    4.3 Communicate changes to your strategy

    4.4 Where do we get started?

    Outputs

    Release canvas

    An executive summary used to introduce other parties to your product vision

    Specifics on communication of the changes to your roadmap

    Your first step to getting started

    Perform an Agile Skills Assessment

    • Buy Link or Shortcode: {j2store}153|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $32,166 Average $ Saved
    • member rating average days saved: 15 Average Days Saved
    • Parent Category Name: Development
    • Parent Category Link: /development
    • Your organization is trying to address the key delivery challenges you are facing. Early experiments with Agile are starting to bear fruit.
    • As part of maturing your Agile practice, you want to evaluate if you have the right skills and capabilities in place.

    Our Advice

    Critical Insight

    • Focusing on the non-technical skills can yield significant returns for your products, your team, and your organization. These skills are what should be considered as the real Agile skills.

    Impact and Result

    • Define the skills and values that are important to your organization to be successful at being Agile.
    • Put together a standard criterion for measurement of the attainment of given skills.
    • Define the roadmap and communication plan around your agile assessment.

    Perform an Agile Skills Assessment Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should perform an agile skills assessment. review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Take stock of the Agile skills and values important to you

    Confirm the list of Agile skills that you wish to measure.

    • Perform an Agile Skills Assessment – Phase 1: Take Stock of the Agile Skills and Values Important to You
    • Agile Skills Assessment Tool
    • Agile Skills Assessment Tool Example

    2. Define an assessment method that works for you

    Define what it means to attain specific agile skills through a defined ascension path of proficiency levels, and standardized skill expectations.

    • Perform an Agile Skills Assessment – Phase 2: Define an Assessment Method That Works for You

    3. Plan to assess your team

    Determine the roll-out and communication plan that suits your organization.

    • Perform an Agile Skills Assessment – Phase 3: Plan to Assess Your Team
    • Agile Skills Assessment Communication and Roadmap Plan
    • Agile Skills Assessment Communication and Roadmap Plan Example
    [infographic]

    Workshop: Perform an Agile Skills Assessment

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Agile Skills and Maturity Levels

    The Purpose

    Learn about and define the Agile skills that are important to your organization.

    Define the different levels of attainment when it comes to your Agile skills.

    Define the standards on a per-role basis.

    Key Benefits Achieved

    Get a clear view of the Agile skills important into meet your Agile transformation goals in alignment with organizational objectives.

    Set a clear standard for what it means to meet your organizational standards for Agile skills.

    Activities

    1.1 Review and update the Agile skills relevant to your organization.

    1.2 Define your Agile proficiency levels to evaluate attainment of each skill.

    1.3 Define your Agile team roles.

    1.4 Define common experience levels for your Agile roles.

    1.5 Define the skill expectations for each Agile role.

    Outputs

    A list of Agile skills that are consistent with your Agile transformation

    A list of proficiency levels to be used during your Agile skills assessment

    A confirmed list of roles that you wish to measure on your Agile teams

    A list of experience levels common to Agile team roles (example: Junior, Intermediate, Senior)

    Define the skill expectations for each Agile role

    Document Your Cloud Strategy

    • Buy Link or Shortcode: {j2store}468|cart{/j2store}
    • member rating overall impact (scale of 10): 8.9/10 Overall Impact
    • member rating average dollars saved: $35,642 Average $ Saved
    • member rating average days saved: 21 Average Days Saved
    • Parent Category Name: Cloud Strategy
    • Parent Category Link: /cloud-strategy

    Despite the universally agreed-upon benefit of formulating a coherent strategy, several obstacles make execution difficult:

    • Inconsistent understanding of what the cloud means
    • Inability to come to a consensus on key decisions
    • Ungoverned decision-making
    • Unclear understanding of cloud roles and responsibilities

    Our Advice

    Critical Insight

    A cloud strategy might seem like a big project, but it’s just a series of smaller conversations. The methodology presented here is designed to facilitate those conversations, using a curated list of topics, prompts, participant lists, and sample outcomes. We have divided the strategy into four key areas:

    • Vision and alignment
    • People
    • Governance
    • Technology

    Impact and Result

    • A shared understanding of what is necessary to succeed in the cloud
    • An end to ad hoc deployments that solve small problems and create larger ones
    • A unified approach and set of principles that apply to governance, architecture, integration, skills, and roles (and much, much more).

    Document Your Cloud Strategy Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Document Your Cloud Strategy – a phased guide to identifying, validating, and recording the steps you’ll take, the processes you’ll leverage, and the governance you’ll deploy to succeed in the cloud.

    This storyboard comprises four phases, covering mission and vision, people, governance, and technology, and how each of these areas requires forethought when migrating to the cloud.

    • Document Your Cloud Strategy – Phases 1-4

    2. Cloud Strategy Document Template – a template that allows you to record the results of the cloud strategy exercise in a clear, readable way.

    Each section of Document Your Cloud Strategy corresponds to a section in the document template. Once you’ve completed each exercise, you can record your results in the document template, leaving you with an artifact you can share with stakeholders.

    • Cloud Strategy Document Template
    [infographic]

    Workshop: Document Your Cloud Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Document Your Vision and Alignment

    The Purpose

    Understand and document your cloud vision and its alignment with your other strategic priorities.

    Key Benefits Achieved

    A complete understanding of your strategy, vision, alignment, and a list of success metrics that will help you find your way.

    Activities

    1.1 Record your cloud mission and vision.

    1.2 Document your cloud strategy’s alignment with other strategic plans.

    1.3 Record your cloud guiding principles.

    Outputs

    Documented strategy, vision, and alignment.

    Defined success metrics.

    2 Record Your People Strategy

    The Purpose

    Define how people, skills, and roles will contribute to the broader cloud strategy.

    Key Benefits Achieved

    Sections of the strategy that highlight skills, roles, culture, adoption, and the creation of a governance body.

    Activities

    2.1 Outline your skills and roles strategy.

    2.2 Document your approach to culture and adoption

    2.3 Create a cloud governing body.

    Outputs

    Documented people strategy.

    3 Document Governance Principles

    The Purpose

    This section facilitates governance in the cloud, developing principles that apply to architecture, integration, finance management, and more.

    Key Benefits Achieved

    Sections of the strategy that define governance principles.

    Activities

    3.1 Conduct discussion on architecture.

    3.2 Conduct discussion on integration and interoperability.

    3.3 Conduct discussion on operations management.

    3.4 Conduct discussion on cloud portfolio management.

    3.5 Conduct discussion on cloud vendor management.

    3.6 Conduct discussion on finance management.

    3.7 Conduct discussion on security.

    3.8 Conduct discussion on data controls.

    Outputs

    Documented cloud governance strategy.

    4 Formalize Your Technology Strategy

    The Purpose

    Creation of a formal cloud strategy relating to technology around provisioning, monitoring, and migration.

    Key Benefits Achieved

    Completed strategy sections of the document that cover technology areas.

    Activities

    4.1 Formalize organizational approach to monitoring.

    4.2 Document provisioning process.

    4.3 Outline migration processes and procedures.

    Outputs

    Documented cloud technology strategy.

    Further reading

    Document Your Cloud Strategy

    Get ready for the cloudy future with a consistent, proven strategy.

    Analyst perspective

    Any approach is better than no approach

    The image contains a picture of Jeremy Roberts

    Moving to the cloud is a big, scary transition, like moving from gas-powered to electric cars, or from cable to streaming, or even from the office to working from home. There are some undeniable benefits, but we must reorient our lives a bit to accommodate those changes, and the results aren’t always one-for-one. A strategy helps you make decisions about your future direction and how you should respond to changes and challenges. In Document Your Cloud Strategy we hope to help you accomplish just that: clarifying your overall mission and vision (as it relates to the cloud) and helping you develop an approach to changes in technology, people management, and, of course, governance. The cloud is not a panacea. Taken on its own, it will not solve your problems. But it can be an important tool in your IT toolkit, and you should aim to make the best use of it – whatever “best” happens to mean for you.

    Jeremy Roberts

    Research Director, Infrastructure and Operations

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    The cloud is multifaceted. It can be complicated. It can be expensive. Everyone has an opinion on the best way to proceed – and in many cases has already begun the process without bothering to get clearance from IT. The core challenge is creating a coherent strategy to facilitate your overall goals while making the best use of cloud technology, your financial resources, and your people.

    Common Obstacles

    Despite the universally agreed-upon benefit of formulating a coherent strategy, several obstacles make execution difficult:

    • Inconsistent understanding of what the cloud means
    • Inability to come to a consensus on key decisions
    • Ungoverned decision making
    • Unclear understanding of cloud roles and responsibilities

    Info-Tech’s Approach

    A cloud strategy might seem like a big project, but it’s just a series of smaller conversations. The methodology presented here is designed to facilitate those conversations, using a curated list of topics, prompts, participant lists, and sample outcomes. We have divided the strategy into four key areas:

    1. Vision and alignment
    2. People
    3. Governance
    4. Technology

    The answers might be different, but the questions are the same

    Every organization will approach the cloud differently, but they all need to ask the same questions: When will we use the cloud? What forms will our cloud usage take? How will we manage governance? What will we do about people? How will we incorporate new technology into our environment? The answers to these questions are as numerous as there are people to answer them, but the questions must be asked.

    Your challenge

    This research is designed to help organizations that are facing these challenges or looking to:

    • Ensure that the cloud strategy is complete and accurately reflects organizational goals and priorities.
    • Develop a consistent and coherent approach to adopting cloud services.
    • Design an approach to mitigate risks and challenges associated with adopting cloud services.
    • Create a shared understanding of the expected benefits of cloud services and the steps required to realize those benefits.

    Grappling with a cloud strategy is a top initiative: 43% of respondents report progressing on a cloud-first strategy as a top cloud initiative.

    Source: Flexera, 2021.

    Definition: Cloud strategy

    A document providing a systematic overview of cloud services, their appropriate use, and the steps that an organization will take to maximize value and minimize risk.

    Common obstacles

    These barriers make this challenge difficult to address for many organizations:

    • The cloud means different things to different people, and creating a strategy that is comprehensive enough to cover a multitude of use cases while also being written to be consumable by all stakeholders is difficult.
    • The incentives to adopt the cloud differ based on the expected benefit for the individual customer. User-led decision making and historically ungoverned deployments can make it difficult to reset expectation and align with a formal strategy.
    • Getting all the right people in a room together to agree on the key components of the strategy and the direction undertaken for each one is often difficult.

    Info-Tech’s approach

    Define Your Cloud Vision

    Vision and alignment

    • Mission and vision
    • Alignment to other strategic plans
    • Guiding principles
    • Measuring success

    Technology

    • Monitoring
    • Provisioning
    • Migration

    Governance

    • Architecture
    • Integration and interoperability
    • Operations management
    • Cloud portfolio management
    • Cloud vendor management
    • Finance management
    • Security
    • Data controls

    People

    • Skills and roles
    • Culture and adoption
    • Governing bodies

    Info-Tech’s approach

    Your cloud strategy will comprise the elements listed under “vision and alignment,” “technology,” “governance,” and “people.” The Info-Tech methodology involves breaking the strategy down into subcomponents and going through a three-step process for each one. Start by reviewing a standard set of questions and understanding the goal of the exercise: What do we need to know? What are some common considerations and best practices? Once you’ve had a chance to review, discuss your current state and any gaps: What has been done? What still needs to be done? Finally, outline how you plan to go forward: What are your next steps? Who needs to be involved?

    Review

    • What questions do we need to answer to complete the discussion of this strategy component? What does the decision look like?
    • What are some key terms and best practices we must understand before deciding?

    Discuss

    • What steps have we already taken to address this component?
    • Does anything still need to be done?
    • Is there anything we’re not sure about or need further guidance on?

    Go forward

    • What are the next steps?
    • Who needs to be involved?
    • What questions still need to be asked/answered?
    • What should the document’s wording look like?

    Info-Tech’s methodology for documenting your cloud strategy

    1. Document your vision and alignment

    2. Record your people strategy

    3. Document governance principles

    4. Formalize your technology strategy

    Phase Steps

    1. Record your cloud mission and vision
    2. Document your cloud strategy’s alignment with other strategic plans
    3. Record your cloud guiding principles
    4. Define success
    1. Outline your skills and roles strategy
    2. Document your approach to culture and adoption
    3. Create a cloud governing body

    Document official organizational positions in these governance areas:

    1. Architecture
    2. Integration and interoperability
    3. Operations management
    4. Cloud portfolio management
    5. Cloud vendor management
    6. Finance management
    7. Security
    8. Data controls
    1. Formalize organizational approach to monitoring
    2. Document provisioning process
    3. Outline migration processes and procedures

    Phase Outcomes

    Documented strategy: vision and alignment

    Documented people strategy

    Documented cloud governance strategy

    Documented cloud technology strategy

    Insight summary

    Separate strategy from tactics

    Separate strategy from tactics! A strategy requires building out the framework for ongoing decision making. It is meant to be high level and achieve a large goal. The outcome of a strategy is often a sense of commitment to the goal and better communication on the topic.

    The cloud does not exist in a vacuum

    Your cloud strategy flows from your cloud vision and should align with the broader IT strategy. It is also part of a pantheon of strategies and should exist harmoniously with other strategies – data, security, etc.

    People problems needn’t preponderate

    The cloud doesn’t have to be a great disruptor. If you handle the transition well, you can focus your people on doing more valuable work – and this is generally engaging.

    Governance is a means to an end

    Governing your deployment for its own sake will only frustrate your end users. Articulate the benefits users and the organization can expect to see and you’re more likely to receive the necessary buy-in.

    Technology isn’t a panacea

    Technology won’t solve all your problems. Technology is a force multiplier, but you will still have to design processes and train your people to fully leverage it.

    Key deliverable

    Cloud Strategy Document template

    Inconsistency and informality are the enemies of efficiency. Capture the results of the cloud strategy generation exercises in the Cloud Strategy Document template.

    The image contains a screenshot of the Cloud Strategy Document Template.
    • Record the results of the exercises undertaken as part of this blueprint in the Cloud Strategy Document template.
    • It is important to remember that not every cloud strategy will look exactly the same, but this template represents an amalgamation of best practices and cloud strategy creation honed over several years of advisory service in the space.
    • You know your audience better than anyone. If you would prefer a strategy delivered in a different way (e.g. presentation format) feel free to adapt the Cloud Vision Executive Presentation into a longer strategy presentation.
    • Emphasis is an area where you should exercise discretion as well. A cost-oriented cloud strategy, or one that prioritizes one type of cloud (e.g. SaaS) at the exclusion of others, may benefit from more focus on some areas than others, or the introduction of relevant subcategories. Include as many of these as you think will be relevant.
    • Parsimony is king – if you can distill a concept to its essence, start there. Include additional detail only as needed. You want your cloud strategy document to be read. If it’s too long or overly detailed, you’ll encounter readability issues.

    Blueprint benefits

    IT benefits

    Business benefits

    • A consistent, well-defined approach to the cloud
    • Consensus on key strategy components, including security, architecture, and integration
    • A clear path forward on skill development and talent acquisition/retention
    • A comprehensive resource for information about the organization’s approach to key strategy components
    • Predictable access to cloud services
    • A business-aligned approach to leveraging the resources available in the cloud
    • Efficient and secure consumption of cloud resources where appropriate to do so
    • Answers to questions about the cloud and how it will be leveraged in the environment

    Measure the value of this blueprint

    Don’t take our word for it:

    • Document Your Cloud Strategy has been available for several years in various forms as both a workshop and as an analyst-led guided implementation.
    • After each engagement, we send a survey that asks members how they benefited from the experience. Those who have worked through Info-Tech’s cloud strategy material have given overwhelmingly positive feedback.
    • Additionally, members reported saving between 10 and 20 days and an average of $46,499.
    • Measure the value by calculating the time saved as a result of using Info-Tech’s framework vs. a home-brewed cloud strategy alternative and by comparing the overall cost of a guided implementation or workshop with the equivalent offering from another firm. We’re confident you’ll come out ahead.

    8.8/10 Average reported satisfaction

    13 Days Average reported time savings

    $46,499 Average cost savings

    Executive Brief Case Study

    INDUSTRY: Pharmaceuticals

    SOURCE: Info-Tech workshop

    Pharmaceutical company

    The unnamed pharmaceutical company that is the subject of this case study was looking to make the transition to the cloud. In the absence of a coherent strategy, the organization had a few cloud deployments with no easily discernable overall approach. Representatives of several distinct functions (legal, infrastructure, data, etc.) all had opinions on the uses and abuses of cloud services, but it had been difficult to round everyone up and have the necessary conversations. As a result, the strategy exercise had not proceeded in a speedy or well-governed way. This lack of strategic readiness presented a roadblock to moving forward with the cloud strategy and to work with the cloud implementation partner, tasked with execution.

    Results

    The company engaged Info-Tech for a four-day workshop on cloud strategy documentation. Over the course of four days, participants drawn from across the organization discussed the strategic components and generated consensus statements and next steps. The team was able to formalize the cloud strategy and described the experience as saving 10 days.

    Example output: Document your cloud strategy workshop exercise

    The image contains an example of Document your cloud streatgy workshop exercise.

    Anything in green, the team was reasonably sure they had good alignment and next steps. Those yellow flags warranted more discussion and were not ready for documentation.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    Document your vision and alignment

    Record your people strategy

    Document governance principles

    Formalize your technology strategy

    Call #1: Review existing vision/strategy documentation.

    Call #2: Review progress on skills, roles, and governance bodies.

    Call #3: Work through integration, architecture, finance management, etc. based on reqs. (May be more than one call.)

    Call #4: Discuss challenges with monitoring, provisioning, and migration as-needed.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization. A typical GI is 4 to 6 calls over the course of 1 to 3 months

    Workshop Overview

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    Answer
    “so what?”

    Define the
    IT target state

    Assess the IT
    current state

    Bridge the gap and
    create the strategy

    Next steps and
    wrap-up (offsite)

    Activities

    1.1 Introduction

    1.2 Discuss cloud mission and vision

    1.3 Discuss alignment with other strategic plans

    1.4 Discuss guiding principles

    1.5 Define success metrics

    2.1 Discuss skills and roles

    2.2 Review culture and adoption

    2.3 Discuss a cloud governing body

    2.4 Review architecture position

    2.5 Discuss integration and interoperability

    3.1 Discuss cloud operations management

    3.2 Review cloud portfolio management

    3.3 Discuss cloud vendor management

    3.4 Discuss cloud finance management

    3.5 Discuss cloud security

    4.1 Review and formalize data controls

    4.2 Design a monitoring approach

    4.3 Document the workload provisioning process

    4.4 Outline migration processes and procedures

    5.1 Populate the Cloud Strategy Document

    Deliverables

    Formalized cloud mission and vision, along with alignment with strategic plans, guiding principles, and success metrics

    Position statement on skills and roles, culture and adoption, governing bodies, architecture, and integration/interoperability

    Position statements on cloud operations management, portfolio management, vendor management, finance management, and cloud security

    Position statements on data controls, monitoring, provisioning, and migration

    Completed Cloud Strategy Document

    Phase 1

    Document Your Vision and Alignment

    Phase 1

    Phase 2

    Phase 3

    Phase 4

    1.1 Document your mission and vision

    1.2 Document alignment to other strategic plans

    1.3 Document guiding principles

    1.4 Document success metrics

    2.1 Define approach to skills and roles

    2.2 Define approach to culture and adoption

    2.3 Define cloud governing bodies

    3.1 Define architecture direction

    3.2 Define integration approach

    3.3 Define operations management process

    3.4 Define portfolio management direction

    3.5 Define vendor management direction

    3.6 Document finance management tactics

    3.7 Define approach to cloud security

    3.8 Define data controls in the cloud

    4.1 Define cloud monitoring strategy

    4.2 Define cloud provisioning strategy

    4.3 Define cloud migration strategy

    This phase will walk you through the following activities:

    1. Record your cloud mission and vision
    2. Document your cloud strategy’s alignment with other strategic plans
    3. Record your cloud guiding principles
    4. Define success

    This phase has the following outcome:

    • Documented strategy: vision and alignment

    Record your mission and vision

    Build on the work you’ve already done

    Before formally documenting your cloud strategy, you should ensure that you have a good understanding of your overall cloud vision. How do you plan to leverage the cloud? What goals are you looking to accomplish? How will you distribute your workloads between different cloud service models (SaaS, PaaS, IaaS)? What will your preferred delivery model be (public, private, hybrid)? Will you support your cloud deployment internally or use the services of various consultants or managed service providers?

    The answers to these questions will inform the first section of your cloud strategy. If you haven’t put much thought into this or think you could use a deep dive on the fundamentals of your cloud vision and cloud archetypes, consider reviewing Define Your Cloud Vision, the companion blueprint to this one.

    Once you understand your cloud vision and what you’re trying to accomplish with your cloud strategy, this phase will walk you through aligning the strategy with other strategic initiatives. What decisions have others made that will impact the cloud strategy (or that the cloud strategy will impact)? Who must be involved/informed? What callouts must be involved at what point? Do users have access to the appropriate strategic documentation (and would they understand it if they did)?

    You must also capture some guiding principles. A strategy by its nature provides direction, helping readers understand the decisions they should make and why those decisions align with organizational interests. Creating some top-level principles is a useful exercise because those principles facilitate comprehension and ensure the strategy’s applicability.

    Finally, this phase will walk you through the process of measuring success. Once you know where you’d like to go, the principles that underpin your direction, and how your cloud strategy figures into the broader strategic pantheon, you should record what success actually means. If you’re looking to save money, overall cost should be a metric you track. If the cloud is all about productivity, generate appropriate productivity metrics. If you’re looking to expand into new technology or close a datacenter, you will need to track output specific to those overall goals.

    Review: mission and vision

    The overall organizational mission is a key foundational element of the cloud strategy. If you don’t understand where you’re going, how can you begin the journey to get there? This section of the strategy has four key parts that you should understand and incorporate into the beginning of the strategy document. If you haven’t already, review Define Your Cloud Vision for instructions on how to generate these elements.

    1. Cloud vision statement: This is a succinct encapsulation of your overall perspective on the suitability of cloud services for your environment – what you hope to accomplish. The ideal statement includes a scope (who/what does the strategy impact?), a goal (what will it accomplish?), and a key differentiator (what will make it happen?). This is an example: “[Organization] will leverage public cloud solutions and retire existing datacenter and colocation facilities. This transition will simplify infrastructure administration, support and security, while modernizing legacy infrastructure and reducing the need for additional capital expenditure.” You might also consider reviewing your overall cloud archetype (next slide) and including the output of that exercise in the document

    2. Service model decision framework: Services can be provided as software as a service (SaaS), platform as a service (PaaS), infrastructure as a service (IaaS), or they can be colocated or remain on premises. Not all cloud service models serve the same purpose or provide equal value in all circumstances. Understanding how you plan to take advantage of these distinct service models is an important component of the cloud strategy. In this section of the strategy, a rubric that captures the characteristics of the ideal workload for each of the named service models, along with some justification for the selection, is essential. This is a core component of Define Your Cloud Vision, and if you would like to analyze individual workloads, you can use the Cloud Vision Workbook for that purpose.

    3. Delivery model decision framework: Just as there are different cloud service models that have unique value propositions, there are several unique cloud delivery models as well, distinguished by ownership, operation, and customer base. Public clouds are the purview of third-party providers who make them available to paying customers. Private clouds are built for the exclusive use of a designated organization or group of organizations with internal clients to serve. Hybrid clouds involve the use of multiple, interoperable delivery models (interoperability is the key term here), while multi-cloud deployment models incorporate multiple delivery and service models into a single coherent strategy. What will your preferred delivery model be? Why?

    4. Support model decision framework: Once you have a service model nailed down and understand how you will execute on the delivery, the question then becomes about how you will support your cloud deployment going forward. Broadly speaking, you can choose to manage your deployment in house using internal resources (e.g. staff), to use managed service providers for ongoing support, or to hire consultants to handle specific projects/tasks. Each approach has its strengths and weaknesses, and many cloud customers will deploy multiple support models across time and different workloads. A foundational perspective on the support model is a key component of the cloud vision and should appear early in the strategy.

    Understand key cloud concepts: Archetype

    Once you understand the value of the cloud, your workloads’ general suitability for the cloud, and your proposed risks and mitigations, the next step is to define your cloud archetype. Your organization’s cloud archetype is the strategic posture that IT adopts to best support the organization’s goals. Info-Tech’s model recognizes seven archetypes, divided into three high-level archetypes. After consultation with your stakeholders, and based on the results of the suitability and risk assessment activities, define your archetype. The archetype feeds into the overall cloud vision and provides simple insight into the cloud future state for all stakeholders. The cloud vision itself is captured in a “vision statement,” a short summary of the overall approach that includes the overall cloud archetype.

    The image contains an arrow facing vertically up. The pointed end of the arrow is labelled more cloud, and the bottom of the arrow is labelled less cloud.

    We can best support the organization’s goals by:

    Cloud-Focused

    Cloud-Centric

    Providing all workloads through cloud delivery.

    Cloud-First

    Using the cloud as our default deployment model. For each workload, we should ask “why NOT cloud?”

    Cloud-Opportunistic

    Hybrid

    Enabling the ability to transition seamlessly between on-premises and cloud resources for many workloads.

    Integrated

    Combining cloud and traditional infrastructure resources, integrating data and applications through APIs or middleware.

    Split

    Using the cloud for some workloads and traditional infrastructure resources for others.

    Cloud-Averse

    Cloud-Light

    Using traditional infrastructure resources and limiting our use of the cloud to when it is absolutely necessary.

    Anti-Cloud

    Using traditional infrastructure resources and avoiding the use of cloud wherever possible.

    Build Your IT Cost Optimization Roadmap

    • Buy Link or Shortcode: {j2store}72|cart{/j2store}
    • member rating overall impact (scale of 10): 8.9/10 Overall Impact
    • member rating average dollars saved: $57,297 Average $ Saved
    • member rating average days saved: 7 Average Days Saved
    • Parent Category Name: Cost & Budget Management
    • Parent Category Link: /cost-and-budget-management

    Cost optimization is misunderstood and inadequately tackled. IT departments face:

    • Top-down budget cuts within a narrow time frame
    • Absence of adequate governance: financial, project, data, etc.
    • Long-standing bureaucratic practices slowing down progress
    • Short-term thinking

    Our Advice

    Critical Insight

    Cost optimization is not just about reducing costs. In fact, you should aim to achieve three objectives:

    • Reduce your unwarranted IT spending.
    • Optimize your cost-to-value.
    • Sustain your cost optimization.

    Impact and Result

    • Follow Info-Tech’s approach to develop a 12-month cost optimization roadmap.
    • Develop an IT cost optimization strategy based on your specific circumstances and timeline.
    • Info-Tech’s methodology helps you maintain sustainable cost optimization across IT by focusing on four levers: assets, vendors, project portfolio, and workforce.

    Build Your IT Cost Optimization Roadmap Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. IT Cost Optimization Roadmap Deck – A step-by-step methodology to achieve sustainable cost optimization and effectively communicate your strategy to stakeholders.

    This blueprint will help you understand your IT cost optimization mandate, identify your journey, assess your IT spend across four levers, develop your IT cost optimization roadmap, and craft a related communication strategy.

    • Build Your IT Cost Optimization Roadmap – Phases 1-4

    2. IT Cost Optimization Workbook – A structured tool to help you document your IT cost optimization goals and outline related initiatives to develop an effective 12-month roadmap.

    This tool guides an IT department in planning and prioritization activities to build an effective IT cost optimization strategy. The outputs include visual charts and a 12-month roadmap to showcase the implementation timelines and potential cost savings.

    • IT Cost Optimization Workbook

    3. IT Cost Optimization Roadmap Samples and Templates – A proactive journey template to help you communicate your IT cost optimization strategy to stakeholders in a clear, concise, and compelling manner.

    This presentation template uses sample data from "Acme Corp" to demonstrate an IT cost optimization strategy following a proactive journey. Use this template to document your final IT cost optimization strategy outputs, including the adopted journey, IT cost optimization goals, related key initiatives, potential cost savings, timelines, and 12-month roadmap.

    • IT Cost Optimization Roadmap Samples and Templates

    Infographic

    Workshop: Build Your IT Cost Optimization Roadmap

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand Your Mandate & Objectives

    The Purpose

    Determine your organization’s current context and its cost optimization objectives, IT’s corresponding cost optimization journey, and goals.

    Key Benefits Achieved

    A business-aligned set of specific IT cost optimization goals.

    Activities

    1.1 Understand your organization’s cost optimization objectives and how this impacts IT.

    1.2 Review potential cost optimization target areas based on your ITFM Benchmarking Report.

    1.3 Identify factors constraining cost optimization options.

    1.4 Set concrete IT cost optimization goals.

    1.5 Identify inputs required for decision making.

    Outputs

    IT cost optimization journey and guiding principles for making corresponding decisions

    2 Outline Initiatives for Vendors & Assets

    The Purpose

    Create a longlist of potential cost optimization initiatives focused on two cost optimization levers: assets and vendors.

    Key Benefits Achieved

    A comprehensive list of potential asset- and vendor-focused initiatives including cost savings estimates.

    Activities

    2.1 Identify a longlist of possible initiatives around asset lifecycle management, investment deferral, repurposing, etc., and vendor contract renegotiation, cancelation, etc.

    2.2 Estimate the cost savings of cost optimization initiatives.

    Outputs

    Longlist of potential vendor management and asset optimization IT cost optimization initiatives

    3 Outline Initiatives for Projects & Workforce

    The Purpose

    Create a longlist of potential cost optimization initiatives focused on two cost optimization levers: project portfolio and workforce.

    Key Benefits Achieved

    A comprehensive list of potential initiatives focused on project portfolio and workforce including cost savings estimates.

    Activities

    3.1 Identify a longlist of possible initiatives around project priorities, project backlog reduction, project intake restructuring, etc., and workforce productivity, skills, redeployment, etc.

    3.2 Estimate the cost savings of cost optimization initiatives.

    Outputs

    Longlist of possible cost optimization initiatives and their potential cost savings for project portfolio and workforce levers.

    4 Build an IT Cost Optimization Roadmap

    The Purpose

    Develop a visual IT cost optimization roadmap.

    Key Benefits Achieved

    A prioritized, business-aligned IT cost optimization roadmap

    Activities

    4.1 Assess feasibility of each initiative (effort and risk profile) given cost optimization goals.

    4.2 Prioritize cost optimization initiatives to create a final shortlist.

    4.3 Fine-tune key information about your final cost optimization initiatives and develop a cost optimization roadmap for proposal.

    Outputs

    Prioritized list of key cost optimization initiatives, descriptions, estimated impact, and roadmap.

    5 Communicate & Execute

    The Purpose

    Develop a communication plan and executive presentation.

    Key Benefits Achieved

    A boardroom-ready set of communication materials for gaining buy-in and support for your IT cost optimization roadmap.

    Activities

    5.1 Outline components of a communication plan, including approvers, stakeholders, and governance and management mechanisms to be used.

    5.2 Create an executive presentation.

    5.3 Set up review time for workshop deliverables and post-workshop activities.

    Outputs

    IT cost optimization communication plan and presentation strategy.

    IT Cost Optimization Executive Presentation

    Further reading

    Build Your IT Cost Optimization Roadmap

    Improve cost-to-value in a sustainable manner.

    Analyst Perspective

    Optimize your cost sustainably.

    Whether the industry is in an economic downturn, or your business is facing headwinds in the market, pressure to reduce spending across organizations is inevitable. When it comes to the IT organization, it is often handled as a onetime event. Cost optimization is an industry standard term, but it usually translates into cost cutting. How do you manage this challenge given the day-to-day demands placed on IT? Do you apply cost reduction equally across the IT landscape, or do you apply reductions using a targeted approach? How do you balance the business demands regarding innovation with keeping the lights on? What is the best path forward?

    While the situation isn't unique, all too often the IT organization response is too shortsighted.

    By using the Info-Tech methodology and tools, you will be able to develop an IT cost optimization roadmap based on your specific circumstances and timeline.

    A well-thought-out strategy should help you achieve three objectives:

    1. Reduce your unwarranted IT spending.
    2. Optimize your cost-to-value.
    3. Sustain your cost optimization.

    This blueprint will guide you to understand your mandate, identify your cost optimization journey (reactive, proactive, or strategic), and assess your IT spend across four levers (assets, vendors, project portfolio, and workforce).

    Finally, keep in mind that cost optimization is not a project to be completed, but an ongoing process to be exercised.

    Bilal Alberto Saab, Research Director, IT Financial Management

    Bilal Alberto Saab
    Research Director, IT Financial Management
    Info-Tech Research Group

    Executive Summary

    Cost optimization is misunderstood and inadequately tackled Common obstacles Follow Info-Tech's approach to develop a 12-month cost optimization roadmap
    • Top-down budget cut within a narrow time frame.
    • Absence of adequate governance: financial, project, data, etc.
    • Long-standing bureaucratic practices slowing down progress.
    • Short-term thinking.
    • Lack of alignment and collaboration among stakeholders: communication and relationships.
    • Absence of a clear plan and adequate process.
    • Lack of knowledge, expertise, and skill set.
    • Inadequate funding and no financial transparency.
    • Poor change management practices.

    Develop an IT cost optimization strategy based on your specific circumstances and timeline.

    Info-Tech's methodology helps you maintain sustainable cost optimization across IT by focusing on four levers:

    1. Assets
    2. Vendors
    3. Project Portfolio
    4. Workforce

    Info-Tech Insight
    Cost optimization is not just about reducing costs. In fact, you should aim to achieve three objectives: (1) reduce your unwarranted IT spending, (2) optimize your cost-to-value, and (3) sustain your cost optimization.

    Your challenge

    IT leaders are often asked to cut costs.

    • Cost management is a long-term challenge. Businesses and IT departments look to have a flexible cost structure focused on maximizing business value while maintaining the ability to adapt to market pressure. However, businesses must also be able to respond to unexpected events.
    • In times of economic downturn, many CEOs and CFOs shift their thinking from growth to value protection. This can force a round of cost cutting across all departments focused on short-term, immediate, and measurable objectives.
    • Many IT departments are then faced with the challenge of meeting cost cutting targets. No one knows exactly how markets will behave, but the effects of rising inflation and increasing interest rates, for example, can manifest very quickly.

    When crisis hits, does IT's hard-won gains around being seen as a partner to the business suddenly disappear and IT becomes just a cost center all over again?

    In times of economic slowdown or downturn, the key challenge of IT leaders is to optimize costs without jeopardizing their strategic and innovative contribution.

    Common obstacles

    The 90% of the budget you keep is more important than the 10% of the budget you cut.

    • While the business responds to fluctuating economic conditions, IT must ensure that its budget remains fully aligned with business strategy and expected business value.
    • However, in the face of sudden pressures, a common tendency is to make quick decisions without fully considering their long-term implications.
    • Avoid costly mistakes with a proactive and strategic mindset. Put in place a well-communicated cost optimization strategy rather than hastily cutting back the biggest line items in your budget.

    How can IT optimize costs to achieve a corporate impact, but not cut so deep that the organization can't take advantage of opportunities to recover and thrive?

    Know how you will strategically optimize IT costs before you are forced to cut cost aggressively in a reactive fashion.

    What is cost optimization?

    It's not just about cutting costs

    • While cost optimization may involve cutting costs, it is more about making smart spend and investment decisions.
    • At its core, cost optimization is a strategic decision-making process that sets out to minimize waste and get the most value for money.
    • Cost optimization encompasses near-term, mid-term, and long-term objectives, all of which are related and build upon one another. It is an accumulative practice, not a onetime exercise.
    • A sound cost optimization practice is inherently flexible, sustainable, and consequence-oriented with the positive goal of generating net benefit for the organization over time.

    Change your mindset ...

    An Info-Tech survey of IT staff reveals that while most agree that cost optimization is an important IT process, nearly 20% fewer of them agree that it's being managed well.

    Chart of cost optimization

    Info-Tech IT Management & Governance Diagnostic, 2022.

    A starting point for cost optimization improvement is adjusting your frame of mind. Know that it's not just about making difficult cuts - in reality, it's a creative pursuit that's about thriving in all circumstances, not just surviving.

    Slow revenue growth expectations generate urgency

    Many IT organizations will be directed to trim costs during turbulent times.

    • Cost optimization implies continuous cost management, which entails long-term strategic initiatives (i.e. organizations and their IT departments seek flexible cost structures and practices focused on maximizing business value while maintaining the ability to adapt to changes in the broader economic environment). However, organizations must also be able to respond to unexpected events.
    • During times of turmoil – poor economic outlook expected to negatively impact an organization's bottom line – CEOs and CFOs think more about survival than growth, driving cost cutting across all departments to create short-term, immediate, and measurable financial benefits.
    • In such situations, many IT departments will be hard-pressed to meet cost cutting targets at short notice. If not planned correctly, with a tunnel vision focus instead of a strategic one, you can end up hurting yourself in the not-so-distant future.

    Build Your IT Cost Optimization Roadmap

    Insight summary

    Sustain an optimal cost-to-value ratio across four levers:

    1. Assets
    2. Vendors
    3. Project Portfolio
    4. Workforce

    Cost optimization is not just about reducing costs

    In fact, you should aim to achieve three objectives:
    (1) reduce your unwarranted IT spending, (2) optimize your cost-to-value, and (3) sustain your cost optimization.

    Reduce unwarranted IT spending

    Stop the bleeding or go for quick wins
    Start by reducing waste and bad spending habits while clearly communicating your intentions to your stakeholders – get buy-in.

    Optimize cost-to-value

    Value means tradeoffs
    Pursue value but know that it will lead you to make tradeoffs between cost, performance, and risk.

    Sustain cost optimization

    Think about tomorrow: reduce, reuse, recalibrate, and repeat
    Standardize and automate your cost optimization processes around a proper governance framework. Cost optimization is not a onetime exercise.

    Info-Tech's methodology for building your IT cost optimization roadmap

    Phase 1: Understand Your Mandate & Objectives

    Know where you stand and where you're going.

    Understand your cost optimization mandate within the context of your organization's situation and direction.

    Phase 2: Outline Your Initiatives

    Evaluate many, pick a few.

    Think of all possible cost optimization initiatives across the four optimization levers (Assets, Vendors, Project Portfolio, and Workforce), but only keep the ones that best help you fulfill your goals.

    Phase 3: Develop Your Roadmap

    Keep one eye on today and the other on tomorrow.

    Prioritize cost optimization initiatives that would help you achieve your near-term objectives first, but don't forget about the medium and long term.

    Phase 4: Communicate and Execute

    Communicate and collaborate - you are not a one-person show.

    Reach out to other business units where necessary. Your success relies on getting buy-in from various stakeholders, especially when cost optimization initiatives impact them in one way or another.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    IT Cost Optimization Roadmap Samples and Templates
    Templates including an abbreviated executive presentation and a final communication presentation based on a 12-month cost optimization roadmap.

    IT Cost Optimization Workbook
    A workbook generating a 12-month cost optimization roadmap.

    Measure the value of this blueprint

    Maintain an optimal IT cost-to-organization revenue ratio.

    This blueprint will guide you to set cost optimization goals across one to three main objectives, depending on your identified journey (reactive, proactive, or strategic):

    • Reduce unwarranted IT spending.
    • Optimize cost-to value.
    • Sustain cost optimization.

    In phase 1 of this blueprint, we will help you establish your goals to satisfy your organization's needs.

    In phase 3, we will help you develop a game plan and a roadmap for achieving those metrics.

    Once you implement your 12-month roadmap, start tracking the metrics below over the next fiscal year (FY) to assess the effectiveness of undertaken measures.

    Cost Optimization Objective Key Success Metric
    Reduce unwarranted IT spending Decrease IT cost in identified key areas
    Optimize cost-to-value Decrease IT cost per IT employee
    Sustain cost optimization Decrease IT cost-to-organization revenue

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit
    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."
    Guided Implementation
    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."
    Workshop
    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.
    Consulting
    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3 Phase 4
    Call #1:
    • Identify cost optimization scope requirements, objectives, and your specific challenges.
    • Review and assess cost optimization goals and objectives.
    Call #2:

    Review potential cost optimization initiatives for assets and vendors levers.

    Call #3:

    Assess cost optimization initiatives' cost and feasibility - for assets and vendors levers.

    Call #4:

    Review potential cost optimization initiatives for project portfolio and workforce levers.

    Call #5:

    Assess cost optimization initiatives' cost and feasibility - for project portfolio and workforce levers.

    Call #6:
    • Identify final decision criteria for cost optimization prioritization.
    • Review prioritized cost optimization initiatives and roadmap outputs.
    Call #7:
    • Review the Cost Optimization Communication Plan and IT Cost Optimization Executive Presentation.
    • Discuss next steps.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI will include multiple calls over the course of one to two months.

    IT cost analysis and optimization workshop overview

    Session 1 Session 2 Session 3 Session 4 Session 5
    Activities Understand Your Mandate and Objectives Outline Initiatives for Assets and Vendors Outline Initiatives for Projects and Workforce Develop an IT Cost Optimization Roadmap Communicate and Execute
    1.1 Understand your organization's cost optimization objectives and how this impacts IT.
    1.2 Review potential cost optimization target areas based on your IT financial management benchmarking report.
    1.3 Identify factors constraining cost optimization options.
    1.4 Set concrete IT cost optimization goals.
    1.5 Identify inputs required for decision making.
    2.1 Identify a longlist of possible initiatives around:
    1. Asset lifecycle management, investment deferral, repurposing, etc.
    2. Vendor contract renegotiation, cancelation, etc.
    2.2 Estimate the cost savings of cost optimization initiatives.
    3.1 Identify a longlist of possible initiatives around:
    1. Project priorities, project backlog reduction, project intake restructuring, etc.
    2. Workforce productivity, skills, redeployment, etc.
    3.2 Estimate the cost savings of cost optimization initiatives.
    4.1 Assess the feasibility of each initiative (effort and risk profile) given cost optimization goals.
    4.2 Prioritize cost optimization initiatives to create a final shortlist.
    4.3 Fine-tune key information about your final cost optimization initiatives and develop a cost optimization roadmap for proposal.
    5.1 Outline components of a communication plan, including approvers, stakeholders, and governance and management mechanisms to be used.
    5.2 Create an executive presentation.
    5.3 Set up review time for workshop deliverables and post-workshop activities.
    Output
    • IT cost optimization journey and guiding principles for making corresponding decisions.
    • Long list of possible cost optimization initiatives and their potential cost savings for assets and vendors levers.
    • Long list of possible cost optimization initiatives and their potential cost savings for project portfolio and workforce levers.
    • Prioritized list of key cost optimization initiatives, descriptions, estimated impact, and roadmap.
    • IT cost optimization communication plan and presentation strategy.

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Phase 1

    Understand Your Mandate and Objectives

    Phase 1
    Understand Your Mandate and Objectives

    Phase 2
    Outline Your Cost Optimization Initiatives

    Phase 3
    Develop Your IT Cost Optimization Roadmap

    Phase 4
    Communicate and Execute

    This phase will walk you through the following activities:

    • Business context and cost optimization journey
    • Cost constraints and parameters
    • Cost optimization goals

    This phase involves the following participants:

    • CIO/IT director
    • IT finance lead

    1.1 Gain consensus on the business context and IT cost optimization journey

    60 minutes

    • Using the questions on slide 20, conduct a brief journey assessment to ensure consensus on the direction you are planning to take.
    • Document your findings in the provided template.
    Input Output
    • Understanding business objectives and identifying your IT mandate
    • Determining the cost optimization journey: reactive, proactive, or strategic
    Materials Participants
    • Whiteboard or flip charts
    • Journey assessment template
    • CIO/IT director
    • IT finance lead

    See the next three slides for guidelines and the journey assessment questions and template.

    Distinguishing between three journeys

    By considering business objectives without forgoing your IT mandate.

    Journey Reactive Proactive Strategic
    Description
    • Business objectives are closely tied to cost reduction, forcing cost cutting across IT.
    • Typically occurs during turbulent economic times, when slow revenue growth is expected.
    • Business objectives do not include clear cost optimization initiatives but mandates IT to be fiscally conservative.
    • Typically occurs when economic turbulence is on the horizon and the organization's revenue is stable - executives only have a fiscal discipline guidance.
    • Business objectives do not include clear cost optimization initiatives.
    • Typically occurs when the overall economy is in good shape and the organization is in positive revenue growth territory.
    Main Focus
    • Quick-to-execute measures with few dependencies and concrete impact in response to business urgency and/or executive directive.
    • Enabling the organization to respond to different types and magnitudes of business change in a more planned and controlled manner.
    • Establishing an efficient, agile, sustainable, and strategically aligned cost optimization practice across all stages of the business cycle, regardless of business conditions.

    Questions to help determine your journey

    Business Objectives Business Strategy
    • What are the current business objectives?
    • Are there any stated cost-related objectives? If yes, what cost-related objectives have been stated by organizational leadership, such as cuts, areas of investment, and any targets for both?
    • Does the organization have a business strategy in place?
    • Was the business strategy reviewed or revised recently?
    • What's the business strategy focus for the next 12 months?
    • Are there any cost optimization implications within the current business strategy?
    IT Objectives IT Strategy and Mandate
    • What are your current IT objectives?
    • Are your IT objectives aligned to business objectives?
    • Do you have any IT cost-related objectives? If yes, what are your current IT cost-related objectives?
    • Are your IT cost-related objectives aligned to business objectives?
    • Do you have an IT strategy in place?
    • Is your IT strategy aligned to your organization's business strategy?
    • Do you have a cost optimization mandate? If yes, what is your cost optimization mandate?
    • What's the fiscal guidance and direction in IT?
    Journey
    Agreed-upon journey: reactive, proactive, or strategic.

    Template & Example

    Journey assessment

    Business Objectives Business Strategy
    • The founder's mission around quality persists despite ownership/leadership changes. Reliability and dependability are really important to everyone.
    • Increase visibility and interconnectivity across the supply chain.
    • Increase market share: younger markets and emerging foreign markets.
    • Economic outlook expected to negatively affect the bottom line - will need to trim and protect the core.
    • Grow Gizmo product sales by 10%.
    • Lower production cost of Gizmo product by 5%.
    IT Objectives IT Strategy and Mandate
    • IT/OT convergence, process automation, and modernization are major opportunities to better position the business for the future and introduce more agility into operations and reduce production cost.
    • Very mature and stable production processes with 100% uptime is a priority.
    • Lower IT cost related to Gizmo product.
    • There's no clear cost optimization mandate, but a fiscally conservative budget is recommended.
    Journey
    Agreed-upon journey: proactive.

    1.2 Review internal and external benchmarking reports

    60-90 minutes

    1. Review the IT spend and staffing results, summarized in your Info-Tech IT Spend & Staffing Benchmarking report.
    2. Identify areas where your IT spend is disproportionately high or low in comparison with your industry peers.
    3. Review and document any causes or rationales for high or low spend in each area identified. Do not be specific about any actual optimization targets or actions at this stage - simply make notes.
    4. Start a list of potential cost optimization initiatives to be further analyzed and investigated for feasibility at a later stage (see next slides for guidance, example, and template).
    InputOutput
    • IT Spend & Staffing Benchmarking report
    • A list of potential cost optimization focus areas
    MaterialsParticipants
    • Whiteboard or flip charts
    • Potential cost optimization initiatives list template
    • CIO/IT director
    • IT finance lead

    Info-Tech's approach

    Our IT cost model maps your IT spending and staffing according to four key views, putting IT spend in language that stakeholders across the organization can relate to.

    IT cost model maps

    Template & Example

    Potential cost optimization initiatives list

    Brainstorm and list potential cost optimization initiatives at a macro level.

    Potential Initiative Source Source Contact Notes
    Reduce application maintenance cost Internal Benchmarking Report CIO Based on current year report
    Rationalize software applications Info-Tech IT Benchmarking Report CIO Based on current year report
    Migrate key business applications to the cloud Latest iteration of the IT strategy CIO New IT strategy will be in development concurrent with cost optimization strategy development
    Align job roles to the current IT structure IT org. chart and salaries HR, CIO Based on information of the current year and will likely change in a few months (beginning of a new year)
    Renegotiate the top five vendor contracts up for renewal this year List of IT vendors Procurement office, CIO, IT infrastructure director, IT applications director, IT services manager Based on a list consolidated last week

    Want help with your IT spend transparency and benchmarking efforts?

    Let us fast-track your IT spend journey.

    The path to IT financial management maturity starts with knowing exactly where your money is going. To streamline this effort, Info-Tech offers an IT Spend & Staffing Benchmarking service that provides full transparency into where your money is going without any heavy lifting on your part.

    This unique service features:

    • A client-proven approach to meet your IT spend transparency goals.
    • Spend and staff mapping that reveals business consumption of IT.
    • Industry benchmarking to compare your spending and staffing to that of your peers.
    • Results in a fraction of the time with much less effort than going it alone.
    • Expert review of results and ongoing discussions with Info-Tech analysts.

    If you'd like Info-Tech to pave the way to IT spend transparency, contact your account manager for more information - we're happy to talk anytime.

    1.3 Identify your overarching constraints

    30 minutes

    1. Assess where spend change opportunities are currently limited or nonexistent due to organization edict or policy, industry regulatory requirements, or active contracts. Ask yourself:
      1. Where do IT spend bottlenecks exist and what are they?
      2. What IT spend objectives and practices are absolutely mandatory and nonnegotiable from both a business and an IT perspective?
      3. Are there areas where spend change is possible but would be very difficult to execute due to the stakeholders involved, governance processes, time frames, or another constraining factor?
    2. Identify where reduction or elimination of an IT service would negatively affect required service levels and business continuity or recovery.
    3. List constraints as negotiable or nonnegotiable on the template provided.
    4. Remove areas of focus from your cost optimization scope that land outside achievable parameters, and flag those that are difficult but still possible.
    InputOutput
    • Situational awareness and current state understanding
    • List of negotiable constraints to act on
    • Delimiting the cost optimization scope
    MaterialsParticipants
    • Whiteboard or flip charts
    • Constraints assessment template
    • CIO/IT director
    • IT finance lead

    See the next slides for additional guidance and a constraints assessment template.

    Acknowledge your limitations

    By recognizing your constraints, which will lead you to define your cost optimization scope.

    Constraints Organizational Legal/Regulatory Other
    What An organizational constraint is any work condition that hinders an employee's performance - be it physical, emotional, or otherwise. A legal or regulatory constraint is any law, rule, standard, or regulation - be it industry specific or otherwise - limiting the ability of any stakeholder to get the most out of a certain activity, initiative, or project. Other types of constraints affecting business units.
    Who Collaborate with your IT leaders and business partners to identify all major constraints that would affect cost optimization initiatives.
    How Discussions and information sessions to distinguish between negotiable and nonnegotiable constraints that would thwart cost optimization efforts:
    • Legal/regulatory requirements and related initiatives (past, ongoing, and planned/expected).
      Example: projects cannot be delayed, processes are difficult to simplify, etc.
    • Operational governance - organization policies, processes, methodologies, structure, etc.
      Example: adopting a waterfall model for development instead of an agile one.
    • Financial and accounting practices.
      Example: capital expenditure and operational expenditure classification.
    Challenge Degree to which you can influence certain outcomes within a set time frame:
    • Prioritize negotiating constraints where you can influence the outcome or maximize cost optimization benefits.

    We define a constraint as a restriction controlling the behavior of any of your stakeholders, hence preventing a desired outcome.

    In our context, constraints will determine your playing field: the boundaries of your cost optimization scope.

    Distinguish between constraints

    Negotiable vs. nonnegotiable to delimit your cost optimization scope.

    Distinguish between constraints

    Template & Example

    Constraints assessment

    List high-level limitations that hinder your cost optimization options.

    Nonnegotiable constraints
    Organizational Legal/Regulatory IT/Other
    Prioritization of sales/customer service activities SEC compliance/reporting mandates Production unit incident response service levels
    [Constraint] [Constraint] [Constraint]
    [Constraint] [Constraint] [Constraint]
    [Constraint] [Constraint] [Constraint]
    Negotiable constraints
    Organizational Legal/Regulatory IT/Other
    Core business operations process design Vendor contracts up for near-term renewal Current capital project commitments
    [Constraint] [Constraint] [Constraint]
    [Constraint] [Constraint] [Constraint]
    [Constraint] [Constraint] [Constraint]

    1.4 Establish overarching cost optimization goals

    60-90 minutes

    1. Establish specific IT cost optimization goals. Depending on your journey, step 1.1. You will have one to three overarching cost optimization goals, as follows:
      1. Reactive: Cost-cutting goal to reduce unwarranted IT spending.
      2. Proactive: Cost-to-value optimization goal.
      3. Strategic: Cost optimization sustainability goal.
      Consider amounts and time frames, as well as likely/suitable approaches you plan to employ to achieve these goals.
    2. Document your final cost optimization goals in the IT Cost Optimization Workbook.
    3. Revisit your goals after outlining your initiatives (phase 2) to ensure feasibility depending on your journey.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Situational awareness and current state understanding
    • Defined goals for IT cost optimization
    MaterialsParticipants
    • Whiteboard or flip charts
    • Set Cost Optimization Goals tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead

    Template & Example

    Document your overarching goals

    Excel Workbook: IT Cost Optimization – Set Optimization Goals Worksheet

    Refer to the example and guidelines below on how to document your goals based on your journey:

    Table of Overarching Goals

    Column ID Input Type Guidelines
    B Dropdown Select the appropriate journey: Reactive, Proactive, or Strategic.
    C Dropdown Select the appropriate cost optimization objective: Reduce Unwarranted IT Spending, Optimize Cost-to-Value, Sustain Cost Optimization.
    D Formula Automatic calculation, no entry required. Reduce Unwarranted IT Spending goal is the first priority, followed by Optimize Cost-to-Value, and Sustain Cost Optimization goals, respectively.
    E Text Enter the overarching goal related to each objective.

    Complete the following fields for each goal depending on your journey in the Excel Workbook as per guidelines:

    1. Navigate to the Set Cost Optimization Goals tab.
    2. Identify your journey and objective for each goal.
    3. Document your goal(s).

    Download the IT Cost Optimization Workbook

    Template & Example

    Break down your goals per quarter

    Excel Workbook: IT Cost Optimization - Set Cost Optimization Goals Worksheet

    Refer to the example and guidelines below on how to break down your goals per quarter and track your progress:

    Table break down your goals per quarter

    Column ID Input Type Guidelines
    F, G, H, I Text Enter the target per quarter: It could be a percentage, dollar amount, or description of the breakdown, depending on the cost optimization goal and objective.

    Complete the following fields for each goal depending on your journey in the Excel Workbook as per guidelines:

    1. Navigate to the Set Cost Optimization Goals tab.
    2. Determine your target per quarter for every goal.
    3. Document your targets.

    Download the IT Cost Optimization Workbook

    1.5 Identify inputs required for decision making

    60-90 minutes

    1. Each of the optimization levers (assets, vendors, project portfolio, and workforce) will require specific and unique sources of information which you will need to collect before moving forward. Examples of important sources of information include:
      1. Latest iteration of the IT strategy.
      2. List of IT assets (hardware, software).
      3. List of IT services or IT service catalog.
      4. List of current and planned IT projects and their resourcing allocations.
      5. List of largest vendor contracts and their key details, such as their expiration/renewal date.
      6. IT department organizational chart and salaries (by role).
    2. Review and analyze each of the documents.
    3. Continue to list potential cost optimization initiatives (step 1.2) to be further analyzed and investigated for feasibility at a later stage.
    InputOutput
    • IT strategy
    • Lists of IT assets, services, and projects
    • Top vendor contracts
    • IT org. chart and salaries
    • Macrolevel list of potential cost optimization initiatives
    MaterialsParticipants
    • Potential cost optimization initiatives list template (slide 24)
    • CIO/IT director
    • IT finance lead

    Prepare all pertinent sources of information

    And start drafting your cost optimization laundry list.

    Documents Benchmarking IT Strategy Other Information Sources
    What
    • Review:
      • Your IT spend trend across several years (ideally three to five years): internal benchmarking report.
      • Your IT spend compared to industry peers: external benchmarking report.
    • Analyze your internal and external benchmarking reports across the four views: service, expense, business, and innovation.
    • Review your business aligned IT strategy to identify cost optimization related initiatives.
    • At a later stage, exploit your IT strategy to prioritize cost optimization initiatives as needed.
    • Review your IT organization chart and salaries to determine whether the IT organization structure is optimal, job descriptions are mapped to the desired structure, employee skillsets and salary scale are adequate and aligned to the job description, etc.
    • Compile and examine lists of assets, vendors, projects, and services.
    • Prepare any other information sources you deem meaningful.
    Who Collaborate with your IT leaders and business partners to:
    • Prepare the necessary reports, documents, and required sources of information.
    • Identify potential cost optimization initiatives around areas of improvement.
    How Discussions and information sessions to analyze and deep dive on raw findings.
    Challenge Time to compile and analyze reports without affecting day-to-day operations:
    • Outsource some activities such as external benchmarking to organizations like Info-Tech.
    • Get consulting support on specific reports or tasks through workshops, calls, etc.

    Phase 2

    Outline Your Cost Optimization Initiatives

    Phase 1
    Understand Your Mandate and Objectives

    Phase 2
    Outline Your Cost Optimization Initiatives

    Phase 3
    Develop Your IT Cost Optimization Roadmap

    Phase 4
    Communicate and Execute

    This phase will walk you through the following activities:

    • IT cost optimization initiatives
    • IT cost optimization workbook

    This phase involves the following participants:

    • CIO/IT director
    • IT finance lead
    • IT asset manager
    • IT infrastructure manager
    • IT vendor management lead
    • PMO lead
    • IT talent management representative
    • Other IT management

    Outline your cost optimization initiatives

    Across Info-Tech's four levers.

    Levers ASSETS VENDORS PROJECT PORTFOLI WORKFORCE
    What
    • Maintain trustworthy data to optimize cost, reduce risk, and improve services in line with business priorities and requirements:
      • Optimize cost: reallocate unused hardware and software, end unneeded service agreements, and manage renewals and audits.
      • Reduce risk: provide comprehensive asset data for security controls development and incident management - manage equipment disposal.
      • Improve IT service: support incident, problem, request, and change management with ITAM data.
    • Examine your vendor contracts and vendor management practices to optimize your expected value from every IT provider you deal with.
    • Treat vendor management as a proactive, cross-functional practice aiming to create value by improving communication, relationships, processes, performance, and ultimately reducing cost.
    • Reassess your project portfolio to maximize total value in line with business objectives and strategy.
    • Reduce resource waste with a strategic approach to project portfolio management:
      • Ensure that approved projects can be completed by aligning intake with real project capacity.
      • Minimize over-allocation of resources by allocating based on the proportion of project vs. non-project work.
      • Forecast future resource requirements by maintaining accurate resource capacity data.
    • Review your strategic workforce plan to identify cost optimization opportunities.
    • Determine capability gaps to train or develop current staff and minimize the need for severance payouts and hiring costs, while providing clear career paths to retain high performers.
    • Link workforce planning with strategic planning to ensure that you have the right people in the right positions, in the right places, at the right time, with the knowledge, skills, and attributes to deliver on strategic business goals.
    Who Collaborate with your IT leaders and business partners to:
    • Prepare the necessary reports, documents, and required sources of information.
    • Determine cost optimization initiatives across the four levers.
    How You will decide on the best course of action depending on your journey.

    Most common cost optimization challenges

    Across Info-Tech's four levers.

    Levers ASSETS VENDORS PROJECT PORTFOLI WORKFORCE
    Challenge
    • Incomplete or inaccurate data, poor processes, inadequate tools, and lack of support across the organization is leading to bad decision making while damaging value.
    • Spending on IT providers is increasing while vendor contract expected value - results, output, performance, solutions, or outcomes - is not realized.
    • Poor planning, conflicting priorities, and resource scarcity is affecting project outcomes, resulting in suboptimal value.
    • Talent shortages, lack of prioritization, and experience in managing an IT workforce is leading to higher costs and a loss in value.
    Solution
    • Develop a sustainable IT asset management (ITAM) strategy aligned with your business priorities.
    • Establish a vendor management initiative (VMI) with a solid foundation to fit your organization's culture, environment, and goals.
    • Create a coherent strategy to maximize the total value that projects deliver as a portfolio, rather than a collection of individual projects.
    • Develop a strategic workforce plan (SWP) to ensure you have the right people in place at the right time.
    Related Info-Tech Research Develop an IT Asset Management Strategy Jump-start Your Vendor Management Initiative Develop a Project Portfolio Management Strategy Build a Strategic IT Workforce Plan

    2.1 Determine your cost optimization initiatives

    8 hours

    Now that you have identified your journey and understood your constraints:

    1. Review your list of potential cost optimization initiatives and document viable ones in the IT Cost Optimization Workbook.
    2. Think of potential cost optimization initiatives within the four levers: assets, vendors, project portfolio, and workforce. The following slides will help you in this endeavor.

    Download the IT Cost Optimization Workbook

    Input Output
    • Potential cost optimization initiatives list
    • Outline Initiatives in the IT Cost Optimization Workbook
    Materials Participants
    • Whiteboard or flip charts
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • Other IT management - depending on the optimization lever (Assets, Vendors, Project Portfolio, or Workforce)

    Plan your cost optimization initiatives

    Your initiatives will differ depending on your journey

    In terms of aggressiveness and objectives.

    Plan cost optimization initiatives

    Cost optimization initiatives pertaining to a reactive journey are characterized by aggressive cost reduction.

    On the other hand, cost optimization initiatives within a strategic journey can vary in aggressiveness across objectives.

    2.1.1 Identify asset optimization initiatives

    2 hours

    1. Review the IT asset management strategy if available. Compile a list of all hardware, software, and facility asset costs for delivery of IT services.
    2. Analyze hardware and software assets for opportunities to consolidate, reduce, eliminate, and/or enhance functionality/automation. Look for:
      1. Redundancy or duplication of functionality not necessary for disaster recovery or business continuity purposes.
      2. Low or no-use software.
      3. Homegrown or legacy systems with high maintenance/support burdens.
      4. Multiple, old, or unsupported versions of current-use software.
      5. Opportunities to delay hardware/software refreshes or upgrades.
      6. Cloud/outsourced options.
      7. Instances of unsanctioned shadow IT.
    3. Reassess your in-house asset management processes to see where efficiency and effectiveness could be improved overall.
    4. Document cost optimization initiatives that could be driven by asset optimization objectives in the IT Cost Optimization Workbook.

    Download the IT Cost Optimization Workbook

    InputOutput
    • IT asset management strategy
    • List of current assets including hardware, software, and facilities
    • Outline Initiatives driven by asset optimization objectives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Whiteboard or flip charts
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • IT asset manager
    • IT infrastructure manager
    • Other IT management

    Example

    Asset optimization

    Some examples to get you started

    Journey Reactive, Proactive, or Strategic Proactive or Strategic Strategic
    Initiatives
    • Validate the license cost of performance optimization.
    • Review the utilization of software/hardware before renewal or purchase of additional hardware or software.
    • Assess new license cost against projects to determine possibility of differing or canceling software.
    • Postpone the purchases of hardware.
    • Extend the life of hardware.
    • Consolidate and reconfigure hardware.
    • Return damaged/malfunctioning hardware under warranty.
    • Consolidate and reconfigure software.
    • Optimize software/hardware functionality.
    • Implement hardware/software standard or policy.
    • Develop an infrastructure management outsourcing strategy.
    • Optimize cloud management: review utilization, licensing, cost, etc.
    • Develop a sustainable IT asset management (ITAM) strategy aligned with your business priorities.
    • Minimize shadow IT by creating a policy and improving the service request process.
    • Develop or assess a cloud strategy for a certain service.
    No initiatives for the reactive journey. No initiatives for the reactive or proactive journeys.
    Objective Reduce Unwarranted IT Spending Optimize Cost-to-Value Sustain Cost Optimization

    Template & Example

    List your objectives and initiatives

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to input your asset optimization initiatives and related objectives:

    List your objectives and initiatives

    Column ID Input Type Guidelines
    B Formula Automatic calculation, no entry required. The ID will update once there's an input in column E.
    C Dropdown Select an optimization lever: Assets, Vendors, Project Portfolio, or Workforce.
    D Dropdown Select an initiative focus from the dropdown list - this will help you think of initiatives.
    E Text Enter your initiative.
    F Text Write a brief description per initiative, providing a cost optimization rationale.
    G Dropdown Select the cost type per initiative: OpEx (operating expenditure) or CapEx (capital expenditure).
    H Dropdown Select 1 of 3 objectives for each initiative: Reduce Unwarranted IT Spending, Optimize Cost-to-Value, or Sustain Cost Optimization.

    List your initiatives in the provided Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Enter all your initiatives driven by the asset optimization lever.
    3. Determine the cost optimization objective per initiative.

    2.1.2 Identify vendor optimization initiatives

    2 hours

    1. Revisit the IT vendor classification if available. Identify all existing vendor contracts up for renewal within the current fiscal year and create an inventory.
    2. Examine your vendor contracts to optimize your expected value from every IT provider you deal with. For each contract:
      1. Identify the business purpose/drivers.
      2. Identify the expiration/renewal date to determine time frames for action.
      3. Determine if there is an opportunity to rightsize, cancel, renegotiate costs/service levels, or postpone renewal/purchase.
      4. Identify integrations and interdependencies with other hardware and software systems to understand scope and impact of potential changes.
    3. Reassess your in-house vendor management processes to see where efficiency and effectiveness could be improved overall.
    4. Document cost optimization initiatives that could be driven by vendor optimization objectives in the IT Cost Optimization Workbook.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Vendor classification
    • Vendors contracts
    • Outline Initiatives driven by vendor optimization objectives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Whiteboard or flip charts
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • IT vendor management lead
    • Other IT management

    Example

    Vendor optimization

    Some examples to get you started.

    Journey Reactive, Proactive, or Strategic Proactive or Strategic Strategic
    Initiatives
    • Renegotiate and rightsize a vendor contract:
      • Cancel vendor/service/type application contract.
      • Renegotiate vendor/service/type contract.
      • Cancel vendor/service/type licenses.
      • Rationalize number of vendor/service/type licenses.
    • Consolidate vendors/resellers with similar services, products and features.
    • Implement a vendor management initiative to maximize value and minimize risk.
    • Consolidate contracts to take advantage of spending power and volume.
    • Set up custom vendor performance metrics.
    • Establish ongoing monitoring of vendor risk (financial, security, etc.).
    No initiatives for the reactive journey. No initiatives for the reactive or proactive journeys.
    Objective Reduce Unwarranted IT Spending Optimize Cost-to-Value Sustain Cost Optimization

    Template & Example

    List your objectives and initiatives

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to input your vendor optimization initiatives and related objectives:

    List your objectives and initiatives

    Column ID Input Type Guidelines
    B Formula Automatic calculation, no entry required. The ID will update once there's an input in column E.
    C Dropdown Select an optimization lever: Assets, Vendors, Project Portfolio, or Workforce.
    D Dropdown Select an initiative focus from the dropdown list - this will help you think of initiatives.
    E Text Enter your initiative.
    F Text Write a brief description per initiative, providing a cost optimization rationale.
    G Dropdown Select the cost type per initiative: OpEx (operating expenditure) or CapEx (capital expenditure).
    H Dropdown Select 1 of 3 objectives for each initiative: Reduce Unwarranted IT Spending, Optimize Cost-to-Value, or Sustain Cost Optimization.

    List your initiatives in the provided Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Enter all your initiatives driven by the vendor optimization lever.
    3. Determine the cost optimization objective per initiative.

    2.1.3 Identify project portfolio optimization initiatives

    2 hours

    1. Review the IT Project Portfolio Strategy if available, and the list of both in-flight and planned projects.
    2. Reassess your project portfolio to maximize total value in line with business objectives and strategy. For each current and pending project on the list, identify a cost optimization initiative, including:
      1. Revisiting, confirming, and documenting actual project rationale with the business in relation to strategic goals.
      2. Rescoping existing projects that are underway.
      3. Accelerating planned or existing projects that enable business cost savings or competitive advantage and revenue growth.
      4. Canceling or postponing projects that are underway or haven't started.
      5. Identifying net-new projects that enhance business capabilities or save business costs.
    3. Reassess your in-house project management and project portfolio management processes to see where efficiency and effectiveness could be improved overall.
    4. Document cost optimization initiatives that could be driven by project portfolio optimization objectives in the IT Cost Optimization Workbook.

    Download the IT Cost Optimization Workbook

    Input Output
    • Project Portfolio Management Strategy
    • List of current and pending projects
    • Outline Initiatives driven by project portfolio optimization objectives in the IT Cost Optimization Workbook
    Materials Participants
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • PMO lead
    • Other IT management

    Example

    Project portfolio optimization

    Some examples to get you started.

    Journey Reactive, Proactive, or Strategic Proactive or Strategic Strategic
    Initiatives
    • Cancel projects with no executive sponsor.
    • Cancel projects with unacceptable timelines.
    • Postpone projects where there is a more urgent need for related resources.
    • Rescope projects where a more effective business case has been identified.
    • Freeze projects where scope and resourcing are uncertain.
    • Accelerate projects that enable business cost savings or a competitive advantage with revenue growth.
    • Combine projects that are better managed by realigning project managers and coordinators.
    • Break projects into phases to front-load realized value.
    • Outsource projects with commoditized skillset requirements.
    • Reassess the technology requirements when multiple vendors are involved.
    • Reexamine project rationale with the business in relation to strategic goals.
    • Identify net-new projects that offer improved value in relation to current economics.
    • Reassess the strategic drivers for project spending in the face of shifting priorities.
    • Implement a project portfolio governance function.
    • Introduce a benefits realization discipline in relation to the benefits forecasted during project approval.
    No initiatives for the reactive journey. No initiatives for the reactive or proactive journeys.
    Objective Reduce Unwarranted IT Spending Optimize Cost-to-Value Sustain Cost Optimization

    Template & Example

    List your objectives and initiatives

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to input your project portfolio optimization initiatives and related objectives:

    List your objectives and initiatives

    Column ID Input Type Guidelines
    B Formula Automatic calculation, no entry required. The ID will update once there's an input in column E.
    C Dropdown Select an optimization lever: Assets, Vendors, Project Portfolio, or Workforce.
    D Dropdown Select an initiative focus from the dropdown list - this will help you think of initiatives.
    E Text Enter your initiative.
    F Text Write a brief description per initiative, providing a cost optimization rationale.
    G Dropdown Select the cost type per initiative: OpEx (operating expenditure) or CapEx (capital expenditure).
    H Dropdown Select 1 of 3 objectives for each initiative: Reduce Unwarranted IT Spending, Optimize Cost-to-Value, or Sustain Cost Optimization.

    List your initiatives in the provided Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Enter all your initiatives driven by the project portfolio optimization lever.
    3. Determine the cost optimization objective per initiative.

    2.1.4 Identify workforce optimization initiatives

    2 hours

    1. Review the IT department's strategic workforce plan (SWP) if available, organizational chart, and salaries by role. Do not review IT staffing in terms of named individuals who occupy a given role - focus on functions, roles, and job descriptions.
    2. Determine capability gaps:
      1. Rectify efficiency, effectiveness, and other performance issues.
      2. Train IT staff to enhance or improve skills and effectiveness.
      3. Add roles, skills, or headcount to improve effectiveness.
      4. Integrate teams to improve collaboration and reduce redundancies or break out new ones to increase focus/specialization.
      5. Redesign job roles and responsibilities.
      6. Redeploy/reassign staff to other teams.
      7. Conduct layoff (as a last resort, starting by assessing contractual employees).
    3. Document cost optimization initiatives that could be driven by workforce optimization objectives in the IT Cost Optimization Workbook.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Strategic workforce plan (SWP)
    • Organizational charts
    • Staff lists
    • Outline Initiatives driven by workforce optimization objectives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • Talent management representative
    • Other IT management

    Example

    Workforce optimization

    Some examples to get you started.

    Journey Reactive, Proactive, or Strategic Proactive or Strategic Strategic
    Initiatives
    • Defer vacancy, position, or role.
    • Freeze all overnight and unessential IT staff travel.
    • Outsource project/function to free internal resources.
    • Postpone nonessential IT staff training as per training plans.
    • Suspend IT team discretionary spend.
    • Streamline workforce related to department/service (develop the process).
    • Relocate role or function from division or group to division or group.
    • Adjust framework and level assignments.
    • Promote and train employees for a certain objective.
    • Implement a strategic workforce plan (SWP) to ensure you have the right people in place, at the right time.
    • Set up a workforce performance monitoring framework or process to optimize staffing capabilities aligned with business value.
    No initiatives for the reactive journey. No initiatives for the reactive or proactive journeys.
    Objective Reduce Unwarranted IT Spending Optimize Cost-to-Value Sustain Cost Optimization

    Template & Example

    List your objectives and initiatives

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to input your workforce optimization initiatives and related objectives:

    List your objectives and initiatives

    Column ID Input Type Guidelines
    B Formula Automatic calculation, no entry required. The ID will update once there's an input in column E.
    C Dropdown Select an optimization lever: Assets, Vendors, Project Portfolio, or Workforce.
    D Dropdown Select an initiative focus from the dropdown list - this will help you think of initiatives.
    E Text Enter your initiative.
    F Text Write a brief description per initiative, providing a cost optimization rationale.
    G Dropdown Select the cost type per initiative: OpEx (operating expenditure) or CapEx (capital expenditure).
    H Dropdown Select 1 of 3 objectives for each initiative: Reduce Unwarranted IT Spending, Optimize Cost-to-Value, or Sustain Cost Optimization.

    List your initiatives in the provided Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Enter all your initiatives driven by the workforce optimization lever.
    3. Determine the cost optimization objective per initiative.

    2.2 Estimate the cost savings of cost optimization initiatives

    8 hours

    Now that you have identified your initiatives:

    1. Review your cost optimization initiatives per lever (Assets, Vendors, Project Portfolio, and Workforce).
    2. Determine whether the implementation cost of each of your initiatives is included as part of your budget.
    3. Estimate your cost savings.
    4. Document your assessment in the IT Cost Optimization Workbook.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Potential cost optimization initiatives list
    • Outline Initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Whiteboard or flip charts
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • Other IT management - depending on the optimization lever (Assets, Vendors, Project Portfolio, or Workforce)

    2.2.1 Estimate the costs impacting your asset optimization initiatives

    2 hours

    1. Review each asset optimization initiative to estimate cost implications.
    2. Consider implementation cost in terms of your budget, and document it in the IT Cost Optimization Workbook (see next slides). Is the implementation cost of the underlying initiative considered in your current budget? If not, move to the next initiative. You will assess the flagged initiative independently at a later stage if deemed necessary.
    3. Estimate the current cost related to the initiative (including implementation cost), and document it in the IT Cost Optimization Workbook (see next slides). This will be the first of two inputs needed to calculate the initiative's potential cost savings.
    4. Estimate the expected cost, post initiative execution, of the underlying initiative, and document it in the IT Cost Optimization Workbook (see next slides). This will be the second and last input needed to calculate the initiative's potential cost savings.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Asset optimization initiatives
    • Cost and budget information
    • Cost estimates of asset optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • IT asset manager
    • IT infrastructure manager
    • Other IT management

    Template & Example

    Estimate your cost

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete cost estimates for each asset optimization initiative:

    Estimate your cost

    Column ID Input Type Guidelines
    I Dropdown Select if the implementation cost is considered within your budget or not. If not, the initiative will be flagged to be reviewed, and no further entry is required; move to the next initiative. Implementation cost represents your cost for planning, executing, and monitoring the related initiative.
    J, K Whole Number Input a dollar amount. Current cost represents the yearly cost including implementing the initiative, while the expected cost represents the yearly cost after implementing the initiative.
    L Formula Automatic calculation, no entry required. The difference between current cost and expected cost.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine if the implementation cost is considered within the budget.
    3. If yes, estimate the current cost, and expected cost of the underlying initiative.

    2.2.2 Estimate the costs impacting your vendor optimization initiatives

    2 hours

    1. Review each vendor optimization initiative to estimate cost implications.
    2. Consider implementation cost in terms of your budget, and document it in the IT Cost Optimization Workbook (see next slides). Is the implementation cost of the underlying initiative considered in your current budget? If not, move to the next initiative. You will assess the flagged initiative independently at a later stage if deemed necessary.
    3. Estimate the current cost related to the initiative (including implementation cost), and document it in the IT Cost Optimization Workbook (see next slides). This will be the first of two inputs needed to calculate the initiative's potential cost savings.
    4. Estimate the expected cost, post initiative execution, of the underlying initiative, and document it in the IT Cost Optimization Workbook (see next slides). This will be the second and last input needed to calculate the initiative's potential cost savings.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Vendor optimization initiatives
    • Cost and budget information
    • Cost estimates of vendor optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • IT vendor management lead
    • Other IT management

    Template & Example

    Estimate your cost

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete cost estimates for each vendor optimization initiative:

    Estimate your cost

    Column ID Input Type Guidelines
    I Dropdown Select if the implementation cost is considered within your budget or not. If not, the initiative will be flagged to be reviewed, and no further entry is required; move to the next initiative. Implementation cost represents your cost for planning, executing, and monitoring the related initiative.
    J, K Whole Number Input a dollar amount. Current cost represents the yearly cost including implementing the initiative, while the expected cost represents the yearly cost after implementing the initiative.
    L Formula Automatic calculation, no entry required. The difference between current cost and expected cost.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine if the implementation cost is considered within the budget.
    3. If yes, estimate the current cost, and expected cost of the underlying initiative.

    2.2.3 Estimate the costs impacting your project portfolio optimization initiatives

    2 hours

    1. Review each project portfolio optimization initiative to estimate cost implications.
    2. Consider implementation cost in terms of your budget, and document it in the IT Cost Optimization Workbook (see next slides). Is the implementation cost of the underlying initiative considered in your current budget? If not, move to the next initiative. You will assess the flagged initiative independently at a later stage if deemed necessary.
    3. Estimate the current cost related to the initiative (including implementation cost), and document it in the IT Cost Optimization Workbook (see next slides). This will be the first of two inputs needed to calculate the initiative's potential cost savings.
    4. Estimate the expected cost, post initiative execution, of the underlying initiative, and document it in the IT Cost Optimization Workbook (see next slides). This will be the second and last input needed to calculate the initiative's potential cost savings.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Project portfolio optimization initiatives
    • Cost and budget information
    • Cost estimates of project portfolio optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • PMO lead
    • Other IT management

    Template & Example

    Estimate your cost

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete cost estimates for each project portfolio optimization initiative:

    Estimate your cost

    Column ID Input Type Guidelines
    I Dropdown Select if the implementation cost is considered within your budget or not. If not, the initiative will be flagged to be reviewed, and no further entry is required; move to the next initiative. Implementation cost represents your cost for planning, executing, and monitoring the related initiative.
    J, K Whole Number Input a dollar amount. Current cost represents the yearly cost including implementing the initiative, while the expected cost represents the yearly cost after implementing the initiative.
    L Formula Automatic calculation, no entry required. The difference between current cost and expected cost.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine if the implementation cost is considered within the budget.
    3. If yes, estimate the current cost, and expected cost of the underlying initiative.

    2.2.4 Estimate the costs impacting your workforce optimization initiatives

    2 hours

    1. Review each workforce optimization initiative to estimate cost implications.
    2. Consider implementation cost in terms of your budget, and document it in the IT Cost Optimization Workbook (see next slides). Is the implementation cost of the underlying initiative considered in your current budget? If not, move to the next initiative. You will assess the flagged initiative independently at a later stage if deemed necessary.
    3. Estimate the current cost related to the initiative (including implementation cost), and document it in the IT Cost Optimization Workbook (see next slides). This will be the first of two inputs needed to calculate the initiative's potential cost savings.
    4. Estimate the expected cost, post initiative execution, of the underlying initiative, and document it in the IT Cost Optimization Workbook (see next slides). This will be the second and last input needed to calculate the initiative's potential cost savings.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Workforce optimization initiatives
    • Cost and budget information
    • Cost estimates of workforce optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • Talent management representative
    • Other IT management

    Template & Example

    Estimate your cost

    Excel Workbook: IT Cost Optimization –i Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete cost estimates for each workforce optimization initiative:

    Estimate your cost

    Column ID Input Type Guidelines
    I Dropdown Select if the implementation cost is considered within your budget or not. If not, the initiative will be flagged to be reviewed, and no further entry is required; move to the next initiative. Implementation cost represents your cost for planning, executing, and monitoring the related initiative.
    J, K Whole Number Input a dollar amount. Current cost represents the yearly cost including implementing the initiative, while the expected cost represents the yearly cost after implementing the initiative.
    L Formula Automatic calculation, no entry required. The difference between current cost and expected cost.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine if the implementation cost is considered within the budget.
    3. If yes, estimate the current cost, and expected cost of the underlying initiative.

    Phase 3

    Develop Your IT Cost Optimization Roadmap

    Phase 1
    Understand Your Mandate and Objectives

    Phase 2
    Outline Your Cost Optimization Initiatives

    Phase 3
    Develop Your IT Cost Optimization Roadmap

    Phase 4
    Communicate and Execute

    This phase will walk you through the following activities:

    • IT cost optimization workbook
    • IT cost optimization roadmap

    This phase involves the following participants:

    • CIO/IT director
    • IT finance lead
    • IT asset manager
    • IT infrastructure manager
    • IT vendor management lead
    • PMO lead
    • IT talent management representative
    • Other IT management

    Develop your prioritized and aligned cost optimization roadmap

    The process of developing your roadmap is where you set final cost optimization priorities, conduct a final rationalization to decide what's in and what's out, and document your proposed plan of action.

    First, take a moment to consider if you missed anything. Too often, only the cost cutting elements of the cost optimization equation get attention. Remember that cost optimization also includes making smart investments. Sometimes adding and expanding is better for the business than removing or contracting.

    • Do your proposed initiatives help position the organization to recover quickly if you're dealing with a downturn or recession scenario?
    • Have you fully considered growth or innovation opportunities that will help optimize costs in the long run?

    Feasibility
    Eliminate initiatives from the longlist of potential initiatives that cannot be achieved given the cost optimization goals you determined at the beginning of this exercise.

    Priority
    Rank order the remaining initiatives according to their ability to contribute to goal attainment and dependency relationships with external constraints and one another.

    Action Plan
    Create an overarching visual roadmap that shows how you intend to achieve your cost optimization goals over the short, medium, and long-term.

    3.1 Assess the feasibility of your cost optimization initiatives

    4 hours

    Now that you have identified your initiatives across the four levers and understood the business impacts:

    1. Review each of your cost optimization initiatives and estimate the feasibility in terms of:
      1. Effort required to implement.
      2. Risk: Likelihood of failure and impact on performance.
      3. Approval rights: Within the IT or finance's accountability/domain or not.
    2. Document your assessment in the IT Cost Optimization Workbook.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Cost optimization initiatives
    • Feasibility estimates of cost optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Define Variables tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • Other IT management - depending on the optimization lever (Assets, Vendors, Project Portfolio, or Workforce)

    3.1.1 Estimate the feasibility of your asset optimization initiatives

    1 hour

    1. Review each asset optimization initiative to estimate feasibility implications.
    2. Start by defining the effort required variables. Think in terms of how many dedicated full-time employees you would need to implement the initiative. Document your definition for each of the three variables (High, Medium, or Low) in the IT Cost Optimization Workbook (see next slides). Then, estimate the effort required to implement the related initiative. Consider complexity, scope, and resource availability, before you document it in the IT Cost Optimization Workbook (see next slides).
    3. Define your likelihood of failure variables. Think in terms of probability of failure or percent chance the underlying initiative will not succeed. Document your definition for each of the three variables (High, Medium, or Low) in the IT Cost Optimization Workbook (see next slides). Then, estimate the likelihood of failure to implement the related initiative, and document it in the IT Cost Optimization Workbook (see next slides).
    4. Consider the initiative's impact on performance. Would implementing the initiative hinder IT or business performance? If you are on a reactive journey, would it impede business recovery in any way, shape, or form? Document the impact (Positive Impact, No Impact, or Negative Impact) in the IT Cost Optimization Workbook (see next slides).
    5. Determine who is responsible for approving the initiative. Does it fall within your jurisdiction, responsibility, or accountability? If not, it would mean that it might be more difficult to implement the initiative. Document approval rights (within accountability or not within accountability) in the IT Cost Optimization Workbook (see next slides).

    Download the IT Cost Optimization Workbook

    Input Output
    • Asset optimization initiatives
    • Feasibility estimates of asset optimization initiatives in the IT Cost Optimization Workbook
    Materials Participants
    • Define Variables tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • IT asset manager
    • IT infrastructure manager
    • Other IT management

    Template & Example

    Define your feasibility variables

    Excel Workbook: IT Cost Optimization – Define Variables Worksheet

    Refer to the example and guidelines below on how to define your feasibility variables for standardization purposes. You can adopt a different definition per optimization lever (Assets, Vendors, Project Portfolio, and Workforce), or maintain the same one across initiatives, depending on what makes sense for your organization:

    Define your feasibility variables

    Column ID Input Type Guidelines
    B, G Formula Automatic calculation, no entry required. The ID will populate automatically.
    C, H Text No entry required. Three variables identified: High, Medium, Low.
    D, E Whole Number Review and input the range of each effort required variable, based on the number of dedicated full-time employees needed to implement an initiative, as it works best for your organization.
    I, J Whole Number Review and input the range of each likelihood of failure variable, based on the probability of failure of an initiative, as it works best for your organization. This example should work for most organizations.

    Define your feasibility variables in the Excel Workbook as per guidelines:

    1. Navigate to the Define Variables tab.
    2. Review and enter the range of each effort required and likelihood of failure variable as you see fit for your organization.

    Template & Example

    Estimate your feasibility

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete feasibility estimates for each asset optimization initiative:

    Estimate your feasibility

    Column ID Input Type Guidelines
    M Dropdown Select the effort required estimate based on your defined variables. Effort required represents the number of dedicated employees needed to plan, execute, and monitor the underlying initiative, based on the level of maturity and readiness; consider complexity, scope, and resource availability.
    N Dropdown Select the likelihood of failure estimate based on your defined variables. Likelihood of failure represents the probability of failure of the underlying initiative.
    O Dropdown Select the impact on performance estimate related to the implementation of the underlying initiative. Consider the impact on IT and on business (including business recovery if on a reactive journey).
    P Dropdown Select the appropriate approval right related to the underlying initiative. Determine if the initiative's approval falls within your accountability or not.
    Q Text Write a brief description per initiative, providing an impact rationale and identifying the approver where possible.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the appropriate effort required to implement the underlying initiative.
    3. Identify the risk of each initiative: likelihood of failure and impact on performance.
    4. Choose the adequate approval right classification for each initiative.

    3.1.2 Estimate the feasibility of your vendor optimization initiatives

    1 hour

    1. Review each vendor optimization initiative to estimate feasibility implications, along with previously defined variables (see slides 64 and 65).
    2. Consider the initiative's impact on performance. Would implementing the initiative hinder IT or business performance? If you are on a reactive journey, would it impede business recovery in any way, shape, or form? Document the impact (Positive Impact, No Impact, or Negative Impact) in the IT Cost Optimization Workbook (see next slides).
    3. Determine who is responsible for approving the initiative. Does it fall within your jurisdiction, responsibility, or accountability? If not, it would mean that it might be more difficult to implement the initiative. Document approval rights (within accountability or not within accountability) in the IT Cost Optimization Workbook (see next slides).

    Download the IT Cost Optimization Workbook

    InputOutput
    • Vendor optimization initiatives
    • Feasibility estimates of vendor optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Define Variables tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • IT vendor management lead
    • Other IT management

    Template & Example

    Estimate your feasibility

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete feasibility estimates for each vendor optimization initiative:

    Estimate your feasibility

    Column ID Input Type Guidelines
    M Dropdown Select the effort required estimate based on your defined variables. Effort required represents the number of dedicated employees needed to plan, execute, and monitor the underlying initiative, based on the level of maturity and readiness; consider complexity, scope, and resource availability.
    N Dropdown Select the likelihood of failure estimate based on your defined variables. Likelihood of failure represents the probability of failure of the underlying initiative.
    O Dropdown Select the impact on performance estimate related to the implementation of the underlying initiative. Consider the impact on IT and on business (including business recovery if on a reactive journey).
    P Dropdown Select the appropriate approval right related to the underlying initiative. Determine if the initiative's approval falls within your accountability or not.
    Q Text Write a brief description per initiative, providing an impact rationale and identifying the approver where possible.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the appropriate effort required to implement the underlying initiative.
    3. Identify the risk of each initiative: likelihood of failure and impact on performance.
    4. Choose the adequate approval right classification for each initiative.

    3.1.3 Estimate the feasibility of your project portfolio optimization initiatives

    1 hour

    1. Review each project portfolio optimization initiative to estimate feasibility implications, along with previously defined variables (see slides 64 and 65).
    2. Consider the initiative's impact on performance. Would implementing the initiative hinder IT or business performance? If you are on a reactive journey, would it impede business recovery in any way, shape, or form? Document the impact (Positive Impact, No Impact, or Negative Impact) in the IT Cost Optimization Workbook (see next slides).
    3. Determine who is responsible for approving the initiative. Does it fall within your jurisdiction, responsibility, or accountability? If not, it would mean that it might be more difficult to implement the initiative. Document approval rights (within accountability or not within accountability) in the IT Cost Optimization Workbook (see next slides).

    Download the IT Cost Optimization Workbook

    InputOutput
    • Project portfolio optimization initiatives
    • Feasibility estimates of vendor optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Define Variables tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • PMO lead
    • Other IT management

    Template & Example

    Estimate your feasibility

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete feasibility estimates for each project portfolio optimization initiative:

    Estimate your feasibility

    Column ID Input Type Guidelines
    M Dropdown Select the effort required estimate based on your defined variables. Effort required represents the number of dedicated employees needed to plan, execute, and monitor the underlying initiative, based on the level of maturity and readiness; consider complexity, scope, and resource availability.
    N Dropdown Select the likelihood of failure estimate based on your defined variables. Likelihood of failure represents the probability of failure of the underlying initiative.
    O Dropdown Select the impact on performance estimate related to the implementation of the underlying initiative. Consider the impact on IT and on business (including business recovery if on a reactive journey).
    P Dropdown Select the appropriate approval right related to the underlying initiative. Determine if the initiative's approval falls within your accountability or not.
    Q Text Write a brief description per initiative, providing an impact rationale and identifying the approver where possible.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the appropriate effort required to implement the underlying initiative.
    3. Identify the risk of each initiative: likelihood of failure and impact on performance.
    4. Choose the adequate approval right classification for each initiative.

    3.1.4 Estimate the feasibility of your workforce optimization initiatives

    1 hour

    1. Review each workforce optimization initiative to estimate feasibility implications, along with previously defined variables (see slides 64 and 65).
    2. Consider the initiative's impact on performance. Would implementing the initiative hinder IT or business performance? If you are on a reactive journey, would it impede business recovery in any way, shape, or form? Document the impact (Positive Impact, No Impact, or Negative Impact) in the IT Cost Optimization Workbook (see next slides).
    3. Determine who is responsible for approving the initiative. Does it fall within your jurisdiction, responsibility, or accountability? If not, it would mean that it might be more difficult to implement the initiative. Document approval rights (within accountability or not within accountability) in the IT Cost Optimization Workbook (see next slides).

    Download the IT Cost Optimization Workbook

    InputOutput
    • Workforce optimization initiatives
    • Feasibility estimates of workforce optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Define Variables tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • Talent management representative
    • Other IT management

    Template & Example

    Estimate your feasibility

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete feasibility estimates for each workforce optimization initiative:

    Estimate your feasibility

    Column ID Input Type Guidelines
    M Dropdown Select the effort required estimate based on your defined variables. Effort required represents the number of dedicated employees needed to plan, execute, and monitor the underlying initiative, based on the level of maturity and readiness; consider complexity, scope, and resource availability.
    N Dropdown Select the likelihood of failure estimate based on your defined variables. Likelihood of failure represents the probability of failure of the underlying initiative.
    O Dropdown Select the impact on performance estimate related to the implementation of the underlying initiative. Consider the impact on IT and on business (including business recovery if on a reactive journey).
    P Dropdown Select the appropriate approval right related to the underlying initiative. Determine if the initiative's approval falls within your accountability or not.
    Q Text Write a brief description per initiative, providing an impact rationale and identifying the approver where possible.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the appropriate effort required to implement the underlying initiative.
    3. Identify the risk of each initiative: likelihood of failure and impact on performance.
    4. Choose the adequate approval right classification for each initiative.

    3.2 Prioritize cost optimization initiatives to create a final shortlist

    4 hours

    Now that you have your cost and feasibility for each cost optimization initiative:

    1. Review each of your cost optimization initiatives and estimate the time and priority by considering:
      1. Preliminary priority assessment based on your cost and feasibility input.
      2. Time frame: start and end date of each initiative.
      3. Current budget cycle: time remaining in the current budget cycle and potential cost savings in this fiscal year.
    2. Determine the final priority of the initiative and decide whether you want to include it in your 12-month roadmap.
    3. Document your assessment in the IT Cost Optimization Workbook.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Cost optimization initiatives
    • Time and priority estimates of cost optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Define Priority Threshold tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • Other IT management - depending on the optimization lever (Assets, Vendors, Project Portfolio, or Workforce)

    3.2.1 Prioritize your asset optimization initiatives

    1 hour

    1. Review each asset optimization initiative to set the priority.
    2. Validate your cost and feasibility estimates and consider the automated evaluation, in the IT Cost Optimization Workbook, providing you with a preliminary priority based on your cost and feasibility estimates (see next slides).
    3. Revisit your overarching goals (step 1.4) as you will assess the time it will take you to complete your initiatives and prioritize accordingly.
    4. Determine your start and end date for each initiative based on your journey, objectives, and overarching goals. Consider the urgency of each initiative. Document the quarter and year for your start and end dates in the IT Cost Optimization Workbook (see next slides).
    5. Identify the time remaining in your current budget cycle after the completion of each initiative to get a cost savings estimate for the current fiscal year. Document the number of remaining quarters (0, 1, 2, 3, or 4) in the IT Cost Optimization Workbook (see next slides).
    6. Decide on the priority of each initiative (High, Medium, or Low), and document it in the IT Cost Optimization Workbook (see next slides).
    7. Revisit the priority decision after prioritizing all your initiatives and determine which ones to include in your 12-month roadmap; consider the number of initiatives you can tackle at the same time within a 12-month period. Document your final decision (Yes or No) in the IT Cost Optimization Workbook (see next slides).

    Download the IT Cost Optimization Workbook

    InputOutput
    • Asset optimization initiatives
    • Time and priority estimates of cost optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Define Priority Threshold tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • IT asset manager
    • IT infrastructure manager
    • Other IT management

    Template & Example

    Understand your priority assessment

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how the preliminary priority assessment is assigned, for each asset optimization initiative, noting that columns Q to X are hidden automatic calculations and should not be touched:

    Understand your priority assessment

    Column ID Input Type Guidelines
    R Formula Hidden automatic calculation, no entry required. Rank of estimate cost savings (per year) in ascending order (higher cost savings implies a higher rank).
    S Formula Hidden automatic calculation, no entry required. Cost Savings Score on a scale of 1 to 3, where the top third in Cost Savings Rank are assigned a score of 1, the bottom third a score of 3, and in between a score of 2, noting that negative cost savings would imply a -1 score.
    T Formula Hidden automatic calculation, no entry required. Cost Score adds 1 to the Cost Savings Score if the underlying initiative is within the budget.
    U, V, W Formula Hidden automatic calculation, no entry required. A score on a scale of 1 to 3 based on input of columns M, N, and O, where Low or Positive Impact is assigned a score of 3, Medium or No Impact a score of 2, and High or Negative Impact a score of 1.
    X Formula Hidden automatic calculation, no entry required. The rounding of the average of columns U, V, and W, adding 1 to the result if the initiative's approval falls within your accountability (column P).
    Y Formula Hidden automatic calculation, no entry required. The sum of columns T and X, adding 3 for Reduce Unwarranted IT Spending, and 1 to Optimize Cost-to-value (column H).
    Z Formula Hidden automatic calculation, no entry required. Preliminary priority assessment based on the Define Priority Threshold worksheet (hidden, see next slide).

    Review the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Validate cost and feasibility estimates (columns I to P previously filled - steps 2.2 and 3.1) driving the Priority Score and Preliminary Priority Assessment.

    Template & Example

    Priority threshold rationale

    Excel Workbook: IT Cost Optimization – Define Priority Threshold Worksheet

    Refer to the screenshot of the Define Priority Threshold worksheet below to understand the rationale behind the priority score and priority level:

    Priority threshold rationale

    Template & Example

    Estimate your timeline

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete timeline estimates for each asset optimization initiative:

    Estimate your timeline

    Column ID Input Type Guidelines
    AA, AC Dropdown Select the quarter(s) in which you plan to begin and complete your initiative.
    AB, AD Dropdown Select the year(s) in which you plan to begin and complete your initiative.
    AE Dropdown Select the number of remaining quarters, in the current fiscal year, after you complete the initiative (0 to 4); based on columns AA to AD.
    AF Formula Automatic calculation, no entry required. Estimate of cost savings in the current fiscal year, based on the remaining quarters after implementation. The entry in column AE is divided by 4, and the result is multiplied by the related estimated cost savings per year (entry in column L).
    AG Dropdown Select if cost savings after the implementation of the underlying initiative will be permanent or temporary.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the appropriate quarter and year to start and complete the initiative.
    3. Identify the time remaining in your current budget cycle after the completion of the initiative.

    Template & Example

    Make your final decisions

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to assign the final priority for each asset optimization initiative, and include it in your 12-month roadmap:

    Make your final decisions

    Column ID Row ID Input Type Guidelines
    AH - Dropdown Select your final priority decision after reviewing the preliminary priority assessment (column Z) and timeline estimates (columns AA to AG).
    AI - Dropdown Select whether you want to include the initiative in your 12-month roadmap (Yes or No).
    AK, AL 5 Formula Automatic calculation, no entry required. The total number of initiatives you decided to include in your 12-month roadmap; based on column AI when Yes is selected.
    AK, AL 6 Formula Automatic calculation, no entry required. Total estimated cost savings per year after the initiative's completion; based on column L when included in the 12-month roadmap (column AI when Yes is selected)
    AK, AL 7 Formula Automatic calculation, no entry required. Total estimated cost savings in the current fiscal year; based on column AF when included in the 12-month roadmap (column AI when Yes is selected)
    • Estimated cost savings per year refer to cost savings fully realized by the end of the upcoming fiscal year, following the initiatives' implementation.
    • Estimated cost savings in the current budget cycle, refer to cost savings partially realized in the current fiscal year, after the initiatives' implementation.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the final priority of the initiative.
    3. Decide whether you want to include the initiative in your 12-month roadmap.

    3.2.2 Prioritize your vendor optimization initiatives

    1 hour

    1. Review each vendor optimization initiative to set the priority.
    2. Validate your cost and feasibility estimates and consider the automated evaluation, in the IT Cost Optimization Workbook, providing you with a preliminary priority based on your cost and feasibility estimates (see next slides).
    3. Revisit your overarching goals (step 1.4) as you will assess the time it will take you to complete your initiatives and prioritize accordingly.
    4. Determine your start and end date for each initiative based on your journey, objectives, and overarching goals. Consider the urgency of each initiative. Document the quarter and year for your start and end dates in the IT Cost Optimization Workbook (see next slides).
    5. Identify the time remaining in your current budget cycle after the completion of each initiative to get a cost savings estimate for the current fiscal year. Document the number of remaining quarters (0, 1, 2, 3, or 4) in the IT Cost Optimization Workbook (see next slides).
    6. Decide on the priority of each initiative (High, Medium, or Low), and document it in the IT Cost Optimization Workbook (see next slides).
    7. Revisit the priority decision after prioritizing all your initiatives and determine which ones to include in your 12-month roadmap; consider the number of initiatives you can tackle at the same time within a 12-month period. Document your final decision (Yes or No) in the IT Cost Optimization Workbook (see next slides).

    Download the IT Cost Optimization Workbook

    Input Output
    • Vendor optimization initiatives
    • Time and priority estimates of cost optimization initiatives in the IT Cost Optimization Workbook
    Materials Participants
    • Define Priority Threshold tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • IT vendor management lead
    • Other IT management

    Template & Example

    Understand your priority assessment

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how the preliminary priority assessment is assigned, for each vendor optimization initiative, noting that columns Q to X are hidden automatic calculations and should not be touched:

    Understand your priority assessment

    Column ID Input Type Guidelines
    R Formula Hidden automatic calculation, no entry required. Rank of estimate cost savings (per year) in ascending order (higher cost savings implies a higher rank).
    S Formula Hidden automatic calculation, no entry required. Cost Savings Score on a scale of 1 to 3, where the top third in Cost Savings Rank are assigned a score of 1, the bottom third a score of 3, and in between a score of 2, noting that negative cost savings would imply a -1 score.
    T Formula Hidden automatic calculation, no entry required. Cost Score adds 1 to the Cost Savings Score if the underlying initiative is within the budget.
    U, V, W Formula Hidden automatic calculation, no entry required. A score on a scale of 1 to 3 based on input of columns M, N, and O, where Low or Positive Impact is assigned a score of 3, Medium or No Impact a score of 2, and High or Negative Impact a score of 1.
    X Formula Hidden automatic calculation, no entry required. The rounding of the average of columns U, V, and W, adding 1 to the result if the initiative's approval falls within your accountability (column P).
    Y Formula Hidden automatic calculation, no entry required. The sum of columns T and X, adding 3 for Reduce Unwarranted IT Spending, and 1 to Optimize Cost-to-Value (column H).
    Z Formula Hidden automatic calculation, no entry required. Preliminary priority assessment based on the Define Priority Threshold worksheet (hidden, see next slide).

    Review the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Validate cost and feasibility estimates (columns I to P previously filled - steps 2.2 and 3.1) driving the Priority Score and Preliminary Priority Assessment.

    Template & Example

    Priority Threshold Rationale

    Excel Workbook: IT Cost Optimization – Define Priority Threshold Worksheet

    Refer to the screenshot of the Define Priority Threshold worksheet below to understand the rationale behind the Priority Score and Priority Level:

    Priority Threshold Rationale

    Template & Example

    Estimate your timeline

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete timeline estimates for each vendor optimization initiative:

    Estimate your timeline

    Column ID Input Type Guidelines
    AA, AC Dropdown Select the quarter(s) in which you plan to begin and complete your initiative.
    AB, AD Dropdown Select the year(s) in which you plan to begin and complete your initiative.
    AE Dropdown Select the number of remaining quarters, in the current fiscal year, after you complete the initiative (0 to 4); based on columns AA to AD.
    AF Formula Automatic calculation, no entry required. Estimate of cost savings in the current fiscal year, based on the remaining quarters after implementation. The entry in column AE is divided by 4, and the result is multiplied by the related estimated cost savings per year (entry in column L).
    AG Dropdown Select if cost savings after the implementation of the underlying initiative will be Permanent or Temporary.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the appropriate quarter and year to start and complete the initiative.
    3. Identify the time remaining in your current budget cycle after the completion of the initiative.

    Template & Example

    Make your final decisions

    Excel Workbook: IT Cost Optimization - Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to assign the final priority for each vendor optimization initiative, and include it in your 12-month roadmap:

    Make your final decisions

    Column ID Row ID Input Type Guidelines
    AH - Dropdown Select your final priority decision after reviewing the preliminary priority assessment (column Z) and timeline estimates (columns AA to AG).
    AI - Dropdown Select whether you want to include the initiative in your 12-month roadmap (Yes or No).
    AK, AL 5 Formula Automatic calculation, no entry required. The total number of initiatives you decided to include in your 12-month roadmap; based on column AI when Yes is selected.
    AK, AL 6 Formula Automatic calculation, no entry required. Total estimated cost savings per year after the initiative's completion; based on column L when included in the 12-month roadmap (column AI when Yes is selected)
    AK, AL 7 Formula Automatic calculation, no entry required. Total estimated cost savings in the current fiscal year; based on column AF when included in the 12-month roadmap (column AI when Yes is selected)
    • Estimated cost savings per year refer to cost savings fully realized by the end of the upcoming fiscal year, following the initiatives' implementation.
    • Estimated cost savings in the current budget cycle, refer to cost savings partially realized in the current fiscal year, after the initiatives' implementation.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the final priority of the initiative.
    3. Decide whether you want to include the initiative in your 12-month roadmap.

    3.2.3 Prioritize your project portfolio optimization initiatives

    1 hour

    1. Review each project portfolio optimization initiative to set the priority.
    2. Validate your cost and feasibility estimates and consider the automated evaluation, in the IT Cost Optimization Workbook, providing you with a preliminary priority based on your cost and feasibility estimates (see next slides).
    3. Revisit your overarching goals (step 1.4) as you will assess the time it will take you to complete your initiatives and prioritize accordingly.
    4. Determine your start and end date for each initiative based on your journey, objectives, and overarching goals. Consider the urgency of each initiative. Document the quarter and year for your start and end dates in the IT Cost Optimization Workbook (see next slides).
    5. Identify the time remaining in your current budget cycle after the completion of each initiative to get a cost savings estimate for the current fiscal year. Document the number of remaining quarters (0, 1, 2, 3, or 4) in the IT Cost Optimization Workbook (see next slides).
    6. Decide on the priority of each initiative (High, Medium, or Low), and document it in the IT Cost Optimization Workbook (see next slides).
    7. Revisit the priority decision after prioritizing all your initiatives and determine which ones to include in your 12-month roadmap; consider the number of initiatives you can tackle at the same time within a 12-month period. Document your final decision (Yes or No) in the IT Cost Optimization Workbook (see next slides).

    Download the IT Cost Optimization Workbook

    InputOutput
    • Project portfolio optimization initiatives
    • Time and priority estimates of cost optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Define Priority Threshold tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • PMO lead
    • Other IT management

    Template & Example

    Understand your priority assessment

    Excel Workbook: IT Cost Optimization - Outline Initiatives Worksheet

    Refer to the example and guidelines below on how the preliminary priority assessment is assigned, for each project portfolio optimization initiative, noting that columns Q to X are hidden automatic calculations and should not be touched:

    Understand your priority assessment

    Column ID Input Type Guidelines
    R Formula Hidden automatic calculation, no entry required. Rank of Estimate Cost Savings (per year) in ascending order (higher cost savings implies a higher rank).
    S Formula Hidden automatic calculation, no entry required. Cost Savings Score on a scale of 1 to 3, where the top third in Cost Savings Rank are assigned a score of 1, the bottom third a score of 3, and in between a score of 2, noting that negative cost savings would imply a -1 score.
    T Formula Hidden automatic calculation, no entry required. Cost Score adds 1 to the Cost Savings Score if the underlying initiative is within the budget.
    U, V, W Formula Hidden automatic calculation, no entry required. A score on a scale of 1 to 3 based on input of columns M, N, and O, where Low or Positive Impact is assigned a score of 3, Medium or No Impact a score of 2, and High or Negative Impact a score of 1.
    X Formula Hidden automatic calculation, no entry required. The rounding of the average of columns U, V, and W, adding 1 to the result if the initiative's approval falls within your accountability (column P).
    Y Formula Hidden automatic calculation, no entry required. The sum of columns T and X, adding 3 for Reduce Unwarranted IT Spending, and 1 to Optimize Cost-to-Value (column H).
    Z Formula Hidden automatic calculation, no entry required. Preliminary Priority Assessment based on the Define Priority Threshold worksheet (hidden, see next slide).

    Review the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Validate cost and feasibility estimates (columns I to P previously filled - steps 2.2 and 3.1) driving the Priority Score and Preliminary Priority Assessment.

    Template & Example

    Priority Threshold Rationale

    Excel Workbook: IT Cost Optimization - Define Priority Threshold Worksheet

    Refer to the screenshot of the Define Priority Threshold worksheet below to understand the rationale behind the Priority Score and Priority Level:

    Priority threshold rationale

    Template & Example

    Estimate your timeline

    Excel Workbook: IT Cost Optimization - Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete timeline estimates for each project portfolio optimization initiative:

    Estimate your timeline

    Column ID Input Type Guidelines
    AA, AC Dropdown Select the quarter(s) in which you plan to begin and complete your initiative.
    AB, AD Dropdown Select the year(s) in which you plan to begin and complete your initiative.
    AE Dropdown Select the number of remaining quarters, in the current fiscal year, after you complete the initiative (0 to 4); based on columns AA to AD.
    AF Formula Automatic calculation, no entry required. Estimate of cost savings in the current fiscal year, based on the remaining quarters after implementation. The entry in column AE is divided by 4, and the result is multiplied by the related estimated cost savings per year (entry in column L).
    AG Dropdown Select if cost savings after the implementation of the underlying initiative will be Permanent or Temporary.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the appropriate quarter and year to start and complete the initiative.
    3. Identify the time remaining in your current budget cycle after the completion of the initiative.

    Template & Example

    Make your final decisions

    Excel Workbook: IT Cost Optimization - Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to assign the final priority for each project portfolio optimization initiative and include it in your 12-month roadmap:

    Make your final decisions

    Column ID Row ID Input Type Guidelines
    AH - Dropdown Select your final priority decision after reviewing the preliminary priority assessment (column Z) and timeline estimates (columns AA to AG).
    AI - Dropdown Select whether you want to include the initiative in your 12-month roadmap (Yes or No).
    AK, AL 5 Formula Automatic calculation, no entry required. The total number of initiatives you decided to include in your 12-month roadmap; based on column AI when Yes is selected.
    AK, AL 6 Formula Automatic calculation, no entry required. Total estimated cost savings per year after the initiative's completion; based on column L when included in the 12-month roadmap (column AI when Yes is selected)
    AK, AL 7 Formula Automatic calculation, no entry required. Total estimated cost savings in the current fiscal year; based on column AF when included in the 12-month roadmap (column AI when Yes is selected)
    • Estimated cost savings per year refer to cost savings fully realized by the end of the upcoming fiscal year, following the initiatives' implementation.
    • Estimated cost savings in the current budget cycle, refer to cost savings partially realized in the current fiscal year, after the initiatives' implementation.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the final priority of the initiative.
    3. Decide whether you want to include the initiative in your 12-month roadmap.

    3.2.4 Prioritize your workforce optimization initiatives

    1 hour

    1. Review each workforce optimization initiative to set the priority.
    2. Validate your cost and feasibility estimates and consider the automated evaluation, in the IT Cost Optimization Workbook, providing you with a preliminary priority based on your cost and feasibility estimates (see next slides).
    3. Revisit your overarching goals (step 1.4) as you will assess the time it will take you to complete your initiatives and prioritize accordingly.
    4. Determine your start and end date for each initiative based on your journey, objectives, and overarching goals. Consider the urgency of each initiative. Document the quarter and year for your start and end dates in the IT Cost Optimization Workbook (see next slides).
    5. Identify the time remaining in your current budget cycle after the completion of each initiative to get a cost savings estimate for the current fiscal year. Document the number of remaining quarters (0, 1, 2, 3, or 4) in the IT Cost Optimization Workbook (see next slides).
    6. Decide on the priority of each initiative (High, Medium, or Low), and document it in the IT Cost Optimization Workbook (see next slides).
    7. Revisit the priority decision after prioritizing all your initiatives and determine which ones to include in your 12-month roadmap; consider the number of initiatives you can tackle at the same time within a 12-month period. Document your final decision (Yes or No) in the IT Cost Optimization Workbook (see next slides).

    Download the IT Cost Optimization Workbook

    InputOutput
    • Workforce optimization initiatives
    • Time and priority estimates of cost optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Define Priority Threshold tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • Talent management representative
    • Other IT management

    Template & Example

    Understand your priority assessment

    Excel Workbook: IT Cost Optimization - Outline Initiatives Worksheet

    Refer to the example and guidelines below on how the preliminary priority assessment is assigned, for each workforce optimization initiative, noting that columns Q to X are hidden automatic calculations and should not be touched:

    Understand your priority assessment

    Column ID Input Type Guidelines
    R Formula Hidden automatic calculation, no entry required. Rank of Estimate Cost Savings (per year) in ascending order (higher cost savings implies a higher rank).
    S Formula Hidden automatic calculation, no entry required. Cost Savings Score on a scale of 1 to 3, where the top third in Cost Savings Rank are assigned a score of 1, the bottom third a score of 3, and in between a score of 2, noting that negative cost savings would imply a -1 score.
    T Formula Hidden automatic calculation, no entry required. Cost Score adds 1 to the Cost Savings Score if the underlying initiative is within the budget.
    U, V, W Formula Hidden automatic calculation, no entry required. A score on a scale of 1 to 3 based on input of columns M, N, and O, where Low or Positive Impact is assigned a score of 3, Medium or No Impact a score of 2, and High or Negative Impact a score of 1.
    X Formula Hidden automatic calculation, no entry required. The rounding of the average of columns U, V, and W, adding 1 to the result if the initiative's approval falls within your accountability (column P).
    Y Formula Hidden automatic calculation, no entry required. The sum of columns T and X, adding 3 for Reduce Unwarranted IT Spending, and 1 to Optimize Cost-to-Value (column H).
    Z Formula Hidden automatic calculation, no entry required. Preliminary Priority Assessment based on the Define Priority Threshold worksheet (hidden, see next slide).

    Review the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Validate cost and feasibility estimates (columns I to P previously filled - steps 2.2 and 3.1) driving the Priority Score and Preliminary Priority Assessment.

    Template & Example

    Priority Threshold Rationale

    Excel Workbook: IT Cost Optimization - Define Priority Threshold

    Refer to the screenshot of the Define Priority Threshold worksheet below to understand the rationale behind the Priority Score and Priority Level:

    Priority Threshold Rationale

    Template & Example

    Estimate your timeline

    Excel Workbook: IT Cost Optimization - Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete timeline estimates for each workforce optimization initiative:

    Estimate your timeline

    Column ID Input Type Guidelines
    AA, AC Dropdown Select the quarter(s) in which you plan to begin and complete your initiative.
    AB, AD Dropdown Select the year(s) in which you plan to begin and complete your initiative.
    AE Dropdown Select the number of remaining quarters, in the current fiscal year, after you complete the initiative (0 to 4); based on columns AA to AD.
    AF Formula Automatic calculation, no entry required. Estimate of cost savings in the current fiscal year, based on the remaining quarters after implementation. The entry in column AE is divided by 4, and the result is multiplied by the related estimated cost savings per year (entry in column L).
    AG Dropdown Select if cost savings after the implementation of the underlying initiative will be Permanent or Temporary.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the appropriate quarter and year to start and complete the initiative.
    3. Identify the time remaining in your current budget cycle after the completion of the initiative.

    Template & Example

    Make your final decisions

    Excel Workbook: IT Cost Optimization - Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to assign the final priority for each workforce optimization initiative, and include it in your 12-month roadmap:

    Make your final decisions

    Column ID Row ID Input Type Guidelines
    AH - Dropdown Select your final priority decision after reviewing the preliminary priority assessment (column Z) and timeline estimates (columns AA to AG).
    AI - Dropdown Select whether you want to include the initiative in your 12-month roadmap (Yes or No).
    AK, AL 5 Formula Automatic calculation, no entry required. The total number of initiatives you decided to include in your 12-month roadmap; based on column AI when Yes is selected.
    AK, AL 6 Formula Automatic calculation, no entry required. Total estimated cost savings per year after the initiative's completion; based on column L when included in the 12-month roadmap (column AI when Yes is selected)
    AK, AL 7 Formula Automatic calculation, no entry required. Total estimated cost savings in the current fiscal year; based on column AF when included in the 12-month roadmap (column AI when Yes is selected)
    • Estimated cost savings per year refer to cost savings fully realized by the end of the upcoming fiscal year, following the initiatives' implementation.
    • Estimated cost savings in the current budget cycle, refer to cost savings partially realized in the current fiscal year, after the initiatives' implementation.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the final priority of the initiative.
    3. Decide whether you want to include the initiative in your 12-month roadmap.

    3.3 Develop your cost optimization roadmap

    1 hour

    1. Conduct a final evaluation of your timeline, priority decision, and initiatives you wish to include in your 12-month roadmap. Do they make sense, are they achievable, and do they all contribute individually and collectively to reaching your cost optimization goals?
    2. Review your 12-month roadmap outputs in the IT Cost Optimization Workbook (see next slides).
    3. Make adjustments to your 12-month roadmap by adding or removing initiatives as you deem necessary (step 3.2).
    4. Document your final roadmap - including initiatives and relative time frames for execution - in the IT Cost Optimization Roadmap templates provided (see slide 97). The 12-month roadmap outputs from the IT Cost Optimization Workbook (see next slide) can facilitate this task.

    Download the IT Cost Optimization Workbook

    Input Output
    • Outline Initiatives tab in the IT Cost Optimization Workbook, output from previous steps
    • IT Cost Optimization Roadmap
    Materials Participants
    • Outline Initiatives Charts tab in the IT Cost Optimization Workbook
    • Diagram Results tab in the IT Cost Optimization Workbook
    • List Results tab in the IT Cost Optimization Workbook
    • Timeline Result tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT financial lead
    • Other IT management

    Template & Example

    Potential Cost Savings Per Year

    Excel Workbook: IT Cost Optimization - Outline Initiatives Charts Worksheet

    Refer to the example below on charts depicting different views of estimated cost savings per year across the four optimization levers (Assets, Vendors, Project Portfolio, and Workforce) that could help you in your assessment and decision making.

    Potential cost savings per year

    From the Excel Workbook, after completing your potential initiatives and filling all related entries in the Outline Initiatives tab:

    1. Navigate to the Outline Initiatives Charts tab.
    2. Review each of the charts.
    3. Navigate back to the Outline Initiatives tab to examine, drill down, and amend individual initiative entries or final decisions as you deem necessary.

    Template & Example

    12-month Roadmap Outputs

    Excel Workbook: IT Cost Optimization - Diagram Results, List Results, and Timeline Result Worksheets

    Refer to the example below depicting different roadmap output that could help you in presentations, assessment, and decision making.

    12-month Roadmap Outputs

    From the Excel Workbook:

    1. Navigate to the Diagram Results tab. This bubble diagram represent cost optimization initiatives by objective where each bubble size is determined by its estimated cost saving per year.
    2. Navigate to the List Results tab. You will find a list of the cost optimizations initiatives you've chosen to include in your roadmap and related charts.
    3. Navigate to the Timeline Result tab. This Gantt chart is a timeline view of the cost optimizations initiatives you've chosen to include in your roadmap.

    Download the IT Cost Optimization Workbook

    IT cost optimization roadmap

    Phase 4

    Communicate and Execute

    Phase 1
    Understand Your Mandate and Objectives

    Phase 2
    Outline Your Cost Optimization Initiatives

    Phase 3
    Develop Your IT Cost Optimization Roadmap

    Phase 4
    Communicate and Execute

    This phase will walk you through the following activities:

    • Cost optimization communication plan
    • Cost optimization executive presentation

    This phase involves the following participants:

    • CIO/IT director
    • IT finance lead
    • PMO lead
    • Other IT management

    Build Your IT Cost Optimization Roadmap

    4.1 Build the communication plan

    45 to 60 minutes

    1. Use the Cost Optimization Communication Plan templates and guidance on the following slides.
    2. Complete the template to develop your communication plan for your cost optimization proposal and initiatives. At a minimum, it should include:
      1. Steps for preparing and presenting your proposal to decision-makers, sponsors, and other stakeholders, including named presenters and points of contact in IT.
      2. Checkpoints for communication throughout the execution of each initiative and the cost optimization roadmap overall, including target audiences, accountabilities, modes and methods of communication, type/scope of information to be communicated at each checkpoint, and any decision/approval steps.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Cost optimization roadmap
    • Completed draft of the Cost Optimization Communication Plan
    MaterialsParticipants
    • IT Cost Optimization Workbook
    • IT Cost Optimization Roadmap
    • Info-Tech's Cost Optimization Communication Plan template
    • CIO/IT director
    • IT financial lead
    • Other IT management

    Understand a communication strategy's purpose

    Put as much effort into developing your communication strategy as you would into planning and executing the cost optimization initiatives themselves. Don't skip this part.

    Your communication strategy has two major components ...

    1. A tactical plan for how and when you'll communicate with stakeholders about your proposals, activities, and progress toward meeting cost optimization goals.
    2. An executive or board presentation that outlines your final proposed cost optimization initiatives, their respective business cases, and resources/support required with the goal of gaining approval to execute.

    Your communication strategy will need to ...

    • Provide answers to the "What's in it for me?" question from all impacted stakeholders.
    • Roles, responsibilities, and accountabilities before, during, and after initiatives are completed.
    • Descriptions and high-level information about dates, deliverables, and impacts of the specific changes being made.

    You will also develop more detailed operational and project plans for each initiative. IT will use these plans to manage and track the execution of individual initiatives when the time comes.

    Template & Example

    Document the overall what and why of your planned communications

    Component Purpose Context Key Messages Intended Outcomes
    Definition Description of the topic and why you're communicating with this specific audience right now. Background information about the broader situation and how you got to where you are today. The main points you want your target audience to hear/read, absorb, and remember. What you hope you and your audience will get at the end of the communication or effort.
    Our Language
    • IT is proposing an organization-wide array of initiatives in order to reduce IT costs. We are seeking your approval and support to carry out these initiatives.
    • [Purpose]
    • The economy is in active downturn and may become a full recession.
    • IT is anticipating mandatory cost reductions and has opted to take a proactive position.
    • We used an analytical framework to look at all areas of the organization to identify and prioritize IT cost-reduction opportunities.
    • [Context]
    • IT is being proactive.
    • IT is sensitive to the business.
    • IT needs your support.
    • IT is committed to keeping you informed at every step.
    • IT wants to position the organization for rapid recovery when the economy improves.
    • [Message]
    • Buy-in, approval, and ongoing support for cost optimization initiatives proposed.
    • Update on the status of specific initiatives, including what's happened, progress, and what's coming next.
    • [Outcome]

    Template & Example

    Next, note the who, how, and when of your communication plan

    Stakeholder/Approver Initiatives Impact Format Time frame Messenger
    CEO
    • Reduce number of Minitab licenses
    • Defer hiring of new data architecture position
    • Cancel VR simulation project
    Indefinitely delays current strategic projects Monthly meeting discussion Last Wednesday of every month starting Oct. 26, FY1 CIO, IT data analytics project lead, IT VR project lead
    IT Steering Committee
    • Adjust service level framework and level assignments
    • Postpone purchases for network modernization
    • Postpone workstation/laptop upgrades for non-production functions
    • Outsource data analytics project
    Nearly all of these initiatives are enterprise-wide or affect multiple departments. Varying direct and indirect impacts will need to be independently communicated for each initiative if approved by the ITS.

    Formal presentation at quarterly ITS meetings

    Monthly progress updates via email bulletin

    Approval presentation: Oct. 31, FY1

    Quarterly updates: Jan. 31, Apr. 28, and Jul. 28, FY2

    CIO, IT service director, IT infrastructure director, IT data analytics project lead
    VP of Sales
    • Pause Salesforce view redesign project
    Delays new sales tool efficiency improvement. Meeting discussion Nov. FY1 CIO, IT Salesforce view redesign project lead
    [Name/Title/Group]
    • [Initiative]
    • [Initiative]
    [Impact statement] [Format] [Date/Period] [Name/Title]
    [Name/Title/Group]
    • [Initiative]
    • [Initiative]
    [Impact statement] [Format] [Date/Period] [Name/Title]
    [Name/Title/Group]
    • [Initiative]
    • [Initiative]
    [Impact statement] [Format] [Date/Period] [Name/Title]

    4.2 Build the executive presentation

    45-60 minutes

    1. Download Info-Tech's IT Cost Optimization Roadmap Samples and Templates.
    2. Update the content with the outputs of your cost optimization roadmap and data/graph elements from the IT Cost Optimization Workbook. Refer to your organization's standards and norms for executive-level presentations and adapt accordingly.

    Download IT Cost Optimization Roadmap Samples and Templates

    Input Output
    • IT Cost Optimization Roadmap
    • IT Cost Optimization Workbook
    • Completed draft of the IT Cost Optimization Executive Presentation
    Materials Participants
    • IT Cost Optimization Workbook
    • IT Cost Optimization Roadmap Samples and Templates
    • CIO/IT directors
    • IT financial lead
    • Other IT management

    Summary of Accomplishment

    Congratulations! You now have an IT cost optimization strategy and a communication plan.

    Throughout this blueprint, you have:

    1. Identified your IT mandate and cost optimization journey.
    2. Outlined your initiatives across the four levers (assets, vendors, project portfolio, and workforce).
    3. Put together a 12-month IT cost optimization roadmap.
    4. Developed a communication strategy and crafted an executive presentation - your initial step to communicate and discuss IT cost optimization initiatives with your key stakeholders.

    What's next?

    Communicate with your stakeholders, then follow your internal project policies and procedures to get the necessary approvals as required. Once obtained, you can start the execution and implementation of your IT cost optimization strategy.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com
    1-888-670-8889

    Research Contributors and Experts

    Jennifer Perrier, Principal Research Director, IT Financial Management

    Jennifer Perrier
    Principal Research Director, IT Financial Management
    Info-Tech Research Group

    Jack Hakimian, Senior Vice President, Research Development

    Jack Hakimian
    Senior Vice President, Research Development
    Info-Tech Research Group

    Graham Price, Senior Executive Counselor, Executive Services

    Graham Price
    Senior Executive Counselor, Executive Services
    Info-Tech Research Group

    Travis Duncan, Research Director, Project & Portfolio Management

    Travis Duncan
    Research Director, Project & Portfolio Management
    Info-Tech Research Group

    Dave Kish, Practice Lead, IT Financial Management

    Dave Kish
    Practice Lead, IT Financial Management
    Info-Tech Research Group

    Baird Miller, PhD, Senior Executive Advisor, Executive Services

    Baird Miller, PhD
    Senior Executive Advisor, Executive Services
    Info-Tech Research Group

    Other Research Contributors and Experts

    Monica Braun
    Research Director, IT Financial Management
    Info-Tech Research Group

    Sandi Conrad
    Principal Advisory Director, Infrastructure & Operations
    Info-Tech Research Group

    Phil Bode
    Principal Advisory Director, Vendor Management
    Info-Tech Research Group

    Donna Glidden
    Advisory Director, Vendor Management
    Info-Tech Research Group

    Barry Cousins
    Distinguished Analyst & Research Fellow
    Info-Tech Research Group

    Andrew Sharp
    Research Director, Infrastructure & Operations Practice
    Info-Tech Research Group

    Frank Sewell
    Advisory Director, Vendor Management
    Info-Tech Research Group

    Related Info-Tech Research

    Achieve IT Spend & Staffing Transparency
    Most CIOs, CFOs, and business function leaders don't enjoy a shared vocabulary when it comes to talking about technology spend. As a result, truly meaningful conversations about where and how to spend technology funds in support of business goals are rare. Enable these important conversations by transparently mapping your IT spend data against four key stakeholder views.

    Reduce Shadow IT With a Service Request Catalog
    As the business gets more innovative to solve its problems, IT finds itself in reactive mode, dealing with software bloat, managing surprise SaaS renewals, and having to integrate products that they didn't know were purchased. To solve this, IT needs to focus on service and visibility to counter Shadow IT.

    Bibliography

    "A Short Guide to Structured Cost Reduction." National Audit Office, 18 June 2010. Web.

    "IT Cost Savings: A Guide to Application Rationalization." LeanIX, 2021. Web.

    Jouravlev, Roman. "Service Financial Management: ITIL 4 Practice Guide." Axelos, 30 April 2020. Web.

    Leinwand, Paul, and Vinay Couto. "How to Cut Costs More Strategically." Harvard Business Review, March 2017. Web.

    "Role & Influence of the Technology Decision-Maker 2022." Foundry, 2022. Web.

    "State of the CIO 2022." CIO, 2022. Web.

    "The Definitive Guide to IT Cost Optimization." LeanIX, n.d. Web.

    "Understand the Principles of Cost Optimization." Google Cloud, n.d. Web.

    Proactively Identify and Mitigate Vendor Risk

    • Buy Link or Shortcode: {j2store}227|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management
    • IT priorities are focused on daily tasks, pushing risk management to secondary importance and diverging from a proactive environment.
    • IT leaders are relying on an increasing number of third-party technology vendors and outsourcing key functions to meet the rapid pace of change within IT.
    • Risk levels can fluctuate over the course of the partnership, requiring manual process checks and/or automated solutions.

    Our Advice

    Critical Insight

    • Every IT vendor carries risks that have business implications. These legal, financial, security, and operational risks could inhibit business continuity and IT can’t wait until an issue arises to act.
    • Making intelligent decisions about risks without knowing what their financial impact will be is difficult. Risk impact must be quantified.
    • You don’t know what you don’t know, and what you don’t know, can hurt you. To find hidden risks, you must use a structured risk identification method.

    Impact and Result

    • A thorough risk assessment in the selection phase is your first line of defense. If you follow the principles of vendor risk management, you can mitigate collateral losses following an adverse event.
    • Make a conscious decision whether to accept the risk based on time, priority, and impact. Spend the required time to correctly identify and enact defined vendor management processes that determine spend categories and appropriately evaluate potential and preferred suppliers. Ensure you accurately assess the partnership potential.
    • Take a proactive stance against IT threats and vulnerabilities by identifying and assessing IT’s most significant risks before they happen.

    Proactively Identify and Mitigate Vendor Risk Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how to create a vendor risk management program that minimizes your organization’s vulnerability and mitigates adverse scenarios.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Review vendor risk fundamentals and establish governance

    Review IT vendor risk fundamentals and establish a risk governance framework.

    • Proactively Identify and Mitigate Vendor Risk – Phase 1: Review Vendor Risk Fundamentals and Establish Governance
    • Vendor Risk Management Maturity Assessment Tool
    • Vendor Risk Management Program Manual
    • Risk Event Action Plan

    2. Assess vendor risk and define your response strategy

    Categorize, prioritize, and assess your vendor risks. Follow up with creating effective response strategies.

    • Proactively Identify and Mitigate Vendor Risk – Phase 2: Assess Vendor Risk and Define Your Response Strategy
    • Vendor Classification Model Tool
    • Vendor Risk Profile and Assessment Tool
    • Risk Costing Tool
    • Risk Register Tool

    3. Monitor, communicate, and improve IT vendor risk process

    Assign accountability and responsibilities to formalize ongoing risk monitoring. Communicate your findings to management and share the plan moving forward.

    • Proactively Identify and Mitigate Vendor Risk – Phase 3: Monitor, Communicate, and Improve IT Vendor Risk Process
    • Risk Report
    [infographic]

    Workshop: Proactively Identify and Mitigate Vendor Risk

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Prepare for the Workshop

    The Purpose

    To prepare the team for the workshop.

    Key Benefits Achieved

    Avoids delays and interruptions once the workshop is in progress.

    Activities

    1.1 Send workshop agenda to all participants.

    1.2 Prepare list of vendors and review any contracts provided by them.

    1.3 Review current risk management process.

    Outputs

    All necessary participants assembled

    List of vendors and vendor contracts

    Understanding of current risk management process

    2 Review Vendor Risk Fundamentals and Establish Governance

    The Purpose

    Review IT vendor risk fundamentals.

    Assess current maturity and set risk management program goals.

    Engage stakeholders and establish a risk governance framework.

    Key Benefits Achieved

    Understanding of organizational risk culture and the corresponding risk threshold.

    Obstacles to effective IT risk management identified.

    Attainable goals to increase maturity established.

    Understanding of the gap to achieve vendor risk readiness.

    Activities

    2.1 Brainstorm vendor-related risks.

    2.2 Assess current program maturity.

    2.3 Identify obstacles and pain points.

    2.4 Develop risk management goals.

    2.5 Develop key risk indicators (KRIs) and escalation protocols.

    2.6 Gain stakeholders’ perspective.

    Outputs

    Vendor risk management maturity assessment

    Goals for vendor risk management

    Stakeholders’ opinions

    3 Assess Vendor Risk and Define Your Response Strategy

    The Purpose

    Categorize vendors.

    Prioritize assessed risks.

    Key Benefits Achieved

    Risk events prioritized according to risk severity – as defined by the business.

    Activities

    3.1 Categorize vendors.

    3.2 Map vendor infrastructure.

    3.3 Prioritize vendors.

    3.4 Identify risk contributing factors.

    3.5 Assess risk exposure.

    3.6 Calculate expected cost.

    3.7 Identify risk events.

    3.8 Input risks into the Risk Register Tool.

    Outputs

    Vendors classified and prioritized

    Vendor risk exposure

    Expected cost calculation

    4 Assess Vendor Risk and Define Your Response Strategy (continued)

    The Purpose

    Determine risk threshold and contract clause relating to risk prevention.

    Identify and assess risk response actions.

    Key Benefits Achieved

    Thorough analysis has been conducted on the value and effectiveness of risk responses for high-severity risk events.

    Risk response strategies have been identified for all key risks.

    Authoritative risk response recommendations can be made to senior leadership.

    Activities

    4.1 Determine the threshold for (un)acceptable risk.

    4.2 Match elements of the contract to related vendor risks.

    4.3 Identify and assess risk responses.

    Outputs

    Thresholds for (un)acceptable risk

    Risk responses

    5 Monitor, Communicate, and Improve IT Vendor Risk Process

    The Purpose

    Communicate top risks to management.

    Assign accountabilities and responsibilities for risk management process.

    Establish monitoring schedule.

    Key Benefits Achieved

    Risk monitoring responsibilities are established.

    Transparent accountabilities and established ongoing improvement of the vendor risk management program.

    Activities

    5.1 Create a stakeholder map.

    5.2 Complete RACI chart.

    5.3 Establish the reporting schedule.

    5.4 Finalize the vendor risk management program.

    Outputs

    Stakeholder map

    Assigned accountability for risk management

    Established monitoring schedule

    Risk report

    Vendor Risk Management Program Manual

    Establish an Analytics Operating Model

    • Buy Link or Shortcode: {j2store}339|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $8,449 Average $ Saved
    • member rating average days saved: 6 Average Days Saved
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management
    • Organizations are struggling to understand what's involved in the analytics developer lifecycle to generate reusable insights faster.
    • Discover what it takes to become a citizen analytics developer. Identify the proper way to enable self-serve analytics.
    • Self-serve business intelligence/analytics is misunderstood and confusing to the business, especially with regards to the roles and responsibilities of IT and the business.
    • End users are dissatisfied due to a lack of access to the data and the absence of a single source of truth.

    Our Advice

    Critical Insight

    Organizations that take data seriously should:

    • Decouple processes in which data is separated from business processes and elevate the visibility of the organization's data assets.
    • Leverage a secure platform where data can be easily exchanged for insights generation.
    • Create density for analytics where resources are mobilized around analytics ideas to generate value.

    Analytics is a journey, not a destination. This journey can eventually result in some level of sophisticated AI/machine learning in your organization. Every organization needs to mobilize its resources and enhance its analytics capabilities to quickly and incrementally add value to data products and services. However, most organizations fail to mobilize their resources in this way.

    Impact and Result

    • Firms become more agile when they realize efficiencies in their analytics operating models and can quickly implement reusable analytics.
    • IT becomes more flexible and efficient in understanding the business' data needs and eliminates redundant processes.
    • Trust in data-driven decision making goes up with collaboration, engagement, and transparency.
    • There is a clear path to continuous improvement in analytics.

    Establish an Analytics Operating Model Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief that outlines Info-Tech’s methodology for assessing the business' analytics needs and aligning your data governance, capabilities, and organizational structure to deliver analytics faster.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define your analytics needs

    This phase helps you understand your organization's data landscape and current analytics environment so you gain a deeper understanding of your future analytics needs.

    • Establish an Analytics Operating Model – Phase 1: Define Your Analytics Needs

    2. Establish an analytics operating model

    This phase introduces you to data operating model frameworks and provides a step-by-step guide on how to capture the right analytics operating model for your organization.

    • Establish an Analytics Operating Model – Phase 2: Establish an Analytics Operating Model
    • Analytics Operating Model Building Tool

    3. Implement your operating model

    This phase helps you implement your chosen analytics operating model, as well as establish an engagement model and communications plan.

    • Establish an Analytics Operating Model – Phase 3: Implement Your Analytics Operating Model
    [infographic]

    Workshop: Establish an Analytics Operating Model

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Your Analytics Needs

    The Purpose

    Achieve a clear understanding and case for data analytics.

    Key Benefits Achieved

    A successful analytics operating model starts with a good understanding of your analytical needs.

    Activities

    1.1 Review the business context.

    1.2 Understand your analytics needs.

    1.3 Draft analytics ideas and use cases.

    1.4 Capture minimum viable analytics.

    Outputs

    Documentation of analytics products and services

    2 Perform an Analytics Capability Assessment

    The Purpose

    Achieve a clear understanding of your organization's analytics capability and mapping across organizational functions.

    Key Benefits Achieved

    Understand your organization's data landscape and current analytics environment to gain a deeper understanding of your future analytics needs.

    Activities

    2.1 Capture your analytics capabilities.

    2.2 Map capabilities to a hub-and-spoke model.

    2.3 Document operating model results.

    Outputs

    Capability assessment results

    3 Establish an Analytics Operating Model

    The Purpose

    Capture the right analytics operating model for your organization.

    Key Benefits Achieved

    Explore data operating model frameworks.

    Capture the right analytics operating model for your organization using a step-by-step guide.

    Activities

    3.1 Discuss your operating model results.

    3.2 Review your organizational structure’s pros and cons.

    3.3 Map resources to target structure.

    3.4 Brainstorm initiatives to develop your analytics capabilities.

    Outputs

    Target operating model

    4 Implement Your Analytics Operating Model

    The Purpose

    Formalize your analytics organizational structure and prepare to implement your chosen analytics operating model.

    Key Benefits Achieved

    Implement your chosen analytics operating model.

    Establish an engagement model and communications plan.

    Activities

    4.1 Document your target organizational structure and RACI.

    4.2 Establish an analytics engagement model.

    4.3 Develop an analytics communications plan.

    Outputs

    Reporting and analytics responsibility matrix (RACI)

    Analytics engagement model

    Analytics communications plan

    Analytics organizational chart

    First 30 Days Pandemic Response Plan

    • Buy Link or Shortcode: {j2store}418|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: DR and Business Continuity
    • Parent Category Link: /business-continuity
    • Given the speed and scope of the spread of the pandemic, governments are responding with changes almost daily as to what organizations and people can and can’t do. This volatility and uncertainty challenges organizations to respond, particularly in the absence of a business continuity or crisis management plan.

    Our Advice

    Critical Insight

    • Assess the risk to and viability of your organization in order to create appropriate action and communication plans quickly.

    Impact and Result

    • HR departments must be directly involved in developing the organization’s pandemic response plan. Use Info-Tech's Risk and Viability Matrix and uncover the crucial next steps to take during the first 30 days of the COVID-19 pandemic.

    First 30 Days Pandemic Response Plan Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Create a response plan for the first 30 days of a pandemic

    Manage organizational risk and viability during the first 30 days of a crisis.

    • First 30 Days Pandemic Response Plan Storyboard
    • Crisis Matrix Communications Template: Business As Usual
    • Crisis Matrix Communications Template: Organization Closing
    • Crisis Matrix Communications Template: Manage Risk and Leverage Resilience
    • Crisis Matrix Communications Template: Reduce Labor and Mitigate Risk
    [infographic]

    Build Your BizDevOps Playbook

    • Buy Link or Shortcode: {j2store}177|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • Today’s rapidly scaling and increasingly complex products create mounting pressure on delivery teams to release new features and changes quickly and with sufficient quality.
    • Many organizations see BizDevOps as a solution to help meet this demand. However, they often lack the critical cross-functional collaboration and team-sport culture that are critical for success.
    • The industry provides little consensus and guidance on how to prepare for the transition to BizDevOps.

    Our Advice

    Critical Insight

    • BizDevOps is cultural, not driven by tools. It is about delivering high-quality and valuable releases to stakeholders through collective ownership, continuous collaboration, and team-first behaviors supported by tools.
    • BizDevOps begins with a strong foundation in five key areas. The crux of successful BizDevOps is centered on the strategic adoption and optimization of building great requirements, collaborative practices, iterative delivery, application management, and high-fidelity environments.
    • Teams take STOCK of what it takes to collaborate effectively. Teams and stakeholders must show up, trust the delivery method and people, orchestrate facilitated activities, clearly communicate and knowledge share every time they collaborate.

    Impact and Result

    • Bring the right people to the table. BizDevOps brings significant organizational, process and technology changes to improve delivery effectiveness. Include the key roles in the definition and validation of your BizDevOps vision and practices.
    • Focus on the areas that matter. Review your current circumstances and incorporate the right practices that addresses your key challenges and blockers to becoming BizDevOps.
    • Build your BizDevOps playbook. Gain a broad understanding of the key plays and practices that makes a successful BizDevOps organization. Verify and validate these practices in order to tailor them to your context. Keep your playbook live.

    Build Your BizDevOps Playbook Research & Tools

    Start here – read the Executive Brief

    Find out why you should implement BizDevOps, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Get started with BizDevOps

    Set the right expectations with your stakeholders and define the context of your BizDevOps implementation.

    • Build Your BizDevOps Playbook – Phase 1: Get Started With BizDevOps
    • BizDevOps Playbook

    2. Tailor your BizDevOps playbook

    Tailor the plays in your BizDevOps playbook to your circumstances and vision.

    • Build Your BizDevOps Playbook – Phase 2: Tailor Your BizDevOps Playbook
    [infographic]

    Workshop: Build Your BizDevOps Playbook

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Set Your Expectations

    The Purpose

    Discuss the goals of your BizDevOps playbook.

    Identify the various perspectives who should be included in the BizDevOps discussion.

    Level set expectations of your BizDevOps implementation.

    Key Benefits Achieved

    Identification of the key roles who should be included in the BizDevOps discussion.

    Learning of key practices to support your BizDevOps vision and goals.

    Your vision of BizDevOps in your organization.

    Activities

    1.1 Define BizDevOps.

    1.2 Understand your key stakeholders.

    1.3 Define your objectives.

    Outputs

    Your BizDevOps definition

    List of BizDevOps stakeholders

    BizDevOps vision and objectives

    2 Set the Context

    The Purpose

    Understand the various methods to initiate the structuring of facilitated collaboration.

    Share a common way of thinking and behaving with a set of principles.

    Focus BizDevOps adoption on key areas of software product delivery.

    Key Benefits Achieved

    A chosen collaboration method (Scrum, Kanban, Scrumban) to facilitate collaboration

    A mutually understanding and beneficial set of guiding principles

    Areas where BizDevOps will see the most benefit

    Activities

    2.1 Select your foundation method.

    2.2 Define your guiding principles.

    2.3 Focus on the areas that matter.

    Outputs

    Chosen collaboration model

    List of guiding principles

    High-level assessment of delivery practices and its fit for BizDevOps

    3 Tailor Your BizDevOps Playbook

    The Purpose

    Review the good practices within Info-Tech’s BizDevOps Playbook.

    Tailor your playbook to reflect your circumstances.

    Key Benefits Achieved

    Understanding of the key plays involved in product delivery

    Product delivery plays that reflect the challenges and opportunities of your organization and support your BizDevOps vision

    Activities

    3.1 Review and tailor the plays in your playbook

    Outputs

    High-level discussion of key product delivery plays and its optimization to support BizDevOps

    Bring Visibility to Your Day-to-Day Projects

    • Buy Link or Shortcode: {j2store}444|cart{/j2store}
    • member rating overall impact (scale of 10): 9.8/10 Overall Impact
    • member rating average dollars saved: $9,649 Average $ Saved
    • member rating average days saved: 24 Average Days Saved
    • Parent Category Name: Portfolio Management
    • Parent Category Link: /portfolio-management
    • As an IT leader, you are responsible for getting new things done while keeping the old things running. These “new things” can come in many forms, e.g. service requests, incidents, and officially sanctioned PMO projects, as well as a category of “unofficial” projects that have been initiated through other channels.
    • These unofficial projects get called many things by different organizations (e.g. level 0 projects,BAU projects, non-PMO projects, day-to-day projects), but they all have the similar characteristics: they are smaller and less complex than larger projects or officially sanctioned projects; they are larger and more risky than operational tasks or incidents; and they are focused on the needs of a specific functional unit and tend to stay within those units to get done.
    • Because these day-to-day projects are small, emergent, team-specific, operationally vital, yet generally perceived as being strategically unimportant, top-level leadership has a limited understanding of them when they are approving and prioritizing major projects. As a result, they approve projects with no insight into how your team’s capacity is already stretched thin by existing demands.

    Our Advice

    Critical Insight

    • Senior leadership cannot contrast the priority of things that are undocumented. As an IT leader, you need to ensure day-to-day projects receive the appropriate amount of documentation without drowning your team in a process that the types of project don’t warrant.
    • Don’t bleed your project capacity dry by leaving the back door open. When executive oversight took over the strategic portfolio, we assumed they’d resource those projects as a priority. Instead, they focused on “alignment,” “strategic vision,” and “go to market” while failing to secure and defend the resource capacity needed. To focus on the big stuff, you need to sweat the small stuff.

    Impact and Result

    • Develop a method to consistently identify and triage day-to-day projects across functional teams in a standard and repeatable way.
    • Establish a way to balance and prioritize the operational necessity of day-to-day projects against the strategic value of major projects.
    • Build a repeatable process to document and report where the time goes across all given pockets of demand your team faces.

    Bring Visibility to Your Day-to-Day Projects Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should put more portfolio management structure around your day-to-day projects, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Uncover your organization’s hidden pockets of day-to-day projects

    Define an organizational standard for identifying day-to-day projects and triaging them in relation to other categories of projects.

    • Bring Visibility to Your Day-to-Day Projects – Phase 1: Uncover Your Organization’s Hidden Pockets of Day-to-Day Projects
    • Day-to-Day Project Definition Tool
    • Day-to-Day Project Supply/Demand Calculator

    2. Establish ongoing day-to-day project visibility

    Build a process for maintaining reliable day-to-day project supply and demand data.

    • Bring Visibility to Your Day-to-Day Projects – Phase 2: Establish Ongoing Day-to-Day Project Visibility
    • Day-to-Day Project Process Document
    • Day-to-Day Project Intake and Prioritization Tool
    [infographic]

    Workshop: Bring Visibility to Your Day-to-Day Projects

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Analyze the Current State of Day-to-Day Projects

    The Purpose

    Assess the current state of project portfolio management and establish a realistic target state for the management of day-to-day projects.

    Key Benefits Achieved

    Realistic and well-informed workshop goals.

    Activities

    1.1 Begin with introductions and workshop expectations activity.

    1.2 Perform PPM SWOT analysis.

    1.3 Assess pain points and analyze root causes.

    Outputs

    Realistic workshop goals and expectations

    PPM SWOT analysis

    Root cause analysis

    2 Establish Portfolio Baselines for Day-to-Day Projects

    The Purpose

    Establish a standard set of baselines for day-to-day projects that will help them to be identified and managed in the same way across different functional teams.

    Key Benefits Achieved

    Standardization of project definitions and project value assessments across different functional teams.

    Activities

    2.1 Formalize the definition of a day-to-day project and establish project levels.

    2.2 Develop a project value scorecard for day-to-day projects.

    2.3 Analyze the capacity footprint of day-to-day projects.

    Outputs

    Project identification matrix

    Project value scorecard

    A capacity overview to inform baselines

    3 Build a Target State Process for Day-to-Day Projects

    The Purpose

    Establish a target state process for tracking and monitoring day-to-day projects at the portfolio level.

    Key Benefits Achieved

    Standardization of how day-to-day projects are managed and reported on across different functional teams.

    Activities

    3.1 Map current state workflows for the intake and resource management practices (small and large projects).

    3.2 Perform a right-wrong-missing-confusing analysis.

    3.3 Draft a target state process for the initiation of day-to-day projects and for capacity planning.

    Outputs

    Current state workflows

    Right-wrong-missing-confusing analysis

    Target state workflows

    4 Prepare to Implement Your New Processes

    The Purpose

    Start to plan the implementation of your new processes for the portfolio management of day-to-day projects.

    Key Benefits Achieved

    An implementation plan, complete with communication plans, timelines, and goals.

    Activities

    4.1 Perform a change impact and stakeholder management analysis.

    4.2 Perform a start-stop-continue activity.

    4.3 Define an implementation roadmap.

    Outputs

    Change impact and stakeholder analyses

    Start-stop-continue retrospective

    Implementation roadmap

    Slash Spending by Optimizing Your Software Maintenance and Support

    • Buy Link or Shortcode: {j2store}217|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management
    • Perpetual software maintenance (SW M&S) is an annual budget cost that increases almost yearly. You don’t really know if there is value in it, if its required by the vendor, or if there are opportunities for cost savings.
    • Most organizations never reap the full benefits of software M&S. They blindly send renewal fees to the vendor every year without validating their needs or the value of the maintenance. In addition, your vendor maintenance may be under contract and you aren’t sure what the obligations are for both parties.

    Our Advice

    Critical Insight

    • Analyzing the benefits contained within a vendor’s software M&S will provide the actual cost value of the M&S and whether there are critical support requirements vs. “nice to have” benefits.
    • Understanding the value and your requirement for M&S will allow you to make an informed decision on how best to optimize and reduce your annual software M&S spend.
    • Use a holistic approach when looking to reduce your software M&S spend. Review the entire portfolio for targeted reduction that will result in short- and long-term savings.
    • When targeting vendors to negotiate M&S price or coverage reduction, engaging them three to six months in advance of renewal will provide you with more time to effectively negotiate and not fall to the pressure of time.

    Impact and Result

    • Reduce annual costs for software maintenance and support.
    • Complete a value of investment (VOI) analysis of your software M&S for strategic vendors.
    • Maximize value of the software M&S by using all the benefits being paid for.
    • Right-size support coverage for your requirements.
    • Prioritize software vendors to target for cost reduction and optimization.

    Slash Spending by Optimizing Your Software Maintenance and Support Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how to prioritize your software vendors and effectively target M&S for reduction, optimization, or elimination.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Evaluate

    Evaluate what software maintenance you are spending money.

    • Slash Spending by Optimizing Your Software Maintenance and Support – Phase 1: Evaluate
    • Software M&S Inventory and Prioritization Tool

    2. Establish

    Establish your software M&S requirements and coverage.

    • Slash Spending by Optimizing Your Software Maintenance and Support – Phase 2: Establish
    • Software Vendor Classification Tool

    3. Optimize

    Optimize your M&S spend, reduce or eliminate, where applicable.

    • Slash Spending by Optimizing Your Software Maintenance and Support – Phase 3: Optimize
    • Software M&S Value of Investment Tool
    • Software M&S Cancellation Decision Guide
    • Software M&S Executive Summary Template
    • Software M&S Cancellation Support Template
    [infographic]

    Build an Application Integration Strategy

    • Buy Link or Shortcode: {j2store}198|cart{/j2store}
    • member rating overall impact (scale of 10): 8.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Enterprise Integration
    • Parent Category Link: /enterprise-integration
    • Even though organizations are now planning for Application Integration (AI) in their projects, very few have developed a holistic approach to their integration problems resulting in each project deploying different tactical solutions.
    • Point-to-point and ad hoc integration solutions won’t cut it anymore: the cloud, big data, mobile, social, and new regulations require more sophisticated integration tooling.
    • Loosely defined AI strategies result in point solutions, overlaps in technology capabilities, and increased maintenance costs; the correlation between business drivers and technical solutions is lost.

    Our Advice

    Critical Insight

    • Involving the business in strategy development will keep them engaged and align business drivers with technical initiatives.
    • An architectural approach to AI strategy is critical to making appropriate technology decisions and promoting consistency across AI solutions through the use of common patterns.
    • Get control of your AI environment with an appropriate architecture, including policies and procedures, before end users start adding bring-your-own-integration (BYOI) capabilities to the office.

    Impact and Result

    • Engage in a formal AI strategy and involve the business when aligning business goals with AI value; each double the AI success rate.
    • Benefits from a formal AI strategy largely depend on how gaps will be filled.
    • Create an Integration Center of Competency for maintaining architectural standards and guidelines.
    • AI strategies are continuously updated as new business drivers emerge from changing business environments and/or essential technologies.

    Build an Application Integration Strategy Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Make the Case for AI Strategy

    Obtain organizational buy-in and build a standardized and formal AI blueprint.

    • Storyboard: Build an Application Integration Strategy

    2. Assess the organization's readiness for AI

    Assess your people, process, and technology for AI readiness and realize areas for improvement.

    • Application Integration Readiness Assessment Tool

    3. Develop a Vision

    Fill the required AI-related roles to meet business requirements

    • Application Integration Architect
    • Application Integration Specialist

    4. Perform a Gap Analysis

    Assess the appropriateness of AI in your organization and identify gaps in people, processes, and technology as it relates to AI.

    • Application Integration Appropriateness Assessment Tool

    5. Build an AI Roadmap

    Compile the important information and artifacts to include in the AI blueprint.

    • Application Integration Strategy Template

    6. Build the Integration Blueprint

    Keep a record of services and interfaces to reduce waste.

    • Integration Service Catalog Template

    Infographic

    Workshop: Build an Application Integration Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Make the Case for AI Strategy

    The Purpose

    Uncover current and future AI business drivers, and assess current capabilities.

    Key Benefits Achieved

    Perform a current state assessment and create a future vision.

    Activities

    1.1 Identify Current and Future Business Drivers

    1.2 AI Readiness Assessment

    1.3 Integration Service Catalog Template

    Outputs

    High-level groupings of AI strategy business drivers.

    Determine the organization’s readiness for AI, and identify areas for improvement.

    Create a record of services and interfaces to reduce waste.

    2 Know Current Environment

    The Purpose

    Identify building blocks, common patterns, and decompose them.

    Key Benefits Achieved

    Develop an AI Architecture.

    Activities

    2.1 Integration Principles

    2.2 High-level Patterns

    2.3 Pattern decomposition and recomposition

    Outputs

    Set general AI architecture principles.

    Categorize future and existing interactions by pattern to establish your integration framework.

    Identification of common functional components across patterns.

    3 Perform a Gap Analysis

    The Purpose

    Analyze the gaps between the current and future environment in people, process, and technology.

    Key Benefits Achieved

    Uncover gaps between current and future capabilities and determine if your ideal environment is feasible.

    Activities

    3.1 Gap Analysis

    Outputs

    Identify gaps between the current environment and future AI vision.

    4 Build a Roadmap for Application Integration

    The Purpose

    Define strategic initiatives, know your resource constraints, and use a timeline for planning AI.

    Key Benefits Achieved

    Create a plan of strategic initiatives required to close gaps.

    Activities

    4.1 Identify and prioritize strategic initiatives

    4.2 Distribute initiatives on a timeline

    Outputs

    Use strategic initiatives to build the AI strategy roadmap.

    Establish when initiatives are going to take place.

    Reduce Manual Repetitive Work With IT Automation

    • Buy Link or Shortcode: {j2store}458|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $34,099 Average $ Saved
    • member rating average days saved: 2 Average Days Saved
    • Parent Category Name: Operations Management
    • Parent Category Link: /i-and-o-process-management
    • IT staff are overwhelmed with manual repetitive work.
    • You have little time for projects.
    • You cannot move as fast as the business wants.

    Our Advice

    Critical Insight

    • Optimize before you automate.
    • Foster an engineering mindset.
    • Build a process to iterate.

    Impact and Result

    • Begin by automating a few tasks with the highest value to score quick wins.
    • Define a process for rolling out automation, leveraging SDLC best practices.
    • Determine metrics and continually track the success of the automation program.

    Reduce Manual Repetitive Work With IT Automation Research & Tools

    Start here – read the Executive Brief

    Read this Executive Brief to understand why you should reduce manual repetitive work with IT automation.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify automation candidates

    Select the top automation candidates to score some quick wins.

    • Reduce Manual Repetitive Work With IT Automation – Phase 1: Identify Automation Candidates
    • IT Automation Presentation
    • IT Automation Worksheet

    2. Map and optimize process flows

    Map and optimize process flows for each task you wish to automate.

    • Reduce Manual Repetitive Work With IT Automation – Phase 2: Map & Optimize Process Flows

    3. Build a process for managing automation

    Build a process around managing IT automation to drive value over the long term.

    • Reduce Manual Repetitive Work With IT Automation – Phase 3: Build a Process for Managing Automation

    4. Build automation roadmap

    Build a long-term roadmap to enhance your organization's automation capabilities.

    • Reduce Manual Repetitive Work With IT Automation – Phase 4: Build Automation Roadmap
    • IT Automation Roadmap
    [infographic]

    Workshop: Reduce Manual Repetitive Work With IT Automation

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify Automation Candidates

    The Purpose

    Identify top candidates for automation.

    Key Benefits Achieved

    Plan to achieve quick wins with automation for early value.

    Activities

    1.1 Identify MRW pain points.

    1.2 Drill down pain points into tasks.

    1.3 Estimate the MRW involved in each task.

    1.4 Rank the tasks based on value and ease.

    1.5 Select top candidates and define metrics.

    1.6 Draft project charters.

    Outputs

    MRW pain points

    MRW tasks

    Estimate of MRW involved in each task

    Ranking of tasks for suitability for automation

    Top candidates for automation & success metrics

    Project charter(s)

    2 Map & Optimize Processes

    The Purpose

    Map and optimize the process flow of the top candidate(s).

    Key Benefits Achieved

    Requirements for automation of the top task(s).

    Activities

    2.1 Map process flows.

    2.2 Review and optimize process flows.

    2.3 Clarify logic and finalize future-state process flows.

    Outputs

    Current-state process flows

    Optimized process flows

    Future-state process flows with complete logic

    3 Build a Process for Managing Automation

    The Purpose

    Develop a lightweight process for rolling out automation and for managing the automation program.

    Key Benefits Achieved

    Ability to measure and to demonstrate success of each task automation, and of the program as a whole.

    Activities

    3.1 Kick off your test plan for each automation.

    3.2 Define process for automation rollout.

    3.3 Define process to manage your automation program.

    3.4 Define metrics to measure success of your automation program.

    Outputs

    Test plan considerations

    Automation rollout process

    Automation program management process

    Automation program metrics

    4 Build Automation Roadmap

    The Purpose

    Build a roadmap to enhance automation capabilities.

    Key Benefits Achieved

    A clear timeline of initiatives that will drive improvement in the automation program to reduce MRW.

    Activities

    4.1 Build a roadmap for next steps.

    Outputs

    IT automation roadmap

    Further reading

    Reduce Manual Repetitive Work With IT Automation

    Free up time for value-adding jobs.

    ANALYST PERSPECTIVE

    Automation cuts both ways.

    Automation can be very, very good, or very, very bad.
    Do it right, and you can make your life a whole lot easier.
    Do it wrong, and you can suffer some serious pain.
    All too often, automation is deployed willy-nilly, without regard to the overall systems or business processes in which it lives.
    IT professionals should follow a disciplined and consistent approach to automation to ensure that they maximize its value for their organization.

    Derek Shank,
    Research Analyst, Infrastructure & Operations
    Info-Tech Research Group

    Executive summary

    Situation

    • IT staff are overwhelmed with manual repetitive work.
    • You have little time for projects.
    • You cannot move as fast as the business wants.

    Complication

    • Automation is simple to say, but hard to implement.
    • Vendors claim automation will solve all your problems.
    • You have no process for managing automation.

    Resolution

    • Begin by automating a few tasks with the highest value to score quick wins.
    • Define a process for rolling out automation, leveraging SDLC best practices.
    • Determine metrics and continually track the success of the automation program.

    Info-Tech Insight

    1. Optimize before you automate.The current way isn’t necessarily the best way.
    2. Foster an engineering mindset.Your team members may not be process engineers, but they should learn to think like one.
    3. Build a process to iterate.Effective automation can't be a one-and-done. Define a lightweight process to manage your program.

    Infrastructure & operations teams are overloaded with work

    • DevOps and digital transformation initiatives demand increased speed.
    • I&O is still tasked with security and compliance and audit.
    • I&O is often overloaded and unable to keep up with demand.

    Manual repetitive work (MRW) sucks up time

    • Manual repetitive work is a fact of life in I&O.
    • DevOps circles refer to this type of work simply as “toil.”
    • Toil is like treading water: it must be done, but it consumes precious energy and effort just to stay in the same place.
    • Some amount of toil is inevitable, but it's important to measure and cap toil, so it does not end up overwhelming your team's whole capacity for engineering work.

    Info-Tech Insight

    Follow our methodology to focus IT automation on reducing toil.

    Manual hand-offs create costly delays

    • Every time there is a hand-off, we lose efficiency and productivity.
    • In addition to the cost of performing manual work itself, we must also consider the impact of lost productivity caused by the delay of waiting for that work to be performed.

    Every queue is a tire fire

    Queues create waste and are extremely damaging. Like a tire fire, once you get started, they’re almost impossible to stamp out!

    Increase queues if you want

    • “More overhead”
    • “Lower quality”
    • “More variability”
    • “Less motivation”
    • “Longer cycle time”
    • “Increased risk”

    (Source: Edwards, citing Donald G. Reinersten: The Principles of Product Development Flow: Second Generation Lean Product Development )

    Increasing complexity makes I&O’s job harder

    Every additional layer of complexity multiplies points of failure. Beyond a certain level of complexity, troubleshooting can become a nightmare.

    Today, Operations is responsible for the outcomes of a full stack of a very complex, software-defined, API-enabled system running on infrastructure they may or may not own.
    – Edwards

    Growing technical debt means an ever-rising workload

    • Enterprises naturally accumulate technical debt.
    • All technology requires care and feeding.
    • I&O cannot control how much technology it’s expected to support.
    • I&O faces a larger and larger workload as technical debt accumulates.

    The systems built under each new technology paradigm never fully replace the systems built under the old paradigms. It’s not uncommon for an enterprise to have an accumulation of systems built over 10-15 years and have no budget, risk appetite, or even a viable path to replace them all. With each shift, who bares [SIC] the brunt of the responsibility for making sure the old and the new hang together? Operations, of course. With each new advance, Operations juggles more complexity and more layers of legacy technologies than ever before.
    – Edwards

    Most IT shops can’t have a dedicated engineering team

    • In most organizations, the team that builds things is best equipped to support them.
    • Often the knowledge to design systems and the knowledge to run those systems naturally co-exists in the same personnel resources.
    • When your I&O team is trying to do engineering work, they can end up frequently interrupted to perform operational tasks.
    A Venn Diagram is depicted which compares People who build things with People who run things. the two circles are almost completely overlapping, indicating the strong connection between the two groups.

    Personnel resources in most IT organizations overlap heavily between “build” and “run.”

    IT operations must become an engineering practice

    • Usually you can’t double your staff or double their hours.
    • IT professionals must become engineers.
    • We do this by automating manual repetitive work and reducing toil.
    Two scenarios are depicted. The first scenario is found at a hypothetical work camp, in which one employee performs the task of manually splitting firewood with an axe. In order to split twice as much firewood, the employee would need to spend twice the time. The second scenario is Engineering Operations. in this scenario, a wood processor is used to automate the task, allowing far more wood to be split in same amount of time.

    Build your Sys Admin an Iron Man suit

    Some CIOs see a Sys Admin and want to replace them with a Roomba. I see a Sys Admin and want to build them an Iron Man suit.
    – Deepak Giridharagopal, CTO, Puppet

    Two Scenarios are depicted. In one, an employee is replaced by automation, represented by a Roomba, reducing costs by laying off a single employee. In the second scenario, the single employee is given automated tools to do their job, represented by an iron-man suit, leading to a 10X boost in employee productivity.

    Use automation to reduce risk

    Consistency

    When we automate, we can make sure we do something the same way every time and produce a consistent result.

    Auditing and Compliance

    We can design an automated execution that will ship logs that provide the context of the action for a detailed audit trail.

    Change

    • Enterprise environments are continually changing.
    • When context changes, so does the procedure.
    • You can update your docs all you want, but you can't make people read them before executing a procedure.
    • When you update the procedure itself, you can make sure it’s executed properly.

    Follow Info-Tech’s approach: Start small and snowball

    • It’s difficult for I&O to get the staffing resources it needs for engineering work.
    • Rather than trying to get buy-in for resources using a “top down” approach, Info-Tech recommends that I&O score some quick wins to build momentum.
    • Show success while giving your team the opportunity to build their engineering chops.

    Because the C-suite relies on upwards communication — often filtered and sanitized by the time it reaches them — executives don’t see the bottlenecks and broken processes that are stalling progress.
    – Andi Mann

    Info-Tech’s methodology employs a targeted approach

    • You aren’t going to automate IT operations end-to-end overnight.
    • In fact, such a large undertaking might be more effort than it’s worth.
    • Info-Tech’s methodology employs a targeted approach to identify which candidates will score some quick wins.
    • We’ll demonstrate success, gain momentum, and then iterate for continual improvement.

    Invest in automation to reap long-term rewards

    • All too often people think of automation like a vacuum cleaner you can buy once and then forget.
    • The reality is you need to perform care and feeding for automation like for any other process or program.
    • To reap the greatest rewards you must continually invest in automation – and invest wisely.

    To get the full ROI on your automation, you need to treat it like an employee. When you hire an employee, you invest in that person. You spend time and resources training and nurturing new employees so they can reach their full potential. The investment in a new employee is no different than your investment in automation.– Edwards

    Measure the success of your automation program

    Example of How to Estimate Dollar Value Impact of Automation
    Metric Timeline Target Value
    Hours of manual repetitive work 12 months 20% reduction $48,000/yr.(1)
    Hours of project capacity 18 months 30% increase $108,000/yr.(2)
    Downtime caused by errors 6 months 50% reduction $62,500/yr.(3)

    1 15 FTEs x 80k/yr.; 20% of time on MRW, reduced by 20%
    2 15 FTEs x 80k/yr.; 30% project capacity, increased by 30%
    3 25k/hr. of downtime.; 5 hours per year of downtime caused by errors

    Automating failover for disaster recovery

    CASE STUDY

    Industry Financial Services
    Source Interview

    Challenge

    An IT infrastructure manager had established DR failover procedures, but these required a lot of manual work to execute. His team lacked the expertise to build automation for the failover.

    Solution

    The manager hired consultants to build scripts that would execute portions of the failover and pause at certain points to report on outcomes and ask the human operator whether to proceed with the next step.

    Results

    The infrastructure team reduced their achievable RTOs as follows:
    Tier 1: 2.5h → 0.5h
    Tier 2: 4h → 1.5h
    Tier 3: 8h → 2.5h
    And now, anyone on the team could execute the entire failover!

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Reduce Manual Repetitive Work With IT Automation – project overview

    1. Select Candidates 2. Map Process Flows 3. Build Process 4. Build Roadmap
    Best-Practice Toolkit

    1.1 Identify MRW pain points

    1.2 Drill down pain points into tasks

    1.3 Estimate the MRW involved in each task

    1.4 Rank the tasks based on value and ease

    1.5 Select top candidates and define metrics

    1.6 Draft project charters

    2.1 Map process flows

    2.2 Review and optimize process flows

    2.3 Clarify logic and finalize future-state process flows

    3.1 Kick off your test plan for each automation

    3.2 Define process for automation rollout

    3.3 Define process to manage your automation program

    3.4 Define metrics to measure success of your automation program

    4.1 Build automation roadmap

    Guided Implementations

    Introduce methodology.

    Review automation candidates.

    Review success metrics.

    Review process flows.

    Review end-to-end process flows.

    Review testing considerations.

    Review automation SDLC.

    Review automation program metrics.

    Review automation roadmap.

    Onsite Workshop Module 1:
    Identify Automation Candidates
    Module 2:
    Map and Optimize Processes
    Module 3:
    Build a Process for Managing Automation
    Module 4:
    Build Automation Roadmap
    Phase 1 Results:
    Automation candidates and success metrics
    Phase 2 Results:
    End-to-end process flows for automation
    Phase 3 Results:
    Automation SDLC process, and automation program management process
    Phase 4 Results:
    Automation roadmap

    Skills Development on the Mainframe Platform

    • Buy Link or Shortcode: {j2store}336|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Strategy and Organizational Design
    • Parent Category Link: /strategy-and-organizational-design

    Mainframes remain a critical part of an organization’s infrastructure and will need to support these platforms for the foreseeable future. Despite the importance, it can be a challenge for organizations to find qualified resources to support them. Meanwhile, companies are unsure of where to find help to train and develop their teams on mainframe technologies and are at risk of a skills gap within their teams.

    Our Advice

    Critical Insight

    • Mainframes continue to have wide usage, particularly in enterprise organizations. The complexity of moving or replatforming many of these applications means these platforms will be around for a long time still.
    • Companies need to be proactive about developing their teams to support their mainframe systems.

    Impact and Result

    • Companies can protect their assets by cultivating a pipeline of qualified resources to support their mainframe infrastructure.
    • There is a robust training ecosystem headed by large, reputable organizations to help develop and support companies' resources. You don’t have to do it alone.

    Skills Development on the Mainframe Platform Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Skills Development on the Mainframe Platform Storyboard – An overview of the solutions available to support your mainframe training and skills development needs.

    Your mainframes are not going to disappear overnight. These systems often support the most critical operations in your organization. You need to ensure you have the right qualified resources to support your platforms.

    • Skills Development on the Mainframe Platform Storyboard
    [infographic]

    Build a Data Integration Strategy

    • Buy Link or Shortcode: {j2store}125|cart{/j2store}
    • member rating overall impact (scale of 10): 8.8/10 Overall Impact
    • member rating average dollars saved: $11,677 Average $ Saved
    • member rating average days saved: 7 Average Days Saved
    • Parent Category Name: Enterprise Integration
    • Parent Category Link: /enterprise-integration
    • As organizations process more information at faster rates, there is increased pressure for faster and more efficient data integration.
    • Data integration is becoming more and more critical for downstream functions of data management and for business operations to be successful. Poor integration holds back these critical functions.

    Our Advice

    Critical Insight

    • Every IT project requires data integration. Regardless of the current problem and the solution being implemented, any change in the application and database ecosystem requires you to solve a data integration problem.
    • Data integration problem solving needs to start with business activity. After understanding the business activity, move to application and system integration to drive the optimal data integration activities.
    • Data integration improvement needs to be backed by solid requirements that depend on the use case. Info-Tech’s use cases will help you identify your organization’s requirements and integration architecture for its ideal data integration solution.

    Impact and Result

    • Create a data integration solution that supports the flow of data through the organization and meets the organization’s requirements for data latency, availability, and relevancy.
    • Build your data integration practice with a firm foundation in governance and reference architecture; use best-fit reference architecture patterns and the related technology and resources to ensure that your process is scalable and sustainable.
    • The business’ uses of data are constantly changing and evolving, and as a result, the integration processes that ensure data availability must be frequently reviewed and repositioned in order to continue to grow with the business.

    Build a Data Integration Strategy Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why your organization should improve its data integration, review Info-Tech’s methodology, and understand how we can help you create a loosely coupled integration architecture.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Collect integration requirements

    Identify data integration pains and needs and use them to collect effective business requirements for the integration solution.

    • Break Down Data Silos With a Data-Centric Integration Strategy – Phase 1: Collect Integration Requirements
    • Data Integration Requirements Gathering Tool

    2. Analyze integration requirements

    Determine technical requirements for the integration solution based on the business requirement inputs.

    • Break Down Data Silos With a Data-Centric Integration Strategy – Phase 2: Analyze Integration Requirements
    • Data Integration Trends Presentation
    • Data Integration Pattern Selection Tool

    3. Design the data-centric integration solution

    Determine your need for a data integration proof of concept, and then design the data model for your integration solution.

    • Break Down Data Silos With a Data-Centric Integration Strategy – Phase 3: Design the Data-Centric Integration Solution
    • Data Integration POC Template
    • Data Integration Mapping Tool
    [infographic]

    Workshop: Build a Data Integration Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Collect Integration Requirements

    The Purpose

    Explain approach and value proposition.

    Review the common business drivers and how the organization is driving a need to optimize data integration.

    Understand Info-Tech’s approach to data integration.

    Key Benefits Achieved

    Current integration architecture is understood.

    Priorities for tactical initiatives in the data architecture practice related to integration are identified.

    Target state for data integration is defined.

    Activities

    1.1 Discuss the current data integration environment and the pains that are felt by the business and IT.

    1.2 Determine what the problem statement and business case look like to kick-start a data integration improvement initiative.

    1.3 Understand data integration requirements from the business.

    Outputs

    Data Integration Requirements Gathering Tool

    2 Analyze Integration Requirements

    The Purpose

    Understand what the business requires from the integration solution.

    Identify the common technical requirements and how they relate to business requirements.

    Review the trends in data integration to take advantage of new technologies.

    Brainstorm how the data integration trends can fit within your environment.

    Key Benefits Achieved

    Business-aligned requirements gathered for the integration solution.

    Activities

    2.1 Understand what the business requires from the integration solution.

    2.2 Identify the common technical requirements and how they relate to business requirements.

    Outputs

    Data Integration Requirements Gathering Tool

    Data Integration Trends Presentation

    3 Design the Data-Centric Integration Solution

    The Purpose

    Learn about the various integration patterns that support organizations’ data integration architecture.

    Determine the pattern that best fits within your environment.

    Key Benefits Achieved

    Improvement initiatives are defined.

    Improvement initiatives are evaluated and prioritized to develop an improvement strategy.

    A roadmap is defined to depict when and how to tackle the improvement initiatives.

    Activities

    3.1 Learn about the various integration patterns that support organizations’ data integration architecture.

    3.2 Determine the pattern that best fits within your environment.

    Outputs

    Integration Reference Architecture Patterns

    Data Integration POC Template

    Data Integration Mapping Tool

    Further reading

    Build a Data Integration Strategy

    Integrate your data or disintegrate your business.

    ANALYST PERSPECTIVE

    Integrate your data or disintegrate your business.

    "Point-to-point integration is an evil that builds up overtime due to ongoing business changes and a lack of integration strategy. At the same time most businesses are demanding consistent, timely, and high-quality data to fuel business processes and decision making.

    A good recipe for successful data integration is to discover the common data elements to share across the business by establishing an integration platform and a canonical data model.

    Place yourself in one of our use cases and see how you fit into a common framework to simplify your problem and build a data-centric integration environment to eliminate your data silos."

    Rajesh Parab, Director, Research & Advisory Services

    Info-Tech Research Group

    Our understanding of the problem

    This Research Is Designed For:

    • Data engineers feeling the pains of poor integration from inaccuracies and inefficiencies during the data integration lifecycle.
    • Business analysts communicating the need for improved integration of data.
    • Data architects looking to design and facilitate improvements in the holistic data environment.
    • Data architects putting high-level architectural design changes into action.

    This Research Will Also Assist:

    • CIOs concerned with the costs, benefits, and the overall structure of their organization’s data flow.
    • Enterprise architects trying to understand how improved integration will affect overall organizational architecture.

    This Research Will Help You:

    • Understand what integration is, and how it fits into your organization.
    • Identify opportunities for leveraging improved integration for data-driven insights.
    • Design a loosely coupled integration architecture that is flexible to changing needs.
    • Determine the needs of the business for integration and design solutions for the gaps that fit the requirements.

    This Research Will Help Them:

    • Get a handle on the current data situation and how data interacts within the organization.
    • Understand how data architecture affects operations within the enterprise.

    Executive summary

    Situation

    • As organizations process more information at faster rates, there is increased pressure for faster and more efficient data integration.
    • Data integration is becoming more and more critical for downstream functions of data management and for business operations to be successful. Poor integration holds back these critical functions.

    Complication

    • Investments in integration can be a tough sell for the business, and it is difficult to get support for integration as a standalone project.
    • Evolving business models and uses of data are growing rapidly at rates that often exceed the investment in data management and integration tools. As a result, there is often a gap between data availability and the business’ latency demands.

    Resolution

    • Create a data-centric integration solution that supports the flow of data through the organization and meets the organization’s requirements for data accuracy, relevance, availability, and timeliness.
    • Build your data-centric integration practice with a firm foundation in governance and reference architecture; use best-fit reference architecture patterns and the related technology and resources to ensure that your process is scalable and sustainable.
    • The business’ uses of data are constantly changing and evolving, and as a result the integration processes that ensure data availability must be frequently reviewed and repositioned to continue to grow with the business.

    Info-Tech Insight

    1. Every IT project requires data integration.Any change in the application and database ecosystem requires you to solve a data integration problem.
    2. Integration problem solving needs to start with business activity. After understanding the business activity, move to application and system integration to drive optimal data integration activities.
    3. Integration initiatives need to be backed by requirements that depend on use cases. Info-Tech’s use cases will help identify organizational requirements and the ideal data-centric integration solution.

    Your data is the foundation of your organization’s knowledge and ability to make decisions

    Integrate the Data, Not the Applications

    Data is one of the most important assets in a modern organization. Contained within an organization’s data are the customers, the products, and the operational details that make an organization function. Every organization has data, and this data might serve the needs of the business today.

    However, the only constant in the world is change. Changes in addresses, amounts, product details, partners, and more occur at a rapid rate. If your data is isolated, it will quickly become stale. Getting up-to-date data to the right place at the right time is where data-centric integration comes in.

    "Data is the new oil." – Clive Humby, Chief Data Scientist Source: Medium, 2016

    The image shows two graphics. The top shows two sets of circles with an arrow pointing to the right between them: on the left, there is a large centre circle with the word APP in it, and smaller circles surrounding it that read DATA. On the right, the large circle reads DATA, and the smaller circles, APP. On the lower graphic, there are also two sets of circles, with an arrow pointing to the right between them. This time, the largest circle envelopes the smaller circles. The circle on the right has a larger circle in the centre that reads Apple Watch Heart Monitoring App, and smaller circles around it labelled with types of data. The circle on the right contains a larger circle in the centre that reads Heart Data, and the smaller circles are labelled with types of apps.

    Organizations are having trouble keeping up with the rapid increases in data growth and complexity

    To keep up with increasing business demands and profitability targets and decreasing cost targets, organizations are processing and exchanging more data than ever before.

    To get more value from their information, organizations are relying on more and more complex data sources. These diverse data sources have to be properly integrated to unlock the full potential of your data:

    The most difficult integration problems are caused by semantic heterogeneity (Database Research Technology Group, n.d.).

    80% of business decisions are made using unstructured data (Concept Searching, 2015).

    85% of businesses are struggling to implement the correct integration solution to accurately interpret their data (KPMG, 2014).

    Break Down Your Silos

    Integrating large volumes of data from the many varied sources in an organization has incredible potential to yield insights, but many organizations struggle with creating the right structure for that blending to take place, and data silos form.

    Data-centric integration capabilities can break down organizational silos. Once data silos are removed and all the information that is relevant to a given problem is available, problems with operational and transactional efficiencies can be solved, and value from business intelligence (BI) and analytics can be fully realized.

    Data-centric integration is the solution you need to bring data together to break down data silos

    On one hand…

    Data has massive potential to bring insight to an organization when combined and analyzed in creative ways.

    On the other hand…

    It is difficult to bring data together from different sources to generate insights and prevent stale data.

    How can these two ideas be reconciled?

    Answer: Info-Tech’s Data Integration Onion Framework summarizes an organization’s data environment at a conceptual level, and is used to design a common data-centric integration environment.

    Info-Tech’s Data Integration Onion Framework

    The image shows Info Tech's Data Integration Onion Framework. It is a circular graphic, with a series on concentric rings, each representing a category and containing specific examples of items within those categories.

    Poor integration will lead to problems felt by the business and IT

    The following are pains reported by the business due to poor integration:

    59% Of managers said they experience missing data every day due to poor distribution results in data sets that are valuable to their central work functions. (Experian, 2016)

    42% Reported accidentally using the wrong information, at least once a week. (Computerworld, 2017)

    37% Of the 85% of companies trying to be more data driven, only 37% achieved their goal. (Information Age, 2019)

    "I never guess. It is a capital mistake to theorize before one has data. Insensibly one begins to twist facts to suit theories, instead of theories to suit facts." – Sir Arthur Conan Doyle, Sherlock Holmes

    Poor integration can make IT less efficient as well:

    90% Of all company generated data is “dark.” Getting value out of dark data is not difficult or costly. (Deloitte Insights, 2017)

    5% As data sits in a database, up to 5% of customer data changes per month. (Data.com, 2016)

    "Most traditional machine learning techniques are not inherently efficient or scalable enough to handle the data. Machine learning needs to reinvent itself for big data processing primarily in pre-processing of data." – J. Qiu et al., ‎2016

    Understand the common challenges of integration to avoid the pains

    There are three types of challenges that organizations face when integrating data:

    1. Disconnect from the business

    Poor understanding of the integration problem and requirements lead to integrations being built that are not effective for quality data.

    50% of project rework is attributable to problems with requirements. (Info-Tech Research Group)

    45% of IT professionals admit to being “fuzzy” about the details of a project’s business objectives. (Blueprint Software Systems Inc., 2012)

    2. Lack of strategy

    90% Of organizations will lack an integration strategy through to 2018. (Virtual Logistics, 2017)

    Integrating data without a long-term plan is a recipe for point-to-point integration spaghettification:

    The image shows two columns of rectangles, each with the word Application Services. Between them are arrows, matching boxes in one column to the other. The lines of the arrows are curvy.

    3. Data complexity

    Data architects and other data professionals are increasingly expected to be able to connect data using whatever interface is provided, at any volume, and in any format – all without affecting the quality of the data.

    36% Of developers report problems integrating data due to different standards interpretations. (DZone, 2015)

    These challenges lead to organizations building a data architecture and integration environment that is tightly coupled.

    A loose coupling integration strategy helps mitigate the challenges and realize the benefits of well-connected data

    Loose Coupling

    Most organizations don’t have the foresight to design their architecture correctly the first time. In a perfect world, organizations would design their application and data architecture to be scalable, modular, and format-neutral – like building blocks.

    Benefits of a loosely coupled architecture:

    • Increased ability to support business needs by adapting easily to changes.
    • Added ability to incorporate new vendors and new technology due to increased flexibility.
    • Potential for automated, real-time integration.
    • Elimination of re-keying/manual entry of data.
    • Federation of data.

    Vs. Tight Coupling

    However, this is rarely the case. Most architectures are more like a brick wall – permanent, hard to add to and subtract from, and susceptible to weathering.

    Problems with a tightly coupled architecture:

    • Delays in combining data for analysis.
    • Manual/Suboptimal DI in the face of changing business needs.
    • Lack of federation.
    • Lack of flexibility.
    • Fragility of integrated platforms.
    • Limited ability to explore new functionalities.

    M&A Runbook for Infrastructure and Operations

    • Buy Link or Shortcode: {j2store}60|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Strategy and Organizational Design
    • Parent Category Link: /strategy-and-organizational-design
    • I&O is often the last to be informed of an impending M&A deal.
    • The business doesn’t understand the necessary requirements or timeline for integration.
    • It’s hard to prioritize when you’re buried under a mountain of work.
    • Documentation may be lacking or nonexistent, and members of the target organization may be uncooperative.

    Our Advice

    Critical Insight

    • Manage expectations. The business often expects integration in days or weeks, not months or years. You need to set them straight.
    • Open your checkbook and prepare to hire. Integration will require a temporary increase in resources.
    • Tackle organizational and cultural change. People are harder to integrate than technology. Culture change is the hardest part, and the integration plan should address it.

    Impact and Result

    • Tailor your approach based on the business objectives of the merger or acquisition.
    • Separate the must-haves from the nice-to-haves.
    • Ensure adequate personnel and budget.
    • Plan for the integration into normal operations.

    M&A Runbook for Infrastructure and Operations Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how to partner with the business to conquer the challenges in your next merger or acquisition.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Establish goals

    Partner with the business to determine goals and establish high-level scope.

    • M&A Runbook for Infrastructure and Operations – Phase 1: Establish Goals
    • I&O M&A Project Napkin

    2. Conduct discovery

    Find out what the target organization’s I&O looks like.

    • M&A Runbook for Infrastructure and Operations – Phase 2: Conduct Discovery
    • I&O M&A Discovery Letter Template
    • I&O M&A Discovery Template
    • I&O M&A Workbook
    • I&O M&A Risk Assessment Tool

    3. Plan short-term integration

    Build a plan to achieve a day 1 MVP.

    • M&A Runbook for Infrastructure and Operations – Phase 3: Plan Short-Term Integration
    • I&O M&A Short-Term Integration Capacity Assessment Tool

    4. Map long-term integration

    Chart a roadmap for long-term integration.

    • M&A Runbook for Infrastructure and Operations – Phase 4: Map Long-Term Integration
    • I&O M&A Long-Term Integration Portfolio Planning Tool
    [infographic]

    Workshop: M&A Runbook for Infrastructure and Operations

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 High-Level Scope

    The Purpose

    Establish goals and conduct discovery.

    Key Benefits Achieved

    Alignment with business goals

    Documentation of target organization’s current state

    Activities

    0.1 Consult with stakeholders.

    0.2 Establish M&A business goals.

    0.3 Conduct target discovery.

    0.4 Document own environment.

    0.5 Clarify goals.

    Outputs

    Stakeholder communication plan

    M&A business goals

    I&O M&A Discovery Template

    Current state of organization

    2 Target Assessment

    The Purpose

    Assess risk and value of target organization.

    Key Benefits Achieved

    Accurate scope of I&O integration

    Risk mitigation plans

    Value realization strategies

    Activities

    1.1 Scope I&O M&A project.

    1.2 Assess risks.

    1.3 Assess value.

    Outputs

    I&O M&A Project Napkin

    Risk assessment

    Value assessment

    3 Day 1 Integration Project Plan

    The Purpose

    Establish day 1 integration project plan.

    Key Benefits Achieved

    Smoother day 1 integration

    Activities

    2.1 Determine Day 1 minimum viable operating model post M&A.

    2.2 Identify gaps.

    2.3 Build day 1 project plan.

    2.4 Estimate required resources.

    Outputs

    Day 1 project plan

    4 Long-Term Project Plan

    The Purpose

    Draw long-term integration roadmap.

    Key Benefits Achieved

    Improved alignment with M&A goals

    Greater realization of the deal’s value

    Activities

    3.1 Set long-term future state goals.

    3.2 Create a long-term project plan.

    3.3 Consult with business stakeholders on the long-term plan.

    Outputs

    Long-term integration project plan

    5 Change Management and Continual Improvement

    The Purpose

    Prepare for organization and culture change.

    Refine M&A I&O integration process.

    Key Benefits Achieved

    Smoother change management

    Improved M&A integration process

    Activities

    4.1 Complete a change management plan.

    4.2 Conduct a process post-mortem.

    Outputs

    Change management plan

    Process improvements action items

    Lead Staff through Change

    • Buy Link or Shortcode: {j2store}510|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: High Impact Leadership
    • Parent Category Link: /lead
    • Sixty to ninety percent of change initiatives fail, costing organizations dollars off the bottom line and lost productivity.
    • Seventy percent of change initiatives fail because of people-related issues, which place a major burden on managers to drive change initiatives successfully.
    • Managers are often too busy focusing on the process elements of change; as a result, they neglect major opportunities to leverage and mitigate staff behaviors that affect the entire team.

    Our Advice

    Critical Insight

    • Change is costly, but failed change is extremely costly. Managing change right the first time is worth the time and effort.
    • Staff pose the biggest opportunity and risk when implementing a change – managers must focus on their teams in order to maintain positive change momentum.
    • Large and small changes require the same change process to be followed but at different scales.
    • The size of a change must be measured according to the level of impact the change will have on staff, not how executives and managers perceive the change.
    • To effectively lead their staff through change, managers must anticipate staff reaction to change, develop a communication plan, introduce the change well, help their staff let go of old behaviors while learning new ones, and motivate their staff to adopt the change.

    Impact and Result

    • Anticipate and respond to staff questions about the change in order to keep messages consistent, organized, and clear.
    • Manage staff based on their specific concerns and change personas to get the best out of your team during the transition through change.
    • Maintain a feedback loop between staff, executives, and other departments in order to maintain the change momentum and reduce angst throughout the process.

    Lead Staff through Change Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Learn how to manage people throughout the change process

    Set up a successful change adoption.

    • Storyboard: Lead Staff through Change

    2. Learn the intricacies of the change personas

    Correctly identify which persona most closely resembles individual staff members.

    • None

    3. Assess the impact of change on staff

    Ensure enough time and effort is allocated in advance to people change management.

    • Change Impact Assessment Tool

    4. Organize change communications messages for a small change

    Ensure consistency and clarity in change messages to staff.

    • Basic Business Change Communication Worksheet

    5. Organize change communications messages for a large change

    Ensure consistency and clarity in change messages to staff.

    • Advanced Business Change Description Form

    6. Evaluate leadership of the change process with the team

    Improve people change management for future change initiatives.

    • Change Debrief Questionnaire
    [infographic]

    Purchase Storage Without Buyer's Remorse

    • Buy Link or Shortcode: {j2store}505|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Storage & Backup Optimization
    • Parent Category Link: /storage-and-backup-optimization
    • Storage is a big ticket item that often only gets purchased every three to five years. Many buyers focus on capital costs and rely on vendors for scoping of requirements leading to overspending and buyer’s remorse.
    • Three-quarters of storage buyers are dissatisfied with at least one aspect of their most recent storage purchase, and over 40% of organizations switched vendors, making it critical to understand the market and the important factors to avoiding buyer’s remorse.

    Our Advice

    Critical Insight

    • Know where to negotiate on price. Many organizations spend as much or more effort on negotiating a better price as they do on assessing current and future requirements; yet, more than 35% of organizations report dissatisfaction with hardware, software, and/or maintenance and support costs from their most recent purchase.
    • Understand support agreements and vendor offerings. Organizations satisfied with their storage purchase spent more effort evaluating support capabilities of vendors and assessing current and future requirements.
    • Determine costs to scale-up your storage. More than 35% of organizations report dissatisfaction with costs to scale their solutions by adding disks or disk trays, following their initial contract, making it crucial to establish scaling costs with your vendor.

    Impact and Result

    • Get peace of mind knowing that the quote you’re about to sign delivers the solution and capabilities around software and support that you think you are getting.
    • Understand contract discounting levels and get advice around where further discounting can be negotiated with the reseller.
    • Future-proof your purchase by capitalizing on Info-Tech’s exposure to other clients’ past experiences.

    Purchase Storage Without Buyer's Remorse Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Purchase storage without buyer's remorse

    Ensure the purchase is the lowest cost with fewest future headaches.

    • Storyboard: Purchase Storage Without Buyer's Remorse

    2. Evaluate storage vendors and their product capabilities

    Select the most appropriate offering for business needs at a competitive price point.

    3. Ensure vendors reveal all details regarding strengths and weaknesses

    Get the lowest priced feature set for the selected product.

    • Storage Reseller Interrogation Script
    [infographic]

    Assess Your IT Financial Management Maturity Effectively

    • Buy Link or Shortcode: {j2store}315|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Cost & Budget Management
    • Parent Category Link: /cost-and-budget-management

    Organizations wishing to mature their IT financial management (ITFM) maturity often face the following obstacles:

    • Unfamiliarity: Lack of knowledge and understanding related to ITFM maturity.
    • Shortsightedness: Randomly reacting to changing circumstances.
    • Exchange: Inability to consistently drive dialogues.
    • Perception: IT is perceived as a cost center instead of a trustworthy strategic partner.

    Our Advice

    Critical Insight

    No matter where you currently stand in your ITFM practice, there is always room for improvement. Hence, a maturity assessment should be viewed as a self-improvement tool that is only valuable if you are willing to act on it.

    Impact and Result

    A mature ITFM practice leads to many benefits.

    • Foundation: Improved governance, skill sets, processes, and tools.
    • Data: An appropriate taxonomy/data model alongside accurate data for high-quality reporting and insights.
    • Language: A common vocabulary across the organization.
    • Organization Culture: Improved communication and collaboration between IT and business partners.

    Assess Your IT Financial Management Maturity Effectively Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess Your IT Financial Management Maturity Effectively Storyboard – A framework and step-by-step methodology to assess your ITFM maturity.

    This research seeks to support IT leaders and ITFM practitioners in evaluating and improving their current maturity. It will help document both current and target states as well as prioritize focus areas for improvement.

    • Assess Your IT Financial Management Maturity Effectively Storyboard

    2. IT Financial Management Maturity Assessment Tool – A structured tool to help you assess your ITFM maturity.

    This Excel workbook guides IT finance practitioners to effectively assess their IT financial management practice. Incorporate the visual outputs into your final executive presentation document. Key activities include context setting, completing the assessment, and prioritizing focus areas based on results.

    • IT Financial Management Maturity Assessment Tool

    3. IT Financial Management Maturity Assessment Report Template – A report summarizing your ITFM maturity assessment results to help you communicate with stakeholders.

    Use this template to document your final ITFM maturity outputs, including the current and target states and your identified priorities.

    • IT Financial Management Maturity Assessment Report Template
    [infographic]

    Further reading

    Assess Your IT Financial Management Maturity Effectively

    Influence your organization’s strategic direction.

    Analyst Perspective

    Make better informed data-driven business decisions.

    Technology has been evolving throughout the years, increasing complexity and investments, while putting more stress on operations and people involved. As an IT leader, you are now entrusted to run your outfit as a business, sit at the executive table as a true partner, and be involved in making decisions that best suit your organization. Therefore, you have an obligation to fulfill the needs of your end customers and live up to their expectations, which is not an easy task.

    IT financial management (ITFM) helps you generate value to your organization’s clientele by bringing necessary trade-offs to light, while driving effective dialogues with your business partners and leadership team.

    This research will focus on Info-Tech’s approach to ITFM maturity, aiming for a state of continuous improvement, where an organization can learn and grow as it adapts to change. As the ITFM practice matures, IT and business leaders will be able to better understand one another and together make better business decisions, driven by data.

    This client advisory presentation and accompanying tool seek to support IT leaders and ITFM practitioners in evaluating and improving their current maturity. It will help document both current and target states as well as prioritize focus areas for improvement.

    Photo of Bilal Alberto Saab, Research Director, IT Financial Management, Info-Tech Research Group. Bilal Alberto Saab
    Research Director, IT Financial Management
    Info-Tech Research Group

    Executive Summary

    The value of ITFM is undermined

    ITFM is often discarded and not given enough importance and relevance due to the operational nature of IT, and the specialized skillset of its people, leading to several problems and challenges, such as:

    • Unfamiliarity: Lack of knowledge and understanding related to ITFM maturity.
    • Shortsightedness: Randomly reacting to changing circumstances.
    • Exchange: Inability to consistently drive dialogues.
    • Perception: IT is perceived as a cost center instead of a trustworthy strategic partner.

    Constructive dialogues with business partners are not the norm

    Business-driven conversations around financials (spending, cost, revenue) are a rarity in IT due to several factors, including:

    • Foundation: Weak governance, inadequate skillset, and less than perfect processes and tools.
    • Data: Lack of adequate taxonomy/data model, alongside inaccurate data leading to poor reporting and insights.
    • Language: Lack of a common vocabulary across the organization.
    • Organization culture: No alignment, alongside minimal communication and collaboration between IT and business partners.

    Follow Info-Tech’s approach to move up the ITFM maturity ladder

    Mature your ITFM practice by activating the means to make informed business decisions.

    Info-Tech’s methodology helps you move the dial by focusing on three maturity focus areas:

    • Build an ITFM Foundation
    • Manage and Monitor IT Spending
    • Bridge the Language Barrier

    Info-Tech Insight

    Influence your organization’s strategic direction by maturing your ITFM practice.

    What is ITFM?

    ITFM is not just about finance.

    • ITFM has evolved from traditional budgeting, accounting, and cost optimization; however, it is much more than those activities alone.
    • It starts with understanding the financial implications of technology by adopting different perspectives to become adept in communicating with various stakeholders, including finance, business partners, IT managers, and your CEO.
    • Armed with this knowledge, ITFM helps you address a variety of questions, such as:
      • How are technology funds being spent?
      • Which projects is IT prioritizing and why?
      • What are the resources needed to speed IT delivery?
      • What’s the value of IT within the organization?
    • ITFM’s main objective is thus to improve decision-making capabilities by facilitating communication between IT leaders and stakeholders, while enabling a customer focus attitude throughout the organization.

    “ITFM embeds technology in financial management practices. Through cost, demand, and value, ITFM brings technology and business together, forging the necessary relationships and starting the right conversations to enable the best decisions for the organization.”
    – Monica Braun, Research Director, Info-Tech Research Group

    Your challenge

    IT leaders struggle to articulate and communicate business value.

    • IT spending is often questioned by different stakeholders, such as business partners and various IT business units. These questions, usually resulting from shifts in business needs, may revolve around investments, expenditures, services, and speed to market, among others. While IT may have an idea about its spending habits, aligning it to the business strategy may prove difficult.
    • IT staff often does not have access to, or knowledge of, the business model and its intricacies. In an operational environment, the focus tends to be on technical issues rather than overall value.
    • People tend to fear what they do not know. Some business managers may not be comfortable with technology. They do not recognize the implications and ramifications of certain implementations or understand the related terminology, which puts a strain on any conversation.

    “Value is not the numbers you visualize on a chart, it’s the dialogue this data generates with your business partners and leadership team.”
    – Dave Kish, Practice Lead, Info-Tech Research Group

    Technology is constantly evolving

    Increasing IT spending and decision-making complexity.

    Timeline of IT technology evolution, starting with 'Timesharing' in the 1980s to 'All Things Digital' in the 2020s. 'IT Spend Growth' grows from start to finish.

    Common obstacles

    IT leaders are not able to have constructive dialogues with their stakeholders.

    • The way IT funds are spent has changed significantly, moving from the purchase of discrete hardware and software tools to implementing data lakes, cloud solutions, the metaverse and blockchain. This implies larger investments and more critical decisions. Conversations around interoperability, integration, and service-based solutions that focus more on big-picture architecture than day-to-day operations have become the norm.
    • Speed to market is now a survival criterion for most organizations, requiring IT to shift rapidly based on changing priorities and customer expectations. This leads to the need for greater financial oversight, with the CFO as the gatekeeper. Today’s IT leaders need to possess both business and financial management savvy to justify their spending with various stakeholders.
    • Any IT budget increase is tied to expectations of greater value. Hence, the compelling demands for IT to prove its worth to the business. Promoting value comes in two ways: 1) objectively, based on data, KPIs, and return on investment; and 2) subjectively, based on stakeholder satisfaction, alongside relationships. Building trust, credibility, and confidence can go a long way.

    In a technology-driven world, advances come at a price. With greater spending required, more complex and difficult conversations arise.

    Constructive dialogues are key

    You don’t know what you don’t know.

    • IT, being historically focused on operations, has become a hub for technically savvy personnel. On the downside, technology departments are often alien to business, causing problems such as:
      • IT staff have no knowledge of the business model and lack customer focus.
      • Business is not comfortable with technology and related jargon.
    • The lack of two-way communication and business alignment is hence an important ramification. If the business does not understand technology, and IT does not speak in business terms, where does that lead us?
    • Poor data quality and governance practices, alongside overly manual processes can only exasperate the situation.

    IT Spending Survey

    79% of respondents believe that decisions taking too long to make is either a significant or somewhat of a challenge (Flexera 2022 Tech Spend Pulse; N=501).

    81% of respondents believe that ensuring spend efficiency (avoiding waste) is either a challenge or somewhat of a challenge (Flexera 2022 Tech Spend Pulse; N=501).

    ITFM is trailing behind

    IT leaders must learn to speak business.

    In today’s world, where organizations are driving customer experience through technology investments, having a seat at the table means IT leaders must be well versed in business language and practice, including solid financial management skills.

    However, IT staff across all industries aren’t very confident in how well IT is doing in managing its finances. This becomes evident after looking at three core processes:

    • Demonstrating IT’s value to the business.
    • Accounting of costs and budgets.
    • Optimizing costs to gain the best return on investment.

    Recent data from 4,137 respondents to Info-Tech’s IT Management & Governance Diagnostic shows that while most IT staff feel that these three financial management processes are important, notably fewer feel that IT management is effective at executing on them.

    IT leadership’s capabilities around fundamental cost data capture appear to be lagging, not to mention the essential value-added capabilities around optimizing costs and demonstrating IT’s contribution to business value.

    Bar charts comparing percentages of people who 'Agree process is important' and 'Agree process is effective' for three processes: Business Value, Cost & Budget Management, and Cost Optimization. In all instances, the importance outweighed the perceived effectiveness.
    Source: Info-Tech Research Group, IT Management & Governance Diagnostic, 2023.

    Info-Tech’s approach

    We take a holistic approach to ITFM and support you throughout your maturity journey.

    Visualization of the IT maturity levels with three goals at the bottom, 'Build am ITFM Foundation', 'Manage & Monitor IT Spending', and 'Bridge the Language Barrier'. The 5 levels, from bottom to top, are 'Nascent - Level 1, Inability to consistently deliver financial planning services', 'Cost Operator - Level 2, Rudimentary financial planning capabilities', 'Trusted Coordinator - Level 3, Enablement of business through cost-effective supply of technology', 'Value Optimizer - Level 4, Effective impact on business performance', and 'Strategic Partner - Level 5, Influence on the organization's strategic direction'.

    The Info-Tech difference:

    • Info-Tech has a methodology and set of tools that will help assess your ITFM maturity and take the first step in developing an improvement plan. We have identified three maturity focus areas:
      • Build an ITFM Foundation
      • Manage and Monitor IT Spending
      • Bridge the Language Barrier
    • No matter where you currently stand in your ITFM practice, there is always room for improvement. Hence, a maturity assessment should be viewed as a self-improvement tool, which is only valuable if you are willing to act on it.

    Note: See Appendix A for maturity level definitions and descriptions.

    Climb the maturity ladder

    By growing along three maturity focus areas.

    A diagram with '3 Maturity Focus Areas' and '9 Maturity Levers' within them. The first area is 'Build an ITFM Foundation' with levers 'Establish your Team', 'Set up your Governance Structure', and 'Adopt ITFM Processes & Tools'. The second area is 'Manage & Monitor IT Spending', with levers 'Standardize your Taxonomy & Data Model', 'Identify, Gather & Prepare your Data', and 'Analyze your Findings and Develop your Reports'. The third area is 'Bridge the Language Barrier' with levers 'Communicate your IT Spending', 'Educate the Masses', and 'Influence your Organization's Culture'.

    Info-Tech identified three maturity focus areas, each containing three levers.

    Identify where you stand across the nine maturity levers, detect the gaps, and determine your priorities as a first step to develop an improvement plan.

    Note: See Appendix B for maturity level definitions and descriptions per lever.

    Key project deliverables

    Each step of this activity is accompanied by supporting deliverables to help you accomplish your goals.

    IT Financial Management Maturity Assessment Report Template

    A template of an ITFM maturity assessment report that can be customized based on your own results.

    IT Financial Management Maturity Assessment Tool

    A workbook including an ITFM maturity survey, generating a summary of your current state, target state, and priorities.

    Measure the value of this activity

    Reach your 12-month maturity target.

    • Determine your 12-month maturity target, identify your gaps, and set your priorities.
    • Use the ITFM maturity assessment to kickstart your improvement plan by developing actionable initiatives.
    • Implement your initiatives and monitor your progress to reach your 12-month target.

    Sample of a result page from the ITFM maturity assessment.

    Build your improvement plan and implement your initiatives to move the dial and climb the maturity ladder.

    Sample of a result page from the ITFM maturity assessment with a graph.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Step 1

    Prepare for the ITFM maturity assessment

    Content Overview

    1. Identify your stakeholders
    2. Set the context
    3. Determine the methodology
    4. Identify assessment takers

    This step involves the following participants:

    • CIO/IT director
    • CFO/finance director
    • IT finance lead
    • IT audit lead
    • Other IT management

    1. Prepare to take the ITFM maturity assessment

    3 hours

    Input: Understanding your context, objectives, and methodology

    Output: ITFM maturity assessment stakeholders and their objectives, ITFM maturity assessment methodology, ITFM maturity assessment takers

    Materials: 1a. Prepare for Assessment tab in the ITFM Maturity Assessment Tool

    Participants: CIO/IT director, CFO/finance director, IT finance lead, IT audit lead, Other IT management

    1. Identify your stakeholders and document it in the ITFM Maturity Assessment Tool (see next slides). We recommend having representatives from different business units across the organization, most notably IT, IT finance, finance, and IT audit.
    2. Set the context with your stakeholders and document it in the ITFM Maturity Assessment Tool. Discuss the reason behind taking the ITFM maturity assessment among the various stakeholders. Why do each of your stakeholders want to take the assessment? What are their main objectives? What would they like to achieve?
    3. Determine the methodology and document it in the ITFM Maturity Assessment Tool. Discuss how you want to go about taking the assessment with your stakeholders. Do you want to have representatives from each business unit take the assessment individually, then share and discuss their findings? Do you prefer forming a working group with representatives from each business unit and go through the assessment together? Or does any of your stakeholders have a different suggestion? You will have to consider the effort, skillset, and knowledge required.
    4. Identify the assessment takers and document it in the ITFM Maturity Assessment Tool. Determine who will be taking the assessment (specific names of stakeholders). Consider their availability, knowledge, and skills.

    Download the IT Financial Management Maturity Assessment Tool

    TEMPLATE & EXAMPLE

    Document your stakeholders, objectives, and methodology

    Excel Workbook: ITFM Maturity Assessment Tool – Prepare for Assessment worksheet

    Refer to the example and guidelines below on how to document stakeholders, objectives, and methodology (table range: columns B to G and rows 8 to 15).

    Example table from the ITFM Maturity Assessment Tool re: 'Maturity Assessment Stakeholders'.

    Column ID Input Type Guidelines
    B Formula Automatic calculation, no entry required.
    C Text Enter the full name of each stakeholder on a separate row.
    D Text Enter the job title related to each stakeholder.
    E Text Enter the objective(s) related to each stakeholder.
    F Text Enter the agreed upon methodology.
    G Text Enter any notes or comments per stakeholder (optional).

    Review the following in the Excel workbook as per guidelines:

    1. Navigate to the 1a. Prepare for Assessment tab.
    2. Enter the full names and job titles of the ITFM maturity assessment stakeholders.
    3. Document the maturity assessment objective of each of your stakeholders.
    4. Document the agreed-upon methodology.

    Download the IT Financial Management Maturity Assessment Tool

    TEMPLATE & EXAMPLE

    Document your assessment takers

    Excel Workbook: ITFM Maturity Assessment Tool – Prepare for Assessment worksheet

    Refer to the example and guidelines below on how to document assessment takers (table range: columns B to E and rows 18 to 25).

    Example table from the ITFM Maturity Assessment Tool re: 'Maturity Assessment Takers'.

    Column ID Input Type Guidelines
    B Formula Automatic calculation, no entry required.
    C Text Enter the full name of each assessment taker on a separate row.
    D Text Enter the job title related to each stakeholder to identify which party is being represented per assessment taker.
    E Text Enter any notes or comments per stakeholder (optional).

    Review the following in the Excel workbook as per guidelines:

    1. Navigate to the 1a. Prepare for Assessment tab.
    2. Enter the full name of each assessment taker, along with the job title of the stakeholder they are representing.

    Download the IT Financial Management Maturity Assessment Tool

    Step 2

    Take the ITFM maturity assessment

    Content Overview

    1. Complete the survey
    2. Review your assessment results
    3. Determine your priorities

    This step involves the following participants:

    • CIO/IT director
    • CFO/finance director
    • IT finance lead
    • IT audit lead
    • Other IT management

    2. Take the ITFM maturity assessment

    3 hours

    Input: Understanding of your ITFM current state and 12-month target state, ITFM maturity assessment results

    Output: ITFM current- and target-state maturity levels, average scores, and variance, ITFM current- and target-state average scores, variance, and priority by maturity focus area and maturity lever

    Materials: 1b. Glossary, 2a. Assess ITFM Foundation, 2b. Assess Mngt. & Monitoring, 2c. Assess Language, and 3. Assessment Summary tabs in the ITFM Maturity Assessment Tool

    Participants: CIO/IT director, CFO/finance director, IT finance lead, IT audit lead, Other IT management

    1. Complete the survey: select the current and target state of each statement – refer to the glossary as needed for definitions of key terms – in the ITFM Maturity Assessment Tool (see next slides). There are three tabs (one per maturity focus area) with three tables each (nine maturity levers). Review and discuss statements with all assessment takers: consider variations, differing opinions, and reach an agreement on each statement inputs.
    2. Review assessment results: navigate to the Assessment Summary tab in the ITFM maturity assessment tool (see next slides) to view your results. Review and discuss with all assessment takers: consider any shocking output and adjust survey input if necessary.
    3. Determine your priorities: decide on the priority (Low/Medium/High) by maturity focus area and/or maturity lever. Rank your maturity focus area priorities from 1 to 3 and your maturity lever priorities from 1 to 9. Consider the feasibility in terms of timeframe, effort, and skillset required, positive and negative impacts on business and technology, likelihood of failure, and necessary approvals. Document your priorities in the ITFM maturity assessment tool (see next slides).
      Review and discuss priorities with all assessment takers: consider variations, differing opinions, and reach an agreement on each priority.

    Download the IT Financial Management Maturity Assessment Tool

    TEMPLATE & EXAMPLE

    Complete the survey

    Excel workbook: ITFM Maturity Assessment Tool – Survey worksheets

    Refer to the example and guidelines below on how to complete the survey.

    Example table from the ITFM Maturity Assessment Tool re: Survey worksheets.

    Column ID Input Type Guidelines
    B Formula Automatic calculation, no entry required.
    C Formula Automatic calculation, no entry required: ITFM maturity statement to assess.
    D, E Dropdown Select the maturity levels of your current and target states. One of five maturity levels for each statement, from “1. Nonexistent” (lowest maturity) to “5. Advanced” (highest maturity).
    F, G, H Formula Automatic calculation, no entry required: scores associated with your current and target state selection, along with related variance (column G – column F).
    I Text Enter any notes or comments per ITFM maturity statement (optional).

    Review the following in the Excel workbook as per guidelines:

    1. Navigate to the survey tabs: 2a. Assess ITFM Foundation, 2b. Assess Management and Monitoring, and 2c. Assess Language.
    2. Select the appropriate current and target maturity levels.
    3. Add any notes or comments per ITFM maturity statement where necessary or helpful.

    Download the IT Financial Management Maturity Assessment Tool

    TEMPLATE & EXAMPLE

    Review your overall result

    Excel Workbook: ITFM Maturity Assessment Tool – Assessment Summary worksheet

    Refer to the example and guidelines below on how to review your results.

    Example table from the ITFM Maturity Assessment Tool re: Assessment Summary worksheet.

    Column ID Input Type Guidelines
    K Formula Automatic calculation, no entry required.
    L Formula Automatic calculation, no entry required: Current State, Target State, and Variance entries. Please ignore the current state benchmark, it’s a placeholder for future reference.
    M Formula Automatic calculation, no entry required: average overall maturity score for your Current State and Target State entries, along with related Variance.
    N, O Formula Automatic calculation, no entry required: maturity level and related name based on the overall average score (column M), where level 1 corresponds to an average score less than or equal to 1.49, level 2 corresponds to an average score between 1.5 and 2.49 (inclusive), level 3 corresponds to an average score between 2.5 and 3.49 (inclusive), level 4 corresponds to an average score between 3.5 and 4.49 (inclusive), and level 5 corresponds to an average score between 4.5 and 5 (inclusive).
    P, Q Formula Automatic calculation, no entry required: maturity definition and related description based on the maturity level (column N).

    Review the following in the Excel workbook as per guidelines:

    1. Navigate to tab 3. Assessment Summary.
    2. Review your overall current state and target state result along with the corresponding variance.

    Download the IT Financial Management Maturity Assessment Tool

    TEMPLATE & EXAMPLE

    Set your priorities

    Excel Workbook: ITFM Maturity Assessment Tool – Assessment Summary worksheet

    Refer to the example and guidelines below on how to review your results per maturity focus area and maturity lever, then prioritize accordingly.

    Example table from the ITFM Maturity Assessment Tool re: Assessment Summary worksheet.

    Column ID Input Type Guidelines
    B Formula Automatic calculation, no entry required.
    C Formula Automatic calculation, no entry required: ITFM maturity focus area or lever, depending on the table.
    D Placeholder Ignore this column because it’s a placeholder for future reference.
    E, F, G Formula Automatic calculation, no entry required: average score related to the current state and target state, along with the corresponding variance per maturity focus area or lever (depending on the table).
    H Formula Automatic calculation, no entry required: preliminary priority based on the average variance (column G), where Low corresponds to an average variance between 0 and 0.5 (inclusive), Medium corresponds to an average variance between 0.51 and 0.99 (inclusive), and High corresponds to an average variance greater than or equal to 1.
    J Dropdown Select your final priority (Low, Medium, or High) per ITFM maturity focus area or lever, depending on the table.
    K Whole Number Enter the appropriate rank based on your priorities; do not use the same number more than once. A whole number between 1 and 3 to rank ITFM maturity focus areas, and between 1 and 9 to rank ITFM maturity levers, depending on the table.

    Review the following in the Excel workbook as per guidelines:

    1. Navigate to tab 3. Assessment Summary.
    2. Review your current-state and target-state result along with the corresponding variance per maturity focus area and maturity lever.
    3. Select the appropriate priority for each maturity focus area and maturity lever.
    4. Enter a unique rank for each maturity focus area (1 to 3).
    5. Enter a unique rank for each maturity lever (1 to 9).

    Download the IT Financial Management Maturity Assessment Tool

    Step 3

    Communicate your ITFM maturity results

    Content Overview

    1. Review your assessment charts
    2. Customize the assessment report
    3. Communicate your results

    This step involves the following participants:

    • CIO/IT director
    • CFO/finance director
    • IT finance lead
    • IT audit lead
    • Other IT management

    3. Communicate your ITFM maturity results

    3 hours

    Input: ITFM maturity assessment results

    Output: Customized ITFM maturity assessment report

    Materials: 3. Assessment Summary tab in the ITFM Maturity Assessment Tool, ITFM Maturity Assessment Report Template

    Participants: CIO/IT director, CFO/finance director, IT finance lead, IT audit lead, Other IT management

    1. Review assessment charts: navigate to the Assessment Summary tab in the ITFM Maturity Assessment Tool (see next slides) to view your results and related charts.
    2. Edit the report template: complete the template based on your results and priorities to develop your customized ITFM maturity assessment report (see next slide).
    3. Communicate results: communicate and deliberate the assessment results with assessment takers at a first stage, and with your stakeholders at a second stage. The objective is to agree on next steps, including developing an improvement plan.

    Download the IT Financial Management Maturity Assessment Tool

    TEMPLATE & EXAMPLE

    Review assessment charts

    Excel Workbook: ITFM Maturity Assessment Tool – Assessment Summary worksheet

    Refer to the example below on charts depicting different views of the maturity assessment results across the three focus areas and nine levers.

    Samples of different tabs from the ITFM Maturity Assessment Tool: 'Assessment Summary tab: From cell B49 to cell M100' and 'Assessment Summary tab: From cell K13 to cell Q34'.

    From the Excel workbook, after completing your potential initiatives and filling all related entries in the Outline Initiatives tab:

    1. Navigate to tab 3. Assessment Summary.
    2. Review each of the charts.
    3. Navigate back to the survey tabs to examine, drill down, and amend individual entries as you deem necessary.

    Download the IT Financial Management Maturity Assessment Tool

    TEMPLATE & EXAMPLE

    Customize your report

    PowerPoint presentation: ITFM Maturity Assessment Report Template

    Refer to the example below on slides depicting different views of the maturity assessment results across the three maturity focus areas and nine maturity levers.

    Samples of different slides from the ITFM Maturity Assessment Report Template, detailed below.

    Slide 6: Edit levels based on your assessment results. Copy and paste the appropriate maturity level definition and description from slide 4.

    Slide 7: Copy related charts from the assessment summary tab in the Excel workbook and remove the chart title. You can use the “Outer Offset: Bottom” shadow under shape effects on the chart.

    Slide 8: Copy related charts from the assessment summary tab in the Excel workbook and remove the chart title and legend. You can use the “Outer Offset: Center” shadow under shape effects on the chart.

    From the ITFM Maturity Assessment Report Template:

    1. Edit the report based on your results found in the assessment summary tab of the Excel workbook (see previous slide).
    2. Review slides 6 to 8 and bring necessary adjustments.

    Download the IT Financial Management Maturity Assessment Report Template

    Make informed business decisions

    Take a holistic approach to ITFM.

    • A thorough understanding of your technology spending in relation to business needs and drivers is essential to make informed decisions. As a trusted partner, you cannot have effective conversations around budgets and cost optimization without a solid foundation.
    • It is important to realize that ITFM is not a one-time exercise, but a continuous, sustainable process to educate (teach, mentor, and train), increase transparency, and assign responsibility.
    • Move up the ITFM maturity ladder by improving across three maturity focus areas:
      • Build an ITFM Foundation
      • Manage and Monitor IT Spending
      • Bridge the Language Barrier

    What’s Next?

    Communicate your maturity results with stakeholders and develop an actionable ITFM improvement plan.

    And remember, having informed discussions with your business partners and stakeholders, where technology helps propel your organization forward, is priceless!

    IT Financial Management Team

    Photo of Dave Kish, Practice Lead, ITFM Practice, Info-Tech Research Group. Dave Kish
    Practice Lead, ITFM Practice
    Info-Tech Research Group
    Photo of Jennifer Perrier, Principal Research Director, ITFM Practice, Info-Tech Research Group. Jennifer Perrier
    Principal Research Director, ITFM Practice
    Info-Tech Research Group
    Photo of Angie Reynolds, Principal Research Director, ITFM Practice, Info-Tech Research Group. Angie Reynolds
    Principal Research Director, ITFM Practice
    Info-Tech Research Group
    Photo of Monica Braun, Research Director, ITFM Practice, Info-Tech Research Group. Monica Braun
    Research Director, ITFM Practice
    Info-Tech Research Group
    Photo of Rex Ding, Research Specialist, ITFM Practice, Info-Tech Research Group. Rex Ding
    Research Specialist, ITFM Practice
    Info-Tech Research Group
    Photo of Aman Kumari, Research Specialist, ITFM Practice, Info-Tech Research Group. Aman Kumari
    Research Specialist, ITFM Practice
    Info-Tech Research Group

    Research Contributors and Experts

    Photo of Amy Byalick, Vice President, IT Finance, Info-Tech Research Group. Amy Byalick
    Vice President, IT Finance
    Info-Tech Research Group
    Amy Byalick is an IT Finance practitioner with 15 years of experience supporting CIOs and IT leaders elevating the IT financial storytelling and unlocking insights. Amy is currently working at Johnson Controls as the VP, IT Finance, previously working at PepsiCo, AmerisourceBergen, and Jacobs.
    Photo of Carol Carr, Technical Counselor, Executive Services, Info-Tech Research Group. Carol Carr
    Technical Counselor, Executive Services
    Info-Tech Research Group
    Photo of Scott Fairholm, Executive Counselor, Executive Services, Info-Tech Research Group. Scott Fairholm
    Executive Counselor, Executive Services
    Info-Tech Research Group
    Photo of Gokul Rajan, Executive Counselor, Executive Services, Info-Tech Research Group. Gokul Rajan
    Executive Counselor, Executive Services
    Info-Tech Research Group
    Photo of Allison Kinnaird, Practice Lead, Infrastructure & Operations, Info-Tech Research Group. Allison Kinnaird
    Practice Lead, Infrastructure & Operations
    Info-Tech Research Group
    Photo of Isabelle Hertanto, Practice Lead, Security & Privacy, Info-Tech Research Group. Isabelle Hertanto
    Practice Lead, Security & Privacy
    Info-Tech Research Group

    Related Info-Tech Research

    Sample of the IT spending transparency research. Achieve IT Spending Transparency

    Mature your ITFM practice by activating the means to make informed business decisions.

    Sample of the IT cost optimization roadmap research. Build Your IT Cost Optimization Roadmap

    Develop an IT cost optimization strategy based on your specific circumstances and timeline.

    Bibliography

    Eby, Kate. “The Complete Guide to Organizational Maturity: Models, Levels, and Assessments.” Smartsheet, 8 June 2022. Web.

    “Financial Management Maturity Model.” National Audit Office, n.d. Accessed 28 Apr. 2023.

    “ITFM/TBM Program Maturity Guide.” Nicus Software, n.d. Accessed 28 Apr. 2023.

    Jouravlev, Roman. "Service Financial Management: ITIL 4 Practice Guide." Axelos, 2020.

    McCarthy, Seamus. “Financial Management Maturity Model: A Good Practice Guide.” Office of the Comptroller & Auditor General, 26 June 2018. Web.

    “Principles for Effective Risk Data Aggregation and Risk Reporting.“ Bank for International Settlements, Jan. 2013. Web.

    “Role & Influence of the Technology Decision-Maker 2022.” Foundry, 2022. Web.

    Stackpole, Beth. “State of the CIO, 2022: Focus turns to IT fundamentals.” CIO, 21 March 2022. Web.

    “Tech Spend Pulse.” Flexera, 2022. Web.

    Appendix A

    Definition and Description
    Per Maturity Level

    ITFM maturity levels and definitions

    Maturity Level

    Definition

    Description

    Nascent
    Level 1
    Inability to consistently deliver financial planning services ITFM practices are almost inexistent. Only the most basic financial tasks and activities are being performed on an ad hoc basis to fulfill the Finance department’s requests.
    Cost Operator
    Level 2
    Rudimentary financial planning capabilities. ITFM activities revolve around minimizing the IT budget as much as possible. ITFM practices are not well defined, and IT’s financial view is limited to day-to-day technical operations.
    IT is only involved in low complexity decision making, where financial conversations center on general ledger items and IT spending.
    Trusted Coordinator
    Level 3
    Enablement of business through cost-effective supply of technology. ITFM activities revolve around becoming a proficient and cost-effective technology supplier to business partners.
    ITFM practices are in place, with moderate coordination and adherence to execution. Various IT business units coordinate to produce a consolidated financial view focused on business services.
    IT is involved in moderate complexity decision making, as a technology subject matter expert, where financial conversations center on IT spending in relation to technology services or solutions provided to business partners.
    Value Optimizer
    Level 4
    Effective impact on business performance. ITFM activities revolve around optimizing existing technology investments to improve both IT and business performance.
    ITFM practices are well managed, established, documented, repeatable, and integrated as necessary across the organization. IT’s financial view tie technology investments to lines of business, business products, and business capabilities.
    Business partners are well informed on the technology mix and drive related discussion. IT is trusted to contribute to complex decision making around existing investments to cost-effectively plan initiatives, as well as enhance business performance.
    Strategic Partner
    Level 5
    Influence on the organization’s strategic direction. ITFM activities revolve around predicting the outcome of new or potential technology investments to continuously optimize business performance.
    ITFM practices are fully optimized, reviewed, and improved in a continuous and sustainable manner, and related execution is tracked by gathering qualitative and quantitative feedback. IT’s financial view is holistic and fully integrated with the business, with an outlook on innovation, growth, and strategic transformation.
    Business and IT leaders know the financial ramifications of every business and technology investment decision. IT is trusted to contribute to strategic decision making around potential and future investments to grow and transform the business.

    Appendix B

    Maturity Level Definitions and Descriptions
    Per Lever

    Establish your ITFM team

    Maturity focus area: Build an ITFM foundation.

    Maturity Level

    Definition

    Description

    Nascent
    Level 1
    Inability to provide any type of financial insight.ITFM tasks, activities, and functions are not being met in any way, shape, or form.
    Cost Operator
    Level 2
    Ability to provide basic financial insights.There is no dedicated ITFM team.


    Basic ITFM tasks, activities, and functions are being performed on an ad hoc basis, such as high-level budget reporting.

    Trusted Coordinator
    Level 3
    Ability to provide basic business insights.A dedicated team is fulfilling essential ITFM tasks, activities, and functions.


    ITFM team can combine and analyze financial and technology data to produce necessary reports.

    Value Optimizer
    Level 4
    Ability to provide valuable business driven insights.A dedicated ITFM team with well-defined roles and responsibilities can provide effective advice to IT leaders, in a timely fashion, and positively influence IT decisions.
    Strategic Partner
    Level 5
    Ability to influence both technology and business decisions.A dedicated and highly specialized ITFM team is trusted and valued by both IT and Business leaders.


    Insights provided by the ITFM team can influence and shape the organization’s strategy.

    Set up your governance structure

    Maturity focus area: Build an ITFM foundation

    Maturity Level

    Definition

    Description

    Nascent
    Level 1
    Inability to ensure any adherence to rules and regulations.ITFM frameworks, guidelines, policies, and procedures are not developed nor documented.
    Cost Operator
    Level 2
    Ability to ensure basic adherence to rules and regulations.Basic ITFM frameworks, guidelines, policies, and procedures are in place, developed on an ad hoc basis, with no apparent coherence or complete documentation.
    Trusted Coordinator
    Level 3
    Ability to ensure compliance to rules and regulations, as well as accountability across ITFM processes.Essential ITFM frameworks, guidelines, policies, and procedures are in place, coherent, and documented, aiming to (a) comply with rules and regulations, and (b) provide clear accountability.
    Value Optimizer
    Level 4
    Ability to ensure compliance to rules and regulations, as well as structure, transparency, and business alignment across ITFM processes.ITFM frameworks, guidelines, policies, and procedures are well defined, coherent, documented, and regularly reviewed, aiming to (a) comply with rules and regulations, (b) provide clear accountability, and (c) maintain business alignment.
    Strategic Partner
    Level 5
    Ability to:
    • Ensure compliance to rules and regulations, as well as ITFM processes are transparent, structured, focused on business objectives, and support decision making.
    • Reinforce and shape the organization culture.
    ITFM frameworks, guidelines, policies, and procedures are complete, well defined, coherent, documented, continuously reviewed, and improved, aiming to (a) comply with rules and regulations, (b) provide clear accountability, (c) maintain business alignment, and (d) facilitate the decision-making process.


    Enforcement of the ITFM governance structure can influence the organization culture.

    Adopt ITFM processes and tools

    Maturity focus area: Build an ITFM foundation.

    Maturity Level

    Definition

    Description

    Nascent
    Level 1
    Inability to deliver IT financial planning and performance output.ITFM processes and tools are not developed nor documented.
    Cost Operator
    Level 2
    Ability to deliver basic IT financial planning output.Basic ITFM processes and tools are in place, developed on an ad hoc basis, with no apparent coherence or complete documentation.
    Trusted Coordinator
    Level 3
    Ability to deliver accurate IT financial output and basic IT performance output in a consistent cadence.Essential ITFM processes and tools are in place, coherent, and documented, aiming to (a) maintain integrity across activities, tasks, methodologies, data, and reports; (b) deliver IT financial planning and performance output needed by stakeholders; and (c) provide clear accountability. ITFM tools and processes are adopted by the ITFM team and some IT business units but are not fully integrated.
    Value Optimizer
    Level 4
    Ability to deliver accurate IT financial planning and performance output at the needed level of detail to stakeholders in a consistent cadence.ITFM processes and tools are complete, well defined, coherent, documented, continuously reviewed, and improved, aiming to (a) maintain integrity across activities, tasks, methodologies, data, and reports; (b) deliver IT financial planning and performance output needed by stakeholders; (c) provide clear accountability; and (d) facilitate decision-making. ITFM tools and processes are adopted by IT and business partners but are not fully integrated.
    Strategic Partner
    Level 5
    Ability to:
    • Deliver accurate IT financial planning and performance output at the needed level of detail to stakeholders.
    • Leverage IT financial planning and performance output in real time and when needed by stakeholders.
    ITFM processes and tools are complete, well defined, coherent, documented, continuously reviewed, and improved, aiming to (a) maintain integrity across activities, tasks, methodologies, data, and reports; (b) deliver IT financial planning and performance output needed by stakeholders; (c) provide clear accountability; and (d) facilitate decision making.


    ITFM processes and tools are automated to the full extent needed by the organization, utilized to their full potential, and integrated into a single enterprise platform, providing a holistic view of IT spending and IT performance.

    Standardize your taxonomy and data model

    Maturity focus area: Manage and monitor IT spending.

    Maturity Level

    Definition

    Description

    Nascent
    Level 1
    Inability to provide transparency across technology spending.ITFM taxonomy and data model are not developed nor documented.
    Cost Operator
    Level 2
    Ability to provide transparency and support IT financial planning data, analysis, and reporting needs of finance stakeholders.ITFM taxonomy and data model are in place, developed on an ad hoc basis, with no apparent coherence or complete documentation, to comply with, and meet the needs of finance stakeholders.
    Trusted Coordinator
    Level 3
    Ability to provide transparency and support IT financial planning and performance data, analysis, and reporting needs of IT and finance stakeholders.ITFM taxonomy and data model are in place, coherent, and documented to meet the needs of IT and finance stakeholders.
    Value Optimizer
    Level 4
    Ability to provide transparency and support IT financial planning and performance data, analysis, and reporting needs of IT, finance, business, and executive stakeholders.ITFM taxonomy and data model are complete, well defined, coherent, documented, continuously reviewed, and improved, aiming to provide (a) a holistic view of IT spending and IT performance, (b) visibility and transparency, (c) flexibility, and (d) valuable insights to facilitate data driven decision making.


    ITFM taxonomy and data model are standardized to meet the needs of IT, finance, business, and executive stakeholders, but not flexible enough to be adjusted in a timely fashion as needed.

    Strategic Partner
    Level 5
    Ability to:
    • Provide transparency and support IT financial planning and performance data, analysis, and reporting needs of IT, finance, business, and executive stakeholders.
    • Change to meet evolving needs.
    ITFM taxonomy and data model are complete, well defined, coherent, documented, continuously reviewed, and improved, aiming to provide (a) a holistic view of IT spending and IT performance, (b) visibility and transparency, (c) flexibility, and (d) valuable insights to facilitate data driven decision making.


    ITFM taxonomy and data model are standardized and meet the changing needs of IT, finance, business, and executive stakeholders.

    Identify, gather, and prepare your data

    Maturity focus area: Manage and monitor IT spending.

    Maturity Level

    Definition

    Description

    Nascent
    Level 1
    Inability to provide accurate and complete across technology spending.ITFM data needs and requirements are not understood.
    Cost Operator
    Level 2
    Ability to provide accurate, but incomplete IT financial planning data to meet the needs of finance stakeholders.Technology spending data is extracted, transformed, and loaded on an ad hoc basis to meet the needs of finance stakeholders.
    Trusted Coordinator
    Level 3
    Ability to provide accurate and complete IT financial planning data to meet the needs of IT and finance stakeholders, but IT performance data remain incomplete.IT financial planning data is extracted, transformed, and loaded in a regular cadence to meet the needs of IT and finance stakeholders.


    IT financial planning data is (a) complete and accurate, as defined in related control documents (guideline, policies, procedures, etc.), (b) regularly validated for inconsistencies, and (c) sourced from the organization’s system of record.

    Value Optimizer
    Level 4
    Ability to provide accurate and complete IT financial planning and performance data to meet the needs of IT, finance, business, and executive stakeholders.ITFM data needs and requirements are understood.


    ITFM data is extracted, transformed, and loaded in a regular cadence to meet the needs of IT, finance, business, and executive stakeholders.


    IT financial planning and performance data are (a) complete and accurate, as defined in related control documents (guideline, policies, procedures, etc.), (b) regularly validated for inconsistencies, and (c) sourced from the organization’s system of record.

    Strategic Partner
    Level 5
    Ability to provide accurate and complete IT financial planning and performance data real time and when needed by IT, finance, business, and executive stakeholders.ITFM data needs and requirements are understood.


    IT financial planning and performance data are (a) complete and accurate, as defined in related control documents (guideline, policies, procedures, etc.), (b) regularly validated for inconsistencies, (c) available and refreshed as needed, and (d) sourced from the organization’s system of record.

    Analyze your findings and develop your reports

    Maturity focus area: Manage and monitor IT spending.

    Maturity Level

    Definition

    Description

    Nascent
    Level 1
    Inability to provide any type of financial insight.ITFM analysis and reports are not developed nor documented.
    Cost Operator
    Level 2
    Ability to provide basic financial insights.IT financial planning analysis is conducted on an ad hoc basis to meet the needs of finance stakeholders.
    Trusted Coordinator
    Level 3
    Ability to provide basic financial planning and performance insights to meet the needs of IT and finance stakeholders.IT financial planning and performance analysis are methodical and rigorous, as defined in related control documents (guideline, policies, procedures, etc.).


    IT financial planning and performance reports are accurate, precise, and methodical, as defined in related control documents (guideline, policies, procedures, etc.).

    Value Optimizer
    Level 4
    Ability to provide practical insights and useful recommendations as needed by IT, finance, business, and executive stakeholders to facilitate business decision making around technology investments.ITFM analysis and reports support business decision making around technology investments.


    IT financial planning and performance analysis are methodical and rigorous, as defined in related control documents (guideline, policies, procedures, etc.).


    IT financial planning and performance reports are (a) accurate, precise, and methodical, as defined in related control documents (guideline, policies, procedures, etc.), (b) fit for purpose, and (c) regularly validated for inconsistencies.

    Strategic Partner
    Level 5
    Ability to provide practical insights and useful recommendations as needed by IT, finance, business, and executive stakeholders to facilitate strategic decision making.ITFM analysis and reports support strategic decision making.


    IT financial planning and performance analysis are methodical and rigorous, as defined in related control documents (guideline, policies, procedures, etc.), and consider multiple point of views (hypotheses, interpretations, opinions, etc.).


    IT financial planning and performance reports are (a) accurate, precise, and methodical, as defined in related control documents (guideline, policies, procedures, etc.), (b) fit for purpose, (c) comprehensive, and (d) regularly validated for inconsistencies.

    Communicate your IT spending

    Maturity focus area: Bridge the language barrier.

    Maturity Level

    Definition

    Description

    Nascent
    Level 1
    Inability of organization stakeholders to communicate and understand each other.The organization stakeholders including IT, finance, business, and executives do not understand one another, and cannot speak the same language.
    Cost Operator
    Level 2
    Ability to understand business and finance requirements.IT understands and meets business and financial planning requirements but does not communicate in a similar language.


    IT cannot influence finance or business decision making.

    Trusted Coordinator
    Level 3
    Ability to understand the needs of different stakeholders including IT, finance, business, and executives and take part in decision making around technology spending.The organization stakeholders including IT, finance, business, and executives understand each other’s needs, but do not communicate in a common language.


    IT leaders provide insights as technology subject matter experts, where conversations center on IT spending in relation to technology services or solutions provided to business partners.


    IT can influence technology decisions around its own budget.

    Value Optimizer
    Level 4
    Ability to communicate in a common vocabulary across the organization and take part in business decision making around technology investments.The organization stakeholders including IT, finance, business, and executives communicate in a common vocabulary and understand one another.


    IT and business leaders, along with their respective teams, collaborate frequently across various initiatives.


    IT leaders provide valuable insight to support and influence business decision making around existing technology investments.

    Strategic Partner
    Level 5
    Ability to communicate in a common vocabulary across the organization and take part in strategic decision making.The organization stakeholders including IT, finance, business, and executives communicate in a common vocabulary and understand one another.


    IT and business leaders, along with their respective teams, collaborate frequently across various initiatives.


    IT leaders provide valuable insight to facilitate decision making around potential and future investments to grow and transform the business, thus influencing the organization’s overall strategic direction.

    Educate the masses

    Maturity focus area: Bridge the language barrier.

    Maturity Level

    Definition

    Description

    Nascent
    Level 1
    Inability of organization stakeholders to acquire knowledge.Educational resources are inexistent.
    Cost Operator
    Level 2
    Ability to acquire financial knowledge and understand financial concepts.IT leaders have access to educational resources to gain the financial knowledge necessary to perform their duties.
    Trusted Coordinator
    Level 3
    Ability to acquire financial and business knowledge and understand related concepts.IT leaders and their respective teams have access to educational resources to gain the financial and business knowledge necessary to perform their duties.


    ITFM team has access to the necessary educational resources to keep up with changing financial regulations and technology developments.

    Value Optimizer
    Level 4
    Ability to acquire knowledge, across technology, business, and finance as needed by different organization stakeholders, and the leadership understand concepts across these various domains.Stakeholders including IT, finance, business, and executives have access to various educational resources to gain knowledge in different domains as needed.


    IT leaders have a good understanding of business and financial concepts.


    Business leaders have a good understanding of technology concepts.

    Strategic Partner
    Level 5
    Ability to acquire knowledge, and understand concepts across technology, business, and finance as needed by different organization stakeholders.The organization promotes continuous learning through well designed programs including training, mentorship, and academic courses. Thus, stakeholders including IT, finance, business, and executives have access to various educational resources to gain knowledge in different domains as needed.


    IT leaders and their respective teams have a good understanding of business and financial concepts.


    Business leaders and their respective teams have a good understanding of technology concepts.

    Influence your organization’s culture

    Maturity focus area: Bridge the language barrier.

    Maturity Level

    Definition

    Description

    Nascent
    Level 1
    Inability to provide and foster an environment of collaboration and continuous improvement.Stakeholders including IT, finance, business, and executives operate in silos, and collaboration between different teams is inexistent.
    Cost Operator
    Level 2
    Ability to provide an environment of cooperation to meet the needs of IT, finance, and business leaders.IT, finance, and business leaders cooperate to meet financial planning requirements as necessary to perform their duties.
    Trusted Coordinator
    Level 3
    Ability to provide and foster an environment of collaboration across the organization.IT, finance, and business collaborate on various initiatives.

    ITFM employees are trusted and supported by their stakeholders (IT, finance, and business).

    Value Optimizer
    Level 4
    Ability to provide and foster an environment of collaboration and continuous improvement, where employees across the organization feel trusted, supported, empowered, and valued.Stakeholders including IT, finance, business, and executives support and promote continuous improvement, transparency practices, and collaboration across the organization.


    Employees are trusted, supported, empowered, and valued.

    Strategic Partner
    Level 5
    Ability to provide and foster an environment of collaboration and continuous improvement, where leaders are willing to change, and employees across the organization feel trusted, supported, empowered, and valued.Stakeholders including IT, finance, business, and executives support and promote continuous improvement, transparency practices, and collaboration across the organization.


    The organization’s leadership is adaptable and open to change.


    Employees are trusted, supported, empowered, and valued.

    Manage Service Catalogs

    • Buy Link or Shortcode: {j2store}44|cart{/j2store}
    • Related Products: {j2store}44|crosssells{/j2store}
    • member rating overall impact (scale of 10): 9.0/10
    • member rating average dollars saved: $3,956
    • member rating average days saved: 24
    • Parent Category Name: Service Planning and Architecture
    • Parent Category Link: /service-planning-and-architecture

    The challenge

    • Your business users may not be aware of the full scope of your services.
    • Typically service information is written in technical jargon. For business users, this means that the information will be tough to understand.
    • Without a service catalog, you have no agreement o what is available, so business will assume that everything is.

    Our advice

    Insight

    • Define your services from a user's or customer perspective.
      • When your service catalog contains too much information that does not apply to most users, they will not use it.
    • Separate the line-of-business services from enterprise services. It simplifies your documentation process and makes the service catalog more comfortable to use.

    Impact and results 

    • Our approach helps you organize your service catalog in a business-friendly way while keeping it manageable for IT.
    • And manageable also means that your service catalog remains a living document. You can update your service records easily.
    • Your service catalog forms a visible bridge between IT and the business. Improve IT's perception by communicating the benefits of the service catalog.

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Get started

    Our concise executive brief shows you why building a service catalog is a good idea for your company. We'll show you our methodology and the ways we can help you in handling this.

    Minimize the risks from attrition through an effective knowledge transfer process.

    Launch the initiative

    Our launch phase will walk you through the charter template, build help a balanced team, create your change message and communication plan to obtain buy-in from all your organization's stakeholders.

    • Design & Build a User-Facing Service Catalog – Phase 1: Launch the Project (ppt)
    • Service Catalog Project Charter (doc)

    Identify and define the enterprise services

    Group enterprise services which you offer to everyone in the company, logically together.

    • Design & Build a User-Facing Service Catalog – Phase 2: Identify and Define Enterprise Services (ppt)
    • Sample Enterprise Services (ppt)

    Identify and define your line-of-business (LOB) services

    These services apply only to one business line. Other business users should not see them in the catalog.

    • Design & Build a User-Facing Service Catalog – Phase 3: Identify and Define Line of Business Services (ppt)
    • Sample LOB Services – Industry Specific (ppt)
    • Sample LOB Services – Functional Group (ppt)

    Complete your services definition chart

    Complete this chart to allow the business to pick what services to include in the service catalog. It also allows you to extend the catalog with technical services by including IT-facing services. Of course, separated-out only for IT.

    • Design & Build a User-Facing Service Catalog – Phase 4: Complete Service Definitions (ppt)
    • Services Definition Chart (xls)

    Network Segmentation

    • Buy Link or Shortcode: {j2store}503|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Network Management
    • Parent Category Link: /network-management
    • Many legacy networks were built for full connectivity and overlooked potential security ramifications.
    • Malware, ransomware, and bad actors are proliferating. It is not a matter of if you will be compromised but how can the damage be minimized.
    • Cyber insurance will detective control, not a preventative one. Prerequisite audits will look for appropriate segmentation.

    Our Advice

    Critical Insight

    • Lateral movement amplifies damage. Contain movement within the network through segmentation.
    • Good segmentation is a balance between security and manageability. If solutions are too complex, they won’t be updated or maintained.
    • Network services and users change over time, so must your segmentation strategy. Networks are not static; your segmentation must maintain pace.

    Impact and Result

    • Create a common understanding of what is to be built, for whom, and why.
    • Define what services will be offered and how they will be governed.
    • Understand which assets that you already have can jump start the project.

    Network Segmentation Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Network Segmentation Deck – A deck to help you minimize risk by controlling traffic flows within the network.

    Map out appropriate network segmentation to minimize risk in your network.

    • Network Segmentation Storyboard
    [infographic]

    Further reading

    Network Segmentation

    Protect your network by controlling the conversations within it.

    Executive Summary

    Info-Tech Insight

    Lateral movement amplifies damage

    From a security perspective, bad actors often use the tactic of “land and expand.” Once a network is breached, if east/west or lateral movement is not restricted, an attacker can spread quickly within a network from a small compromise.

    Good segmentation is a balance between security and manageability

    The ease of management in a network is usually inversely proportional to the amount of segmentation in that network. Highly segmented networks have a lot of potential complications and management overhead. In practice, this often leads to administrators being confused or implementing shortcuts that circumvent the very security that was intended with the segmentation in the first place.

    Network services and users change over time, so must your segmentation strategy

    Network segmentation projects should not be viewed as singular or “one and done.” Services and users on a network are constantly evolving; the network segmentation strategy must adapt with these changes. Be sure to monitor and audit segmentation deployments and change or update them as required to maintain a proper risk posture.

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    Networks are meant to facilitate communication, and when devices on a network cannot communicate, it is generally seen as an issue. The simplest answer to this is to design flat, permissive networks. With the proliferation of malware, ransomware, and advanced persistent threats (ATPs) a flat or permissive network is an invitation for bad actors to deliver more damage at an increased pace.

    Cyber insurance may be viewed as a simpler mitigation than network reconfiguration or redesign, but this is not a preventative solution, and the audits done before policies are issued will flag flat networks as a concern.

    Network segmentation is not a “bolt on” fix. To properly implement a minimum viable product for segmentation you must, at a minimum:

    • Understand the endpoints and their appropriate traffic flows.
    • Understand the technologies available to implement segmentation.

    Implementing appropriate segmentation often involves elements of (if not a full) network redesign.

    To ensure the best results in a timely fashion, Info-Tech recommends a methodology that consists of:

    • Understand the network (or subset thereof) and prioritizing segmentation based on risk.
    • Align the appropriate segmentation methodology for each surfaced segment to be addressed.
    • Monitor the segmented environment for compliance and design efficacy, adding to and modifying existing as required.

    Info-Tech Insight

    The aim of networking is communication, but unfettered communication can be a liability. Appropriate segmentation in networks, blocking communications where they are not required or desired, restricts lateral movement within the network, allowing for better risk mitigation and management.

    Network segmentation

    Compartmentalization of risk:

    Segmentation is the practice of compartmentalizing network traffic for the purposes of mitigating or reducing risk. Segmentation methodologies can generally be grouped into three broad categories:

    1. Physical Segmentation

    The most common implementation of physical segmentation is to build parallel networks with separate hardware for each network segment. This is sometimes referred to as “air gapping.”

    2. Static Virtual Segmentation

    Static virtual segmentation is the configuration practice of using technologies such as virtual LANs (VLANs) to assign ports or connections statically to a network segment.

    3. Dynamic Virtual Segmentation

    Dynamic virtual segmentation assigns a connection to a network segment based on the device or user of the connection. This can be done through such means as software defined networking (SDN), 802.1x, or traffic inspection and profiling.

    Common triggers for network segmentation projects

    1. Remediate Audit Findings

    Many security audits (potentially required for or affecting premiums of cyber insurance) will highlight the potential issues of non-segmented networks.

    2. Protect Vulnerable Technology Assets

    Whether separating IT and OT or segmenting off IoT/IIoT devices, keeping vulnerable assets separated from potential attack vectors is good practice.

    3. Minimize Potential for Lateral Movement

    Any organization that has experienced a cyber attack will realize the value in segmenting the network to slow a bad actor’s movement through technology assets.

    How do you execute on network segmentation?

    The image contains a screenshot of the network segmentation process. The process includes: identify risk, design segmentation, and operate and optimize.

    Identify risks by understanding access across the network

    Gain visibility

    Create policy

    Prioritize change

    "Security, after all, is a risk business. As companies don't secure everything, everywhere, security resilience allows them to focus their security resources on the pieces of the business that add the most value to an organization, and ensure that value is protected."

    – Helen Patton,

    CISO, Cisco Security Business Group, qtd. In PR News, 2022

    Discover the data flows within the network. This should include all users on the network and the environments they are required to access as well as access across environments.

    Examine the discovered flows and define how they should be treated.

    Change takes time. Use a risk assessment to prioritize changes within the network architecture.

    Understand the network space

    A space is made up of both services and users.

    Before starting to consider segmentation solutions, define whether this exercise is aimed at addressing segmentation globally or at a local level. Not all use cases are global and many can be addressed locally.

    When examining a network space for potential segmentation we must include:

    • Services offered on the network
    • Users of the network

    To keep the space a consumable size, both of these areas should be approached in the abstract. To abstract, users and services should be logically grouped and generalized.

    Groupings in the users and services categories may be different across organizations, but the common thread will be to contain the amount of groupings to a manageable size.

    Service Groupings

    • Are the applications all components of a larger service or environment?
    • Do the applications serve data of a similar sensitivity?
    • Are there services that feed data and don’t interact with users (IoT, OT, sensors)?

    User Groupings

    • Do users have similar security profiles?
    • Do users use a similar set of applications?
    • Are users in the same area of your organization chart?
    • Have you considered access by external parties?

    Info-Tech Insight

    The more granular you are in the definition of the network space, the more granular you can be in your segmentation. The unfortunate corollary to this is that the difficulty of managing your end solution grows with the granularity of your segmentation.

    Create appropriate policy

    Understand which assets to protect and how.

    Context is key in your ability to create appropriate policy. Building on the definition of the network space that has been created, context in the form of the appropriateness of communications across the space and the vulnerabilities of items within the space can be layered on.

    To decide where and how segmentation might be appropriate, we must first examine the needs of communication on the network and their associated risk. Once defined, we can assess how permissive or restrictive we should be with that communication.

    The minimum viable product for this exercise is to define the communication channel possibilities, then designate each possibility as one of the following:

    • Permissive – we should freely allow this traffic
    • Restricted – we should allow some of the traffic and/or control it
    • Rejected – we should not allow this traffic

    Appropriate Communications

    • Should a particular group of users have access to a given service?
    • Are there external users involved in any grouping?

    Potential Vulnerabilities

    • Are the systems in question continually patched/updated?
    • Are the services exposed designed with the appropriate security?

    Prioritize the potential segmentation

    Use risk as a guide to prioritize segmentation.

    For most organizations, the primary reason for network segmentation is to improve security posture. It follows that the prioritization of initiatives and/or projects to implement segmentation should be based on risk.

    When examining risk, an organization needs to consider both:

    • Impact and likelihood of visibility risk in respect to any given asset, data, or user
    • The organization’s level of risk tolerance

    The assets or users that are associated with risk levels higher than the tolerance of the organization should be prioritized to be addressed.

    Service Risks

    • If this service was affected by an adverse event, what would the impact on the organization be?

    User Risks

    • Are the users in question FTEs as opposed to contractors or outsourced resources?
    • Is a particular user group more susceptible to compromise than others?

    Info-Tech Insight

    Be sure to keep this exercise relative so that a clear ranking occurs. If it turns out that everything is a priority, then nothing is a priority. When ranking things relative to others in the exercise, we ensure clear “winners” and “losers.”

    Assess risk and prioritize action

    1-3 hours

    1. Define a list of users and services that define the network space to be addressed. If the lists are too long, use an exercise like affinity diagramming to appropriately group them into a smaller subset.
    2. Create a matrix from the lists (put users and services along the rows and columns). In the intersecting points, label how the traffic should be treated (e.g. Permissive, Restricted, Rejected).
    3. Examine the matrix and assess the intersections for risk using the lens of impact and likelihood of an adverse event. Label the intersections for risk level with one of green (low impact/likelihood), yellow (medium impact/likelihood), or red (high impact/likelihood).
    4. Find commonalities within the medium/high areas and list the users or services as priorities to be addressed.
    Input Output
    • Network, application, and security documentation
    • A prioritized list of areas to address with segmentation
    Materials Participants
    • Whiteboard/Flip Charts

    OR

    • Excel spreadsheet
    • Network Team
    • Application Team
    • Security Team
    • Data Team

    Design segmentation

    Segmentation comes in many flavors; decide which is right for the specific circumstance.

    Methodology

    Access control

    "Learning to choose is hard. Learning to choose well is harder. And learning to choose well in a world of unlimited possibilities is harder still, perhaps too hard."

    ― Barry Schwartz, The Paradox of Choice: Why More Is Less

    What is the best method to segment the particular user group, service, or environment in question?

    How can data or user access move safely and securely between network segments?

    Decide on which methods work for your circumstances

    You always have options…

    There are multiple lenses to look through when making the decision of what the correct segmentation method might be for any given user group or service. A potential subset could include:

    • Effort to deploy
    • Cost of the solution
    • Skills required to operate
    • Granularity of the segmentation
    • Adaptability of the solution
    • Level of automation in the solution

    Info-Tech Insight

    Network segmentation within an organization is rarely a one-size-fits-all proposition. Be sure to look at each situation that has been identified to need segmentation and align it with an appropriate solution. The overall number of solutions deployed has to maintain a balance between that appropriateness and the effort to manage multiple environments.

    Framework to examine segmentation methods

    To assess we need to understand.

    To assess when technologies or methodologies are appropriate for a segmentation use case, we need to understand what those options are. We will be examining potential segmentation methods and concepts within the following framework:

    WHAT

    A description of the segmentation technology, method, or concept.

    WHY

    Why would this be used over other choices and/or in what circumstances?

    HOW

    A high-level overview of how this option could or would be deployed.

    Notional assessments will be displayed in a sidebar to give an idea of Effort, Cost, Skills, Granularity, Adaptability, and Automation.

    Implement

    Notional level of effort to implement on a standard network

    Cost

    Relative cost of implementing this segmentation strategy

    Maintain

    Notional level of time and skills needed to maintain

    Granularity

    How granular this type of segmentation is in general

    Adaptability

    The ability of the solution to be easily modified or changed

    Automation

    The level of automation inherent in the solution

    Air gap

    … And never the twain shall meet.

    – Rudyard Kipling, “The Ballad of East and West.”

    WHAT

    Air gapping is a strategy to protect portions of a network by segmenting those portions and running them on completely separate hardware from the primary network. In an air gap scenario, the segmented network cannot have connectivity to outside networks. This difference makes air gapping a very specific implementation of parallel networks (which are still segmented and run on separate hardware but can be connected through a control point).

    WHY

    Air gap is a traditional choice when environments need to be very secure. Examples where air gaps exist(ed) are:

    • Operational technology (OT) networks
    • Military networks
    • Critical infrastructure

    HOW

    Most networks are not overprovisioned to a level that physical segmentation can be done without purchasing new equipment. The major steps required for constructing an air gap include:

    • Design segmentation
    • Purchase and install new hardware
    • Cable to new hardware

    The image contains a screenshot that demonstrates pie graphs with the notional assessments: Effort, Cost, Skills, Granularity, and Automation.

    Info-Tech Insight

    An air gapped network is the ultimate in segmentation and security … as long as the network does not require connectivity. It is unfortunately rare in today’s world that a network will stand on its own without any need for external connectivity.

    VLAN

    Do what you can, with what you’ve got…

    – Theodore Roosevelt

    WHAT

    Virtual local area networks (VLANs) are a standard feature on today’s firewalls, routers, and manageable switches. This configuration option allows for network traffic to be segmented into separate virtual networks (broadcast domains) on existing hardware. This segmentation is done at layer 2 of the OSI model. All traffic will share the same hardware but be partitioned based on “tags” that the local device applies to the traffic. Because of these tags, traffic is handled separately at layer 2 of the OSI model, but traffic can pass between segments at layer 3 (e.g. IP layer).

    WHY

    VLANs are commonly used because most existing deployments already have the technology available without extra licensing. VLANs are also potentially used as foundational components in more complex segmentation strategies such as static or dynamic overlays.

    HOW

    VLANs allow for segmentation of a device at the port level. VLAN strategies are generally on a location level (e.g. most VLAN deployments are local to a site, though the same structure may be used among sites). To deploy VLANs you must:

    • Define VLAN segments
    • Assign ports appropriately

    The image contains a screenshot that demonstrates pie graphs with the notional assessments: Effort, Cost, Skills, Granularity, and Automation.

    Info-Tech Insight

    VLANs are tried and true segmentation workhorses. The fact that they are already included in modern manageable solutions means that there is very little reason to not have some level of segmentation within a network.

    Micro-segmentation

    Everyone is against micromanaging, but macro managing means you’re working on the big picture but don’t understand the details.

    – Henry Mintzberg

    WHAT

    Micro-segmentation is used to secure and control network traffic between workloads. This is a foundational technology when implementing zero trust or least-privileged access network designs. Segmentation is done at or directly adjacent to the workload (on the system or its direct network connectivity) through firewall or similar policy controls. The controls are set to only allow the network communication required to execute the workload and is limited to appropriate endpoints. This restrictive design restricts all traffic (including east-west) and reduces the attack surface.

    WHY

    Micro-segmentation is primarily used:

    • In server-to-server communication.
    • When lateral movement by bad actors is identified as a concern.

    HOW

    Micro-segmentation can be deployed at different places within the connectivity depending on the technologies used:

    • Workload/server (e.g. server firewall)
    • VM network overlay (e.g. VMware NSX)
    • Network port (e.g. ACL, firewall, ACI)
    • Cloud native (e.g. Azure Firewall)

    Info-Tech Insight

    Micro-segmentation is necessary in the data center to limit lateral movement. Just be sure to be thorough in defining required communication as this technology works on allowlists, not traditional blocklists.

    Static overlay

    Adaptability is key.

    – Marc Andreessen

    WHAT

    Static overlays are a form of virtual segmentation that allows multiple network segments to exist on the same device. Most of these solutions will also allow for these segments to expand across multiple devices or sites, creating overlay virtual networks on top of the existing physical networks. The static nature of the solution is because the ports that participate in the overlays are statically assigned and configured. Connectivity between devices and sites is done through encapsulation and may have a dynamic component of the control plane handled through routing protocols.

    WHY

    Static overlays are commonly deployed when the need is to segment different use cases or areas of the organization consistently across sites while allowing easy access within the segments between sites. This could be representative of segmenting a department like Finance or extending a layer 2 segment across data centers.

    HOW

    Static overlays are can segment and potentially extend a layer 2 or layer 3 network. These solutions could be executed with technologies such as:

    • VXLAN (Virtual eXtensible LAN)
    • MPLS (Multi Protocol Label Switching)
    • VRF (Virtual Routing & Forwarding)

    The image contains a screenshot that demonstrates pie graphs with the notional assessments: Effort, Cost, Skills, Granularity, and Automation.

    Info-Tech Insight

    Static overlays are commonly deployed by telecommunications providers when building out their service offerings due to the multitenancy requirements of the network.

    Dynamic overlay

    Never tell people how to do things. Tell them what to do and they will surprise you with their ingenuity.

    – George S. Patton

    WHAT

    A dynamic overlay segmentation solution has the ability to make security or traffic decisions based on policy. Rather than designing and hardcoding the network architecture, the policy is architected and the network makes decisions based on that policy. Differing levels of control exist in this space, but the underlying commonality is that the segmentation would be considered “software defined” (SDN).

    WHY

    Dynamic overlay solutions provide the most flexibility of the presented solutions. Some use cases such as BYOD or IoT devices may not be easily identified or controlled through static means. As a general rule of thumb, the less static the network is, the more dynamic your segmentation solution must be.

    HOW

    Policy is generally applied at the network ingress. When applying policy, which policy to be applied can be identified through different methodologies such as:

    • Authentication (e.g. 802.1x)
    • Device agents
    • Device profiling

    The image contains a screenshot that demonstrates pie graphs with the notional assessments: Effort, Cost, Skills, Granularity, and Automation.

    Info-Tech Insight

    Dynamic overlays allow for more flexibility through its policy-based configurations. These solutions can provide the highest value when positioned where we have less control of the points within a network (e.g. BYOD scenarios).

    Define how your segments will communicate

    No segment is an island…

    Network segmentation allows for protection of devices, users, or data through the act of separating the physical or virtual networks they are on. Counter to this protective stance, especially in today’s networks, these devices, users, or data tend to need to interact with each other outside of the neat lines we draw for them. Proper network segmentation has to allow for the transfer of assets between networks in a safe and secure manner.

    Info-Tech Insight

    The solutions used to facilitate the controlled communication between segments has to consider the friction to the users. If too much friction is introduced, people will try to find a way around the controls, potentially negating the security that is intended with the solution.

    Potential access methods

    A ship in harbor is safe, but that is not what ships are built for.

    – John A. Shedd

    Firewall

    Two-way controlled communication

    Firewalls are tried and true control points used to join networks. This solution will allow, at minimum, port-level control with some potential for deeper inspection and control beyond that.

    • Traditionally firewalls are sized to handle internet-bound (North-South) traffic. When being used between segments, (East-West) loads are usually much higher, necessitating a more powerful device.

    Jump Box

    A place between worlds

    Also sometimes referred to as a “Bastion Host,” a jump box is a special-purpose computer/server that has been hardened and resides on multiple segments of a network. Administrators or users can log into this box and use it to securely use the tools installed to act on other segments of the network.

    • Jump box security is of utmost importance. Special care should be taken in hardening, configuration, and application installed to ensure that users cannot use the box to tunnel or traverse between the segments outside of well-defined and controlled circumstances.

    Protocol Gateway

    Command-level control

    A protocol gateway is a specific and special subset of a firewall. Whereas a firewall is a security generalist, a protocol gateway is designed to understand and have rule-level control over the commands passing through it within defined protocols. This granularity, for example, allows for control and filtering to only allow defined OT commands to be passed to a secure SCADA network.

    • Protocol gateways are generally specific feature sets of a firewall and traditionally target OT network security as their core use case.

    Network Pump

    One-way data extraction

    A network pump is a concept designed to allow data to be transferred from a secure network to a less secure network while still protecting against covert channels such as using the ACK within a transfer to transmit data. A network pump will consist of trusted processes and schedulers that allow for data to pass but control channels to be sufficiently modified so as to not allow security concerns.

    • Network pumps would generally be deployed in the most security demanding of environments and are generally not “off the shelf” products.

    Operate and optimize

    Security is not static. Monitor and iterate on policies within the environment.

    Monitor

    Iterate

    Two in three businesses (68%) allow more employee data access than necessary.

    GetApp's 2022 Data Security Survey Report

    Are the segmentation efforts resulting in the expected traffic changes? Are there any anomalies that need investigation?

    Using the output from the monitoring stage, refine and optimize the design by iterating on the process.

    Monitor for efficacy, compliance, and the unknown

    Monitor to ensure your intended results and to identify new potential risks.

    Monitoring network segments

    A combination of passive and active monitoring is required to ensure that:

    • The rules that have been deployed are working as expected.
    • Appropriate proof of compliance is in place for auditing and insurance purposes.
    • Environments are being monitored for unexpected traffic.

    Active monitoring goes beyond the traditional gathering of information for alerts and dashboards and moves into the space of synthetic users and anomaly detection. Using these strategies helps to ensure that security is enforced appropriately and responses to issues are timely.

    "We discovered in our research that insider threats are not viewed as seriously as external threats, like a cyberattack. But when companies had an insider threat, in general, they were much more costly than external incidents. This was largely because the insider that is smart has the skills to hide the crime, for months, for years, sometimes forever."

    – Dr. Larry Ponemon, Chairman Ponemon Institute, at SecureWorld Boston

    Info-Tech Insight

    Using solutions like network detection and response (NDR) will allow for monitoring to take advantage of advanced analytical techniques like artificial intelligence (AI) and machine learning (ML). These technologies can help identify anomalies that a human might miss.

    Monitoring options

    It’s not what you look at that matters, it’s what you see.

    – Henry David Thoreau

    Traditional

    Monitor cumulative change in a variable

    Traditional network monitoring is a minimum viable product. With this solution variables can be monitored to give some level of validation that the segmentation solution is operating as expected. Potential areas to monitor include traffic volumes, access-list (ACL) matches, and firewall packet drops.

    • This is expected baseline monitoring. Without at least this level of visibility, it is hard to validate the solutions in place

    Rules Based

    Inspect traffic to find a match against a library of signatures

    Rules-based systems will monitor traffic against a library of signatures and alert on any matches. These solutions are good at identifying the “known” issues on the network. Examples of these systems include security incident and event management (SIEM) and intrusion detection/prevention systems (IDS/IPS).

    • These solutions are optimally used when there are known signatures to validate traffic against.
    • They can identify known attacks and breaches.

    Anomaly Detection

    Use computer intelligence to compare against baseline

    Anomaly detection systems are designed to baseline the network traffic then compare current traffic against that to find anomalies using technologies like Bayesian regression analysis or artificial intelligence and machine learning (AI/ML). This strategy can be useful in analyzing large volumes of traffic and identifying the “unknown unknowns.”

    • Computers can analyze large volumes of data much faster than a human. This allows these solutions to validate traffic in (near) real-time and alert on things that are out of the ordinary and would not be easily visible to a human.

    Synthetic Data

    Mimic potential traffic flows to monitor network reaction

    Rather than wait for a bad actor to find a hole in the defenses, synthetic data can be used to mimic real-world traffic to validate configuration and segmentation. This often takes the form of real user monitoring tools, penetration testing, or red teaming.

    • Active monitoring or testing allows a proactive stance as opposed to a reactive one.

    Gather feedback, assess the situation, and iterate

    Take input from operating the environment and use that to optimize the process and the outcome.

    Optimize through iteration

    Output from monitoring must be fed back into the process of maintaining and optimizing segmentation. Network segmentation should be viewed as an ongoing process as opposed to a singular structured project.

    Monitoring can and will highlight where and when the segmentation design is successful and when new traffic flows arise. If these inputs are not fed back through the process, designs will become stagnant and admins or users will attempt to find ways to circumvent solutions for ease of use.

    "I think it's very important to have a feedback loop, where you're constantly thinking about what you've done and how you could be doing it better. I think that's the single best piece of advice: constantly think about how you could be doing things better and questioning yourself."

    – Elon Musk, qtd. in Mashable, 2012

    Info-Tech Insight

    The network environment will not stay static; flows will change as often as required for the business to succeed. Take insights from monitoring the environment and integrate them into an iterative process that will maintain relevance and usability in your segmentation.

    Bibliography

    Andreessen, Marc. “Adaptability is key.” BrainyQuote, n.d.
    Barry Schwartz. The Paradox of Choice: Why More Is Less. Harper Perennial, 18 Jan. 2005.
    Capers, Zach. “GetApp’s 2022 Data Security Report—Seven Startling Statistics.” GetApp,
    19 Sept. 2022.
    Cisco Systems, Inc. “Cybersecurity resilience emerges as top priority as 62 percent of companies say security incidents impacted business operations.” PR Newswire, 6 Dec. 2022.
    “Dynamic Network Segmentation: A Must-Have for Digital Businesses in the Age of Zero Trust.” Forescout Whitepaper, 2021. Accessed Nov. 2022.
    Eaves, Johnothan. “Segmentation Strategy - An ISE Prescriptive Guide.” Cisco Community,
    26 Oct. 2020. Accessed Nov. 2022.
    Kambic, Dan, and Jason Fricke. “Network Segmentation: Concepts and Practices.” Carnegie Mellon University SEI Blog, 19 Oct. 2020. Accessed Nov. 2022.
    Kang, Myong H., et al. “A Network Pump.” IEEE Transactions on Software Engineering, vol. 22 no. 5, May 1996.
    Kipling, Rudyard. “The Ballad of East and West.” Ballads and Barrack-Room Ballads, 1892.
    Mintzberg, Henry. “Everyone is against micro managing but macro managing means you're working at the big picture but don't know the details.” AZ Quotes, n.d.
    Murphy, Greg. “A Reimagined Purdue Model For Industrial Security Is Possible.” Forbes Magazine, 18 Jan. 2022. Accessed Oct. 2022.
    Patton, George S. “Never tell people how to do things. Tell them what to do and they will surprise you with their ingenuity.” BrainyQuote, n.d.
    Ponemon, Larry. “We discovered in our research […].” SecureWorld Boston, n.d.
    Roosevelt, Theodore. “Do what you can, with what you've got, where you are.” Theodore Roosevelt Center, n.d.
    Sahoo, Narendra. “How Does Implementing Network Segmentation Benefit Businesses?” Vista Infosec Blog. April 2021. Accessed Nov. 2022.
    “Security Outcomes Report Volume 3.” Cisco Secure, Dec 2022.
    Shedd, John A. “A ship in harbor is safe, but that is not what ships are built for.” Salt from My Attic, 1928, via Quote Investigator, 9 Dec. 2023.
    Singleton, Camille, et al. “X-Force Threat Intelligence Index 2022” IBM, 17 Feb. 2022.
    Accessed Nov. 2022.
    Stone, Mark. “What is network segmentation? NS best practices, requirements explained.” AT&T Cyber Security, March 2021. Accessed Nov. 2022.
    “The State of Breach and Attack Simulation and the Need for Continuous Security Validation: A Study of US and UK Organizations.” Ponemon Institute, Nov. 2020. Accessed Nov. 2022.
    Thoreau, Henry David. “It’s not what you look at that matters, it’s what you see.” BrainyQuote, n.d.
    Ulanoff, Lance. “Elon Musk: Secrets of a Highly Effective Entrepreneur.” Mashable, 13 April 2012.
    “What Is Microsegmenation?” Palo Alto, Accessed Nov. 2022.
    “What is Network Segmentation? Introduction to Network Segmentation.” Sunny Valley Networks, n.d.

    Customer Value Contribution

    I'm proud to announce our new Customer Value Contribution Calculator©, or CVCC© in short.

    It enhances and possibly replaces the BIA (Business Impact Analysis) process with a much simpler way.

    More info to follow shortly.

    IT Management and Policies

    • Buy Link or Shortcode: {j2store}23|cart{/j2store}
    • Related Products: {j2store}23|crosssells{/j2store}
    • InfoTech Academy Title: IT management and policies videos
    • InfoTech Academy Excerpt: More videos are available once you join. Contact us for more information.
    • Teaser Video: Visit Website
    • Teaser Video Title: Policies Academy Overview
    • member rating overall impact (scale of 10): 9.5/10
    • member rating average dollars saved: $23101
    • member rating average days saved: 11
    • Parent Category Name: Strategy and Governance
    • InfotechAcademy-Executivebrief: Visit Website
    • Parent Category Link: /strategy-and-governance
    Create policies that matter most to your organization.

    Management, policy, policies

    Choose a Right-Sized Contact Center Solution

    • Buy Link or Shortcode: {j2store}334|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $25,535 Average $ Saved
    • member rating average days saved: 18 Average Days Saved
    • Parent Category Name: Strategy and Organizational Design
    • Parent Category Link: /strategy-and-organizational-design
    • IT needs a method to pinpoint which contact center solution best aligns with business objectives, adapting to a post-COVID world of remote work, flexibility, and scalability.
    • Scoring RFP and RFQ proposals is a complex process, and it is difficult to map and gap without a clear view of the organization’s needs. SOWs can contain pitfalls that cause expensive headaches for the organization in the long run. Guidance through a SOW is required to best represent the organization’s interests.

    Our Advice

    Critical Insight

    • “On-premises versus cloud” is a false dichotomy. Contact center architectures come in all shapes and sizes, and organizations should discern whether a hybrid option best meets their needs.
    • Contact centers should service customers – not capabilities. Capabilities must work for you, your agents, and your customers – not the other way around.
    • Deliverables and responsibilities should be a contract’s focal point. While organizations are right to focus on avoiding unanticipated license charges, it is more important to clearly define how deliverables and responsibilities will be divided among the organization, the vendor, and potential third parties.

    Impact and Result

    • Assess the array of contact center architectures with Info-Tech’s Contact Center Decision Points Tool to select a right-sized solution.
    • Build business requirements in a formalized process to achieve stakeholder buy-in.
    • Use Info-Tech’s Contact Center RFP Scoring Tool to evaluate and choose from a range of vendors.
    • Successfully navigate and avoid major pitfalls in a SOW construction.
    • Justify each stage of the process with this blueprint’s key deliverable: the Contact Center Playbook.

    Choose a Right-Sized Contact Center Solution Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to examine the current contact center marketspace, review Info-Tech’s methodology for choosing a right-sized contact center solution, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess Contact Center Architectures

    Establish your project vision and metrics of success before shortlisting potential contact center architectures and deciding which is right-sized for the organization.

    • Choose a Right-Sized Contact Center Solution – Phase 1: Assess Contact Center Architectures
    • Contact Center Playbook
    • Contact Center Decision Points Tool

    2. Gather Requirements and Shortlist Vendors

    Build business requirements to achieve stakeholder buy-in, define key deliverables, and issue an RFP/RFQ to shortlisted vendors.

    • Choose a Right-Sized Contact Center Solution – Phase 2: Gather Requirements and Shortlist Vendors
    • Requirements Gathering Documentation Tool
    • Lean RFP Template
    • Contact Center Business Requirements Document
    • Request for Quotation Template
    • Long-Form RFP Template

    3. Score Vendors and Construct SOW

    Score RFP/RFQ responses and decide upon a vendor before constructing a SOW.

    • Choose a Right-Sized Contact Center Solution – Phase 3: Score Vendors and Construct SOW
    • Contact Center RFP Scoring Tool
    • Contact Center SOW Template and Guide
    [infographic]

    Workshop: Choose a Right-Sized Contact Center Solution

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess Architecture

    The Purpose

    Shortlist and decide upon a right-sized contact center architecture.

    Key Benefits Achieved

    A high-level decision for a right-sized architecture

    Activities

    1.1 Define vision and mission statements.

    1.2 Identify infrastructure metrics of success.

    1.3 Confirm key performance indicators for contact center operations.

    1.4 Complete architecture assessment.

    1.5 Confirm right-sized architecture.

    Outputs

    Project outline

    Metrics of success

    KPIs confirmed

    Quickly narrow down right-sized architecture

    Decision on right-sized contact center architecture

    2 Gather Requirements

    The Purpose

    Build business requirements and define key deliverables to achieve stakeholder buy-in and shortlist potential vendors.

    Key Benefits Achieved

    Key deliverables defined and a shortlist of no more than five vendors

    Sections 7-8 of the Contact Center Playbook completed

    Activities

    2.1 Hold focus groups with key stakeholders.

    2.2 Gather business, nonfunctional, and functional requirements.

    2.3 Define key deliverables.

    2.4 Shortlist five vendors that appear meet those requirements.

    Outputs

    User requirements identified

    Business Requirements Document completed

    Key deliverables defined

    Shortlist of five vendors

    3 Initial Vendor Scoring

    The Purpose

    Compare and evaluate shortlisted vendors against gathered requirements.

    Key Benefits Achieved

    Have a strong overview of which vendors are preferred for issuing RFP/RFQ

    Section 9 of the Contact Center Playbook

    Activities

    3.1 Input requirements to the Contact Center RFP Scoring Tool. Define which are mandatory and which are desirable.

    3.2 Determine which vendors best meet requirements.

    3.3 Compare requirements met with anticipated TCO.

    3.4 Compare and rank vendors.

    Outputs

    An assessment of requirements

    Vendor scoring

    A holistic overview of requirements scoring and vendor TCO

    An initial ranking of vendors to shape RFP process after workshop end

    4 SOW Walkthrough

    The Purpose

    Walk through the Contact Center SOW Template and Guide to identify how much time to allocate per section and who will be responsible for completing it.

    Key Benefits Achieved

    An understanding of a SOW that is designed to avoid major pitfalls with vendor management

    Section 10 of the Contact Center Playbook

    Activities

    4.1 Get familiar with the SOW structure.

    4.2 Identify which sections will demand greater time allocation.

    4.3 Strategize how to avoid potential pitfalls.

    4.4 Confirm reviewer responsibilities.

    Outputs

    A broad understanding of a SOW’s key sections

    A determination of how much time should be allocated for reviewing major sections

    A list of ways to avoid major pitfalls with vendor management

    A list of reviewers, the sections they are responsible for reviewing, and their time allocation for their review

    5 Communicate and Implement

    The Purpose

    Finalize deliverables and plan post-workshop communications.

    Key Benefits Achieved

    A completed Contact Center Playbook that justifies each decision of this workshop

    Activities

    5.1 Finalize deliverables.

    5.2 Support communication efforts.

    5.3 Identify resources in support of priority initiatives.

    Outputs

    Contact Center Playbook delivered

    Post-workshop engagement to confirm satisfaction

    Follow-up research that complements the workshop or leads workshop group in relevant new directions

    Exploit Disruptive Infrastructure Technology

    • Buy Link or Shortcode: {j2store}298|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Disruptive & Emerging Technologies
    • Parent Category Link: /disruptive-emerging-technologies
    • New technology can hit like a meteor. Not only disruptive to IT, technology provides opportunities for organization-wide advantage.
    • Your role is endangered. If you don’t prepare for the most disruptive technologies, you could be overshadowed. Don’t let the Chief Marketing Officer (CMO) set the technological innovation agenda
    • Predicting the future isn’t easy. Most IT leaders fail to realize how quickly technology increases in capability. Even for the tech savvy, predicting which specific technologies will become disruptive is difficult.
    • Communication is difficult when the sky is falling. Even forward-looking IT leaders struggle with convincing others to devote time and resources to monitoring technologies with a formal process.

    Our Advice

    Critical Insight

    • Establish the core working group, select a leader, and select a group of visionaries to help brainstorm emerging technologies.
    • Brainstorm about creating a better future, begin brainstorming an initial longlist.
    • Train the group to think like futurists.
    • Evaluate the shortlist.
    • Define your PoC list and schedule.
    • Finalize, present the plan to stakeholders and repeat.

    Impact and Result

    • Create a disruptive technology working group.
    • Produce a longlist of disruptive technologies.
    • Evaluate the longlist to produce a shortlist of disruptive technologies.
    • Develop a plan for a proof-of-concept project for each shortlisted technology.

    Exploit Disruptive Infrastructure Technology Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Exploit Disruptive Infrastructure Technology – A guide to help IT leaders make the most of disruptive impacts.

    As a CIO, there is a need to move beyond day-to-day technology management with an ever-increasing need to forecast technology impacts. Not just from a technical perspective but to map out the technical understandings aligned to potential business impacts and improvements. Technology transformation and innovation is moving more quickly than ever before and as an innovation champion, the CIO or CTO should have foresight in specific technologies with the understanding of how the company could be disrupted in the near future.

    • Exploit Disruptive Infrastructure Technology – Phases 1-3

    2. Disruptive Technology Exploitation Plan Template – A guide to develop the plan for exploiting disruptive technology.

    The Disruptive Technology Exploitation Plan Template acts as an implementation plan for developing a long-term strategy for monitoring and implementing disruptive technologies.

    • Disruptive Technology Exploitation Plan Template

    3. Disruptive Technology Look to the Past Tool – A tool to keep track of the missed technology disruption from previous opportunities.

    The Disruptive Technology Look to the Past Tool will assist you to collect reasonability test notes when evaluating potential disruptive technologies.

    • Disruptive Technology Look to the Past Tool

    4. Disruptive Technology Research Database Tool – A tool to keep track of the research conducted by members of the working group.

    The Disruptive Technology Research Database Tool will help you to keep track of the independent research that is conducted by members of the disruptive technology exploitation working group.

    • Disruptive Technology Research Database Tool

    5. Disruptive Technology Shortlisting Tool

    The Disruptive Technology Shortlisting Tool will help you to codify the results of the disruptive technology working group's longlist winnowing process.

    • Disruptive Technology Shortlisting Tool

    6. Disruptive Technology Value-Readiness and SWOT Analysis Tool – A tool to systematize notional evaluations of the value and readiness of potential disruptive technologies.

    The Disruptive Technology Value Readiness & SWOT Analysis Tool will assist you to systematize notional evaluations of the value and readiness of potential disruptive technologies.

    • Disruptive Technology Value-Readiness and SWOT Analysis Tool

    7. Proof of Concept Template – A handbook to serve as a reference when deciding how to proceed with your proposed solution.

    The Proof of Concept Template will guide you through the creation of a minimum-viable proof-of-concept project.

    • Proof of Concept Template

    8. Disruptive Technology Executive Presentation Template – A template to help you create a brief progress report presentation summarizing your project and program progress.

    The Disruptive Technology Executive Presentation Template will assist you to present an overview of the disruptive technology process, outlining the value to your company.

    • Disruptive Technology Executive Presentation Template

    Infographic

    Workshop: Exploit Disruptive Infrastructure Technology

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Pre-work: Establish the Disruptive Tech Process

    The Purpose

    Discuss the general overview of the disruptive technology exploitation process.

    Develop an initial disruptive technology exploitation plan.

    Key Benefits Achieved

    Stakeholders are on board, the project’s goals are outlined, and the working group is selected.

    Activities

    1.1 Get execs and stakeholders on board.

    1.2 Review the process of analyzing disruptive tech.

    1.3 Select members for the working group.

    1.4 Choose a schedule and time commitment.

    1.5 Select a group of visionaries.

    Outputs

    Initialized disruptive tech exploitation plan

    Meeting agenda, schedule, and participants

    2 Hold the Initial Meeting

    The Purpose

    Understand how disruption will affect the organization, and develop an initial list of technologies to explore.

    Key Benefits Achieved

    Knowledge of how to think like a futurist.

    Understanding of organizational processes vulnerable to disruption.

    Outline of potentially disruptive technologies.

    Activities

    2.1 Start the meeting with introductions.

    2.2 Train the group to think like futurists.

    2.3 Brainstorm about disruptive processes.

    2.4 Brainstorm a longlist.

    2.5 Research and brainstorm separate longlists.

    Outputs

    List of disruptive organizational processes

    Initial longlist of disruptive tech

    3 Create a Longlist and Assess Shortlist

    The Purpose

    Evaluate the specific value of longlisted technologies to the organization.

    Key Benefits Achieved

    Defined list of the disruptive technologies worth escalating to the proof of concept stage.

    Activities

    3.1 Converge the longlists developed by the team.

    3.2 Narrow the longlist to a shortlist.

    3.3 Assess readiness and value.

    3.4 Perform a SWOT analysis.

    Outputs

    Finalized longlist of disruptive tech

    Shortlist of disruptive tech

    Value-readiness analysis

    SWOT analysis

    Candidate(s) for proof of concept charter

    4 Create an Action Plan

    The Purpose

    Understand how the technologies in question will impact the organization.

    Key Benefits Achieved

    Understanding of the specific effects of the new technology on the business processes it is intended to disrupt.

    Business case for the proof-of-concept project.

    Activities

    4.1 Build a problem canvas.

    4.2 Identify affected business units.

    4.3 Outline and map the business processes likely to be disrupted.

    4.4 Map disrupted business processes.

    4.5 Recognize how the new technology will impact business processes.

    4.6 Make the case.

    Outputs

    Problem canvas

    Map of business processes: current state

    Map of disrupted business processes

    Business case for each technology

    Further reading

    Analyst Perspective

    The key is in anticipation.

    “We all encounter unexpected changes and our responses are often determined by how we perceive and understand those changes. We react according to the unexpected occurrence. Business organizations are no different.

    When a company faces a major technology disruption in its markets – one that could fundamentally change the business or impact its processes and technology – the way its management perceive and understand the disruption influences how they describe and plan for it. In other words, the way management sets the context of a disruption – the way they frame it – shapes the strategy they adopt. Technology leaders can vastly influence business strategy by adopting a proactive approach to understanding disruptive and innovative technologies by simply adopting a process to review and evaluate technology impacts to the company’s lines of business.”

    This is a picture of Troy Cheeseman

    Troy Cheeseman
    Practice Lead, Infrastructure & Operations Research
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • New technology can hit like a meteor. Not only disruptive to IT, technology provides opportunities for organization-wide advantage.
    • Your role is endangered. If you don’t prepare for the most disruptive technologies, you could be overshadowed. Don’t let the chief marketing officer (CMO) set the technological innovation agenda.

    Common Obstacles

    • Predicting the future isn’t easy. Most IT leaders fail to realize how quickly technology increases in capability. Even for the tech savvy, predicting which specific technologies will become disruptive is difficult.
    • Communication is difficult when the sky is falling. Even forward-looking IT leaders struggle with convincing others to devote time and resources to monitoring technologies with a formal process.

    Info-Tech’s Approach

    • Identify, resolve, and evaluate. Use an annual process as described in this blueprint: a formal evaluation of new technology that turns analysis into action.
    • Lead the analysis from IT. Establish a team to carry out the annual process as a cure for the causes of “airline magazine syndrome” and to prevent it from happening in the future.
    • Train your team on the patterns of progress, track technology over time in a central database, and read Info-Tech’s analysis of upcoming technology.
    • Create your KPIs. Establish your success indicators to create measurable value when presenting to your executive.
    • Produce a comprehensive proof-of-concept plan that will allow your company to minimize risk and maximize reward when engaging with new technology.

    Info-Tech Insight

    Proactively monitoring, evaluating, and exploiting disruptive tech isn’t optional.
    This will protect your role, IT’s role, and the future of the organization.

    A diverse working group maximizes the insight brought to bear.
    An IT background is not a prerequisite.

    The best technology is only the best when it brings immediate value.
    Good technology might not be ready; ready technology might not be good.

    Review

    We help IT leaders make the most of disruptive impacts.

    This research is designed for:

    Target Audience: CIO, CTO, Head of Infrastructure

    This research will help you:

    • Develop a process for anticipating, analyzing, and exploiting disruptive technology.
    • Communicate the business case for investing in disruptive technology.
    • Categorize emerging technologies to decide what to do with them.
    • Develop a plan for taking action to exploit the technology that will most affect your organization.

    Problem statement:

    As a CIO, there is a need to move beyond day-to-day technology management with an ever-increasing need to forecast technology impacts. Not just from a technical perspective but to map out the technical understandings aligned to potential business impacts and improvements. Technology transformation and innovation is moving more quickly than ever before and as an innovation champion, the CIO or CTO should have foresight in specific technologies with the understanding of how the company could be disrupted in the near future. Foresight + Current Technology + Business Understanding = Understanding the Business Disruption. This should be a repeatable process, not an exception or reactionary response.

    Insight Summary

    Establish the core working group, select a leader, and select a group of visionaries to help brainstorm emerging technologies.

    The right team matters. A core working group will keep focus through the process and a leader will keep everyone accountable. Visionaries are out-of-the-box thinkers and once they understand how to think like a "futurists," they will drive the longlist and shortlist actions.

    Train the group to think like futurists

    To keep up with exponential technology growth you need to take a multi-threaded approach.

    Brainstorm about creating a better future; begin brainstorming an initial longlist

    Establish the longlist. The longlist helps create a holistic view of most technologies that could impact the business. Assigning values and quadrant scoring will shortlist the options and focus your PoC option.

    Converge everyone’s longlists

    Long to short...that's the short of it. Using SWOT, value readiness, and quadrant mapping review sessions will focus the longlist, creating a shortlist of potential POC candidates to review and consider.

    Evaluate the shortlist

    There is no such thing as a risk-free endeavor. Use a systematic process to ensure that the risks your organization takes have the potential to produce significant rewards.

    Define your PoC list and schedule

    Don’t be afraid to fail! Inevitably, some proof-of-concept projects will not benefit the organization. The projects that are successful will more than cover the costs of the failed projects. Roll out small scale and minimize losses.

    Finalize, present the plan to stakeholders, and repeat!

    Don't forget the C-suite. Effectively communicate and present the working group’s finding with a well-defined and succinct presentation. Start the process again!

    This is a screenshot of the Thought map for Exploit disruptive infrastructure Technology.
    1. Identify
      • Establish the core working group and select a leader; select a group of visionaries
      • Train the group to think like futurists
      • Hold your initial meeting
    2. Resolve
    • Create and winnow a longlist
    • Assess and create the shortlist
  • Evaluate
    • Create process maps
    • Develop proof of concept charter
  • The Key Is in Anticipation!

    Use Info-Tech’s approach for analyzing disruptive technology in your own disruptive tech working group

    Phase 1: Identify Phase 2: Resolve Phase 3: Evaluate

    Phase Steps

    1. Establish the disruptive technology working group
    2. Think like a futurist (Training)
    3. Hold initial meeting or create an agenda for the meeting
    1. Create and winnow a longlist
    2. Assess shortlist
    1. Create process maps
    2. Develop proof of concept charter

    Phase Outcomes

    • Establish a team of subject matter experts that will evaluate new, emerging, and potentially disruptive technologies.
    • Establish a process for including visionaries from outside of the working group who will provide insight and direction.
    • Introduce the core working group members.
    • Gain a better understanding of how technology advances.
    • Brainstorm a list of organizational processes.
    • Brainstorm an initial longlist.
    • Finalized longlist
    • Finalized shortlist
    • Initial analysis of each technology on the shortlist
    • Finalized shortlist
    • Initial analysis of each technology on the shortlist
    • Business process maps before and after disruption
    • Proof of concept charter
    • Key performance indicators
    • Estimation of required resources
    • Executive presentation

    Four key challenges make it essential for you to become a champion for exploiting disruptive technology

    1. New technology can hit like a meteor. It doesn’t only disrupt IT; technology provides opportunities for organization-wide advantage.
    2. Your role is endangered. If you don’t prepare for the most disruptive technologies, you could be overshadowed. Don’t let the CMO rule technological innovation.
    3. Predicting the future isn’t easy. Most IT leaders fail to realize how quickly technology increases in capability. Even for the tech savvy, predicting which specific technologies will become disruptive is difficult.
    4. Communication is difficult when the sky is falling. Even forward-looking IT leaders struggle with convincing others to devote time and resources to monitoring emerging technologies with a formal process.

    “Look, you have never had this amount of opportunity for innovation. Don’t forget to capitalize on it. If you do not capitalize on it, you will go the way of the dinosaur.”
    – Dave Evans, Co-Founder and CTO, Stringify

    Technology can hit like a meteor

    “ By 2025:

    • 38.6 billion smart devices will be collecting, analyzing, and sharing data.
    • The web hosting services market is to reach $77.8 billion in 2025.
    • 70% of all tech spending is expected to go for cloud solutions.
    • There are 1.35 million tech startups.
    • Global AI market is expected to reach $89.8 billion.”

    – Nick Gabov

    IT Disruption

    Technology disrupts IT by:

    • Affecting the infrastructure and applications that IT needs to use internally.
    • Affecting the technology of end users that IT needs to support and deploy, especially for technologies with a consumer focus.
    • Allowing IT to run more efficiently and to increase the efficiency of other business units.
    • Example: The rise of the smartphone required many organizations to rethink endpoint devices.

    Business Disruption

    Technology disrupts the business by:

    • Affecting the viability of the business.
    • Affecting the business’ standing in relation to competitors that better deal with disruptive technology.
    • Affecting efficiency and business strategy. IT should have a role in technology-related business decisions.
    • Example: BlackBerry failed to anticipate the rise of the apps ecosystem. The company struggled as it was unable to react with competitive products.

    Senior IT leaders are expected to predict disruptions to IT and the business, while tending to today’s needs

    You are expected to be both a firefighter and a forecaster

    • Anticipating upcoming disruptions is part of your job, and you will be blamed if you fail to anticipate future business disruptions because you are focusing on the present.
    • However, keeping IT running smoothly is also part of your job, and you will be blamed if today’s IT environment breaks down because you are focusing on the future.

    You’re caught between the present and the future

    • You don’t have a process that anticipates future disruptions but runs alongside and integrates with operations in the present.
    • You can’t do it alone. Tending to both the present and the future will require a team that can help you keep the process running.

    Info-Tech Insight

    Be prepared when disruptions start coming down, even though it isn’t easy. Use this research to reduce the effort to a simple process that can be performed alongside everyday firefighting.

    Make disruptive tech analysis and exploitation part of your innovation agenda

    A scatter plot graph is depicted, plotting IT Innovative Leadership (X axis), and Satisfaction with IT(Y axis). IT innovative leadership explains 75% of variation in satisfaction with IT

    Organizations without high satisfaction with IT innovation leadership are only 20% likely to be highly satisfied with IT

    “You rarely see a real-world correlation of .86!”
    – Mike Battista, Staff Scientist, Cambridge Brain Sciences, PhD in Measurement

    There is a clear relationship between satisfaction with IT and the IT department’s innovation leadership.

    Prevent “airline magazine syndrome” by proactively analyzing disruptive technologies

    “The last thing the CIO needs is an executive saying ‘I don’t what it is or what it does…but I want two of them!”
    – Tim Lalonde

    Airline magazine syndrome happens to IT leaders caught between the business and IT. It usually occurs in this manner:

    1. While on a flight, a senior executive reads about an emerging technology that has exciting implications for the business in an airline magazine.
    2. The executive returns and approaches IT, demanding that action be taken to address the disruptive technology – and that it should have been (ideally) completed already.

    Without a Disruptive Technology Exploitation Plan:

    “I don’t know”

    With a Disruptive Technology Exploitation Plan:

    “Here in IT, we have already considered that technology and decided it was overhyped. Let me show you our analysis and invite you to join our working group.”

    OR

    “We have already considered that technology and have started testing it. Let me show you our testing lab and invite you to join our working group.”

    Info-Tech Insight

    Airline magazine syndrome is a symptom of a wider problem: poor CEO-CIO alignment. Solve this problem with improved communication and documentation. Info-Tech’s disruptive tech iterative process will make airline magazine syndrome a thing of the past!

    IT leaders who do not keep up with disruptive technology will find their roles diminished

    “Today’s CIO dominion is in a decaying orbit with CIOs in existential threat mode.”
    – Ken Magee

    Protect your role within IT

    • IT is threatened by disruptive technology:
      • Trends like cloud services, increased automation, and consumerization reduce the need for IT to be involved in every aspect of deploying and using technology.
      • In the long term, machines will replace even intellectually demanding IT jobs, such as infrastructure admin and high-level planning.
    • Protect your role in IT by:
      • Anticipating new technology that will disrupt the IT department and your place within it.
      • Defining new IT roles and responsibilities that accurately reflect the reality of technology today.
      • Having a process for the above that does not diminish your ability to keep up with everyday operations that remain a priority today.

    Protect your role against other departments

    • Your role in the business is threatened by disruptive technology:
      • The trends that make IT less involved with technology allow other executives – such as the CMO – to make IT investments.
      • As the CMO gains the power and data necessary to embrace new trends, the CIO and IT managers have less pull.
    • Protect your role in the business by:
      • Being the individual to consult about new technology. It isn’t just a power play; IT leaders should be the ones who know technology thoroughly.
      • Becoming an indispensable part of the entire business’ innovation strategy through proposing and executing a process for exploiting disruptive technology.

    IT leaders who do keep up have an opportunity to solidify their roles as experts and aggregators

    “The IT department plays a critical role in [innovation]. What they can do is identify a technology that potentially might introduce improvements to the organization, whether it be through efficiency, or through additional services to constituents.”
    – Michael Maguire, Management Consultant

    The contemporary CIO is a conductor, ensuring that IT works in harmony with the rest of the business.

    The new CIO is a conductor, not a musician. The CIO is taking on the role of a business engineer, working with other executives to enable business innovation.

    The new CIO is an expert and an aggregator. Conductor CIOs increasingly need to keep up on the latest technologies. They will rely on experts in each area and provide strategic synthesis to decide if, and how, developments are relevant in order to tune their IT infrastructure.

    The pace of technological advances makes progress difficult to predict

    “An analysis of the history of technology shows that technological change is exponential, contrary to the common-sense ‘intuitive linear’ view. So we won’t experience 100 years of progress in the 21st century – it will be more like 20,000 years of progress (at today’s rate).”
    – Ray Kurzweil

    Technology advances exponentially. Rather than improving by the same amount of capability each year, it multiplies in capability each year.

    Think like a futurist to anticipate technology before it goes mainstream.

    Exponential growth happens much faster than linear growth, especially when it hits the knee of the curve. Even those who acknowledge exponential growth underestimate how capabilities can improve.

    To predict new advances, turn innovation into a process

    “We spend 70 percent of our time on core search and ads. We spend 20 percent on adjacent businesses, ones related to the core businesses in some interesting way. Examples of that would be Google News, Google Earth, and Google Local. And then 10 percent of our time should be on things that are truly new.”
    – Eric Schmidt, Google

    • Don’t get caught in the trap of refining your core processes to the exclusion of innovation. You should always be looking for new processes to improve, new technology to pilot, and where possible, new businesses to get into.
    • Devote about 10% of your time and resources to exploring new technology: the potential rewards are huge.

    You and your team need to analyze technology every year to predict where it’s going.

    A bar graph is shown which depicts the proportion of technology use from 2018-2022. the included devices are: Tablets; PCs; TVs; Non-smartphones; Smartphones; M2M
    • Foundational technologies, such as computing power, storage, and networks, are improving exponentially.
    • Disruptive technologies are specific manifestations of foundational advancements. Advancements of greater magnitude give rise to more manifestations; therefore, there will be more disruptive technologies every year.
    • There is a lot of noise to cut through. Remember Google Glasses? As technology becomes ubiquitous and consumerization reigns, everybody is a technology expert. How do you decide which technologies to focus on?

    Protect IT and the business from disruption by implementing a simple, repeatable disruptive technology exploitation process

    “One of the most consistent patterns in business is the failure of leading companies to stay at the top of their industries when technologies or markets change […] Managers must beware of ignoring new technologies that can’t initially meet the needs of their mainstream customers.”
    – Joseph L. Bower and Clayton M. Christensen

    Challenge

    Solution

    New technology can hit like a meteor, but it doesn’t have to leave a crater:

    Use the annual process described in this blueprint to create a formal evaluation of new technology that turns analysis into action.

    Predicting the future isn’t easy, but it can be done:

    Lead the analysis from the office of the CIO. Establish a team to carry out the annual process as a cure for airline magazine syndrome.

    Your role is endangered, but you can survive:

    Train your team on the patterns of progress, track technology over time in a central database, and read Info-Tech’s analysis of upcoming technology.

    Communication is difficult when the sky is falling, so have a simple way to get the message across:

    Track metrics that communicate your progress, and summarize the results in a single, easy-to-read exploitation plan.

    Info-Tech Insight

    Use Info-Tech’s tools and templates, along with this storyboard, to walk you through creating and executing an exploitation process in six steps.

    Create measurable value by using Info-Tech’s process for evaluating the disruptive potential of technology

    This image contains a bar graph with the following Title: Which are the primary benefits you've either realized or expect to realize by deploying hyperconverged infrastructure in the near term.

    No business process is perfect.

    • Use Info-Tech’s Proof of Concept Template to create a disruptive technology proof of concept implementation plan.
    • Harness your company’s internal wisdom to systematically vet new technology. Engage only in calculated risk and maximize potential benefit.

    Info-Tech Insight

    Inevitably, some proof of concept projects will not benefit the organization. The projects that are successful will more than cover the costs of the failed projects. Roll out small scale and minimize losses.

    Establish your key performance indicators (KPIs)

    Key performance indicators allow for rigorous analysis, which generates insight into utilization by platform and consumption by business activity.

    • Brainstorm metrics that indicate when process improvement is actually taking place.
    • Have members of the group pitch KPIs; the facilitator should record each suggestion on a whiteboard.
    • Make sure to have everyone justify the inclusion of each metric: how does it relate to the improvement that the proof of concept project is intended to drive? How does it relate to the overall goals of the business?
    • Include a list of KPIs, along with a description and a target (ensuring that it aligns with SMART metrics).
    Key Performance Indicator Description Target Result

    Number of Longlist technologies

    Establish a range of Longlist technologies to evaluate 10-15
    Number of Shortlist technologies Establish a range of Shortlist technologies to evaluate 5-10
    number of "look to the past" likes/dislikes Minimum number of testing characteristics 6
    Number of POCs Total number of POCs Approved 3-5

    Communicate your plan with the Disruptive Technology Exploitation Plan Template

    Use the Disruptive Technology Exploitation Plan Template to summarize everything that the group does. Update the report continuously and use it to show others what is happening in the world of disruptive technology.

    Section Title Description
    1 Rationale and Summary of Exploitation Plan A summary of the current efforts that exist for exploring disruptive technology. A summary of the process for exploiting disruptive technology, the resources required, the team members, meeting schedules, and executive approval.
    2 Longlist of Potentially Disruptive Technologies A summary of the longlist of identified disruptive technologies that could affect the organization, shortened to six or less that have the largest potential impact based on Info-Tech’s Disruptive Technology Shortlisting Tool.
    3 Analysis of Shortlist Individually analyze each technology placed on the shortlist using Info-Tech’s Disruptive Technology Value-Readiness and SWOT Analysis Tool.
    4 Proof of Concept Plan Use the results from Section 3 to establish a plan for moving forward with the technologies on the shortlist. Determine the tasks required to implement the technologies and decide who will complete them and when.
    5 Hand-off Pass the project along to identified stakeholders with significant interest in its success. Continue to track metrics and prepare to repeat the disruptive technology exploitation process annually.

    Whether you need a process for exploiting disruptive technology, or an analysis of current trends, Info-Tech can help

    Two sets of research make up Info-Tech’s disruptive technology coverage:

    This image contains four screenshots from each of the following Info-Tech Blueprints: Exploit disruptive Infrastructure Technology; Infrastructure & operations priorities 2022

    This storyboard, and the associated tools and templates, will walk you through creating a disruptive technology working group of your own.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Key deliverable:

    Disruptive Technology Exploitation Plan Template

    The Disruptive Technology Exploitation Plan Template acts as an implementation plan for developing a long-term strategy for monitoring and implementing disruptive technologies.

    Proof of Concept Template

    The Proof of Concept Template will guide you through the creation of a minimum-viable proof-of-concept project.

    Executive Presentation

    The Disruptive Technology Executive Presentation Template will assist you to present an overview of the disruptive technology process, outlining the value to your company.

    Disruptive Technology Value Readiness & SWOT Analysis Tool

    The Disruptive Technology Value Readiness & SWOT Analysis Tool will assist you to systematize notional evaluations of the value and readiness of potential disruptive technologies.

    Disruptive Technology Research Database Tool

    The Disruptive Technology Research Database Tool will help you to keep track of the independent research that is conducted by members of the disruptive technology exploitation working group.

    Disruptive Technology Shortlisting Tool

    The Disruptive Technology Shortlisting Tool will help you to codify the results of the disruptive technology working group's longlist winnowing process.

    Disruptive Technology Look to the Past Tool

    The Disruptive Technology Look to the Past Tool will assist you to collect reasonability test notes when evaluating potential disruptive technologies.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3

    Call #1: Explore the need for a disruptive technology working group.

    Call #3: Review the agenda for the initial meeting.

    Call #5: Review how you’re brainstorming and your sources of information.

    Call #7: Review the final shortlist and assessment.

    Call #9: Review the progress of your team.

    Call #2: Review the team name, participants, and timeline.

    Call #4: Assess the results of the initial meeting.

    Call #6: Review the final longlist and begin narrowing it down.

    Call #8: Review the next steps.

    Call #10: Review the communication plan.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 8 to 12 calls over the course of 4 to 6 months.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Pre-Work Day 1 Day 2 Day 3 Day 4
    Establish the Disruptive Tech Process Hold Your Initial Meeting Create a Longlist and Assess Shortlist Create Process Maps Develop a Proof of Concept Charter

    Activities

    1.1.a Get executives and stakeholders on board.

    1.1.b Review the process of analyzing disruptive tech.

    1.1.c Select members for the working group.

    1.1.d Choose a schedule and time commitment.

    1.1.e Select a group of visionaries.

    1.2.a Start the meeting with introductions.

    1.2.b Train the group to think like futurists.

    1.2.c Brainstorm about disruptable processes.

    1.2.d Brainstorm a longlist.

    1.2.e Research and brainstorm separate longlists.

    2.1.a Converge the longlists developed by the team.

    2.2.b Narrow the longlist to a shortlist.

    2.2.c Assess readiness and value.

    2.2.d Perform a SWOT analysis.

    3.1.a Build a problem canvas.

    3.1.b Identify affected business units.

    3.1.c Outline and map the business processes likely to be disrupted.

    3.1.d Map disrupted business processes.

    3.1.e Recognize how the new technology will impact business processes.

    3.1.f Make the case.

    3.2.a Develop key performance indicators (KPIs).

    3.2.b Identify key success factors.

    3.2.c Outline project scope.

    3.2.d Identify responsible team.

    3.2.e Complete resource estimation.

    Deliverables

    1. Initialized Disruptive Tech Exploitation Plan
    1. List of Disruptable Organizational Processes
    2. Initial Longlist of Disruptive Tech
    1. Finalized Longlist of Disruptive Tech
    2. Shortlist of Disruptive Tech
    3. Value-Readiness Analysis
    4. SWOT Analysis
    5. Candidate(s) for Proof of Concept Charter
    1. Problem Canvas
    2. Map of Business Processes: Current State
    3. Map of Disrupted Business Processes
    4. Business Case for Each Technology
    1. Completed Proof of Concept Charter

    Exploit Disruptive Infrastructure Technology

    Disrupt or be disrupted.

    Identify

    Create your working group.

    PHASE 1

    Use Info-Tech’s approach for analyzing disruptive technology in your own disruptive tech working group

    1. Identify
      1. Establish the core working group and select a leader; select a group of visionaries
      2. Train the group to think like futurists
      3. Hold your initial meeting
    2. Resolve
      1. Create and winnow a longlist
      2. Assess and create the shortlist
    3. Evaluate
      1. Create process maps
      2. Develop proof of concept charter

    The Key Is in Anticipation!

    Phase 1: Identify

    Create your working group.

    Activities:

    Step 1.1: Establish the core working group and select a leader; select a group of visionaries
    Step 1.2: Train the group to think like futurists
    Step 1.3: Hold the initial meeting

    This step involves the following participants:

    IT Infrastructure Manager

    CIO or CTO

    Potential members and visionaries of the working group

    Outcomes of this step:

    • Establish a team of subject matter experts that will evaluate new, emerging, and potentially disruptive technologies.
    • Establish a process for including visionaries from outside of the working group who will provide insight and direction.
    • Introduce the core working group members.
    • Gain a better understanding of how technology advances.
    • Brainstorm a list of organizational processes.
    • Brainstorm an initial longlist.

    Step 1.1

    Establish the core working group and select a leader; select a group of visionaries.

    Activities:

    • Articulate the long- and short-term benefits and costs to the entire organization
    • Gain support by articulating the long- and short-term benefits and costs to the IT department
    • Gain commitment from key stakeholders and executives
    • Help stakeholders understand what goes into formally exploiting disruptive tech by reviewing this process
    • Establish the core working group and select a leader
    • Create a schedule with a time commitment appropriate to your organization’s size; it doesn’t need to take long
    • Select a group of visionaries external to IT to help the working group brainstorm disruptive technologies

    This step involves the following participants:

    • IT Infrastructure Manager
    • CIO or CTO
    • Potential members and visionaries of the working group

    Outcomes of this step

    • Establish a team of subject matter experts that will evaluate new, emerging, and potentially disruptive technologies.
    • Establish a process for including visionaries from outside of the working group that will provide insight and direction.

    1.1.A Articulate the long- and short-term benefits and costs to the entire organization

    A cost/benefit analysis will give stakeholders a picture of how disruptive technology could affect the business. Use the chart as a starting point and customize it based on your organization.

    Disruptive Technology Affects the Organization

    Benefits Costs

    Short Term

    • First-mover advantage from implementing new technology in the business before competitors – and before start-ups.
    • Better brand image as an organization focused on innovation.
    • Increased overall employee satisfaction by implementing new technology that increases employee capabilities or lowers effort.
    • Possibility of increased IT budget for integrating new technology.
    • Potential for employees to reject wide-scale use of unfamiliar technology.
    • Potential for technology to fail in the organization if it is not sufficiently tested.
    • Executive time required for making decisions about technology recommended by the team.

    Long Term

    • Increased internal business efficiencies from the integration of new technology (e.g. energy efficiency, fewer employees needed due to automation).
    • Better services or products for customers, resulting in increased long-term revenue.
    • Lowered costs of services or products and potential to grow market share.
    • Continued relevance of established organizations in a world changed by disruptive technologies.
    • Technology may not reach the capabilities initially expected, requiring waiting for increased value or readiness.
    • Potential for customers to reject new products resulting from technology.
    • Lack of focus on current core capabilities if technology is massively disruptive.

    1.1.B Gain support by articulating the long- and short-term benefits and costs to the IT department

    A cost/benefit analysis will give stakeholders a picture of how disruptive technology could affect the business. Use the chart as a starting point and customize it based on your organization.

    Disruptive Technology Affects IT

    BenefitsCosts

    Short Term

    • Perception of IT as a core component of business practices.
    • Increase IT’s capabilities to better serve employees (e.g. faster network speeds, better uptime, and storage and compute capacity that meet demands).
    • Cost for acquiring or implementing new technology and updating infrastructure to integrate with it.
    • Cost for training IT staff and end users on new IT technology and processes.
    • Minor costs for initial setup of disruptive technology exploitation process and time taken by members.

    Long Term

    • More efficient and powerful IT infrastructure that capitalizes on emerging trends at the right time.
    • Lower help desk load due to self-service and automation technology.
    • Increased satisfaction with IT due to implementation of improved enterprise technology and visible IT influence on improvements.
    • Increased end-user satisfaction with IT due to understanding and support of consumer technology that affects their lives.
    • New technology may result in lower need for specific IT roles. Cultural disruptions due to changing role of IT.
    • Perception of failure if technology is tested and never implemented.
    • Expectation that IT will continue to implement the newest technology available, even when it has been dismissed as not having value.

    1.1.C Gain commitment from key stakeholders and executives

    Gaining approval from executives and key stakeholders is the final obstacle. Ensure that you cover the following items to have the best chance for project approval.

    • Use a sample deck similar to this section for gaining buy-in, ensuring that you add/remove information to make it specific to your organization. Cover this section, including:
      • Who: Who will lead the team and who will be on it (working group)?
      • What: What resources will be required by the team (costs)?
      • Where/When: How often and where will the team meet (meeting schedule)?
      • Why: Why is there a need to exploit disruptive technology (benefits and examples)?
      • How: How is the team going to exploit disruptive technology (the process)?
    • Go through this blueprint prior to presenting the plan to stakeholders so that you have a strong understanding of the details behind each process and tool.
    • Frame the first iteration of the cycle as a pilot program. Use the completed results of the pilot to establish exploiting disruptive technology as a necessary company initiative.

    Insert the resources required by the disruptive tech exploitation team into Section 1.5 of the Disruptive Technology Exploitation Plan Template. Have executives sign-off on the project in Section 1.6.

    Disruption has undermined some of the most successful tech companies

    “The IT department plays a critical role in [innovation]. What they can do is identify a technology that potentially might introduce improvements to the organization, whether it be through efficiency or through additional services to constituents.”
    - Michael Maguire, Management Consultant

    VoIP’s transformative effects

    Disruptive technology:
    Voice over Internet Protocol (VoIP) is a modern means of making phone calls through the internet by sending voice packets using data, as opposed to the traditional circuit transmissions of the PSTN.

    Who won:
    Organizations that realized the cost savings that VoIP provided for businesses with a steady internet connection saved as much as 60% on telephony expenses. Even in the early stages, with a few more limitations, organizations were able to save a significant amount of money and the technology has continued to improve.

    Who lost?
    Telecom-related companies that failed to realize VoIP was a potential threat to their market, and organizations that lacked the ability to explore and implement the disruptive technology early.

    Digital photography — the new norm

    Disruptive technology:
    Digital photography refers to the storing of photographs in a digital format, as opposed to traditional photography, which exposes light to sensitive photographic film.

    Who won:
    Photography companies and new players that exploited the evolution of data storage and applied it to photography succeeded. Those that were able to balance providing traditional photography and exploiting and introducing digital photography, such as Nikon, left competitors behind. Smartphone manufacturers also benefited by integrating digital cameras.

    Who lost?
    Photography companies, such as Kodak, that failed to respond to the digital revolution found themselves outcompeted and insolvent.

    1.1.D Help stakeholders understand what goes into formally exploiting disruptive tech by reviewing this process

    There are five steps to formally exploiting disruptive technology, each with its own individual outputs and tools to take analysis to the next level.

    Step 1.2:
    Hold Initial Meeting

    Output:

    • Initial list of disruptable processes;
    • Initial longlist

    Step 2.1:

    Brainstorm Longlist

    Output:

    • Finalized longlist;
    • Shortlist

    Step 2.2:

    Assess Shortlist

    Output:

    • Final shortlist;
    • SWOT analysis;
    • Tech categorization

    Step 3.1:
    Create Process Maps

    Output:

    • Completed process maps

    Step 3.2:
    Develop a proof of concept charter

    Output:

    • Proof-of-concept template with KPIs

    Info-Tech Insight

    Before going to stakeholders, complete the entire blueprint to better understand the tools and outputs of the process.

    1.1.E Establish the core working group and select a leader

    • Selecting your core membership for the working group is a critical step to the group’s success. Ensure that you satisfy the following criteria:
      • This is a team of subject matter experts. They will be overseeing the learning and piloting of disruptive technologies. Their input will also be valuable for senior executives and for implementing these technologies.
      • Choose members that can take time away from firefighting tasks to dedicate time to meetings.
      • It may be necessary to reach outside of the organization now or in the future for expertise on certain technologies. Use Info-Tech as a source of information.
    Organization Size Working Group Size
    Small 02-Jan
    Medium 05-Mar
    Large 10-May
    • Once the team is established, you must decide who will lead the group. Ensure that you satisfy the following criteria:
      • A leader should be credible, creative, and savvy in both technology and business.
      • The leader should facilitate, acting as both an expert and an aggregator of the information gathered by the team.

    Choose a compelling name

    The working group needs a name. Be sure to select one with a positive connotation within your organization.

    Section 1.3 of the Disruptive Technology Exploitation Plan Template

    1.1.F Create a schedule with a time commitment appropriate to your organization’s size; it doesn’t need to take long

    Time the disruptive technology working group’s meetings to coincide and integrate with your organization’s strategic planning — at least annually.

    Size Meeting Frequency Time per Meeting Example Meeting Activities
    Small Annually One day A one-day meeting to run through phase 2 of the project (SWOT analysis and shortlist analysis).
    Medium Two days A two-day meeting to run through the project. The additional meeting involves phase 3 of this deck, developing a proof-of-concept plan.
    Large Two+ days Two meetings, each two days. Two days to create and winnow the longlist (phase 2), and two further days to develop a proof of concept plan.

    “Regardless of size, it’s incumbent upon every organization to have some familiarity of what’s happening over the next few years, [and to try] to anticipate what some of those trends may be. […] These trends are going to accelerate IT’s importance in terms of driving business strategy.”
    – Vern Brownell, CEO, D-Wave

    Section 1.4 of the Disruptive Technology Exploitation Plan Template

    1.1.G Select a group of visionaries external to IT to help the working group brainstorm disruptive technologies

    Selecting advisors for your group is an ongoing step, and the roster can change.

    Ensure that you satisfy the following criteria:

    • Look beyond IT to select a team representing several business units.
    • Check for self-professed “geeks” and fans of science fiction that may be happy to join.
    • Membership can be a reward for good performance.

    This group does not have to meet as regularly as the core working group. Input from external advisors can occur between meetings. You can also include them on every second or third iteration of the entire process.

    However, the more input you can get into the group, the more innovative it can become.

    “It is … important to develop design fictions based on engagement with directly or indirectly implicated publics and not to be designed by experts alone.”
    – Emmanuel Tsekleves, Senior Lecturer in Design Interactions, University of Lancaster

    Section 1.3 of the Disruptive Technology Exploitation Plan Template

    The following case study illustrates the innovative potential that is created when you include a diverse group of people

    INDUSTRY - Chip Manufacturing
    SOURCE - Clayton Christensen, Intel

    To achieve insight, you need to collaborate with people from outside of your department.

    Challenge

    • Headquartered in California, through the 1990s, Intel was the largest microprocessor chip manufacturer in the world, with revenue of $25 billion in 1997.
    • All was not perfect, however. Intel faced a challenge from Cyrix, a manufacturer of low-end chips. In 18 months, Cyrix’s share of the low-margin entry-level chip manufacturing business mushroomed from 10% to 70%.

    Solution

    • Troubled by the potential for significant disruption of the microprocessor market, Intel brought in external consultants to hold workshops to educate managers about disruptive innovation.
    • Managers would break into groups and discuss ways Intel could facilitate the disruption of its competitors. In one year, Intel hosted 18 workshops, and 2,000 managers went through the process.

    Results

    • Intel launched the Celeron chip to serve the lower end of the PC market and win market share back from Cyrix (which no longer exists as an independent company) and other competitors like AMD.
    • Within one year, Intel had captured 35% of the market.

    “[The models presented in the workshops] gave us a common language and a common way to frame the problem so that we could reach a consensus around a counterintuitive course of action.” – Andy Grove, then-CEO, Intel Corporation

    Phase 1: Identify

    Create your working group.

    Activities:

    Step 1.1: Establish the core working group and select a leader; select a group of visionaries
    Step 1.2: Train the group to think like futurists
    Step 1.3: Hold the initial meeting

    This step involves the following participants:

    • IT Infrastructure Manager
    • CIO or CTO
    • Potential members and visionaries of the working group

    Outcomes of this phase:

    • Establish a team of subject matter experts that will evaluate new, emerging, and potentially disruptive technologies.
    • Establish a process for including visionaries from outside of the working group who will provide insight and direction.
    • Introduce the core working group members.
    • Gain a better understanding of how technology advances.
    • Brainstorm a list of organizational processes.
    • Brainstorm an initial longlist.

    Step 1.2

    Train the group to think like futurists

    Activities:

    1. Look to the past to predict the future:
      • Step 1: Review the technology opportunities you missed
      • Step 2: Review and record what you liked about the tech
      • Step 3: Review and record your dislikes
      • Step 4: Record and test the reasonability
    2. Crash course on futurology principles
    3. Peek into the future

    This step involves the following participants:

    • IT Infrastructure Manager
    • CIO or CTO
    • Core working group members
    • Visionaries

    Outcomes of this step

    • Team members thinking like futurists
    • Better understanding of how technology advances
    • List of past examples and characteristics

    Info-Tech Insight

    Business buy-in is essential. Manage your business partners by providing a summary of the EDIT methodology and process. Validate the process value, which will allow you create a team of IT and business representatives.

    1.2 Train the group to think like futurists

    1 hour

    Ensure the team understands how technology advances and how they can identify patterns in upcoming technologies.

    1. Lead the group through a brainstorming session.
    2. Follow the next phases and steps.
    3. This session should be led by someone who can facilitate a thought-provoking discussion.
    4. This training deck finishes with a video.

    Input

    • Facilitated creativity
    • Training deck [following slides]

    Output

    • Inspiration
    • Anonymous ideas

    Materials

    • Futurist training “steps”
    • Pen and paper

    Participants

    • Core working group
    • Visionaries
    • Facilitator

    1.2.A Look to the past to predict the future

    30 minutes

    Step 1

    Step 2 Step 3 Step 4

    Review what you missed.

    What did you like?

    What did you dislike?

    Test the reasonability.

    Think about a time you missed a technical disruptive opportunity.

    Start with a list of technologies that changed your business and processes.

    Consider those specifically you could have identified with a repeatable process.

    What were the most impactful points about the technology?

    Define a list of “characteristics” you liked.

    Create a shortlist of items.

    Itemize the impact to process, people, and technology.

    Why did you pass on the tech?

    Define a list of “characteristics” you did not like.

    Create a shortlist of items.

    Itemize the impact to process, people, and technology.

    Avoid the “arm chair quarterback” view.

    Refer to the six positive and negative points.

    Check against your data points at the end of each phase.

    Record the list of missed opportunities

    Record 6 characteristics

    Record 6 characteristics

    Completed “Think like a Futurists” tool

    Use the Disruptive Technology Research Look to the Past Tool to record your output.

    Input

    • Facilitated creativity
    • Speaker’s notes

    Output

    • Inspiration
    • Anonymous ideas
    • Recorded missed opportunities
    • Recorded positive points
    • Recorded dislikes
    • Reasonability test list

    Materials

    • Futurist training “steps”
    • Pen and paper
    • “Look to the Past” tool

    Participants

    • Core working group
    • Visionaries
    • Facilitator

    Understand how the difference between linear and exponential growth will completely transform many organizations in the next decade

    “The last ten years have seen exponential growth in research on disruptive technologies and their impact on industries, supply chains, resources, training, education and employment markets … The debate is still open on who will be the winners and losers of future industries, but what is certain is that change has picked up pace and we are now in a new technology revolution whose impact is potentially greater than the industrial revolution.”
    – Gary L. Evans

    Exponential advancement will ensure that life in the next decade will be very different from life today.

    • Linear growth happens one step at a time.
    • The difference between linear and exponential is hard to notice, at first.
    • We are now at the knee of the curve.

    What about email?

    • Consider the amount of email you get daily
    • Double it
    • Triple it

    Exponential growth happens much faster than linear growth, especially when it hits the knee of the curve. Technology grows exponentially, and we are approaching the knee of the curve.

    This graph is adapted from research by Ray Kurzweil.

    Growth: Linear vs. Exponential

    This image contains a graph demonstrating examples of exponential and linear trends.

    1.2.B Crash course on futurology principles

    1 hour

    “An analysis of the history of technology shows that technological change is exponential, contrary to the common-sense ‘intuitive linear’ view. So we won’t experience 100 years of progress in the 21st century — it will be more like 20,000 years of progress (at today’s rate).”
    - Ray Kurzweil

    Review the differences between exponential and linear growth

    The pace of technological advances makes progress difficult to predict.

    Technology advances exponentially. Rather than improving by the same amount of capability each year, it multiplies in capability each year.

    Think like a futurist to anticipate technology before it goes mainstream.

    Exponential growth happens much faster than linear growth, especially when it hits the knee of the curve. Even those who acknowledge exponential growth underestimate how capabilities can improve.

    The following case study illustrates the rise of social media providers

    “There are 7.7 billion people in the world, with at least 3.5 billion of us online. This means social media platforms are used by one in three people in the world and more than two-thirds of all internet users.”
    – Esteban Ortiz-Ospina

    This graph depicts the trend of the number of people using social media platforms between 2005 and 2019

    The following case study illustrates the rapid growth of Machine to Machine (M2M) connections

    A bar graph is shown which depicts the proportion of technology use from 2018-2022. the included devices are: Tablets; PCs; TVs; Non-smartphones; Smartphones; M2M

    Ray Kurzweil’s Law of Accelerating Returns

    “Ray Kurzweil has been described as ‘the restless genius’ by The Wall Street Journal, and ‘the ultimate thinking machine’ by Forbes. He was ranked #8 among entrepreneurs in the United States by Inc Magazine, calling him the ‘rightful heir to Thomas Edison,’ and PBS included Ray as one of 16 ‘revolutionaries who made America,’ along with other inventors of the past two centuries.”
    Source: KurzweilAI.net

    Growth is linear?

    “Information technology is growing exponentially. That’s really my main thesis, and our intuition about the future is not exponential, it’s really linear. People think things will go at the current pace …1, 2, 3, 4, 5, and 30 steps later, you’re at 30.”

    Better IT strategy enables future business innovation

    “The reality of information technology like computers, like biological technologies now, is it goes exponentially … 2, 4, 8, 16. At step 30, you’re at a billion, and this is not an idle speculation about the future.” [emphasis added]

    “When I was a student at MIT, we all shared a computer that cost tens of millions of dollars. This computer [pulling his smartphone out of his pocket] is a million times cheaper, a thousand times more powerful — that’s a billion-fold increase in MIPS per dollar, bits per dollar… and we’ll do it again in 25 years.”
    Source: “IT growth and global change: A conversation with Ray Kurzweil,” McKinsey & Company

    1.2.C Peak into the future

    1 hour

    Leverage industry roundtables and trend reports to understand the art of the possible

    • Uncover important business and industry trends that can inform possibilities for technology disruption.
    • Market research is critical in identifying factors external to your organization and identifying technology innovation that will provide a competitive edge. It’s important to evaluate the impact each trend or opportunity will have in your organization and market.

    Visit Info-Tech’s Trends & Priorities Research Center

    Visit Info-Tech’s Industry Coverage Research to get started.

    Phase 1: Identify

    Create your working group

    Activities:

    Step 1.1: Establish the core working group and select a leader; select a group of visionaries
    Step 1.2: Train the group to think like futurists
    Step 1.3: Hold the initial meeting

    This step involves the following participants:

    • IT Infrastructure Manager
    • CIO or CTO
    • Potential members and visionaries of the working group

    Outcomes of this phase:

    • Establish a team of subject matter experts that will evaluate new, emerging, and potentially disruptive technologies.
    • Establish a process for including visionaries from outside of the working group who will provide insight and direction.
    • Introduce the core working group members.
    • Gain a better understanding of how technology advances.
    • Brainstorm a list of organizational processes.
    • Brainstorm an initial longlist.

    Info-Tech Insight

    Establish the longlist. The longlist help create a holistic view of most technologies that could impact the business. Assigning values and quadrant scoring will shortlist the options and focus your PoC option.

    Step 1.3

    Hold the initial meeting

    Activities:

    1. Create an agenda for the meeting
    2. Start the kick-off meeting with introductions and a recap
    3. Brainstorm about creating a better future
    4. Begin brainstorming an initial longlist
    5. Have team members develop separate longlists for their next meeting

    This step involves the following participants:

    • IT Infrastructure Manager
    • CIO or CTO
    • Core working group members
    • Visionaries

    Outcomes of this step

    • Introduce the core working group members
    • Gain a better understanding of how technology advances
    • Brainstorm a list of organizational processes
    • Brainstorm an initial longlist

    1.3.A Create an agenda for the meeting

    1 hour

    Kick-off this cycle of the disruptive technology process by welcoming your visionaries and introducing your core working group.

    The purpose of the initial meeting is to brainstorm where new technology will be the most disruptive within the organization. You’ll develop two longlists: one of business processes and one of disruptive technology. These longlists are in addition to the independent research your core working group will perform before Phase 2.

    • Find an outgoing facilitator. Sitting back will let you focus more on ideating, and an engaging presenter will help bring out ideas from your visionaries.
    • The training deck (see step 1.2c) includes presenting a video. We’ve included some of our top choices for you to choose from.
      • Feel free to find your own video or bring in a keynote speaker.
      • The object of the video is to get the group thinking about the future.
      • Customize the training deck as needed.
    • If a cycle has been completed, present your findings and all of the group’s completed deliverables in the first section.
    • This session is the only time you have with your visionaries. Get their ideas on what technologies will be disruptive to start forming a longlist.

    Info-Tech Insight

    The disruptive tech team is prestigious. If your organization is large enough or has the resources, consider having this meeting in an offsite location. This will drive excitement to join the working group if the opportunity arises and incentivize good work.

    Meeting Agenda (Sample)

    Time

    Activity

    8:00am-8:30am Introductions and previous meeting recap
    8:30am-9:30am Training deck
    9:30 AM-10:00am Brainstorming
    10:00am-10:15am Break
    10:15am-10:45am Develop good research techniques
    10:45am-12:00pm Begin compiling your longlist

    Info-Tech Insight

    The disruptive tech team is prestigious. If your organization is large enough or has the resources, consider having this meeting in an offsite location. This will drive excitement to join the working group if the opportunity arises and incentivize good work.

    1.3.B Start the kick-off meeting with introductions and a summary of what work has been done so far

    30 minutes

    1. Start the meeting off with an icebreaker activity. This isn’t an ordinary business meeting – or even group – so we recommend starting off with an activity that will emphasize this unique nature. To get the group in the right mindset, try this activity:
      1. Go around the group and have people present:
      2. Their names and roles
      3. Pose some or all of the following questions/prompts to the group:
        • “Tell me about something you have created.”
        • “Tell me about a time you created a process or program considered risky.”
        • “Tell me about a situation in which you had to come up with several new ideas in a hurry. Were they accepted? Were they successful?”
        • “Tell me about a time you took a risk.”
        • “Tell me about one of your greatest failures and what you learned from it.”
    2. Once everyone has been introduced, present any work that has already been completed.
      1. If you have already completed a cycle, give a summary of each technology that you investigated and the results from any piloting.
      2. If this is the first cycle for the working group, present the information decided in Step 1.1.

    Input

    • Disruptive technology exploitation plan

    Output

    • Networking
    • Brainstorming

    Materials

    • Meeting agenda

    Participants

    • Core working group
    • Visionaries
    • Facilitator

    1.3.C Brainstorm about creating a better future for the company, the stakeholders, and the employees

    30 minutes

    Three sticky notes are depicted, at the top of each note are the following titles: What can we do better; How can we make a better future; How can we continue being successful

    1. Have everyone put up at least two ideas for each chart paper.
    2. Go around the room and discuss their ideas. You may generate some new ideas here.

    These generated ideas are organizational processes that can be improved or disrupted with emerging technologies. This list will be referenced throughout Phases 2 and 3.

    Input

    • Inspiration
    • Anonymous ideas

    Output

    • List of processes

    Materials

    • Chart paper and markers
    • Pen and paper

    Participants

    • Core working group
    • Visionaries

    1.3.D Begin brainstorming a longlist of future technology, and discuss how these technologies will impact the business

    30 minutes

    • Use the Disruptive Technology Research Database Tool to organize technologies and ideas. Longstanding working groups can track technologies here over the course of several years, updating the tool between meetings.
    • Guide the discussion with the following questions, and make sure to focus on the processes generated from Step 1.2.d.

    Focus on

    The Technology

    • What is the technology and what does it do?
    • What processes can it support?

    Experts and Other Organizations

    • What are the vendors saying about the technology?
    • Are similar organizations implementing the technology?

    Your Organization

    • Is the technology ready for wide-scale distribution?
    • Can the technology be tested and implemented now?

    The Technology’s Value

    • Is there any indication of the cost of the technology?
    • How much value will the technology bring?

    Download the Disruptive Technology Database Tool

    Input

    • Inspiration
    • List of processes

    Output

    • Initial longlist

    Materials

    • Chart paper and markers
    • Pen and paper
    • Disruptive Technology Research Database Tool

    Participants

    • Core working group
    • Visionaries

    1.3.E Explore these sources to generate your disruptive technology longlist for the next meeting

    30 Minutes

    There are many sources of information on new and emerging technology. Explore as many sources as you can.

    Science fiction is a valid source of learning. It drives and is influenced by disruptive technology.

    “…the inventor of the first liquid-fuelled rocket … was inspired by H.G. Wells’ science fiction novel War of the Worlds (1898). More recent examples include the 3D gesture-based user interface used by Tom Cruise’s character in Minority Report (2002), which is found today in most touch screens and the motion sensing capability of Microsoft’s Kinect. Similarly, the tablet computer actually first appeared in Stanley Kubrick’s 2001: A Space Odyssey (1968) and the communicator – which we’ve come to refer today as the mobile phone – was first used by Captain Kirk in Star Trek (1966).”
    – Emmanuel Tsekleves, senior lecturer, University of Lancaster

    Right sources: blogs, tech news sites, tech magazines, the tech section of business sites, popular science books about technology, conferences, trade publications, and vendor announcements

    Quantity over quality: early research is not the time to dismiss ideas.

    Discuss with your peers: spark new and innovative ideas

    Insert a brief summary of how independent research is conducted in Section 2.1 of the Disruptive Technology Exploitation Plan Template.

    1.3.E (Cont.) Explore these sources to generate your disruptive technology longlist for the next meeting

    30 Minutes

    There are many sources of information on new and emerging technology. Use this list to kick-start your search.

    Connect with practitioners that are worth their weight in Reddit gold. Check out topic-based LinkedIn groups and subreddits such as r/sysadmin and r/tech. People experienced with technology frequent these groups.

    YouTube is for more than cat videos. Many vendors use YouTube for distributing their previous webinars. There are also videos showcasing various technologies that are uploaded by lecturers, geeks, researchers, and other technology enthusiasts.

    Test your reasonability. Check your “Think Like a Futurist” Tool

    Resolve

    Evaluate Disruptive Technologies

    PHASE 2

    Phase 2: Resolve

    Evaluate disrupted technologies

    Activities:

    Step 2.1: Create and Winnow a Longlist
    Step 2.2: Assess Shortlist

    Info-Tech Insight

    Long to short … that’s the short of it. Using SWOT, value readiness, and quadrant mapping review sessions will focus the longlist, creating a shortlist of potential PoC candidates to review and consider.

    This step involves the following participants:

    • Core working group
    • Infrastructure Management

    Outcomes of this step:

    • Finalized longlist
    • Finalized shortlist
    • Initial analysis of each technology on the shortlist

    Step 2.1

    Create and winnow a longlist

    Activities:

    1. Converge everyone’s longlists
    2. Narrow technologies from the longlist down to a shortlist using Info-Tech’s Disruptive Technology Shortlisting Tool
    3. Use the shortlisting tool to help participants visualize the potential
    4. Input the technologies on your longlist into the Disruptive Technology Shortlisting Tool to produce a shortlist

    This step involves the following participants:

    • Core working group members

    Outcomes of this step:

    • Finalized longlist
    • Finalized shortlist
    • Initial analysis of each technology on the shortlist

    2.1 Organize a meeting with the core working group to combine your longlists and create a shortlist

    1 hour

    Plan enough time to talk about each technology on the list. Each technology was included for a reason.

    • Start with the longlist. Review the longlist compiled at the initial meeting, and then have everyone present the lists that they independently researched.
    • Focus on the company’s context. Make sure that the working group analyzes these disruptive technologies in the context of the organization.
    • Start to compile the shortlist. Begin narrowing down the longlist by excluding technologies that are not relevant.

    Meeting Agenda (Sample)

    TimeActivity
    8:00am-9:30amConverge longlists
    9:30am-10:00amBreak
    10:00am-10:45amDiscuss tech in organizational context
    10:45am-11:15amBegin compiling the shortlist

    Disruptive Technology Exploitation Plan Template

    2.1.A Converge the longlists developed by your team

    90 minutes

    • Start with the longlist developed at the initial meeting. Write this list on the whiteboard.
    • If applicable, have a member present the longlist that was created in the last cycle. Remove technologies that:
      • Are no longer disruptive (e.g. have been implemented or rejected).
      • Have become foundational.
    • Eliminate redundancy: remove items that are very similar.
    • Have members “pitch” items on their lists:
      • Explain why their technologies will be disruptive (2-5 minutes maximum)
      • Add new technologies to the whiteboard
    • Record the following for metrics:
      • Each presented technology
      • Reasons the technology could be disruptive
      • Source of the information
    • Use Info-Tech’s Disruptive Technology Research Database Tool as a starting point.

    Insert the final longlist into Section 2.2 of your Disruptive Technology Exploitation Plan Template.

    Input

    • Longlist developed at first meeting
    • Independent research
    • Previous longlist

    Output

    • Finalized longlist

    Materials

    • Disruptive Technology Research Database Tool
    • Whiteboard and markers
    • Virtual whiteboard

    Participants

    • Core working group

    Review the list of processes that were brainstormed by the visionary group, and ask for input from others

    • IT innovation is most highly valued by the C-suite when it improves business processes, reduces costs, and improves core products and services.
    • By incorporating this insight into your working group’s analysis, you help to attract the attention of senior management and reinforce the group’s necessity.
    • Any input you can get from outside of IT will help your group understand how technology can be disruptive.
      • Visionaries consulted in Phase 1 are a great source for this insight.
    • The list of processes that they helped to brainstorm in Step 1.2 reflects processes that can be impacted by technology.
    • Info-Tech’s research has shown time and again that both CEOs and CIOs want IT to innovate around:
      • Improving business processes
      • Improving core products and services
      • Reducing costs

    Improved business processes

    80%

    Core product and service improvement

    48%

    Reduced costs

    48%

    Increased revenues

    23%

    Penetration into new markets

    21%

    N=364 CXOs & CIOs from the CEO-CIO Alignment Diagnostic Questions were asked on a 7-point scale of 1 = Not at all to 7 = Very strongly. Results are displayed as percentage of respondents selecting 6 or 7.

    Info-Tech Insight

    The disruptive tech team is prestigious. If your organization is large enough or has the resources, consider having this meeting in an offsite location. This will drive excitement to join the working group if the opportunity arises and incentivize good work.

    2.1.B Narrow technologies from the longlist down to a shortlist using Info-Tech’s Disruptive Technology Shortlisting Tool

    90 minutes

    To decide which technology has potential for your organization, have the working group or workshop participants evaluate each technology:

    1. Record each potentially disruptive technology in the longlist on a whiteboard.
    2. Making sure to carefully consider the meaning of the terms, have each member of the group evaluate each technology as “high” or “low” along each of the axes, innovation and transformation, on a piece of paper.
    3. The facilitator collects each piece of paper and inputs the results by technology into the Disruptive Technology Shortlisting Tool.
    Technology Innovation Transformation
    Conversational Commerce High High

    Insert the final shortlist into Section 2.2 of your Disruptive Technology Exploitation Plan Template.

    Input

    • Longlist
    • Futurist brainstorming

    Output

    • Shortlist

    Materials

    • Disruptive Technology Research Database Tool
    • Whiteboard and markers
    • Virtual whiteboard

    Participants

    • Core working group

    Disruptive technologies are innovative and transformational

    Innovation

    Transformation

    • Elements:
      • Creative solution to a problem that is relatively new on the scene.
      • It is different, counterintuitive, or insightful or has any combination of these qualities.
    • Questions to Ask:
      • How new is the technology?
      • How different is the technology?
      • Have you seen anything like it before? Is it counterintuitive?
      • Does it offer an insightful solution to a persistent problem?
    • Example:
      • The sharing economy: Today, simple platforms allow people to share rides and lodgings cheaply and have disrupted traditional services.
    • Elements:
      • Positive change to the business process.
      • Highly impactful: impacts a wide variety of roles in a company in a nontrivial way or impacts a smaller number of roles more significantly.
    • Questions to Ask:
      • Will this technology have a big impact on business operations?
      • Will it add substantial value? Will it change the structure of the company?
      • Will it impact a significant number of employees in the organization?
    • Example:
      • Flash memory improved storage technology incrementally by building on an existing foundation.

    Info-Tech Insight

    Technology can be transformational but not innovative. Not every new technology is disruptive. Even where technology has improved the efficiency of the business, if it does this in an incremental way, it might not be worth exploring using this storyboard.

    2.1.C Use the shortlisting tool to help participants visualize the potential

    1 hour

    Use the Disruptive Technology Shortlisting Tool, tabs 2 and 3.

    Assign quadrants

    • Input group members’ names and the entire longlist (up to 30 technologies) into tab 2 of the Disruptive Technology Shortlisting Tool.
    • On tab 3 of the Disruptive Technology Shortlisting Tool, input the quadrant number that corresponds to the innovation and transformation scores each participant has assigned to each technology.

    Note

    This is an assessment meant to serve as a guide. Use discretion when moving forward with a proof-of-concept project for any potentially disruptive technology.

    Participant Evaluation Quadrant
    High Innovation, High Transformation 1
    High Innovation, Low Transformation 2
    Low Innovation, Low Transformation 3
    Low Innovation, High Transformation 4

    four quadrants are depicted, labeled 1-4. The quadrants are coloured as follows: 1- green; 2- yellow; 3; red; 4; yellow

    2.1.D Use the Disruptive Technology Shortlisting Tool to produce a shortlist

    1 hour

    Use the Disruptive Technology Shortlisting Tool, tabs 3 and 4.

    Use the populated matrix and the discussion list to arrive at a shortlist of four to six potentially disruptive technologies.

    • The tool populates each quadrant based on how many votes it received in the voting exercise.
    • Technologies selected for a particular quadrant by a majority of participants are placed in the quadrant on the graph. Where there was no consensus, the technology is placed in the discussion list.
    • Technologies in the upper right quadrant – high transformation and high innovation – are more likely to be good candidates for a proof-of-concept project. Those in the bottom left are likely to be poor candidates, while those in the remaining quadrants are strong on one of the axes and are unlikely candidates for further systematic evaluation.

    This image contains a screenshot from tab 3 of the Disruptive Technology Shortlisting Tool.

    Input the results of the vote into tab 3 of the Disruptive Technology Shortlisting Tool.

    This image contains a screenshot from tab 4 of the Disruptive Technology Shortlisting Tool.

    View the results on tab 4.

    Phase 2: Resolve

    Evaluate disrupted technologies

    Activities:

    Step 2.1: Create and Winnow a Longlist
    Step 2.2:- Assess Shortlist

    This step involves the following participants:

    • Core working group
    • Infrastructure Management

    Outcomes of this step:

    • Finalized longlist
    • Finalized shortlist
    • Initial analysis of each technology on the shortlist

    Assess Shortlist

    Activities:

    1. Assess the value of each technology to your organization by breaking it down into quality and cost
    2. Investigate the overall readiness of the technologies on the shortlist
    3. Interpret each technology’s value score
    4. Conduct a SWOT analysis for each technology on the shortlist
    5. Use Info-Tech’s disruptive technology shortlist analysis to visualize the tool’s outputs
    6. Select the shortlisted technologies you would like to move forward with

    This step involves the following participants:

    • Core working group members
    • IT Management

    Outcomes of this step:

    • Finalized shortlist
    • Initial analysis of each technology on the shortlist

    2.2 Evaluate technologies based on their value and readiness, and conduct a SWOT analysis for each one

    Use the Disruptive Technology Value-Readiness and SWOT Analysis Tool

    • A technology monitor diagram prioritizes investment in technology by analyzing its readiness and value.
      • Readiness: how close the technology is to being practical and implementable in your industry and organization.
      • Value: how worthwhile the technology is, in terms of its quality and its cost.
    • Value and readiness questionnaires are included in the tool to help determine current and future values for each, and the next four slides explain the ratings further.
    • Categorize technology by its value-readiness score, and evaluate how much potential value each technology has and how soon your company can realize that value.
    • Use a SWOT analysis to qualitatively evaluate the potential that each technology has for your organization in each of the four categories (strengths, weaknesses, opportunities, and threats).

    The technology monitor diagram appears in tab 9 of the Disruptive Technology Value-Readiness and SWOT Analysis Tool

    This image depicts tab 9 of the Disruptive Technology Value-Readiness and SWOT Analysis Tool

    2.2.A Assess the value of each technology to your organization by breaking it down into quality and cost

    1 hour

    Update the Disruptive Technology Value-Readiness and SWOT Analysis Tool, tab 4.

    Populate the chart to produce a score for each technology’s overall value to the company conceptualized as the interaction of quality and cost.

    Overall Value

    Quality Cost

    Each technology, if it has a product associated with it, can be evaluated along eight dimensions of quality. Consider how well the product performs, its features, its reliability, its conformance, its durability, its serviceability, its aesthetics, and its perceived quality.

    IT budgets are broken down into capital and operating expenditures. A technology that requires a significant investment along either of these lines is unlikely to produce a positive return. Also consider how much time it will take to implement and operate each technology.

    The value assessment is part of the Disruptive Technology Value-Readiness and SWOT Analysis Tool

    This image contains a screenshot from tab 4 of the Disruptive Technology Value-Readiness and SWOT Analysis Tool.

    Info-Tech Insight

    Watch your costs: Technology that seems cheap at first can actually be expensive over time. Be sure to account for operational and opportunity costs as well.

    2.2.B Investigate the overall readiness of the technologies on the shortlist

    1 hour

    Update the Disruptive Technology Value-Readiness and SWOT Analysis Tool, tab 4.

    Overall Readiness

    Age

    How much time has the technology had to mature? Older technology is more likely to be ready for adoption.

    Venture Capital

    The amount of venture capital gathered by important firms in the space is an indicator of market faith.

    Market Size

    How big is the market for the technology? It is more difficult to break into a giant market than a niche market.

    Market Players

    Have any established vendors (Microsoft, Facebook, Google, etc.) thrown their weight behind the technology?

    Fragmentation

    A large number of small companies in the space indicates that the market has yet to reach equilibrium.

    The readiness assessment is part of the Disruptive Technology Value-Readiness and SWOT Analysis Tool

    This image contains a screenshot of the Readiness Scoring tab of the Disruptive Technology Value-Readiness and SWOT Analysis Tool.

    Use a variety of sources to populate the chart

    Google is your friend: search each shortlisted technology to find details about its development and important vendors.

    Websites like Crunchbase, VentureBeat, and Mashable are useful sources for information on the companies involved in a space and the amount of money they have each raised.

    2.2.C Interpret each technology’s value score

    1 hour

    Insert the result of the SWOT analysis into tab 7 of Info-Tech’s Disruptive Technology Value-Readiness and SWOT Analysis Tool.

    Visualize the results of the quality-cost analysis

    • Quality and cost are independently significant; it is essential to understand how each technology stacks up on the axes.
    • Use tab 6 of the Disruptive Technology Value-Readiness and SWOT Analysis Tool for an illustration of how quality and cost interact to produce each technology’s final position on the tech monitor graph.
    • Remember: the score is notional and reflects the values that you have assigned. Be sure to treat it accordingly.

    This image contains a screenshot of the Value Analysis tab of the Disruptive Technology Value-Readiness and SWOT Analysis Tool

    Green represents a technology that scores extremely high on one axis or the other, or quite high on both. These technologies are the best candidates for proof-of-concept projects from a value perspective.

    Red represents a technology that has scored very low on both axes. These technologies will be expensive, time consuming, and of poor quality.

    Yellow represents the fuzzy middle ground. These technologies score moderately on both axes. Be especially careful when considering the SWOT analysis of these technologies.

    2.2.D Conduct a SWOT analysis for each technology on the shortlist

    1 hour

    Use tab 6 of the Disruptive Technology Value-Readiness and SWOT Analysis Tool.

    A formal process for analyzing disruptive technology is the only way to ensure that it is taken seriously.

    Write each technology as a heading on a whiteboard. Spend 10-15 minutes on each technology conducting a SWOT analysis together.

    Consider four categories for each technology:

    • Strengths: Current uses of the technology or supporting technology and ways in which it helps your organization.
    • Weaknesses: Current limitations of the technology and challenges or barriers to adopting it in your organization.
    • Opportunities: Potential uses of the technology, especially as it advances or improves.
    • Threats: Potential negative disruptions resulting from the technology, especially as it advances or improves.

    The list of processes generated at the cycle’s initial meeting is a great source for opportunities and threats.

    Disruptive Technology Value-Readiness and SWOT Analysis Tool

    This image contains screenshots of the technology tab of the Disruptive Technology Value-Readiness and SWOT Analysis Tool.

    2.2.E Use Info-Tech’s disruptive technology shortlist analysis to visualize the tool’s outputs

    1 hour

    Disruptive Technology Value-Readiness and SWOT Analysis Tool, tab 9

    The tool’s final tab displays the results of the value-readiness analysis and the SWOT analysis in a single location.

    This image contains a screenshot from tab 9 of the Disruptive Technology Value-Readiness and SWOT Analysis Tool

    Insert the shortlist analysis report into Section 3 of your Disruptive Technology Exploitation Plan Template.

    2.2.F Select the shortlisted technologies you would like to move forward with

    1 hour

    Present your findings to the working group.

    • The Disruptive Technology Value-Readiness and SWOT Analysis Tool aggregates your inputs in an easy-to-read, consistent way.
    • Present the tool’s outputs to members of the core working group.
    • Explain the scoring and present the graphic to the group. Go over each technology’s strengths and weaknesses as well as the opportunities and threats it presents/poses to the organization.
    • Go through the proof-of-concept planning phase before striking any technologies from the list.

    This image contains a screenshot of the disruptive technology shortlist analysis from the Disruptive Technology Value-Readiness and SWOT Analysis Tool

    Info-Tech Insight

    A technology’s exceptional value and immediate usability make it the best. A technology can be promising and compelling, but it is unsuitable unless it can bring immediate and exceptional value to your organization. Don’t get caught up in the hype.

    Evaluate

    Create an Action Plan to Exploit Disruptive Technologies

    PHASE 3

    Phase 3: Evaluate

    Create an Action Plan to Exploit Disruptive Technologies

    Activities:

    Step 3.1: Create Process Maps
    Step 3.2: Develop Proof of Concept Charter

    This step involves the following participants:

    • Core working group
    • Infrastructure Management
    • Working group leader
    • CIO

    Outcomes of this step:

    • Business process maps before and after disruption
    • Proof of concept charter
    • Key performance indicators
    • Estimation of required resources

    Step 3.1

    Create Process Maps

    Activities:

    1. Creating a problem canvas by identifying stakeholders, jobs, pains, and gains
    2. Clarify the problem the proof-of-concept project will solve
    3. Identify jobs and stakeholders
    4. Outline how disruptive technology will solve the problem
    5. Map business processes
    6. Identify affected business units
    7. Outline and map the business processes likely to be disrupted
    8. Recognize how the new technology will impact business processes
    9. Make the case: Outline why the new business process is superior to the old

    This step involves the following participants:

    • Working group leader
    • CIO

    Outcomes of this step:

    • Business process maps before and after disruption

    3.1 Create an action plan to exploit disruptive technologies

    Clarify the problem in order to make the case. Fill in section 1.1 of Info-Tech’s Proof of Concept Template to clearly outline the problem each proof of concept is designed to solve.

    Establish roles and responsibilities. Use section 1.2 of the template to outline the roles and responsibilities that fall to each member of the team. Ensure that clear lines of authority are delineated and that the list of stakeholders is exhaustive: include the executives whose input will be required for project approval, all the way to the technicians on the frontline responsible for implementing it.

    Outline the solution to the problem. Demonstrate how each proof-of-concept project provides a solution to the problem outlined in section 1.1. Be sure to clarify what makes the particular technology under investigation a potential solution and record the results in section 1.3.

    This image contains a screenshot of the Proof of concept project template

    Use the Proof of Concept Project Template to track the information you gather throughout Phase 3.

    3.1.A Creating a problem canvas by identifying stakeholders, jobs, pains, and gains

    2 hours

    Instructions:

    1. On a whiteboard, draw the visual canvas supplied below.
    2. Select your issue area, and list jobs, pains, and gains in the associated sections.
    3. Record the pains, jobs, and gains in sections 1.1-1.3 of the Proof of Concept Template.

    Gains

    1. More revenue

    2. Job security

    3. ……

    Jobs

    1. Moving product

    2. Per sale value

    3. ……

    Pains

    1. Clunky website

    2. Bad site navigation

    3. ……

    Input

    • Inspiration
    • Anonymous ideas

    Output

    • List of processes

    Materials

    • Chart paper and markers
    • Pen and paper

    Participants

    • Core working group
    • Visionaries

    3.1.B Clarify the problem the proof-of-concept project will solve

    2 hours

    What is the problem?

    • Every technology is designed to solve a problem faced by somebody somewhere. For each technology that your team has decided to move forward with, identify and clearly state the problem it would solve.
    • A clear problem statement is a crucial part of a new technology’s business case. It is impossible to earn buy-in from the rest of the organization without demonstrating the necessity of a solution.
    • Perfection is impossible to achieve: during the course of their work, everyone encounters pain points. Identify those pain points to arrive at the problem that needs to be solved.

    Example:

    List of pains addressed by conversational commerce:

    • Search functions can be clunky and unresponsive.
    • Corporate websites can be difficult to navigate.
    • Customers are uncomfortable in unfamiliar internet environments.
    • Customers do not like waiting in a long queue to engage with customer service representatives when they have concerns.

    “If I were given one hour to solve a problem, I would spend 59 minutes defining the problem and one minute resolving it.”
    – Albert Einstein

    Input the results of this exercise into Section 1.1 of the Proof of Concept Template.

    3.1.C Identify jobs and stakeholders

    1 hour

    Jobs

    Job: Anything that the “customer” (the target of the solution) needs to get done but that is complicated by a pain.

    Examples:
    The job of the conversational commerce interface is to make selling products easier for the company.
    From the customer perspective, the job of the conversational interface is to make the act of purchasing a product simpler and easier.

    Stakeholders

    Stakeholder: Anyone who is impacted by the new technology and who will end up using, approving, or implementing it.

    Examples:
    The executive is responsible for changing the company’s direction and approving investment in a new sales platform.
    The IT team is responsible for implementing the new technology.
    Marketing will be responsible for selling the change to customers.
    Customers, the end users, will be the ones using the conversational commerce user interface.

    Input the results of this exercise into Section 1.2 of the Proof of Concept Template.

    Info-Tech Insight

    Process deconstruction reveals strengths and weaknesses. Promising technology should improve stakeholders’ abilities to do jobs.

    3.1.D Outline how disruptive technology will solve the problem

    1 hour

    How will the technology in question make jobs easier?

    • How will the disruptive technology you have elected to move forward with create gains for the organization?
    • First, identify the gains that are supposed to come with the project. Consider the benefits that the various stakeholders expect to derive from the jobs identified.
    • Second, make note of how the technology in question facilitates the gains you have noted. Be sure to articulate the exclusive features of the new technology that make it an improvement over the current state.

    Note: The goal of this exercise is to make the case for a particular technology. Sell it!

    Expected Gain: Increase in sales.

    Conversational Commerce’s Contribution: Customers are more likely to purchase products using interfaces they are comfortable with.

    Expected Gain: Decrease in costs.

    Conversational Commerce’s Contribution: Customers who are satisfied with the conversational interface are less likely to interact with live agents, saving labor costs.

    Input the results of this exercise into Section 1.3 of the Proof of Concept Template.

    3.1.E Map business processes

    1 hour

    Map the specific business processes the new technology will impact.

    • Disruptive technologies will impact a wide variety of business processes.
    • Map business processes to visualize what parts of your organization (departments, silos, divisions) will be impacted by the new technology, should it be adopted after the proof of concept.
    • Identify how the disruption will take place.
    • Demonstrate the value of each technology by including the results of the Disruptive Technology Value-Readiness and SWOT Analysis Tool with your process map.

    This image contains a screenshot of the Proof of concept project template

    Use the Proof of Concept Project Template to track the information you gather throughout Phase 3.

    3.1.F Identify affected business units

    30 minutes per technology

    Disruptive technology will impact business units.

    • Using the stakeholders identified earlier in the project, map each technology to the business units that will be affected.
    • Make your list exhaustive. While some technologies will have a limited impact on the business as a whole, others will have ripple effects throughout the organization.
    • Examine affected units at all scales: How will the technology impact operations at the team level? The department level? The division level?

    “The disruption is not just in the technology. Sometimes a good business model can be the disruptor.”
    – Jason Hong, Associate Professor, Carnegie Mellon

    Example:

    • Customer service teams: Conversational commerce will replace some of the duties of the customer service representative. They will have to reorganize to account for this development.
    • IT department: The IT department will be responsible for building/maintaining the conversational interface (or, more likely, they will be responsible for managing the contract with the vendor).
    • Sales analytics: New data from customers in natural language might provide a unique opportunity for the analytics team to develop new initiatives to drive sales growth.

    Input the results of this exercise into Section 2.1 of the Proof of Concept Template.

    3.1.G Outline and map the business processes likely to be disrupted

    15 minutes per technology

    Leverage the insights of the diverse working group.

    • Processes are designed to transform inputs into outputs. All business activities can be mapped into processes.
    • A process map illustrates the sequence of actions and decisions that transform an input into an output.
    • Effective mapping gives managers an “aerial” view of the company’s processes, making it easier to identify inefficiencies, reduce waste, and ultimately, streamline operations.
    • To identify business processes, have group members familiar with the affected business units identify how jobs are typically accomplished within those units.

    “To truly understand a business process, we need information from both the top-down and bottom-up points of view. Informants higher in the organizational hierarchy with a strategic focus are less likely to know process details or problems. But they might advocate and clearly articulate an end-to-end, customer-oriented philosophy that describes the process in an idealized form. Conversely, the salespeople, customer service representatives, order processors, shipping clerks, and others who actually carry out the processes will be experts about the processes, their associated documents, and problems or exception cases they encounter.”
    – Robert J. Glushko, Professor at UC Berkeley and Tim McGrath, Business Consultant

    Info-Tech Insight

    Opinions gathered from a group that reflect the process in question are far more likely to align with your organization’s reality. If you have any questions about a particular process, do not be afraid to go outside of the working group to ask someone who might know.

    3.1.G Outline and map the business processes likely to be disrupted (continued)

    15 minutes per technology

    Create a simple diagram of identified processes.

    • Use different shapes to identify different points in the process.
    • Rectangles represent actions, diamonds represent decisions.
    • On a whiteboard, map out the actions and decisions that take place to transform an input into an output.
    • Input the result into section 2.2 of the Proof of Concept Template.

    This image contains a screenshot of the Software Service Cross-Function Process tab from Edraw Visualization Solutions.

    Source: Edraw Visualization Solutions

    Example: simplified process map

    1. User: visits company website
    2. User: engages search function or browses links
    3. User: selects and purchases product from a menu
    4. Company: ships product to customer

    3.1.H Recognize how the new technology will impact business processes

    15 minutes per technology

    Using the information gleaned from the previous activities, develop a new process map that takes the new technology into account.

    Identify the new actions or decisions that the new technology will affect.

    User: visits company website; User: engages conversational; commerce platform; User: engages search function or browses links; User: makes a natural language query; User: selects and purchases product from a menu</p data-verified=

    User: selects and purchases product from a menu; Company: ships product to customer; Company: ships product to customer">

    Info-Tech Insight

    It’s ok to fail! The only way to know you’re getting close to the “knee of curve" is from multiple failed PoC tests. The more PoC options you have, the more likely it will be that you will have two to three successful results.

    3.1.I Make the case: Outline why the new business process is superior to the old

    15 minutes per technology

    Articulate the main benefits of the new process.

    • Using the revised process map, make the case for each new action.
    • Questions to consider: How does the new technology relieve end-user/customer pains? How does the new technology contribute to the streamlining of the business process? Who will benefit from the new action? What are the implications of those benefits?
    • Record the results of this exercise in section 2.4 of the Proof of Concept Template.

    This image contains an example of an outline comparing the benefits of new and the old business processes.

    Info-Tech Insight

    If you cannot articulate how a new technology will benefit a business process, reconsider moving forward with the proof-of-concept project.

    Phase 3: Evaluate

    Create an Action Plan to Exploit Disruptive Technologies

    Activities:

    Step 3.1: Create Process Maps
    Step 3.2: Develop Proof of Concept Charter

    Develop Proof of Concept Charter

    This step involves the following participants:

    • Core working group
    • Infrastructure Management
    • Working group leader
    • CIO

    Outcomes of this step:

    • Business process maps before and after disruption
    • Proof of concept charter
    • Key performance indicators
    • Estimation of required resources

    Step 3.2

    Develop Proof of Concept Charter

    Activities:

    1. Use SMART success metrics to define your objectives
    2. Develop key performance indicators (KPIs)
    3. Identify key success factors for the project
    4. Outline the project’s scope
    5. Identify the structure of the team responsible for the proof-of-concept project
    6. Estimate the resources required by the project
    7. Be aware of common IT project concerns
    8. Communicate your working group’s findings and successes to a wide audience
    9. Hand off the completed proof-of-concept project plan
    10. Disruption is constant: Repeat the evaluation process regularly to protect the business

    This step involves the following participants:

    • Working group leader
    • CIO

    Outcomes of this step:

    • Proof of concept charter
    • Key performance indicators
    • Estimation of required resources

    3.2 Develop a proof of concept charter

    Keep your proof of concept on track by defining five key dimensions.

    1. Objective: Giving an overview of the planned proof of concept will help to focus and clarify the rest of this section. What must the proof of concept achieve? Objectives should be: specific, measurable, attainable, relevant, and time bound. Outline and track key performance indicators.
    2. Key Success Factors: These are conditions that will positively impact the proof of concept’s success.
    3. Scope: High-level statement of scope. More specifically, state what is in scope and what is out of scope.
    4. Project Team: Identify the team’s structure, e.g. sponsors, subject-matter experts.
    5. Resource Estimation: Identify what resources (time, materials, space, tools, expertise, etc.) will be needed to build and socialize your prototype. How will they be secured?

    Input the results of this exercise into Section 3.0 of the Proof of Concept Template.

    3.2.A Use SMART success metrics to define your objectives

    Specific

    Measurable

    Actionable

    Realistic

    Time Bound

    Make sure the objective is clear and detailed.

    Objectives are measurable if there are specific metrics assigned to measure success. Metrics should be objective.

    Objectives become actionable when specific initiatives designed to achieve the objective are identified.

    Objectives must be achievable given your current resources or known available resources.

    An objective without a timeline can be put off indefinitely. Furthermore, measuring success is challenging without a timeline.

    Who, what, where, why?

    How will you measure the extent to which the goal is met?

    What is the action-oriented verb?

    Is this within my capabilities?

    By when: deadline, frequency?

    Examples:

    1. Increase in sales by $40,000 per month by the end of next quarter.
    2. Immediate increase in web traffic by 600 unique page views per day.
    3. Number of pilots approved per year.
    4. Number of successfully deployed solutions per year.

    Input the results of this exercise into Section 3.0 of the Proof of Concept Template.

    3.2.B Develop key performance indicators (KPIs)

    30 minutes per technology

    Key performance indicators allow for rigorous analysis, which generates insight into utilization by platform and consumption by business activity.

    • Use the process improvements identified in step 3.1 to brainstorm metrics that indicate when process improvement is actually taking place.
    • Have members of the group pitch KPIs; the facilitator should record each suggestion on a whiteboard.
    • Make sure to have everyone justify the inclusion of each metric: How does it relate to the improvement that the proof of concept project is intended to drive? How does it relate to the overall goals of the business?
    • Include a list of KPIs, along with a description and a target (ensuring that it aligns with SMART metrics) in section 3.1 of the Proof of Concept Template.

    “An estimated 70% of performance measurement systems fail after implementation. Carefully select your KPIs and avoid this trap!”
    Source: Collins et al. 2016

    Key Performance Indicator Description Target

    Result

    Conversion rate What percentage of customers who visit the site/open the conversational interface continue on to make a purchase? 40%
    Average order value

    How much does each customer spend per visit to the website?

    $212
    Repeat customer rate What percentage of customers have made more than one purchase over time? 65%
    Lifetime customer value Over the course of their interaction with the company, what is the typical value each customer brings? $1566

    Input the results of this exercise into Section 3.1 of the Proof of Concept Template.

    3.2.C Identify key success factors for the project

    30 minutes per technology

    Effective project management involves optimizing four key success factors (Clarke, 1999)

    • Communication: Communicate the expected changes to stakeholders, making sure that everyone who needs to know does know. Example: Make sure customer service representatives know their duties will be impacted by the conversational UI well before the proof-of-concept project begins.
    • Clarity: All involved in the project should be apprised of what the project is intended to accomplish and what the project is not intended to accomplish. Example: The conversational commerce project is not intended to be rolled out to the entire customer base all at once; it is not intended to disrupt normal online sales.
    • Compartmentalization: The working group should suggest some ways that the project can be broken down to facilitate its effective implementation. Example: Sales provides details of customers who might be amenable to a trial, IT secures a vendor, customer service writes a script.
    • Flexibility: The working group’s final output should not be treated as gospel. Ensure that the document can be altered to account for unexpected events. Example: The conversational commerce platform might drive sales of a particular product more than others, necessitating adjustments at the warehouse and shipping level.

    Input the results of this exercise into Section 3.0 of the Proof of Concept Template.

    3.2.D Outline the project’s scope

    10 minutes per technology

    Create a high-level outline of the project’s scope.

    • Questions to consider: Broadly speaking, what are the project’s goals? What is the desired future state? Where in the company will the project be rolled out? What are some of the company’s goals that the project is not designed to cover?
    • Be sure to avoid scope creep! Remember: The goal of the proof-of-concept project is to produce a minimum case for viability in a carefully defined area. Reserve a detailed accounting of costs and benefits for the post-proof-of-concept stage.
    • Example: The conversational user interface will only be rolled out in an e-commerce setting. Other business units (HR, for example) are beyond the scope of this particular project.

    “Although scope creep is not the only nemesis a project can have, it does tend to have the farthest reach. Without a properly defined project and/or allowing numerous changes along the way, a project can easily go over budget, miss the deadline, and wreak havoc on project success.”
    – University Alliance, Villanova University

    Input the results of this exercise into Section 3.0 of the Proof of Concept Template.

    3.2.E Identify the structure of the team responsible for the proof-of-concept project

    10 minutes per technology

    Brainstorm who will be involved in project implementation.

    • Refer back to the list of stakeholders identified in 3.1.a. Which stakeholders should be involved in implementing the proof-of-concept plan?
    • What business units do they represent?
    • Who should be accountable for the project? At a high level, sketch the roles of each of the participants. Who will be responsible for doing the work? Who will approve it? Who needs to be informed at every stage? Who are the company’s internal subject matter experts?

    Example

    Name/Title Role
    IT Manager Negotiate the contract for the software with vendor
    CMO Promote the conversational interface to customers

    Input the results of this exercise into Section 3.0 of the Proof of Concept Template.

    3.2.F Estimate the resources required by the project

    10 minutes per technology

    Time and Money

    • Recall: Costs can be operational, capital, or opportunity.
    • Revisit the Disruptive Technology Value-Readiness and SWOT Analysis Tool. Record the capital and operational expenses expected to be associated with each technology, and add detail where possible (use exact figures from particular vendors instead of percentages).
    • Write the names and titles of each expected participant in the project on a whiteboard. Next to each name, write the number of hours they are expected to devote to the project and include a rough estimate of the cost of their participation to the company. Use full-time employee equivalent (FTE measures) as a base.
    • Outline how other necessary resources (space, tools, expertise, etc.) will be secured.

    Example: Conversational Commerce

    • OpEx: $149/month + 2.9¢/transaction* (2,000 estimated transactions)
    • CapEx: $0!
    • IT Manager: 5 hours at $100/hour
    • IT Technician: 40 hours at $45/hour
    • CMO: 1 hour at $300/hour
    • Customer Service Representative: 10 hours at $35/hour
    • *Estimated total cost for a one-month proof-of-concept project: $3,157

    *This number is a sample taken from the vendor Rhombus

    Input the results of this exercise into Section 3.0 of the Proof of Concept Template.

    3.2.G Be aware of common IT project concerns

    Of projects that did not meet business expectations or were cancelled, how significant were the following issues?

    A bar graph is depicted, comparing small, medium, and large businesses for the following datasets: Over budget; Project failed to be delivered on time; Breach of scope; Low quality; Failed to deliver expected benefit or value

    This survey data did not specifically address innovation projects.

    • Disruptive technology projects will be under increased scrutiny in comparison to other projects.
    • Be sure to meet deadlines and stay within budget.
    • Be cognizant that your projects can go out of scope, and there will be projects that may have to be cancelled due to low quality. Remember: Even a failed test is a learning opportunity!

    Info-Tech’s CIO-CEO Alignment Survey, N=225

    Organization size was determined by the number of IT employees within the organization

    Small = 10 or fewer IT staff, medium = 11 to 25 IT staff, and large/enterprise = 26 or greater IT staff

    3.2.H Communicate your working group’s findings and successes to a wide audience

    Advertise the group’s successes and help prevent airline magazine syndrome from occurring.

    • Share your group’s results internally:
      • Run your own analysis by senior management and then share it across the organization.
      • Maintain a list of technologies that the working group has analyzed and solicit feedback from the wider organization.
      • Post summaries of the technologies in a publicly available repository. The C-suite may not read it right away, but it will be easy to provide when they ask.
      • If senior management has declined to proceed with a certain technology, avoid wasting time and resources on it. However, include notes about why the technology was rejected.
    • These postings will also act as an advertisement for the group. Use the garnered interest to attract visionaries for the next cycle.
    • These postings will help to reiterate the innovative value of the IT department and help bring you to the decision-making table.

    “Some CIOs will have to battle the bias that they belong in the back office and shouldn’t be included in product architecture planning. CIOs must ‘sell’ IT’s strength in information architecture.”
    – Chris Curran, Chief Technologist, PwC (Curran, 2014)

    Info-Tech Insight

    Cast a wide net. By sharing your results with as many people as possible within your organization, you’ll not only attract more attention to your working group, but you will also get more feedback and ideas.

    3.2.I Hand off the completed proof-of-concept project plan

    The proof of concept template is filled out – now what?

    • The core working group is responsible for producing a vision of the future and outlining new technology’s disruptive potential. The actual implementation of the proof of concept (purchasing the hardware, negotiating the SLA with the vendor) is beyond the working group’s responsibilities.
    • If the proof of concept goes ahead, the facilitator should block some time to evaluate the completed project against the key performance indicators identified in the initial plan.
    • A cure for airline magazine syndrome: Be prepared when executives ask about new technology. Present them with the results of the shortlist analysis and the proof-of-concept plan. A clear accounting of the value, readiness, strengths, weaknesses, opportunities, and threats posed by each technology, along with its impact on business processes, is an invaluable weapon against poor technology choices.

    Use section 3.2.b to identify the decision-making stakeholder who has the most to gain from a successful proof-of-concept project. Self-interest is a powerful motivator – the project is more likely to succeed in the hands of a passionate champion.

    Info-Tech Insight

    Set a date for the first meeting of the new iteration of the disruptive technology working group before the last meeting is done. Don’t risk pushing it back indefinitely.

    3.2.J Hand off the completed proof-of-concept project plan

    Record the results of the proof of concept. Keep track of what worked and what didn’t.

    Repeat the process regularly.

    • Finalize the proof of concept template, but don’t stop there: Keep your ear to the ground; follow tech developments using the sources identified in step 1.2.
    • Continue expanding the potential longlist with independent research: Be prepared to expand your longlist. Remember, the more technologies you have on the longlist, the more potential airline magazine syndrome cures you have access to.
    • Have the results of the previous session’s proof of concept plan on hand: At the start of each new iteration, conduct a review. What technologies were successful beyond the proof of concept phase? Which parts of the process worked? Which parts did not? How could they be improved?

    Info-Tech Insight

    The key is in anticipation. This is not a one-and-done exercise. Technology innovation operates at a faster pace than ever before, well below the Moores Law "18 month" timeline as an example. Success is in making EDIT a repeatable process.

    Related Info-Tech Research

    Define Your Digital Business Strategy
    After a major crisis, find your place in the digital economy.

    Develop a Project Portfolio Management Strategy
    Drive project throughput by throttling resource capacity.

    Adopt Design Thinking in Your Organization
    Innovation needs design thinking.

    Digital Maturity Improvement Service
    Prepare your organization for digital transformation – or risk falling behind.

    Research contributors and experts

    Nitin Babel

    Nitin Babel, Co-Founder, niki.ai

    Nitin Babel, MSc, co-created conversational commerce platform niki.ai in early 2015. Since then, the technology has been featured on the front page of the Economic Times, and has secured the backing of Ratan Tata, former chairman of the Tata Group, one of the largest companies in the world.

    Mark Hubbard

    Mark Hubbard, Senior Vice President, FirstOnSite

    Mark is the SVP for Information Technology in Canada with FirstOnSite, a full service disaster recovery and property restoration company. Mark has over 25 years of technology leadership guiding global organizations through the development of strategic and tactical plans to strengthen their technology platforms and implement business aligned technology strategies.

    Chris Green

    Chris Green, Enterprise Architect, Boston Private
    Chris is an IT architect with over 15 years’ experience designing, building, and implementing solutions. He is a results-driven leader and contributor, skilled in a broad set of methods, tools, and platforms. He is experienced with mobile, web, enterprise application integration, business process, and data design.

    Andrew Kope

    Andrew Kope, Head of Data Analytics
    Big Blue Bubble
    Andrew Kope, MSc, oversees a team that develops and maintains a user acquisition tracking solution and a real-time metrics dashboard. He also provides actionable recommendations to the executive leadership of Big Blue Bubble – one of Canada’s largest independent mobile game development studios.

    Jason Hong

    Jason Hong, Associate Professor, School of Computer Science, Human-Computer Interaction Institute, Carnegie Mellon University

    Jason Hong is a member of the faculty at Carnegie Mellon’s School of Computer Science. His research focus lies at the intersection of human-computer interaction, privacy and security, and systems. He is a New America National Cyber Security Fellow (2015-2017) and is widely published in academic and industry journals.

    Tim Lalonde

    Tim Lalonde, Vice President, Mid-Range

    Tim Lalonde is the VP of Technical Operations at Mid-Range. He works with leading-edge companies to be more competitive and effective in their industries. He specializes in developing business roadmaps leveraging technology that create and support change from within — with a focus on business process re-engineering, architecture and design, business case development and problem-solving. With over 30 years of experience in IT, Tim’s guiding principle remains simple: See a problem, fix a problem.

    Jon Mavor

    Jon Mavor, Co-Founder and CTO, Envelop VR
    Jon Mavor is a programmer and entrepreneur, whose past work includes writing the graphics engine for the PC game Total Annihilation. As Chief Technology Officer of Envelop VR, a virtual reality start-up focused on software for the enterprise, Jon has overseen the launch of Envelop for Windows’s first public beta.

    Dan Pitt

    Dan Pitt, President, Palo Alto Innovation Advisors
    Dan Pitt is a network architect who has extensive experience in both the academy and industry. Over the course of his career, Dan has served as Executive Director of the Open Networking Foundation, Dean of Engineering at Santa Clara University, Vice President of Technology and Academic Partnerships at Nortel, Vice President of the Architecture Lab at Bay Networks, and, currently, as President of Palo Alto Innovation Advisors, where he advises and serves as an executive for technology start-ups in the Palo Alto area and around the world.

    Courtney Smith

    Courtney Smith, Co-Founder, Executive Creative Director
    PureMatter

    Courtney Smith is an accomplished creative strategist, storyteller, writer, and designer. Under her leadership, PureMatter has earned hundreds of creative awards and been featured in the PRINT International Design Annual. Courtney has juried over 30 creative competitions, including Creativity International. She is an invited member of the Academy of Interactive and Visual Arts.

    Emmanuel Tsekleves

    Emmanuel Tsekleves, Senior Lecturer in Design Interactions, University of Lancaster
    Dr. Emmanuel Tsekleves is a senior lecturer and writer based out of the United Kingdom. Emmanuel designs interactions between people, places, and products by forging creative design methods along with digital technology. His design-led research in the areas of health, ageing, well-being, and defence has generated public interest and attracted media attention by the national press, such as the Daily Mail, Daily Mirror, The Times, the Daily Mail, Discovery News, and several other international online media outlets.

    Bibliography

    Airini Ab Rahman. “Emerging Technologies with Emerging Effects; A Review”. Universiti Teknologi Malaysia. PERINTIS eJournal, June 2017. Web.

    Anthony, Scott. “Kodak’s Downfall Wasn’t About Technology.” Harvard Business Review, 15 July 2016. Web.

    ARM. The Intelligent Flexible Cloud. 26 Feb. 2015. Web.

    Association of Computing Machinery. Communications of the ACM, n.d. Web.

    Barnett, Thomas. “Three Mobile Trends to Watch.” Cisco Blogs, 3 Feb. 2015. Web.

    Batelle, John. “The 70 Percent Solution.” CNN, 1 Dec 2005. Web.

    Booz Allen Hamilton. Managing Technological Change: 7 Ways to Talk Tech with Management, n.d. Web.

    Brynjolfsson, Erik, and Andrew McAfee. The Second Machine Age: Work, Progress, and Prosperity in a Time of Brilliant Technologies. W. W. Norton, 2014. Print.

    Christensen, Clayton M. “What is Disruptive Innovation?” Harvard Business Review, Dec 2015. Web.

    Christensen, Clayton M. and James Euchner. “Managing Disruption: An Interview With Clayton Christensen.” Research-Technology Management, 22 Dec 2015. vol. 54, no. 1. Web.

    Christensen, Clayton M., Rory McDonald, and Elizabeth J. Altman. “Disruptive Innovation: An Intellectual History and Directions for Future Research”. Wiley Online Library. Web.

    Christensen, Clayton M., Taddy Hall, Karen Dillon, and David S. Duncan. “Know Your Customers’ Jobs to be Done.” Harvard Business Review, Sept. 2016. Web.

    Cisco. “Cisco Annual Internet Report.” n.d. Web.

    Cisco. Cisco Visual Networking Index: Forecast and Methodology, 2014-2019, 27 May 2015. Web.

    Clark, Steven. “Elon Musk hopes SpaceX will send humans to Mars in 2024.” Spaceflight Now, 2 June 2016. Web.

    Clarke, Angela. “A practical use of key success factors to improve the effectiveness of project management,” International Journal of Project Management, June 1999 (17): 139-145.

    Collins, Andrew L., Patrick Hester, Barry Ezell, and John Horst. “An improvement selection methodology for key performance indicators.” Environmental Systems and Decisions, June 2016, 36 (2): 196-208.

    Computer Sciences Corporation. CSC Global CIO Survey: 2014-2015: CIOs Emerge as Disruptive Innovators: An Annual Barometer of Global CIOs’ Plans, Priorities, Threats, and Opportunities, 2014. Web.

    Constine, John. “Voice is Chat’s Next Battleground.” TechCrunch, 19 Sept. 2016. Web.

    Cressman, Daryl. “Disruptive Innovation and the Idea of Technology”. Maastricht University, June 2019. Web.

    Crown Prosecution Service. A Guide to Process Mapping and Improvement. n.d. Web.

    Curran, Chris. “The CIO’s Role in the Internet of Things.” PwC, 13 Mar. 2014. Web.

    Darbha, Sheta, Mike Shevenell, and Jason Normandin. “Impact of Software-Defined Networking on Infrastructure Management.” CA Technology Exchange, 4.3, Nov. 2013, pp. 33-43. Web.

    Denecken, Sven. Conquering Disruption Through Digital Transformation: Technologies, Leadership Strategies, and Best Practices to Create Opportunities for Innovation. SAP, 2014. Web.

    DHL Trend Research and Cisco Consulting Services. Internet of Things in Logistics: A Collaborative Report by DHL and Cisco on Implications and Use Cases for the Logistics Industry, 2015. Web.

    Dirican, Cüneyt. “The Impacts of Robotics, Artificial Intelligence on Business and Economics.” Procedia: Social and Behavioral Sciences, vol. 195, 2015, pp. 564-573. Web.

    Edraw Visualization Solutions. Examples of Flowcharts, Org Charts and More. “Cross-Function Flowchart Examples – Service Flowchart.”

    Emerson. Data Center 2025: Exploring the Possibilities, 2014. Web.

    Ericsson. Next-Generation Data Center Infrastructure, Feb. 2015. Web.

    Eurotech. Connecting M2M Applications to the Cloud to Bolster Hardware Sales, 2014. Web.

    Evans Gary, Llewellyn. “Disruptive Technology and the Board: The Tip of the Iceberg”. Economics and Business Review, n.d. Web.

    Evans Gary, Llewellyn. “Disruptive Technology and the Board: The Tip of the Iceberg”. Economics and Business Review, n.d. Web.

    Gage, Deborah. “The Venture Capital Secret: 3 Out of 4 Start-Ups Fail.” Wall Street Journal, 20 Sept. 2012. Web.

    Garvin, David A. “Competing on the Eight Dimensions of Quality.” Harvard Business Review, November 1987. Web.

    Gibbs, Colin. Augmented Reality in the Enterprise: Opportunities and Challenges. Gigaom Research, 26 Jan. 2015. Web.

    Glushko, Robert J. and Tim McGrath. Document Engineering: Analyzing and Designing Documents for Business Informatics and Web Services. MIT Press, 2005.

    Hadfield, Tom. “Facebook’s Messenger Bot Store could be the most important launch since the App Store.” TechCrunch, 17 March 2016. Web.

    Healey, Nic. “Microsoft's mixed reality vision: 80 million devices by 2020.” CNET, 1 June 2016. Web.

    Hewlett-Packard. Go Beyond Cost Reduction: Use Robotic Process Automation, Oct. 2015. Web.

    Hewlett-Packard. HP Composable Infrastructure: Bridging Traditional IT with the New Style of Business, June 2015. Web.

    Hewlett-Packard. HP Labs, n.d. Web.

    Hong, Jason. “Inside the Great Wall.” Communications of the ACM, 25 May 2016. Web.

    IBM Institute for Value. Your Cognitive Future: How Next-Gen Computing Changes the Way We Live and Work, 2015. Web.

    IBM. A New Way to Work: Futurist Insights to 2025 and Beyond, Jan. 2015. Web.

    Infinity. The Evolution of the Data Centre [sic], 2015. Web.

    Intel Corporation. Intel Annual Report, 1997. Web.

    Isaac, Mike. “Facebook Bets on Bots for its Messenger App.” New York Times, 12 April 2016. Web.

    ISACA. COBIT 5: Enabling Processes. ISACA, 2012. Print.

    K-12 Blueprint. “Planning a Proof of Concept.” 2014. Web.

    Kaushik Rukmini, Meenakshi. “The Impact of Pandemic COVID -19 in Workplace.” European Journal of Business Management and Research, May 2020. Web.

    Knight, Will. “Conversational Interfaces Powerful speech technology from China’s leading Internet company makes it much easier to use a smartphone.” MIT Technology Review, n.d. Web.

    Kostoff, Ronald N., Robert Boylan, and Gene R. Simons. “Disruptive Technology Roadmaps.” Technological Forecasting and Social Change, 2004. Vol. 71. Web.

    Kurzweil, Ray. “The Accelerating Power of Technology.” TED, Feb. 2005. Web.

    Kurzweil, Ray. Kurzweil: Accelerating Intelligence, 2015. Web.

    MacFarquhar, Larissa. “When Giants Fall: What Business Has Learned From Clayton Christensen,” New Yorker, 14 May 2012. Web.

    McClintock, Cat. “2016: The Year for Augmented Reality in the Enterprise.” PTC, n.d. Web.

    McKinsey & Company. IT Growth and Global Change: A Conversation with Ray Kurzweil. 29 Feb. 2012, YouTube. Web.

    Messina, Chris. “2016 Will be the Year of Conversational Commerce.” Medium, 19 Jan 2016. Web.

    Microsoft. Microsoft Research, n.d. Web.

    Miller, Ron. “Forget the Apple Watch, Think Drones in the Enterprise.” TechCrunch, 10 Sep. 2015. Web.

    Nokia Networks. FutureWorks [sic]: Teaching Networks to be Self-Aware: Technology Vision 2020. 2014. Web.

    Nokia Networks. Internet of Things. n.d. Web.

    O’Reilly, Charles, and Andrew J. M. Binns, “The Three Stages of Disruptive Innovation: Idea Generation, Incubation, and Scaling”. Sage Journals, n.d. Web.

    Pew Research Center. AI, Robotics, and the Future of Jobs: Experts Envision Automation and Intelligent Digital Agents Permeating Vast Areas of Our Work and Personal Lives by 2025, but they are Divided on Whether these Advances will Displace More Jobs than they Create. Aug. 2014. Web.

    Ramiller, Neil. “Airline Magazine Syndrome: Reading a Myth of Mismanagement.” Information Technology & People, Sept 2001. Print.

    Raymond James & Associates. The Internet of Things: A Study in Hype, Reality, Disruption, and Growth. 2014. Web.

    Richter, Felix. “No Growth in Sight for Global PC Market.” Statista, 14 March 2016. Web.

    Roy, Mekhala. “4 Examples of Digital Transformation Success in Business”. TechTarget, n.d. Web.

    Simon Weinreich, “How to Manage Disruptive Innovation - a conceptional methodology for value-oriented portfolio planning,” Sciencedirect. 31st CIRP Design Conference 2021.

    Spice Works. The Devices are Coming! How the “Internet of Things” will affect IT… and why resistance is futile. May 2014. Web.

    Spradlin, Dwayne. “Are You Solving the Right Problem?” Harvard Business Review, Sept. 2012. Web.

    Statista. “Number of smartphones sold to end users worldwide from 2007 to 2015 (in million units).” N.d. Web.

    Statista. “Worldwide tablet shipments from 2nd quarter 2010 to 2nd quarter 2016 (in million units).” N.d. Web.

    Sven Schimpf, “Disruptive Field Study; How Companies Identify, Evaluate, Develop and Implement Disruptive Technologies.” Fraunhofer Group for Innovation Research, 2020. Web.

    Tsekleves, Emmanuel. “Science fiction as fact: how desires drive discoveries.” The Guardian. 13 Aug. 2015. Web.

    Tsekleves, Emmanuel. “Science fiction as fact: how desires drive discoveries.” The Guardian, 13 Aug. 2015. Web.

    United States Department of Transportation. “National Motor Vehicle Crash Causation Survey: Report to Congress.” National Highway Traffic Safety Administration, July 2008. Web.

    United States Department of Transportation. “National Motor Vehicle Crash Causation Survey: Report to Congress.” National Highway Traffic Safety Administration, July 2008. Web.

    University Alliance (Villanova U). Managing Scope Creep in Project Management. N.d. Web.

    Vavoula, Giasemi N., and Mike Sharples. “Future Technology Workshop: A Collaborative Method for the Design of New Learning Technologies and Activities.” International Journal of Computer Supported Collaborative Learning, Dec 2007. Vol. 2 no. 4. Web.

    Walraven Pieter. “It’s Operating Systems Vs. Messaging Apps In The Battle For Tech’s Next Frontier.” TechCrunch, 11 Aug 2015. Web.

    Webb, Amy. “The Tech Trends You Can’t Ignore in 2015.” Harvard Business Review, 5 Jan. 2015. Web.

    Wenger, Albert. “The Great Bot Rush of 2015-16.” Continuations, 16 Dec 2015. Web.

    White, Chris. “IoT Tipping Point Propels Digital Experience Era.” Cisco Blogs, 12 Nov. 2014. Web.

    World Economic Forum and Accenture. Industrial Internet of Things: Unleashing the Potential of Connected Products and Services. 2015. Web.

    Yu Dan and Hang Chang Chieh, "A reflective review of disruptive innovation theory," PICMET '08 - 2008 Portland International Conference on Management of Engineering & Technology, 2008, pp. 402-414, doi: 10.1109/PICMET.2008.4599648.

    Automate Work Faster and More Easily With Robotic Process Automation

    • Buy Link or Shortcode: {j2store}237|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Optimization
    • Parent Category Link: /optimization
    • Your organization has many business processes that rely on repetitive, routine manual data collection and processing work, and there is high stakeholder interest in automating them.
    • You’re investigating whether robotic process automation (RPA) is a suitable technological enabler for automating such processes.
    • Being a trending technology, especially with its association with artificial intelligence (AI), there is much marketing fluff, hype, and misunderstanding about RPA.
    • Estimating the potential impact of RPA on business is difficult, as the relevant industry statistics often conflict each other and you aren’t sure how applicable it is to your business.

    Our Advice

    Critical Insight

    • There are no physical robots in RPA. RPA is about software “bots” that interact with applications as if they were human users to perform routine, repetitive work in your place. It’s for any business in any industry, not just for manufacturing.
    • RPA is lightweight IT; it reduces the cost of entry, maintenance, and teardown of automation as well as the technological requirement of resources that maintain it, as it complements existing automation solutions in your toolkit.
    • RPA is rules-based. While AI promises to relax the rigidity of rules, it adds business risks that are poorly understood by both businesses and subject-matter experts. Rules-based “RPA 1.0” is mature and may pose a stronger business case than AI-enabled RPA.
    • RPA’s sweet spot is “swivel chair automation”: processes that require human workers to act as a conduit between several systems, moving between applications, manually keying, re-keying, copying, and pasting information. A bot can take their place.

    Impact and Result

    • Discover RPA and how it differentiates from other automation solutions.
    • Understand the benefits and risks of complementing RPA with AI.
    • Identify existing business processes best suited for automation with RPA.
    • Communicate RPA’s potential business benefits to stakeholders.

    Automate Work Faster and More Easily With Robotic Process Automation Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should use RPA to automate routine, repetitive data collection and processing work, review Info-Tech’s methodology, and understand the ways we can support you.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Discover robotic process automation

    Learn about RPA, including how it compares to IT-led automation rooted in business process management practices and the role of AI.

    • Automate Work Faster and More Easily With Robotic Process Automation – Phase 1: Discover Robotic Process Automation
    • Robotic Process Automation Communication Template

    2. Identify processes best suited for robotic process automation

    Identify and prioritize candidate processes for RPA.

    • Automate Work Faster and More Easily With Robotic Process Automation – Phase 2: Identify Processes Best Suited for Robotic Process Automation
    • Process Evaluation Tool for Robotic Process Automation
    • Minimum Viable Business Case Document
    [infographic]

    Build Your First RPA Bot

    • Buy Link or Shortcode: {j2store}238|cart{/j2store}
    • member rating overall impact (scale of 10): 9.4/10 Overall Impact
    • member rating average dollars saved: $53,126 Average $ Saved
    • member rating average days saved: 24 Average Days Saved
    • Parent Category Name: Optimization
    • Parent Category Link: /optimization
    • Your organization has many business processes that rely on manual, routine, and repetitive data collection and processing work. These processes need to be automated to meet strategic priorities.
    • Your stakeholders decided to invest in robotic process automation (RPA). They are ready to begin the planning and delivery of their first RPA bot.
    • However, your organization lacks the critical foundations involved in successful RPA delivery, such as analysis of the suitability of candidate processes, business and IT collaboration, and product ownership.

    Our Advice

    Critical Insight

    • Manage your business and IT debt before you adopt RPA. RPA doubles down on your process inefficiencies, lack of operations and architectural standardization, and unenforced quality standards. RPA solutions will be fragile and prone to failure if debt is not managed.
    • Adopt BizDevOps. RPA will not be successful if your lines-of-business (LOBs) and IT are not working together. IT must empathize with how LOBs operate and proactively support the underlying operational systems. LOBs must be accountable for all products leveraging RPA and be able to rationalize RPA’s technical feasibility.
    • Start with RPA 1.0. Don’t get caught up in the AI and machine learning (RPA 2.0) hype. Evaluate the acceptance and value of RPA 1.0 to establish a sustainable and collaborative foundation for its delivery and management. Then use the lessons learned to prepare for future RPA 2.0 adoption. In many cases, RPA 1.0 is good enough.

    Impact and Result

    • Establish the right expectations. Gain a grounded understanding of RPA value and limitations in your context. Discuss current IT and business operations challenges to determine if they will impact RPA success.
    • Build your RPA governance. Clarify the roles, processes, and tools needed to support RPA delivery and management through IT and business collaboration.
    • Evaluate the fit of RPA. Obtain a thorough view of the business and technical complexities of your candidate processes. Indicate where and how RPA is expected to generate the most return.

    Build Your First RPA Bot Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how you should build your first RPA bot, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define your RPA governance

    Set the expectations of your first RPA bot. Define the guiding principles, ethics, and delivery capabilities that will govern RPA delivery and support.

    • Build Your First RPA Bot – Phase 1: Define Your RPA Governance

    2. Deliver and manage your bots

    Validate the fit of your candidate business processes for RPA and ensure the support of your operational system. Shortlist the features of your desired RPA vendor. Modernize your delivery process to accommodate RPA.

    • Build Your First RPA Bot – Phase 2: Deliver and Manage Your Bots

    3. Roadmap your RPA adoption

    Build a roadmap of initiatives to implement your first bot and build the foundations of your RPA practice.

    • Build Your First RPA Bot – Phase 3: Roadmap Your RPA Adoption
    [infographic]

    Workshop: Build Your First RPA Bot

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Your RPA Governance

    The Purpose

    State the success criteria of your RPA adoption through defined objectives and metrics.

    Define your RPA guiding principles and ethics.

    Build the RPA capabilities that will support the delivery and management of your bots.

    Key Benefits Achieved

    Grounded stakeholder expectations

    RPA guiding principles

    RPA capabilities and the key roles to support RPA delivery and management

    Activities

    1.1 State Your RPA Objectives.

    1.2 Define Your RPA Principles

    1.3 Develop Your RPA Capabilities

    Outputs

    RPA objectives and metrics

    RPA guiding principles and ethics

    RPA and product ownership, RPA capabilities, RPA role definitions

    2 Deliver and Manage Your Bots

    The Purpose

    Evaluate the fit of your candidate business processes for automation.

    Define the operational platform to support your RPA solution.

    Shortlist the desired RPA vendor features.

    Optimize your product delivery process to support RPA.

    Key Benefits Achieved

    Verifies the decision to implement RPA for the candidate business process

    The system changes and modifications needed to support RPA

    Prioritized list of RPA vendor features

    Target state RPA delivery process

    Activities

    2.1 Prepare Your RPA Platform

    2.2 Select Your RPA Vendor

    2.3 Deliver and Manage Your Bots

    Outputs

    Assessment of candidate business processes and supporting operational platform

    List of desired RPA vendor features

    Optimized delivery process

    3 Roadmap Your RPA Adoption

    The Purpose

    Build your roadmap to implement your first RPA bot and build the foundations of your RPA practice.

    Key Benefits Achieved

    Implementation initiatives

    RPA adoption roadmap

    Activities

    3.1 Roadmap Your RPA Adoption

    Outputs

    RPA adoption roadmap

    Define a Release Management Process to Deliver Lasting Value

    • Buy Link or Shortcode: {j2store}158|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $12,999 Average $ Saved
    • member rating average days saved: 10 Average Days Saved
    • Parent Category Name: Development
    • Parent Category Link: /development
    • Your software platforms are a key enabler of your brand. When there are issues releasing, this brand suffers. Client confidence and satisfaction erode.
    • Your organization has invested significant capital in creating a culture product ownership, Agile, and DevOps. Yet the benefits from these investments are not yet fully realized.
    • Customers have more choices than ever when it comes to products and services. They require features and capabilities delivered quickly, consistently, and of sufficient quality otherwise they will look elsewhere.

    Our Advice

    Critical Insight

    • Eliminate the need for dedicating time for off-hour or weekend release activities. Use a release management framework for optimizing release-related tasks, making them predictable and of high quality.

    Impact and Result

    • Develop a release management framework that efficiently and effectively orchestrates the different functions supporting a software’s release.
    • Use the release management framework and turn release-related activities into non-events.
    • Use principles of continuous delivery for converting your release processes from an overarching concern to a feature of a high-performing software practice.

    Define a Release Management Process to Deliver Lasting Value Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define a Release Management Process to Deliver Lasting Value Deck – A step-by-step document that walks you through how to develop and implement a release management framework that takes advantage of continuous delivery.

    This presentation documents the Info-Tech approach to defining your application release management framework.

    • Define a Release Management Process to Deliver Lasting Value – Phases 1-4

    2. Define a Release Management Process to Deliver Lasting Value Template – Use this template to help you define, detail, and make a reality your strategy in support of your application release management framework.

    The template gives the user a guide to the development of their application release management framework.

    • Define a Release Management Process to Deliver Lasting Value Template

    3. Define a Release Management Process to Deliver Lasting Value Workbook – This workbook documents the results of the exercises contained in the blueprint and offers the user a guide to development of their release management framework.

    This workbook is designed to capture the results of your exercises from the Define a Release Management Process to Deliver Lasting Value blueprint.

    • Define a Release Management Process to Deliver Lasting Value Workbook
    [infographic]

    Workshop: Define a Release Management Process to Deliver Lasting Value

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define the Current Situation

    The Purpose

    Document the existing release management process and current pain points and use this to define the future-state framework.

    Key Benefits Achieved

    Gain an understanding of the current process to confirm potential areas of opportunity.

    Understand current pain points so that we can build resolution into the new process.

    Activities

    1.1 Identify current pain points with your release management process. If appropriate, rank them in order of most to least disruptive.

    1.2 Use the statement of quality and current pain points (in addition to other considerations) and outline the guiding principles for your application release management framework.

    1.3 Brainstorm a set of metrics that will be used to assess the success of your aspired-to application release management framework.

    Outputs

    Understanding of pain points, their root causes, and ranking.

    Built guiding principles for application release management framework.

    Created set of metrics to measure the effectiveness of the application release management framework.

    2 Define Standard Release Criteria

    The Purpose

    Build sample release criteria, release contents, and standards for how it will be integrated in production.

    Key Benefits Achieved

    Define a map to what success will look like once a new process is defined.

    Develop standards that the new process must meet to ensure benefits are realized.

    Activities

    2.1 Using an example of a product known to the team, list its criteria for release.

    2.2 Using an example of a product known to the team, develop a list of features and tasks that are directly and indirectly important for either a real or hypothetical upcoming release.

    2.3 Using an example of product known to the team, map out the process for its integration into the release-approved code in production. For each step in the process, think about how it satisfies guiding principles, releasability and principles of continuous anything.

    Outputs

    Completed Workbook example highlighting releasability.

    Completed Workbook example defining and detailing feature and task selection.

    Completed Workbook example defining and detailing the integration step.

    3 Define Acceptance and Deployment Standards

    The Purpose

    Define criteria for the critical acceptance and deployment phases of the release.

    Key Benefits Achieved

    Ensure that releases will meet or exceed expectations and meet user quality standards.

    Ensure release standards for no / low risk deployments are recognized and implemented.

    Activities

    3.1 Using an example of product known to the team, map out the process for its acceptance. For each step in the process, think about how it satisfies guiding principles, releasability and principles of continuous anything.

    3.2 Using an example of product known to the team, map out the process for its deployment. For each step in the process, think about how it satisfies guiding principles, releasability and principles of continuous anything.

    Outputs

    Completed Workbook example defining and detailing the acceptance step.

    Completed Workbook example defining and detailing the deployment step.

    4 Implement the Strategy

    The Purpose

    Define your future application release management process and the plan to make the required changes to implement.

    Key Benefits Achieved

    Build a repeatable process that meets the standards defined in phases 2 and 3.

    Ensure the pain points defined in Phase 1 are resolved.

    Show how the new process will be implemented.

    Activities

    4.1 Develop a plan and roadmap to enhance the integration, acceptance, and deployment processes.

    Outputs

    List of initiatives to reach the target state

    Application release management implementation roadmap

    Further reading

    Define a Release Management Process for Your Applications to Deliver Lasting Value

    Use your releases to drive business value and enhance the benefits delivered by your move to Agile.

    Analyst Perspective

    Improving your release management strategy and practices is a key step to fully unlock the value of your portfolio.

    As firms invest in modern delivery practices based around product ownership, Agile, and DevOps, organizations assume that’s all that is necessary to consistently deliver value. As organizations continue to release, they continue to see challenges delivering applications of sufficient and consistent quality.

    Delivering value doesn’t only require good vision, requirements, and technology. It requires a consistent and reliable approach to releasing and delivering products and services to your customer. Reaching this goal requires the definition of standards and criteria to govern release readiness, testing, and deployment.

    This will ensure that when you deploy a release it meets the high standards expected by your clients and delivers the value you have intended.

    Dr. Suneel Ghei

    Principal Research Director, Application Development

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • Your software platforms are a key enabler of your brand. When there are issues releasing, the brand suffers. Client confidence and satisfaction erode.
    • Your organization has invested significant capital in creating a culture of product ownership, Agile, and DevOps. Yet the benefits from these investments are not yet fully realized.
    • Customers have more choices than ever when it comes to products and services. They require features and capabilities delivered quickly, consistently, and of sufficient quality, otherwise they will look elsewhere.

    Common Obstacles

    • Development teams are moving faster but then face delays waiting for testing and deployment due to a lack of defined release cycle and process.
    • Individual stages in your software development life cycle (SDLC), such as code collaboration, testing, and deployment, have become leaner, but the overall complexity has increased since many products and services are composed of many applications, platforms, and processes.
    • The specifics of releasing products is (wrongly) classified as a technical concern and not a business concern, hindering the ability to prioritize improved release practices.

    Info-Tech's Approach

    • Develop a release management framework that efficiently and effectively orchestrates the different functions supporting a software’s release.
    • Use the release management framework and turn release-related activities into non-events.
    • Use principles of continuous delivery for converting your release processes from an overarching concern to a feature of a high-performing software practice.

    Executive Summary

    Info-Tech Insights

    Turn release-related activities into non-events.

    Eliminate the need for dedicating time for off-hour or weekend release activities. Use a release management framework for optimizing release-related tasks, making them predictable and of high quality.

    Release management is NOT a part of the software delivery life cycle.

    The release cycle runs parallel to the software delivery life cycle but is not tightly coupled with it. The act of releasing begins at the point requirements are confirmed and ends when user satisfaction is measurable. In contrast, the software delivery life cycle is focused on activities such as building, architecting, and testing.

    All releases are NOT created equal.

    Barring standard guiding principles, each release may have specific nuances that need to be considered as part of release planning.

    Your release management journey

    1. Optimize Applications Release Management - Set a baseline release management process and organization.
    2. Modernize Your SDLC - Move your organization to Agile and increase throughput to feed releases.
    3. Deliver on Your Digital Product Vision - Understand the practices that go into delivering products, including articulating your release plans.
    4. Automate Testing to Get More Done - Create the ability to do more testing quickly and ensure test coverage.
    5. Implement DevOps Practices That Work - Build in tools and techniques necessary for release deployment automation.
    6. Define a Release Management Process to Deliver Lasting Value (We Are Here)

    Define a Release Management Process for Your Applications to Deliver Lasting Value

    Use your releases to drive business value and enhance the benefits delivered by your move to Agile.

    Executive Brief

    Your software delivery teams are expected to deliver value to stakeholders in a timely manner and with high quality

    Software delivery teams must enable the organization to react to market needs and competitive changes to improve the business’ bottom line. Otherwise, the business will question the team’s competencies.

    The business is constantly looking for innovative ways to do their jobs better and they need support from your technical teams.

    The increased stress from the business is widening the inefficiencies that already exist in application release management, risking poor product quality and delayed releases.

    Being detached from the release process, business stakeholders do not fully understand the complexities and challenges of completing a release, which complicates the team’s communication with them when issues occur.

    IT Stakeholders Are Also Not Satisfied With Their Own Throughput

    • Only 29% of IT employees find application development throughput highly effective.
    • Only 9% of organizations were classified as having highly effective application development throughput.
    • Application development throughput ranked 37th out of 45 core IT processes in terms of effectiveness.

    (Info-Tech’s Management and Governance Diagnostic, N=3,930)

    Your teams, however, struggle with core release issues, resulting in delayed delivery (and disappointed stakeholders)

    Implementing tools on top of an inefficient pipeline can significantly magnify the existing release issues. This can lead to missed deadlines, poor product quality, and business distrust with software delivery teams.

    COMMON RELEASE ISSUES

    1. Local Thinking: Release decisions and changes are made and approved without consideration of the holistic system, process, and organization.
    2. No Release Cadence: Lack of process governance and oversight generates unpredictable bottlenecks and load and ill-prepared downstream teams.
    3. Mismanagement of Releases: Program management does not accommodate the various integrated releases completed by multiple delivery teams.
    4. Poor Scope Management: Teams are struggling to effectively accommodate changes during the project.

    The bottom line: The business’ ability to operate is dictated by the software delivery team’s ability to successfully complete releases. If the team performs poorly, then the business will do poorly as well. Application release management is critical to ensure business expectations are within the team’s constraints.

    As software becomes more embedded in the business, firms are discovering that the velocity of business change is now limited by how quickly they can deploy.” – Five Ways To Streamline Release Management, J.S. Hammond

    Historically, managing releases has been difficult and complicated…

    Typically, application release management has been hard to coordinate because…

    • Software has multiple dependencies and coordinating their inclusion into a deployable whole was not planned.
    • Teams many be spending too much time on features that are not needed any longer.
    • Software development functions (such as application architecture, test-first or test-driven design, source code integration, and functional testing) are not optimized.
    • There are no agreed upon service-level contracts (e.g. expected details in requirements, adequate testing, source control strategy) between development functions.
    • The different development functions are not integrated in a holistic style.
    • The different deployment environments have variability in their configuration, reducing the reliability of testing done in different environments.
    • Minimum thresholds for acceptable quality of development functions are either too low (leading to adverse outcomes down stream) or too high (leading to unnecessary delays).

    …but research shows being effective at application release management increases your throughput

    Research conducted on Info-Tech's members shows overwhelming evidence that application throughput is strongly tied to an effective application release management approach.

    The image shows a scatter plot, with Release Management Effectiveness on the x-axis and Application Development Throughput Effectiveness on the Y-axis. The graph shows a steady increase.

    (Info-Tech Management & Governance Diagnostic, since 2019; N=684 organizations)

    An application release management framework is critical for effective and timely delivery of software

    A well-developed application release management framework is transformative and changes...

    From To
    Short-lived projects Ongoing enhancements supporting a product strategy
    Aiming for mandated targets Flexible roadmaps
    Manual execution of release processes Automating a release pipeline as much as possible and reasonable
    Manual quality assurance Automated assessment of quality
    Centralized decision making Small, independent release teams, orchestrated through an optimized value stream

    Info-Tech Insight: Your application release management framework should turn a system release into a non-event. This is only possible through the development of a holistic, low-risk and standardized approach to releasing software, irrespective of their size or complexity.

    Robust continuous “anything” requires proficiency in five core practices

    A continuous anything evaluation should not be a “one-and-done” event. As part of ongoing improvements, keep evolving it to make it a fundamental component of a strong operational strategy.

    Continuous Anything

    • Automate where appropriate
      • Automation is not a silver bullet. All processes are not created equal; and therefore, some are not worthy of being automated.
    • Control system variables
      • Deploying and testing in environments that are apple to apple in comparison reduces the risk of unintended outcomes from production release.
    • Measure process outcomes
      • A process not open to being measured is a process bound to fail. If it can be measured, it should be, and insights found should be used for improving the system.
    • Select smaller features batches
      • Smaller release packages reduce the chances of cognitive load associated with finding root causes for defects and issues that may result as post-production incidents.
    • Reduction of cycle time
      • Identification of waste in each stage of the continuous anything process helps in lowering cost of operations and results in quicker generation of value for stakeholders.

    Invest time in developing an application release management framework for your development team(s) with a continuous anything mindset

    An application release management framework converts a set of features and make them ready for releasability in a low-risk, standardized, and high-quality process.

    The image shows a diagram titled Application Release Engineering From Idea to Product, which illustrates the process.

    A continuous anything (integration, delivery, and deployment) mindset is based on a growth and improvement philosophy, where every event is considered a valid data point for investigation of process efficiency.

    Diagram adapted from Continuous Delivery in the Wild, Pete Hodgson, Published by O'Reilly Media, Inc., 2020

    Related Info-Tech Research

    Streamline Application Maintenance

    • Justify the necessity of streamlined maintenance. Gain a grounded understanding of stakeholder objectives and concerns and validate their achievability against the current state of the people, process, and technologies involved in application maintenance.
    • Strengthen triaging and prioritization practices. Obtain a holistic picture of the business and technical impacts, risks, and urgencies of each accepted maintenance request to justify its prioritization and relevance within your backlog. Identify opportunities to bundle requests together or integrate them within project commitments to ensure completion.
    • Establish and govern a repeatable process. Develop a maintenance process with well-defined stage gates, quality controls, and roles and responsibilities, and instill development best practices to improve the success of delivery.

    “Releasability” (or release criteria) of a system depends upon the inclusion of necessary building blocks and proof that they were worked on

    There is no standard definition of a system’s releasability. However, there are common themes around completions or assessments that should be investigated as part of a release:

    • The range of performance, technical, or compliance standards that need to be assessed.
    • The full range of test types required for business approval: unit tests, acceptance tests, security test, data migration tests, etc.
    • The volume-criticality mix of defects the organization is willing to accept as a risk.
    • The best source and version control strategy for the development team. This is mostly a function of the team's skill with using release branches and coordinating their work artifacts.
    • The addition of monitoring points and measures required for evaluations and impact analysis.
    • The documentation required for audit and compliance.
    • External and internal dependencies and integrations.
    • Validations, approvals, and sign-offs required as part of the business’ operating procedure.
    • Processes that are currently carried out outside and should be moved into the pipeline.
    • Manual processes that may be automated.
    • Any waste activities that do not directly contribute to releasability that can be eliminated from the development process.
    • Knowledge the team has regarding challenges and successes with similar software releases in the past.

    Releasability of a system is different than governing principles for application release management

    Governing principles are fundamental ways of doing something, which in this case is application release management, while releasability will generally have governing principles in addition to specific needs for a successful release.

    Example of Governing Principles

    • Approval from Senior Director is necessary before releasing to production
    • Production deployments can only be done in off-hours
    • We will try to automate processes whenever it is possible for us to do so
    • We will use a collaborative set of metrics to measure our processes

    Examples of Releasability Criteria

    • For the upcoming release, add performance testing for Finance and Budget Teams’ APIs
    • Audit and compliance documentation is required for this release
    • Automation of manual deployment
    • Use trunk-based source code management instead of feature-based

    Regulated industries are not more stable despite being less nimble

    A pervasive myth in industry revolves around the misperception that continuous anything and nimble and non-event application release management is not possible in large bureaucratic and regulated organizations because they are risk-averse.

    "We found that external approvals were negatively correlated with lead-time, deployment frequency and restore time, and had no correlation with change failure rate. In short, approval by an external body (such as a manager or Change Approval Board) simply doesn’t work to increase the stability of production systems…However, it certainly slows things down. It is in fact worse than having no change approval process at all." – Accelerate by Gene Kim, Jez Humble, and Nicole Forsgren

    Many organizations reduce risk in their product release by adopting a paternalistic stance by:

    • Requiring manual sign-offs from senior personnel who are external to the organization.
    • Increasing the number and level of authorization gates.
    • Staying away from change and preferring to stick with what has worked in the past.

    Despite the prevalence of these types of responses to risk, the evidence is that they do not work and are in fact counter-productive because they:

    • Create blocks to frequent releases.
    • Introduce procedural complexity to each release and in effect make them “bigger.”
    • Prefer process over people (and trusting them). Increase non-value-add scrutiny and reporting.

    There is a persistent misunderstanding about continuous anything being only an IT engineering practice

    01

    At the enterprise level, continuous anything focuses on:

    • Visibility of final value being provided in a high-quality and expedited manner
    • Ensuring efficiency in the organization’s delivery framework
    • Ensuring adherence to established governance and risk mitigation strategy

    02

    Focus of this blueprint

    At the product level, continuous anything focuses on:

    • Reliability of the product delivery system
    • Use of scientific evidence for continuous improvement of the product’s delivery system
    • Orchestration of different artifacts into a single whole

    03

    At the functional level, continuous anything focuses on*:

    • Local functional optimization (functions = software engineering, testing, application design)
    • Automation of local functions
    • Use of patterns for standardizing inputs and functional areas

    *Where necessary, practices at this level have been mentioned.

    Related Info-Tech Research

    Implement DevOps Practices That Work

    • Be DevOps, rather than do DevOps. DevOps is a philosophy, not an industry framework. Your organization’s culture must shift toward system-wide thinking, cross-function collaboration, and empathy.
    • Culture, learning, automation, integrated teams, and metrics and governance (CLAIM) are all critical components of effective DevOps.

    Automate Testing to Get More Done

    • Optimize and automate SDLC stages to recover team capacity. Recognize that automation without optimization is a recipe for long-term pain. Do it right the first time.
    • Optimization and automation are not one-hit wonders. Technical debt is a part of software systems and never goes away. The only remedy is constant vigilance and enhancements to the processes.

    The seeds of a good release are sown even before work on it begins

    Pre-release practices such as requirements intake and product backlog management are important because:

    • A standard process for documentation of features and requirements helps reduce “cognitive dissonance” between business and technology teams. Clearly articulated and well-understood business needs are fundamental ingredients of a high-quality product.
    • Product backlog management done right ensures the prioritized delivery of value to stakeholders. Features can become stale or get a bump in importance, depending upon evolving circumstances. Prioritizing the backlog is, therefore, critical for ensuring time, effort, and budget are spent on things that matter.

    Equip Managers to Effectively Manage Virtual Teams

    • Buy Link or Shortcode: {j2store}600|cart{/j2store}
    • member rating overall impact (scale of 10): 9.7/10 Overall Impact
    • member rating average dollars saved: $20,240 Average $ Saved
    • member rating average days saved: 4 Average Days Saved
    • Parent Category Name: Manage & Coach
    • Parent Category Link: /manage-coach
    • Virtual team members must rely upon collaboration technology to communicate and collaborate.
    • Management practices and approaches that work face to face do not always translate effectively in virtual contexts.
    • Managers cannot rely upon spontaneous social interactions that happen organically when people are colocated to build meaningful and trusting relationships. Space and time need to be created in a virtual environment for this to happen.
    • Observing an employee’s performance or development can be more difficult, and relying on others’ feedback becomes more critical for managing performance and development.

    Our Advice

    Critical Insight

    • Managing virtual teams does not require developing new manager competencies. Instead, managers need to “dial up” competencies they already have and adjust their approaches.
    • Setting clear expectations with virtual teams creates the foundation needed to manage them effectively.
    • Virtual employees crave more meaningful interactions about performance and development with their managers.

    Impact and Result

    • Create a solid foundation for managing virtual teams by setting clear expectations and taking a more planful approach to managing performance and employee development.
    • Dial up key management competencies that you already have. Managers do not need to develop new competencies; they just need to adjust and refocus their approaches.

    Equip Managers to Effectively Manage Virtual Teams Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Equip managers to effectively manage virtual teams

    Equip managers to become more effective with managing remote teams.

    The workbook serves as a reference guide participants will use to support formal training.

    • Training Deck: Equip Managers to Effectively Manage Virtual Teams
    • Workbook: Equip Managers to Effectively Manage Virtual Teams
    • Standard Participant Training Session Evaluation Template

    2. Additional Resources

    Many organizations are developing plans to allow employees more flexible work options, including remote work. Use these resources to help managers and employees make the most of remote work arrangements.

    • Work-From-Home Tips for Managers
    • Work-From-Home Tips for Employees
    • Health & Safety at Home Infographic
    • Wellness and Working From Home
    • Ergonomic Workspaces Infographic
    [infographic]

    Further reading

    Equip Managers to Effectively Manage Virtual Teams

    Learning objectives

    Describe the benefits of virtual teams.

    Create a plan for adopting effective management practices and setting clear expectations with virtual teams.

    Identify potential solutions to the challenges of managing performance and developing members of virtual teams.

    Create an action plan to increase effectiveness in managing virtual teams.

    Target audience

    People managers who manage or plan to manage virtual teams.

    Training length

    Two three-hour sessions

    Training material

    • Use the speaker’s notes in the notes pane section of each slide to plan and practice the training session.
    • Activity slides are scattered throughout this training deck and are clearly numbered in the slide title.
    • Notes in italics are written to the facilitator and are not meant to be read aloud.
    • Download the Workbook for participants to use.

    Suggested materials for activities:

    • Index cards or sticky notes
    • Markers
    • Whiteboard/large table space/flip chart

    Agenda & activities

    Section 1

    Section 2

    10 min

    Welcome: Overview & Introductions

    • Introductions
    10 min

    Welcome: Overview & Introductions

    • Session 1 Review
    • Session 2 Overview
    50 min

    1.1 Introduction to virtual teams

    • What kind of virtual team do you lead?
    • Virtual team benefits and challenges
    55 min

    2.1 Managing wellbeing in a virtual team context

    • Share current practices and challenges regarding wellbeing in virtual teams
    • Identify and discuss proposed solutions
    • Develop draft action plan for managing wellbeing in a virtual team context
    5 min

    Break

    5 min Break
    45 min

    1.2 Laying the foundation for a virtual team

    • Identify behaviors to better inform, interact with, and involve team members
    60 min

    2.2 Managing performance in a virtual team context

    • Share current performance management practices for virtual teams
    • Identify challenges of current practices and propose solutions
    • Develop draft action plan for managing performance in a virtual team context
    10 min

    Break

    10 min Break
    55 min

    1.2 Laying the foundation for a virtual team

    • Identify and share ways you prefer to communicate for different activities
    • Develop draft action plan for laying the foundation for a virtual team
    40 min

    Action planning & conclusion

    • Refine consolidated action plan (three parts) and commit to implementing it
    • Key takeaways
    5 min

    Session 1 Wrap-Up

    Recommended Customization

    Review all slides and adjust the language or content as needed to suit your organizational context and culture.

    The pencil icon to the left denotes slides requiring customization of the slide and/or the speaker’s notes, e.g. adding in an organization-specific process.

    Customization instructions are found in the notes pane.

    Tips

    • Adjust the speaker’s notes on the slides before (or after) any slides you modify or delete to ensure logical transitions between slides.
    • Update the agenda to reflect new timings if major modifications are made.
    • Even seasoned leaders need to be reminded of the basics now and again. Rather than delete more basic slides, cut back on the amount of time spent covering them and frame the content as a refresher.
    • Participant Workbooks
    • Relevant organization-specific documents (see side panel)
    • Training Session Feedback Form

    Required Information

    • Communication guidelines for managers (e.g. cadence of manager interactions)
    • Performance management process and guidelines
    • Employee development guidelines
    • List of available resources (e.g. social collaboration tools)

    Effectively Manage Virtual Teams

    Section 1.1

    Practical foundations for managing teams in a remote environment

    Feasibility of virtual IT teams

    Most organizations are planning some combination of remote and onsite work in 2022.

    This is an image of a bar graph demonstrating the percentage of companies who have the following plans for return to work: Full work-from-home (All employees WFH permanently) - 4% ; No work-from-home permitted	9% ; Partial work-from-home team (Eligible employees can WFH for a certain portion of their work week)	23% ; Balanced work-from-home team (All employees can WFH for a certain portion of their work week)	28% ; Hybrid work-from-home team (Eligible employees WFH on a full-time basis)	37%

    Source: IT Talent Trends, 2022; n=199

    Speaker’s Notes:

    Most organizations are planning some combination of remote and onsite work in 2022 – the highest reported plans for WFH were hybrid, balanced, and partial work-from-home. This builds on our findings in the IT Talent Trends 2022 report.

    Feasibility of virtual IT teams

    What percentage of roles in IT are capable of being performed remotely permanently?

    Approximately what percentage of roles in IT are capable of being performed remotely permanently?

    0% to less than 10%: 3%; 10% to less than 25%: 5%; 25% to less than 50%: 12%; 50% to less than 75%: 30%; 75% to 100%L 50%.

    IT Talent Trends, 2022; n=207

    Speaker’s Notes:

    80% of respondents estimated that 50 to 100% of IT roles can be performed remotely.

    Virtual teams take all kinds of forms

    A virtual team is any team that has members that are not colocated and relies on technology for communications.

    This image depicts the three levels of virtual teams, Municipal; National; Global.

    Speaker’s Notes:

    Before we start, it will be useful to review what we mean by the term “virtual team.” For our purposes we will be defining a virtual team as any team that has members that are not colocated and relies on technology for communications.

    There are a wide variety of virtual work arrangements and a variety of terms used to describe them. For example, some common terms include:

    • “Flexible work arrangements”: Employees have the option to work where they see fit (within certain constraints). They may choose to work from the office, home, a shared office space, the road, etc.
    • “Remote work,” “work from home,” and “telecommuting”: These are just various ways of describing how or where people are working virtually. They all share the idea that these kinds of employees are not colocated.
    • “Multi-office team”: the team members all work in office environments, but they may not always be in the same office as their team members or manager.

    Our definition of virtual work covers all of these terms. It is also distance neutral, meaning that it applies equally to teams that are dispersed globally or regionally or even those working in the same cities but dispersed throughout different buildings. Our definition also applies whether virtual employees work full time or part time.

    The challenges facing managers arise as soon as some team members are not colocated and have to rely on technology to communicate and coordinate work. Greater distances between employees can complicate challenges (e.g. time zone coordination), but the core challenges of managing virtual teams are the same whether those workers are merely located in different buildings in the same city or in different buildings on different continents.

    1.1 What kind of virtual team do you lead?

    15 Minutes

    Working on your own, take five minutes to figure out what kind of virtual team you lead.

    1. How many people on your team work virtually (all, most, or a small percentage)?
    2. How often and how regularly do they tend to work virtually (full time, part time regularly, or part time as needed)?
    3. What kinds of virtual work arrangements are there on your team (multi-site, work from home, mobile employees)?
    4. Where do your workers tend to be physically located (different offices but in the same city/region or globally dispersed)?
    5. Record this information in your workbook.
    6. Discuss as a group.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Size of virtual team
    • Current remote work practices

    Output

    • Documented list of current state of remote work

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Advantages

    Benefits to the organization

    Benefits to employees

    Operational continuity in disaster situations that prevent employees from coming into the office.

    Cost savings: Employees who WFH half the time can save $2,500 to $4,000 per year (Global Workplace Analytics, 2021).

    Cost savings: Organizations save ~$11,000 annually per employee working from home half the time (Global Workplace Analytics, 2021).

    Time savings: Employees who WFH half the time save on average 11 workdays per year (Global Workplace Analytics, 2021).

    Increased attraction: 71% of employees would likely choose one employer over another based on WFH offerings (Owl Labs, 2021).

    Improved wellbeing:

    83% employees agree that WFH would make them happier.

    80% agree that WFH would decrease their stress.

    81% agree that WFH would improve their ability to manage their work-life balance.

    (Owl Labs, 2021)

    Increased retention: 74% of employees would be less likely to leave their employer if they could WFH (Owl Labs, 2021).

    Increased flexibility: 32% of employees rated the “ability to have a flexible schedule” as the biggest benefit of WFH (OWL Labs, 2021).

    Increased productivity: 50% of employees report they would maintain or increase their productivity while working from home (Glassdoor Team, 2020).

    Increased engagement: Offsite employees tend to have higher overall engagement than onsite employees (McLean & Company Engagement Survey, 2020).

    Speaker’s Notes:

    Remote work arrangements are becoming more and more common, and for good reason: there are a lot of benefits to the organization – and to employees.

    #1: Save Money

    Perhaps one of the most common reasons for opting for remote-work arrangements is the potential cost savings. One study found that organizations could save about $11,000 per employee working from home half the time (Global Workplace Analytics, 2021).

    #2 Increased Attraction

    In addition, supporting remote-work arrangements can attract employees. One study found that 71% of employees would likely choose one employer over another based on WFH offerings (Owl Labs, 2019).

    #3 Improve productivity.

    There are also improvements to productivity. Fifty percent of employees report they would maintain or increase their productivity while working from home (Glassdoor Team, 2020).

    Remote work also has benefits to employees.

    #1: Save Money

    As with organizations, employees also benefit financially from remote work arrangements, saving between $2,500 and $4,000 and on average 11 working days while working from home half of the time.

    #2: Improved Wellbeing

    Most employees agree that working from home makes them happier, reduces stress, and provides an improved work-life balance through increased flexibility.

    Challenges

    Organizations

    • Concerns that WFH may stifle innovation (Scientific American, 2021), likely due to the potential lack of collaboration and knowledge sharing.
    • Fewer organic opportunities for informal interaction between employees working from home means active efforts are required to foster organizational culture.

    Leaders

    • 42% of managers believe that monitoring the productivity of their direct reports is a top challenge of WFH (Ultimate Software, 2019).
    • The lack of in-person supervision compounded with a lack of trust in employees leads many leaders to believe that WFH will result in a drop in productivity.

    Employees

    • 20% of employees report collaboration/communication as their top struggle with WFH (Owl Labs, 2021).
    • Employees often experience burnout from working longer hours due to the lack of commute, blurring of work and home life, and the perceived need to prove their productivity.

    Many of these barriers can be addressed by changing traditional mindsets and finding alternative ways of working, but the traditional approach to work is so entrenched that it has been hard to make the shift.

    Speaker’s Notes:

    Many organizations are still grappling with the challenges of remote work. Some are just perceived challenges, while others are quite real.

    Limited innovation and a lack of informal interaction are a potential consequence of failing to properly adapt to the remote-work environment.

    Leaders also face challenges with remote work. Losing in-person supervision has led to the lack of trust and a perceived drop in productivity.

    A study conducted 2021 asked remote workers to identify their biggest struggle with working remotely. The top three struggles remote workers report facing are unplugging after work, loneliness, and collaborating and/or communicating.

    Seeing the struggles remote workers identify is a good reminder that these employees have a unique set of challenges. They need their managers to help them set boundaries around their work; create feelings of connectedness to the organization, culture, and team; and be expert communicators.

    1.2 Virtual teams: benefits and challenges

    20 Minutes

    1. Discuss and list:
      1. Any positives you’ve experienced since managing virtual employees.
      2. Any challenges you’ve had to manage connected to managing virtual employees.
    2. Record information in the workbook.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Personal experiences managing remote teams

    Output

    • List of benefits and challenges of remote work

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Effectively Manage Virtual Teams

    Section 1.2

    Laying the foundations for a virtual team

    The 3i’s: Inform, interact, and involve your way to effective management:

    Inform

    Interact Involve

    ↓ Down

    Connect

    ↑ Up

    Tell employees the whys

    Get to know employees

    Solicit input from employees

    Speaker’s Notes:

    Effectively managing a virtual team really comes down to adopting management approaches that will engage virtual employees.

    Managing a virtual team does not actually require a new management style. The basics of effective management are the same in both colocated and virtual teams; however, the emphasis on certain behaviors and actions we take often differs. Managing a virtual team requires much more thoughtfulness and planning in our everyday interactions with our teams as we cannot rely on the relative ease of face-to-face interactions available to colocated teams.

    The 3i’s Engaging Management Model is useful when interacting with all employees and provides a handy framework for more planful interactions with virtual employees.

    Think of your management responsibilities in these three buckets – they are the most important components of being an effective manager. We’re first going to look at inform and involve before moving on to interact.

    Inform: Relay information down from senior management and leaders to employees. Communicate the rationale behind decisions and priorities, and always explain how they will directly affect employees.

    Why is this important? According to McLean & Company’s Engagement Survey data, employees who say their managers keep them well informed about decisions that affect them are 3.4 times more likely to be engaged (Source: McLean & Company, 2020; N=77,363). Your first reaction to this might be “I already do this,” which may very well be the case. Keep in mind, though, we sometimes tend to communicate on a “need-to-know basis,” especially when we are stressed or short on time. Engaging employees takes more. Always focus on explaining the “why?” or the rationale behind business decisions.

    It might seem like this domain should be the least affected, since important company announcements probably continue in a remote environment. But remember that information like that also flows informally. And even in formal settings, there are question-and-answer opportunities. Or maybe your employee might come to your office to ask for more details. Virtual team members can’t gather around the watercooler. They don’t have the same opportunities to hear information in passing as people who are colocated do, so managers need to make a concerted effort to share information with virtual team members in a clear and timely way.

    Swinging over to the other end, we have involve: Involve your employees. Solicit information and feedback from employees and collaborate with them.

    However, it’s not enough to just solicit their feedback and input; you also need to act on it.

    Make sure you involve your employees in a meaningful way. Such collaboration makes employees feel like a valued part of the team. Not to mention that they often have information and perspectives that can help make your decisions stronger!

    Employees who say their department leaders act on feedback from them are 3.9 times more likely to be engaged than those whose leaders don’t. (Source: McLean & Company, 2020; N=59,779). That is a huge difference!

    Keeping virtual employees engaged and feeling connected and committed to the organization requires planful and regular application of the 3i’s model.

    Finally, Interact: Connect with employees on a personal level; get to know them and understand who they are on a personal and professional level.

    Why? Well, over and above the fact that it can be rewarding for you to build stronger relationships with your team, our data shows that human connection makes a significant difference with employees. Employees who believe their managers care about them as a person are 3.8 times more likely to be engaged than those who do not (Source: McLean & Company, 2017; N=70,927).

    And you might find that in a remote environment, this is the area that suffers the most, since a lot of these interactions tend to be unscripted, unscheduled, and face to face.

    Typically, if we weren’t in the midst of a pandemic, we’d emphasize the importance of allocating some budget to travel and get some face-to-face time with your staff. Meeting and interacting with team members face to face is crucial to building trusting relationships, and ultimately, an effective team, so given the context of our current circumstances, we recommend the use of video when interacting with your employees who are remote.

    Relay information down from senior management to employees.

    Ensure they’ve seen and understand any organization-wide communication.

    Share any updates in a timely manner.

    Connect with employees on a personal level.
    Ask how they’re doing with the new work arrangement.
    Express empathy for challenges (sick family member, COVID-19 diagnosis, etc.).
    Ask how you can support them.
    Schedule informal virtual coffee breaks a couple of times a week and talk about non-work topics.

    Get information from employees and collaborate with them.
    Invite their input (e.g. have a “winning remotely” brainstorming session).
    Escalate any challenges you can’t address to your VP.
    Give them as much autonomy over their work as possible – don’t micromanage.

    1.3 Identify behaviors to inform, interact with, and involve team members

    20 Minutes

    Individually:

    1. Identify one behavior for each of Inform, Interact, and Involve to improve.
    2. Record information in the workbook.

    As a group:

    1. Discuss behaviors to improve for each of Inform, Interact, and Involve and record new ideas to incorporate into your leadership practice.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • 3i's Model
    • Current leadership behaviors to improve

    Output

    • List of behaviors to better inform, interact, and involve team members

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Laying the foundation: Set clear expectations

    Tasks

    • What are the daily and weekly team activities? How do they affect one another?

    Goals

    • Clarify any adjustments to strategy based on the situation; clarify metrics.

    Communication

    • How often and when will you check in? What should they come to you for? What modalities will you use and when?

    Roadblocks

    • Involve your team in deciding how to handle roadblocks and challenges.

    Speaker’s Notes:

    Clear expectations are important in any environment, remote or not. But it is much harder to do in a remote environment. The barrier to seeking clarification is so much higher (For example, email vs. catching someone in hallway, or you can’t notice that a colleague is struggling without them asking).

    Communication – This is one area where the importance actually changes in a remote context. We’ve been talking about a lot of practices that are the same in importance whether you’re in an office or remote, and maybe you just enact them differently. But clarity around communication processes is actually tremendously more important in a remote environment.

    Adopt a five-step process to set specific and documented expectations

    1. Check in with how your team member is doing on a daily basis. Don’t forget to ask how they are doing personally.
    2. Follow up on previously set expectations. Ask how things are going. Discuss if priorities or expectations have changed and update expectations accordingly.
    3. Ask if they are experiencing any roadblocks and collaborate to find solutions.
    4. Provide feedback and recognition as appropriate.
    5. Document newly set expectations – either through a collaboration tool or through email.

    Speaker’s Notes:

    Suggested best practices: Hold daily team check-ins and hold separate individual check-ins. Increase frequency of these.

    During Check-in
    1. Set up a running Teams chat for your team.
    • This is your community. You must be the biggest cheerleader and keep the team feeling like they are contributing. Make sure everyone is involved.
  • Start each workday with a video scrum to discuss what’s coming today for your team.
    • Ask: What are you planning to work on today? Are there any roadblocks I can help with? Technology working OK?
  • Right after your team meeting, set up an “every morning video call” one-on-one meeting with each team member (5-10 minutes max).
    • Ask: What are you working on today? What will your momentum metrics be? What do you need from me?
  • Set up a separate video call at the end of the afternoon to review what everyone did (5 minutes max).
    • Ask: What went well? What went poorly? How can we improve?
  • After a Check-in
    1. Be accessible:
      • Ensure your team knows the best way to get in touch with you.
      • Email is not ideal for informal, frequent contact – use messaging instead.
    2. Be available:
      • Keep a running conversation going in Teams.
      • Respond in a timely manner; address issues quickly so that your team has what they need to succeed.
      • Let your team know if you’ll be away/offline for longer than an hour during the workday and ask them to do the same (e.g. for an appointment).
      • Help address roadblocks, answer questions, clarify priorities, etc.

    Define communication requirements

    • Set up an ongoing communication with your team.
      • E.g. a running conversation on Slack or Teams
    • Schedule daily virtual meetings and check-ins.
      • This can help to maintain a sense of normalcy and conduct a pulse check on your team.
    • Use video for important conversations.
      • Video chat creates better rapport, shows body language, and lessens feelings of isolation, but it can be taxing.
    • Set expectations about communication.
      • Differentiate between day-to-day communication and updates on the state of events.
    • Clearly communicate the collaboration toolkit.
      • What do we have available? What is the purpose of each?

    Speaker’s Notes:

    With organizational expectations set, we need to establish team expectations around how we collaborate and communicate.

    Today there is no lack of technology available to support our virtual communication. We can use the phone, conference calls, videoconferencing, Skype, instant messaging, [insert organization-specific technological tools.], etc.

    However, it is important to have a common understanding of which tools are most appropriate when and for what.

    What are some of the communication channel techniques you’ve found useful in your informal interactions with employees or that you’ve seen work well between employees?

    [Have participants share any technological tools they find useful and why.]

    Check in with your team on communication requirements

    • Should we share our calendars, hours of availability, and/or IM status?
    • How often should we meet as a team and one on one? Should we institute a time when we should not communicate virtually?
    • Which communication channel should we use in what context? How should we decide which communication method to use?
    • Should I share guidelines for email and meeting etiquette (or any other communication methods)?
    • Should we establish a new team charter?
    • What feedback does the team have regarding how we’ve been communicating?

    Speaker’s Notes:

    Whenever we interact, we make the following kinds of social exchanges. We exchange:

    • Information: Data or opinions
    • Emotions: Feelings and evaluations about the data or opinions
    • Motivations: What we feel like doing in response to data or opinions

    We need to make sure that these exchanges are happening as each team member intends. To do this, we have to be sensitive to what information is being conveyed, what emotions are involved in the interaction, and how we are motivating each other to act through the interaction. Every interaction will have intended and unintended effects on others. No one can pay attention to all of these aspects of communication all the time, but if we develop habits that are conducive to successful exchanges in all three areas, we can become more effective.

    In addition to being mindful of the exchange in our communication, as managers it is critical to build trusting relationships and rapport with employees as we saw in the 3i's model. However, in virtual teams we cannot rely on running into someone in the kitchen or hallway to have an informal conversation. We need to be thoughtful and deliberate in our interactions with employees. We need to find alternative ways to build these relationships with and between employees that are both easy and accepted by ourselves and employees. Because of that, it is important to set communication norms and really understand each other’s preferences. For example:

    • Timing of responses. Set the expectation that emails should be responded to within X hours/days unless otherwise noted in the actual email.
    • When it’s appropriate to send an email vs. using instant messaging.
    • A team charter – the team’s objectives, individual roles and responsibilities, and communication and collaboration guidelines.

    1.4 Identify and share ways you prefer to communicate for different activities

    20 Minutes

    1. Brainstorm and list the different types of exchanges you have with your virtual employees and they have with each other.
    2. List the various communication tools in use on your team.
    3. Assign a preferred communication method for each type of exchange

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Current types of exchanges on team
    • Communication methods used

    Output

    • Defined ways to communicate for each communication method

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Effectively Manage Virtual Teams

    Section 2.1
    Balancing wellbeing and performance in a virtual team context

    The pandemic has taken a significant toll on employees’ mental wellbeing

    44% of employees reported declined mental wellbeing since the start of the pandemic.

    • 44% of those who work from home.
    • 34% of those who have other work arrangements (i.e. onsite).
      (Qualtrics, 2020)

    "If one of our colleagues were to fall, break their leg, and get a cast, colleagues would probably rally around that person signing their cast. But, really, we don’t view the health of our brain the same as we do the health of our body."
    – Centre for Addiction and Mental Health (CAMH) Employee

    Speaker’s Notes:

    Despite being over two years into the pandemic, we are still seeing its effect on the physical and mental health of employees.

    The mental health aspect has been often overlooked by organizations, but in order to have a safe, happy, and productive team, you need to give mental health the same level of focus as physical heath. This requires a change in mindset in order for you as a leader to support your team's mental wellbeing during the pandemic and beyond.

    Employees are reporting several key mental wellbeing challenges

    Stress: 67%

    Employees report increasingly high levels of stress from the onset of COVID-19, stating that it has been the most stressful time in their careers.
    (Qualtrics, 2020)

    Anxiety: 57%

    Similarly, employees’ anxiety levels have peaked because of the pandemic and the uncertainty it brings.
    (Qualtrics, 2020)

    Four main themes surrounding stress & anxiety

    • Fear of contracting COVID-19
    • Financial pressures
    • Job security and uncertainty
    • Loneliness caused by social isolation

    Speaker’s Notes:

    The stress and uncertainty about the future caused by the pandemic and its fallout are posing the biggest challenges to employees.

    Organizations shutting down operations, moving to fully remote, or requiring some of their employees to be on site based on the current situation causes a lot of anxiety as employees are not able to plan for what is coming next.

    Adding in the loss of social networks and in-person interactions exacerbates the problem employees are facing. As leaders, it is your job to understand and mitigate these challenges wherever possible.

    Re-examine your workplace barriers to mental wellbeing

    New Barriers

    Old Barriers

    • Childcare/eldercare responsibilities
    • Fear of workplace health risks
    • Work location
    • Lost support networks
    • Changed work schedules
    • Social distancing
    • Workload
    • Fear of stigma
    • Benefits limits
    • Limits to paid time off
    • Lack of manager knowledge

    Key considerations:

    • Work Environment
      • Accessibility of mental wellbeing programs and initiatives
    • Organizational Culture
      • Modeling of wellbeing
      • Paid time off
      • Discussions around mental wellbeing
    • Total Rewards
      • Benefits coverage
      • Employee assistance programs (EAPs)
      • Manager knowledge

    Speaker’s Notes:

    Organizational barriers to mental wellbeing are sadly not new. Workloads, stigma around mental health, lack of sick days, and limits to benefits for mental health supports were challenges before the pandemic. Adding in the new barriers can very easily result in a tipping point for many employees who are simply not equipped to deal with or supported in dealing with the added burden of remote work in a post-pandemic world.

    To provide the needed support to your employees, it’s important to be mindful of the key considerations.

    Holistic employee wellbeing has never been more critical than it is right now

    Employee Wellbeing

    Physical

    The physical body; ensuring a person has the freedom, opportunities, and resources needed to sustainably maintain bodily health.

    Mental

    The psychological ability to cope with information, emotions, desires, and stressors (e.g. change, threats, etc.) in a healthy and balanced way. Essential for day-to-day living and functioning.

    Social

    The state of personal and professional relationships, including personal and community engagement. The capability for genuine, authentic, and mutually affirming interactions with others.

    Financial

    The state of a person’s finances; ensuring that a person feels capable to handle their financial situation and behaviors. The ability to live productively without the weight of financial stress.

    Speaker’s Notes:

    As a manager, you need to be mindful of all of these. Create an atmosphere where people are able to come to you for help if they are struggling in one of these areas. For example, some people might be more comfortable raising physical safety or comfort concerns (personal protective equipment, ergonomics) than concerns about mental health. Or they might feel like their feelings of loneliness are not appropriate to bring into their professional life.

    Wellbeing is a delicate subject, and most of the time, people are reluctant to talk about it. It requires vulnerability. And here’s the thing about it: Your staff will not drive a change in your team around making these topics more acceptable. It has to be the manager. You have to be the one to not just tell but show them that it’s OK to talk about this

    Encourage human-centered workplace behaviors

    Promote empathy as a focus value

    • Listen and show compassion.
    • Allow room for emotions.

    Encourage social connection

    • Leverage networks.
    • Infuse fun where possible.
    • Encourage community and sense of joint purpose.

    Cultivate a growth mindset

    • Encourage mindfulness and resilience.
    • Express gratitude.

    Empower others

    • Ask employees what they need and co-create solutions.
    • Integrate needs of personal and family life with work life.
    • Be clear on accountability.

    Speaker’s Notes:

    As a leader, your focus should be on encouraging the right behaviors on your team and in yourself.
    Show empathy; allowing room for emotion and showing you are willing and able to listen goes a long way to establishing trust.

    A growth mindset applies to resilience too. A person with a growth mindset is more likely to believe that even though they’re struggling now, they will get through it.

    Infuse fun – schedule social check-ins. This is not wasted time, or time off work – it is an integral part of the workday. We have less of it now organically, so you must bring it back deliberately. Remember that theme? We are deliberately reinfusing important organic elements into the workday.

    The last item, empowerment, is interesting – being clear on accountability. Have clear performance expectations. It might sound like telling people what to do would be disempowering, but it’s the opposite. By clarifying the goals of what they need to achieve, you empower them to invent their own “how,” because you and they are both sure they will arrive at the place that you agreed on. We will talk more about this in performance management.

    Emphasize the importance of wellbeing by setting the tone for the team

    Managers must…

    • LEAD BY EXAMPLE
      • Employees look to their managers for cues about how to react in a crisis. If the manager reacts with stress and fear, the team will follow.
    • ENCOURAGE OPEN COMMUNICATION
      • Frequent check-ins and transparent communication are essential during a time of crisis, especially when working remotely.
    • ACKNOWLEDGE THE SITUATION
      • Recognizing the stress that teams may be facing and expressing confidence in them goes a long way.
    • PROMOTE WELLBEING
      • Managers who take care of themselves can better support their teams and encourage them to practice good self-care too.
    • REDUCE STIGMA
      • Reducing stigma around mental health encourages people to come forward with their struggles and get the support they need.

    Speaker’s Notes:

    Emphasize the importance of wellbeing with what you do. If you do not model self-care behavior, people will follow what you do, not what you say.

    Lead by example – Live the behaviors you want to see in your employees. If you show confidence, positivity, and resiliency, it will filter down to your team.

    Encourage open communication – Have regular meetings where your team is able to set the agenda, or allow one-on-ones to be guided by the employee. Make sure these are scheduled and keep them a priority.

    Acknowledge the situation – Pretending things are normal doesn’t help the situation. Talk about the stress that the team is facing and express confidence that you will get through it together.

    Promote wellbeing – Take time off, don’t work when you’re sick, and you will be better able to support your team!

    Reduce stigma – Call it out when you see it and be sure to remind people of and provide access to any supports that the organization has.

    Conduct dedicated conversations around wellbeing

    1. Check in with how each team member is doing frequently and ask how they are doing personally.
    2. Discuss how things are going. Ask: “How is your work situation working out for you so far? Do you feel supported? How are you taking care of yourself in these circumstances?”
    3. Ask if there are any stressors or roadblocks that they have experienced and collaborate to find solutions.
    4. Provide reassurance of your support and confidence in them.
    5. Document the plan for managing stressors and roadblocks – either through a collaboration tool or through email.

    Speaker’s Notes:

    Going back to the idea of a growth mindset – this may be uncomfortable for you as a manager. So here’s a step-by-step guide that over time you can morph into your own style.

    With your team – be prepared to share first and to show it is OK to be vulnerable and address wellbeing seriously.

    1. Make sure you make time for the personal. Ask about their lives and show compassion.
    2. Give opportunities for them to bring up things that might stay hidden otherwise. Ask questions that show you care.
    3. Help identify areas they are struggling with and work with them to move past those areas.
    4. Make sure they feel supported in what they are going through and reassured of their place on the team.
    5. Roll wellbeing into your planning process. This signals to team that you see wellbeing as important, not just a checklist to cover during a team meeting, and are ready to follow through on it.

    Recognize when professional help is needed

    SIGNS OF BURNOUT: Overwhelmed; Frequent personal disclosure; Trouble sleeping and focusing; Frequent time off; Strained relationships; Substance abuse; Poor work performance

    Speaker’s Notes:

    As a leader, it is important to be on the lookout for warning signs of burnout and know when to step in and direct individuals to professional help.

    Poor work performance – They struggle to maintain work performance, even after you’ve worked with them to create coping strategies.

    Overwhelmed – They repeatedly tell you that they feel overwhelmed, very stressed, or physically unwell.

    Frequent personal disclosure – They want to discuss their personal struggles at length on a regular basis.

    Trouble sleeping and focusing – They tell you that they are not sleeping properly and are unable to focus on work.

    Frequent time off – They feel the need to take time off more frequently.

    Strained relationships – They have difficulty communicating effectively with coworkers; relationships are strained.

    Substance abuse – They show signs of substance abuse (e.g. drunk/high while working, social media posts about drinking during the day).

    Keeping an eye out for these signs and being able to step in before they become unmanageable can mean the difference between keeping and losing an employee experiencing burnout.

    Remember: Managers also need support

    • Added burden
    • Lead by example
    • Self-care

    Speaker’s Notes:

    If you’ve got managers under you, be mindful of their unique stressors. Don’t forget to check in with them, too.

    If you are a manager, remember to take care of yourself and check in with your own manager about your own wellbeing.

    2.1 Balance wellbeing and performance in a virtual team context

    30 Minutes

    1. Brainstorm and list current practices and challenges connected to wellbeing on your teams.
    2. Choose one or two wellbeing challenges that are most relevant for your team.
    3. Discuss as a group and identify one solution for each challenge that you can put into action with your own virtual team. Document this under “Action plan to move forward” on the workbook slide “2.1 Balancing wellbeing and performance in a virtual team context.”

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Current practices and challenges connected to wellbeing

    Output

    • Action plan for each challenge listed

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Effectively Manage Virtual Teams

    Section 2.2

    Managing performance in a virtual team context

    Virtual employees are craving more meaningful interactions with their managers

    A survey indicated that, overall, remote employees showed less satisfaction with manager interactions compared to other non-remote employees.

    1. 16% less likely to strongly agree their manager involves them in setting goals at work.
    2. 28% less likely to strongly agree they continually work with their manager to clarify work priorities.
    3. 29% less likely to strongly agree they have reviewed their greatest successes with their manager in the last six months.
    4. 30% less likely to strongly agree they have talked with their manager about progress toward goals in the last six months.

    Speaker’s Notes:

    In many cases, we have put people into virtual roles because they are self-directed and self-motivated workers who can thrive with the kind of autonomy and flexibility that comes with virtual work. As managers, we should expect many of these workers to be proactively interested in how they are performing and in developing their careers.

    It would be a mistake to take a hands-off approach when managing virtual workers. A recent survey indicated that, overall, remote employees showed less satisfaction with manager interactions compared to other non-remote employees. It was also one of the aspects of their work experience they were least satisfied with overall (Gallup, State of the American Workplace, 2017). Simply put, virtual employees are craving more meaningful conversations with their managers.

    While conversations about performance and development are important for all employees (virtual or non-virtual), managers of remote teams can have a significant positive impact on their virtual employees’ experience and engagement at work by making efforts to improve their involvement and support in these areas.

    During this module we will work together to identify ways that each of us can improve how we manage the performance of our virtual employees. At the end of the module everyone will create an action plan that they can put in place with their own teams. In the next module, we go through a similar set of activities to create an action plan for our interactions with employees about their development.

    Building blocks of performance management

    • Goal Setting

    • Setting Expectations

    • Measuring Progress

    • Feedback & Coaching

    Speaker’s Notes:

    [Include a visualization of your existing performance management process in the slide. Walk the participants through the process to remind them of what is expected. While the managers participating in the training should know this, there may be different understandings of it, or it might just be the case that it’s been a while since people looked at the official process. The intention here is merely to ensure everyone is on the same page for the purposes of the activities that follow.]

    Now that we’ve reviewed performance management at a high level, let’s dive into what is currently happening with the performance management of virtual teams.

    I know that you have some fairly extensive material at your organization around how to manage performance. This is fantastic. And we’re going to focus mainly on how things change in a virtual context.

    When measuring progress, how do you as a manager make sure that you are comfortable not seeing your team physically at their desks? This is the biggest challenge for remote managers.

    2.2 Share current performance management practices for virtual teams

    30 Minutes

    1. Brainstorm and list current high-level performance management practices connected to each building block. Record in your workbook.
    2. Discuss current challenges connected to implementing the building blocks with virtual employees.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Current performance management practices
    • Challenges surrounding performance management

    Output

    • Current state of virtual performance management defined

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Communicate the “why”: Cascade organizational goals

    This image depicts the Cascade of Why- organizational goals. Organizational Mission; Organizational Values; Organizational Goals; Department Goals; Team Goals; Individual Goals

    Speaker’s Notes:

    When assisting your employees with their goals, think about the organization’s overall mission and goals to help you determine team and individual goals.

    • Organizational goals: Employee goals should align with organizational goals. Goals may cascade down through the organization.
    • Department or team goals: Create a clear strategy based on high-level goals for the year so employees can link short-term goals to the larger picture.
    • Individual goals: Employees should draw on their individual development plan to help set performance goals.

    Sometimes it’s difficult to get employees thinking about goals and they need assistance from managers. It’s also important to be clear on team goals to help guide employees in setting individual ones.

    The basic idea is to show people how their individual day-to-day work contributes to the overall success of the organization. It gives them a sense of purpose and a rationale, which translates to motivation. And also helps them problem solve with more autonomy.

    You’re giving people a sense of the importance of their own contribution.

    How to set clear expectations for job performance

    Ensure employees have a clear understanding of what’s expected for their role:

    1. Review their metrics so they understand how they’re being evaluated.
    2. Outline daily, weekly, monthly, and quarterly goals.
    3. If needed, help them plan when and how each part of their job should be done and what to prioritize.
    4. Ask them to come to you early if they experience a roadblock so that you can help rather than having them flounder on their own.
    5. Document instances where employees aren’t meeting role or performance expectations.

    Speaker’s Notes:

    Tailor performance goals to address any root causes of poor performance.

    For example:

    • If personal factors are getting in the way, work with the employee (and HR if necessary) to create a strategy to address any impediments to performing in the role.

    Tips for managing performance remotely

    • Reflect on one key question: What needs to happen for my direct reports to continue their work while working remotely?
    • Manage for results – not employee visibility at the office.
    • Use metrics to measure performance. If you don’t have any, define tasks and deliverables as clearly as possible and conduct regular check-ins.
    • Work with the employee to set goals and metrics to measure progress.

    Focus on results: Be flexible about how and when work gets done, as long as team members are hitting their targets.

    • For example, if they have childcare duties from 3 to 5pm during school closures and want to work later in the evening to make up the time, that’s fine – as long as the work gets done.
    • Set clear expectations about which work must be done during normal work hours (e.g. attend team meetings, client calls) and which can be done at other hours.
    • Team members must arrange with you any nonstandard working hours before they start using an altered schedule. It is your responsibility to keep track of hours and any alternate arrangements.
    • Don’t make team members feel constantly monitored (i.e. “Where were you from 10 to 11am?”); trust them until you have reason not to.

    Encourage your team members to unplug: If they’re sending you emails late at night and they haven’t made an alternate work hours agreement with you, encourage them to take time away from work.

    • It’s harder to unplug when working at home, and everyone needs a break to stay productive.

    Avoid micromanagement with holistic performance measures

    Quality

    How well tasks are accomplished

    Behavior

    Related to specific employee actions, skills, or attitudes

    Quantity

    How much work gets done

    Holistic measures demonstrate all the components required for optimal performance. This is the biggest driver in having comfort as a manager of a remote team and avoiding micromanagement. Typically these are set at the organizational level. You may need to adjust for individual roles, etc.

    Speaker's Notes:

    Metrics come in different types. One way to ensure your metrics capture the full picture is to use a mix of different kinds of metrics.

    Some metrics are quantitative: they describe quantifiable or numerical aspects of the goal. This includes timeliness. On the other hand, qualitative metrics have to do with the final outcome or product. And behavioral metrics have to do with employees' actions, skills, or attitudes. Using different kinds of metrics together helps you set holistic measures, which capture all the components of optimal performance toward your goal and prevent gaming the system.

    Let's take an example:

    A courier might have an objective to do a good job delivering packages. An example of a quantitative measure might be that the courier is required to deliver X number of packages per day on time. The accompanying metrics would be the number of packages delivered per day and the ratio of packages delivered on time vs. late.

    Can you see a problem if we use only these quantitative measures to evaluate the courier's performance?

    Wait to see if anyone volunteers an answer. Discuss suggestions.

    That's right, if the courier's only goal is to deliver more packages, they might start to rush, may ruin the packages, and may offer poor customer service. We can help to guard against this by implementing qualitative and behavioral measures as well. For example, a qualitative measure might be that the courier is required to deliver the packages in mint condition. And the metric would be the number of customer complaints about damaged packages or ratings on a satisfaction survey related to package condition.

    For the behavioral aspect, the courier might be required to provide customer-centric service with a positive attitude. The metrics could be ratings on customer satisfaction surveys related to the courier's demeanor or observations by the manager.

    Managing poor performance virtually: Look for key signs

    It’s crucial to acknowledge that an employee might have an “off week” or need time to balance work and life – things that can be addressed with performance management (PM) techniques. Managers should move into the process for performance improvement when:

    1. Performance fluctuates frequently or significantly.
    2. Performance has dropped for an extended period of time.
    3. Expectations are consistently not being met.

    Key signs to look for:

    • PM data/performance-related assessments
    • Continual absences
    • Decreased quality or quantity of output
    • Frequent excuses (e.g. repeated internet outages)
    • Lack of effort or follow-through
    • Missed deadlines
    • Poor communication or lack of responsiveness
    • Failure to improve

    Speaker’s notes:

    • Let’s talk more about identifying low performance.
    • Everybody has off days or weeks. And what if they are new to the role or new to working remotely? Their performance may be low because they need time to adjust. These sort of situations should be managed, but they don’t require moving into the process for performance improvement.
    • When managing employees who are remote or working in a hybrid situation, it is important to be alert to these signs and check in with your employees on a regular basis. Aim to identify and work with employees on addressing performance issues as they arise rather than waiting until it’s too late. Depending on your availability, the needs of the employee, and the complexity of their role, check-ins could occur daily, weekly, and/or monthly. As I mentioned, for remote employees, it’s often better to check-in more frequently but for a shorter period of time.
    • You want to be present in their work life and available to help them manage through roadblocks and stay on track, but try to avoid over-monitoring employees. Micromanaging can impact the manager-employee relationship and lead to the employee feeling that there is a lack of trust. Remember, the employee needs to be responsible for their own performance and improvement.
    • Check-ins should not just be about the work either. Take some time to check in personally. This is particularly important when managing remotely. It enables you to build a personal relationship with the employee and also keeps you aware if there are other personal issues at play that are impacting their work.
    • So, how do you know what does require performance improvement? There are three key things that you should look for that are clear signals that performance improvement is necessary:
      1. Their performance is fluctuating frequently or significantly.
      2. Their performance has dropped for an extended period of time.
      3. Expectations are consistently not being met.
    • What do you think are some key signs to look for that indicate a performance issue is occurring?

    Managing poor performance virtually: Conducting remote performance conversations

    Video calling

    Always use video calls instead of phone calls when possible so that you don’t lose physical cues and body language.

    Meeting invitations

    Adding HR/your leader to a meeting invite about performance may cause undue stress. Think through who needs to participate and whether they need to be included in the invite itself.

    Communication

    Ensure there are no misunderstandings by setting context for each discussion and having the employee reiterate the takeaways back to you.

    Focus on behavior

    Don’t assume the intent behind the behavior(s) being discussed. Instead, just focus on the behavior itself.

    Policies

    Be sure to adhere to any relevant HR policies and support systems. Working with HR throughout the process will ensure none are overlooked.

    Speaker’s notes:

    There are a few best practices you should follow when having performance conversations:

    • First, if you are in a different work environment than your employee, always use video calls instead of phone calls whenever possible so that you don’t miss out on physical cues and body language. If videoconferencing isn’t the norm, encourage them to turn on their video. Be empathic that it can feel awkward but explain the benefits, and you will both have an easier time communicating and understanding each other.
    • As I’ve mentioned, be considerate of the environment they are in. If they are in the office and you are working remotely, be sure to book a private meeting room for them to go to for the conversation. If they are working from home, be sure to check that they are prepared and able to focus on the conversation.
    • Next, carefully consider who you are adding to the meeting invite and whether it’s necessary for them to be there. Adding HR or your leader to a meeting invite may cause undue stress for the employee.
    • Consider the timing of the invite. Don’t send it out weeks in advance. When a performance problem exists, you’ll want to address it as soon as possible. A day or two of notice would be an ideal approach because it gives them a heads up but will not cause them extended stress or worrying.
    • Be considerate about the timing of the meeting and what else they may have scheduled. For example, a Friday afternoon before they are heading off on vacation or right before they are leading an important client call would not be appropriate timing.
    • As we just mentioned clear communication is critical. Ensure there are no misunderstandings by setting context for each discussion and having the employee reiterate takeaways back to you.
    • Focus on the behavior and don’t assume their intent. It can be tempting to say, “I know you didn’t mean to miss the deadline,” but you don’t know what they intended. Often people are not aware of the impact their behavior can have on others.
    • Lastly, be sure to adhere to any relevant HR policies and support systems. Working with HR throughout the process will ensure nothing is overlooked.

    2.3 Identify challenges of current practices and propose solutions

    30 Minutes

    1. Select one or two challenges from the previous activity.
    2. Identify one solution for each challenge that you can put into action with your own virtual team. Document in the workbook.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Current performance management practices
    • Challenges surrounding performance management

    Output

    • Action plan to move forward

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Effectively Manage Virtual Teams

    Optional Section

    Employee development in a virtual team setting

    There are three main development approaches for both colocated and virtual employees

    Formal Training; Relational Learning; Experimental Learning

    Speaker’s Notes:

    As we have seen, our virtual employees crave more meaningful interactions with their managers. In addition to performance conversations, managers should also be having regular discussions with their employees about their employee development plans. One key component of these discussions is career planning. Whether you are thinking shorter term – how to become better at their current role – or longer term – how to advance beyond their current role – discussions about employee development are a great way to engage employees. Employees are ultimately responsible for creating and executing their own development plans, but managers are responsible for making sure that employees have thought through these plans and helping employees identify opportunities for executing those plans.

    To help us think about our own employee development practices, identify challenges they pose when working with virtual employees, and create solutions to these challenges, it is useful to think about employee development opportunities according to three types:

    1. The first kind of development opportunity is formal training. Formal training is organized and has a clearly defined curriculum and desired outcome. It usually takes the form of a group training session (like this one) or training videos or materials that employees can watch individually and on their own time. These opportunities usually end with a test or assignment that can be used to evaluate the degree to which the participant achieved the desired learning outcomes.
    2. The second kind of development opportunity is relational learning. Perhaps the most common form of this type of learning is coaching or mentoring. By establishing a long-term work relationship, checking in with employees about their daily work and development goals, and sharing their own experiences and knowledge, mentors help employees reflect and draw out learning from everyday, on-the-job development activities. Other examples include a peer support group or communities of practice. In these group settings peers share best practices and work together to overcome challenges.
    3. The third kind of development opportunity is experiential learning. This kind of opportunity provides employees the chance to work on real work problems, and the output of the development work can directly benefit the organization. Most people learn best by doing. On-the-job experiences that are challenging or new can force people to use and develop new skills and knowledge based on what worked effectively and what failed. Examples of experiential learning are on-the-job learning for new hires, stretch assignments, or special projects that take the employee beyond their daily routine and allow them to try new activities and develop competencies that they would not have the chance to develop as part of their regular job.

    According to McLean & Company, organizations should use the “70-20-10” rule as a rough guideline when working with employees to create their development plans: 10% of the plan should be dedicated to formal training opportunities, 20% to relational learning, and 70% to experiential learning. Managers should work with employees to identify their performance and career goals, ensure that their development plans are aligned with these goals, and include an appropriate mixture of all three kinds of development opportunities.

    To help identify challenges and solutions, think about how virtual work arrangements will impact the employee’s ability to leverage each type of opportunity at our organization.

    Here are some examples that can help us start thinking about the kinds of challenges virtual employees on our team face:

    Career Planning

    • One challenge can be identifying a career path that is consistent with working virtually. If switching from a virtual arrangement to an onsite arrangement is not a viable option for an employee, some career paths may not feasibly be open to them (at least as the company is currently organized). For example, if an employee would eventually like to be promoted to a senior leadership role in their business function but all senior leaders are required to work onsite at corporate headquarters, the employee will need to consider whether such a move is possible for them. In some cases employees may be willing to do this, but in others they may not. The important thing is to have these conversations with virtual employees and avoid the assumption that all career paths can be done virtually, since that might not be the case

    Formal Training

    • This is probably the least problematic form of employee development for virtual employees. In many cases this kind of training is scheduled well in advance, so virtual employees may be able to join non-virtual employees in person for some group training. When this is not possible (due to distance, budget, or time zone), many forms of group training can be recorded and watched by virtual employees later. Training videos and training materials can also easily be shared with virtual employees using existing collaboration software.

    Relational Learning

    • One major challenge here is developing a mentoring relationship virtually. As we discussed in the module on performance management, developing relationships virtually can be challenging because people cannot rely upon the kind of informal and spontaneous interactions that occur when people are located in the same office. Mentors and mentees will have to put in more effort and planning to get to know each other and they will have to schedule frequent check-ins so that employees can reflect upon their progress and experience (with the help of their mentors) more often.
    • Time zones and technology may pose potential barriers for certain candidates to be mentors. In some cases, employees that are best qualified to be mentors may not be as comfortable with collaborative software as other mentors or their mentees. If there are large time zone differences, some people who would otherwise be interested in acting as a mentor may be dissuaded. Managers need to take this into consideration if they are connecting employees with mentors or if they are thinking of taking on the mentor role themselves.

    Experiential Learning

    • Virtual employees risk being overlooked for special projects due to the “out of sight, out of mind” bias: When special projects come up, the temptation is to look around the room and see who is the best fit. The problem is, however, that in some cases the highest performers or best fit may not physically be in the room. In these cases it is important for managers to take on an advocate role for their employees and remind other managers that they have good virtual employees on their team that should be included or contacted. It is also important for managers to keep their team informed about these opportunities as often as possible.
    • Sometimes certain projects or certain kinds of work just cannot be done virtually in a company for a variety of reasons. The experiential learning opportunities will not be open to virtual employees. If such opportunities are open to the majority of other workers in this role (potentially putting virtual employees’ career development at a disadvantage relative to their peers), managers should work with their virtual employees to identify alternative experiences. Managers may also want to consider advocating for more or for higher quality experiential learning opportunities at the organization.

    Now that we have considered some general examples of challenges and solutions, let’s look at our own employee development practices and think about the practical steps we can take as managers to improve employee development for our virtual employees.

    Employee development basics

    • Career planning & performance improvement
    • Formal training
    • Relational learning
    • Experiential learning

    Speaker’s Notes:

    [Customize this slide according to your organization’s own policies and processes for employee development. Provide useful images that outline this on the slide, and in these notes describe the processes/policies that are in place. Note: In some cases policies or processes may not be designed with virtual employees or virtual teams in mind. That is okay for the purposes of this training module. In the following activities participants will discuss how they apply these policies and processes with their virtual teams. If your organization is interested in adapting its policies/processes to better support virtual workers, it may be useful to record those conversations to supplement existing policies later.]

    Now that we have considered some general examples of challenges and solutions, let’s look at our own employee development practices and think about the practical steps we can take as managers to improve employee development for our virtual employees.

    2.4 Share current practices for developing employees on a virtual team

    30 Minutes

    1. Brainstorm and list current high-level employee development practices. Record in your workbook.
    2. Discuss current challenges connected to developing virtual employees. Record in your workbook.
    3. Identify one solution for each challenge that you can put into action with your own virtual team.
    4. Discuss as a group.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Current employee development practices
    • Challenges surrounding employee development

    Output

    • Action plan to move forward

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Refine Action Plans

    2.5 Refine your action plan and commit to implementing it

    30 Minutes

    1. Review your action plans for consistency and overlap. Highlight any parts you may struggle to complete.
    2. Meeting with your group, summarize your plans to each other. Provide feedback and discuss each other’s action plans.
    3. Discuss how you can hold each other accountable.

    Download the Workbook: Equip Managers to Effectively Manage Virtual Teams

    Input

    • Action items from previous activities.

    Output

    • Action plan to move forward

    Materials

    • Workbook: Equip Managers to Effectively Manage Virtual Teams

    Participants

    • All managers with direct reports working virtually

    Summary of Accomplishment

    • We do not need to go out and learn a new set of manager responsibilities to better manage our virtual teams; rather, we have to “dial up” certain responsibilities we already have or adjust certain approaches that we already take.
    • It is important to set clear expectations. While managers are ultimately responsible for making sure expectations are set and are clearly communicated, they are not the only ones with responsibilities. Employees and managers need to work together to overcome the challenges that virtual work involves.
    • Virtual employees crave meaningful interactions with their managers and team. Managers must take charge in fostering an atmosphere of openness around wellbeing and establish effective performance management strategies. By being proactive with our virtual teams’ wellness and mindful of our performance management habits, we can take significant steps toward keeping these employees engaged and productive.
    • Effective management in virtual contexts requires being more deliberate than is typical in non-virtual contexts. By working as a group to identify challenges and propose solutions, we have helped each other create action plans that we can use going forward to continually improve our management practices.

    If you would like additional support, have our analysts guide you through an info-tech workshop or guided implementation.

    Contact your account representative for more information

    workshops@infotech.com

    1-888-670-8889

    Speaker’s Notes:

    First, let’s take a moment to summarize the key things we have learned today:

    1. We do not need to go out and learn a new set of manager competencies to better manage our virtual teams; rather, we have to “dial up” certain competencies we already have or adjust certain approaches that we already take. In many cases we just need to be more aware of the challenges that virtual communication poses and be more planful in our approaches.
    2. It is important to set clear expectations. While managers are ultimately responsible for making sure expectations are set and clearly communicated, they are not the only ones with responsibilities. Employees and managers need to work together to overcome the challenges that virtual work involves. Making sure that teams have meaningful conversations about expectations, come to a shared understanding of them, and record them will create a firm foundation for all other interactions on the virtual team.
    3. Virtual employees crave meaningful interactions with their managers related to performance and employee development. By creating action plans for improving these kinds of interactions with our teams, we can take significant steps toward keeping these employees engaged and productive.
    4. Effective performance management and employee development in virtual contexts require more planfulness than is required in non-virtual contexts. By working as a group to identify challenges and propose solutions, we have helped each other create action plans that we can use going forward to continually improve our management practices.

    Is there anything that anyone has learned that is not on this list and that they would like to share with the group?

    Finally, were there any challenges identified today that were not addressed?

    [Note to facilitator: Take note of any challenges not addressed and commit to getting back to the participants with some suggested solutions.]

    Additional resources

    Manager Training: Lead Through Change

    Train managers to navigate the interpersonal challenges associated with change management and develop their communication and leadership skills. Upload this LMS module into your learning management system to enable online training.

    Manager Training: Build a Better Manager: Manage Your People

    Management skills training is needed, but organizations are struggling to provide training that makes a long-term difference in the skills managers use in their day to day.

    Many training programs are ineffective because they offer the wrong content, deliver it in a way that is not memorable, and are not aligned with the IT department’s business objectives.

    Blueprint: Manage Poor Performance While Working From Home

    Assess and improve remote work performance with our ready-to-use tools.

    Works Cited

    April, Richard. “10 KPIs Every Sales Manager Should Measure in 2019.” HubSpot, 24 June 2019. Web.

    Banerjea, Peter. “5 Powerful Strategies for Managing a Remote Sales Team.” Badger - Maps for field sales, n.d. Web.

    Bibby, Adrianne. “5 Employers’ Awesome Quotes about Work Flexibility.” FlexJobs, 9 January 2017. Web.

    Brogie, Frank. “The 14 KPIs every field sales rep should strive to improve.” Repsly, 2018. Web.

    Dunn, Julie. “5 smart tips for leading field sales teams.” LevelEleven, March 2015. Web.

    Edinger, Scott. “How great sales leaders coach.” Forbes, 2013. Web.

    “Employee Outlook: Employee Views on Working Life.” CIPD, April 2016. Web.

    Hall, Becki. “The 5 biggest challenges facing remote workers (and how to solve them).” interact, 7 July 2017. Web.

    Hofstede, Geert. “National Cultural Dimensions.” Hofstede Insights, 2012. Web.

    “Inventory of U.S. Greenhouse Gas Emissions and Sinks: 1990-2014 (EPA 430-R-16-002).” Environmental Protection Agency (EPA), 15 April 2016.

    “Latest Telecommuting Statistics.” Global Workplace Analytics, June 2021. Web.

    Knight, Rebecca. “How to manage remote direct reports.” Harvard Business Review, 2015. Web.

    “Rewards and Recognition: 5 ways to show remote worker appreciation.” FurstPerson, 2019. Web.

    Palay, Jonathan. "How to build your sales management cadence." CommercialTribe, 22 March 2018. Web.

    “Sales Activity Management Matrix.” Asian Sales Guru, 2019. Web.

    Smith, Simone. “9 Things to Consider When Recognizing Remote Employees.” hppy, 2018. Web.

    “State of Remote Work 2017.” OWL Labs, 2021. Web.

    “State of the American Workplace.” Gallup, 2017. Web.

    “Telework Savings Potential.” Global Workplace Analytics, June 2021. Web.

    “The Future of Jobs Employment Trends.” World Economic Forum, 2016. Web.

    “The other COVID-19 crisis: Mental health.” Qualtrics, 14 April 2020. Web.

    Thompson, Dan. “The straightforward truth about effective sales leadership.” Sales Hacker, 2017. Web.

    Tsipursky, Gleb. “Remote Work Can Be Better for Innovation Than In-Person Meetings.” Scientific American, 14 Oct. 2021. Web.

    Walsh, Kim. “New sales manager? Follow this guide to crush your first quarter.” HubSpot, May 2019. Web.

    “What Leaders Need to Know about Remote Workers: Surprising Differences in Workplace Happiness and Relationships.” TINYpulse, 2016.

    Zenger, Jack, and Joe Folkman. “Feedback: The Leadership Conundrum.” Talent Quarterly: The Feedback Issue, 2015.

    Contributors

    Anonymous CAMH Employee

    Avoid Project Management Pitfalls

    • Buy Link or Shortcode: {j2store}374|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Program & Project Management
    • Parent Category Link: /program-and-project-management
    • IT organizations seem to do everything in projects, yet fewer than 15% successfully complete all deliverables on time and on budget.
    • Project managers seem to succumb to the relentless pressure from stakeholders to deliver more, more quickly, with fewer resources, and with less support than is ideal.
    • To achieve greater likelihood that your project will stay on track, watch out for the four big pitfalls: scope creep, failure to obtain stakeholder commitment, inability to assemble a team, and failure to plan.

    Our Advice

    Critical Insight

    • While many project managers worry about proper planning as the key to project success, skilled management of the political factors around a project has a much greater impact on success.
    • Alone, combating scope creep can improve your likelihood of success by a factor of 2x.
    • A strong project sponsor will be key to fighting the inevitable battles to control scope and obtain resources.

    Impact and Result

    • Take steps to avoid falling into common project pitfalls.
    • Assess which pitfalls threaten your project in its current state and take appropriate steps to avoid falling into them.
    • Avoiding pitfalls will allow you to deliver value on time and on budget, creating the perception of success in users’ and managers’ eyes.

    Avoid Project Management Pitfalls Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Learn about common PM pitfalls and the strategies to avoid them

    Consistently meet project goals through enhanced PM knowledge and awareness.

    • Storyboard: Avoid Project Management Pitfalls
    • None

    2. Detect project pitfalls

    Take action and mitigate a pitfall before it becomes a problem.

    • Project Pitfall Detection & Mitigation Tool

    3. Document and report PM issues

    Learn from issues encountered to help map PM strategies for future projects.

    • Project Management Pitfalls Issue Log
    [infographic]

    CIO Priorities 2022

    • Buy Link or Shortcode: {j2store}328|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $31,499 Average $ Saved
    • member rating average days saved: 9 Average Days Saved
    • Parent Category Name: Innovation
    • Parent Category Link: /innovation
    • Understand how to respond to trends affecting your organization.
    • Determine your priorities based on current state and relevant internal factors.
    • Assign the right amount of resources to accomplish your vision.
    • Consider what new challenges outside of your control will demand a response.

    Our Advice

    Critical Insight

    A priority is created when external factors hold strong synergy with internal goals and an organization responds by committing resources to either avert risk or seize opportunity. These are the priorities identified in the report:

    1. Reduce Friction in the Hybrid Operating Model
    2. Improve Your Ransomware Readiness
    3. Support an Employee-Centric Retention Strategy
    4. Design an Automation Platform
    5. Prepare to Report on New Environmental, Social, and Governance Metrics

    Impact and Result

    Update your strategic roadmap to include priorities that are critical and relevant for your organization based on a balance of external and internal factors.

    CIO Priorities 2022 Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. CIO Priorities 2022 – A report on the key priorities for competing in the digital economy.

    Discover Info-Tech’s five priorities for CIOs in 2022.

    • CIO Priorities Report for 2022

    2. Listen to the podcast series

    Hear directly from our contributing experts as they discuss their case studies with Brian Jackson.

    • Frictionless hybrid working: How the Harvard Business School did it
    • Close call with ransomware: A CIO recounts a near security nightmare
    • How a financial services company dodged "The Great Resignation"
    • How Allianz took a blockchain platform from pilot to 1 million transactions
    • CVS Health chairman David Dorman on healthcare's hybrid future

    Infographic

    Further reading

    CIO Priorities 2022

    A jumble of business-related words. Info-Tech’s 2022 Tech Trends survey asked CIOs for their top three priorities. Cluster analysis of their open-ended responses shows four key themes:
    1. Business process improvements
    2. Digital transformation or modernization
    3. Security
    4. Supporting revenue growth or recovery

    Info-Tech’s annual CIO priorities are formed from proprietary primary data and consultation with our internal experts with CIO stature

    2022 Tech Trends Survey CIO Demographic N=123

    Info-Tech’s Tech Trends 2022 survey was conducted between August and September 2021 and collected a total of 475 responses from IT decision makers, 123 of which were at the C-level. Fourteen countries and 16 industries are represented in the survey.

    2022 IT Talent Trends Survey CIO Demographic N=44

    Info-Tech’s IT Talent Trends 2022 survey was conducted between September and October 2021 and collected a total of 245 responses from IT decision makers, 44 of which were at the C-level. A broad range of countries from around the world are represented in the survey.

    Internal CIO Panels’ 125 Years Of Combined C-Level IT Experience

    Panels of former CIOs at Info-Tech focused on interpreting tech trends data and relating it to client experiences. Panels were conducted between November 2021 and January 2022.

    CEO-CIO Alignment Survey Benchmark Completed By 107 Different Organizations

    Info-Tech’s CEO-CIO Alignment program helps CIOs align with their supervisors by asking the right questions to ensure that IT stays on the right path. It determines how IT can best support the business’ top priorities and address the gaps in your strategy. In 2021, the benchmark was formed by 107 different organizations.

    Build IT alignment

    IT Management & Governance Diagnostic Benchmark Completed By 320 Different Organizations

    Info-Tech’s Management and Governance Diagnostic helps IT departments assess their strengths and weaknesses, prioritize their processes and build an improvement roadmap, and establish clear ownership of IT processes. In 2021, the benchmark was formed by data from 320 different organizations.

    Assess your IT processes

    The CIO priorities are informed by Info-Tech’s trends research reports and surveys

    Priority: “The fact or condition of being regarded or treated as more important than others.” (Lexico/Oxford)

    Trend: “A general direction in which something is developing or changing.” (Lexico/Oxford)

    A sequence of processes beginning with 'Sensing', 'Hypothesis', 'Validation', and ending with 'Trends, 'Priorities'. Under Sensing is Technology Research, Interviews & Insights, Gathering, and PESTLE. Under Hypothesis is Near-Future Probabilities, Identify Patterns, Identify Uncertainties, and Identify Human Benefits. Under Validation is Test Hypothesis, Case Studies, and Data-Driven Insights. Under Trends is Technology, Talent, and Industry. Under Priorities is CIO, Applications, Infrastructure, and Security.

    Visit Info-Tech’s Trends & Priorities Research Center

    Image called 'Defining the CIO Priorities for 2022'. Image shows 4 columns, Implications, Resource Investment, Amplifiers, and Actions and Outcomes, with 2 dotted lines, labeled External Context and Internal Context, running through all 4 columns and leading to bottom-right label called CIO Priorities Formed

    The Five Priorities

    Priorities to compete in the digital economy

    1. Reduce Friction in the Hybrid Operating Model
    2. Improve Your Ransomware Readiness
    3. Support an Employee-Centric Retention Strategy
    4. Design an Automation Platform
    5. Prepare to Report on New Environmental, Social, and Governance Metrics

    Reduce friction in the hybrid operating model

    Priority 01 | APO07 Human Resources Management

    Deliver solutions that create equity between remote workers and office workers and make collaboration a joy.

    Hybrid work is here to stay

    CIOs must deal with new pain points related to friction of collaboration

    In 2020, CIOs adapted to the pandemic’s disruption to offices by investing in capabilities to enable remote work. With restrictions on gathering in offices, even digital laggards had to shift to an all-remote work model for non-essential workers.

    Most popular technologies already invested in to facilitate better collaboration

    • 24% Web Conferencing
    • 23% Instant Messaging
    • 20% Document Collaboration

    In 2022, the focus shifts to solving problems created by the new hybrid operating model where some employees are in the office and some are working remotely. Without the ease of collaborating in a central hub, technology can play a role in reducing friction in several areas:

    • Foster more connections between employees. Remote workers are less likely to collaborate with people outside of their department and less likely to spontaneously collaborate with their peers. CIOs should provide a digital employee experience that fosters collaboration habits and keeps workers engaged.
    • Prevent employee attrition. With more workers reevaluating their careers and leaving their jobs, CIOs can help employees feel connected to the overall purpose of the organization. Finding a way to maintain culture in the new context will require new solutions. While conference room technology can be a bane to IT departments, making hybrid meetings effortless to facilitate will be more important.
    • Provide new standards for mediated collaboration. Meeting isn’t as easy as simply gathering around the same table anymore. CIOs need to provide structure around how hybrid meetings are conducted to create equity between all participants. Business continuity processes must also consider potential outages for collaboration services so employees can continue the work despite a major outage.

    Three in four organizations have a “hybrid” approach to work. (Tech Trends 2022 Survey)

    In most organizations, a hybrid model is being implemented. Only 14.9% of organizations are planning for almost everyone to return to the office, and only 9.9% for almost everyone to work remotely.

    Elizabeth Clark

    CIO, Harvard Business School

    "I want to create experiences that are sticky. That keep people coming back and engaging with their colleagues."

    Photo of Elizabeth Clark, CIO, Harvard Business School.

    Listen to the Tech Insights podcast:
    Frictionless hybrid working: How the Harvard Business School did it

    Internal interpretation: Harvard Business School

    • March 2020
      The pandemic disrupts in-class education at Harvard Business School. Their case study method of instruction that depends on in-person, high-quality student engagement is at risk. While students and faculty completed the winter semester remotely, the Dean and administration make the goal to restore the integrity of the classroom experience with equity for both remote and in-person students.
    • May 2020
      A cross-functional task force of about 100 people work intensively, conducting seven formal experiments, 80 smaller tests, and hundreds of polling data points, and a technology and facilities solution is designed: two 4K video cameras capturing both the faculty and the in-class students, new ceiling mics, three 85-inch TV screens, and students joining the videoconference from their laptops. A custom Zoom room, combining three separate rooms, integrated all the elements in one place and integrated with the lecture capture system and learning management system.
    • October 2020
      Sixteen classrooms are renovated to install the new solution. Students return to the classroom but in lower numbers due to limits on in-room capacity, but students rotate between the in-person and remote experience.
    • September 2021
      Renovations for the hybrid solution are complete in 26 classrooms and HBS has determined this will be its standard model for the classroom. The case method of teaching is kept alive and faculty and students are thrilled with the results.
    • November 2021
      HBS is adapting its solution for the classroom to its conference rooms and has built out eight different rooms for a hybrid experience. The 4K cameras and TV screens capture all participants in high fidelity as well as the blackboard.

    Photo of a renovated classroom with Zoom participants integrated with the in-person students.
    The renovated classrooms integrate all students, whether they are participating remotely or in person. (Image courtesy of Harvard Business School.)

    Implications: Organization, Process, Technology

    External

    • Organization – About half of IT practitioners in the Tech Trends 2022 survey feel that IT leaders, infrastructure and operations teams, and security teams were “very busy” in 2021. Capacity to adapt to hybrid work could be constrained by these factors.
    • Process – Organizations that want employees to benefit from being back in the office will have to rethink how workers can get more value out of in-person meetings that also require videoconference participation with remote workers.
    • Technology – Fifty-four percent of surveyed IT practitioners say the pandemic raised IT spending compared to the projections they made in 2020. Much of that investment went into adapting to a remote work environment.

    Internal

    • Organization – HBS added 30 people to its IT staff on term appointments to develop and implement its hybrid classroom solutions. Hires included instructional designers, support technicians, coordinators, and project managers.
    • Process – Only 25 students out of the full capacity of 95 could be in the classroom due to COVID-19 regulations. On-campus students rotated through the classroom seats. An app was created to post last-minute seat availability to keep the class full.
    • Technology – A Zoom room was created that combines three rooms to provide the full classroom experience: a view of the instructor, a clear view of each student that enlarges when they are speaking, and a view of the blackboard.

    Resources Applied

    Appetite for Technology

    CIOs and their direct supervisors both ranked internal collaboration tools as being a “critical need to adopt” in 2021, according to Info-Tech’s CEO-CIO Alignment Benchmark Report.

    Intent to Invest

    Ninety-seven percent of IT practitioners plan to invest in technology to facilitate better collaboration between employees in the office and outside the office by the end of 2022, according to Info-Tech’s 2022 Tech Trends survey.

    “We got so many nice compliments, which you don’t get in IT all the time. You get all the complaints, but it’s a rare case when people are enthusiastic about something that was delivered.” (Elizabeth Clark, CIO, Harvard Business School)

    Harvard Business School

    • IT staff were reassigned from other projects to prioritize building a hybrid classroom solution. A cloud migration and other portfolio projects were put on pause.
    • The annual capital A/V investment was doubled. The amount of spend on conference rooms was tripled.
    • Employees were hired to the media services team at a time when other areas of the organization were frozen.

    Outcomes at Harvard Business School

    The new normal at Harvard Business School

    New normal: HBS has found its new default operating model for the classroom and is extending its solution to its operating environment.

    Improved CX: The high-quality experience for students has helped avoid attrition despite the challenges of the pandemic.

    Engaged employees: The IT team is also engaged and feels connected to the mission of the school.

    Photo of a custom Zoom room bringing together multiple view of the classroom as well as all remote students.
    A custom Zoom room brings together multiple different views of the classroom into one single experience for remote students. (Image courtesy of Harvard Business School.)

    From Priorities to Action

    Make hybrid collaboration a joy

    Align with your organization’s goals for collaboration and customer interaction, with the target of high satisfaction for both customers and employees. Invest in capital projects to improve the fidelity of conference rooms, develop and test a new way of working, and increase IT capacity to alleviate pressure points.

    Foster both asynchronous and synchronous collaboration approaches to avoid calendars filling up with videoconference meetings to get things done and to accommodate workers contributing from across different time zones.

    “We’ll always have hybrid now. It’s opened people’s eyes and now we’re thinking about the future state. What new markets could we explore?” (Elizabeth Clark, CIO, Harvard Business School)

    Take the next step

    Run Better Meetings
    Hybrid, virtual, or in person – set meeting best practices that support your desired meeting norms.

    Prepare People Leaders for the Hybrid Work Environment
    Set hybrid work up for success by providing people leaders with the tools they need to lead within the new model.

    Hoteling and Hot-Desking: A Primer
    What you need to know regarding facilities, IT infrastructure, maintenance, security, and vendor solutions for desk hoteling and hot-desking.

    “Human Resources Management” gap between importance and effectiveness
    Info-Tech Research Group Management and Governance Diagnostic Benchmark 2021

    A bar chart illustrating the Human Resources Management gap between importance and effectiveness. The difference is marked as Delta 2.3.

    Improve your ransomware readiness

    Priority 02 | APO13 Security Strategy

    Mitigate the damage of successful ransomware intrusions and make recovery as painless as possible.

    The ransomware crisis threatens every organization

    Prevention alone won’t be enough against the forces behind ransomware.

    Cybersecurity is always top of mind for CIOs but tends to be deprioritized due to other demands related to digital transformation or due to cost pressures. That’s the case when we examine our data for this report.

    Cybersecurity ranked as the fourth-most important priority by CIOs in Info-Tech’s 2022 Tech Trends survey, behind business process improvement, digital transformation, and modernization. Popular ways to prepare for a successful attack include creating offline backups, purchasing insurance, and deploying new solutions to eradicate ransomware.

    CIOs and their direct supervisors ranked “Manage IT-Related Security” as the third-most important top IT priority on Info-Tech’s CEO-CIO Alignment Benchmark for 2021, in support of business goals to manage risk, comply with external regulation, and ensure service continuity.

    Most popular ways for organizations to prepare for the event of a successful ransomware attack:

    • 25% Created offline backups
    • 18% Purchased cyberinsurance
    • 19% New tech to eradicate ransomware

    Whatever priority an organization places on cybersecurity, when ransomware strikes, it quickly becomes a red alert scenario that disrupts normal operations and requires all hands on deck to respond. Sophisticated attacks executed at wide scale demonstrate that security can be bypassed without creating an alert. After that’s accomplished, the perpetrators build their leverage by exfiltrating data and encrypting critical systems.

    CIOs can plan to mitigate ransomware attacks in several constructive ways:

    • Business impact analysis. Determine the costs of an outage for specific periods and the system and data recovery points in time.
    • Engage a partner for 24/7 monitoring. Gain real-time awareness of your critical systems.
    • Review your identity access management (IAM) policies. Use of multi-factor authentication and limiting access to only the roles that need it reduces ransomware risk.

    50% of all organizations spent time and money specifically to prevent ransomware in the past year. (Info-Tech Tech Trends 2022 Survey)

    John Doe

    CIO, mid-sized manufacturing firm in the US

    "I want to create experiences that are sticky. That keep people coming back and engaging with their colleagues."

    Blank photo.

    Listen to the Tech Insights podcast:
    Close call with ransomware: a CIO recounts a near security nightmare

    Internal interpretation: US-based, mid-sized manufacturing firm

    • May 1, 2021
      A mid-sized manufacturing firm (“The Firm”) CIO gets a call from his head of security about odd things happening on the network. A call is made to Microsoft for support. Later that night, the report is that an unwanted crypto-mining application is the culprit. But a couple of hours later, that assessment is proven wrong when it’s realized that hundreds of systems are staged for a ransomware attack. All the attacker has to do is push the button.
    • May 2, 2021
      The Firm disconnects all its global sites to cut off new pathways for the malware to infect. All normal operations cease for 24 hours. It launches its cybersecurity insurance process. The CIO engages a new security vendor, CrowdStrike, to help respond. Employees begin working from home if they can so they can make use of their own internet service. The Firm has cut off its public internet connectivity and is severed from cloud services such as Azure storage and collaboration software.
    • May 4, 2021
      The hackers behind the attack are revealed by security forensics experts. A state-sponsored agency in Russia set up the ransomware and left it ready to execute. It sold the staged attack to a cybercriminal group, Doppel Spider. According to CrowdStrike, the group uses malware to run “big game hunting operations” and targets 18 different countries including the US and multiple industries, including manufacturing.
    • May 10, 2021
      The Firm has totally recovered from the ransomware incident and avoided any serious breach or paying a ransom. The CIO worked more hours than at any other point in his career, logging an estimated 130 hours over the two weeks.
    • November 2021
      The Firm never previously considered itself a ransomware target but has now reevaluated that stance. It has hired a service provider to run a security operations center on a 24/7 basis. It's implemented a more sophisticated detection and response model and implemented multi-factor authentication. It’s doubled its security spend in 2021 and will invest more in 2022.

    “Now we take the approach that if someone does get in, we're going to find them out.” (John Doe, CIO, “The Firm”)

    Implications: Organization, Process, Technology

    External

    • Organization – Organizations must consider how their employees play a role in preventing ransomware and plan for training to recognize phishing and other common traps. They must make plans for employees to continue their work if systems are disrupted by ransomware.
    • Process – Backup processes across multiple systems should be harmonized to have both recent and common points to recover from. Work with the understanding IT will have to take systems offline if ransomware is discovered and there is no time to ask for permission.
    • Technology – Organizations can benefit from security services provided by a forensics-focused vendor. Putting cybersecurity insurance in place not only provides financial protection but also guidance in what to do and which vendors to work with to prevent and recover from ransomware.

    Internal

    • Organization – The Firm was prepared with a business continuity plan to allow many of its employees to work remotely, which was necessary because the office network was incapacitated for ten days during recovery.
    • Process – Executives didn’t seek to assign blame for the security incident but took it as a signal there were some new costs involved to stay in business. It initiated new outsource relationships and hired one more full-time employee to shore up security resources.
    • Technology – New ransomware eradication software was deployed to 2,000 computers. Scripted processes automated much of the work, but in some cases full system rebuilds were required. Backup systems were disconnected from the network as soon as the malware was discovered.

    Resources Applied

    Consider the Alternative

    Organizations should consider how much a ransomware attack on critical systems would cost them if they were down for a minimum of 24-48 hours. Plan to invest an amount at least equal to the costs of that downtime.

    Ask for ID

    Implementing across-the-board multi-factor authentication reduces chances of infection and is cheap, with enterprise solutions ranging from $2 to $5 per user on average. Be strict and deny access when connections don’t authenticate.

    “You'll never stop everything from getting into the network. You can still focus on stopping the bad actors, but then if they do make it in, make sure they don't get far.” (John Doe, CIO, “The Firm”)

    “The Firm” (Mid-Sized Manufacturer)

    • During the crisis, The Firm paused all activities and focused solely on isolating and eliminating the ransomware threat.
    • New outsourcing relationship with a vendor provides a 24/7 Security Operations Center.
    • One more full-time employee on the security team.
    • Doubled investment in security in 2021 and will spend more in 2022.

    Outcomes at “The Firm” (Mid-Sized Manufacturer)

    The new cost of doing business

    Real-time security: While The Firm is still investing in prevention-based security, it is also developing its real-time detection and response capabilities. When ransomware makes it through the cracks, it wants to know as soon as possible and stop it.

    Leadership commitment: The C-suite is taking the experience as a wake-up call that more investment is required in today’s threat landscape. The Firm rates security more highly as an overall organizational goal, not just something for IT to worry about.

    Stock photo of someone using their phone while sitting at a computer, implying multi-factor authentication.
    The Firm now uses multi-factor authentication as part of its employee sign-on process. For employees, authenticating is commonly achieved by using a mobile app that receives a secret code from the issuer.

    From Priorities to Action

    Cybersecurity is everyone’s responsibility

    In Info-Tech’s CEO-CIO Alignment Benchmark for 2021, the business goal of “Manage Risk” was the single biggest point of disagreement between CIOs and their direct supervisors. CIOs rank it as the second-most important business goal, while CEOs rank it as sixth-most important.

    Organizations should align on managing risk as a top priority given the severity of the ransomware threat. The threat actors and nature of the attacks are such that top leadership must prepare for when ransomware hits. This includes halting operations quickly to contain damage, engaging third-party security forensics experts, and coordinating with government regulators.

    Cybersecurity strategies may be challenged to be effective without creating some friction for users. Organizations should look beyond multi-layer prevention strategies and lean toward quick detection and response, spending evenly across prevention, detection, and response solutions.

    Take the next step

    Create a Ransomware Incident Response Plan
    Don’t be the next headline. Determine your current readiness, response plan, and projects to close gaps.

    Simplify Identity and Access Management
    Select and implement IAM and produce vendor RFPs that will contain the capabilities you need, including multi-factor authentication.

    Cybersecurity Series Featuring Sandy Silk
    More from Info-Tech’s Senior Workshop Director Sandy Silk in this video series created while she was still at Harvard University.

    Gap between CIOs and CEOs in points allocated to “Manage risk” as a top business goal

    A bar chart illustrating the gap between CIOs and CEOs in points allocated to 'Manage risk' as a top business goal. The difference is marked as Delta 1.5.

    Support an employee-centric retention strategy

    Priority 03 | ITRG02 Leadership, Culture & Values

    Avoid being a victim of “The Great Resignation” by putting employees at the center of an experience that will engage them with clear career path development, purposeful work, and transparent feedback.

    Defining an employee-first culture that improves retention

    The Great resignation isn’t good for firms

    In 2021, many workers decided to leave their jobs. Working contexts were disrupted by the pandemic and that saw non-essential workers sent home to work, while essential workers were asked to continue to come into work despite the risks of COVID-19. These disruptions may have contributed to many workers reevaluating their professional goals and weighing their values differently. At the same time, 2021 saw a surging economy and many new job opportunities to create a talent-hungry market. Many workers could have been motivated to take a new opportunity to increase their salary or receive other benefits such as more flexibility.

    Annual turnover rate for all us employees on the rise

    • 20% – Jan.-Aug. 2020, Dipped from 22% in 2019
    • 25% Jan.-Aug. 2021, New record high
    • Data from Visier Inc.

    When you can’t pay them, develop them

    IT may be less affected than other departments by this trend. Info-Tech’s 2022 IT Talent Trends Report shows that on average, estimated turnover rate in IT is lower than the rest of the organization. Almost half of respondents estimated their organization’s voluntary turnover rate was 10% or higher. Only 30% of respondents estimate that IT’s voluntary turnover rate is in the same range. However, CIOs working in industries with the highest turnover rates will have to work to keep their workers engaged and satisfied, as IT skills are easily transferred to other industries.

    49% ranked “enabling learning & development within IT” as high priority, more than any other single challenge. (IT Talent Trends 2022 Survey, N=227)

    A bar chart of 'Industries with highest turnover rates (%)' with 'Leisure and Hospitality' at 6.4%, 'Trade, Transportation & Utilities' at 3.6%, 'Professional and Business' at 3.3%, and 'Other Services' at 3.1%. U.S. Bureau of Labor Statistics, 2022.

    Jeff Previte

    Executive Vice-President of IT, CrossCountry Mortgage

    “We have to get to know the individual at a personal level … Not just talking about the business, but getting to know the person."

    Photo of Jeff Previte, Executive Vice-President of IT, CrossCountry Mortgage.

    Listen to the Tech Insights podcast:
    How a financial services company dodged ‘The Great Resignation’

    Internal interpretation: CrossCountry Mortgage

    • May 2019
      Jeff Previte joins Cleveland, Ohio-based CrossCountry Mortgage in the CIO role. The company faces a challenge with employee turnover, particularly in IT. The firm is a sales-focused organization and saw its turnover rate reach as high as 60%. Yet Previte recognized that IT had some meaningful goals to achieve and would need to attract – and retain – some higher caliber talent. His first objective in his new role was to meet with IT employees and business leadership to set priorities.
    • July 2019
      Previte takes a “people-first” approach to leadership and meets his staff face-to-face to understand their personal situations. He sets to work on defining roles and responsibilities in the organization, spending about a fifth of his time on defining the strategy.
    • June 2020
      Previte assigned his leadership team to McLean & Company’s Design an Impactful Employee Development Program. From there, the team developed a Salesforce tool called the Career Development Workbook. “We had some very passionate developers and admins that wanted to build a home-grown tool,” he says. It turns McLean & Company’s process into a digital tool employees can use to reflect on their careers and explore their next steps. It helps facilitate development conversations with managers.
    • January 2021
      CrossCountry Mortgage changes its approach to career development activities. Going to external conferences and training courses is reduced to just 30% of that effort. The rest is by doing hands-on work at the company. Previte aligned with his executives and road-mapped IT projects annually. Based on employee’s interests, opportunities are found to carve out time from usual day-to-day activities to spend time on a project in a new area. When there’s a business need, someone internally can be ready to transition roles.
    • June 2021
      In the two years since joining the company, Previte has reduced the turnover rate to just 12%. The IT department has grown to more adequately meet the needs of the business and employees are engaged with more opportunities to develop their careers. Instead of focusing on compensation, Previte focused more on engaging employees with a developmentally dedicated environment and continuous hands-on learning.

    “It’s come down to a culture shift. Folks have an idea of where we’re headed as an organization, where we’re headed as an IT team, and how their role contributes to that.” (Jeff Previte, EVP of IT, CrossCountry Mortgage)

    Implications: Organization, Process, Technology

    External

    • Organization – A high priority is being placed on improving IT’s maturity through its talent. Enabling learning and development in IT, enabling departmental innovation, and recruiting are the top three highest priorities according to IT Talent Trends 2022 survey responses.
    • Process – Recruiting is more challenging for industries that operate primarily onsite, according to McLean & Company's 2022 HR Trends Report. They face more challenges attracting applications, more rejected offers, and more candidate ghosting compared to remote-capable industries.
    • Technology – Providing a great employee experience through digital tools is more important as many organizations see a mix of workers in the office and at home. These tools can help connect colleagues, foster professional development, and improve the candidate experience.

    Internal

    • Organization – CrossCountry Mortgage faced a situation where IT employees did not have clarity on their roles and responsibilities. In terms of salary, it wasn’t offering at the high end compared to other employers in Cleveland.
    • Process – To foster a culture of growth and development, CrossCountry Mortgage put in place a performance assessment system that encouraged reflection and goal setting, aided by collaboration with a manager.
    • Technology – The high turnover rate was limiting CrossCountry Mortgage from achieving the level of maturity it needed to support the company’s goals. It ingrained its new PA process with a custom build of a Salesforce tool.

    Resources Applied

    Show me the money

    Almost six in ten Talent Trends survey respondents identified salary and compensation as the reason that employees resigned in the past year. Organizations looking to engage employees must first pay a fair salary according to market and industry conditions.

    Build me up

    Professional development and opportunity for innovative work are the next two most common reasons for resignations. Organizations must ensure they create enough capacity to allow workers time to spend on development.

    “Building our own solution created an element of engagement. There was a sense of ownership that the team had in thinking through this.” (Jeff Previte, CrossCountry Mortgage)

    CrossCountry Mortgage

    • Executive time: CIO spends 10-20% of his time on activities related to designing the approach.
    • Leveraged memberships with Info-Tech Research Group and McLean & Company to define professional development process.
    • Internal IT develops automated workflow in Salesforce.
    • Hired additional IT staff to build out overall capacity and create time for development activities.

    Outcomes at CrossCountry Mortgage

    Engaged IT workforce

    The Great Maturation: IT staff turnover rate dropped to 10-12% and IT talent is developing on the job to improve the department’s overall skill level. More IT staff on hand and more engaged workers mean IT can deliver higher maturity level results.

    Alignment achieved: Connecting IT’s initiatives to the vision of the C-suite creates a clear purpose for IT in its initiatives. Staff understand what they need to achieve to progress their careers and can grow while they work.

    Photo of employees from CrossCountry Mortgage assisting with a distribution event.
    Employees from CrossCountry Mortgage headquarters assist with a drive-thru distribution event for the Cleveland Food Bank on Dec. 17, 2021. (Image courtesy of CrossCountry Mortgage.)

    From Priorities to Action

    Staff retention is a leadership priority

    The Great Resignation trend is bringing attention to employee engagement and staff retention. IT departments are busier than ever during the pandemic as they work overtime to keep up with a remote workforce and new security threats. At the same time, IT talent is among the most coveted on the market.

    CIOs need to develop a people-first approach to improve the employee experience. Beyond compensation, IT workers need clarity in terms of their career paths, a direct connection between their work and the goals of the organization, and time set aside for professional development.

    Info-Tech’s 2021 benchmark for “Leadership, Culture & Values” shows that most organizations rate this capability very highly (9) but see room to improve on their effectiveness (6.9).

    Take the next step

    IT Talent Trends 2022
    See how IT talent trends are shifting through the pandemic and understand how themes like The Great Resignation has impacted IT.

    McLean & Company’s Modernize Performance Management
    Customize the building blocks of performance management to best fit organizational needs to impact individual and organizational performance, productivity, and engagement.

    Redesign Your IT Organizational Structure
    Define future-state work units, roles, and responsibilities that will enable the IT organization to complete the work that needs to be done.

    “Leadership, Culture & Values” gap between importance and effectiveness
    Info-Tech Research Group Management and Governance Diagnostic Benchmark 2021

    A bar chart illustrating the 'Leadership, Culture & Values' gap between importance and effectiveness. The difference is marked as Delta 2.1.

    Design an automation platform

    Priority 04 | APO04 Innovation

    Position yourself to buy or build a platform that will enable new automation opportunities through seamless integration.

    Build it or buy it, but platform integration can yield great benefits

    Necessity is the mother of innovation

    When it’s said that digital transformation accelerated during the pandemic, what’s really meant is that processes that were formerly done manually became automated through software. In responses to the Tech Trends survey, CIOs say digital transformation was more of a focus during the pandemic, and eight in ten CIOs also say they shifted more than 20% of their organization’s processes to digital during the pandemic. Automating tasks through software can be called digitalization.

    Most organizations became more digitalized during the pandemic. But how they pursued it depends on their IT maturity. For digital laggards, partnering with a technology services platform is the path of least resistance. For sophisticated innovators, they can consider building a platform to address the specific needs of their business process. Doing so requires the foundation of an existing “digital factory” or innovation arm where new technologies can be tested, proofs of concept developed, and external partnerships formed. Patience is key with these efforts, as not every investment will yield immediate returns and some will fail outright.

    Build it or buy it, platform participants integrate with their existing systems through application programming interfaces (APIs). Organizations should determine their platform strategies based on maturity, then look to integrate the business processes that will yield the most gains.

    What role should you play in the platform ecosystem?

    A table with levels on the maturity ladder laid out as a sprint. Column headers are maturity levels 'Struggle', 'Support', 'Optimize', 'Expand', and 'Transform', row headers are 'Maturity' and 'Role'. Roles are assigned to one or many levels. 'Improve' is solely under Struggle. 'Integrate' spans from Support to Transform. 'Buy' spans Support to Expand. 'Build' begins midway through Expand and all of Transform. 'Partner' spans from Optimize to halfway through Transform.

    68% of CIOs say digital transformation became much more of a focus for their organization during the pandemic (Info-Tech Tech Trends 2022 Survey)

    Bob Crozier

    Chief Architect, Allianz Technology & Global Head of Blockchain, Allianz Technology SE

    "Smart contracts are really just workflows between counterparties."

    Photo of Bob Crozier, Chief Architect, Allianz Technology & Global Head of Blockchain, Allianz Technology SE.

    Listen to the Tech Insights podcast:
    How Allianz took a blockchain platform from pilot to 1 million transactions

    Internal interpretation: Allianz Technology

    • 2015
      After smart contracts are demonstrated on the Ethereum blockchain, Allianz and other insurers recognize the business value. There is potential to use the capability to administer a complex, multi-party contract where the presence of the reinsurer in the risk transfer ecosystem is required. Manual contracts could be turned into code and automated. Allianz organized an early proof of concept around a theoretical pandemic excessive loss contract.
    • 2018
      Allianz Chief Architect Bob Crozier is leading the Global Blockchain Center of Competence for Allianz. They educate Allianz on the value of blockchain for business. They also partner with a joint venture between the Technology University of Munich and the state of Bavaria. A cohort of Masters students is looking for real business problems to solve with open-source distributed ledger technology. Allianz puts its problem statement in front of the group. A student team presents a proof of concept for an international motor insurance claims settlement and it comes in second place at a pitch day competition.
    • 2019
      Allianz brings the concept back in-house, and its business leaders return to the concept. Startup Luther Systems is engaged to build a minimum-viable product for the solution, with the goal being a pilot involving three or four subsidiaries in different countries. The Blockchain Center begins communicating with 25 Allianz subsidiaries that will eventually deploy the platform.
    • 2020
      Allianz is in build mode on its international motor insurance claims platform. It leverages its internal Dev/SecOps teams based in Munich and in India.
    • May 2021
      Allianz goes live with its new platform on May 17, decommissioning its old system and migrating all live claims data onto the new blockchain platform. It sees 400 concurrent users go live across Europe.
    • January 2022
      Allianz mines its one-millionth block to its ledger on Jan. 19, with each block representing a peer-to-peer transaction across its 25 subsidiaries in different countries. The platform has settled hundreds of millions of dollars.

    Stock photo of two people arguing over a car crash.

    Implications: Organization, Process, Technology

    External

    • Organization – To explore emerging technologies like blockchain, organizations need staff that are accountable for innovation and have leeway to develop proofs of concept. External partners are often required to bring in fresh ideas and move quickly towards an MVP.
    • Process – According to the Tech Trends 2022 survey, 84% of CIOs consider automation a high-value digital capability, and 77% say identity verification is a high-value capability. A blockchain platform using smart contracts can deliver those.
    • Technology – The Linux Foundation’s Hyperledger Fabric is an open-source blockchain technology that’s become popular in the financial industry for its method of forming consensus and its modular architecture. It’s been adopted by USAA, MasterCard, and PayPal. It also underpins the IBM Blockchain Platform and is supported by Azure Blockchain.

    Internal

    • Organization – Allianz is a holding company that owns Allianz Technology and 25 operating entities across Europe. It uses the technology arm to innovate on the business process and creates shared platforms that its entities can integrate with to automate across the value chain.
    • Process – Initial interest in smart contracts on blockchain were funneled into a student competition, where a proof of concept was developed. Allianz partnered with a startup to develop an MVP, then developed the platform while aligning with its business units ahead of launch.
    • Technology – Allianz built its blockchain platform on Hyperledger Fabric because it was a permissioned system, unlike other public permissionless blockchains such as Ethereum, and because its mining mechanism was much more energy efficient compared to other blockchains using Proof of Work consensus models.

    Resources Applied

    Time to innovate

    Exploring emerging technology for potential use cases is difficult for staff tasked with running day-to-day operations. Organizations serious about innovation create a separate team that can focus on “moonshot” projects and connect with external partners.

    Long-term ROI

    Automation of new business processes often requires a high upfront initial investment for a long-term efficiency gain. A proof of concept should demonstrate clear business value that can be repeated often and for a long period.

    “My next project has to deliver in the tens of millions of value in return. The bar is high and that’s what it should be for a business of our size.” (Bob Crozier, Allianz)

    Allianz

    • Several operating entities from different countries supplied subject matter expertise and helped with the testing process.
    • Allianz Technology team has eight staff members. It is augmented by Luther Systems and the team at industry group B3i.
    • Funding of less than $5 million to develop. Dev team continues to add improvements.
    • Operating requires just one full-time employee plus infrastructure costs, mostly for public cloud hosting.

    Outcomes at Allianz

    From insurer to platform provider

    Deliver your own SaaS: Allianz Technology built its blockchain-based claims settlement platform and its subsidiaries consume it as software as a service. The platform runs on a distributed architecture across Europe, with each node running the same version of the software. Operating entities can also integrate their own systems to the platform via APIs and further automate business processes such as billing.

    Ready to scale: After processing one million transactions, the international claims settlement platform is proven and ready to add more participants. Crozier sees auto repair shops and auto manufacturers as the next logical users.

    Stock photo of Blockchain.
    Allianz is a shareholder of the Blockchain Insurance Industry Initiative (B3i). It is providing a platform used by a group of insurance companies in the commercial and reinsurance space.

    When should we use blockchain? THREE key criteria:

    • Redundant processes
      Different entities follow the same process to achieve the desired outcome.
    • Audit trail
      Accountability in the decision making must be documented.
    • Reconciliation
      Parties need to be able to resolve disputes by tracing back to the truth.

    From Priorities to Action

    It’s a build vs. buy question for platforms

    Allianz was able to build a platform for its group of European subsidiaries because of its established digital factory and commitment to innovation. Allianz Technology is at the “innovate” level of IT maturity, allowing it to create a platform that subsidiaries can integrate with via APIs. For firms that are lower on the IT maturity scale, buying a platform solution is the better path to automation. These firms will be concerned with integrating their legacy systems to platforms that can reduce the friction of their operating environments and introduce modern new capabilities.

    From Info-Tech’s Build a Winning Business Process Automation Playbook

    An infographic comparing pros and cons of Build versus Buy. On the 'Build: High Delivery Capacity & Capability' side is 'Custom Development', 'Data Integration', 'AI/ML', 'Configuration', 'Native Workflow', and 'Low & No Code'. On the 'Buy: Low Delivery Capacity & Capability' side is 'Outsource Development', 'iPaaS', 'Chatbots', 'iBPMS & Rules Engines', 'RPA', and 'Point Solutions'.

    Take the next step

    Accelerate Your Automation Processes
    Integrate automation solutions and take the first steps to building an automation suite.

    Build Effective Enterprise Integration on the Back of Business Process
    From the backend to the frontlines – let enterprise integration help your business processes fly.

    Evolve Your Business Through Innovation
    Innovation teams are tasked with the responsibility of ensuring that their organizations are in the best position to succeed while the world is in a period of turmoil, chaos, and uncertainty.

    “Innovation” gap between importance and effectiveness Info-Tech Research Group Management and Governance Diagnostic Benchmark 2021

    A bar chart illustrating the 'Innovation' gap between importance and effectiveness. The difference is marked as Delta 2.1.

    Prepare to report on new environmental, social, and governance (ESG) metrics

    Priority 05 | ITRG06 Business Intelligence and Reporting

    Be ready to either lead or support initiatives to meet the criteria of new ESG reporting mandates and work toward disclosure reporting solutions.

    Time to get serious about ESG

    What does CSR or ESG mean to a CIO?

    Humans are putting increasing pressure on the planet’s natural environment and creating catastrophic risks as a result. Efforts to mitigate these risks have been underway for the past 30 years, but in the decade ahead regulators are likely to impose more strict requirements that will be linked to the financial value of an organization. Various voluntary frameworks exist for reporting on environmental, social, and governance (ESG) or corporate social responsibility (CSR) metrics. But now there are efforts underway to unify and clarify those standards.

    The most advanced effort toward a global set of standards is in the environmental area. At the United Nations’ COP26 summit in Scotland last November, the International Sustainability Standards Board (ISSB) announced its headquarters (Frankfurt) and three other international office locations (Montreal, San Francisco, and London) and its roadmap for public consultations. It is working with an array of voluntary standards groups toward a consensus.

    In Info-Tech’s 2022 Tech Trends survey, two-thirds of CIOs say their organization is committed to reducing greenhouse gas emissions, yet only 40% say their organizational leadership is very concerned with reducing those emissions. CIOs will need to consider how to align organizational concern with internal commitments and new regulatory pressures. They may investigate new real-time reporting solutions that could serve as a competitive differentiator on ESG.

    Standards informing the ISSB’s global set of climate standards

    A row of logos of organizations that inform ISSB's global set of climate standards.

    67% of CIOs say their organization is committed to reducing greenhouse gases, with one-third saying that commitment is public. (Info-Tech Tech Trends 2022 Survey)

    40% of CIOs say their organizational leadership is very concerned with reducing greenhouse gas emissions.

    David W. Dorman

    Chairman of the board, CVS Health

    “ESG is a question of what you do in the microcosm of your company to make sure there is a clear, level playing field – that there is a color-blind, gender-blind meritocracy available – that you are aware that not in every case can you achieve that without really focusing on it. It’s not going to happen on its own. That’s why our commitments have real dollars behind them and real focus behind them because we want to be the very best at doing them.”

    Photo of David W. Dorman, Chairman of the Board, CVS Health.

    Listen to the Tech Insights podcast:
    CVS Health chairman David Dorman on healthcare's hybrid future

    Internal interpretation: CVS Health

    CVS Health established a new steering committee of senior leaders in 2020 to oversee ESG commitments. It designs its corporate social responsibility strategy, Transform Health 2030, by aligning company activities in four key areas: healthy people, healthy business, healthy planet, and healthy community. The strategy aligns with the United Nations’ Sustainable Development Goals. In alignment with these goals, CVS identifies material topics where the company has the most ability to make an impact. In 2020, its top three topics were:

    1. Access to quality health care
    2. Patient and customer safety
    3. Data protection and privacy
    Material Topic
    Access to quality health care
    Material Topic
    Patient and customer safety
    Material Topic
    Data protection and privacy
    Technology Initiative
    MinuteClinic’s Virtual Collaboration for Nurses

    CVS provided Apple iPads compliant with the Health Insurance Portability and Accountability Act (HIPAA) to clinics in a phased approach, providing training to more than 700 providers in 26 states by February 2021. Nurses could use the iPads to attend virtual morning huddles and access clinical education. Nurses could connect virtually with other healthcare experts to collaborate on delivering patient care in real-time. The project was able to scale across the country through a $50,000 American Nurses Credentialing Center Pathway Award. (Wolters Kluwer Health, Inc.)

    Technology Initiative
    MinuteClinic’s E-Clinic

    MinuteClinics launched this telehealth solution in response to the pandemic, rolling it out in three weeks. The solution complemented video visits delivered in partnership with the Teladoc platform. Visits cost $59 and are covered by Aetna insurance plans, a subsidiary of CVS Health. It hosted more than 20,000 E-Clinic visits through the end of 2020. CVS connected its HealthHUBs to the solution to increase capacity in place of walk-in appointments and managed patients via phone for medication adherence and care plans. CVS also helped behavioral health providers transition patients to virtual visits. (CVS Health)

    Technology Initiative
    Next Generation Authentication Platform

    CVS patented this solution to authenticate customers accessing digital channels. It makes use of the available biometrics data and contextual information to validate identity without the need for a password. CVS planned to extend the platform to voice channels as well, using voiceprint technology. The solution prevents unauthorized access to sensitive health data while providing seamless access for customers. (LinkedIn)

    Implications: Organization, Process, Technology

    External

    • Organization – Since the mid-2010s, younger investors have demonstrated reliance on ESG data when making investment decisions, resulting in the creation of voluntary standards that offered varied approaches. Organizations in ESG exchange-traded funds are outperforming the overall S&P 500 (S&P Global Market Intelligence).
    • Process – Organizations are issuing ESG reports today despite the absence of clear rules to follow for reporting results. With regulators expected to step in to establish more rigid guidelines, many organizations will need to revisit their approach to ESG reports.
    • Technology – Real-time reporting of ESG metrics will become a competitive advantage before 2030. Engineering a solution that can alert organizations to poor performance on ESG measures and allow them to respond could avert losing market value.

    Internal

    • Organization – CVS Health established an ESG Steering Committee in 2020 composed of senior leaders including its chief governance officers, chief sustainability officer, chief risk officer, and controller and SVP of investor relations. It is supported by the ESG Operating Committee.
    • Process – CVS conducts a materiality assessment in accordance with Global Reporting Initiative standards to determine the most significant ESG impacts it can make and what topics most influence the decisions of stakeholders. It engages with various stakeholder groups on CSR topics.
    • Technology – CVS technology initiatives during the pandemic focused on supporting patients and employees in collaborating on health care delivery using virtual solutions, providing rich digital experiences that are easily accessible while upholding high security and privacy standards.

    Resources Applied

    Lack of commitment

    While 83% of businesses state support for the Sustainable Development Goals outlined by the Global Reporting Initiative (GRI), only 40% make measurable commitments to their goals.

    Show your work

    The GRI recommends organizations not only align their activities with sustainable development goals but also demonstrate contributions to specific targets in reporting on the positive actions they carry out. (GRI, “State of Progress: Business Contributions to the SDGS.”)

    “We end up with a longstanding commitment to diversity because that’s what our customer base looks like.” (David Dorman, CVS Health)

    CVS Health

    • The MinuteClinic Virtual Collaboration solution was piloted in Houston, demonstrated success, and won additional $50,000 funding from the Pathway to Excellence Award to scale the program across the country (Wolters Kluwer Health, Inc.).
    • The Next-Gen Authentication solution is provided by the vendor HYPR. It is deployed to ten million users and looking to scale to 30 million more. Pricing for enterprises is quoted at $1 per user, but volume pricing would apply to CVS (HYPR).

    Outcomes at CVS Health

    Delivering on hybrid healthcare solutions

    iPads for collaboration: Healthcare practitioners in the MinuteClinic Virtual Collaboration initiative agreed that it improved the use of interprofessional teams, working well virtually with others, and improved access to professional resources (Wolters Kluwer Health, Inc.)

    Remote healthcare: Saw a 400% increase in MinuteClinic virtual visits in 2020 (CVS Health).

    Verified ID: The Next Generation Authentication platform allowed customers to register for a COVID-19 vaccination appointment. CVS has delivered more than 50 million vaccines (LinkedIn).

    Stock photo of a doctor with an iPad.
    CVS Health is making use of digital channels to connect its customers and health practitioners to a services platform that can supplement visits to a retail or clinic location to receive diagnostics and first-hand care.

    From Priorities to Action

    Become your organization’s ESG Expert

    The risks posed to organizations and wider society are becoming more severe, driving a transition from voluntary frameworks for ESG goals to a mandatory one that’s enforced by investors and governments. Organizations will be expected to tie their core activities to a defined set of ESG goals and maintain a balance sheet of their positive and negative impacts. CIOs should become experts in ESG disclosure requirements and recommend the steps needed to meet or exceed competitors’ efforts. If a leadership vacuum for ESG accountability exists, CIOs can either seek to support their peers that are likely to become accountable or take a leadership role in overseeing the area. CIOs should start working toward solutions that deliver real-time reporting on ESG goals to make reporting frictionless.

    “If you don’t have ESG oversight at the highest levels of the company, it won’t wind up getting the focus. That’s why we review it at the Board multiple times per year. We have an annual report, we compare how we did, what we intended to do, where did we fall short, where did we exceed, and where we can run for daylight to do more.” (David Dorman, CVS Health)

    Take the next step

    ESG Disclosures: How Will We Record Status Updates on the World We Are Creating?
    Prepare for the era of mandated environmental, social, and governance disclosures.

    Private Equity and Venture Capital Growing Impact of ESG Report
    Learn about how the growing impact of ESG affects both your organization and IT specifically, including challenges and opportunities, with expert assistance.

    “Business Intelligence and Reporting” gap between importance and effectiveness
    Info-Tech Research Group Management and Governance Diagnostic Benchmark 2021

    A bar chart illustrating the 'BI and Reporting' gap between importance and effectiveness. The difference is marked as Delta 2.4.

    The Five Priorities

    Priorities to compete in the digital economy

    1. Reduce Friction in the Hybrid Operating Model
    2. Improve Your Ransomware Readiness
    3. Support an Employee-Centric Retention Strategy
    4. Design an Automation Platform
    5. Prepare to Report on New Environmental, Social, and Governance Metrics

    Contributing Experts

    Elizabeth Clark

    CIO, Harvard Business School
    Photo of Elizabeth Clark, CIO, Harvard Business School.

    Jeff Previte

    Executive Vice-President of IT, CrossCountry Mortgage
    Photo of Jeff Previte, Executive Vice-President of IT, CrossCountry Mortgage.

    Bob Crozier

    Chief Architect, Allianz Technology & Global Head of Blockchain, Allianz Technology SE
    Photo of Bob Crozier, Chief Architect, Allianz Technology & Global Head of Blockchain, Allianz Technology SE.

    David W. Dorman

    Chairman of the Board, CVS Health
    Photo of David W. Dorman, Chairman of the Board, CVS Health.

    Info-Tech’s internal CIO panel contributors

    • Bryan Tutor
    • John Kemp
    • Mike Schembri
    • Janice Clatterbuck
    • Sandy Silk
    • Sallie Wright
    • David Wallace
    • Ken McGee
    • Mike Tweedie
    • Cole Cioran
    • Kevin Tucker
    • Angelina Atkins
    • Yakov Kofner
    Photo of an internal CIO panel contributor. Photo of an internal CIO panel contributor.Photo of an internal CIO panel contributor.
    Photo of an internal CIO panel contributor.Photo of an internal CIO panel contributor.Photo of an internal CIO panel contributor.Photo of an internal CIO panel contributor.
    Photo of an internal CIO panel contributor.Photo of an internal CIO panel contributor.Photo of an internal CIO panel contributor.

    Thank you for your support

    Logo for the Blockchain Research Institute.
    Blockchain Research Institute

    Bibliography – CIO Priorities 2022

    “2020 Corporate Social Responsibility Report.” CVS Health, 2020, p. 127. Web.

    “Adversary: Doppel Spider - Threat Actor.” Crowdstrike Adversary Universe, 2021. Accessed 29 Dec. 2021.

    “Aetna CVS Health Success Story.” HYPR, n.d. Accessed 6 Feb. 2022.

    Baig, Aamer. “The CIO agenda for the next 12 months: Six make-or-break priorities.” McKinsey Digital, 1 Nov. 2021. Web.

    Ball, Sarah, Kristene Diggins, Nairobi Martindale, Angela Patterson, Anne M. Pohnert, Jacinta Thomas, Tammy Todd, and Melissa Bates. “2020 ANCC Pathway Award® winner.” Wolters Kluwer Health, Inc., 2021. Accessed 6 Feb. 2022.

    “Canadian Universities Propose Designs for a Central Bank Digital Currency.” Bank of Canada, 11 Feb. 2021. Accessed 14 Dec. 2021.

    “Carbon Sequestration in Wetlands.” MN Board of Water and Soil Resources, n.d. Accessed 15 Nov. 2021.

    “CCM Honored as a NorthCoast 99 Award Winner.” CrossCountry Mortgage, 1 Dec. 2021. Web.

    Cheek, Catherine. “Four Things We Learned About the Resignation Wave–and What to Do Next.” Visier Inc. (blog), 5 Oct. 2021. Web.

    “Companies Using Hyperledger Fabric, Market Share, Customers and Competitors.” HG Insights, 2022. Accessed 25 Jan. 2022.

    “IFRS Foundation Announces International Sustainability Standards Board, Consolidation with CDSB and VRF, and Publication of Prototype Disclosure Requirements.” IFRS, 3 Nov. 2021. Web.

    “IT Priorities for 2022: A CIO Report.” Mindsight, 28 Oct. 2021. Web.

    “Job Openings and Labor Turnover Survey.” Databases, Tables & Calculators by Subject, U.S. Bureau of Labor Statistics, 2022. Accessed 9 Feb. 2022.

    Kumar, Rashmi, and Michael Krigsman. “CIO Planning and Investment Strategy 2022.” CXOTalk, 13 Sept. 2021. Web.

    Leonhardt, Megan. “The Great Resignation Is Hitting These Industries Hardest.” Fortune, 16 Nov. 2021. Accessed 7 Jan. 2022.

    “Most companies align with SDGs – but more to do on assessing progress.” Global Reporting Initiative (GRI), 17 Jan. 2022. Web.

    Navagamuwa, Roshan. “Beyond Passwords: Enhancing Data Protection and Consumer Experience.” LinkedIn, 15 Dec. 2020.

    Ojo, Oluwaseyi. “Achieving Digital Business Transformation Using COBIT 2019.” ISACA, 19 Aug. 2019. Web.

    “Priority.” Lexico.com, Oxford University Press, 2021. Web.

    Riebold, Jan, and Yannick Bartens. “Reinventing the Digital IT Operating Model for the ‘New Normal.’” Capgemini Worldwide, 3 Nov. 2020. Web.

    Samuels, Mark. “The CIO’s next priority: Using the tech budget for growth.” ZDNet, 1 Sept. 2021. Accessed 1 Nov. 2021.

    Sayer, Peter. “Exclusive Survey: CIOs Outline Tech Priorities for 2021-22.” CIO, 5 Oct. 2021. Web.

    Shacklett, Mary E. “Where IT Leaders Are Likely to Spend Budget in 2022.” InformationWeek, 10 Aug. 2021. Web.

    “Table 4. Quits Levels and Rates by Industry and Region, Seasonally Adjusted - 2021 M11 Results.” U.S. Bureau of Labor Statistics, Economic News Release, 1 Jan. 2022. Accessed 7 Jan. 2022.

    “Technology Priorities CIOs Must Address in 2022.” Gartner, 19 Oct. 2021. Accessed 1 Nov. 2021.

    Thomson, Joel. Technology, Talent, and the Future Workplace: Canadian CIO Outlook 2021. The Conference Board of Canada, 7 Dec. 2021. Web.

    “Trend.” Lexico.com, Oxford University Press, 2021. Web.

    Vellante, Dave. “CIOs signal hybrid work will power tech spending through 2022.” SiliconANGLE, 25 Sept. 2021. Web.

    Whieldon, Esther, and Robert Clark. “ESG funds beat out S&P 500 in 1st year of COVID-19; how 1 fund shot to the top.” S&P Global Market Intelligence, April 2021. Accessed Dec. 2021.

    In Case Of Emergency...

    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    1. Get people to safety efficiently by following the floor warden's information and get out if needed
      If there are no floor wardens, YOU take the initiative and alert people. Vacate the premises if you suspect danger.
      Err on the side of caution. Nobody ever got fired over keeping people safe.
    2. Get people to safety (yes! double check this)
    3. Check what is happening
    4. Stop the bleeding
    5. Check what you broke while stopping the bleeding
    6. Check if you need to go into DR mode
    7. Go into DR mode if that is the fastest way to restore the service
    8. Only now start to look deeper

    Notice what is missing in this list?

    • WHY did this happen?
    • WHO did what

    During the first reactions to an event, stick to the facts of what is happening and the symptoms. If the symptoms are bad, attend to people first, no matter the financial losses occurring.
    Remember that financial losses are typically insured. Human life is not. Only loss of income and ability to pay is insured! Not the person's life.

    The WHY, HOW, WHO and other root cause questions are asked in the aftermath of the incident and after you have stabilized the situation.
    In ITIL terms, those are Problem Management and Root Cause Analysis stage questions.

     

     

     

    Management, incident, reaction, emergency

    Master the Art of Stakeholder Management in Small Enterprise Environments

    • Buy Link or Shortcode: {j2store}572|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Stakeholder Management
    • Parent Category Link: /stakeholder-management
    • IT hasn’t taken into account critical stakeholders and their concerns and preferences as they plan projects or operate on daily business.
    • It is difficult to tailor communication and messaging to all of the different personal and professional styles and motivations of stakeholders.
    • Access to stakeholders and getting an accurate understanding of their needs and concerns regarding IT can be difficult to obtain.

    Our Advice

    Critical Insight

    • Small enterprises have an advantage in stakeholder management. Less people and fewer barriers create opportunities for more productive interactions and stronger relationships.
    • The guiding principles for effective stakeholder management are common concepts, but unfortunately not common practice.
    • By stepping back and taking the time to thoughtfully consider the dynamics and needs of important IT stakeholders, you will be better able to position yourself and your department.

    Impact and Result

    • Info-Tech’s guiding principles provide clear and feasible recommendations for how to incorporate stakeholder management into daily interactions.
    • This blueprint’s guidance will enable IT leaders to tailor communication and interactions that will enable them to build stronger and more meaningful relationships with stakeholders.
    • Following this approach and its guiding principles will make IT projects be more successful by reducing their risk of failure due to issues of buy-in, misunderstanding of priorities, or a lack of support from critical stakeholders.

    Master the Art of Stakeholder Management in Small Enterprise Environments Research & Tools

    Executive Overview

    Use Info-Tech’s approach to stakeholder management to guide you in building stronger and more beneficial relationships, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Master the Art of Stakeholder Management in Small Enterprise Environments Storyboard
    • None
    • None

    1. Identify stakeholders

    Determine the stakeholders for an IT department of a singular initiative.

    • Stakeholder Management Analysis Tool

    2. Analyze stakeholders

    Use the guidance of this section to analyze stakeholders on both a professional and personal level.

    3. Manage stakeholders

    Use Info-Tech’s guiding principles of stakeholder management to direct how to best engage key stakeholders.

    4. Review case studies

    Use real-life experiences from Info-Tech’s analysts to understand how to use and apply stakeholder management techniques.

    [infographic]

    Change Management

    • Buy Link or Shortcode: {j2store}3|cart{/j2store}
    • Related Products: {j2store}3|crosssells{/j2store}
    • Up-Sell: {j2store}3|upsells{/j2store}
    • Download01-Title: Change Management Executive Brief
    • Download-01: Visit Link
    • member rating overall impact (scale of 10): 9.6/10
    • member rating average dollars saved: $35,031
    • member rating average days saved: 34
    • Parent Category Name: Infra and Operations
    • Parent Category Link: /infra-and-operations
    Every company needs some change management. Both business and IT teams benefit from knowing what changes when.

    incident, problem, problemchange

    Incident Management for Small Enterprise

    • Buy Link or Shortcode: {j2store}482|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $6,531 Average $ Saved
    • member rating average days saved: 3 Average Days Saved
    • Parent Category Name: Incident & Problem Management
    • Parent Category Link: /incident-and-problem-management
    • Technical debt and disparate systems are big constraints for most small enterprise (SE) organizations. What may have worked years ago is no longer fit for purpose or the business is growing faster than the current tools in place can handle.
    • Super specialization of knowledge is also a common factor in smaller teams caused by complex architectures. While helpful, if that knowledge isn’t documented it can walk out the door with the resource and the rest of the team is left scrambling.
    • Lessons learned may be gathered for critical incidents but often are not propagated, which impacts the ability to solve recurring incidents.
    • Over time, repeated incidents can have a negative impact on the customer’s perception that the service desk is a credible and essential service to the business.

    Our Advice

    Critical Insight

    • Go beyond the blind adoption of best-practice frameworks. No simple formula exists for improving incident management maturity. Identify the challenges in your incident lifecycle and draw on best-practice frameworks pragmatically to build a structured response to those challenges.
    • Track, analyze, and review results of incident response regularly. Without a comprehensive understanding of incident trends and patterns you can be susceptible to recurring incidents that increase in damage over time. Make the case for problem management, and successfully reduce the volume of unplanned work by scheduling it into regular IT activity.
    • Recurring incidents will happen; use runbooks for a consistent response each time. Save your organization response time and confusion by developing your own specific incident use cases. Incident response should follow a standard process, but each incident will have its own escalation process or call tree that identifies key participants.

    Impact and Result

    • Effective and efficient management of incidents involves a formal process of identifying, classifying, categorizing, responding, resolving, and closing of each incident. The key for smaller organizations, where technology or resources is a constraint, is to make the best practices usable for your unique environment.
    • Develop a plan that aligns with your organizational needs, and adapt best practices into light, sustainable processes, with the goal to improve time to resolve, cost to serve, and ultimately, end-user satisfaction.
    • Successful implementation of incident management will elevate the maturity of the service desk to a controlled state, preparing you for becoming proactive with problem management.

    Incident Management for Small Enterprise Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should implement incident management, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify and log incidents

    This phase will provide an overview of the incident lifecycle and an activity on how to classify the various types of incidents in your environment.

    • Service Desk Standard Operating Procedure
    • Incident Management Workflow Library (Visio)
    • Incident Management Workflow Library (PDF)

    2. Prioritize and define SLAs

    This phase will help you develop a categorization scheme for incident handling that ensures success and keeps it simple. It will also help you identify the most important runbooks necessary to create first.

    • Service Desk Ticket Categorization Schemes
    • IT Incident Runbook Prioritization Tool
    • IT Incident Management Runbook Blank Template

    3. Respond, recover, and close incidents

    This phase will help you identify how to use a knowledgebase to resolve incidents quicker. Identify what needs to be answered during a post-incident review and identify the criteria needed to invoke problem management.

    • Knowledgebase Article Template
    • Root-Cause Analysis Template
    • Post-Incident Review Questions Tracking Tool
    [infographic]

    Workshop: Incident Management for Small Enterprise

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess the Current State

    The Purpose

    Assess the current state of the incident management lifecycle within the organization.

    Key Benefits Achieved

    Understand the incident lifecycle and how to classify them in your environment.

    Identify the roles and responsibilities of the incident response team.

    Document the incident workflows to identify areas of opportunities.

    Activities

    1.1 Outline your incident lifecycle challenges.

    1.2 Identify and classify incidents.

    1.3 Identify roles and responsibilities for incident handling.

    1.4 Design normal and critical incident workflows for target state.

    Outputs

    List of incident challenges for each phase of the incident lifecycle

    Incident classification scheme mapped to resolution team

    RACI chart

    Incident Workflow Library

    2 Define the Target State

    The Purpose

    Design or improve upon current incident and ticket categorization schemes, priority, and impact.

    Key Benefits Achieved

    List of the most important runbooks necessary to create first and a usable template to go forward with

    Activities

    2.1 Improve incident categorization scheme.

    2.2 Prioritize and define SLAs.

    2.3 Understand the purpose of runbooks and prioritize development.

    2.4 Develop a runbook template.

    Outputs

    Revised ticket categorization scheme

    Prioritization matrix based on impact and urgency

    IT Incident Runbook Prioritization Tool

    Top priority incident runbook

    3 Bridge the Gap

    The Purpose

    Respond, recover, and close incidents with root-cause analysis, knowledgebase, and incident runbooks.

    Key Benefits Achieved

    This module will help you to identify how to use a knowledgebase to resolve quicker.

    Identify what needs to be answered during a post-incident review.

    Identify criteria to invoke problem management.

    Activities

    3.1 Build a targeted knowledgebase.

    3.2 Build a post-incident review process.

    3.3 Identify metrics to track success.

    3.4 Build an incident matching process.

    Outputs

    Working knowledgebase template

    Root-cause analysis template and post-incident review checklist

    List of metrics

    Develop criteria for problem management

    Cost Optimization

    • Buy Link or Shortcode: {j2store}14|cart{/j2store}
    • Related Products: {j2store}14|crosssells{/j2store}
    • Up-Sell: {j2store}14|upsells{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Financial Management
    • Parent Category Link: /financial-management
    Minimize the damage of IT cost cuts

    2021 CIO Priorities Report

    • Buy Link or Shortcode: {j2store}83|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: IT Strategy
    • Parent Category Link: /it-strategy
    • It is a new year, but the challenges of 2020 remain: COVID-19 infection rates continue to climb, governments continue to enforce lockdown measures, we continue to find ourselves in the worst economic crisis since the Great Depression, and civil unrest grows in many democratic societies.
    • At the start of 2020, no business leader predicted the disruption that was to come. This left IT in a reactive but critical role as the health crisis hit. It was core to delivering the organization’s products and services, as it drove the radical shift to work-from-home.
    • For the year ahead, IT will continue to serve a critical function in uncertain times. However, unlike last year, CIOs can better prepare for 2021. That said, in the face of the uncertainty and volatility of the year ahead, what they need to prepare for is still largely undefined.
    • But despite the lack of confidence on knowing specifically what is to come, most business leaders will admit they need to get ready for it. This year’s priority report will help.

    Our Advice

    Critical Insight

    • “Resilience” is the theme for this year’s CIO Priorities Report. In this context, resilience is about building up the capacity and the capabilities to effectively respond to emergent and unforeseen needs.
    • Early in 2021 is a good time to develop resilience in several different areas. As we explore in this year’s Report, CIOs can best facilitate enterprise resilience through strategic financial planning, proactive risk management, effective organizational change management and capacity planning, as well as through remaining tuned into emergent technologies to capitalize on innovations to help weather the uncertainty of the year ahead.

    Impact and Result

    • Use Info-Tech’s 2021 CIO Priorities Report to prepare for the uncertainty of the year ahead. Across our five priorities we provide five avenues through which CIOs can demonstrate resilient planning, enabling the organization as a whole to better confront what’s coming in 2021.
    • Each of our priorities is backed up by a “call to action” that will help CIOs start to immediately implement the right drivers of resilience for their organization.
    • By building up resilience across our five key areas, CIOs will not only be able to better prepare for the year to come, but also strengthen business relations and staff morale in difficult times.

    2021 CIO Priorities Report Research & Tools

    Read the 2021 CIO Priorities Report

    Use Info-Tech’s 2021 CIO Priorities Report to prepare for the uncertainty of the year ahead. Across our five priorities we provide five avenues through which CIOs can demonstrate resilient planning, enabling the organization as a whole to better confront what’s coming in 2021.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Create an appropriate budget reserve

    Identifying and planning sources of financial contingency will help ensure CIOs can meet unforeseen and emergent operational and business needs throughout the year.

    • 2021 CIO Priorities Report: Priority 1 – Create an Appropriate Budget Reserve

    2. Refocus IT risk planning

    The start of 2021 is a time to refocus and redouble IT risk management and business continuity planning to bring it up to the standards of our “new normal.” Indeed, if last year taught us anything, it’s that no “black swan” should be off the table in terms of scenarios or possibilities for business disruption.

    • 2021 CIO Priorities Report: Priority 2 – Refocus IT Risk Planning

    3. Strengthen organizational change management capabilities

    At its heart, resilience is having the capacity to deal with unexpected change. Organizational change management can help build up this capacity, providing the ability to strategically plot known changes while leaving some capacity to absorb the unknowns as they present themselves.

    • 2021 CIO Priorities Report: Priority 3 – Strengthen Organizational Change Management Capabilities

    4. Establish capacity awareness

    Capacity awareness facilitates resilience by providing capital in the form of resource data. With this data, CIOs can make better decisions on what can be approved and when it can be scheduled for.

    • 2021 CIO Priorities Report: Priority 4 – Establish Capacity Awareness

    5. Keep emerging technologies in view

    Having an up-to-date view of emerging technologies will enable the resilient CIO to capitalize on and deploy leading-edge innovations as the business requires.

    • 2021 CIO Priorities Report: Priority 5 – Keep Emerging Technologies in View
    [infographic]

    Build an Application Department Strategy

    • Buy Link or Shortcode: {j2store}180|cart{/j2store}
    • member rating overall impact (scale of 10): 9.2/10 Overall Impact
    • member rating average dollars saved: $220,866 Average $ Saved
    • member rating average days saved: 34 Average Days Saved
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • Application delivery has modernized. There are increasing expectations on departments to deliver on organizational and product objectives with increasing velocity.
    • Application departments produce many diverse, divergent products, applications, and services with expectations of frequent updates and changes based on rapidly changing landscapes

    Our Advice

    Critical Insight

    • There is no such thing as a universal “applications department.” Unlike other domains of IT, there are no widely accepted frameworks that clearly outline universal best practices of application delivery and management.
    • Different software needs and delivery orientations demand a tailored structure and set of processes, especially when managing a mixed portfolio or multiple delivery methods.

    Impact and Result

    Understand what your department’s purpose is through articulating its strategy in three steps:

    • Determining your application department’s values, principles, and orientation.
    • Laying out the goals, objectives, metrics, and priorities of the department.
    • Building a communication plan to communicate your overall department strategy.

    Build an Application Department Strategy Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build an application department strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Take stock of who you are

    Consider and record your department’s values, principles, orientation, and capabilities.

    • Build an Application Department Strategy – Phase 1: Take Stock of Who You Are
    • Application Department Strategy Supporting Workbook

    2. Articulate your strategy

    Define your department’s strategy through your understanding of your department combined with everything that you do and are working to do.

    • Build an Application Department Strategy – Phase 2: Articulate Your Strategy
    • Application Department Strategy Template

    3. Communicate your strategy

    Communicate your department’s strategy to your key stakeholders.

    • Build an Application Department Strategy – Phase 3: Communicate Your Strategy

    Infographic

    Workshop: Build an Application Department Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Take Stock of Who You Are

    The Purpose

    Understand what makes up your application department beyond the applications and services provided.

    Key Benefits Achieved

    Articulating your guiding principles, values, capabilities, and orientation provides a foundation for expressing your department strategy.

    Activities

    1.1 Identify your team’s values and guiding principles.

    1.2 Define your department’s orientation.

    Outputs

    A summary of your department’s values and guiding principles

    A clear view of your department’s orientation and supporting capabilities

    2 Articulate Your Strategy

    The Purpose

    Lay out all the details that make up your application department strategy.

    Key Benefits Achieved

    A completed application department strategy canvas containing everything you need to communicate your strategy.

    Activities

    2.1 Write your application department vision statement.

    2.2 Define your application department goals and metrics.

    2.3 Specify your department capabilities and orientation.

    2.4 Prioritize what is most important to your department.

    Outputs

    Your department vision

    Your department’s goals and metrics that contribute to achieving your department’s vision

    Your department’s capabilities and orientation

    A prioritized roadmap for your department

    3 Communicate Your Strategy

    The Purpose

    Lay out your strategy’s communication plan.

    Key Benefits Achieved

    Your application department strategy presentation ready to be presented to your stakeholders.

    Activities

    3.1 Identify your stakeholders.

    3.2 Develop a communication plan.

    3.3 Wrap-up and next steps

    Outputs

    List of prioritized stakeholders you want to communicate with

    A plan for what to communicate to each stakeholder

    Communication is only the first step – what comes next?

    Corporate security consultancy

    Corporate security consultancy

    Based on experience
    Implementable advice
    human-based and people-oriented

    Engage our corporate security consultancy firm to discover any weaknesses within your company’s security management. Tymans Group has extensive expertise in helping small and medium businesses set up clear security protocols to safeguard their data and IT infrastructure. Read on to discover how our consulting firm can help improve corporate security within your company.

    Why should you hire a corporate security consultancy company?

    These days, corporate security includes much more than just regulating access to your physical location, be it an office or a store. Corporate security increasingly deals in information and data security, as well as general corporate governance and responsibility. Proper security protocols not only protect your business from harm, but also play an important factor in your overall success. As such, corporate security is all about setting up practical and effective strategies to protect your company from harm, regardless of whether the threat comes from within or outside. As such, hiring a security consulting firm to improve corporate security and security management within your company is not an unnecessary luxury, but a must.

    Security and risk management

    Our security and risk services

    Security strategy

    Security Strategy

    Embed security thinking through aligning your security strategy to business goals and values

    Read more

    Disaster Recovery Planning

    Disaster Recovery Planning

    Create a disaster recovey plan that is right for your company

    Read more

    Risk Management

    Risk Management

    Build your right-sized IT Risk Management Program

    Read more

    Check out all our services

    Improve your corporate security with help from our consulting company

    As a consultancy firm, Tymans Group can help your business to identify possible threats and help set up strategies to avoid them. However, as not all threats can be avoided, our corporate security consultancy firm also helps you set up protocols to mitigate and manage them, as well as help you develop effective incident management protocols. All solutions are practical, people-oriented and based on our extensive experience and thus have proven effectiveness.

    Hire our experienced consultancy firm

    Engage the services of our consulting company to improve corporate security within your small or medium business. Contact us to set up an appointment on-site or book a one-hour talk with expert Gert Taeymans to discuss any security issues you may be facing. We are happy to offer you a custom solution.

    Continue reading

    The Essential COVID-19 Childcare Policy for Every Organization, Yesterday

    • Buy Link or Shortcode: {j2store}598|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Manage & Coach
    • Parent Category Link: /manage-coach
    • Helping employees navigate personal and business responsibilities to find solutions that ensure both are taken care of.
    • Reducing potential disruption to business operations through employee absenteeism due to increased care-provider responsibilities.

    Our Advice

    Critical Insight

    • Remote work is complicated by children at home with school closures. Implement alternative temporary work arrangements that allow and support employees to balance work and personal obligations.
    • Adjustments to work arrangements and pay may be necessary. Temporary work arrangements while caring for dependents over a longer-term pandemic may require adjustments to the duties carried out, number of hours worked, and adjustments to employee pay.
    • Managing remotely is more than staying in touch by phone. As a leader you will need to provide clear options that provide solutions to your employees to avoid them getting overwhelmed while taking care of the business to ensure there is a business long term.

    Impact and Result

    • Develop a policy that provides parameters around mutually agreed adjustments to performance levels while balancing dependent care with work during a pandemic.
    • Take care of the business through clear guidelines on compensation while taking care of the health and wellness of your people.
    • Develop detailed work-from-home plans that lessen disruption to your work while taking care of children or aged parents.

    The Essential COVID-19 Childcare Policy for Every Organization, Yesterday Research & Tools

    Start here. Read The Essential COVID-19 Childcare Policy for Every Organization, Yesterday

    Read our recommendations and follow the steps to develop a policy that will help your employees work productively while managing care-provider responsibilities at home.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • The Essential COVID-19 Childcare Policy for Every Organization, Yesterday Storyboard
    • Pandemic Dependent Care Policy
    • COVID-19 Dependent Care Policy Manager Action Toolkit
    • COVID-19 Dependent Care Policy Employee Guide
    • Dependent-Flextime Agreement Template
    • Workforce Planning Tool
    • Nine Ways to Support Working Caregivers Today
    • Employee Resource Group (ERG) Charter Template
    [infographic]

    Define Your Cloud Vision

    • Buy Link or Shortcode: {j2store}448|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $182,333 Average $ Saved
    • member rating average days saved: 28 Average Days Saved
    • Parent Category Name: Cloud Strategy
    • Parent Category Link: /cloud-strategy

    The cloud permeates the enterprise technology discussion. It can be difficult to separate the hype from the value. Should everything go to the cloud, or is that sentiment stoked by vendors looking to boost their bottom lines? Not everything should go to the cloud, but coming up with a systematic way to determine what belongs where is increasingly difficult as offerings get more complex.

    Our Advice

    Critical Insight

    Don’t think about the cloud as an inevitable next step for all workloads. The cloud is merely another tool in the toolbox, ready to be used when appropriate and put away when it’s not needed. Cloud-first isn’t always the way to go.

    Impact and Result

    • Evaluate workloads’ suitability for the cloud using Info-Tech’s methodology to select the optimal migration (or non-migration) path based on the value of cloud characteristics.
    • Codify risks tied to workloads’ cloud suitability and plan mitigations.
    • Build a roadmap of initiatives for actions by workload and risk mitigation.
    • Define a cloud vision to share with stakeholders.

    Define Your Cloud Vision Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define Your Cloud Vision – A step-by-step guide to generating, validating, and formalizing your cloud vision.

    The cloud vision storyboard walks readers through the process of generating, validating and formalizing a cloud vision, providing a framework and tools to assess workloads for their cloud suitability and risk.

    • Define Your Cloud Vision – Phases 1-4

    2. Cloud Vision Executive Presentation – A document that captures the results of the exercises, articulating use cases for cloud/non-cloud, risks, challenges, and high-level initiative items.

    The executive summary captures the results of the vision exercise, including decision criteria for moving to the cloud, risks, roadblocks, and mitigations.

    • Cloud Vision Executive Presentation

    3. Cloud Vision Workbook – A tool that facilitates the assessment of workloads for appropriate service model, delivery model, support model, and risks and roadblocks.

    The cloud vision workbook comprises several assessments that will help you understand what service model, delivery model, support model, and risks and roadblocks you can expect to encounter at the workload level.

    • Cloud Vision Workbook
    [infographic]

    Workshop: Define Your Cloud Vision

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand the Cloud

    The Purpose

    Align organizational goals to cloud characteristics.

    Key Benefits Achieved

    An understanding of how the characteristics particular to cloud can support organizational goals.

    Activities

    1.1 Generate corporate goals and cloud drivers.

    1.2 Identify success indicators.

    1.3 Explore cloud characteristics.

    1.4 Explore cloud service and delivery models.

    1.5 Define cloud support models and strategy components.

    1.6 Create state summaries for the different service and delivery models.

    1.7 Select workloads for further analysis.

    Outputs

    Corporate cloud goals and drivers

    Success indicators

    Current state summaries

    List of workloads for further analysis

    2 Assess Workloads

    The Purpose

    Evaluate workloads for cloud value and action plan.

    Key Benefits Achieved

    Action plan for each workload.

    Activities

    2.1 Conduct workload assessment using the Cloud Strategy Workbook tool.

    2.2 Discuss assessments and make preliminary determinations about the workloads.

    Outputs

    Completed workload assessments

    Workload summary statements

    3 Identify and Mitigate Risks

    The Purpose

    Identify and plan to mitigate potential risks in the cloud project.

    Key Benefits Achieved

    A list of potential risks and plans to mitigate them.

    Activities

    3.1 Generate a list of risks and potential roadblocks associated with the cloud.

    3.2 Sort risks and roadblocks and define categories.

    3.3 Identify mitigations for each identified risk and roadblock

    3.4 Generate initiatives from the mitigations.

    Outputs

    List of risks and roadblocks, categorized

    List of mitigations

    List of initiatives

    4 Bridge the Gap and Create the Strategy

    The Purpose

    Clarify your vision of how the organization can best make use of cloud and build a project roadmap.

    Key Benefits Achieved

    A clear vision and a concrete action plan to move forward with the project.

    Activities

    4.1 Review and assign work items.

    4.2 Finalize the decision framework for each of the following areas: service model, delivery model, and support model.

    4.3 Create a cloud vision statement

    Outputs

    Cloud roadmap

    Finalized task list

    Formal cloud decision rubric

    Cloud vision statement

    5 Next Steps and Wrap-Up

    The Purpose

    Complete your cloud vision by building a compelling executive-facing presentation.

    Key Benefits Achieved

    Simple, straightforward communication of your cloud vision to key stakeholders.

    Activities

    5.1 Build the Cloud Vision Executive Presentation

    Outputs

    Completed cloud strategy executive presentation

    Completed Cloud Vision Workbook.

    Further reading

    Define Your Cloud Vision

    Define your cloud vision before it defines you

    Analyst perspective

    Use the cloud’s strengths. Mitigate its weaknesses.

    The cloud isn’t magic. It’s not necessarily cheaper, better, or even available for the thing you want it to do. It’s not mysterious or a cure-all, and it does take a bit of effort to systematize your approach and make consistent, defensible decisions about your cloud services. That’s where this blueprint comes in.

    Your cloud vision is the culmination of this effort all boiled down into a single statement: “This is how we want to use the cloud.” That simple statement should, of course, be representative of – and built from – a broader, contextual strategy discussion that answers the following questions: What should go to the cloud? What kind of cloud makes sense? Should the cloud deployment be public, private, or hybrid? What does a migration look like? What risks and roadblocks need to be considered when exploring your cloud migration options? What are the “day 2” activities that you will need to undertake after you’ve gotten the ball rolling?

    Taken as a whole, answering these questions is difficult task. But with the framework provided here, it’s as easy as – well, let’s just say it’s easier.

    Jeremy Roberts

    Research Director, Infrastructure and Operations

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • You are both extrinsically motivated to move to the cloud (e.g. by vendors) and intrinsically motivated by internal digital transformation initiatives.
    • You need to define the cloud’s true value proposition for your organization without assuming it is an outsourcing opportunity or will save you money.
    • Your industry, once cloud-averse, is now normalizing the use of cloud services, but you have not established a basic cloud vision from which to develop a strategy at a later point.

    Common Obstacles

    • Organizations jump to the cloud before defining their cloud vision and without any clear plan for realizing the cloud’s benefits.
    • Many organizations have a foot in the cloud already, but these decisions have been made in an ad hoc rather than systematic fashion.
    • You lack a consistent framework to assess your workloads’ suitability for the cloud.

    Info-Tech's Approach

    • Evaluate workloads’ suitability for the cloud using Info-Tech’s methodology to select the optimal migration (or non-migration) path based on the value of cloud characteristics.
    • Codify risks tied to workloads’ cloud suitability and plan mitigations.
    • Build a roadmap of initiatives for actions by workload and risk mitigation.
    • Define a cloud vision to share with stakeholders.

    Info-Tech Insight: 1) Base migration decisions on cloud characteristics. If your justification for the migration is simply getting your workload out of the data center, think again. 2) Address the risks up front in your migration plan. 3) The cloud changes roles and calls for different skill sets, but Ops is here to stay.

    Your challenge

    This research is designed to help organizations who need to:

    • Identify workloads that are good candidates for the cloud.
    • Develop a consistent, cost-effective approach to cloud services.
    • Outline and mitigate risks.
    • Define your organization’s cloud archetype.
    • Map initiatives on a roadmap.
    • Communicate your cloud vision to stakeholders so they can understand the reasons behind a cloud decision and differentiate between different cloud service and deployment models.
    • Understand the risks, roadblocks, and limitations of the cloud.

    “We’re moving from a world where companies like Oracle and Microsoft and HP and Dell were all critically important to a world where Microsoft is still important, but Amazon is now really important, and Google also matters. The technology has changed, but most of the major vendors they’re betting their business on have also changed. And that’s super hard for people..” –David Chappell, Author and Speaker

    Common obstacles

    These barriers make this challenge difficult to address for many organizations:

    • Organizations jump to the cloud before defining their cloud vision and without any clear plan for realizing the cloud’s benefits.
    • Many organizations already have a foot in the cloud, but the choice to explore these solutions was made in an ad hoc rather than systematic fashion. The cloud just sort of happened.
    • The lack of a consistent assessment framework means that some workloads that probably belong in the cloud are kept on premises or with hosted services providers – and vice versa.
    • Securing cloud expertise is remarkably difficult – especially in a labor market roiled by the global pandemic and the increasing importance of cloud services.

    Standard cloud challenges

    30% of all cloud spend is self-reported as waste. Many workloads that end up in the cloud don’t belong there. Many workloads that do belong in the cloud aren’t properly migrated. (Flexera, 2021)

    44% of respondents report themselves as under-skilled in the cloud management space. (Pluralsight, 2021)

    Info-Tech’s approach

    Goals and drivers

    • Service model
      • What type of cloud makes the most sense for workload archetypes? When does it make sense to pick SaaS over IaaS, for example?
    • Delivery model
      • Will services be delivered over the public cloud, a private cloud, or a hybrid cloud? What challenges accompany this decision?
    • Migration Path
      • What does the migration path look like? What does the transition to the cloud look like, and how much effort will be required? Amazon’s 6Rs framework captures migration options: rehosting, repurchasing, replatforming, and refactoring, along with retaining and retiring. Each workload should be assessed for its suitability for one or more of these paths.
    • Support model
      • How will services be provided? Will staff be trained, new staff hired, a service provider retained for ongoing operations, or will a consultant with cloud expertise be brought on board for a defined period? The appropriate support model is highly dependent on goals along with expected outcomes for different workloads.

    Highlight risks and roadblocks

    Formalize cloud vision

    Document your cloud strategy

    The Info-Tech difference:

    1. Determine the hypothesized value of cloud for your organization.
    2. Evaluate workloads with 6Rs framework.
    3. Identify and mitigate risks.
    4. Identify cloud archetype.
    5. Plot initiatives on a roadmap.
    6. Write action plan statement and goal statement.

    What is the cloud, how is it deployed, and how is service provided?

    Cloud Characteristics

    1. On-demand self-service: the ability to access reosurces instantly without vendor interaction
    2. Broad network access: all services delivered over the network
    3. Resource pooling: multi-tenant environment (shared)
    4. Rapid elasticity: the ability to expand and retract capabilities as needed
    5. Measured service: transparent metering

    Service Model:

    1. Software-as-a-Service: all but the most minor configuration is done by the vendor
    2. Platform-as-a-Service: customer builds the application using tools provided by the provider
    3. Infrastructure-as-a-Service: the customer manages OS, storage, and the application

    Delivery Model

    1. Public cloud: accessible to anyone over the internet; multi-tenant environment
    2. Private cloud: provisioned for a single organization with multiple units
    3. Hybrid cloud: two or more connected clouds; data is portage across them
    4. Community cloud: provisioned for a specific group of organizations

    (National Institute of Standards and Technology)

    A workload-first approach will allow you to take full advantage of the cloud’s strengths

    • Under all but the most exceptional circumstances, good cloud strategies will incorporate different service models. Very few organizations are “IaaS shops” or “SaaS shops,” even if they lean heavily in one direction.
    • These different service models (including non-cloud options like colocation and on-premises infrastructure) each have different strengths. Part of your cloud strategy should involve determining which of the services makes the most sense for you.
    • Own the cloud by understanding which cloud (or non-cloud!) offering makes the most sense for you given your unique context.

    Migration paths

    In a 2016 blog post, Amazon introduced a framework for understanding cloud migration strategies. The framework presented here is slightly modified – including a “relocate” component rather than a “retire” component – but otherwise hews close to the standard.

    These migration paths reflect organizational capabilities and desired outcomes in terms of service models – cloud or otherwise. Retention means keeping the workload where it is, in a datacenter or a colocation service, or relocating to a colocation or hosted software environment. These represent the “non-cloud” migration paths.

    In the graphic on the right, the paths within the red box lead to the cloud. Rehosting means lifting and shifting to an infrastructure environment. Migrating a virtual machine from your VMware environment on premises to Azure Virtual machines is a quick way to realize some benefits from the cloud. Migrating from SQL Server on premises to a cloud-based SQL solution looks a bit more like changing platforms (replatforming). It involves basic infrastructure modification without a substantial architectural component.

    Refactoring is the most expensive of the options and involves engaging the software development lifecycle to build a custom solution, fundamentally rewriting the solution to be cloud native and take advantage of cloud-native architectures. This can result in a PaaS or an IaaS solution.

    Finally, repurchasing means simply going to market and procuring a new solution. This may involve migrating data, but it does not require the migration of components.

    Migration Paths

    Retain (Revisit)

    • Keep the application in its current form, at least for now. This doesn’t preclude revisiting it in the future.

    Relocate

    • Move the workload between datacenters or to a hosted software/colocation provider.

    Rehost

    • Move the application to the cloud (IaaS) and continue to run it in more or less the same form as it currently runs.

    Replatform

    • Move the application to the cloud and perform a few changes for cloud optimizations.

    Refactor

    • Rewrite the application, taking advantage of cloud-native architectures.

    Repurchase

    • Replace with an alternative, cloud-native application and migrate the data.

    Support model

    Support models by characteristic

    Duration of engagement Specialization Flexibility
    Internal IT Indefinite Varies based on nature of business Fixed, permanent staff
    Managed Service Provider Contractually defined General, some specialization Standard offering
    Consultant Project-based Specific, domain-based Entirely negotiable

    IT services, including cloud services, can be delivered and managed in multiple ways depending on the nature of the workload and the organization’s intended path forward. Three high-level options are presented here and may be more or less valuable based on the duration of the expected engagement with the service (temporary or permanent), the skills specialization required, and the flexibility necessary to complete the job.

    By way of example, a highly technical, short-term project with significant flexibility requirements might be a good fit for an expensive consultant, whereas post-implementation maintenance of a cloud email system requires relatively little specialization and flexibility and would therefore be a better fit for internal management.

    There is no universally applicable rule here, but there are some workloads that are generally a good fit for the cloud and others that are not as effective, with that fit being conditional on the appropriate support model being employed.

    Risks, roadblocks, and strategy components

    No two cloud strategies are exactly alike, but all should address 14 key areas. A key step in defining your cloud vision is an assessment of these strategy components. Lower maturity does not preclude an aggressive cloud strategy, but it does indicate that higher effort will be required to make the transition.

    Component Description Component Description
    Monitoring What will system owners/administrators need visibility into? How will they achieve this? Vendor Management What practices must change to ensure effective management of cloud vendors?
    Provisioning Who will be responsible for deploying cloud workloads? What governance will this process be subject to? Finance Management How will costs be managed with the transition away from capital expenditure?
    Migration How will cloud migrations be conducted? What best practices/standards must be employed? Security What steps must be taken to ensure that cloud services meet security requirements?
    Operations management What is the process for managing operations as they change in the cloud? Data Controls How will data residency, compliance, and protection requirements be met in the cloud?
    Architecture What general principles must apply in the cloud environment? Skills and roles What skills become necessary in the cloud? What steps must be taken to acquire those skills?
    Integration and interoperability How will services be integrated? What standards must apply? Culture and adoption Is there a cultural aversion to the cloud? What steps must be taken to ensure broad cloud acceptance?
    Portfolio Management Who will be responsible for managing the growth of the cloud portfolio? Governing bodies What formal governance must be put in place? Who will be responsible for setting standards?

    Cloud archetypes – a cloud vision component

    Once you understand the value of the cloud, your workloads’ general suitability for cloud, and your proposed risks and mitigations, the next step is to define your cloud archetype.

    Your organization’s cloud archetype is the strategic posture that IT adopts to best support the organization’s goals. Info-Tech’s model recognizes seven archetypes, divided into three high-level archetypes.

    After consultation with your stakeholders, and based on the results of the suitability and risk assessment activities, define your archetype. The archetype feeds into the overall cloud vision and provides simple insight into the cloud future state for all stakeholders.

    The cloud vision itself is captured in a “vision statement,” a short summary of the overall approach that includes the overall cloud archetype.

    We can best support the organization's goals by:

    More Cloud

    Less Cloud

    Cloud Focused Cloud-Centric Providing all workloads through cloud delivery.
    Cloud-First Using the cloud as our default deployment model. For each workload, we should ask “why NOT cloud?”
    Cloud Opportunistic Hybrid Enabling the ability to transition seamlessly between on-premises and cloud resources for many workloads.
    Integrated Combining cloud and traditional infrastructure resources, integrating data and applications through APIs or middleware.
    Split Using the cloud for some workloads and traditional infrastructure resources for others.
    Cloud Averse Cloud-Light Using traditional infrastructure resources and limiting our use of the cloud to when it is absolutely necessary.
    Anti-Cloud Using traditional infrastructure resources and avoiding use of the cloud wherever possible.

    Info-Tech’s methodology for defining your cloud vision

    1. Understand the Cloud 2. Assess Workloads 3. Identify and Mitigate Risks 4. Bridge the Gap and Create the Vision
    Phase Steps
    1. Generate goals and drivers
    2. Explore cloud characteristics
    3. Create a current state summary
    4. Select workloads for analysis
    1. Conduct workload assessments
    2. Determine workload future state
    1. Generate risks and roadblocks
    2. Mitigate risks and roadblocks
    3. Define roadmap initiatives
    1. Review and assign work items
    2. Finalize cloud decision framework
    3. Create cloud vision
    Phase Outcomes
    1. List of goals and drivers
    2. Shared understanding of cloud terms
    3. Current state of cloud in the organization
    4. List of workloads to be assessed
    1. Completed workload assessments
    2. Defined workload future state
    1. List of risks and roadblocks
    2. List of mitigations
    3. Defined roadmap initiatives
    1. Cloud roadmap
    2. Cloud decision framework
    3. Completed Cloud Vision Executive Presentation

    Insight summary

    The cloud may not be right for you – and that’s okay!

    Don’t think about the cloud as an inevitable next step for all workloads. The cloud is merely another tool in the toolbox, ready to be used when appropriate and put away when it’s not needed. Cloud first isn’t always the way to go.

    Not all clouds are equal

    It’s not “should I go to the cloud?” but “what service and delivery models make sense based on my needs and risk tolerance?” Thinking about the cloud as a binary can force workloads into the cloud that don’t belong (and vice versa).

    Bottom-up is best

    A workload assessment is the only way to truly understand the cloud’s value. Work from the bottom up, not the top down, understand what characteristics make a workload cloud suitable, and strategize on that basis.

    Your accountability doesn’t change

    You are still accountable for maintaining available, secure, functional applications and services. Cloud providers share some responsibility, but the buck stops where it always has: with you.

    Don’t customize for the sake of customization

    SaaS providers make money selling the same thing to everyone. When migrating a workload to SaaS, work with stakeholders to pursue standardization around a selected platform and avoid customization where possible.

    Best of both worlds, worst of both worlds

    Hybrid clouds are in fashion, but true hybridity comes with additional cost, administration, and other constraints. A convoy moves at the speed of its slowest member.

    The journey matters as much as the destination

    How you get there is as important as what “there” actually is. Any strategy that focuses solely on the destination misses out on a key part of the value conversation: the migration strategy.

    Blueprint benefits

    Cloud Vision Executive Presentation

    This presentation captures the results of the exercises and presents a complete vision to stakeholders including a desired target state, a rubric for decision making, the results of the workload assessments, and an overall risk profile.

    Cloud Vision Workbook

    This workbook includes the standard cloud workload assessment questionnaire along with the results of the assessment. It also includes the milestone timeline for the implementation of the cloud vision.

    Blueprint benefits

    IT Benefits

    • A consistent approach to the cloud takes the guesswork out of deployment decisions and makes it easier for IT to move on to the execution stage.
    • When properly incorporated, cloud services come with many benefits, including automation, elasticity, and alternative architectures (micro-services, containers). The cloud vision project will help IT readers articulate expected benefits and work towards achieving them.
    • A clear framework for incorporating organizational goals into cloud plans.

    Business benefits

    • Simple, well-governed access to high-quality IT resources.
    • Access to the latest and greatest in technology to facilitate remote work.
    • Framework for cost management in the cloud that incorporates OpEx and chargebacks/showbacks. A clear understanding of expected changes to cost modeling is also a benefit of a cloud vision.
    • Clarity for stakeholders about IT’s response (and contribution to) IT strategic initiatives.

    Measure the value of this blueprint

    Don’t take our word for it:

    • The cloud vision material in various forms has been offered for several years, and members have generally benefited substantially, both from cloud vision workshops and from guided implementations led by analysts.
    • After each engagement, we send a survey that asks members how they benefited from the experience. Of 30 responses, the cloud vision research has received an average score of 9.8/10. Real members have found significant value in the process.
    • Additionally, members reported saving between 2 and 120 days (for an average of 17), and financial savings ranged from $1,920 all the way up to $1.27 million, for an average of $170,577.90! If we drop outliers on both ends, the average reported value of a cloud vision engagement is $37, 613.
    • Measure the value by calculating the time saved from using Info-Tech’s framework vs. a home-brewed cloud strategy alternative and by comparing the overall cost of a guided implementation or workshop with the equivalent offering from another firm. We’re confident you’ll come out ahead.

    9.8/10 Average reported satisfaction

    17 Days Average reported time savings

    $37, 613 Average cost savings (adj.)

    Executive Brief Case Study

    Industry: Financial

    Source: Info-Tech workshop

    Anonymous financial institution

    A small East Coast financial institution was required to develop a cloud strategy. This strategy had to meet several important requirements, including alignment with strategic priorities and best practices, along with regulatory compliance, including with the Office of the Comptroller of the Currency.

    The bank already had a significant cloud footprint and was looking to organize and formalize the strategy going forward.

    Leadership needed a comprehensive strategy that touched on key areas including the delivery model, service models, individual workload assessments, cost management, risk management and governance. The output had to be consumable by a variety of audiences with varying levels of technical expertise and had to speak to IT’s role in the broader strategic goals articulated earlier in the year.

    Results

    The bank engaged Info-Tech for a cloud vision workshop and worked through four days of exercises with various IT team members. The bank ultimately decided on a multi-cloud strategy that prioritized SaaS while also allowing for PaaS and IaaS solutions, along with some non-cloud hosted solutions, based on organizational circumstances.

    Bank cloud vision

    [Bank] will provide innovative financial and related services by taking advantage of the multiplicity of best-of-breed solutions available in the cloud. These solutions make it possible to benefit from industry-level innovations, while ensuring efficiency, redundancy, and enhanced security.

    Bank cloud decision workflow

    • SaaS
      • Platform?
        • Yes
          • PaaS
        • No
          • Hosted
        • IaaS
          • Other

    Non-cloud

    Cloud

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this crticial project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off imediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge the take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

    Phase 1

    • Call #1: Discuss current state, challenges, etc.
    • Call #2: Goals, drivers, and current state.

    Phase 2

    • Call #3: Conduct cloud suitability assessment for selected workloads.

    Phase 3

    • Call #4: Generate and categorize risks.
    • Call #5: Begin the risk mitigation conversation.

    Phase 4

    • Call #6: Complete the risk mitigation process
    • Call #7: Finalize vision statement and cloud decision framework.

    Workshop Overview

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Offsite day
    Understand the cloud Assess workloads Identify and mitigate risks Bridge the gap and create the strategy Next steps and wrap-up (offsite)
    Activities

    1.1 Introduction

    1.2 Generate corporate goals and cloud drivers

    1.3 Identify success indicators

    1.4 Explore cloud characteristics

    1.5 Explore cloud service and delivery models

    1.6 Define cloud support models and strategy components

    1.7 Create current state summaries for the different service and delivery models

    1.8 Select workloads for further analysis

    2.1 Conduct workload assessments using the cloud strategy workbook tool

    2.2 Discuss assessments and make preliminary determinations about workloads

    3.1 Generate a list of risks and potential roadblocks associated with the cloud

    3.2 Sort risks and roadblocks and define categories

    3.3 Identify mitigations for each identified risk and roadblock

    3.4 Generate initiatives from the mitigations

    4.1 Review and assign work items

    4.2 Finalize the decision framework for each of the following areas:

    • Service model
    • Delivery model
    • Support model

    4.3 Create a cloud vision statement

    5.1 Build the Cloud Vision Executive Presentation
    Deliverables
    1. Corporate goals and cloud drivers
    2. Success indicators
    3. Current state summaries
    4. List of workloads for further analysis
    1. Completed workload assessments
    2. Workload summary statements
    1. List of risks and roadblocks, categorized
    2. List of mitigations
    3. List of initiatives
    1. Finalized task list
    2. Formal cloud decision rubric
    3. Cloud vision statement
    1. Completed cloud strategy executive presentation
    2. Completed cloud vision workbook

    Understand the cloud

    Build the foundations of your cloud vision

    Phase 1

    Phase 1

    Understand the Cloud

    Phase 1

    1.1 Generate goals and drivers

    1.2 Explore cloud characteristics

    1.3 Create a current state summary

    1.4 Select workloads for analysis

    Phase 2

    2.1 Conduct workload assessments

    2.2 Determine workload future states

    Phase 3

    3.1 Generate risks and roadblocks

    3.2 Mitigate risks and roadblocks

    3.3 Define roadmap initiatives

    Phase 4

    4.1 Review and assign work items

    4.2 Finalize cloud decision framework

    4.3 Create cloud vision

    This phase will walk you through the following activities:

    1.1.1 Generate organizational goals

    1.1.2 Define cloud drivers

    1.1.3 Define success indicators

    1.3.1 Record your current state

    1.4.1 Select workloads for further assessment

    This phase involves the following participants:

    IT management, the core working group, security, infrastructure, operations, architecture, engineering, applications, non-IT stakeholders.

    It starts with shared understanding

    Stakeholders must agree on overall goals and what “cloud” means

    The cloud is a nebulous term that can reasonably describe services ranging from infrastructure as a service as delivered by providers like Amazon Web Services and Microsoft through its Azure platform, right up to software as a service solutions like Jira or Salesforce. These solutions solve different problems – just because your CRM would be a good fit for a migration to Salesforce doesn’t mean the same system would make sense in Azure or AWS.

    This is important because the language we use to talk about the cloud can color our approach to cloud services. A “cloud-first” strategy will mean something different to a CEO with a concept of the cloud rooted in Salesforce than it will to a system administrator who interprets it to mean a transition to cloud-hosted virtual machines.

    Add to this the fact that not all cloud services are hosted externally by providers (public clouds) and the fact that multiple delivery models can be engaged at once through hybrid or multi-cloud approaches, and it’s apparent that a shared understanding of the cloud is necessary for a coherent strategy to take form.

    This phase proceeds in four steps, each governed by the principle of shared understanding. The first requires a shared understanding of corporate goals and drivers. Step 2 involves coming to a shared understanding of the cloud’s unique characteristics. Step 3 requires a review of the current state. Finally, in Step 4, participants will identify workloads that are suitable for analysis as candidates for the cloud.

    Step 1.1

    Generate goals and drivers

    Activities

    1.1.1 Define organizational goals

    1.1.2 Define cloud drivers

    1.1.3 Define success indicators

    Generate goals and drivers

    Explore cloud characteristics

    Create a current state summary

    Select workloads for analysis

    This step involves the following participants:

    • IT management
    • Core working group
    • Security
    • Applications
    • Infrastructure
    • Service management
    • Leadership

    Outcomes of this step

    • List of organizational goals
    • List of cloud drivers
    • Defined success indicators

    What can the cloud do for you?

    The cloud is not valuable for its own sake, and not all users derive the same value

    • The cloud is characterized by on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. Any or all of those characteristics might be enough to make the cloud appealing, but in most cases, there is an overriding driver.
    • Multiple paths may lead to the cloud. Consider an organization with a need to control costs by showing back to business units, or perhaps by reducing capital expenditure – the cloud may be the most appropriate way to effect these changes. Conversely, an organization expanding rapidly and with a need to access the latest and greatest technology might benefit from the elasticity and pooled resources that major cloud providers can offer.
    • In these cases, the destination might be the same (a cloud solution) but the delivery model – public, private, or hybrid – and the decisions made around the key strategy components, including architecture, provisioning, and cost management, will almost certainly be different.
    • Defining goals, understanding cloud drivers, and – crucially – understanding what success means, are all therefore essential elements of the cloud vision process.

    1.1.1 Generate organizational goals

    1-3 hours

    Input

    • Strategy documentation

    Output

    • Organizational goals

    Materials

    • Whiteboard (digital/physical)

    Participants

    • IT leadership
    • Infrastructure
    • Applications
    • Security
    1. As a group, brainstorm organizational goals, ideally based on existing documentation
      • Review relevant corporate and IT strategies.
      • If you do not have access to internal documentation, review the standard goals on the next slide and select those that are most relevant for you.
    2. Record the most important business goals in the Cloud Vision Executive Presentation. Include descriptions where possible to ensure wide readability.
    3. Make note of these goals. They should inform the answers to prompts offered in the Cloud Vision Workbook and should be a consistent presence in the remainder of the visioning exercise. If you’re conducting the session in person, leave the goals up on a whiteboard and make reference to them throughout the workshop.

    Cloud Vision Executive Presentation

    Standard COBIT 19 enterprise goals

    1. Portfolio of competitive products and services
    2. Managed business risk
    3. Compliance with external laws and regulations
    4. Quality of financial information
    5. Customer-oriented service culture
    6. Business service continuity and availability
    7. Quality of management information
    8. Optimization of internal business process functionality
    9. Optimization of business process costs
    10. Staff skills, motivation, and productivity
    11. Compliance with internal policies
    12. Managed digital transformation programs
    13. Product and business innovation

    1.1.2 Define cloud drivers

    30-60 minutes

    Input

    • Organizational goals
    • Strategy documentation
    • Management/staff perspective

    Output

    • List of cloud drivers

    Materials

    • Sticky notes
    • Whiteboard
    • Markers

    Participants

    • IT leadership
    • Infrastructure
    • Applications
    • Security
    1. Cloud drivers sit at a level of abstraction below organizational goals. Keeping your organizational goals in mind, have each participant in the session write down how they expect to benefit from the cloud on a sticky note.
    2. Solicit input one at a time and group similar responses. Encourage participants to bring forward their cloud goals even if similar goals have been mentioned previously. The number of mentions is a useful way to gauge the relative weight of the drivers.
    3. Once this is done, you should have a few groups of similar drivers. Work with the group to name each category. This name will be the driver reported in the documentation.
    4. Input the results of the exercise into the Cloud Vision Executive Presentation, and include descriptions based on the constituent drivers. For example, if a driver is titled “do more valuable work,” the constituent drivers might be “build cloud skills,” “focus on core products,” and “avoid administration work where possible.” The description would be based on these components.

    Cloud Vision Executive Presentation

    1.1.3 Define success indicators

    1 hour

    Input

    • Cloud drivers
    • Organizational goals

    Output

    • List of cloud driver success indicators

    Materials

    • Whiteboard
    • Markers

    Participants

    • IT leadership
    • Infrastructure
    • Applications
    • Security
    1. On a whiteboard, draw a table with each of the cloud drivers (identified in 1.1.2) across the top.
    2. Work collectively to generate success indicators for each cloud driver. In this case, a success indicator is some way you can report your progress with the stated driver. It is a real-world proxy for the sometimes abstract phenomena that make up your drivers. Think about what would be true if your driver was realized.
      1. For example, if your driver is “faster access to resources,” you might consider indicators like developer satisfaction, project completion time, average time to provision, etc.
    3. Once you are satisfied with your list of indicators, populate the slide in the Cloud Vision Executive Presentation for validation from stakeholders.

    Cloud Vision Executive Presentation

    Step 1.2

    Explore cloud characteristics

    Activities

    Understand the value of the cloud:

    • Review delivery models
    • Review support models
    • Review service models
    • Review migration paths

    Understand the Cloud

    Generate goals and drivers

    Explore cloud characteristics

    Create a current state summary

    Select workloads for analysis

    This step involves the following participants:

    • Core working group
    • Architecture
    • Engineering
    • Security

    Outcomes of this step

    • Understanding of cloud service models and value

    Defining the cloud

    Per NIST, the cloud has five fundamental characteristics. All clouds have these characteristics, even if they are executed in somewhat different ways between delivery models, service models, and even individual providers.

    Cloud characteristics

    On-demand self-service

    Cloud customers are capable of provisioning cloud resources without human interaction (e.g. contacting sales), generally through a web console.

    Broad network access

    Capabilities are designed to be delivered over a network and are generally intended for access by a wide variety of platform types (cloud services are generally device-agnostic).

    Resource pooling

    Multiple customers (internal, in the case of private clouds) make use of a highly abstracted shared infrastructure managed by the cloud provider.

    Rapid elasticity

    Customers are capable of provisioning additional resources as required, pulling from a functionally infinite pool of capacity. Cloud resources can be spun-down when no longer needed.

    Measured service

    Consumption is metered based on an appropriate unit of analysis (number of licenses, storage used, compute cycles, etc.) and billing is transparent and granular.

    Cloud delivery models

    The NIST definition of cloud computing outlines four cloud delivery models: public, private, hybrid, and community clouds. A community cloud is like a private cloud, but it is provisioned for the exclusive use of a like-minded group of organizations, usually in a mutually beneficial, non-competitive arrangement. Universities and hospitals are examples of organizations that can pool their resources in this way without impacting competitiveness. The Info-Tech model covers three key delivery models – public, private, and hybrid, and an overarching model (multi-cloud) that can comprise more than one of the other models – public + public, public + hybrid, etc.

    Public

    The cloud service is provisioned for access by the general public (customers).

    Private

    A private cloud has the five key characteristics, but is provisioned for use by a single entity, like a company or organization.

    Hybrid

    Hybridity essentially refers to interoperability between multiple cloud delivery models (public +private).

    Multi

    A multi-cloud deployment requires only that multiple clouds are used without any necessary interoperability (Nutanix, 2019).

    Public cloud

    This is what people generally think about when they talk about cloud

    • The public cloud is, well, public! Anyone can make use of its resources, and in the case of the major providers, capacity is functionally unlimited. Need to store exabytes of data in the cloud? No problem! Amazon will drive a modified shipping container to your datacenter, load it up, and “migrate” it to a datacenter.
    • Public clouds offer significant variety on the infrastructure side. Major IaaS providers, like Microsoft and Amazon, offer dozens of services across many different categories including compute, networking, and storage, but also identity, containers, machine learning, virtual desktops, and much, much more. (See a list from Microsoft here, and Amazon here)
    • There are undoubtedly strengths to the public cloud model. Providers offer the “latest and greatest” and customers need not worry about the details, including managing infrastructure and physical locations. Providers offer built-in redundancy, multi-regional deployments, automation tools, management and governance solutions, and a variety of leading-edge technologies that would not be feasible for organizations to run in-house, like high performance compute, blockchain, or quantum computing.
    • Of course, the public cloud is not all sunshine and rainbows – there are downsides as well. It can be expensive; it can introduce regulatory complications to have to trust another entity with your key information. Additionally, there can be performance hiccups, and with SaaS products, it can be difficult to monitor at the appropriate (per-transaction) level.

    Prominent examples include:

    AWS

    Microsoft

    Azure

    Salesforce.com

    Workday

    SAP

    Private cloud

    A lower-risk cloud for cloud-averse customers?

    • A cloud is a cloud, no matter how small. Some IT shops deploy private clouds that make use of the five key cloud characteristics but provisioned for the exclusive use of a single entity, like a corporation.
    • Private clouds have numerous benefits. Some potential cloud customers might be uncomfortable with the shared responsibility that is inherent in the public cloud. Private clouds allow customers to deliver flexible, measured services without having to surrender control, but they require significant overhead, capital expenditure, administrative effort, and technical expertise.
    • According to the 2021 State of the Cloud Report, private cloud use is common, and the most frequently cited toolset is VMware vSphere, followed by Azure Stack, OpenStack, and AWS Outposts. Private cloud deployments are more common in larger organizations, which makes sense given the overhead required to manage such an environment.

    Private cloud adoption

    The images shows a graph titled Private Cloud Adoption for Enterprises. It is a horizontal bar graph, with three segments in each bar: dark blue marking currently use; mid blue marking experimenting; and light blue marking plan to use.

    VMware and Microsoft lead the pack among private cloud customers, with Amazon and Red Hat also substantially present across private cloud environments.

    Hybrid cloud

    The best of both worlds?

    Hybrid cloud architectures combine multiple cloud delivery models and facilitate some level of interoperability. NIST suggests bursting and load balancing as examples of hybrid cloud use cases. Note: it is not sufficient to simply have multiple clouds running in parallel – there must be a toolset that allows for an element of cross-cloud functionality.

    This delivery model is attractive because it allows users to take advantage of the strengths of multiple service models using a single management pane. Bursting across clouds to take advantage of additional capacity or disaster recovery capabilities are two obvious use cases that appeal to hybrid cloud users.

    But while hybridity is all the rage (especially given the impact Covid-19 has had on the workplace), the reality is that any hybrid cloud user must take the good with the bad. Multiple clouds and a management layer can be technically complex, expensive, and require maintaining a physical infrastructure that is not especially valuable (“I thought we were moving to the cloud to get out of the datacenter!”).

    Before selecting a hybrid approach through services like VMware Cloud on AWS or Microsoft’s Azure Stack, consider the cost, complexity, and actual expected benefit.

    Amazon, Microsoft, and Google dominate public cloud IaaS, but IBM is betting big on hybrid cloud:

    The image is a screencap of a tweet from IBM News. The tweet reads: IBM CEO Ginni Rometty: Hybrid cloud is a trillion dollar market and we'll be number one #Think2019.

    With its acquisition of Red Hat in 2019 for $34 billion, Big Blue put its money where its mouth is and acquired a substantial hybrid cloud business. At the time of the acquisition, Red Hat’s CEO, Jim Whitehurst, spoke about the benefit IBM expected to receive:

    “Joining forces with IBM gives Red Hat the opportunity to bring more open source innovation to an even broader range of organizations and will enable us to scale to meet the need for hybrid cloud solutions that deliver true choice and agility” (Red Hat, 2019).

    Multi-cloud

    For most organizations, the multi-cloud is the most realistic option.

    Multi-cloud is popular!

    The image shows a graph titled Multi-Cloud Architectures Used, % of all Respondents. The largest percentage is Apps siloed on different clouds, followed by DAta integration between clouds.

    Multi-cloud solutions exist at a different layer of abstraction from public, private, and even hybrid cloud delivery models. A multi-cloud architecture, as the name suggests, requires the user to be a customer of more than one cloud provider, and it can certainly include a hybrid cloud deployment, but it is not bound by the same rules of interoperability.

    Many organizations – especially those with fewer resources or a lack of a use case for a private cloud – rely on a multi-cloud architecture to build applications where they belong, and they manage each environment separately (or occasionally with the help of cloud management platforms).

    If your data team wants to work in AWS and your enterprise services run on basic virtual machines in Azure, that might be the most effective architecture. As the Flexera 2021 State of the Cloud Report suggests, this architecture is far more common than the more complicated bursting or brokering architectures characteristic of hybrid clouds.

    NIST cloud service models

    Software as a service

    SaaS has exploded in popularity with consumers who wish to avail themselves of the cloud’s benefits without having to manage underlying infrastructure components. SaaS is simple, generally billed per-user per-month, and is almost entirely provider-managed.

    Platform as a service

    PaaS providers offer a toolset for their customers to run custom applications and services without the requirement to manage underlying infrastructure components. This service model is ideal for custom applications/services that don’t benefit from highly granular infrastructure control.

    Infrastructure as a service

    IaaS represents the sale of components. Instead of a service, IaaS providers sell access to components, like compute, storage, and networking, allowing for customers to build anything they want on top of the providers’ infrastructure.

    Cloud service models

    • This research focuses on five key service models, each of which has its own strengths and weaknesses. Moving right from “on-prem,” customers gradually give up more control over their environments to cloud service providers.
    • An entirely premises-based environment means that the customer is responsible for everything ranging from the dirt under the datacenter to application-level configurations. Conversely, in a SaaS environment, the provider is responsible for everything but those top-level application configurations.
    • A managed service provider or other third party can manage any or of the components of the infrastructure stack. A service provider may, for example, build a SaaS solution on top of another provider’s IaaS, or might offer configuration assistance with a commercially available SaaS.

    Info-Tech Insight

    Not all workloads fit well in the cloud. Many environments will mix service models (e.g. SaaS for some workloads, some in IaaS, some on-premises), and this can be perfectly effective. It must be consistent and intentional, however.

    On-prem Co-Lo IaaS PaaS SaaS
    Application Application Application Application Application
    Database Database Database Database Database
    Runtime/ Middleware Runtime/ Middleware Runtime/ Middleware Runtime/ Middleware Runtime/ Middleware
    OS OS OS OS OS
    Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor
    Server Network Storage Server Network Storage Server Network Storage Server Network Storage Server Network Storage
    Facilities Facilities Facilities Facilities Facilities

    Organization has control

    Organization or vendor may control

    Vendor has control

    Analytics folly

    SaaS is good, but it’s not a panacea

    Industry: Healthcare

    Source: Info-Tech workshop

    Situation

    A healthcare analytics provider had already moved a significant number of “non-core workloads” to the cloud, including email, HRIS, and related services.

    The company CEO was satisfied with the reduced effort required by IT to manage SaaS-based workloads and sought to extend the same benefits to the core analytics platform where there was an opportunity to reduce overhead.

    Complication

    Many components of the health analytics service were designed to run specifically in a datacenter and were not ready to be migrated to the cloud without significant effort/refactoring. SaaS was not an option because this was a core platform – a SaaS provider would have been the competition.

    That left IaaS, which was expensive and would not bring the expected benefits (reduced overhead).

    Results

    The organization determined that there were no short-term gains from migrating to the cloud. Due to the nature of the application (its extensive customization, the fact that it was a core product sold by the company) any steps to reduce operational overhead were not feasible.

    The CEO recognized that the analytics platform was not a good candidate for the cloud and what distinguished the analytics platform from more suitable workloads.

    Migration paths

    In a 2016 blog post, Amazon Web Services articulated a framework for cloud migration that incorporates elements of the journey as well as the destination. If workload owners do not choose to retain or retire their workloads, there are four alternatives. These alternatives all stack up differently along five key dimensions:

    1. Value: does the workload stand to benefit from unique cloud characteristics? To what degree?
    2. Effort: how much work would be required to make the transition?
    3. Cost: how much money is the migration expected to cost?
    4. Time: how long will the migration take?
    5. Skills: what skills must be brought to bear to complete the migration?

    Not all migration paths can lead to all destinations. Rehosting generally means IaaS, while repurchasing leads to SaaS. Refactoring and replatforming have some variety of outcomes, and it becomes possible to take advantage of new IaaS architectures or migrate workloads over fully to SaaS.

    As part of the workload assessment process, use the five dimensions (expanded upon on the next slide) to determine what migration path makes sense. Preferred migration paths form an important part of the overall cloud vision process.

    Retain (Revisit)

    • Keep the application in its current form, at least for now. This doesn’t preclude revisiting it in the future.

    Retire

    • Get rid of the application completely.

    Rehost

    • Move the application to the cloud (IaaS) and continue to run it in more or less the same form as it currently runs.

    Replatform

    • Move the application to the cloud and perform a few changes for cloud optimizations.

    Refactor

    • Rewrite the application, taking advantage of cloud native architectures.

    Repurchase

    • Replace with an alternative, cloud-native application and migrate the data.

    Migration paths – relative value

    Migration path Value Effort Cost Time Skills
    Retain No real change in the absolute value of the workload if it is retained. No effort beyond ongoing workload maintenance. No immediate hard dollar costs, but opportunity costs and technical debt abound. No time required! (At least not right away…) Retaining requires the same skills it has always required (which may be more difficult to acquire in the future).
    Rehire A retired workload can provide no value, but it is not a drain! Spinning a service down requires engaging that part of the lifecycle. N/A Retiring the service may be simple or complicated depending on its current role. N/A
    Rehost Some value comes with rehosting, but generally components stay the same (VM here vs. a VM there). Minimal effort required, especially with automated tools. The effort will depend on the environment being migrated. Relatively cheap compared to other options. Rehosting infrastructure is the simplest cloud migration path and is useful for anyone in a hurry. Rehosting is the simplest cloud migration path for most workloads, but it does require basic familiarity with cloud IaaS.

    Replatform

    Replatformed workloads can take advantage of cloud-native services (SQL vs. SQLaaS). Replatforming is more effortful than rehosting, but less effortful than refactoring. Moderate cost – does not require fundamental rearchitecture, just some tweaking. Relatively more complicated than a simple rehost, but less demanding than a refactor. Platform and workload expertise is required; more substantial than a simple rehost.
    Refactor A fully formed, customized cloud-based workload that can take advantage of cloud-native architectures is generally quite valuable. Significant effort required based on the requirement to engage the full SDLC. Significant cost required to engage SDLC and rebuild the application/service. The most complicated and time-consuming. The most complicated and time-consuming.
    Repurchase Repurchasing is the quickest way to achieve cloud-native value. There are compromises, however (high cost, vendor-lock-in). Repurchasing is the quickest way to achieve cloud-native value. There are compromises, however (high cost, vendor-lock-in). Repurchasing is the quickest way to achieve cloud-native value. There are compromises, however (high cost, vendor-lock-in). Configuration – especially for massive projects – can be time consuming, but in general repurchasing can be quite fast. Buying software does require knowledge of requirements and integrations, but is otherwise quite simple.

    Where should you get your cloud skills?

    Cloud skills are certainly top of mind right now. With the great upheaval in both work patterns and in the labor market more generally, expertise in cloud-related areas is simultaneously more valuable and more difficult to procure. According to Pluralsight’s 2021 “State of Upskilling” report, 44% of respondents report themselves under-skilled in the cloud management area, making cloud management the most significant skill gap reported on the survey.

    Everyone left the office. Work as we know it is fundamentally altered for a generation or more. Cloud services shot up in popularity by enabling the transition. And yet there is a gap – a prominent gap – in skilling up for this critically important future. What is the cloud manager to do?

    Per the framework presented here, that manager has three essential options. They may take somewhat different forms depending on specific requirements and the quirks of the local market, but the options are:

    1. Train or hire internal resources: This might be easier said than done, especially for more niche skills, but makes sense for workloads that are critical to operations for the long term.
    2. Engage a managed service provider: MSPs are often engaged to manage services where internal IT lacks bandwidth or expertise.
    3. Hire a consultant: Consultants are great for time-bound implementation projects where highly specific expertise is required, such as a migration or implementation project.

    Each model makes sense to some degree. When evaluating individual workloads for cloud suitability, it is critical to consider the support model – both immediate and long term. What makes sense from a value perspective?

    Cloud decisions – summary

    A key component of the Info-Tech cloud vision model is that it is multi-layered. Not every decision must be made at every level. At the workload level, it makes sense to select service models that make sense, but each workload does not need its own defined vision. Workload-level decisions should be guided by an overall strategy but applied tactically, based on individual workload characteristics and circumstances.

    Conversely, some decisions will inevitably be applied at the environment level. With some exceptions, it is unlikely that cloud customers will build an entire private/hybrid cloud environment around a single solution; instead, they will define a broader strategy and fit individual workloads into that strategy.

    Some considerations exist at both the workload and environment levels. Risks and roadblocks, as well as the preferred support model, are concerns that exist at both the environment level and at the workload level.

    The image is a Venn diagram, with the left side titled Workload level, and the right side titled Environment Level. In the left section are: service model and migration path. On the right section are: Overall vision and Delivery model. In the centre section are: support model and Risks and roadblocks.

    Step 1.3

    Create a current state summary

    Activities

    1.3.1 Record your current state

    Understand the Cloud

    Generate goals and drivers

    Explore cloud characteristics

    Create a current state summary

    Select workloads for analysis

    This step involves the following participants: Core working group

    Outcomes of this step

    • Current state summary of cloud solutions

    1.3.1 Record your current state

    30 minutes

    Input

    • Knowledge of existing cloud workloads

    Output

    • Current state cloud summary for service, delivery, and support models

    Materials

    • Whiteboard

    Participants

    • Core working group
    • Infrastructure team
    • Service owners
    1. On a whiteboard (real or virtual) draw a table with each of the cloud service models across the top. Leave a cell below each to list examples.
    2. Under each service model, record examples present in your environment. The purpose of the exercise is to illustrate the existence of cloud services in your environment or the lack thereof, so there is no need to be exhaustive. Complete this in turn for each service model until you are satisfied that you have created an effective picture of your current cloud SaaS state, IaaS state, etc.
    3. Input the results into their own slide titled “current state summary” in the Cloud Vision Executive Presentation.
    4. Repeat for the cloud delivery models and support models and include the results of those exercises as well.
    5. Create a short summary statement (“We are primarily a public cloud consumer with a large SaaS footprint and minimal presence in PaaS and IaaS. We retain an MSP to manage our hosted telephony solution; otherwise, everything is handled in house.”

    Cloud Vision Executive Presentation

    Step 1.4

    Select workloads for current analysis

    Activities

    1.4.1 Select workloads for assessment

    This step involves the following participants:

    • Core working group

    Outcomes of this step

    • List of workloads for assessment

    Understand the cloud

    Generate goals and drivers

    Explore cloud characteristics

    Create a current state summary

    Select workloads for analysis

    1.4.1 Select workloads for assessment

    30 minutes

    Input

    • Knowledge of existing cloud workloads

    Output

    • List of workloads to be assessed

    Materials

    • Whiteboard
    • Cloud Vision Workbook

    Participants

    • Core working group
    • IT management
    1. In many cases, the cloud project is inspired by a desire to move a particular workload or set of workloads. Solicit feedback from the core working group about what these workloads might be. Ask everyone in the meeting to suggest a workload and record each one on a sticky note or white board (virtual or physical).
    2. Discuss the results with the group and begin grouping similar workloads together. They will be subject to the assessments in the Cloud Vision Workbook, so try to avoid selecting too many workloads that will produce similar answers. It might not be obvious, but try to think about workloads that have similar usage patterns, risk levels, and performance requirements, and select a representative group.
    3. You should embrace counterintuition by selecting a workload that you think is unlikely to be a good fit for the cloud if you can and subjecting it to the assessment as well for validation purposes.
    4. When you have a list of 4-6 workloads, record them on tab 2 of the Cloud Vision Workbook.

    Cloud Vision Workbook

    Assess your cloud workloads

    Build the foundations of your cloud vision

    Phase 2

    Phase 2

    Evaluate Cloud Workloads

    Phase 1

    1.1 Generate goals and drivers

    1.2 Explore cloud characteristics

    1.3 Create a current state summary

    1.4 Select workloads for analysis

    Phase 2

    2.1 Conduct workload assessments

    2.2 Determine workload future states

    Phase 3

    3.1 Generate risks and roadblocks

    3.2 Mitigate risks and roadblocks

    3.3 Define roadmap initiatives

    Phase 4

    4.1 Review and assign work items

    4.2 Finalize cloud decision framework

    4.3 Create cloud vision

    This phase will walk you through the following activities:

    • Conduct workload assessments
    • Determine workload future state

    This phase involves the following participants:

    • Subject matter experts
    • Core working group
    • IT management

    Define Your Cloud Vision

    Work from the bottom up and assess your workloads

    A workload-first approach will help you create a realistic vision.

    The concept of a cloud vision should unquestionably be informed by the nature of the workloads that IT is expected to provide for the wider organization. The overall cloud vision is no greater than the sum of its parts. You cannot migrate to the cloud in the abstract. Workloads need to go – and not all workloads are equally suitable for the transition.

    It is therefore imperative to understand which workloads are a good fit for the cloud, which cloud service models make the most sense, how to execute the migration, what support should look like, and what risks and roadblocks you are likely to encounter as part of the process.

    That’s where the Cloud Vision Workbook comes into play. You can use this tool to assess as many workloads as you’d like – most people get the idea after about four – and by the end of the exercise, you should have a pretty good idea about where your workloads belong, and you’ll have a tool to assess any net new or previously unconsidered workloads.

    It’s not so much about the results of the assessment – though these are undeniably important – but about the learnings gleaned from the collaborative assessment exercise. While you can certainly fill out the assessment without any additional input, this exercise is most effective when completed as part of a group.

    Introducing the Cloud Vision Workbook

    • The Cloud Vision Workbook is an Excel tool that answers the age old question: “What should I do with my workloads?”
    • It is divided into eight tabs, each of which offers unique value. Start by reading the introduction and inputting your list of workloads. Work your way through tabs 3-6, completing the suitability, migration, management, and risk and roadblock assessments, and review the results on tab 7.
    • If you choose to go through the full battery of assessments for each workload, expect to answer and weight 111 unique questions across the four assessments. This is an intensive exercise, so carefully consider which assessments are valuable to you, and what workloads you have time to assess.
    • Tab 8 hosts the milestone timeline and captures the results of the phase 3 risk and mitigation exercise.

    Understand Cloud Vision Workbook outputs

    The image shows a graphic with several graphs and lists on it, with sections highlighted with notes. At the top, there's the title Database with the note Workload title (populated from tab 2). Below that, there is a graph with the note Relative suitability of the five service models. The Risks and roadblocks section includes the note: The strategy components – the risks and roadblocks – are captured relative to one another to highlight key focus areas. To the left of that, there is a Notes section with the note Notes populated based on post-assessment discussion. At the bottom, there is a section titled Where should skills be procured?, with the note The radar diagram captures the recommended support model relative to the others (MSP, consultant, internal IT). To the right of that, there is a section titled Migration path, with the note that Ordered list of migration paths. Note: a disconnect here with the suggested service model may indicate an unrealistic goal state.

    Step 2.1

    Conduct workload assessments

    Activities

    2.1.1 Conduct workload assessments

    2.1.2 Interpret your results

    Phase Title

    Conduct workload assessments

    Determine workload future state

    This step involves the following participants:

    • Core working group
    • Workload subject matter experts

    Outcomes of this step

    • Completed workload assessments

    2.1.1 Conduct workload assessments

    2 hours per workload

    Input

    • List of workloads to be assessed

    Output

    • Completed cloud vision assessments

    Materials

    • Cloud Vision Workbook

    Participants

    • Core working group
    • Service owners/workload SMEs
    1. The Cloud Vision Workbook is your one stop shop for all things workload assessment. Open the tool to tab 2 and review the workloads you identified at the end of phase 1. Ensure that these are correct. Once satisfied, project the tool (virtually, if necessary) so that all participants can see the assessment questions.
    2. Work through tabs 3-6, answering the questions and assigning a multiplier for each one. A higher multiplier increases the relative weight of the question, giving it a greater impact on the overall outcome.
    3. Do your best to induce participants to offer opinions. Consensus is not absolutely necessary, but it is a good goal. Ask your participants if they agree with initial responses and occasionally take the opposite position (“I’m surprised you said agree – I would have thought we didn’t care about CapEx vs. OpEx”). Stimulate discussion.
    4. Highlight any questions that you will need to return to or run by someone not present. Include a placeholder answer, as the tool requires all cells to be filled for computation.

    Cloud Vision Workbook

    2.1.2 Interpret your results

    10 minutes

    Input

    • Completed cloud vision assessments

    Output

    • Shared understanding of implications

    Materials

    • Cloud Vision Workbook

    Participants

    • Core working group
    • Service owners/workload SMEs
    1. Once you’ve completed all 111 questions for each workload, you can review your results on tab 7. On tab 7, you will see four populated graphics: cloud suitability, migration path, “where should skills be procured?”, and risks and roadblocks. These represent the components of the overall cloud vision that you will present to stakeholders.
    2. The “cloud suitability” chart captures the service model that the assessment judges to be most suitable for the workload. Ask those present if any are surprised by the output. If there is any disagreement, discuss the source of the surprise and what a more realistic outcome would be. Revisit the assessment if necessary.
    3. Conduct a similar exercise with each of the other outputs. Does it make sense to refactor the workload based on its cloud suitability? Does the fact that we scored so highly on the “consultant” support model indicate something about how we handle upskilling internally? Does the profile of risks and roadblocks identified here align with expectations? What should be ranked higher? What about lower?
    4. Once everyone is generally satisfied with the results, close the tool and take a break! You’ve earned it.

    Cloud Vision Workbook

    Understand the cloud strategy components

    Each cloud strategy will take a slightly different form, but all should contain echoes of each of these components. This process will help you define your vision and direction, but you will need to take steps to execute on that vision. The remainder of the cloud strategy, covered in the related blueprint Document Your Cloud Strategy comprises these fourteen topics divided across three categories: people, governance, and technology. The workload assessment covers these under risks and roadblocks and highlights areas that may require specific additional attention. When interpreting the results, think of these areas as comprising things that you will need to do to make your vision a reality.

    People

    • Skills and roles
    • Culture and adoption
    • Governing bodies

    Governance

    • Architecture
    • Integration and interoperability
    • Operations management
    • Cloud portfolio management
    • Cloud vendor management
    • Finance management
    • Security
    • Data controls

    Technology

    • Monitoring
    • Provisioning
    • Migration

    Strategy component: People

    People form the core of any good strategy. As part of your cloud vision, you will need to understand the implications a cloud transition will have on your staff and users, whether those users are internal or external.

    Component Description Challenges
    Skills and roles The move to the cloud will require staff to learn how to handle new technology and new operational processes. The cloud is a different way of procuring IT resources and may require the definition of new roles to handle things like cost management and provisioning. Staff may not have the necessary experience to migrate to a cloud environment or to effectively manage resources once the cloud transition is made. Cloud skills are difficult to hire for, and with the ever-changing nature of the platforms themselves, this shows no sign of abating. Redefining roles can also be politically challenging and should be done with due care and consideration.
    Culture and adoption If you build it, they will come…right? It is not always the case that a new service immediately attracts users. Ensuring that organizational culture aligns with the cloud vision is a critical success factor. Equally important is ensuring that cloud resources are used as intended. Those unfamiliar with cloud resources may be less willing to learn to use them. If alternatives exist (e.g. a legacy service that has not been shut down), or if those detractors are influential, this resistance may impede your cloud execution. Also, if the cloud transition involves significant effort or a fundamental rework (e.g. a DevOps transition) this role redefinition could cause some internal turmoil.
    Governing bodies A large-scale cloud deployment requires formal governance. Formal governance requires a governing body that is ultimately responsible for designing the said governance. This could take the form of a “center of excellence” or may rest with a single cloud architect in a smaller, less complicated environment. Governance is difficult. Defining responsibilities in a way that includes all relevant stakeholders without paralyzing the decision-making process is difficult. Implementing suggestions is a challenge. Navigating the changing nature of service provision (who can provision their own instances or assign licenses?) can be difficult as well. All these concerns must be addressed in a cloud strategy.

    Strategy component: Governance

    Without guardrails, the cloud deployment will grow organically. This has strengths (people tend to adopt solutions that they select and deploy themselves), but these are more than balanced out by the drawbacks that come with inconsistency, poor administration, duplication of services, suboptimal costing, and any number of other unique challenges. The solution is to develop and deploy governance. The following list captures some of the necessary governance-related components of a cloud strategy.

    Component Description Challenges
    Architecture Enterprise architecture is an important function in any environment with more than one interacting workload component (read: any environment). The cloud strategy should include an approach to defining and implementing a standard cloud architecture and should assign responsibility to an individual or group. Sometimes the cloud transition is inspired by the desire to rearchitect. The necessary skills and knowledge may not be readily available to design and transition to a microservices-based environment, for example, vs. a traditional monolithic application architecture. The appropriateness of a serverless environment may not be well understood, and it may be the case that architects are unfamiliar with cloud best practices and reference architectures.
    Integration and interoperability Many services are only highly functional when integrated with other services. What is a database without its front-end? What is an analytics platform without its data lake? For the cloud vision to be properly implemented, a strategy for handling integration and interoperability must be developed. It may be as simple as “all SaaS apps must be compatible with Okta” but it must be there. Migration to the cloud may require a fundamentally new approach to integration, moving away from a point-to-point integrations and towards an ESB or data lake. In many cases, this is easier said than done. Centralization of management may be appealing, but legacy applications – or those acquired informally in a one-off fashion – might not be so easy to integrate into a central management platform.
    Operations management Service management (ITIL processes) must be aligned with your overall cloud strategy. Migrating to the cloud (where applicable) will require refining these processes, including incident, problem, request, change, and configuration management, to make them more suitable for the cloud environment. Operations management doesn’t go away in the cloud, but it does change in line with the transition to shared responsibility. Responding to incidents may be more difficult on the cloud when troubleshooting is a vendor’s responsibility. Change management in a SaaS environment may be more receptive than staff are used to as cloud providers push changes out that cannot be rolled back.

    Strategy component: Governance (cont.)

    Component Description Challenges
    Cloud portfolio management This component refers to the act of managing the portfolio of cloud services that is available to IT and to business users. What requirements must a SaaS service meet to be onboarded into the environment? How do we account for exceptions to our IaaS policy? What about services that are only available from a certain provider? Rationalizing services offers administrative benefits, but may make some tasks more difficult for end users who have learned things a certain way or rely on niche toolsets. Managing access through a service catalog can also be challenging based on buy-in and ongoing administration. It is necessary to develop and implement policy.
    Cloud vendor management Who owns the vendor management function, and what do their duties entail? What contract language must be standard? What does due diligence look like? How should negotiations be conducted? What does a severing of the relationship look like? Cloud service models are generally different from traditional hosted software and even from each other (e.g. SaaS vs. PaaS). There is a bit of a learning curve when it comes to dealing with vendors. Also relevant: the skills that it takes to build and maintain a system are not necessarily the same as those required to coherently interact with a cloud vendor.
    Finance management Cloud services are, by definition, subject to a kind of granular, operational billing that many shops might not be used to. Someone will need to accurately project and allocate costs, while ensuring that services are monitored for cost abnormalities. Cloud cost challenges often relate to overall expense (“the cloud is more expensive than an alternative solution”), expense variability (“I don’t know what my budget needs to be this quarter”), and cost complexity (“I don’t understand what I’m paying for – what’s an Elastic Beanstalk?”).
    Security The cloud is not inherently more or less secure than a premises-based alternative, though the risk profile can be different. Applying appropriate security governance to ensure workloads are compliant with security requirements is an essential component of the strategy.

    Technical security architecture can be a challenge, as well as navigating the shared responsibility that comes with a cloud transition. There are also a plethora of cloud-specific security tools like cloud access security brokers (CASBs), cloud security posture management (CSPM) solutions, and even secure access services edge (SASE) technology.

    Data controls Data residency, classification, quality, and protection are important considerations for any cloud strategy. With cloud providers taking on outsized responsibility, understanding and governing data is essential. Cloud providers like to abstract away from the end user, and while some may be able to guarantee residency, others may not. Additionally, regulations may prevent some data from going to the cloud, and you may need to develop a new organizational backup strategy to account for the cloud.

    Strategy component: Technology

    Good technology will never replace good people and effective process, but it remains important in its own right. A migration that neglects the undeniable technical components of a solid cloud strategy is doomed to mediocrity at best and failure at worst. Understanding the technical implications of the cloud vision – particularly in terms of monitoring, provisioning, and migration – makes all the difference. You can interpret the results of the cloud workload assessments by reviewing the details presented here.

    Component Description Challenges
    Monitoring The cloud must be monitored in line with performance requirements. Staff must ensure that appropriate tools are in place to properly monitor cloud workloads and that they are capturing adequate and relevant data. Defining requirements for monitoring a potentially unfamiliar environment can be difficult, as can consolidating on a monitoring solution that both meets requirements and covers all relevant areas. There may be some upskilling and integration work required to ensure that monitoring works as required.
    Provisioning How will provisioning be done? Who will be responsible for ensuring the right people have access to the right resources? What tooling must be deployed to support provisioning goals? What technical steps must be taken to ensure that the provisioning is as seamless as possible? There is the inevitable challenge of assigning responsibility and accountability in a changing infrastructure and operations environment, especially if the changes are substantial (e.g. a fundamental operating model shift, reoriented around the cloud). Staff may also need to familiarize themselves with cloud-based provisioning tools like Ansible, Terraform, or even CloudFormation.
    Migration The act of migrating is important as well. In some cases, the migration is as simple as configuring the new environment and turning it up (e.g. with a net new SaaS service). In other cases, the migration itself can be a substantial undertaking, involving large amounts of data, a complicated replatforming/refactoring, and/or a significant configuration exercise.

    Not all migration journeys are created equal, and challenges include a general lack of understanding of the requirements of a migration, the techniques that might be necessary to migrate to a particular cloud (there are many) and the disruption/risk associated with moving large amounts of data. All of these challenges must be considered as part of the overall cloud strategy, whether in terms of architectural principles or skill acquisition (or both!).

    Step 2.2

    Determine workload future state

    Activities

    2.2.1 Determine workload future state

    Conduct workload assessments

    Determine workload future state

    This step involves the following participants:

    • IT management
    • Core working group

    Outcomes of this step

    • Completed workload assessments
    • Defined workload future state

    2.2.1 Determine workload future state

    1-3 hours

    Input

    • Completed workload assessments

    Output

    • Preliminary future state outputs

    Materials

    • Cloud Vision Workbook
    • Cloud Vision Executive Presentation

    Participants

    • Core working group
    • Service owners
    • IT management
    1. After you’ve had a chance to validate your results, refer to tab 7 of the tool, where you will find a blank notes section.
    2. With the working group, capture your answers to each of the following questions:
      1. What service model is the most suitable for the workload? Why?
      2. How will we conduct the migration? Which of the six models makes the most sense? Do we have a backup plan if our primary plan doesn’t work out?
      3. What should the support model look like?
      4. What are some workload-specific risks and considerations that must be taken into account for the workload?
    3. Once you’ve got answers to each of these questions for each of the workloads, include your summary in the “notes” section of tab 7.

    Cloud Vision Executive Presentation

    Paste the output into the Cloud Vision Executive Presentation

    • The Cloud Vision Workbook output is a compact, consumable summary of each workload’s planned future state. Paste each assessment in as necessary.
    • There is no absolutely correct way to present the information, but the output is a good place to start. Do note that, while the presentation is designed to lead with the vision statement, because the process is workload-first, the assessments are populated prior to the overall vision in a bottom-up manner.
    • Be sure to anticipate the questions you are likely to receive from any stakeholders. You may consider preparing for questions like: “What other workloads fit this profile?” “What do we expect the impact on the budget to be?” “How long will this take?” Keep these and other questions in mind as you progress through the vision definition process.

    The image shows the Cloud Vision Workbook output, which was described in an annotated version in an earlier section.

    Info-Tech Insight

    Keep your audience in mind. You may want to include some additional context in the presentation if the results are going to be presented to non-technical stakeholders or those who are not familiar with the terms or how to interpret the outputs.

    Identify and Mitigate Risks

    Build the foundations of your cloud vision

    PHASE 3

    Phase 3

    Identify and Mitigate Risks

    Phase 1

    1.1 Generate goals and drivers

    1.2 Explore cloud characteristics

    1.3 Create a current state summary

    1.4 Select workloads for analysis

    Phase 2

    2.1 Conduct workload assessments

    2.2 Determine workload future states

    Phase 3

    3.1 Generate risks and roadblocks

    3.2 Mitigate risks and roadblocks

    3.3 Define roadmap initiatives

    Phase 4

    4.1 Review and assign work items

    4.2 Finalize cloud decision framework

    4.3 Create cloud vision

    This phase will walk you through the following activities:

    • Generate risks and roadblocks
    • Mitigate risks and roadblocks
    • Define roadmap initiatives

    This phase involves the following participants:

    • Core working group
    • Workload subject matter experts

    You know what you want to do, but what do you have to do?

    What questions remain unanswered?

    There are workload-level risks and roadblocks, and there are environment-level risks. This phase is focused primarily on environment-level risks and roadblocks, or those that are likely to span multiple workloads (but this is not hard and fast rule – anything that you deem worth discussing is worth discussing). The framework here calls for an open forum where all stakeholders – technical and non-technical, pro-cloud and anti-cloud, management and individual contributor – have an opportunity to articulate their concerns, however specific or general, and receive feedback and possible mitigation.

    Start by soliciting feedback. You can do this over time or in a single session. Encourage anyone with an opinion to share it. Focus on those who are likely to have a perspective that will become relevant at some point during the creation of the cloud strategy and the execution of any migration. Explain the preliminary direction; highlight any major changes that you foresee. Remind participants that you are not looking for solutions (yet), but that you want to make sure you hear any and every concern as early as possible. You will get feedback and it will all be valuable.

    Before cutting your participants loose, remind them that, as with all business decisions, the cloud comes with trade-offs. Not everyone will have every wish fulfilled, and in some cases, significant effort may be needed to get around a roadblock, risks may need to be accepted, and workloads that looked like promising candidates for one service model or another may not be able to realize that potential. This is a normal and expected part of the cloud vision process.

    Once the risks and roadblocks conversation is complete, it is the core working group’s job to propose and validate mitigations. Not every risk can be completely resolved, but the cloud has been around for decades – chances are someone else has faced a similar challenge and made it through relatively unscathed. That work will inevitably result in initiatives for immediate execution. Those initiatives will form the core of the initiative roadmap that accompanies the completed Cloud Vision Executive Presentation.

    Step 3.1

    Generate risks and roadblocks

    Activities

    3.1.1 Generate risks and roadblocks

    3.1.2 Generate mitigations

    Identify and mitigate risks

    Generate risks and roadblocks

    Mitigate risks and roadblocks

    Define roadmap initiatives

    This step involves the following participants:

    • Core working group
    • IT management
    • Infrastructure
    • Applications
    • Security
    • Architecture

    Outcomes of this step

    • List of risks and roadblocks

    Understand risks and roadblocks

    Risk

    • Something that could potentially go wrong.
    • You can respond to risks by mitigating them:
      • Eliminate: take action to prevent the risk from causing issues.
      • Reduce: take action to minimize the likelihood/severity of the risk.
      • Transfer: shift responsibility for the risk away from IT, towards another division of the company.
      • Accept: where the likelihood or severity is low, it may be prudent to accept that the risk could come to fruition.

    Roadblock

    • There are things that aren’t “risks” that we care about when migrating to the cloud.
    • We know, for example, that a complicated integration situation will create work items for any migration – this is not an “unknown.”
    • We respond to roadblocks by generating work items.

    3.1.1 Generate risks and roadblocks

    1.5 hours

    Input

    • Completed cloud vision assessments

    Output

    • List of risks and roadblocks

    Materials

    • Whiteboard
    • Sticky notes

    Participants

    • Core working group
    • Service owners/workload SMEs
    • Anyone with concerns about the cloud
    1. Gather your core working group – and really anyone with an intelligent opinion on the cloud – into a single meeting space. Give the group 5-10 minutes to list anything they think could present a difficulty in transitioning workloads to the cloud. Write each risk/roadblock on its own sticky note. You will never be 100% exhaustive, but don’t let anything your users care about go unaddressed.
    2. Once everyone has had time to write down their risks and roadblocks, have everyone share one by one. Make sure you get them all. Overlap in risks and roadblocks is okay! Group similar concerns together to give a sort of heat map of what your participants are concerned about. (This is called “affinity diagramming.”)
    3. Assign names to these categories. Many of these categories will align with the strategy components discussed in the previous phase (governance, security, etc.) but some will be specific whether by nature or by degree.
    4. Sort each of the individual risks into its respective category, collapsing any exact duplicates, and leaving room for notes and mitigations (see the next slide for a visual).

    Understand risks and roadblocks

    The image is two columns--on the left, the column is titled Affinity Diagramming. Below the title, there are many colored blocks, randomly arranged. There is an arrow pointing right, to the same coloured blocks, now sorted by colour. In the right column--titled Categorization--each colour has been assigned a category, with subcategories.

    Step 3.2

    Mitigate risks and roadblocks

    Activities

    3.2.1 Generate mitigations

    Identify and mitigate risks

    Generate risks and roadblocks

    Mitigate risks and roadblocks

    Define roadmap initiatives

    This step involves the following participants:

    • Core working group

    Outcomes of this step

    • List of mitigations

    Is the public cloud less secure?

    This is the key risk-related question that most cloud customers will have to answer at some point: does migrating to the cloud for some services increase their exposure and create a security problem?

    As with all good questions, the answer is “it depends.” But what does it depend on? Consider these cloud risks and potential mitigations:

    1. Misconfiguration: An error grants access to unauthorized parties (as happened to Capital One in 2019). This can be mitigated by careful configuration management and third-party tooling.
    2. Unauthorized access by cloud provider/partner employees: Though rare, it is possible that a cloud provider or partner can be a vector for a breach. Careful contract language, choosing to own your own encryption keys, and a hybrid approach (storing data on-premises) are some possible ways to address this problem.
    3. Unauthorized access to systems: Cloud services are designed to be accessed from anywhere and may be accessed by malicious actors. Possible mitigations include risk-based conditional access, careful identity access management, and logging and detection.

    “The cloud is definitely more secure in that you have much more control, you have much more security tooling, much more visibility, and much more automation. So it is more secure. The caveat is that there is more risk. It is easier to accidentally expose data in the cloud than it is on-premises, but, especially for security, the amount of tooling and visibility you get in cloud is much more than anything we’ve had in our careers on-premises, and that’s why I think cloud in general is more secure.” –Abdul Kittana, Founder, ASecureCloud

    Breach bests bank

    No cloud provider can protect against every misconfiguration

    Industry: Finance

    Source: The New York Times, CNET

    Background

    Capital One is a major Amazon Web Services customer and is even featured on Amazon’s site as a case study. That case study emphasizes the bank’s commitment to the cloud and highlights how central security and compliance were. From the CTO: “Before we moved a single workload, we engaged groups from across the company to build a risk framework for the cloud that met the same high bar for security and compliance that we meet in our on-premises environments. AWS worked with us every step of the way.”

    Complication

    The cloud migration was humming along until July 2019, when the bank suffered a serious breach at the hands of a hacker. That hacker was able to steal millions of credit card applications and hundreds of thousands of Social Security numbers, bank account numbers, and Canadian social insurance numbers.

    According to investigators and to AWS, the breach was caused by an open reverse proxy attack against a misconfigured web app firewall, not by an underlying vulnerability in the cloud infrastructure.

    Results

    Capital One reported that the breach was expected to cost it $150 million, and AWS fervently denied any blame. The US Senate got involved, as did national media, and Capital One’s CEO issued a public apology, writing, “I sincerely apologize for the understandable worry this incident must be causing those affected, and I am committed to making it right.”

    It was a bad few months for IT at Capital One.

    3.2.1 Generate mitigations

    3-4.5 hours

    Input

    • Completed cloud vision assessments

    Output

    • List of risks and roadblocks

    Materials

    • Whiteboard
    • Sticky notes

    Participants

    • Core working group
    • Service owners/workload SMEs
    • Anyone with concerns about the cloud
    1. Recall the four mitigation strategies: eliminate, reduce, transfer, or accept. Keep these in mind as you work through the list of risks and roadblocks with the core working group. For every individual risk or roadblock raised in the initial generation session, suggest a specific mitigation. If the concern is “SaaS providers having access to confidential information,” a mitigation might be encryption, specific contract language, or proof of certifications (or all the above).
    2. Work through this for each of the risks and roadblocks, identifying the steps you need to take that would satisfy your requirements as you understand them.
    3. Once you have gone through the whole list – ideally with input from SMEs in particular areas like security, engineering, and compliance/legal – populate the Cloud Vision Workbook (tab 8) with the risks, roadblocks, and mitigations (sorted by category). Review tab 8 for an example of the output of this exercise.

    Cloud Vision Workbook

    Cloud Vision Workbook – mitigations

    The image shows a large chart titled Risks, roadblocks, and mitigations, which has been annotated with notes.

    Step 3.3

    Define roadmap initiatives

    Activities

    3.3.1 Generate roadmap initiatives

    Identify and mitigate risks

    Generate risks and roadblocks

    Mitigate risks and roadblocks

    Define roadmap initiatives

    This step involves the following participants:

    • Core working group

    Outcomes of this step

    • Defined roadmap initiatives

    3.3.1 Generate roadmap initiatives

    1 hour

    Input

    • List of risk and roadblock mitigations

    Output

    • List of cloud initiatives

    Materials

    • Cloud Vision Workbook

    Participants

    • Core working group
    1. Executing on your cloud vision will likely require you to undertake some key initiatives, many of which have already been identified as part of your mitigation exercise. On tab 8 of the Cloud Vision Workbook, review the mitigations you created in response to the risks and roadblocks identified. Initiatives should generally be assignable to a party and should have a defined scope/duration. For example, “assess all net new applications for cloud suitability” might not be counted as an initiative, but “design a cloud application assessment” would likely be.
    2. Design a timeline appropriate for your specific needs. Generally short-term (less than 3 months), medium-term (3-6 months), and long-term (greater than 6 months) will work, but this is entirely based on preference.
    3. Review and validate the parameters with the working group. Consider creating additional color-coding (highlighting certain tasks that might be dependent on a decision or have ongoing components).

    Cloud Vision Workbook

    Bridge the gap and create the vision

    Build the foundations of your cloud vision

    Phase 4

    Phase 4

    Bridge the Gap and Create the Vision

    Phase 1

    1.1 Generate goals and drivers

    1.2 Explore cloud characteristics

    1.3 Create a current state summary

    1.4 Select workloads for analysis

    Phase 2

    2.1 Conduct workload assessments

    2.2 Determine workload future states

    Phase 3

    3.1 Generate risks and roadblocks

    3.2 Mitigate risks and roadblocks

    3.3 Define roadmap initiatives

    Phase 4

    4.1 Review and assign work items

    4.2 Finalize cloud decision framework

    4.3 Create cloud vision

    This phase will walk you through the following activities:

    • Assign initiatives and propose timelines
    • Build a delivery model rubric
    • Build a service model rubric
    • Built a support model rubric
    • Create a cloud vision statement
    • Map cloud workloads
    • Complete the Cloud Vision presentation

    This phase involves the following participants:

    • IT management, the core working group, security, infrastructure, operations, architecture, engineering, applications, non-IT stakeholders

    Step 4.1

    Review and assign work items

    Activities

    4.1.1 Assign initiatives and propose timelines

    Bridge the gap and create the vision

    Review and assign work items

    Finalize cloud decision framework

    Create cloud vision

    This step involves the following participants:

    • Core working group
    • IT management

    Outcomes of this step

    • Populated cloud vision roadmap

    4.1.1 Assign initiatives and propose timelines

    1 hour

    Input

    • List of cloud initiatives

    Output

    • Initiatives assigned by responsibility and timeline

    Materials

    • Cloud Vision Workbook

    Participants

    • Core working group
    1. Once the list is populated, begin assigning responsibility for execution. This is not a RACI exercise, so focus on the functional responsibility. Once you have determined who is responsible, assign a timeline and include any notes. This will form the basis of a more formal project plan.
    2. To assign the initiative to a party, consider 1) who will be responsible for execution and 2) if that responsibility will be shared. Be as specific as possible, but be sure to be consistent to make it easier for you to sort responsibility later on.
    3. When assigning timelines, we suggest including the end date (when you expect the project to be complete) rather than the start date, though whatever you choose, be sure to be consistent. Make use of the notes column to record anything that you think any other readers will need to be aware of in the future, or details that may not be possible to commit to memory.

    Cloud Vision Workbook

    Step 4.2

    Finalize cloud decision framework

    Activities

    4.2.1 Build a delivery model rubric

    4.2.2 Build a service model rubric

    4.2.3 Build a support model rubric

    Bridge the gap and create the vision

    Review and assign work items

    Finalize cloud decision framework

    Create cloud vision

    This step involves the following participants:

    • Core working group

    Outcomes of this step

    • Cloud decision framework

    4.2.1 Build a delivery model rubric

    1 hour

    Input

    • List of cloud initiatives

    Output

    • Initiatives assigned by responsibility and timeline

    Materials

    Participants

    • Core working group
    1. Now that we have a good understanding of the cloud’s key characteristics, the relative suitability of different workloads for the cloud, and a good understanding of some of the risks and roadblocks that may need to be overcome if a cloud transition is to take place, it is time to formalize a delivery model rubric. Start by listing the delivery models on a white board vertically – public, private, hybrid, and multi-cloud. Include a community cloud option as well if that is feasible for you. Strike any models that do not figure into your vision.
    2. Create a table style rubric for each delivery model. Confer with the working group to determine what characteristics best define workloads suitable for each model. If you have a hybrid cloud option, you may consider workloads that are highly dynamic; a private cloud hosted on-premises may be more suitable for workloads that have extensive regulatory requirements.
    3. Once the table is complete, include it in the Cloud Vision Executive Presentation.

    Cloud Vision Executive Presentation

    Vision for the cloud future state (example)

    Delivery model Decision criteria
    Public cloud
    • Public cloud is the primary destination for all workloads as the goal is to eliminate facilities and infrastructure management
    • Offers features, broad accessibility, and managed updates along with provider-managed facilities and hardware
    Legacy datacenter
    • Any workload that is not a good fit for the public cloud
    • Dependency (like a USB key for license validation)
    • Performance requirements (e.g. workloads highly sensitive to transaction thresholds)
    • Local infrastructure components (firewall, switches, NVR)

    Summary statement: Everything must go! Public cloud is a top priority. Anything that is not compatible (for whatever reason) with a public cloud deployment will be retained in a premises-based server closet (downgraded from a full datacenter). The private cloud does not align with the overall organizational vision, nor does a hybrid solution.

    4.2.2 Build a service model rubric

    1 hour

    Input

    • Output of workload assessments
    • Output of risk and mitigation exercise

    Output

    • Service model rubric

    Materials

    • Whiteboard
    • Cloud Vision Executive Presentation

    Participants

    • Core working group
    1. This next activity is like the delivery model activity, but covers the relevant cloud service models. On a whiteboard, make a vertical list of the cloud service models (SaaS, PaaS, IaaS, etc.) that will be considered for workloads. If you have an order of preference, place your most preferred at the top, your least preferred at the bottom.
    2. Describe the circumstances under which you would select each service model. Do your best to focus on differentiators. If a decision criterion appears for multiple service models, consider refining or excluding it. (For additional information, check out Info-Tech’s Reimagine IT Operations for a Cloud-First World blueprint.)
    3. Create a summary statement to capture your overall service model position. See the next slide for an example. Note: this can be incorporated into your cloud vision statement, so be sure that it reflects your genuine cloud preferences.
    4. Record the results in the Cloud Vision Executive Presentation.

    Cloud Vision Executive Presentation

    Vision for the cloud future state (example)

    Service model Decision criteria
    SaaS

    SaaS first; opt for SaaS when:

    • A SaaS option exists that meets all key business requirements
    • There is a strong desire to have someone else (the vendor) manage infrastructure components/the platform
    • Not particularly sensitive to performance thresholds
    • The goal is to transition management of the workload outside of IT
    • SaaS is the only feasible way to consume the desired service
    PaaS
    • Highly customized service/workload – SaaS not feasible
    • Still preferable to offload as much management as possible to third parties
    • Customization required, but not at the platform level
    • The workload is built using a standard framework
    • We have the time/resources to replatform
    IaaS
    • Service needs to be lifted and shifted out of the datacenter quickly
    • Customization is required at the platform level/there is value in managing components
    • There is no need to manage facilities
    • Performance is not impacted by hosting the workload offsite
    • There is value in right-sizing the workload over time
    On-premises Anything that does not fit in the cloud for performance or other reasons (e.g. licensing key)

    Summary statement: SaaS will be the primary service model. All workloads will migrate to the public cloud where possible. Anything that cannot be migrated to SaaS will be migrated to PaaS. IaaS is a transitory step.

    4.2.3 Build a support model rubric

    1 hour

    Input

    • Results of the cloud workload assessments

    Output

    • Support model rubric

    Materials

    • Whiteboard
    • Cloud Vision Executive Presentation

    Participants

    • Core working group
    1. The final rubric covered here is that for the support model. Where will you procure the skills necessary to ensure the vision’s proper execution? Much like the other rubric activities, write the three support models vertically (in order of preference, if you have one) on a whiteboard.
    2. Next to each model, describe the circumstances under which you would select each support model. Focus on the dimensions: the duration of the engagement, specialization required, and flexibility required. If you have existing rules/practices around hiring consultants/MSPs, consider those as well.
    3. Once you have a good list of decision criteria, form a summary statement. This should encapsulate your position on support models and should mention any notable criteria that will contribute to most decisions.
    4. Record the results in the Cloud Vision Executive Presentation.

    Cloud Vision Executive Presentation

    Vision for the cloud future state (example)

    Support model Decision criteria
    Internal IT

    The primary support model will be internal IT going forward

    • Chosen where the primary work required is administrative
    • Where existing staff can manage the service in the cloud easily and effectively
    • Where the chosen solution fits the SaaS service model
    Consultant
    • Where the work required is time-bound (e.g. a migration/refactoring exercise)
    • Where the skills do not exist in house, and where the skills cannot easily be procured (specific technical expertise required in areas of the cloud unfamiliar to staff)
    • Where opportunities for staff to learn from consultant SMEs are valuable
    • Where ongoing management and maintenance can be handled in house
    MSP
    • Where an ongoing relationship is valued
    • Where ongoing administration and maintenance are disproportionately burdensome on IT staff (or where this administration and maintenance is likely to be burdensome)
    • Where the managed services model has already been proven out
    • Where specific expertise in an area of technology is required but this does not rise to the need to hire an FTE (e.g. telephony)

    Summary statement: Most workloads will be managed in house. A consultant will be employed to facilitate the transition to micro-services in a cloud container environment, but this will be transitioned to in-house staff. An MSP will continue to manage backups and telephony.

    Step 4.3

    Create cloud vision

    Activities

    4.3.1 Create a cloud vision statement

    4.3.2 Map cloud workloads

    4.3.3 Complete the Cloud Vision Presentation

    Review and assign work items

    Finalize cloud decision framework

    Create cloud vision

    This step involves the following participants:

    • Core working group
    • IT management

    Outcomes of this step

    Completed Cloud Vision Executive Presentation

    4.3.1 Create a cloud vision statement

    1 hour

    Input

    • List of cloud initiatives

    Output

    • Initiatives assigned by responsibility and timeline

    Materials

    • Cloud Vision Workbook

    Participants

    • Core working group
    1. Now that you know what service models are appropriate, it’s time to summarize your cloud vision in a succinct, consumable way. A good vision statement should have three components:
      • Scope: Which parts of the organization will the strategy impact?
      • Goal: What is the strategy intended to accomplish?
      • Key differentiator: What makes the new strategy special?
    2. On a whiteboard, make a chart with three columns (one column for each of the features of a good mission statement). Have the group generate a list of words to describe each of the categories. Ideally, the group will produce multiple answers for each category.
    3. Once you’ve gathered a few different responses for each category, have the team put their heads down and generate pithy mission statements that capture the sentiments underlying each category.
    4. Have participants read their vision statements in front of the group. Use the rest of the session to produce a final statement. Record the results in the Cloud Strategy Executive Presentation.

    Example vision statement outputs

    “IT at ACME Corp. hereby commits to providing clients and end users with an unparalleled, productivity-enabling technology experience, leveraging, insofar as it is possible and practical, cloud-based services.”

    “At ACME Corp. our employees and customers are our first priority. Using new, agile cloud services, IT is devoted to eliminating inefficiency, providing cutting-edge solutions for a fast-paced world, and making a positive difference in the lives of our colleagues and the people we serve.”

    As a global leader in technology, ACME Corp. is committed to taking full advantage of new cloud services, looking first to agile cloud options to optimize internal processes wherever efficiency gaps exist. Improved efficiency will allow associates to spend more time on ACME’s core mission: providing an unrivalled customer experience.”

    Scope

    Goal

    Key differentiator

    4.3.2 Map cloud workloads

    1 hour

    Input

    • List of workloads
    • List of acceptable service models
    • List of acceptable migration paths

    Output

    • Workloads mapped by service model/migration path

    Materials

    • Whiteboard
    • Sticky notes

    Participants

    • Core working group
    1. Now that you have defined your overall cloud vision as well as your service model options, consider aligning your service model preferences with your migration path preferences. Draw a table with your expected migration strategies across the top (retain, retire, rehost, replatform, refactor, repurchase, or some of these) and your expected service models across the side.
    2. On individual sticky notes, write a list of workloads in your environment. In a smaller environment, this list can be exhaustive. Otherwise take advantage of the list you created as part of phase 1 along with any additional workloads that warrant discussion.
    3. As a group, go through the list, placing the sticky notes first in the appropriate row based on their characteristics and the decision criteria that have already been defined, and then in the appropriate column based on the appropriate migration path. (See the next slide for an example of what this looks like.)
    4. Record the results in the Cloud Vision Executive Presentation. Note: not every cell will be filled; some migration path/service model combinations are impossible or otherwise undesirable.

    Cloud Vision Executive Presentation

    Example cloud workload map

    Repurchase Replatform Rehost Retain
    SaaS

    Office suite

    AD

    PaaS SQL Database
    IaaS File Storage DR environment
    Other

    CCTV

    Door access

    4.3.3 Complete the Cloud Vision Presentation

    1 hour

    Input

    • List of cloud initiatives

    Output

    • Initiatives assigned by responsibility and timeline

    Materials

    • Cloud Vision Workbook

    Participants

    • Core working group
    1. Open the Cloud Vision Executive Presentation to the second slide and review the templated executive brief. This comprises several sections (see the next slide). Populate each one:
      • Summary of the exercise
      • The cloud vision statement
      • Key cloud drivers
      • Risks and roadblocks
      • Top initiatives and next steps
    2. Review the remainder of the presentation. Be sure to elaborate on any significant initiatives and changes (where applicable) and to delete any slides that you no longer require.

    Cloud Vision Workbook

    Sample cloud vision executive summary

    • From [date to date], a cross-functional group representing IT and its constituents met to discuss the cloud.
    • Over the course of the week, the group identified drivers for cloud computing and developed a shared vision, evaluated several workloads through an assessment framework, identified risks, roadblocks, and mitigations, and finally generated initiatives and next steps.
    • From the process, the group produced a summary and a cloud suitability assessment framework that can be applied at the level of the workload.

    Cloud Vision Statement

    [Organization] will leverage public cloud solutions and retire existing datacenter and colocation facilities. This transition will simplify infrastructure administration, support, and security, while modernizing legacy infrastructure and reducing the need for additional capital expenditure.

    Cloud Drivers Retire the datacenter Do more valuable work
    Right-size the environment Reduce CapEx
    Facilitate ease of mgmt. Work from anywhere
    Reduce capital expenditure Take advantage of elasticity
    Performance and availability Governance Risks and roadblocks
    Security Rationalization
    Cost Skills
    Migration Remaining premises resources
    BC, backup, and DR Control

    Initiatives and next steps

    • Close the datacenter and colocation site in favor of a SaaS-first cloud approach.
    • Some workloads will migrate to infrastructure-as-a-service in the short term with the assistance of third-party consultants.

    Document your cloud strategy

    You did it!

    Congratulations! If you’ve made it this far, you’ve successfully articulated a cloud vision, assessed workloads, developed an understanding (shared with your team and stakeholders) of cloud concepts, and mitigated risks and roadblocks that you may encounter along your cloud journey. From this exercise, you should understand your mission and vision, how your cloud plans will interact with any other relevant strategic plans, and what successful execution looks like, as well as developing a good understanding of overall guiding principles. These are several components of your overall strategy, but they do not comprise the strategy in its entirety.

    How do you fix this?

    First, validate the results of the vision exercise with your stakeholders. Socialize it and collect feedback. Make changes where you think changes should be made. This will become a key foundational piece. The next step is to formally document your cloud strategy. This is a separate project and is covered in the Info-Tech blueprint Document Your Cloud Strategy.

    The vision exercise tells you where you want to go and offers some clues as to how to get there. The formal strategy exercise is a formal documentation of the target state, but also captures in detail the steps you’ll need to take, the processes you’ll need to refine, and the people you’ll need to hire.

    A cloud strategy should comprise your organizational stance on how the cloud will change your approach to people and human resources, technology, and governance. Once you are confident that you can make and enforce decisions in these areas, you should consider moving on to Document Your Cloud Strategy. This blueprint, Define Your Cloud Vision, often serves as a prerequisite for the strategy documentation conversation(s).

    Appendix

    Summary of Accomplishment

    Additional Support

    Research Contributors

    Related Info-Tech Research

    Vendor Resources

    Bibliography

    Summary of Accomplishment

    Problem Solved

    You have now documented what you want from the cloud, what you mean when you say “cloud,” and some preliminary steps you can take to make your vision a reality.

    You now have at your disposal a framework for identifying and evaluating candidates for their cloud suitability, as well as a series of techniques for generating risks and mitigations associated with your cloud journey. The next step is to formalize your cloud strategy using the takeaways from this exercise. You’re well on your way to a completed cloud strategy!

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com

    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Generate drivers for cloud adoption

    Work with stakeholders to understand the expected benefits of the cloud migration and how these drivers will impact the overall vision.

    Conduct workload assessments

    Assess your individual cloud workloads for their suitability as candidates for the cloud migration.

    Bibliography

    “2021 State of the Cloud Report.” Flexera, 2021. Web.

    “2021 State of Upskilling Report.” Pluralsight, 2021. Web.

    “AWS Snowmobile.” Amazon Web Services, n.d. Web.

    “Azure products.” Microsoft, n.d. Web.

    “Azure Migrate Documentation.” Microsoft, n.d. Web.

    Bell, Harold. “Multi-Cloud vs. Hybrid Cloud: What’s the Difference?” Nutanix, 2019. Web.

    “Cloud Products.” Amazon Web Services, n.d. Web.

    “COBIT 2019 Framework: Introduction and Methodology.” ISACA, 2019. Web.

    Edmead, Mark T. “Using COBIT 2019 to Plan and Execute an Organization’s Transformation Strategy.” ISACA, 2020. Web.

    Flitter, Emily, and Karen Weise. “Capital One Data Breach Compromises Data of Over 100 Million.” The New York Times, 29 July 2019. Web.

    Gillis, Alexander S. “Cloud Security Posture Management (CSPM).” TechTarget, 2021. Web.

    “’How to Cloud’ with Capital One.” Amazon Web Services, n.d. Web.

    “IBM Closes Landmark Acquisition of Red Hat for $34 Billion; Defines Open, Hybrid Cloud Future.” Red Hat, 9 July 2019. Web.

    Mell, Peter, and Timothy Grance. “The NIST Definition of Cloud Computing.” National Institute of Standards and Technology, Sept. 2011. Web.

    Ng, Alfred. “Amazon Tells Senators it Isn't to Blame for Capital One Breach.” CNET, 2019. Web.

    Orban, Stephen. “6 Strategies for Migrating Applications to the Cloud.” Amazon Web Services, 2016. Web.

    Sullivan, Dan. “Cloud Access Security Broker (CASB).” TechTarget, 2021. Web.

    “What Is Secure Access Service Edge (SASE)?” Cisco, n.d. Web.

    IT Asset Management (ITAM) Market Overview

    • Buy Link or Shortcode: {j2store}62|cart{/j2store}
    • member rating overall impact (scale of 10): 8.5/10 Overall Impact
    • member rating average dollars saved: $12,999 Average $ Saved
    • member rating average days saved: 24 Average Days Saved
    • Parent Category Name: Asset Management
    • Parent Category Link: /asset-management
    • Data management is challenging at the best of times but managing assets that change on a daily basis are difficult without automation and a good asset tool.
    • For organizations moving beyond basic hardware inventory, knowing what to look for to prepare for future processes seems impossible.
    • Using price as the leading criteria or just as an add-on to your ITSM solution may frustrate your efforts, especially if managing complex licensing is part of your mandate.

    Our Advice

    Critical Insight

    • If the purchase is happening independent of process design or review, it’s easy to end up with a solution that doesn’t fit your environment.
    • The complexity of your environment should be a significant factor in choosing an IT asset management solution.
    • Imagining the possibilities and understanding the differences between IT asset tools will drive you to the right solution for long term gain in managing dynamic assets.

    Impact and Result

    • Regardless of whether your IT environment is on-premises, in the cloud, or a complex hybrid of the two, knowing where your asset funds are allocated is key to right-sizing costs and reducing risks of non-compliance or lost assets.
    • Choosing the right tools for the job will be key to your success.

    IT Asset Management (ITAM) Market Overview Research & Tools

    Start here: Read the Market Overview

    Read the Market Overview to understand what features and capabilities are available in ITAM tools. The right features match is key to making a data heavy and challenging process easier for your team.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • IT Asset Management Market Overview

    1. Prepare your project plan and selection process

    Use the Info-Tech templates to identify and document your requirements, plan your project, and prepare to engage with vendors.

    • ITAM Project Charter Template
    • ITAM Demonstration Script Template
    • Proof of Concept Template
    • ITAM Vendor Evaluation Workbook
    [infographic]

    Adapt Your Customer Experience Strategy to Successfully Weather COVID-19

    • Buy Link or Shortcode: {j2store}536|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Customer Relationship Management
    • Parent Category Link: /customer-relationship-management
    • COVID-19 is an unprecedented global pandemic. It’s creating significant challenges across every sector.
    • Collapse of financial markets and a steep decline in consumer confidence has most firms nervous about revenue shortfalls and cash burn rates.
    • The economic impact of COVID-19 is freezing IT budgets and sharply changing IT priorities.
    • The human impact of COVID-19 is likely to lead to staffing shortfalls and knowledge gaps.
    • COVID-19 may be in play for up to two years.

    Our Advice

    Critical Insight

    The challenges posed by the virus are compounded by the fact that consumer expectations for strong service delivery remain high:

    • Customers still expect timely, on-demand service from the businesses they engage with.
    • There is uncertainty about how to maintain strong, revenue-driving experiences when faced with the operational challenges posed by the virus.
    • COVID-19 is changing how organizations prioritize spending priorities within their CXM strategies.

    Impact and Result

    • Info-Tech recommends rapidly updating your strategy for customer experience management to ensure it can rise to the occasion.
    • Start by assessing the risk COVID-19 poses to your CXM approach and how it’ll impact marketing, sales, and customer service functions.
    • Implement actionable measures to blunt the threat of COVID-19 while protecting revenue, maintaining consistent product and service delivery, and improving the integrity of your brand. We’ll dive into five proven techniques in this brief!

    Adapt Your Customer Experience Strategy to Successfully Weather COVID-19 Research & Tools

    Start here

    Read our concise Executive Brief to find out why you should examine the impact of COVID-19 on customer experience strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Adapt Your Customer Experience Strategy to Successfully Weather COVID-19 Storyboard

    1. Assess the impact of COVID-19 on your CXM strategy

    Create a consolidated, updated view of your current customer experience management strategy and identify which elements can be capitalized on to dampen the impact of COVID-19 and which elements are vulnerabilities that the pandemic may threaten to exacerbate.

    2. Blunt the damage of COVID-19 with new CXM tactics

    Create a roadmap of business and technology initiatives through the lens of customer experience management that can be used to help your organization protect its revenue, maintain customer engagement, and enhance its brand integrity.

    [infographic]

    Tame the Project Backlog

    • Buy Link or Shortcode: {j2store}439|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Portfolio Management
    • Parent Category Link: /portfolio-management
    • Unmanaged project backlogs can become the bane of IT departments, tying IT leaders and PMO staff down to an ever-growing receptacle of project ideas that provides little by way of strategic value and that typically represents a lack of project intake and approval discipline.
    • Decision makers frequently use the backlog to keep the peace. Lacking the time to assess the bulk of requests, or simply wanting to avoid difficult conversations with stakeholders, they “approve” everything and leave it to IT to figure it out.
    • As IT has increasing difficulty assessing – let alone starting – any of the projects in the backlog, stakeholder relations suffer. Requestors view inclusion in the backlog as a euphemism for “declined,” and often characterize the backlog as the place where good project ideas go to die.
    • Faced with these challenges, you need to make your project backlog more useful and reliable. The backlog may contain projects worth doing, but in its current untamed state, you have difficulty discerning, let alone capitalizing upon, those instances of value.

    Our Advice

    Critical Insight

    • Project backlogs are an investment and need to be treated as such. Incurring a cost impact that can be measured in terms of time and money, the backlog needs to be actively managed to ensure that you’re investing wisely and getting a good return in terms of strategic value and project throughput.
    • Unmanageable project backlogs are rooted in bad habits and poorly-defined processes. Identifying the sources that fuel backlog growth is key to long-term success. Unless the problem is addressed at the root, any gains made in the near-term will simply fade away as old, unhealthy habits re-emerge and take hold.
    • Backlog management should facilitate executive awareness about the status of backlog items as new work is being approved. In the long run, this ongoing executive engagement will not only help to keep the backlog manageable, but it will also help to bring more even workloads to IT project staff.

    Impact and Result

    • Keep the best, forget the rest. Develop a near-term approach to limit the role of the backlog to include only those items that add value to the business.
    • Shine a light. Improve executive visibility into the health and status of the backlog so that the backlog is taken into account when decision makers approve new work.
    • Evolve the organizational culture. Effectively employ organizational change management practices to evolve the culture that currently exists around the project backlog in order to ensure customer-service needs are more effectively addressed.
    • Ensure long-term sustainability. Institute processes to make sure that your list of pending projects – should you still require one after implementing this blueprint – remains minimal, maintainable, and of high value.

    Tame the Project Backlog Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how a more disciplined approach to managing your project backlog can help you realize increased value and project throughput.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Create a project backlog battle plan

    Calculate the cost of the project backlog and assess the root causes of its unmanageability.

    • Tame the Project Backlog – Phase 1: Create a Backlog Battle Plan
    • Project Backlog ROI Calculator

    2. Execute a near-term backlog cleanse

    Increase the manageability of the backlog by updating stale requests and removing dead weight.

    • Tame the Project Backlog – Phase 2: Execute a Near-Term Backlog Cleanse
    • Project Backlog Management Tool
    • Project Backlog Stakeholder Communications Template

    3. Ensure long-term backlog manageability

    Develop and maintain a manageable backlog growth rate by establishing disciplined backlog management processes.

    • Tame the Project Backlog – Phase 3: Ensure Long-Term Backlog Manageability
    • Project Backlog Operating Plan Template
    • Project Backlog Manager
    [infographic]

    Workshop: Tame the Project Backlog

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Create a Project Backlog Battle Plan

    The Purpose

    Gauge the manageability of your project backlog in its current state.

    Calculate the total cost of your project backlog investments.

    Determine the root causes that contribute to the unmanageability of your project backlog.

    Key Benefits Achieved

    An understanding of the organizational need for more disciplined backlog management.

    Visibility into the costs incurred by the project backlog.

    An awareness of the sources that feed the growth of the project backlog and make it a challenge to maintain.

    Activities

    1.1 Calculate the sunk and marginal costs that have gone into your project backlog.

    1.2 Estimate the throughput of backlog items.

    1.3 Survey the root causes of your project backlog.

    Outputs

    The total estimated cost of the project backlog.

    A project backlog return-on-investment score.

    A project backlog root cause analysis.

    2 Execute a Near-Term Project Backlog Cleanse

    The Purpose

    Identify the most organizationally appropriate goals for your backlog cleanse.

    Pinpoint those items that warrant immediate removal from the backlog and establish a game plan for putting a bullet in them.

    Communicate backlog decisions with stakeholders in a way that minimizes friction and resistance. 

    Key Benefits Achieved

    An effective, achievable, and organizationally right-sized approach to cleansing the backlog.

    Criteria for cleanse outcomes and a protocol for carrying out the near-term cleanse.

    A project sponsor outreach plan to help ensure that decisions made during your near-term cleanse stick. 

    Activities

    2.1 Establish roles and responsibilities for the near-term cleanse.

    2.2 Determine cleanse scope.

    2.3 Develop backlog prioritization criteria.

    2.4 Prepare a communication strategy.

    Outputs

    Clear accountabilities to ensure the backlog is effectively minimized and outcomes are communicated effectively.

    Clearly defined and achievable goals.

    Effective criteria for cleansing the backlog of zombie projects and maintaining projects that are of strategic and operational value.

    A communication strategy to minimize stakeholder friction and resistance.

    3 Ensure Long-Term Project Backlog Manageability

    The Purpose

    Ensure ongoing backlog manageability.

    Make sure the executive layer is aware of the ongoing status of the backlog when making project decisions.

    Customize a best-practice toolkit to help keep the project backlog useful. 

    Key Benefits Achieved

    A list of pending projects that is minimal, maintainable, and of high value.

    Executive engagement with the backlog to ensure intake and approval decisions are made with a view of the backlog in mind.

    A backlog management tool and processes for ongoing manageability. 

    Activities

    3.1 Develop a project backlog management operating model.

    3.2 Configure a project backlog management solution.

    3.3 Assign roles and responsibilities for your long-term project backlog management processes.

    3.4 Customize a project backlog management operating plan.

    Outputs

    An operating model to structure your long-term strategy around.

    A right-sized management tool to help enable your processes and executive visibility into the backlog.

    Defined accountabilities for executing project backlog management responsibilities.

    Clearly established processes for how items get in and out of the backlog, as well as for ongoing backlog review.

    Secure Your Hybrid Workforce

    • Buy Link or Shortcode: {j2store}271|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Secure Cloud & Network Architecture
    • Parent Category Link: /secure-cloud-network-architecture
    • Many IT and security leaders struggle to cope with the challenges associated with an hybrid workforce and how best to secure it.
    • Understanding the main principles of zero trust: never trust, always verify, assume breach, and verify explicitly.
    • How to go about achieving a zero trust framework.
    • Understanding the premise of SASE as it pertains to a hybrid workforce.

    Our Advice

    Critical Insight

    Securing your hybrid workforce should be an opportunity to get started on the zero trust journey. Realizing the core features needed to achieve this will assist you determine which of the options is a good fit for your organization.

    Impact and Result

    Every organization's strategy to secure their hybrid workforce should include introducing zero trust principles in certain areas. Our unique approach:

    • Assess the suitability of SASE/SSE and zero trust.
    • Present capabilities and feature benefits.
    • Procure SASE product and/or build a zero trust roadmap.

    Secure Your Hybrid Workforce Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Secure Your Hybrid Workforce Deck – The purpose of the storyboard is to provide a detailed description of the steps involved in securing your hybrid workforce with zero trust.

    The storyboard contains two easy-to-follow steps on securing your hybrid workforce with zero trust, from assessing the suitability of SASE/SSE to taking a step in building a zero trust roadmap.

    • Secure Your Hybrid Workforce – Phases 1-2

    2. Suitability Assessment Tool – A tool to identify whether SASE/SSE or a zero trust roadmap is a better fit for your organization.

    Use this tool to identify your next line of action in securing your hybrid workforce by assessing key components that conforms to the ideals and principles of Zero Trust.

    • Zero Trust - SASE Suitability Assessment Tool

    3. RFP Template – A document to guide you through requesting proposals from vendors.

    Use this document to request proposals from select vendors.

    • Request for Proposal (RFP) Template
    [infographic]

    Further reading

    Secure Your Hybrid Workforce

    SASE as a driver to zero trust.

    Analyst Perspective

    Consolidate your security and network.

    Remote connections like VPNs were not designed to be security tools or to have the capacity to handle a large hybrid workforce; hence, organizations are burdened with implementing controls that are perceived to be "security solutions." The COVID-19 pandemic forced a wave of remote work for employees that were not taken into consideration for most VPN implementations, and as a result, the understanding of the traditional network perimeter as we always knew it has shifted to include devices, applications, edges, and the internet. Additionally, remote work is here to stay as recruiting talent in the current market means you must make yourself attractive to potential hires.

    The shift in the network perimeter increases the risks associated with traditional VPN solutions as well as exposing the limitations of the solution. This is where zero trust as a principle introduces a more security-focused strategy that not only mitigates most (if not all) of the risks, but also eliminates limitations, which would enhance the business and improve customer/employee experience.

    There are several ways of achieving zero trust maturity, and one of those is SASE, which consolidates security and networking to better secure your hybrid workforce as implied trust is thrown out of the window and verification of everything becomes the new normal to defend the business.

    This is a picture of Victor Okorie

    Victor Okorie
    Senior Research Analyst, Security and Privacy
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    CISOs are looking to zero trust to fill the gaps associated with their traditional remote setup as well as to build an adaptable security strategy. Some challenges faced include:

    • Understanding the main principles of zero trust: never trust, always verify, assume breach, and verify explicitly.
    • Understanding how to achieve a zero trust framework.
    • Understanding the premise of SASE as it pertains to a hybrid workforce.

    Common Obstacles

    The zero trust journey may seem tedious because of a few obstacles like:

    • Knowing what the principle is all about and the components that align with it.
    • Knowing where to start. Due to the lack of a standardized path for the zero trust journey, going about the journey can be confusing.
    • Not having a uniform definition of what makes up a SASE solution as it is heavily dependent on vendors.

    Info-Tech's Approach

    Info-Tech provides a three-service approach to helping organizations better secure their hybrid workforce.

    • Understand your current, existing technological capabilities and challenges with your hybrid infrastructure, and prioritize those challenges.
    • Gain insight into zero trust and SASE as a mitigation/control/tool to those challenges.
    • Identify the SASE features that are relevant to your needs and a source guide for a SASE vendor.

    Info-Tech Insight

    Securing your hybrid workforce should be an opportunity to get started on the zero trust journey. Realizing the core features needed to achieve this will assist you in determining which of the options is a good fit for your organization.

    Turn your challenges into opportunities

    Hybrid workforce is the new normal

    The pandemic has shown there is no going back to full on-prem work, and as such, security should be looked at differently with various considerations in mind.

    Understand that current hybrid solutions are susceptible to various forms of attack as the threat attack surface area has now expanded with users, devices, applications, locations, and data. The traditional perimeter as we know it has expanded beyond just the corporate network, and as such, it needs a more mature security strategy.

    Onboarding and offboarding have been done remotely, and with some growth recorded, the size of companies has also increased, leading to a scaling issue.

    Employees are now demanding remote work capabilities as part of contract negotiation before accepting a job.

    Attacks have increased far more quickly during the pandemic, and all indications point to them increasing even more.

    Scarce available security personnel in the job market for hire.

    Reality Today

    This image is a circle graph and 67% of it is coloured with the number 67% in the middle of the graph

    The number of breach incidents by identity theft.
    Source: Security Magazine, 2022.

    This image is a circle graph and 78% of it is coloured with the number 78% in the middle of the graph

    IT security teams want to adopt zero trust.
    Source: Cybersecurity Insiders, 2019.

    Reduce the risks of remote work by using zero trust

    $1.07m

    $1.76m

    235

    Increase in breaches related to remote work

    Cost difference in a breach where zero trust is deployed

    Days to identify a breach

    The average cost of a data breach where remote work was a factor rose by $1.07 million in 2021. COVID-19 brought about rapid changes in organizations, and digital transformation changes curbed some of its excesses. Organizations that did not make any digital transformation changes reported a $750,000 higher costs compared to global average.

    The average cost of a breach in an organization with no zero trust deployed was $5.04 million in 2021 compared to the average cost of a breach in an organization with zero trust deployed of $3.28 million. With a difference of $1.76 million, zero trust makes a significant difference.

    Organizations with a remote work adoption rate of 50% took 235 days to identify a breach and 81 days to contain that breach – this is in comparison to the average of 212 days to identify a breach and 75 days to contain that breach.

    Source: IBM, 2021.

    Network + Security = SASE

    What exactly is a SASE product?

    The convergence and consolidation of security and network brought about the formation of secure access service edge (SASE – pronounced like "sassy"). Digital transformation, hybrid workforce, high demand of availability, uninterrupted access for employees, and a host of other factors influenced the need for this convergence that is delivered as a cloud service.

    The capabilities of a SASE solution being delivered are based on certain criteria, such as the identity of the entity (users, devices, applications, data, services, location), real-time context, continuous assessment and verification of risk and "trust" throughout the lifetime of a session, and the security and compliance policies of the organization.

    SASE continuously identifies users and devices, applies security based on policy, and provides secure access to the appropriate and requested application or data regardless of location.

    image contains a list of the SASE Network Features and Security Features. the network Features are: WAN optimization; SD WAN; CDN; Network-as-a-service. The Security Features are: CASB; IDPS; ZTNA/VPN; FWaaS; Browser isolation; DLP; UEBA; Secure web gateway; Sandboxing

    Current Approach

    The traditional perimeter security using the castle and moat approach is depicted in the image here. The security shields valuable resources from external attack; however, it isn't foolproof for all kinds of external attacks. Furthermore, it does not protect those valuable resources from insider threat.

    This security perimeter also allows for lateral movement when it has been breached. Access to these resources is now considered "trusted" solely because it is now behind the wall/perimeter.

    This approach is no longer feasible in our world today where both external and internal threats pose continuous risk and need to be contained.

    Determine the suitability of SASE and zero trust

    The Challenge:

    Complications facing traditional infrastructure

    • Increased hybrid workforce
    • Regulatory compliance
    • Limited Infosec personnel
    • Poor threat detection
    • Increased attack surface

    Common vulnerabilities in traditional infrastructure

    • MITM attack
    • XSS attack
    • Session hijacking
    • Trust-based model
    • IP spoofing
    • Brute force attack
    • Distributed denial of service
    • DNS hijacking
    • Latency issues
    • Lateral movement once connection is established

    TRADITIONAL INFRASTRUCTURE

    NETWORK

    SECURITY

    AUTHENTICATION

    IDENTITY

    ACCESS

    • MPLS
    • Corporate Network
    • Antivirus installed
    • Traditional Firewall
    • Intrusion Detection and Prevention System
    • Allow and Deny rules
    • Businesses must respond to consumer requests to:
    • LDAP
    • AAA
    • Immature password complexity
    • Trusted device with improperly managed endpoint protection.
    • Little or no DNS security
    • Web portal (captive)
    • VPN client

    Candidate Solutions

    Proposed benefits of SASE

    • Access is only granted to the requested resource
    • Consolidated network and security as a service
    • Micro-segmentation on application and gateway
    • Adopts a zero trust security posture for all access
    • Managed detection and response
    • Uniform enforcement of policy
    • Distributed denial of service shield

    SASE

    NETWORK

    SECURITY

    AUTHENTICATION

    IDENTITY

    ACCESS

    • Software defined – WAN
    • Content delivery network
    • WAN optimization
    • Network-as-a-service
    • Firewall-as-a-service/NGFW
    • Zero trust network access
    • Endpoint detection & response
    • Secure web gateway
    • Cloud access security broker
    • Data loss prevention
    • Remote browser isolation
    • Multifactor authentication
    • Context-based security policy for authentication
    • Authorization managed with situational awareness and real-time risk analytics
    • Continuous verification throughout an access request lifecycle
    • Zero trust identity on users, devices, applications, and data.
    • Strong password complexity enforced
    • Privilege access management
    • Secure internet access
    • SASE client

    ZERO TRUST

    TENETS OF ZERO TRUST

    ZERO TRUST PILLARS

    • Continuous, dynamic authentication and verification
    • Principle of least privilege
    • Always assume a breach
    • Implement the tenets of zero trust across the following domains of your environment:
      • IDENTITY
      • APPLICATION
      • NETWORK
      • DEVICES
      • DATA

    Proposed benefits of zero trust

    • Identify and protect critical and non-critical resources in accordance with business objectives.
    • Produce initiatives that conform to the ideals of zero trust and are aligned with the corresponding pillars above.
    • Formulate policies to protect resources and aid segmentation.

    Info-Tech Insight

    Securing your hybrid workforce should be an opportunity to get started on the zero trust journey. Realizing the core features needed to achieve this will help you determine which of the options is a good fit for your organization.

    Measure the value of using Info-Tech's approach

    IT and business value

    PHASE 1

    PHASE 2

    Assess the benefits of adopting SASE or zero trust

    Vendors will try to control the narrative in terms of what they can do for you, but it's time for you to control the narrative and identify pain points to IT and the business, and with that, to understand and define what the vendor solution can do for you.

    PHASE 2

    Assess the benefits of adopting SASE or zero trust

    Vendors will try to control the narrative in terms of what they can do for you, but it's time for you to control the narrative and identify pain points to IT and the business, and with that, to understand and define what the vendor solution can do for you.

    Short-term benefits

    • Gain awareness of your zero trust readiness.
    • Embed a zero trust mindset across your architecture.
    • Control the narrative of what SASE brings to your organization.

    Long-term benefits

    • Identified controls to mitigate risks with current architecture while on a zero trust journey.
    • Improved security posture that reduces risk by increasing visibility into threats and user connections.
    • Reduced CapEx and OpEx due to the scalability, low staffing requirements, and improved time to respond to threats using a SASE or SSE solution.

    Determine SASE cost factors

    IT and business value

    Info-Tech Insight

    IT leaders need to examine different areas of their budget and determine how the adoption of a SASE solution could influence several areas of their budget breakdown.

    Determining the SASE cost factors early could accelerate the justification the business needs to move forward in making an informed decision.

    01- Infrastructure

    • Physical security
    • Cabling
    • Power supply and HVAC
    • Hosting

    02- Administration

    • Human hours to analyze logs and threats
    • Human hours to secure infrastructure
    • Fees associated with maintenance

    03- Inbound

    • DPI
    • DDoS
    • Web application firewall
    • VPN concentrators

    04- Outbound

    • IDPS
    • DLP on-prem
    • QoS
    • Sandbox & URL filtering

    04- Data Protection

    • Real-time URL
      insights
    • Threat hunting
    • Data loss prevention

    06- Monitoring

    • Log storage
    • Logging engine
    • Dashboards
    • Managed detection
      and response

    Info-Tech's methodology for securing your hybrid workforce

    1. Current state and future mitigation

    2. Assess the benefits of moving to SASE/zero trust

    Phase Steps

    1.1 Limitations of legacy infrastructure

    1.2 Zero trust principle as a control

    1.3 SASE as a driver of zero trust

    2.1 Sourcing out a SASE/SSE vendor

    2.2 Build a zero trust roadmap

    Phase Outcomes

    Identify and prioritize risks of current infrastructure and several ways to mitigate them.

    RFP template and build a zero trust roadmap.

    Consider several factors needed to protect your growing hybrid workforce and assess your current resource capabilities, solutions, and desire for a more mature security program. The outcome should either address a quick pain point or a long-term roadmap.

    The internet is the new corporate network

    The internet is the new corporate network, which opens the organization up to more risks not protected by the current security stack. Using Info-Tech's methodology of zero trust adoption is a sure way to reduce the attack surface, and SASE is one useful tool to take you on the zero trust journey.

    Current-state risks and future mitigation

    Securing your hybrid workforce via zero trust will inevitably include (but is not limited to) technological products/solutions.

    SASE and SSE features sit as an overlay here as technological solutions that will help on the zero trust journey by aggregating all the disparate solutions required for you to meet zero trust requirements into a single interface. The knowledge and implementation of this helps put things into perspective of where and what our target state is.

    The right solution for the right problem

    It is critical to choose a solution that addresses the security problems you are actually trying to solve.

    Don't allow the solution provider to tell you what you need – rather, start by understanding your capability gaps and then go to market to find the right partner.

    Take advantage of the RFP template to source a SASE or SSE vendor. Additionally, build a zero trust roadmap to develop and strategize initiatives and tasks.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Zero Trust and SASE Suitability Tool
    Identify critical and vulnerable DAAS elements to protect and align them to business goals.

    Zero Trust Program Gap Analysis Tool
    Perform a gap analysis between current and target states to build a zero trust roadmap.

    Key deliverable:

    Secure Your Hybrid Workforce With Zero Trust Communication deck
    Present your zero trust strategy in a prepopulated document that summarizes the work you have completed as a part of this blueprint.

    Phase 1

    Current state and future mitigation

    Phase 1

    Phase 2

    1.1 Limitations of legacy infrastructure

    1.2 Zero trust principle as a control

    1.3 SASE as a driver of zero trust

    2.1 Sourcing out a SASE/SSE vendor

    2.2 Build a zero trust roadmap

    This phase will walk you through the following activities:

    • Introduction to the tool, how to use the input tabs to identify current challenges, technologies being used, and to prioritize the challenges. The prioritized list will highlight existing gaps and eventually be mapped to recommended mitigations in the following phase.

    This phase involves the following participants:

    • CIO
    • CISO
    • CSO
    • IT security team
    • IT network team

    Secure Your Hybrid Workforce

    1.1 Limitations of legacy infrastructure

    Traditional security & remote access solutions must be modernized

    Info-Tech Insight
    Traditional security is architected with a perimeter in mind and is poorly suited to the threats in hybrid or distributed environments.

    Ensure you minimize or eliminate weak points on all layers.

    • SECURITY
      • DDoS
      • DNS hijacking
      • Weak VPN protocols
    • IDENTITY
      • One-time verification allowing lateral movement
    • NETWORK
      • Risk perimeter stops at corporate network edge
      • Split tunneling
    • AUTHENTICATION
      • Weak authentication
      • Weak passwords
    • ACCESS
      • Man-in-the-middle attack
      • Cross-site scripting
      • Session hijacking

    1.1.1 For example: traditional VPNs are poorly suited to a hybrid workforce

    There are many limitations that make it difficult for traditional VPNs to adapt to an ever-growing hybrid workforce.

    The listed limitations are tied to associated risks of legacy infrastructure as well as security components that are almost non-existent in a VPN implementation today.

    Scaling

    VPNs were designed for small-scale remote access to corporate network. An increase in the remote workforce will require expensive hardware investment.

    Visibility

    Users and attackers are not restricted to specific network resources, and with an absence of activity logs, they can go undetected.

    Managed detection & response

    Due to the reduction in or lack of visibility, threat detections are poorly managed, and responses are already too late.

    Hardware

    Limited number of locations for VPN hardware to be situated as it can be expensive.

    Hybrid workforce

    The increase in the hybrid workforce requires the risk perimeter to be expanded from the corporate network to devices and applications. VPNs are built for privacy, not security.

    Info-Tech Insight

    Hybrid workforces are here to stay, and adopting a strategy that is adaptable, flexible, simple, and cost-effective is a recommended road to take on the journey to bettering your security and network.

    1.1 Identify risk from legacy infrastructure

    Estimated Time: 1-2 hours

    1. Ensure all vulnerabilities described on slide 17 are removed.
    2. Note any forecasted challenge you think you might have down the line with your current hybrid setup.
    3. Identify any trend that may be of interest to you with regards to your hybrid setup.

    This is a screenshot of the organizational profile table found in the Zero Trust - SASE Suitability Assessment Tool

    Download the Zero Trust - SASE Suitability Assessment Tool

    Input

    • List of key pain points and challenges
    • List of forecasted challenges and trends of interest

    Output

    • Prioritized list of pain points and/or challenges

    Materials

    • Excel tool
    • Whiteboard

    Participants

    • CISO
    • InfoSec team
    • IT manager
    • CIO
    • Infrastructure team

    1.2 Zero trust principle as a control

    A zero trust implementation comes with benefits/initiatives that mitigate the challenges identified in earlier activities.

    Info-Tech Insight

    Zero trust/"always verify" is applied to identity, workloads, devices, networks, and data to provide a greater control for risks associated with traditional network architecture.

    Improve IAM maturity

    Zero trust identity and access will lead to a mature IAM process in an organization with the removal of implicit trust.

    Secure your remote access

    With a zero trust network architecture (ZTNA), both the remote and on-prem network access are more secure than the traditional network deployment. The software-defined parameter ensures security on each network access.

    Reduce threat surface area

    With zero trust principle applied on identity, workload, devices, network, and data, the threat surface area which births some of the risks identified earlier will be significantly reduced.

    Improve hybrid workforce

    Scaling, visibility, network throughput, secure connection from anywhere, micro-segmentation, and a host of other benefits to improve your hybrid workforce.

    1.2 SASE as an overlay to zero trust

    Security and network initiatives of a zero trust roadmap converged into a single pane of glass.

    Info-Tech Insight

    Security and network converged into a single pane of glass giving you some of the benefits and initiatives of a zero trust implemented architecture in one package.

    Improve IAM maturity

    The identity-centric nature of SASE solutions helps to improve your IAM maturity as it applies the principle of least privilege. The removal of implicit trust and continuous verification helps foster this more.

    Secure your remote access

    With ZTNA, both the remote and on-prem network access are more secure than the traditional network deployment. The software defined parameter ensures security on each network access.

    Reduce threat surface area

    Secure web gateway, cloud access security broker, domain name system, next-generation firewall, data loss prevention, and ZTNA protect against data leaks, prevent lateral movement, and prevent malicious actors from coming in.

    Improve hybrid workforce

    Reduced costs and complexity of IT, faster user experience, and reduced risk as a result of the scalability, visibility, ease of IT administration, network throughput, secure connection from anywhere, micro-segmentation, and a host of other benefits will surely improve your hybrid workforce.

    Align SASE features to zero trust core capabilities

    Verify Identity

    • Authentication & verification are enforced for each app request or session.
    • Use of multifactor authentication.
    • RBAC/ABAC and principle of least privilege are applied on the identity regardless of user, device, or location.

    Verify Device

    • Device health is checked to ensure device is not compromised or vulnerable.
    • No admin permissions on user devices.
    • Device-based risk assessment is enforced as part of UEBA.

    Verify Access

    • Micro-segmentation built around network, user, device, location and roles.
    • Use of context and content-based policy enforced to the user, application, and device identity.
    • Network access only granted to specified application request and not to the entire network.

    Verify Services

    • Applications and services are checked before access is granted.
    • Connections to the application and services are inspected with the security controls built into the SASE solution.

    Info-Tech Insight

    These features of SASE and zero trust mitigate the risks associated with a traditional VPN and reduce the threat surface area. With security at the core, network optimization is not compromised.

    Security components of SASE

    Otherwise known as security service edge (SSE)

    Security service edge is the convergence of all security services typically found in SASE. At its core, SSE consists of three services which include:

    • Secure web gateway – secure access to the internet and web.
    • Cloud access security broker – secure access to SaaS and cloud applications.
    • Zero trust network access – secure remote access to private applications.

    SSE components are also mitigations or initiatives that make up a zero trust roadmap as they comply with the zero trust principle, and as a result, they sit up there with SASE as an overlay/driver of a zero trust implementation. SSE's benefits are identical to SASE's in that it provides zero trust access, risk reduction, low costs and complexity, and a better user experience. The difference is SSE's sole focus on security services and not the network component.

    SASE

    NETWORK FEATURES

    SECURITY FEATURES

    • WAN optimization
    • SD WAN
    • CDN
    • Network-as-a-service
    • CASB
    • IDPS
    • ZTNA/VPN
    • FWaaS
    • Browser isolation
    • DLP
    • UEBA
    • Secure web gateway
    • Sandboxing

    1.3 Pros & cons of zero trust and SASE

    Zero Trust

    SASE

    Pros

    Cons

    Pros

    Cons

    • Robust IAM process and technologies with role-based access control.
    • Strong and continuous verification of identity of user accounts, devices, data, location, and principle of least privilege applied.
    • Micro-segmentation applied around users, network, devices, roles, and applications to prevent lateral movement.
    • Threat attack surface eliminated, which reduces organizational risks.
    • Protection of data strengthened based on sensitivity and micro-segmentation.
    • Difficult to identify the scope of the zero trust initiative.
    • Requires continuous and ongoing update of access controls.
    • Zero trust journey/process could take years and is prone to being abandoned without commitment from executives.
    • Legacy systems can be hard to replace, which would require all stakeholders to prioritize resource allocation.
    • Can be expensive to implement.
    • Adopts a zero trust security posture for all access requests.
    • Converged and consolidated network and security delivered as a cloud service to the user rather than a single point of enforcement.
    • Centralized visibility of devices, data in transit and at rest, user activities, and threats.
    • Cheaper than a zero trust roadmap implementation.
    • Managed detection and response.
    • The limited knowledge of SASE.
    • No universally agreed upon SASE definition.
    • SASE products are still being developed and are open to vendors' interpretation.
    • Existing vendor relationships could be a hinderance to deployment.
    • Hard to manage MSSPs.

    Understand SASE and zero trust suitability for your needs

    Estimated Time: 1 hour

    Use the dashboard to understand the value assessment of adopting a SASE product or building a zero trust roadmap.

    This is an image of the SASE Suitability Assessment

    This is the image of the Zero Trust Suitability Assessment

    Info-Tech Insight

    This tool will help steer you on a path to take as a form of mitigation/control to some or all the identified challenges.

    Phase 2

    Make a decision and next steps

    Phase 1

    Phase 2

    1.1 Limitations of legacy infrastructure

    1.2 Zero trust principle as a control

    1.3 SASE as a driver of zero trust

    2.1 Sourcing out a SASE/SSE vendor

    2.2 Build a zero trust roadmap

    This phase will walk you through the following activities:

    • Introduction to the tool activity, how to use the input tabs and considerations to generate an output that could help understand the current state of your hybrid infrastructure and what direction is to be followed next to improve.

    This phase involves the following participants:

    • CIO
    • CISO
    • CSO
    • IT security
    • IT network team

    Secure Your Hybrid Workforce

    Step 2.1

    Sourcing out a SASE/SSE vendor

    Activities

    2.1.1 Use the RFP template to request proposal from vendors

    2.1.2 Use SoftwareReviews to compare vendors

    This step involves the following participants:

    • CIO, CISO, IT manager, Infosec team, executives.

    Outcomes of this step

    • Zero Trust Roadmap

    2.1.1 Use the RFP template to request proposal from vendors

    Estimated Time: 1-3 hours

    1. As a group, use the RFP Template to include technical capabilities of your desired SASE product and to request proposals from vendors.
    2. The features that are most important to your organization generated from phase one should be highlighted in the RFP.

    Input

    • List of SASE features
    • Technical capabilities

    Output

    • RFP

    Materials

    • RFP Template

    Participants

    • Security team
    • IT leadership

    Download the RFP Template

    2.1.2 Use SoftwareReviews to compare vendors

    SoftwareReviews

    • The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.
    • Vendors are ranked by their Composite Score, based on individual feature evaluations, user satisfaction rankings, vendor capability comparisons, and likeliness to recommend the platform.
    • The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.
    • Vendors are ranked by their Customer Experience (CX) Score, which combines the overall Emotional Footprint rating with a measure of the value delivered by the solution.

    Step 2.2

    Zero trust readiness and roadmap

    Activities

    2.2.1 Assess the maturity of your current zero trust implementation

    2.2.2 Understand business needs and current security projects

    2.2.3 Set target maturity state with timeframe

    This step involves the following participants:

    CIO, CISO, IT manager, Infosec team, executives.

    Outcomes of this step

    Zero Trust Roadmap

    2.2.1 Assess the maturity of your current zero trust implementation

    Estimated Time: 1-3 hours

    • Realizing that zero trust is a journey helps create a better roadmap and implementation. Identify the current controls or solutions in your organization that align with the principle of zero trust.
    • Break down these controls or solutions into different silos (e.g. identity, security, network, data, device, applications, etc.).
    • Determine your zero trust readiness.

    Input

    • List of zero trust controls/solutions
    • Siloed list of zero trust controls/solutions
    • Current state of zero trust maturity

    Output

    • Zero trust readiness and current maturity state

    Materials

    • Zero Trust Security Benefit Assessment tool

    Participants

    • Security team
    • IT leadership

    Download the Zero Trust Security Benefit Assessment tool

    2.2.2 Understand business needs and current security projects

    Estimated Time: 1-3 hours

    1. Identify the business and IT executives, application owners, and board members whose vision aligns with the zero trust journey.
    2. Identify existing projects within security, IT, and the business and highlight interdependencies or how they fit with the zero trust journey.
    3. Build a rough sketch of the roadmap that fits the business needs, current projects and the zero trust journey.

    Input

    • Meetings with stakeholders
    • List of current and future projects

    Output

    • Sketch of zero trust roadmap

    Materials

    • Whiteboard activity

    Participants

    • Security team
    • IT leadership
    • IT ops team
    • Business executives
    • Board members

    Download Zero Trust Protect Surface Mapping Tool

    2.2.3 Set target maturity state with a given timeframe

    Estimated Time: 1-3 hours

    1. With the zero trust readiness, current business, IT and security projects, current maturity state, and sketch of the roadmap, setting a target maturity state within some timeframe is at the top of the list. The target maturity state will include a list of initiatives that could be siloed and confined to a timeframe.
    2. A Gantt chart or graph could be used to complete this task.

    Input

    • Results from previous activity slides

    Output

    • Current state and target state assessment for gap analysis
    • List of initiatives and timeframe

    Materials

    • Zero Trust Program Gap Analysis Tool

    Participants

    • Security team
    • IT leadership
    • IT ops team
    • Business executives
    • Board members

    Download the Zero Trust Program Gap Analysis Tool

    Summary of Accomplishment

    Insights Gained

    • Difference between zero trust as a principle and SASE as a framework
    • Difference between SASE and SSE platforms.
    • Assessment of which path to take in securing your hybrid workforce

    Deliverables Completed

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information

    workshops@infotech.com

    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    This is a screenshot from the Zero Trust - SASE Suitability Assessment Tool

    Zero Trust - SASE Suitability Assessment Tool

    Assess current security capabilities and build a roadmap of tasks and initiatives that close maturity gaps.

    Research Contributors

    • Aaron Shum, Vice President, Security & Privacy
    • Cameron Smith, Research Lead, Security & Privacy
    • Brad Mateski, Zones, Solutions Architect for CyberSecurity
    • Bob Smock, Info-Tech Research Group, Vice President of Consulting
    • Dr. Chase Cunningham, Ericom Software, Chief Strategy Officer
    • John Kindervag, ON2IT Cybersecurity, Senior Vice President, Cybersecurity Strategy and ON2IT Group Fellow
    • John Zhao, Fonterra, Enterprise Security Architect
    • Rongxing Lu, University of New Brunswick, Associate Professor
    • Sumanta Sarkar, University of Warwick, Assistant Professor
    • Tim Malone, J.B. Hunt Transport, Senior Director Information Security
    • Vana Matte, J.B. Hunt Transport, Senior Vice President of Technology Services

    Related Info-Tech Research

    This is a screenshot from Info-Tech's Security Strategy Model

    Build an Information Security Strategy

    Info-Tech has developed a highly effective approach to building an information security strategy – an approach that has been successfully tested and refined for over seven years with hundreds of organizations. This unique approach includes tools for ensuring alignment with business objectives, assessing organizational risk and stakeholder expectations, enabling a comprehensive current state assessment, prioritizing initiatives, and building out a security roadmap.

    This is a screenshot from Info-Tech's research: Determine Your Zero Trust Readiness

    Determine Your Zero Trust Readiness

    IT security was typified by perimeter security. However, the way the world does business has mandated a change to IT security. In response, zero trust is a set of principles that can add flexibility to planning your IT security strategy.

    Use this blueprint to determine your zero trust readiness and understand how zero trust can benefit both security and the business.

    This is a screenshot from Info-Tech's research: Mature Your Identity and Access Management Program

    Mature Your Identity and Access Management Program

    Many organizations are looking to improve their identity and access management (IAM) practices but struggle with where to start and whether all areas of IAM have been considered. This blueprint will help you improve the organization's IAM practices by following our three-phase methodology:

    • Assess identity and access requirements.
    • Identify initiatives using the identity lifecycle.
    • Prioritize initiatives and build a roadmap.

    Bibliography

    "2021 Data Breach Investigations Report." Verizon, 2021. Web.
    "Fortinet Brings Networking and Security to the Cloud" Fortinet, 2 Mar. 2021. Web.
    "A Zero Trust Strategy Has 3 Needs – Identify, Authenticate, and Monitor Users and Devices on and off the Network." Fortinet, 15 July 2021. Web.
    "Applying Zero Trust Principles to Enterprise Mobility." CISA, Mar. 2022. Web.
    "CISA Zero Trust Maturity Model." CISA, Cybersecurity Division, June 2021. Web.
    "Continuous Diagnostics and Mitigation Program Overview." CISA, Jan. 2022. Web.
    "Cost of a Data Breach Report 2021 | IBM." IBM, July 2021. Web.
    English, Melanie. "5 Stats That Show The Cost Saving Effect of Zero Trust." Teramind, 29 Sept. 2021. Web.
    Hunter, Steve. "The Five Business Benefits of a Zero Trust Approach to Security." Security Brief - Australia, 19 Aug. 2020. Web.
    "Improve Application Access and Security With Fortinet Zero Trust Network Access." Fortinet, 2 Mar. 2021. Web.
    "Incorporating zero trust Strategies for Secure Network and Application Access." Fortinet, 21 Jul. 2021. Web.
    Jakkal, Vasu. "Zero Trust Adoption Report: How Does Your Organization Compare?" Microsoft, 28 July 2021. Web.
    "Jericho Forum™ Commandments." The Open Group, Jericho Forum, May 2007. Web.
    Schulze, Holger. "2019 Zero Trust Adoption Report." Cybersecurity Insiders, 2019. Web.
    "67% of Organizations Had Identity-Related Data Breaches Last Year." Security Magazine, 22 Aug. 2022. Web.
    United States, Executive Office of the President Joseph R. Biden, Jr. "Executive Order on Improving the Nation's Cybersecurity." The White House, 12 May 2021. Web.

    Master the Secrets of Adobe’s Creative Cloud Contracts to Right-Size Your Adobe Spend

    • Buy Link or Shortcode: {j2store}139|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $63,667 Average $ Saved
    • member rating average days saved: 110 Average Days Saved
    • Parent Category Name: Licensing
    • Parent Category Link: /licensing
    • Adobe operates in its own niche in the creative space, and Adobe users have grown accustomed to their products, making switching very difficult.
    • With Adobe’s transition to a cloud-based subscription model, it’s important for organizations to actively manage licenses, software provisioning, and consumption.
    • Without a detailed understanding of Adobe’s various purchasing models, overspending often occurs.
    • Organizations have experienced issues in identifying commercial licensed packages with their install files, making it difficult to track and assign licenses.

    Our Advice

    Critical Insight

    • Focus on user needs first. Examine which products are truly needed versus nice to have to prevent overspending on the Creative Cloud suite.
    • Examine what has been deployed. Knowing what has been deployed and what is being used will greatly aid in completing your true-up.
    • Compliance is not automatic with products that are in the cloud. Shared logins or computers that have desktop installs that can be access by multiple users can cause noncompliance.

    Impact and Result

    • Visibility into license deployments and needs
    • Compliance with internal audits

    Master the Secrets of Adobe’s Creative Cloud Contracts to Right-Size Your Adobe Spend Research & Tools

    Start here – read the Executive Brief

    Procuring Adobe software is not the same game as it was just a few years ago. Adopt a comprehensive approach to understanding Adobe licensing to avoid overspending and to maximize negotiation leverage.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Manage your Adobe agreements

    Use Info-Tech’s licensing best practices to avoid overspending on Adobe licensing and to remain compliant in case of audit.

    • Adobe ETLA vs. VIP Pricing Table
    • Adobe ETLA Forecasted Costs and Benefits
    • Adobe ETLA Deployment Forecast
    [infographic]

    Further reading

    Master the Secrets of Adobe’s Creative Cloud Contracts to Right-Size Your Adobe Spend

    Learn the essential steps to avoid overspending and to maximize negotiation leverage with Adobe.

    ANALYST PERSPECTIVE

    Only 18% of Adobe licenses are genuine copies: are yours?

    "Adobe has designed and executed the most comprehensive evolution to the subscription model of pre-cloud software publishers with Creative Cloud. Adobe's release of Document Cloud (replacement for the Acrobat series of software) is the final nail in the coffin for legacy licensing for Adobe. Technology procurement functions have run out of time in which to act while they still retain leverage, with the exception of some late adopter organizations that were able to run on legacy versions (e.g. CS6) for the past five years. Procuring Adobe software is not the same game as it was just a few years ago. Adopt a comprehensive approach to understanding Adobe licensing, contract, and delivery models in order to accurately forecast your software needs, transact against the optimal purchase plan, and maximize negotiation leverage. "

    Scott Bickley

    Research Lead, Vendor Practice

    Info-Tech Research Group

    Our understanding of the problem

    This Research is Designed For:

    • IT managers scoping their Adobe licensing requirements and compliance position.
    • CIOs, CTOs, CPOs, and IT directors negotiating licensing agreements in search of cost savings.
    • ITAM/Software asset managers responsible for tracking and managing Adobe licensing.
    • IT and business leaders seeking to better understand Adobe licensing options (Creative Cloud).
    • Vendor management offices in the process of a contract renewal.

    This Research Will Help You:

    • Understand and simplify licensing per product to help optimize spend.
    • Ensure agreement type is aligned to needs.
    • Navigate the purchase process to negotiate from a position of strength.
    • Manage licenses more effectively to avoid compliance issues, audits, and unnecessary purchases.

    This Research Will Also Assist:

    • CFOs and the finance department
    • Enterprise architects
    • ITAM/SAM team
    • Network and IT architects
    • Legal
    • Procurement and sourcing

    This Research Will Help Them:

    • Understand licensing methods in order to make educated and informed decisions.
    • Understand the future of the cloud in your Adobe licensing roadmap.

    Executive summary

    Situation

    • Adobe’s dominant market position and ownership of the creative software market is forcing customers to refocus the software acquisition process to ensure a positive ROI on every license.
    • In early 2017, Adobe announced it would stop selling perpetual Creative Suite 6 products, forcing future purchases to be transitioned to the cloud.

    Complication

    • Adobe operates in its own niche in the creative space, and Adobe users have grown accustomed to their products, making switching very difficult.
    • With transition to a cloud-based subscription model, organizations need to actively manage licenses, software provisioning, and consumption.
    • Without a detailed understanding of Adobe’s various purchasing models, overspending often occurs.
    • Organizations have experienced issues in identifying commercial licensed packages with their install files, making it difficult to track and assign licenses.

    Resolution

    • Gain visibility into license deployments and needs with a strong SAM program/tool; this will go a long way toward optimizing spend.
      • Number of users versus number of installs are not the same, and confusing the two can result in overspending. Device-based licensing historically would have required two licenses, but now only one may be required.
    • Ensure compliance with internal audits. Adobe has a very high rate of piracy stemming from issues such as license overuse, misunderstanding of contract language, using cracks/keygens, virtualized environments, indirect access, and sharing of accounts.
    • A handful of products are still sold as perpetual – Acrobat Standard/Pro, Captivate, ColdFusion, Photoshop, and Premiere Elements – but be aware of what is being purchased and used in the organization.
      • Beware of products deployed on server, where the number of users accessing that product cannot easily be counted.

    Info-Tech Insight

    1. Your user-need analysis has shifted in the new subscription-based model. Determine which products are needed versus nice to have to prevent overspending on the Creative Cloud suite.
    2. Examine what you need, not what you have. You can no longer mix and match applications.
    3. Compliance is not automatic with products that are in the cloud. Shared logins or computers with desktop installs that can be accessed by multiple users can cause noncompliance.

    The aim of this blueprint is to provide a foundational understanding of Adobe

    Why Adobe

    In 2011 Adobe took the strategic but radical move toward converting its legacy on-premises licensing to a cloud-based subscription model, in spite of material pushback from its customer base. While revenues initially dipped, Adobe’s resolve paid off; the transition is mostly complete and revenues have doubled. This was the first enterprise software offering to effect the transition to the cloud in a holistic manner. It now serves as a case study for those following suit, such as Microsoft, Autodesk, and Oracle.

    What to know

    Adobe elected to make this market pivot in a dramatic fashion, foregoing a gradual transition process. Enterprise clients were temporarily allowed to survive on legacy on-premises editions of Adobe software; however, as the Adobe Creative Cloud functionality was quickly enhanced and new applications were launched, customer capitulation to the new subscription model was assured.

    The Future

    Adobe is now leveraging the power of connected customers, the availability of massive data streams, and the ongoing digitalization trend globally to supplement the core Creative Cloud products with online services and analytics in the areas of Creative Cloud for content, Marketing Cloud for marketers, and Document Cloud for document management and workflows. This blueprint focuses on Adobe's Creative Cloud and Document Cloud solutions and the enterprise term license agreement (ETLA).

    Info-Tech Insight

    Beware of your contract being auto-renewed and getting locked into the quantities and product subset that you have in your current agreement. Determining the number of licenses you need is critical. If you overestimate, you're locked in for three years. If you underestimate, you have to pay a big premium in the true-up process.

    Learn the “Adobe way,” whether you are reviewing existing spend or considering the purchase of new products

    1. Legacy on-premises Adobe Creative Suite products used to be available in multiple package configurations, enabling right-sized spend with functionality. Adobe’s support for legacy Creative Suites CS6 products ended in May 2017.
    2. While early ETLAs allowed customer application packaging at a lower price than the full Creative Cloud suite, this practice has been discontinued. Now, the only purchasing options are the full suite or single-application subscriptions.
    3. Buyers must now assess alternative Adobe products as an option for non-power users. For example, QuarkXPress, Corel PaintShop Pro, CorelDRAW, Bloom, and Affinity Designer are possible replacements for some Creative Cloud applications.
    4. Document Cloud, Adobe’s latest step in creating an Acrobat-focused subscription model, limits the ability to reduce costs with an extended upgrade cycle. These changes go beyond the licensing model.
    5. Organizations need to perform a cost-benefit analysis of single app purchases vs. the full suite to right-size spend with functionality.

    As Adobe’s dominance continues to grow, organizations must find new ways to maintain a value-added relationship

    Adobe estimates the total addressable market for creative and document cloud to be $21 billion. With no sign of growth slowing down, Adobe customers must learn how to work within the current design monopoly.

    The image contains two pie graphs. The first is labelled FY2014 Revenue Mix, and the second graph is titled FY2017E Revenue Mix.

    Source: Adobe, 2017

    "Adobe is not only witnessing a steady increase in Creative Cloud subscriptions, but it also gained more visibility into customers’ product usage, which enables it to consistently push out software updates relevant to user needs. The company also successfully transformed its sales organization to support the recurring revenue model."

    – Omid Razavi, Global Head of Success, ServiceNow

    Consider your route forward

    Consider your route forward, as ETLA contract commitments, scope, and mechanisms differ in structure to the perpetual models previously utilized. The new model shortchanges technology procurement leaders in their expectations of cost-usage alignment and opex flexibility (White, 2016).

    ☑ Implement a user profile to assign licenses by version and limit expenditures. Alternatives can include existing legacy perpetual and Acrobat classic versions that may already be owned by the organization.

    ☑ Examine the suitability and/or dependency on Document Cloud functions, such as existing business workflows and e-signature integration.

    ☑ Involve stakeholders in the evaluation of alternate products for use cases where dependency on Acrobat-specific functionality is limited.

    ☑ Identify not just the installs and active use of the applications but also the depth and breadth of use across the various features so that the appropriate products can be selected.

    The image contains a screenshot of a diagram listing the adobe toolkit. The toolkit includes: Adobe ETLA Deployment Forecast Tool, Adobe ETLA Forecasted Cost and Benefits, Adobe ETLA vs. VIP Pricing Table.

    Use Info-Tech’s Adobe toolkit to prepare for your new purchases or contract renewal

    Info-Tech Insight

    IT asset management (ITAM) and software asset management (SAM) are critical! An error made in a true-up can cost the organization for the remaining years of the ETLA. Info-Tech worked with one client that incurred a $600k error in the true-up that they were not able to recoup from Adobe.

    Apply licensing best practices and examine the potential for cost savings through an unbiased third-party perspective

    Establish Licensing Requirements

    • Understand Adobe’s product landscape and transition to cloud.
    • Analyze users and match to correct Adobe SKU.
    • Conduct an internal software assessment.
    • Build an effective licensing position.

    Evaluate Licensing Options

    • Value Incentive Plan (VIP)
    • Cumulative Licensing Program (CLP)
    • Transactional Licensing Program (TLP)
    • Enterprise Term License Agreement (ETLA)

    Evaluate Agreement Options

    • Price
    • Discounts
    • Price protection
    • Terms and conditions

    Purchase and Manage Licenses

    • Learn negotiation tactics to enhance your current strategy.
    • Control the flow of communication.
    • Assign the right people to manage the environment.

    Preventive practices can help find measured value ($)

    Time and resource disruption to business if audited

    Lost estimated synergies in M&A

    Cost of new licensing

    Cost of software audit, penalties, and back support

    Lost resource allocation and time

    Third party, legal/SAM partners

    Cost of poor negotiation tactics

    Lost discount percentage

    Terms and conditions improved

    Explore Adobe licensing and optimize spend – project overview

    Establish Licensing Requirements

    Evaluate Licensing Options

    Evaluate Agreement Options

    Purchase and Manage Licenses

    Best-Practice Toolkit

    • Assess current state and align goals; review business feedback.
    • Interview key stakeholders to define business objectives and drivers.
    • Review licensing options.
    • Review licensing rules.
    • Determine the ideal contract type.
    • Review final contract.
    • Discuss negotiation points.
    • License management.
    • Future licensing strategy.

    Guided Implementations

    • Engage in a scoping call.
    • Assess the current state.
    • Determine licensing position.
    • Review product options.
    • Review licensing rules.
    • Review contract option types.
    • Determine negotiation points.
    • Finalize the contract.
    • Discuss license management.
    • Evaluate and develop a roadmap for future licensing.

    PHASE 1

    Manage Your Adobe Agreements

    Phase 1 outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 1: Managing Adobe Contracts

    Proposed Time to Completion: 3-6 weeks

    Step 1.1: Establish Licensing Requirements

    Start with a kick-off call:

    • Assess the current state.
    • Determine licensing position.

    Then complete these activities…

    • Complete a deployment count, needs analysis, and internal audit.

    With these tools & templates:

    Adobe ETLA Deployment Forecast

    Step 1.2: Determine Licensing Options

    Review findings with analyst:

    • Review licensing options.
    • Review licensing rules.
    • Review contract option types.

    Then complete these activities…

    • Select licensing option.
    • Document forecasted costs and benefits.

    With these tools & templates:

    Adobe ETLA vs. VIP Pricing Table

    Adobe ETLA Forecasted Costs and Benefits

    Step 1.3: Purchase and Manage Licenses

    Review findings with analyst:

    • Review final contract.
    • Discuss negotiation points.
    • Plan a roadmap for SAM.

    Then complete these activities…

    • Negotiate final contract.
    • Evaluate and develop a roadmap for SAM.

    With these tools & templates:

    Adobe ETLA Deployment Forecast

    Adobe’s Cloud – Snapshot of what has changed

    1. Since Adobe has limited the procurement and licensing options with the introduction of Creative Cloud, there are three main choices:
      1. Direct online purchase at Adobe.com
      2. Value Incentive Plan (VIP): Creative Cloud for teams–based purchase with a volume discount (minimal, usually ~10%); may have some incentives or promotional pricing
      3. Enterprise Term License Agreement (ETLA): Creative Cloud for Enterprise (CCE)
    2. Adobe has discontinued support for legacy perpetual licenses, with the latest version being CS6, which is steering organizations to prioritize their options for products in the creative and document management space.
    3. Document Cloud (DC) is the cloud product replacing the Acrobat perpetual licensing model. DC extends the subscription-based model further and limits options to extend the lifespan of legacy on-premises licenses through a protracted upgrade process.
    4. The subscription model, coupled with limited discount options on transactional purchases, forces enterprises to consider the ETLA option. The ETLA brings with it unique term commitments, new pricing structures, and true-up mechanisms and inserts the "land and expand" model vs. license reassignment.

    Info-Tech Insight

    Adobe’s move from a perpetual license to a per-user subscription model can be positive in some scenarios for organizations that experienced challenges with deployment, management of named users vs. devices, and license tracking.

    Core concepts of Adobe agreements: Discounting, pricing, and bundling

    ETLA

    Adobe has been systematically reducing discounts on ETLAs as they enter the second renewal cycle of the original three-year terms.

    Adobe Cloud Bundling

    Adobe cloud services are being bundled with ETLAs with a mandate that companies that do not accept the services at the proposed cost have Adobe management’s approval to unbundle the deal, generally with no price relief.

    Custom Bundling

    The option for custom bundling of legacy Creative Suite component applications has been removed, effectively raising the price across the board for licensees that require more than two Adobe applications who must now purchase the full Creative Cloud suite.

    Higher and Public Education

    Higher education/public education agreements have been revamped over the past couple of years, increasing prices for campus-wide agreements by double-digit percentages (~10-30%+). While they still receive an 80% discount over list price, IT departments in this industry are not prepared to absorb the budget increase.

    Info-Tech Insight

    Adobe has moved to an all-or-one bundle model. If you need more than two application products, you will likely need to purchase the full Creative Cloud suite. Therefore, it is important to focus on creating accurate user profiles to identify usage needs.

    Use Info-Tech’s Adobe deployment tool for SAM: Track deployment and needs

    The image contains a screenshot of Info-Tech's Adobe deployment tool for SAM: Track deployment and needs.

    Use Info-Tech’s Adobe deployment tool for SAM: Audit

    The image contains a screenshot of the Adobe Deployment Tool for SAM, specifically the Audit tab.

    Use Info-Tech’s Adobe deployment tool for SAM: Cost

    The image contains a screenshot of the Adobe Deployment Tool for SAM, specifically the Cost tab.

    Use Info-Tech’s tools to compare ETLA vs. VIP and to document forecasted costs and benefits

    Is the ETLA or VIP option better for your organization?

    Use Info-Tech’s Adobe ETLA vs. VIP Pricing Table tool to compare ETLA costs against VIP costs.

    The image contains a screenshot of Info-Tech's Adobe ETLA vs. VIP Pricing Table.

    Your ETLA contains multiple products and is a multi-year agreement.

    Use Info-Tech’s ETLA Forecasted Costs and Benefits tool to forecast your ETLA costs and document benefits.

    The image contains a screenshot of Info-Tech's ETLA Forecasted Costs and Benefits.

    Adobe’s Creative Cloud Complete offering provides access to all Adobe creative products and ongoing upgrades

    Why subscription model?

    The subscription model forces customers to an annuity-based pricing model, so Adobe has recurring revenue from a subscription-based product. This increases customer lifetime value (CLTV) for Adobe while providing ongoing functionality updates that are not version/edition dependent.

    Key Characteristics:

    • Available as a month-to-month or annual subscription license
    • Can be purchased for one user, for a team, or for an enterprise
    • Subject to annual payment and true-up of license fees
    • Can only true-up during lifespan of contract; quantities cannot be reduced until renewal
    • May contain auto-renewal clauses – beware!

    Key things to know:

    1. Applications can be purchased individually if users require only one specific product. A few products continue to have on-premises licensing options, but most are offered by per-user subscriptions.
    2. At the end of the subscription period, the organization no longer has any rights to the software and would have to return to a previously owned version.
    3. True-downs are not possible (in contrast to Microsoft’s Office 365).
    4. Downgrade rights are not included or are limited by default.

    Which products are in the Creative Cloud bundle?

    Adobe Acrobat® XI Pro

    Adobe After Effects® CC

    Adobe Audition® CC

    Adobe Digital Publishing Suite, Single Edition

    Adobe InDesign® CC

    Adobe Dreamweaver® CC

    Adobe Edge Animate

    Adobe Edge Code preview

    Adobe Edge Inspect

    Adobe Photoshop CC

    Adobe Edge Reflow preview

    Adobe Edge Web Fonts

    Adobe Extension Manager

    ExtendScript Toolkit

    Adobe Fireworks® CS6

    Adobe Flash® Builder® 4.7 Premium Edition

    Adobe Flash Professional CC

    Adobe Illustrator® CC

    Adobe Prelude® CC

    Adobe Premiere® Pro CC

    Adobe Scout

    Adobe SpeedGrade® CC

    Adobe Muse CC

    Adobe Photoshop Lightroom 6

    Adobe offers different solutions for teams vs. enterprise licensing

    Evaluate the various options for Creative Cloud, as they can be purchased individually, for teams, or for enterprise.

    Bundle Name

    Target Customer

    Included Applications

    Features

    CC (for Individuals)

    Individual users

    The individual chooses

    • Sync, store, and share assets
    • Adobe Portfolio website
    • Adobe Typekit font collection
    • Microsoft Teams integration
    • Can only be purchased through credit card

    CC for Teams (CCT)

    Small to midsize organizations with a small number of Adobe users who are all within the same team

    Depends on your team’s requirements. You can select all applications or specific applications.

    Everything that CC (for individuals) does, plus

    • One license per user; can reassign CC licenses
    • Web-based admin console
    • Centralized deployment
    • Usage tracking and reporting
    • 100GB of storage per user
    • Volume discounts for 10+ seats

    CC for Enterprise (CCE)

    Large organizations with users who regularly use multiple Adobe products on multiple machines

    All applications including Adobe Stock for images and Adobe Enterprise Dashboard for managing user accounts

    Everything that CCT does, plus

    • Employees can activate a second copy of software on another device (e.g. home computer) as long as they share the same Adobe ID and are not used simultaneously
    • Ability to reassign licenses from old users to new users
    • Custom storage options
    • Greater integration with other Adobe products
    • Larger volume discounts with more seats

    For further information on specific functionality differences, reference Adobe’s comparison table.

    A Cloud-ish solution: Considerations and implications for IT organizations

    ☑ True cloud products are typically service-based, scalable and elastic, shared resources, have usage metering, and rely upon internet technologies. Currently, Adobe’s Creative Cloud and Document Cloud products lack these characteristics. In fact, the core products are still downloaded and physically installed on endpoint devices, then anchored to the cloud provisioning system, where the software can be automatically updated and continuously verified for compliance by ensuring the subscription is active.

    ☑ Adobe Cloud allows Adobe to increase end-user productivity by releasing new features and products to market faster, but the customer will increase lock-in to the Adobe product suite. The fast-release approach poses a different challenge for IT departments, as they must prepare to test and support new functionality and ensure compatibility with endpoint devices.

    ☑ There are options at the enterprise level that enable IT to exert more granular control over new feature releases, but these are tied to the ETLA and the provided enterprise portal and are not available on other subscription plans. This is another mechanism by which Adobe has been able to spur ETLA adoption.

    Not all CIOs consider SaaS/subscription applications their first choice, but the Adobe’s dominant position in the content and document management marketplace is forcing the shift regardless. It is significant that Adobe bypassed the typical hybrid transition model by effectively disrupting the ability to continue with perpetual licensing without falling behind the functionality curve.

    VIP plans do allow for annual terms and payment, but you lose the price elasticity that comes with multi-year terms.

    Download Info-Tech’s Adobe ETLA vs. VIP Pricing Table tool to compare ETLA costs against VIP costs.

    When moving to Adobe cloud, validate that license requirements meet organizational needs, not a sales quota

    Follow these steps in your transition to Creative Cloud.

    Step 1: Make sure you have a software asset management (SAM) tool to determine Adobe installs and usage within your environment.

    Step 2: Look at the current Adobe install base and usage. We recommend reviewing three months’ worth of reliable usage data to decide which users should have which licenses going forward.

    Step 3: Understand the changes in Adobe packages for Creative Cloud (CC). Also, take into account that the license types are based on users, not devices.

    Step 4: Identify those users who only need a single license for a single application (e.g. Photoshop, InDesign, Muse).

    Step 5: Identify the users who require CC suites. Look at their usage of previous Adobe suites to get an idea of which CC suite they require. Did they have Design Suite Standard installed but only use one or two elements? This is a good way to ensure you do not overspend on Adobe licenses.

    Source: The ITAM Review

    Download Info-Tech’s Adobe ETLA Deployment Forecast tool to track Adobe installs within your environment and to determine usage needs.

    Acquiring Adobe Software

    Adobe offers four common licensing methods, which are reviewed in detail in the following slides.

    Most common purchasing models

    Points for consideration

    • Value Incentive Plan (VIP)
    • Cumulative Licensing Program (CLP)
    • Transactional Licensing Program (TLP)
    • Enterprise Term License Agreement (ETLA)
    • Adobe, as with many other large software providers, includes special benefits and rights when its products are purchased through volume licensing channels.
    • Businesses should typically refrain from purchasing individual OEM (shrink wrap) licenses or those meant for personal use.
    • Purchase record history is available online, making it easier for your organization to manage entitlements in the case of an audit.

    "Customers are not even obliged to manage all the licenses themselves. The reseller partners have access to the cloud console and can manage licenses on behalf of their customers. Even better, they can seize cross and upsell opportunities and provide good insight into the environment. Additionally, Adobe itself provides optimization services."

    B-lay

    CLP and TLP

    The CLP and TLP are transactional agreements generally used for the purchase of perpetual licenses. For example, they could be used for making Acrobat purchases if Creative Suite products are purchased on the ETLA.

    The image contains a screenshot of a table comparing CLP and TLP.

    Source: “Adobe Buying Programs Comparison Guide for Commercial and Government Organizations”

    VIP and ETLA

    The Value Incentive Plan is aimed at small- to medium-sized organizations with no minimum quantity required. However, there is limited flexibility to reduce licenses and limited price protection for future purchases. The ETLA is aimed at large organizations who wish to have new functionality as it comes out, license management portal, services, and security/IT control aspects.

    The image contains a screenshot of a table comparing VIP and ETLA.

    Source: “Adobe Buying Programs Comparison Guide for Commercial and Government Organizations”

    ETLA commitments risk creating “shelfware-as-a-service”

    The Adobe ETLA’s rigid contract parameters, true-up process, and unique deployment/provisioning mechanisms give technology/IT procurement leaders fewer options to maximize cost-usage alignment and to streamline opex costs.

    ☑ No ETLA price book is publicly published; pricing is controlled by the Adobe enterprise sales team.

    ☑ Adobe's retail pricing is a good starting point for negotiating discounted pricing.

    ☑ ETLA commitments are usually for three years, and the lack of a true-down option increases the risk involved in overbuying licenses should the organization encounter a business downturn or adverse event.

    ☑ Pricing discounts are the highest at the initial ETLA signing for the upfront volume commitment. The true-up pricing is discounted from retail but still higher than the signing cost per license.

    ☑ Technical support is included in the ETLA.

    ☑ While purchases typically go through value-added resellers (VARs), procurement can negotiate directly with Adobe.

    "For cloud products, it is less complex when it comes to purchasing and pricing. If larger quantities are purchased on a longer term, the discount may reach up to 15%. As soon as you enroll in the VIP program, you can control all your licenses from an ‘admin console’. Any updates or new functionalities are included in the original price. When the licenses expire, you may choose to renew your subscriptions or remove them. Partial renewal is also accepted. Of course, you can also re-negotiate your price if more subscriptions are added to your console."

    B-lay

    ETLA recommendations

    1. Assess the end-user requirements with a high degree of scrutiny. Perform an analysis that matches the licensee with the correct Adobe product SKU to reduce the risk of overspending.
    • Leverage metering data that identifies actual usage and lack thereof, match to user profile functional requirements, and then determine end users’ actual license requirements.
  • Build in time to evaluate alternative products where possible and position the organization to leverage a Plan B vendor to replace or mitigate growth on the Adobe platform. Re-evaluate options well in advance of the ETLA renewal.
  • Secure price protection through negotiating a price cap or an extended ETLA term beyond the standard three-year term. Short of obtaining an escalation cap, which Adobe is strongly resisting, build in price increases for the ETLA renewal years.
    • Demand price transparency and granularity in the proposal process.
    • Validate that volume discounts are appropriate and show through to the true-up line item pricing.
  • Negotiate a true-down mechanism upfront with Adobe if usage decline is inevitable or expected due to a merger or acquisition, divestiture, or material restructuring event.
  • INFO-TECH TIP: For further guidance on ETLAs and pricing, contact your Info-Tech representative to set up a call with an analyst.

    Use Info-Tech’s Adobe ETLA Deployment Forecast tool to match licensees with Adobe product SKUs.

    Prepare for Adobe’s true-up process

    How the true-up process works

    When adding a license, the true-up price will be prorated to 50% of the license cost for previous year’s usage plus 100% of the license cost for the next year. This back-charging adds up to 150% of the overall true-up license cost. In some rare cases, Adobe has provided an “unlimited” quantity for certain SKUs; these Unlimited ETLAs generally align with FTE counts and limit FTE increases to about 5%. Procurement must monitor and work with SAM/ITAM and stakeholder groups to restrain unnecessary growth during the term of an Unlimited ETLA to avoid the risk of cost escalation at renewal time.

    Higher-education specific

    Higher-education clients can license under the ETLA based on a prescribed number of user and classroom/lab devices and/or on a FTE basis. In these cases, the combination of Creative Cloud and Acrobat Pro volume must equal the FTE total, creating an enterprise footprint. FTE calculations establish the full-time faculty plus one-third of part-time faculty plus one-half of part-time staff.

    Info-Tech Insight

    Compliance takes a different form in terms of the ETLA true-up process. The completion of Adobe's transition to cloud-based licensing and verification has improved compliance rates via phone home telemetry such that pirated software is less available and more easily detected. Adobe has actually decommissioned its audit arm in the Americas and EMEA.

    Audits and software asset management with Adobe

    Watch out for:

    • Virtual desktops, freeware, and test and trial licenses
    • Adobe products that may be bundled into a suite; a manual check will be needed to ensure the suite isn’t recognized as a standalone license
    • Pirated licenses with a “crack” built into the software

    Simplify your process – from start to finish – with these steps:

    Determine License Entitlements

    Obtain documentation from internal records and Adobe to track licenses and upgrades to determine what licenses you own and have the right to use.

    Gather Deployment Information

    Leverage a software asset management tool or process to determine what software is deployed and what is/is not being used.

    Determine Effective License Position

    Compare license entitlements with deployment data to uncover surpluses and deficits in licensing. Look for opportunities.

    Plan Changes to License Position

    Meet with IT stakeholders to discuss the enterprise license program (ELP), short- and long-term project plans, and budget allocation. Plan and document licensing requirements.

    Adobe Genuine Software Integrity Service

    • This service was started in 2014 to combat non-genuine software sold by non-authorized resellers.
    • The service works hand in hand with the cloud movement to reduce piracy.
    • Every Adobe product now contains an executable file that will scan your machine for non-genuine software.
    • If non-genuine software is detected, the user will be notified and directed to the official Adobe website for next steps.

    Detailed list of Adobe licensing contract types

    The table below describes Adobe contract types beyond the four typical purchasing models explained in the previous slides:

    Option

    What is it?

    What’s included?

    For

    Term

    CLP (Cumulative Licensing Program)

    10,000 plus points, support and maintenance optional

    Select Adobe perpetual desktop products

    Business

    2 years

    EA (Adobe Enterprise Agreement)

    100 licenses plus maintenance and support for eligible Adobe products

    All applications

    100+ users requirement

    3 years

    EEA (Adobe Enterprise Education Agreement)

    Creative Cloud enterprise agreement for education establishments

    Creative Cloud applications without services

    Education

    1 or 2 years

    ETLA (Enterprise Term License Agreement)

    Licensing program designed for Adobe’s top commercial, government, and education customers

    All Creative Cloud applications

    Large enterprise companies

    3 years

    K-12 – Enterprise Agreement

    Enterprise agreement for primary and secondary schools

    Creative Cloud applications without services

    Education

    1 year

    K-12 – School Site License

    Allows a school to install a Creative Cloud on up to 500 school-owned computers regardless of school size

    Creative Cloud applications without services

    Education

    1 year

    TLP (Transactional Licensing Program)

    Agreement for SMBs that want volume licensing bonuses

    Perpetual desktop products only

    Aimed at SMBs, but Enterprise customers can use the TLP for smaller requirements

    N/A

    Upgrade Plan

    Insurance program for software purchased under a perpetual license program such as CLP or TLP for Creative Cloud upgrade

    Dependent on the existing perpetual estate

    Anyone

    N/A

    VIP (Value Incentive Plan)

    VIP allows customers to purchase, deploy, and manage software through a term-based subscription license model

    Creative Cloud of teams

    Business, government, and education

    Insight breakdown

    Insight 1

    Adobe operates in its own niche in the creative space, and Adobe users have grown accustomed to their products, making switching very difficult.

    Insight 2

    Adobe has transitioned the vast majority of its software offerings to the cloud-based subscription model. Active management of licenses, software provisioning, and consumption of cloud services is now an ongoing job.

    Insight 3

    With the vendor lock-in process nearly complete via the transition to a SaaS subscription model, Adobe is raising prices on an annual basis. Advance planning and strategic use of the ETLA is key to avoid budget-breaking surprises.

    Summary of accomplishment

    Knowledge Gained

    • The key pieces of licensing information that should be gathered about the current state of your own organization.
    • An in-depth understanding of the required licenses across all of your products.
    • Clear methodology for selecting the most effective contract type.
    • Development of measurable, relevant metrics to help track future project success and identify areas of strength and weakness within your licensing program.

    Processes Optimized

    • Understanding of the importance of licensing in relation to business objectives.
    • Understanding of the various licensing considerations that need to be made.
    • Contract negotiation.

    Deliverables Completed

    • Adobe ETLA Deployment Forecast
    • Adobe ETLA Forecasted Cost and Benefits
    • Adobe ETLA vs. VIP Pricing Table

    Related Info-Tech Research

    Take Control of Microsoft Licensing and Optimize Spend

    Create an Effective Plan to Implement IT Asset Management

    Establish an Effective System of Internal IT Controls to Mitigate Risks

    Optimize Software Asset Management

    Take Control of Compliance Improvement to Conquer Every Audit

    Cut PCI Compliance and Audit Costs in Half

    Bibliography

    “Adobe Buying Programs: At-a-glance comparison guide for Commercial and government organizations.” Adobe Systems Incorporated, 2014. Web. 1 Feb. 2018.

    “Adobe Buying Programs Comparison Guide for Commercial and Government Organizations.” Adobe Systems Incorporated, 2018. Web.

    “Adobe Buying Programs Comparison Guide for Education.” Adobe Systems Incorporated, 2018. Web. 1 Feb 2018.

    “Adobe Education Enterprise Agreement: Give your school access to the latest industry-leading creative tools.” Adobe Systems Incorporated, 2014. Web. 1 Feb. 2018.

    “Adobe Enterprise Term License Agreement for commercial and government organizations.” Adobe Systems Incorporated, 2016. Web. 1 Feb. 2018.

    Adobe Investor Presentation – October 2017. Adobe Systems Incorporated, 2017. Web. 1 Feb. 2018.

    Cabral, Amanda. “Students react to end of UConn-Adobe contract.” The Daily Campus (Uconn), 5 April 2017. Web. 1 Feb. 2018.

    de Veer, Patrick and Alecsandra Vintilescu. “Quick Guide to Adobe Licensing.” B-lay, Web. 1 Feb. 2018.

    “Find the best program for your organization.” Adobe, Web. 1 Feb 2018.

    Foxen, David. “Adobe Upgrade Simplified.” Snow Software, 7 Oct. 2016. Web.

    Frazer, Bryant. “Adobe Stops Reporting Subscription Figures for Creative Cloud.” Studio Daily. Access Intelligence, LLC. 17 March 2016. Web.

    “Give your students the power to create bright futures.” Adobe, Web. 1 Feb 2018.

    Jones, Noah. “Adobe changes subscription prices, colleges forced to pay more.” BG Falcon Media. Bowling Green State University, 18 Feb. 2015. Web. 1 Feb. 2018.

    Mansfield, Adam. “Is Your Organization Prepared for Adobe’s Enterprise Term License Agreements (ETLA)?” UpperEdge,30 April 2013. Web. 1 Feb. 2018.

    Murray, Corey. “6 Things Every School Should Know About Adobe’s Move to Creative Cloud.” EdTech: Focus on K-12. CDW LLC, 10 June 2013. Web.

    “Navigating an Adobe Software Audit: Tips for Emerging Unscathed.” Nitro, Web. 1 Feb. 2018.

    Razavi, Omid. “Challenges of Traditional Software Companies Transitioning to SaaS.” Sand Hill, 12 May 2015. Web. 1 Feb. 2018.

    Rivard, Ry. “Confusion in the Cloud.” Inside Higher Ed. 22 May 2013. Web. 1 Feb. 2018.

    Sharwood, Simon. “Adobe stops software licence audits in Americas, Europe.” The Register. Situation Publishing. 12 Aug. 2016. Web. 1 Feb. 2018.

    “Software Licensing Challenges Faced In The Cloud: How Can The Cloud Benefit You?” The ITAM Review. Enterprise Opinions Limited. 20 Nov. 2015. Web.

    White, Stephen. “Understanding the Impacts of Adobe’s Cloud Strategy and Subscriptions Before Negotiating an ETLA.” Gartner, 22 Feb. 2016. Web.

    Tell Your Story With Data Visualization

    • Buy Link or Shortcode: {j2store}364|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Business Intelligence Strategy
    • Parent Category Link: /business-intelligence-strategy

    Analysts do not feel empowered to challenge requirements to deliver a better outcome. This alongside underlying data quality issues prevents the creation of accurate and helpful information. Graphic representations do not provide meaningful and actionable insights.

    Our Advice

    Critical Insight

    As organizations strive to become more data-driven, good storytelling with data visualization supports growing corporate data literacy and helps analysts in providing insights that improves organization's decision-making and value-driving processes, which ultimately boosts business performance.

    Impact and Result

    Follow a step-by-step guide to address the business bias of tacet experience over data facts and increase audience's understanding and acceptance toward data solutions.

    Save the lost hours and remove the challenges of reports and dashboards being disregarded due to ineffective usage.

    Gain insights from data-driven recommendations and have decision support to make informed decisions.

    Tell Your Story With Data Visualization Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Tell Your Story With Data Visualization Deck – Solve challenging business problems more effectively and improve communication with audiences by demonstrating significant insights through data storytelling with impactful visuals.

    Here is our step-by-step process of getting value out of effective storytelling with data visualization:

  • Step 1: Frame the business problem and the outcomes required.
  • Step 2: Explore the potential drivers and formulate hypotheses to test.
  • Step 3: Construct a meaningful narrative which the data supports.
    • Tell Your Story With Data Visualization Storyboard

    2. Storytelling Whiteboard Canvas Template – Plan out storytelling using Info-Tech’s whiteboard canvas template.

    This storytelling whiteboard canvas is a template that will help you create your visualization story narrative by:

  • Identifying the problem space.
  • Finding logical relationships and data identification.
  • Reviewing analysis and initial insights.
  • Building the story and logical conclusion.
    • Storytelling Whiteboard Canvas Template
    [infographic]

    Further reading

    Tell Your Story With Data Visualization

    Build trust with your stakeholders.

    Analyst Perspective

    Build trust with your stakeholders.

    Data visualization refers to graphical representations of data which help an audience understand. Without good storytelling, however, these representations can distract an audience with enormous amounts of data or even lead them to incorrect conclusions.

    Good storytelling with data visualization involves identifying the business problem, exploring potential drivers, formulating a hypothesis, and creating meaningful narratives and powerful visuals that resonate with all audiences and ultimately lead to clear actionable insights.

    Follow Info-Tech's step-by-step approach to address the business bias of tacit experience over data facts, improve analysts' effectiveness and support better decision making.

    Ibrahim Abdel-Kader, Research Analyst

    Ibrahim Abdel-Kader
    Research Analyst,
    Data, Analytics, and Enterprise Architecture

    Nikitha Patel, Research Specialist

    Nikitha Patel
    Research Specialist,
    Data, Analytics, and Enterprise Architecture

    Ruyi Sun, Research Specialist

    Ruyi Sun
    Research Specialist,
    Data, Analytics, and Enterprise Architecture

    Our understanding of the problem

    This research is designed for

    • Business analysts, data analysts, or their equivalent who (in either a centralized or federated operating model) look to solve challenging business problems more effectively and improve communication with audiences by demonstrating significant insights through visual data storytelling.

    This research will also assist

    • A CIO or business unit (BU) leader looking to improve reporting and analytics, reduce time to information, and embrace decision making.

    This research will help you

    • Identify the business problem and root causes that you are looking to address for key stakeholders.
    • Improve business decision making through effective data storytelling.
    • Focus on insight generation rather than report production.
    • Apply design thinking principles to support the collection of different perspectives.

    This research will help them

    • Understand the report quickly and efficiently, regardless of their data literacy level.
    • Grasp the current situation of data within the organization.

    Executive Summary

    Your Challenge Common Obstacles Info-Tech's Approach
    As analysts, you may experience some critical challenges when presenting a data story.
    • The graphical representation does not provide meaningful or actionable insights.
    • Difficulty selecting the right visual tools or technologies to create visual impact.
    • Lack of empowerment, where analysts don't feel like they can challenge requirements.
    • Data quality issues that prevent the creation of accurate and helpful information.
    Some common roadblocks may prevent you from addressing these challenges.
    • Lack of skills and context to identify the root cause or the insight that adds the most value.
    • Lack of proper design or over-visualization of data will mislead/confuse the audience.
    • Business audience bias, leading them to ignore reliable insights presented.
    • Lack of the right access to obtain data could hinder the process.
    • Understand and dissect the business problem through Info-Tech's guidance on root cause analysis and design thinking process.
    • Explore each potential hypothesis and construct your story's narratives.
    • Manage data visualization using evolving tools and create visual impact.
    • Inform business owners how to proceed and collect feedback to achieve continuous improvement.

    Info-Tech Insight
    As organizations strive to become more data-driven, good storytelling with data visualization supports growing corporate data literacy and helps analysts provide insights that improve organizational decision-making and value-driving processes, which ultimately boosts business performance.

    Glossary

    • Data: Facts or figures, especially those stored in a computer, that can be used for calculating, reasoning, or planning. When data is processed, organized, structured, or presented in a given context to make it useful, it is called information. Data leaders are accountable for certain data domains and sets.
    • Data storytelling: The ability to create a narrative powered by data and analytics that supports the hypothesis and intent of the story. Narrators of the story should deliver a significant view of the message in a way easily understood by the target audience. Data visualization can be used as a tactic to enhance storytelling.
    • Data visualization: The ability to visually represent a complete story to the target audience powered by data & analytics, using data storytelling as an enabling mechanism to convey narratives. Typically, there are two types of visuals used as part of data visualization: explanatory/informative visuals (the entire story or specific aspects delivered to the audience) and exploratory visuals (the collected data used to clarify what questions must be answered).
    • Data literacy: The ability to read, work with, analyze, and argue with data. Easy access to data is essential to exercising these skills. All organizational employees involved with data-driven decisions should learn to think critically about the data they use for analytics and how they assess and interpret the results of their work.
    • Data quality: A measure of the condition of data based on factors such as accuracy, completeness, consistency, reliability, and being up-to-date. This is about how well-suited a data set is to serve its intended purpose, therefore business users and stakeholders set the standards for what is good enough. The governance function along with IT ensures that data quality measures are applied, and corrective actions taken.
    • Analytics/Business intelligence (BI): A technology-driven process for analyzing data and delivering actionable information that helps executives, managers, and workers make informed business decisions. As part of the BI process, organizations collect data from internal IT systems and external sources, prepare it for analysis, run queries against the data, and create data visualizations.
      Note: In some frameworks, analytics and BI refer to different types of analyses (i.e. analytics predict future outcomes, BI describes what is or has been).

    Getting value out of effective storytelling with data visualization

    Data storytelling is gaining wide recognition as a tool for supporting businesses in driving data insights and making better strategic decisions.

    92% of respondents agreed that data storytelling is an effective way of communicating or delivering data and analytics results.

    87% of respondents agreed that if insights were presented in a simpler/clearer manner, their organization's leadership team would make more data-driven decisions.

    93% of respondents agreed that decisions made based on successful data storytelling could potentially help increase revenue.

    Source: Exasol, 2021

    Despite organizations recognizing the value of data storytelling, issues remain which cannot be remedied solely with better technology.

    61% Top challenges of conveying important insights through dashboards are lack of context (61%), over-communication (54%), and inability to customize contents for intended audiences (46%).

    49% of respondents feel their organizations lack storytelling skills, regardless of whether employees are data literate.

    Source: Exasol, 2021

    Info-Tech Insight
    Storytelling is a key component of data literacy. Although enterprises are increasingly investing in data analytics software, only 21% of employees are confident with their data literacy skills. (Accenture, 2020)

    Prerequisite Checklist

    Before applying Info-Tech's storytelling methodology, you should have addressed the following criteria:

    • Select the right data visualization tools.
    • Have the necessary training in statistical analysis and data visualization technology.
    • Have competent levels of data literacy.
    • Good quality data founded on data governance and data architecture best practices.

    To get a complete view of the field you want to explore, please refer to the following Info-Tech resources:

    Select and Implement a Reporting and Analytics Solution

    Build a Data Architecture Roadmap

    Establish Data Governance

    Build Your Data Quality Program

    Foster Data-Driven Culture With Data Literacy

    Info-Tech's Storytelling With Data Visualization Framework

    Data Visualization Framework

    Info-Tech Insight
    As organizations strive to become more data-driven, good storytelling with data visualization supports growing corporate data literacy and helps analysts provide insights that improve organizational decision-making and value-driving processes, which ultimately boosts business performance.

    Research Benefits

    Member Benefits Business Benefits
    • Reduce time spent on getting your audience in the room and promote business involvement with the project.
    • Eliminate ineffectively used reports and dashboards being disregarded for lack of storytelling skills, resulting in real-time savings and monetary impact.
    • Example: A $50k reporting project has a 49% risk of the company being unable to communicate effective data stories (Exasol, 2021). Therefore, a $50k project has an approx. 50% chance of being wasted. Using Info-Tech's methodology, members can remove the risk, saving $25k and the time required to produce each report.
    • Address the common business bias of tacit experience over data-supported facts and increase audience understanding and acceptance of data-driven solutions.
    • Clear articulation of business context and problem.
    • High-level improvement objectives and return on investment (ROI).
    • Gain insights from data-driven recommendations to assist with making informed decisions.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit Guided Implementation Workshop Consulting
    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Build a Service-Based Security Resourcing Plan

    • Buy Link or Shortcode: {j2store}267|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $20,799 Average $ Saved
    • member rating average days saved: 20 Average Days Saved
    • Parent Category Name: Security Processes & Operations
    • Parent Category Link: /security-processes-and-operations
    • IT and security leaders across all industries must determine what and how many resources are needed to support the information security program.
    • Estimating current usage and future demand for security resources can be a difficult and time-consuming exercise.

    Our Advice

    Critical Insight

    Not all security programs need to be the same. A service-aligned security resourcing strategy will put organizations in the best position to respond to current and future service demands and address business needs as they evolve over time.

    Impact and Result

    • Info-Tech’s approach to resource planning focuses less on benchmarks and more on estimating actual demand for security services to ensure that there are enough resources to deliver them.
    • A well-designed security services portfolio is the first step towards determining resourcing needs.
    • When planning resource allocations, plan for both mandatory and discretionary demand to optimize utilization.

    Build a Service-Based Security Resourcing Plan Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build a Service-Based Security Resourcing Plan – A blueprint to help you define security roles, build a service portfolio, estimate demand, and determine resourcing needs.

    This storyboard will help you to determine your security resourcing needs using a service-based approach.

    • Build a Service-Based Security Resourcing Plan – Phases 1-3

    2. Security Resources Planning Workbook – This tool will result in a defined security service portfolio and a three-year resourcing plan.

    Use this tool to build your security service portfolio and to determine resourcing needs to meet your service demand.

    • Security Resources Planning Workbook

    Infographic

    Workshop: Build a Service-Based Security Resourcing Plan

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Roles and Select Services

    The Purpose

    Identify the roles needed to implement and deliver your organization’s security services.

    Key Benefits Achieved

    A security services portfolio allows you to assign job roles to each service, which is the first step towards determining resourcing needs. Improve employee engagement and satisfaction with clearly defined job roles, responsibilities, and service levels.

    Activities

    1.1 Assess security needs and business pressures.

    1.2 Define security job roles.

    1.3 Define security services and assign ownership.

    Outputs

    Security Roles Definition

    Security Services Portfolio

    2 Estimate Current and Future Demand

    The Purpose

    Estimate the actual demand for security resources and determine how to allocate resources accordingly.

    Key Benefits Achieved

    Allocate resources more effectively across your Security and Risk teams.

    Raise the profile of your security team by aligning security service offerings with the demands of the business.

    Activities

    2.1 Estimate current and future demand.

    2.2 Review demand summary.

    2.3 Allocate resources where they are needed the most.

    Outputs

    Demand Estimates

    Resourcing Plan

    3 Identify Required Skills

    The Purpose

    When defining roles, consider the competencies needed to deliver your security services. Make sure to account for this need in your resource planning.

    Key Benefits Achieved

    Leverage the NCWF to establish the building blocks of a capable and ready cybersecurity workforce to effectively identify, recruit, develop and maintain cybersecurity talent.

    Activities

    3.1 Identify skills needed for planned initiatives.

    3.2 Prioritize your skill requirements.

    3.3 Assign work roles to the needs of your target environment.

    3.4 Discuss the NICE cybersecurity workforce framework.

    3.5 Develop technical skill requirements for current and future work roles.

    Outputs

    Prioritized Skill Requirements and Associated Roles

    4 Future Planning

    The Purpose

    Create a development plan to train and upskill your employees to address current and future service requirements.

    Key Benefits Achieved

    Skill needs are based on the strategic requirements of a business-aligned security program.

    Activities

    4.1 Continue developing technical skill requirements for current and future work roles.

    4.2 Conduct current workforce skills assessment.

    4.3 Develop a plan to acquire skills.

    4.4 Discuss training and certification opportunities for staff.

    4.5 Discuss next steps for closing the skills gap.

    4.6 Debrief.

    Outputs

    Role-Based Skills Gaps

    Workforce Development Plan

    Further reading

    Build a Service-Based Security Resourcing Plan

    Every security program is unique; resourcing allocations should reflect this.

    Analyst Perspective

    Start by looking inward.

    The image is a picture of Logan Rohde.The image is a picture of Isabelle Hertanto.

    Organizations have a critical need for skilled cybersecurity resources as the cyberthreat landscape becomes more complex. This has put a strain on many security teams who must continue to meet demand for an increasing number of security services. To deliver services well, we first need to determine what are the organization’s key security requirements. While benchmarks can be useful for quick peer-to-peer comparisons to determine if we are within the average range, they tend to make all security programs seem the same. This can lead to misguided investments in security services and personnel that might be better used elsewhere.

    Security teams will be most successful when organizations take a personalized approach to security, considering what must be done to lower risk and operate more efficiently and effectively.

    Logan Rohde

    Senior Research Analyst, Security

    Info-Tech Research Group

    Isabelle Hertanto

    Principal Research Director, Security

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    • IT and Security leaders across all industries must determine what and how many resources are needed to support the information security program.
    • Estimating current usage, the right allocations, and future demand for security resources can be a difficult and time-consuming exercise.
    • Needing to provide a benchmark to justify increasing headcount.
    • Absence of formally defined security service offerings and service owners.
    • Lack of skills needed to provide necessary security services.
    • Info-Tech’s approach to resource planning focuses less on benchmarks and more on estimating actual demand for security services to ensure that there are enough resources to deliver them.
    • A well-designed security services portfolio is the first step toward determining resourcing needs.
    • When allocating resources, plan for both mandatory and discretionary demand to position yourself for greatest success.

    Info-Tech Insight

    Not all security programs need to be the same. A service-aligned security resourcing strategy will put organizations in the best position to respond to current and future service demands and address business needs as they evolve over time.

    Your challenge

    This research is designed to help organizations who are looking to:

    • Determine what and how many resources are needed to support the information security program.
    • Identify the organization's key service offerings and the required resourcing to support delivery of such services.
    • Estimate current staff utilization and required allocations to satisfy future demand for services.

    Every organization is unique and will need different security research allocations aligned with their business needs.

    “The number of priorities that CISOs have continues to grow, but if everything is a priority, nothing is. It’s important to focus on the ones that deliver the most value to your organization and that are synchronized with the overall business strategy.”

    Paige H. Adams

    Global CISO at Zurich

    Insurance

    Source: Proofpoint, 2021

    Common obstacles

    These barriers make this challenge difficult to address for many organizations:

    • Security leaders sometimes try to cut to the chase and lean on staffing benchmarks to justify their requests for resources. However, while staffing benchmarks are useful for quick peer-to-peer validation and decision making, they tend to reduce security programs down to a set of averages, which can be misleading when used out of context.
    • A more effective approach is to determine what security services need to be provided, the level of demand, and what it will take to meet that demand currently and in the coming years.
    • With these details available, it becomes much easier to predict what roles need to be hired, what skills need to be developed, and whether outsourcing is an option.

    Hiring delays and skills gaps can fuel resourcing challenges

    59% of organizations report taking 3-6+ months to fill a vacant cybersecurity position.

    Source: ISACA, 2020

    30% report IT knowledge as the most prevalent skills gap in today’s cybersecurity professionals.

    Source: ISACA, 2020

    Info-Tech’s methodology for Building a Service-Based Security Resourcing Plan

    1. Determine Security Service Portfolio Offerings

    2. Plan for Mandatory Versus Discretionary Demand

    3. Define Your Resourcing Model

    Phase Steps

    1 Gather Requirements and Define Roles

    1.2 Choose Security Service Offerings

    2.1 Assess Demand

    3.1 Review Demand Summary

    3.2 Develop an Action Plan

    Phase Outcomes

    Security requirements

    Security service portfolio

    Service demand estimates

    Service hour estimates

    Three-year resourcing plan

    Stay on top of resourcing demands with a security service portfolio

    Security programs should be designed to address unique business needs.

    A service-aligned security resourcing strategy will put organizations in the best position to respond to current and future service demands and address business needs as they evolve over time.

    Watch out for role creep.

    It may be tempting to assign tasks to the people who already know how to do them, but we should consider which role is most appropriate for each task. If all services are assigned to one or two people, we’ll quickly use up all their time.

    Time estimates will improve with practice.

    It may be difficult to estimate exactly how long it takes to carry out each service at first. But making the effort to time your activities each quarter will help you to improve the accuracy of your estimates incrementally.

    Start recruiting well in advance of need.

    Security talent can be difficult to come by, so make sure to begin your search for a new hire three to six months before your demand estimates indicate the need will arise.

    People and skills are both important.

    As the services in your portfolio mature and become more complex, remember to consider the skills you will need to be able to provide that service. Make sure to account for this need in your resource planning and keep in mind that we can only expect so much from one role. Therefore, hiring may be necessary to keep up with the diverse skills your services may require.

    Make sure your portfolio reflects reality.

    There’s nothing wrong with planning for future state, but we should avoid using the portfolio as a list of goals.

    Blueprint deliverable

    Use this tool to build your security services portfolio, estimate demand and hours needed, and determine FTE requirements.

    The image contains screenshots of the Security Resources Planning Workbook.

    Key deliverable:

    Security Resources Planning Workbook

    The Security Resources Planning Workbook will be used to:

    • Build a security services portfolio.
    • Estimate demand for security services and the efforts to deliver them.
    • Determine full-time equivalent (FTE) requirements for each service.
    The image contains a thought model to demonstrate the benchmarks that lead to a one-size-fits-all approach to security.

    Blueprint benefits

    IT Benefits

    Business Benefits

    • Allocate resources more effectively across your security and risk teams.
    • Improve employee engagement and satisfaction with clearly defined job roles, responsibilities, and service levels.
    • Raise the profile of your security team by aligning security service offerings with the demands of the business.
    • Ensure that people, financial, knowledge, and technology resources are appropriately allocated and leveraged across the organization.
    • Improve your organization’s ability to satisfy compliance obligations and reduce information security risk.
    • Increase customer and business stakeholder satisfaction through reliable service delivery.

    Measure the value of this blueprint

    Use these metrics to realize the value of completing this blueprint.

    Metric

    Expected Improvement

    Level of business satisfaction with IT security

    You can expect to see a 20% improvement in your IT Security Business Satisfaction Diagnostic.

    Reports on key performance indicators and service level objectives

    Expect to see a 40% improvement in security service-related key performance indicators and service level objectives.

    Employee engagement scores

    You can expect to see approximately a 10% improvement in employee engagement scores.

    Changes in rates of voluntary turnover

    Anticipating demand and planning resources accordingly will help lower employee turnover rates due to burnout or stress leave by as much as 10%.

    47% of cybersecurity professionals said that stress and burnout has become a major issue due to overwork, with most working over 41 hours a week, and some working up to 90.

    Source: Security Boulevard, 2021

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.” “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.” “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.” “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3

    Call #1: Scope requirements, objectives, and your specific drivers.

    Call #2: Discuss roles and duties.

    Call #3: Build service portfolio and assign ownership.

    Call #4: Estimate required service hours.

    Call #5: Review service demand and plan for future state.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 4 to 6 calls over the course of 2 to 3 months.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Day 5

    Define Roles and Select Services

    Estimate Current and Future Demand

    Identify Required Skills

    Future Planning

    Next Steps and
    Wrap-Up (offsite)

    Activities

    1.1 Assess Security Needs and Business Pressures.

    1.2 Define Security Job Roles.

    1.3 Define Security Services and Assign Ownership.

    2.1 Estimate Current and Future Demand.

    2.2 Review Demand Summary.

    2.3 Allocate Resources Where They Are Needed the Most.

    3.1 Identify Skills Needed Skills for Planned Initiatives.

    3.2 Prioritize Your Skill Requirements.

    3.3 Assign Work Roles to the Needs of Your Target Environment.

    3.4 Discuss the NICE Cybersecurity Workforce Framework.

    3.5 Develop Technical Skill Requirements for Current and Future Work Roles.

    4.1 Continue Developing Technical Skill Requirements for Current and Future Work Roles.

    4.2 Conduct Current Workforce Skills Assessment.

    4.3 Develop a Plan to Acquire Skills.

    4.4 Discuss Training and Certification Opportunities for Staff.

    4.5 Discuss Next Steps for Closing the Skills Gap.

    4.6 Debrief.

    5.1 Complete In-Progress Deliverables From Previous Four Days.

    5.2 Set Up Review Time for Workshop Deliverables and to Discuss Next steps.

    Deliverables
    1. FTE-Hours Calculation
    2. Security Roles Definition
    3. Security Services Portfolio
    1. Demand Estimates
    2. Resourcing Plan
    1. Skills Gap Prioritization Tool
    2. Technical Skills Tool
    1. Technical Skills Tool
    2. Current Workforce Skills Assessment
    3. Skills Development Plan

    Phase 1

    Determine Security Service Portfolio Offerings

    Phase 1

    Phase 2

    Phase 3

    1.1 Gather Requirements and Define Roles

    1.2 Choose Security Service Offerings

    2.1 Assess Demand

    3.1 Determine Resourcing Status

    This phase involves the following participants:

    • CISO
    • Core Security Team
    • Business Representative (optional)

    Step 1.1

    Gather Requirements and Define Roles

    Activities

    1.1.1 Assess Business Needs and Pressures

    1.1.2 Define Security Roles

    This step involves the following participants:

    • CISO
    • Core Security Team
    • Business Representative (optional)

    Outcomes of this step

    • Security program requirements
    • Security roles definitions

    1.1.1 Assess security needs and pressures

    1 hour

    1. As a group, brainstorm the security requirements for your organization and any business pressures that exist within your industry (e.g. compliance obligations).
    • To get started, consider examples of typical business pressures on the next slides. Determine how your organization must respond to these points (note: this is not an exhaustive list).
    • You will likely notice that these requirements have already influenced the direction of your security program and the kinds of services it needs to provide to the business side of the organization.
  • There may be some that have not been well addressed by current service offerings (e.g. current service maturity, under/over definition of a service). Be sure to make a note of these areas and what the current challenge is and use these details in Step 1.2.
  • Document the results for future use in Step 1.2.1.
  • Input Output
    • List of key business requirements and industry pressures
    • Prioritized list of security program requirements
    Materials Participants
    • Whiteboard
    • Sticky notes
    • CISO
    • Core Security Team
    • Business Representative (optional)

    Typical business pressures examples

    The security services you will provide to the organization should be based on its unique business requirements and pressures, which will make certain services more applicable than others. Use this exercise to get an idea of what those business drivers might be.

    The image contains a screenshot of Typical business pressures examples.

    1.1.2 Define security roles

    1-2 hours

    1. Using the link below, download the Security Resources Planning Workbook and review the examples provided on the next slide.
    2. On tab 1 (Roles), review the example roles and identify which roles you have within your security team.
    • If necessary, customize the roles and descriptions to match your security team’s current make up.
    • If you have roles within your security team that do not appear in the examples, you can add them to the bottom of the table.
  • For each role, use columns D-F to indicate how many people (headcount) you have, or plan to have, in that role.
  • Use columns H-J to indicate how many hours per year each role has available to deliver the services within your service catalog.
  • Input Output
    • Full-time hours worked per week Weeks worked per year Existing job descriptions/roles
    • Calculated full-time equivalents (FTE) Defined security roles
    Materials Participants
    • Security Resources Planning Workbook
    • CISO
    • Core Security Team

    Download the Security Resources Planning Workbook

    Calculating FTEs and defining security roles

    The image contains a screenshot of the workbook demonstrating calculating FTEs and defining security roles.

    1. Start by entering the current and planned headcount for each role
    2. Then enter number of hours each role works per week
    3. Estimate the number of administrative hours (e.g. team meetings, training) per week
    4. Enter the average number of weeks per year that each role is available for service delivery
    5. The tool uses the data from steps 2-4 to calculate the average number of hours each role has for service delivery per year (FTE)

    Info-Tech Insight

    Watch out for role creep. It may be tempting to assign tasks to the people who already know how to do them, but we should consider which role is most appropriate for each task. If all services are assigned to one or two people, we’ll quickly use up all their time.

    Other considerations

    Address your skills gap.

    Cybersecurity is a rapidly evolving discipline and security teams from all over are reporting challenges related to training and upskilling needed to keep pace with the developments of the threat landscape.

    95% Security leaders who agree the cybersecurity skills gap has not improved over the last few years.*

    44% Security leaders who say the skills gap situation has only gotten worse.*

    When defining roles, consider the competencies needed to deliver your security services. Use Info-Tech’s blueprint Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan to help you determine the required skillsets for each role.

    * Source: ISSA, 2021

    Info-Tech Insight

    As the services in your portfolio mature and become more complex, remember to consider the skills you need and will need to be able to provide that service. Make sure to account for this need in your resource planning and keep in mind that we can only expect so much from one role. Therefore, hiring may be necessary to keep up with the diverse skills your services may require.

    Download blueprint Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan

    Step 1.2

    Choose Security Service Offerings

    Activities

    1.2.1 Define Security Services and Role Assignments

    This step involves the following participants:

    • CISO
    • Core Security Team

    Outcomes of this step

    • Service portfolio
    • Service pipeline status
    • Service ownership

    1.2.1 Define security services and role assignments

    2-4 hours

    1. As a group, review the outputs from Step 1.1.1. These requirements will serve as the basis to prioritize the service offerings of your security portfolio.
    2. Take these outputs, as well as any additional notes you’ve made, and put them side by side with the example service offerings on tab 3 of the Security Resources Planning Workbook so each service can be considered alongside these requirements (i.e. to determine if that service should be included in the security service portfolio at this time).
    3. Using the following slides as a guide, work your way down the list of example services and choose the services for your portfolio. For each service selected, be sure to customize the definition of the service and state its outcome (i.e. what time is spent when providing this service, indicate if it is outsourced, which role is responsible for delivering it, and the service pipeline status (in use, plan to use, plan to retire)).
    InputOutput
    • Business and security requirements gathered in Step 1.1.1
    • Defined security service portfolio
    • Service ownership assigned to role
    MaterialsParticipants
    • Security Resources Planning Workbook
    • CISO
    • Core Security Team

    Download the Security Resources Planning Workbook

    Service needs aligned with your control framework

    Use Info-Tech's best-of-breed Security Framework to develop a comprehensive baseline set of security service areas.

    The image contains a screenshot of the Security Framework.

    Prioritize your security services

    Example of a custom security services portfolio definition

    Security Strategy and Governance Model

    • Aligned Business Goals
    • Security Program Objectives
    • Centralized vs. Decentralized Governance Model

    Compliance Obligations

    • Penetration testing
    • Annual security audits
    • Data privacy and protection laws

    CISO Accountabilities

    • Security Policy
    • Risk Management
    • Application & Infrastructure Security
    • Program Metrics and Reporting

    Consider each of the requirement categories developed in Step 1.1.1 against the taxonomy and service domain here. If there is a clear need to add this service, use the drop-down list in the “Include in Catalog” column to indicate “Yes.” Mark un-needed services as “No.”

    The image contains a screenshot of the security services portfolio definition.

    Assigning roles to services

    The image contains an example of assigning roles to services.

    1. If the service is being outsourced, use the drop-down list to select “Yes.” This will cause the formatting to change in the neighboring cell (Role), as this cell does not need to be completed.
    2. For all in-sourced services, indicate the role assigned to perform the service.
    3. Indicate the service-pipeline status for each of the services you include. The selection you make will affect the conditional formatting on the next tab, similar to what is described in step 1.

    Info-Tech Insight

    Make sure your portfolio reflects current state and approved plans. There’s nothing wrong with planning for the future, but we should avoid using the portfolio as a list of goals.

    Phase 2

    Plan for Mandatory Versus Discretionary Demand

    Phase 1

    Phase 2

    Phase 3

    1.1 Gather Requirements and Define Roles

    1.2 Choose Security Service Offerings

    2.1 Assess Demand

    3.1 Determine Resourcing Status

    This phase involves the following participants:

    • CISO
    • Core Security Team

    Step 2.1

    Assess Demand

    Activities

    2.1.1 Estimate Current and Future Demand

    This step involves the following participants:

    • CISO
    • Core Security Team

    Outcomes of this step

    • Service demand estimates
    • Total service hours required
    • FTEs required per service

    2.1.1 Estimate current and future demand

    2-4 hours

    1. Estimate the number of hours required to complete each of the services in your portfolio and how frequently it is performed. Remember the service-hour estimates should be based on the outcome of the service (see examples on the next slide).
    • To do this effectively, think back over the last quarter and count how many times the members of your team performed each service and how many hours it took to complete.
    • Then, think back over the last year and consider if the last quarter represents typical demand (i.e. you may notice that certain services have a greater demand at different parts of the year, such as annual audit) and arrive at your best estimate for both service hours and demand.
    • See examples on next slide.

    Note: For continuous services (i.e. 24/7 security log monitoring), use the length of the work shift for estimating the Hours to Complete and the corresponding number of shifts per year for Mandatory Demand estimates. Example: For an 8-hour shift, there are 3 shifts per day at 365 days/year, resulting in 1,095 total shifts per year.

    Download the Security Resources Planning Workbook

    InputOutput
    • Service-hour estimations
    • Expected demand for service
    • Discretionary demand for service
    • Total hours required for service
    • FTEs required for service
    MaterialsParticipants
    • Security Resources Planning Workbook
    • CISO
    • Core Security Team

    Info-Tech Insight

    Time estimates will improve over time. It may be difficult to estimate exactly how long it takes to carry out each service at first. But making the effort to time your activities each quarter will help you to improve the accuracy of your estimates incrementally.

    Understanding mandatory versus discretionary demand

    Every service may have a mix of mandatory and discretionary demands. Understanding and differentiating between these types of demand is critical to developing an efficient resourcing plan.

    The image contains a picture used to represent mandatory demand.

    Mandatory Demand

    Mandatory demand refers to the amount of work that your team must perform to meet compliance obligations and critical business and risk mitigation requirements.

    Failure to meet mandatory demand levels will have serious consequences, such as regulatory fines or the introduction of risks that far exceed risk tolerances. This is work you cannot refuse.

    The image contains a diagram to demonstrate the relationship between Mandatory and Discretionary demand.

    The image contains a picture used to represent discretionary demand.

    Discretionary Demand

    Discretionary demand refers to the amount of work the security team is asked to perform that goes above and beyond your mandatory demand. Discretionary demand often comes in the form of ad hoc requests from business units or the IT department.

    Failure to meet discretionary demand levels usually has limited consequences, allowing you more flexibility to decide how much of this type of work you can accept.

    Mandatory versus discretionary demand examples

    Service Name

    Mandatory Demand Example

    Discretionary Demand Example

    Penetration Testing

    PCI compliance requires penetration testing against all systems within the cardholder data environment annually (currently 2 systems per year).

    Business units request ad hoc penetration testing against non-payment systems (expected 2-3 systems per year).

    Vendor Risk Assessments

    GDPR compliance requires vendor security assessments against all third parties that process personal information on our behalf (expected 1-2 per quarter).

    IT department has requested that the security team conduct vendor security assessments for all cloud services, regardless of whether they store personal information (expected 2-3 assessments per quarter).

    e-Discovery and Evidence Handling

    There is no mandatory demand for this service.

    The legal department occasionally asks the security team to assist with e-Discovery requests (expected demand 1-2 investigations per quarter).

    Example of service demand estimations

    The image contains a screenshot example of service demand estimations.

    1. For each service, describe the specific outcome or deliverable that the service produces. Modify the example deliverables as required.
    2. Enter the number of hours required to produce one instance of the service deliverable. For example, if the deliverable for your security training service is an awareness campaign, it may require 40 person hours to develop and deliver.
    3. Enter the number of mandatory and discretionary demands expected for each service within a given year. For instance, if you are delivering quarterly security awareness campaigns, enter 4 as the demand.

    Phase 3

    Build Your Resourcing Plan

    Phase 1

    Phase 2

    Phase 3

    1.1 Gather Requirements and Define Roles

    1.2 Choose Security Service Offerings

    2.1 Assess Demand

    3.1 Determine Resourcing Status

    This phase involves the following participants:

    • CISO
    • Security Manager

    Step 3.1

    Determine Resourcing Status

    Activities

    3.1.1 Review Demand Summary

    3.1.2 Fill Resource Gaps

    This step involves the following participants:

    • CISO
    • Security Manager

    Outcomes of this step

    • The number of FTEs required to meet demand
    • Resourcing gaps

    3.1.1 Review demand summary

    1-2 hours

    1. On tab 5 of the Security Resourcing Planning Tool (Demand Summary), review the results. This tab will show you if you have enough FTE hours per role to meet the demand level for each service.
    • Green indicates that there is a surplus of FTEs and the number displayed shows how many extra FTEs there are.
    • Yellow text that you have adequate FTEs to meet all of your mandatory demand but may not have enough to meet all of your discretionary demand.
    • Red text indicates that there are too few FTEs available, and the number displayed shows how many additional FTEs you will require.
  • Take note of how many FTEs you will need to meet expected and discretionary demand in each of the years you’ve planned for.
  • Input Output
    • Current staffing
    • Resourcing model
    Materials Participants
    • Security Resources Planning Workbook
    • CISO
    • HR Representative

    Download the Security Resources Planning Workbook

    Info-Tech Insight

    Start recruiting well in advance of need. Security talent can be difficult to come by, so make sure to begin your search for a new hire three to six months before your demand estimates indicate the need will arise.

    Example of demand planning summary (1/2)

    The image contains a screenshot of an example of demand planning summary.

    Example of demand planning summary (2/2)

    The image contains a screenshot of an example of demand planning. This image has a screenshot of the dashboard.

    3.1.2 Fill resource gaps

    2-4 hours

    1. Now that you have a resourcing model for your security services, you will need to plan to close the gaps between available FTEs and required service hours. For each role that has been under/over committed to service delivery, review the services assignments on tab 3 and determine the viability of the following gap closure actions:
      1. Reassign service responsibility to another role with fewer commitments
      2. Create efficiencies to reduce required hours
      3. Hire to meet the service demand
      4. Outsource the service
    2. Your resourcing shortages may not all be apparent at once. Therefore, build a roadmap to determine which needs must be addressed immediately and which can be scheduled for years two and three.

    Consider outsourcing

    Outsourcing provides access to tools and talent that would otherwise be prohibitively expensive. Typical reasons for outsourcing security operations include:

    • Difficulty finding or retaining security staff with advanced and often highly specialized skillsets.
    • The desire to transfer liability for high-risk operational activities such as 24/7 security monitoring.
    • Workforce scalability to accommodate irregular or infrequent events such as incident response and incident-related forensic investigations.

    Given the above, three different models have emerged for the operational security organization:

    1. Outsourced SecOps

    A fully outsourced Security Operations Center, managed and governed by a smaller in-house team

    2. Balanced Hybrid

    In-house operational security staff with some reliance on managed services

    3. In-House SecOps

    A predominantly in-house security team, augmented by a small managed services contract

    Once you have determined that further outsourcing is needed, go back and adjust the status in your service portfolio. Use Info-Tech's blueprint Develop Your Security Outsourcing Strategy to determine the right approach for your business needs.

    “The workforce of the future needs to be agile and adaptable, enabled by strong partnerships with third-party providers of managed security services. I believe these hybrid models really are the security workforce of the future.”

    – Senior Manager, Cybersecurity at EY

    Download blueprint Develop Your Security Outsourcing Strategy

    Info-Tech Insight

    Choose the right model for your organization’s size, risk tolerance, and process maturity level. For example, it might make more sense for larger enterprises with low risk tolerance to grow their internal teams and build in-house capability.

    Create efficiencies

    Resourcing challenges are often addressed more directly by increased spending. However, for a lot of organizations, this just isn’t possible. While there is no magic solution to resolve resource constraints and small budgets, the following tactics should be considered as a means to reduce the hours required for the services your team provides.

    Upskill Your Staff

    If full-scale training is not an option, see if there are individual skills that could be improved to help improve time to completion for your services. Use Info-Tech's blueprint Close the InfoSec Skills Gap to determine which skills are needed for your security team.

    Improve Process Familiarity

    In some organizations, especially low-maturity ones, problems can arise simply because there is a lack of familiarity with what needs to be done. Review the process, socialize it, and make sure your staff can execute in within the target time allotment.

    Add Technology

    Resourcing crunch or not, technology can help us do things better. Investigate whether automation software might help to shave a few hours off a given service. Use Info-Tech's blueprint Build a Winning Business Process Automation Playbook to optimize and automate your business processes with a user-centric approach.

    Download the blueprint Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan

    Download the blueprint Build a Winning Business Process Automation Playbook

    Info-Tech Insight

    Every minute counts. While using these strategies may not solve every resourcing crunch you have, they can help put you in the best position possible to deliver on your commitments for each service.

    Plan for employee turnover

    Cybersecurity skills are in high demand; practitioners are few. The reality is that experienced security personnel have a lot of opportunities. While we cannot control for the personal reasons employees leave jobs, we can address the professional reasons that cause them to leave.

    Fair wage

    Reasonable expectations

    Provide training

    Defined career path

    It’s a sellers’ market for cybersecurity skills these days. Higher-paying offers are one of the major reasons security leaders leave their jobs (ISSA, 2021).

    Many teams lose out on good talent simply because they have unrealistic expectations, seeking 5+ years experience for an entry-level position, due to misalignment with HR (TECHNATION, 2021).

    Technology is changing (and being adopted) faster than security professionals can train on it. Ongoing training is needed to close these gaps (ISO, 2021).

    People want to see where they are now, visualize where they will be in the future, and understand what takes to get there. This helps to determine what types of training and specialization are necessary (DigitalGuardian, 2020).

    Use Info-Tech’s blueprint Build a Strategic IT Workforce Plan to help staff your security organization for success.

    The image contains a screenshot of the Build a Strategic IT Workforce Plan.

    Download blueprint Build a Strategic IT Workforce Plan

    Summary of Accomplishment

    Problem Solved

    You have now successfully identified your business and security drivers, determined what services your security program will provide, and determined your resourcing plan to meet these demands over the next three years.

    As needs change at your organization, don’t forget to re-evaluate the decisions you’ve made. Don’t forget that outsourcing a service may be the most reliable way to provide and resource it. However, this is just one tool among many that should be considered, along with upskilling, process improvement/familiarity, and process automation.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com

    1-888-670-8889

    Research Contributors and Experts

    The image contains a picture of George Al-Koura.

    George Al-Koura

    CISO

    Ruby Life

    The image contains a picture of Brian Barniner.

    Brian Barniner

    Head of Decision Science and Analytics

    ValueBridge Advisors

    The image contains a picture of Tracy Dallaire.

    Tracy Dallaire

    CISO / Director of Information Security

    McMaster University

    The image contains a picture of Ricardo Johnson.

    Ricardo Johnson

    Chief Information Security Officer

    Citrix

    Research Contributors and Experts

    The image contains a picture of Ryan Rodriguez.

    Ryan Rodriguez

    Senior Manager, Cyber Threat Management

    EY

    The image contains a picture of Paul Townley.

    Paul Townley

    VP Information Security and Personal Technology

    Owens Corning

    13 Anonymous Contributors

    Related Info-Tech Research

    Cost-Optimize Your Security Budget

    Develop Your Security Outsourcing Strategy

    Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan

    Bibliography

    2021 Voice of the CISO Report.” Proofpoint, 2021. Web.

    “2022 Voice of the CISO.” Proofpoint, 2022. Web.

    Brook, Chris. “How to Find and Retain Skilled Cybersecurity Talent.” DigitalGuardian, 17 Sep. 2020. Web.

    “Canadian Cybersecurity Skills Framework” TECHNATION Canada, April 2020. Web.

    “Cybersecurity Skills Crisis Continues for Fifth Year, Perpetuated by Lack of Business Investment.” ISSA, 28 July 2021. Web.

    “Cybersecurity Workforce, National Occupational Standard.” TECHNATION Canada, April 2020. Web.

    Naden, Clare. “The Cybersecurity Skills Gap: Why Education Is Our Best Weapon against Cybercrime.” ISO, 15 April 2021. Web.

    Purse, Randy. “Four Challenges in Finding Cybersecurity Talent And What Companies Can Do About It.” TECHNATION Canada, 29 March 2021. Web.

    Social-Engineer. “Burnout in the Cybersecurity Community.” Security Boulevard, 8 Dec. 2021. Web.

    “State of Cybersecurity 2020.” ISACA, 2020. Web.

    Enable Organization-Wide Collaboration by Scaling Agile

    • Buy Link or Shortcode: {j2store}174|cart{/j2store}
    • member rating overall impact (scale of 10): 8.3/10 Overall Impact
    • member rating average dollars saved: $12,989 Average $ Saved
    • member rating average days saved: 10 Average Days Saved
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • Your organization is realizing benefits from adopting Agile principles and practices in pockets of your organization.
    • You are starting to investigate opportunities to extend Agile beyond these pilot implementations into other areas of the organization. You are looking for a coordinated approach aligned to business priorities.

    Our Advice

    Critical Insight

    • Not all lessons from a pilot project are transferable. Pilot processes are tailored to a specific project’s scope, team, and tools, and they may not account for the diverse attributes in your organization.
    • Control may be necessary for coordination. More moving parts means enforcing consistent cadences, reporting, and communication is a must if teams are not disciplined or lack good governance.
    • Scale Agile in departments tolerable to change. Incrementally roll Agile out in departments where its principles are accepted (e.g. a culture of continuous improvement, embracing failures as lessons).

    Impact and Result

    • Complete an Agile capability assessment of your pilot functional group to gauge anticipated Agile benefits. Identify the business objectives and the group drivers that are motivating a scaled Agile implementation.
    • Understand the challenges that you may face when scaling Agile. Investigate the root causes of inefficiencies that can derail your scaling initiatives.
    • Brainstorm solutions to your scaling challenges and envision a target state for your growing Agile environment. Your target state will discover new opportunities to drive more business value and eliminate current activities driving down productivity.
    • Coordinate the implementation and execution of scaling Agile initiatives with a Scaling Agile Playbook. This organic and collaborative document will lay out the process, roles, goals, and objectives needed to successfully manage your Agile environment.

    Enable Organization-Wide Collaboration by Scaling Agile Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should scale up Agile, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Gauge readiness to scale up Agile

    Evaluate the readiness of the pilot functional group and Agile development processes to adopt scaled Agile practices.

    • Enable Organization-Wide Collaboration by Scaling Agile – Phase 1: Gauge Readiness to Scale Up Agile
    • Scaling Agile Playbook Template
    • Scrum Development Process Template

    2. Define scaled Agile target state

    Alleviate scaling issues and risks and introduce new opportunities to enhance business value delivery with Agile practices.

    • Enable Organization-Wide Collaboration by Scaling Agile – Phase 2: Define Scaled Agile Target State

    3. Create implementation plan

    Roll out scaling Agile initiatives in a gradual, iterative approach and define the right metrics to demonstrate success.

    • Enable Organization-Wide Collaboration by Scaling Agile – Phase 3: Create Implementation Plan
    [infographic]

    Workshop: Enable Organization-Wide Collaboration by Scaling Agile

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Gauge Your Readiness to Scale Up Agile

    The Purpose

    Identify the business objectives and functional group drivers for adopting Agile practices to gauge the fit of scaling Agile.

    Select the pilot project to demonstrate the value of scaling Agile.

    Review and evaluate your current Agile development process and functional group structure.

    Key Benefits Achieved

    Understanding of the notable business and functional group gaps that can derail the scaling of Agile.

    Selection of a pilot program that will be used to gather metrics to continuously improve implementation and obtain buy-in for wider rollout.

    Realization of the root causes behind functional group and process issues in the current Agile implementation.

    Activities

    1.1 Assess your pilot functional group

    Outputs

    Fit assessment of functional group to pilot Agile scaling

    Selection of pilot program

    List of critical success factors

    2 Define Your Scaled Agile Target State

    The Purpose

    Think of solutions to address the root causes of current communication and process issues that can derail scaling initiatives.

    Brainstorm opportunities to enhance the delivery of business value to customers.

    Generate a target state for your scaled Agile implementation.

    Key Benefits Achieved

    Defined Agile capabilities and services of your functional group.

    Optimized functional group team structure, development process, and program framework to support scaled Agile in your context.

    Identification and accommodation of the risks associated with implementing and executing Agile capabilities.

    Activities

    2.1 Define Agile capabilities at scale

    2.2 Build your scaled Agile target state

    Outputs

    Solutions to scaling issues and opportunities to deliver more business value

    Agile capability map

    Functional group team structure, Agile development process and program framework optimized to support scaled Agile

    Risk assessment of scaling Agile initiatives

    3 Create Your Implementation Plan

    The Purpose

    List metrics to gauge the success of your scaling Agile implementation.

    Define the initiatives to scale Agile in your organization and to prepare for a wider rollout.

    Key Benefits Achieved

    Strategic selection of the right metrics to demonstrate the value of scaling Agile initiatives.

    Scaling Agile implementation roadmap based on current resource capacities, task complexities, and business priorities.

    Activities

    3.1 Create your implementation plan

    Outputs

    List of metrics to gauge scaling Agile success

    Scaling Agile implementation roadmap

    Achieve IT Spend & Staffing Transparency

    • Buy Link or Shortcode: {j2store}75|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Cost & Budget Management
    • Parent Category Link: /cost-and-budget-management
    • IT spend has increased in volume and complexity, but how IT spend decisions are made has not kept pace.
    • In most organizations, technology has evolved faster than the business’ understanding of what it is, how it works, and what it can do for them.
    • How traditional financial accounting methods are applied to IT expenditure don’t align well to modern IT realities.
    • IT is often directed to make cuts when cost optimization and targeted investment are what’s really needed to sustain and grow the organization in the long term.

    Our Advice

    Critical Insight

    • Meaningful conversations about IT spend don’t happen nearly as frequently as they should. When they do happen, they are often inhibited by a lack of IT financial management (ITFM) maturity combined with the absence of a shared vocabulary between IT, the CFO, and other business function leaders.
    • Supporting data about actual technology spend taking place that would inform decision making is often scattered and incomplete.
    • Creating transparency in your IT financial data is essential to powering collaborative and informed technology spend decisions.

    Impact and Result

    • Understand the uses and benefits of making your IT spend more transparent.
    • Discover and organize your IT financial data.
    • Map your organization’s total technology spend against four IT stakeholder views: CFO, CIO, CXO, and CEO.
    • Gain vocabulary and facts that will help you tell the true story of IT spend.

    Members may also be interested in Info-Tech's IT Spend & Staffing Benchmarking Service.

    Achieve IT Spend & Staffing Transparency Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Achieve IT Spend & Staffing Transparency Deck – A detailed, do-it-yourself framework and process for clearly mapping your organization’s total technology spend.

    This deck mirrors Info-Tech’s own internal methods for delivering its IT Spend & Staffing Benchmarking Service in a do-it-yourself format. Based on Info-Tech’s proven ITFM Cost Model, it includes an IT spend mapping readiness assessment, expert advice for sourcing and organizing your financial data, a methodology for mapping IT staff and vendor spend according to four key stakeholder views (CFO, CIO, CXO, and CEO), and guidance on how to analyze and share your results.

    • Achieve IT Spend & Staffing Transparency Storyboard

    2. IT Spend & Staffing Transparency Workbook – A structured Excel tool that allows you to allocate your IT spend across four key stakeholder views and generate high-impact visualizations.

    This workbook offers a step-by-step approach for mapping and visualizing your organization’s true IT spend.

    • IT Spend & Staffing Transparency Workbook

    3. IT Spend & Staffing Transparency Executive Presentation Template – A PowerPoint template that helps you summarize and showcase key results from your IT spend transparency exercise.

    This presentation template offers a recommended structure for introducing key executive stakeholders to your organization’s true IT spending behavior and IT financial management as a whole.

    • IT Spend & Staffing Transparency Executive Presentation Template

    Infographic

    Further reading

    Achieve IT Spend & Staffing Transparency

    Lay a foundation for meaningful conversations with the business.

    Analyst Perspective

    Take the first step in your IT spend journey.

    Talking about money is hard. Talking to the CEO, CFO, and other business leaders about money is even harder, especially if IT is seen as just a cost center, is not understood by stakeholders, or is simply taken for granted. In times of economic hardship, already lean IT operations are tasked with becoming even leaner.

    When there's little fat to trim, making IT spend decisions without understanding the spend's origin, location, extent, and purpose can lead to mistakes that weaken, not strengthen, the organization.

    The first step in optimizing IT spend decisions is setting a baseline. This means having a comprehensive and transparent view of all technology spend, organization-wide. This baseline is the only way to have meaningful, data-driven conversations with stakeholders and approvers around what IT delivers to the business and the implications of making changes to IT funding.

    Before stepping forward in your IT financial management journey, know exactly where you're standing today.

    Jennifer Perrier, Principal Research Director, ITFM Practice

    Jennifer Perrier
    Principal Research Director, ITFM Practice
    Info-Tech Research Group

    Executive Summary

    Your Challenge Common Obstacles Info-Tech's Approach
    IT spend has increased in volume and complexity, but how IT spend decisions are made has not kept pace:
    • Technology has evolved faster than the business' understanding of what it is, how it works, and what it can do for them.
    • How traditional financial accounting methods are applied doesn't align well to modern IT realities.
    • IT is directed to make cuts when cost optimization and targeted investment are what's really needed to sustain and grow the organization in the long-term.
    Meaningful conversations about IT spend don't happen nearly as much as they should. This is often due to:
    • A lack of maturity in how ITFM (IT financial management) is executed within IT and across the organization as a whole.
    • The absence of a shared vocabulary between IT, the CFO, and other business function leaders.
    • Scattered and incomplete data about the actual technology spend taking place in the organization.
    Lay a foundation for meaningful conversations and informed decision-making around IT spend.
    • Understand the uses and benefits of making your IT spend more transparent.
    • Discover and organize your IT financial data.
    • Map your organization's total technology spend against four IT stakeholder views: CFO, CIO, CXO, and CEO.
    • Gain both vocabulary and facts that will help you tell the true story of IT spend.

    Info-Tech Insight
    Create transparency in your IT financial data to power both collaborative and informed technology spend decisions.

    IT spend has grown alongside IT complexity

    IT spend has grown alongside IT complexity

    Growth creates change ... and challenges

    IT has become more integral to business operations and achievement of strategic goals, driving complexity in how IT funds are allocated and managed.

    How IT funds are spent has changed
    Value demonstration is two-pronged. The first is return on performance investment, focused on formal and objective goals, metrics, and KPIs. The second is stakeholder satisfaction, a more subjective measure driven by IT-business alignment and relationship. IT leaders must do both well to prove and promote IT's value.
    Funding decision cadence has sped up
    Many organizations have moved from three- to five-year strategic planning cycles to one-year planning horizons or less, most noticeably since the 2008/2009 recession. Not only has the pace of technological change accelerated, but so too has volatility in the broader business and economic environments, forcing rapid response.
    Justification rigor around IT spend has increased
    The need for formal business cases, proposals, and participation in formal governance processes has increased, as has demand for financial transparency. With many IT departments still reporting into the CFO, there's no getting around it - today's IT leaders need to possess financial management savvy.
    Clearly showing business value has become priority
    IT spend has moved from the purchase of discrete hardware and software tools traditionally associated with IT to the need to address larger-scale issues around interoperability, integration, and virtualized cloud solutions. Today's focus is more on big-picture architecture than on day-to-day operations.

    ITFM capabilities haven't grown with IT spend

    IT still needs to prove itself.

    Increased integration with the core business has made it a priority for the head of IT to be well-versed in business language and practice, specifically in the areas of measurement and financial management.

    However, IT staff across all industries aren't very confident in how well IT is doing in managing its finances via three core processes:

    • Accounting of costs and budgets.
    • Optimizing costs to gain the best return on investment.
    • Demonstrating IT's value to the business.

    Recent data from 4,137 respondents to Info-Tech's IT Management & Governance Diagnostic shows that while most IT staff feel that these three financial management processes are important, notably fewer feel that IT management is effective at executing them.

    IT leadership's capabilities around fundamental cost data capture appear to be lagging, not to mention the essential value-added capabilities around optimizing costs and showing how IT contributes to business value.

    Graph of Cost and Budget Management

    Graph of Cost Optimization

    Questions for support transition

    Source: IT Management & Governance Diagnostic, Info-Tech Research Group, 2022.

    Take the perspective of key IT stakeholders as a first step in ITFM capability improvement

    Other business unit leaders need to deliver on their own specific and unique accountabilities. Create true IT spend transparency by accounting for these multiple perspectives.

    Exactly how is IT spending all that money we give them?
    Many IT costs, like back-end infrastructure and apps maintenance, can be invisible to the business.

    Why doesn't my department get more support from IT?
    Some business needs won't align with spend priorities, while others seem to take more than their fair share.

    Does the amount we spend on each IT service make sense?
    IT will get little done or fall short of meeting service level requirements without appropriate funding.

    I know what IT costs us, but what is it really worth?
    Questions about value arise as IT investment and spend increase. How to answer these questions is critical.

    At the end of the day, telling IT's spend story to the business is a significant challenge if you don't understand your audience, have a shared vocabulary, or use a repeatable framework.

    Mapping your IT spend against a reusable framework helps generate transparency

    A framework makes transparency possible by simplifying methods, creating common language, and reducing noise.

    However, the best methodological framework won't work if the materials and information plugged into it are weak. With IT spend, the materials and information are your staff and your vendor financial data. To achieve true transparency, inputs must have the following three characteristics:

    Availability Reliability Usability
    The data and information are up-to-date and accessible when needed. The data and information are accurate, complete, and verifiable. The data and information are clearly defined, consistently and predictably organized, consumable, and meaningful for decision-making.

    A framework is an organizing principle. When it comes to better understanding your IT spend, the things being organized by a framework are your method and your data.

    If your IT spend information is transparent, you have an excellent foundation for having the right conversations with the right people in order to make strategically impactful decisions.

    Info-Tech's approach enables meaningful dialogue with stakeholders about IT spend

    View of meaningful dialogue with stakeholders about IT spend

    Investing time in preparing and mapping your IT spend data enables better IT governance

    While other IT spend transparency methods exist, Info-Tech's is designed to be straightforward and tactical.

    Info-Tech method for IT spend transparency

    Put your data to work instead of being put to work by your data.

    Introducing Info-Tech's methodology for creating transparency on technology spend

    1. Know your objectives 2. Gather required data 3. Map your IT staff spend 4. Map your IT vendor spend 5. Identify implications for IT
    Phase Steps
    1. Review your business context
    2. Set IT staff and vendor spend transparency objectives
    3. Assess effort and readiness
    1. Collect IT staff spend data
    2. Collect IT vendor spend data
    3. Define industry-specific CXO Business View categories
    1. Categorize IT staff spend in each of the four views
    2. Validate
    1. Categorize IT vendor spend in each of the four views
    2. Validate
    1. Analyze your findings
    2. Craft your key messages
    3. Create an executive presentation
    Phase Outcomes Goals and scope for your IT spend and staffing transparency effort. Information and data required to perform the IT staff and vendor spend transparency initiative. A mapping of the allocation of IT staff spend across the four views of the Info-Tech ITFM Cost Model. A mapping of the allocation of IT vendor spend across the four views of the Info-Tech ITFM Cost Model. An analysis of your results and a presentation to aid your communication of findings with stakeholders.

    Insight Summary

    Overarching insight
    Take the perspective of key stakeholders and lay out your organization's complete IT spend footprint in terms they understand to enable meaningful conversations and start evolving your IT financial management capability.

    Phase 1 insight
    Your IT spend transparency efforts are only useful if you actually do something with the outcomes of those efforts. Be clear about where you want your IT transparency journey to take you.

    Phase 2 insight
    Your IT spend transparency efforts are only as good as the quality of your inputs. Take the time to properly source, clean, and organize your data.

    Phase 3 insight
    Map your IT staff spend data first. It involves work but is relatively straightforward. Practice your mapping approach here and carry forward your lessons learned.

    Phase 4 insight
    The importance of good, usable data will become apparent when mapping your IT vendor spend. Apply consistent and meaningful vendor labels to enable true aggregation and insight.

    Phase 5 insight
    Communicating your final IT spend transparency mapping with executive stakeholders is your opportunity to debut IT financial management as not just an IT issue but an organization-wide concern.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals.

    Use this tool in Phases 1-4

    IT Spend & Staffing Transparency Workbook

    Input your IT staff and vendor spend data to generate visual outputs for analysis and presentation in your communications.

    Key deliverable:

    IT Spend & Staffing Transparency Executive Presentation

    Create a showcase for your newly-transparent IT staff and vendor spend data and present it to key business stakeholders.

    Use this tool in Phase 5

    IT and business blueprint benefits

    IT Benefits Business Benefits
    • Gain insight into exactly where you're spending IT funds on hardware, software, service providers, and the workforce.
    • Understand how much it's costing IT to deliver specific IT services.
    • Illustrate differences in business consumption of IT spend.
    • Learn the ratio of spend allocated to innovation vs. growth vs. keeping the lights on (KTLO).
    • Develop a series of core IT spend metrics including IT spend as a percent of revenue, IT spend per organization employee, and IT spend per IT staff member.
    • Create a complete IT spend baseline to serve as a foundation for future benchmarking, cost optimization, and other forms of IT financial analysis.
    • Understand the relative allocation of IT spend across capital vs. operational expenditure.
    • See the degree to which IT differentially supports and enables organizational goals, strategies, and functions.
    • Have better data for informing the organization's IT spend allocation and prioritization decisions.
    • Gain better visibility into real-life IT spending behaviors, cadences, and patterns.
    • Identify potential areas of spend waste as well as underinvestment.
    • Understand the true value that IT brings to the business.

    Measure the value of this blueprint

    You will know that your IT spend and staffing transparency effort is succeeding when:

    • Your understanding of where technology funds are really being allocated is comprehensive.
    • You're having active and meaningful dialogue with key stakeholders about IT spend issues.
    • IT spend transparency is a permanent part of your IT financial management toolkit.

    In phase 1 of this blueprint, we will help you identify initiatives where you can leverage the outcomes of your IT spend and staffing transparency effort.

    In phases 2, 3, and 4, we will guide you through the process of mapping your IT staff and vendor spend data so you can generate your own IT spend metrics based on reliable sources and verifiable facts.

    Win #1: Knowing how to reliably source the financial data you need to make decisions.

    Win #2: Getting your IT spend data in an organized format that you can actually analyze.

    Win #3: Having a framework that puts IT spend in a language stakeholders understand.

    Win #4: Gaining a practical starting point to mature ITFM practices like cost optimization.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit Guided Implementation Workshop Consulting
    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    Info-Tech recommends the following calls in your Guided Implementation.

    Phase 1: Know your objectives Phase 2: Gather required data Phase 3: Map your IT staff spend Phase 4: Map your IT vendor spend Phase 5: Identify implications for IT
    Call #1: Discuss your IT spend and staffing transparency objectives and readiness. Call #2: Review spend and staffing data sources and identify data organization and cleanup needs. Call #3: Review your mapped IT staff spend and resolve lingering challenges. Call #4: Review your mapped IT vendor spend and resolve lingering challenges. Call #5: Analyze your mapping outputs for opportunities and devise next steps.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between four to six calls over the course of two to three months.

    Want even more help with your IT spend transparency effort?

    Let us fast-track your IT spend journey.

    The path to IT financial management maturity starts with knowing exactly where your money is going. To streamline this effort, Info-Tech offers an IT Spend & Staffing Benchmarking service that provides full transparency into where your money is going without any heavy lifting on your part.

    This unique service features:

    • A client-proven approach to meet your IT spend transparency goals.
    • Vendor and staff spend mapping that reveals business consumption of IT.
    • Industry benchmarking to compare your spending and staffing to that of your peers.
    • Results in a fraction of the time with much less effort than going it alone.
    • Expert review of results and ongoing discussions with Info-Tech analysts.

    If you'd like Info-Tech to pave the way to IT spend transparency, contact your account manager for more information - we're happy to talk anytime.

    Phase 1

    Know Your Objectives

    This phase will walk you through the following activities:

    • Establish IT spend and staffing transparency uses and objectives
    • Assess your readiness to tackle IT spend and staffing transparency

    This phase involves the following participants:

    • Head of IT
    • IT financial lead
    • Other members of IT management

    Phase 1: Know your objectives

    Envision what transparency can do.

    You're at the very beginning of your IT spend transparency journey. In this phase you will:

    • Set your objectives for making your IT spend and staffing transparent.
    • Assess your readiness to tackle the exercise and gauge how much work you'll need to do in order to do it well.

    "I've heard this a lot lately from clients: 'I've got my hands on this data, but it's not structured in a way that will allow me to make any decisions about it. I have these journal entries and they have some accounting codes, GL descriptors, cost objects, and some vendors, but it's not enough detail to make any decisions about my services, my applications, my asset spend.'"
    - Angie Reynolds, Principal Research Director, ITFM Practice, Info-Tech Research Group

    Transparency positively enables both business outcomes and the practice of business ethics

    However, transparency's real superpower is in how it provides fact-based context.

    • More accurate and relevant data for decision-making.
    • Better managed and more impactful financial outcomes.
    • Increased inclusion of people in the decisions that affect them.
    • Clearer accountabilities for organizational efficiency and effectiveness goals.
    • Concrete proof that business priorities and decisions are being acted on and implemented.
    • Greater trust and respect between IT and the business.
    • Demonstration of integrity in how funds are being used.

    IT spend transparency efforts are only useful if you actually do something with the outputs

    Identify in advance how you plan to leverage IT spend transparency outcomes.

    CFO expense view

    • Demonstrate actual IT costs at the right level of granularity.
    • Update/change the categories finance uses to track IT spend.
    • Adjust the expected CapEx/OpEx ratio.

    CXO business view

    • Calculate consumption of IT resources by department.
    • Implement a showback/chargeback mechanism.
    • Change the funding conversation about proposed IT projects.

    CIO service view

    • Calculate the total cost to deliver a specific IT service.
    • Adjust the IT service spend-to-value ratio as per business priorities.
    • Rightsize IT service levels to reflect true value to the business.

    CEO innovation view

    • Formalize the organization's position on use of cloud/outsourcing.
    • Reduce the portion of spend dedicated to "keeping the lights on."
    • Develop a plan for boosting commitment to innovation investment.

    When determining your end objectives, think about the real questions IT is being asked by the business and how IT spend transparency will help you answer them.

    CFO: Financial accounting perspective

    IT spend used to be looked at from a strictly financial accounting perspective - this is the view of the CFO and the finance department. Their question, "exactly how is IT spending all that money we give them," is really about how money is distributed across different asset classes. This question breaks down into other questions that IT leaders needs to ask themselves in order to provide answers:

    • How should I classify my IT costs? What are the standard categories you need to have that are meaningful to folks crunching the corporate numbers? If you're too detailed, it won't make sense to them. If you pick outmoded categories, you'll have to adjust in the future as IT evolves, which makes tracking year-over-year spend patterns harder.
    • What information should I include in my plans and reports? This is about two things. One is about communicating with the finance department in language that reduces back-and-forth and eliminates misinterpretation. The other is about aligning with the categories the finance department uses to track financial data in the general ledger.
    • How do I justify current spend? This is about clarity and transparency. Specifically itemizing spend into categories that are meaningful for your audience does a lot of justification work for you since you don't have to re-explain what everything means.
    • How do I justify a budget increase? In a declining economy, this question may not be appropriate. However, establishing a baseline puts you in a better position to discuss spend requirements based on past performance and to focus the conversation.

    Exactly how is IT spending all that money we give them?

    Example
    Asset Class % IT Spend
    Workforce 42.72%
    Software - Cloud 9.26%
    Software - On Prem 13.61%
    Hardware - Cloud 0.59%
    Hardware - On Prem 15.68%
    Contract Services 18.14%
    Info-Tech IT Spend & Staffing Studies, 2022.

    CIO: IT operations management perspective

    As the CIO role was adopted, IT spend was viewed from the IT operations management perspective. Optimizing the IT delivery model is a critical step to reducing time to provision services. For the IT leader, the questions they need to ask themselves are:

    • What's the impact of cloud adoption on speed of delivery? Leveraging a SaaS solution can reduce time to deployment as well as increase your ability to scale; however, integration with other functionality will still be a challenge that will incur costs.
    • Where can I improve spend efficiency? This is about optimizing spend in your IT delivery model. What service levels does the business require and what's the most cost-effective way to meet those levels without incurring significant technical debt?
    • Is my support model optimized? By reviewing where support staff are focused and which services are using most of your resources, you can investigate underlying drivers of your staffing requirements. If staff costs in support of a business function are high, perhaps the portfolio of applications needs to be reviewed.
    • How does our spend compare to others? Benchmarking against peers is a useful input, but reflects common practice, not best practice. For example, if you need to invest in IT security, your entire industry is lagging on this front, and you happen to be doing slightly better than most, then bringing forth this benchmark won't help you make the case. Starting with year-over-year internal benchmarking is essential - establish your categories, establish your baseline, and track it consistently.

    Does the amount we spend on each IT service make sense?

    Example
    Service Area % IT Spend
    App Development 9.06%
    App Maintenance 30.36%
    Hosting/Network 25.39%
    End User 18.59%
    Data & BI 3.58%
    Security & Risk 5.21%
    IT Management 7.82%
    Info-Tech IT Spend & Staffing Studies, 2022.

    CXO: Business unit perspective

    As business requests have increased, so too has the importance of the business unit perspective. Each business function has a unique mandate to fulfill in the organization and also competes with other business functions for IT resources. By understanding business consumption of IT, organizations can bring transparency and drive a different dialog with their business partners. Every IT leader should find out the answers to these questions:

    • Which business units consume the most IT resources? By understanding consumption of IT by business function, IT organizations can clearly articulate which business units are getting the highest share of IT resources. This will bring much needed clarity when it comes to IT spend prioritization and investment.
    • Which business units are underserved by IT? By providing full transparency into where all IT spend is consumed, organizations can determine if certain business functions may need increased attention in an upcoming budget cycle. Knowing which levers to pull is critical in aligning IT activities with delivering business value.
    • How do I best communicate spend data internally? Different audiences need information presented to them differently. This is not just about the language - it's also about the frequency, format, and channel you use. Ask your audiences directly what methods of communication stand the best chance of you being seen and heard.
    • Where do I need better business sponsorship for IT projects? If a lot of IT spend is going toward one or two business units, the leaders of those units need to be active sponsors of IT projects and associated spend that will benefit all users.

    Why doesn't my business unit get more support from IT?

    Example
    Business Function % IT Spend
    HR Department 6.16%
    Finance Department 15.15%
    IT Department 10.69%
    Business Function 1 23.80%
    Business Function 2 10.20%
    Business Function 3 6.80%
    Business Function 4 27.20%
    Source: Info-Tech IT Spend & Staffing Studies, 2022.

    CEO: Strategic vs. operations perspective

    With a business view now available, evaluating IT spend from a strategic standpoint is critical. Simply put, how much is being spent keeping the lights on (KTLO) in the organization versus supporting business or organizational growth versus net-new business innovations? This view is not about what IT costs but rather how it is being prioritized to drive revenue, operating margin, or market share. Here are the questions IT leaders should be asking themselves along with the organization's executive leadership and the CEO:

    • Why is KTLO spend so high? This question is a good gauge of where the line is drawn between operations and strategy. Many IT departments want to reduce time spent on maintenance and redeploy resource investment toward strategic projects. This reallocation must include retiring or eliminating technologies to free up funds.
    • What should our operational spend priorities be? Maintenance and basic operations aren't going anywhere. The issue is what is necessary and what could be done more wisely. Are you throwing good money after bad on a high-maintenance legacy system?
    • Which projects and investments should we prioritize? The answer to this question should tightly align with business strategic goals and account for the lion's share of growth and innovation spend.
    • Are we spending enough on innovative initiatives? This is the ultimate dialogue between business partners, the CEO, and IT that needs to take place, yet often doesn't.

    I know what IT costs us, but what is it really worth?

    Example
    Focus Area % IT Spend
    KTLO 89.16%
    Grow 7.18%
    Innovate 3.66%
    Info-Tech IT Spend Studies, 2022.

    Be clear about where you want your IT spend transparency journey to take you in real life

    Transparent IT spend data will allow you to have conversations you couldn't have before. Consider this example of how telling an IT spend story could evolve.

    I want to ...
    Analyze the impact of the cloud on IT operating expenditure to update finance's expectations of a realistic IT CapEx/OpEx ratio now and into the future.

    To address the problem of ...

    • Many of our key software vendors have eliminated on-premises products and only offer software as an OpEx service.
    • Assumptions that modern IT solutions are largely on-premises and can be treated as capitalizable assets are out-of-date and don't reflect IT financial realities.

    And will use transparency to ...

    • Provide the CFO with specific, accurate, and annotated OpEx by product/service and vendor for all cloud-based and on-premises solutions.
    • Facilitate a realistic calculation of CapEx/OpEx distribution based on actuals, as well as let us develop defendable projections of OpEx into the future based on typical annual service fee increases and anticipated growth in the number of users/licenses.

    1.1 Establish ITFM objectives that leverage IT spend transparency

    Duration: One hour

    1. Consider the problems or issues commonly voiced by the business about IT, as well as your own ongoing challenges in communicating with stakeholders. Document these problems/issues as questions or statements as spoken by a person. To help structure your brainstorming, consider these general process domains and examples:
      1. Spend tracking and reporting. E.g. Why is IT's OpEx so high? We need you to increase IT's percentage of CapEx.
      2. Service levels and business continuity. E.g. Why do we need to hire more service desk staff? There are more of them in IT than any other role.
      3. Project and operations resourcing. E.g. Why can't IT just buy this new app we want? It's not very expensive.
      4. Strategy and innovation. E.g. Did output increase or decrease last quarter per input unit? IT should be able to run those reports for us.
    2. For each problem/issue noted, identify:
      1. The source(s) of the question/concern (e.g. CEO, CFO, CXO, CIO).
      2. The financial process involved (e.g. accurate costing, verification of costs, building a business case to invest).
    3. For each problem/issue, identify a broader project-style initiative where having transparent IT spend data is a valuable input. One initiative may apply to multiple problems/issues. For each initiative:
      1. Give it a working title.
      2. State the goal for the initiative with reference to ITFM aspirations.
      3. Identify key stakeholders (these will likely overlap with the problem/issue source).
      4. Set general time frames for resolution.

    Document your outputs on the slide immediately following the instruction slides for this exercise. Examples are included.

    1.1 Establish ITFM objectives that leverage IT spend transparency

    Input Output
    • Organizational knowledge
    • List of the potential uses and objectives of transparent IT spend and staffing data
    Materials Participants
    • Whiteboard/flip charts
    • Head of IT
    • IT financial lead

    ITFM initiatives that leverage transparency

    Problem/Issue Statement Source/ Stakeholder Associated ITFM Process Potential Initiative Initiative Goal Time Frame
    "Why is IT's OpEx so high? We need you to increase IT's percentage of CapEx." CFO IT spend categorization and reporting. Analyze the impact of the cloud on IT operating expenditure. To update finance's expectations of a realistic IT CapEx/OpEx ratio. <12 months
    "Why do we need to hire more service desk staff? There are more of them in IT than any other role." CFO, VP of HR Business case for hiring IT staff. Document ongoing IT support requirements for proposed ERP platform migration project. To ensure sufficient resources for an anticipated increase in service desk tickets due to implementation of a new ERP system. 1-3 months
    "Why can't IT just buy this new app we want? It's not very expensive." CEO, all CXOs/VPs Total cost of technology ownership. Develop a mechanism to review the lifecycle impact on IT of proposed technology purchases. To determine if functionality of new tool already exists in the org. and the total cost of ownership of a new app. <6 months
    "Did output increase or decrease last quarter per input unit? IT should be able to run those reports for us." CEO, CFO, VP of Production IT service costing. Develop an organizational business intelligence strategy. To create a comprehensive plan for evolving BI capability in the organization and transferring report development to users. Select a department for pilot. <12 months

    Your organization's governance culture will affect how you approach transparency

    Know your governance culture Lower Governance
    • Few regulations.
    • Financial reporting is largely internal.
    • Change is frequent and rapid.
    • Informal or nonexistent mechanisms and structures.
    • Data sharing behavior driven by competitive concerns.
    Higher Governance
    • Many regulations.
    • Stringent and regular external reporting requirements.
    • Change is limited and/or slow.
    • Defined and established mechanisms and structures.
    • Data sharing behavior driven by regulatory concerns.
    Determine impact on opportunities How does your governance culture impact IT spend transparency opportunities?
    Resistance to formality and bureaucracy Resistance to change and uncertainty
    Set expectations and approach You have plenty of room to implement transparency rigor within the confines of IT, but getting others to give you the time and attention you want will be a challenge. One-on-one, informal relationship building to create goodwill and dialogue is needed before putting forth recommendations or numbers. Many existing procedures must be accommodated and respected. While you can benefit by working with preexisting mechanisms and touchpoints, expect any changes you want to make to things like IT cost categories or CapEx/OpEx ratios to require a lot of time, meetings, and case-making.

    IT's current maturity around ITFM practice will also affect your approach to transparency

    Know your ITFM maturity level Lower ITFM Maturity
    • No/few formal policies, standards, or procedures exist.
    • There is little/no formal education or experience within IT around budget, costing, charging, or accounting practices.
    • Financial reporting is sporadic and inconsistent in its contents.
    • Business cases are rarely used in decision-making.
    • Financial data is neither reliable nor readily available.
    Higher ITFM Maturity
    • Formal policies, standards, and procedures are enforced organization-wide for all financial management activities.
    • Formally-trained accountants are embedded within IT.
    • Financial reporting is regular, scheduled, and defined.
    • Business cases are leveraged in most decision-making activities.
    • Financial data is governed, centralized, and current.
    Determine stakeholders' financial literacy How does your degree of ITFM maturity impact IT spend transparency opportunities?
    Improve your own financial literacy first Determine stakeholders' financial literacy
    Set expectations and approach Brush up on core financial management and accounting concepts before taking the discussion beyond IT's walls. Do start mapping your costs, but just know how to communicate what the data is saying before sharing it. Not everyone will be at your level, familiar with ITFM language and concepts, or focused on the same things you are. Gauge where your audience is at so you can prepare for meaningful dialogue.

    1.2 Assess your readiness to tackle IT spend transparency

    Duration: One hour

    Note: This assessment is general in nature. It's intended to help you identify and prepare for potential challenges in your IT spend and staffing transparency effort.

    1. Rate your agreement with the "Data & Information" and "Experience, Expertise, & Support" statements listed on the slide immediately following the two instruction slides for this exercise. For each statement, indicate the extent to which you agree or disagree, where:
      1. 1 = Strongly disagree
      2. 2 = Disagree
      3. 3 = Neither agree nor disagree
      4. 4 = Agree
      5. 5 = Strongly agree
    2. Add up your numerical scores for all statements, where the highest possible score is 65.
    3. Assess your general readiness against the following guidelines:
      1. 50-65: Ready. The transparency exercise will involve work, but should be straightforward since you have the data, skills, tools, processes, and support to do it.
      2. 40-49: Ready, with caveats. The transparency exercise is doable but will require some preparatory legwork and investigation on your part around data sourcing, organization, and interpretation.
      3. 30-39: Challenged. The transparency exercise will present some obstacles. Expect to encounter data gaps, inconsistencies, errors, roadblocks, and frustrations that will need to be resolved.
      4. Less than 30: Not ready. You don't have the data, skills, tools, processes, and/or support to do the data transparency exercise. Take time to develop a stronger foundation of financial literacy and governance before tackling it.

    Document your outputs on the slide immediately following the two instruction slides for this exercise.

    1.2 Assess your readiness to tackle IT spend transparency

    InputOutput
    • Organizational knowledge
    • Estimation of IT spend and staffing transparency effort
    MaterialsParticipants
    • Whiteboard/flip charts
    • Head of IT
    • IT financial lead

    IT spend transparency readiness assessment

    Data & Information
    Statement Rating
    We know how to access all IT department spend records.
    We know how to access all non-IT-department technology spend records.
    We know how to access all IT vendor/contractor agreements.
    We know how to access data about our IT staff costs and allocation, such as organizational charts and salaries/benefits.
    Our financial and staffing data is up-to-date.
    Our financial and staffing data are labeled, described, and organized so that we know what they're referring to.
    Our financial and staffing data are in a format that we can easily manipulate (e.g. export, copy and paste, perform calculations).
    Experience, Expertise, & Support
    Statement Rating
    We have sufficient expertise within the IT department to navigate and accurately interpret financial records.
    We have reasonable access to expertise/resources in our finance department to support us in an IT spend transparency exercise.
    We can allocate sufficient time (about 40 hours) and resources in the near term to do an IT spend transparency exercise.
    We have current accountabilities to track and internally report financial information to others on at least a monthly basis.
    There are existing financial policies, procedures, and standards in the organization with which we must closely adhere and comply.
    We have had the experience of participating in, or responding to the results of, an internal or external audit.

    Rating scale:
    1 = Strongly Disagree; 2 = Disagree; 3 = Neither agree nor disagree; 4 = Agree; 5 = Strongly agree
    Assessment scale:
    Less than 30 = Not ready; 30-39 = Challenged; 40-49 = Ready with caveats; 50-65 = Ready

    Take a closer look at the statements you rated 1, 2, or 3. These will be areas of challenge no matter what your total score on the assessment scale.

    Phase 1: Know your objectives

    Achievement summary

    You've now completed the first two steps on your IT spend transparency journey. You have:

    • Set your objectives for making your IT spend and staffing transparent.
    • Assessed your readiness to tackle the exercise and know how much work you'll need to do in order to do it well.

    "Mapping to a transparency model is labor intensive. You can do it once and never revisit it again, but we would never advise that. What it does is play well into an IT financial management maturity roadmap."
    - Monica Braun, Research Director, ITFM Practice, Info-Tech Research Group

    Phase 2

    Gather Required Data

    This phase will walk you through the following activities:

    • Gather, clean, and organize your data
    • Build your industry-specific business views

    This phase involves the following participants:

    • Head of IT
    • IT financial lead
    • Other members of IT management

    Phase 2: Gather required data

    Finish your preparation.

    You're now ready to do the final preparation for your IT spend and staffing transparency journey. In this phase you will:

    • Gather your IT spend and staffing data and information.
    • Clean and organize your data to streamline mapping.
    • Identify your baseline data points.

    "Some feel like they don't have all the data, so they give up. Don't. Every data point counts."
    - Rex Ding, Research Specialist, ITFM Practice, Info-Tech Research Group

    Your IT spend transparency efforts are only as good as the quality of your inputs

    Aim for a comprehensive, complete, and accurate set of data and information.

    Diagram of comprehensive, complete, and accurate set of data and information

    Start by understanding what's included in technology spend

    Info-Tech's ITFM Technology Inventory

    In scope:

    • All network, telecom, and data center equipment.
    • All end-user productivity software and devices (e.g. laptops, peripheral devices, cell phones).
    • Information security.
    • All acquisition, development, maintenance, and management of business and operations software.
    • All systems used for the storage and management of business assets, data, records, and information.
    • All managed IT services.
    • Third-party consulting services.
    • All identifiable spend from the business for the above.

    Expand your thinking: Total tech spend goes beyond what's under IT's operational umbrella

    "Technology" means all technology in the organization regardless of where it lives, who bought it, who owns it, who runs it, or who uses it.

    IT may have low or no visibility into technologies that exist in the broader business environment beyond IT. Accept that you won't gain 100% visibility right now. However, do get started and be persistent.

    Where to look for non-IT technology ...

    • Highly specialized business functions - niche tools that are probably used by only a few people.
    • Power users and the "underserved" - cloud-based workflow, communication, and productivity tools they got on their own.
    • Operational technology - network-connected industrial, building, or physical security sensors and control systems.
    • Recently acquired/merged entities - inherited software.

    Who might get you what you need ...

    • Business unit and team leaders - identification of what they use and copies of their spend records and/or contracts.
    • Finance - a report of the "software" expenditure category to spot unrecognized technologies and their owners.
    • Vendors - copies of contracts if not forthcoming internally.
    • Your service desk - informal knowledge gained about unknown technologies at play in the course of doing their job.

    The IT spend and staffing transparency exercise is an opportunity to kick-start a technology discovery process that will give you and the business a true picture of your technology profile, use, and spend.

    Seek out data at the right level of granularity with the right supporting information

    Key data and information to seek out:

    • Credits applied to appropriate debits that show net expense, or detailed descriptions of credits with no matching debit.
    • Cash-based accounting (not accrual accounting). If accrual, will need to determine how to simplify the data for your uses.
    • Vendor names, asset classes, descriptors, and departments.
    • A total spend amount (CapEx + OpEx) that:
      • Aligns with the spend period.
      • Passes your gut check for total IT spend.
      • Includes annual amounts for multi-year contracts (e.g. one year of a three-year Microsoft enterprise agreement).
      • Includes technology spend from the business (e.g. OT that IT supports).
    • Insights on large projects.
    • Consolidated recurring payments, salaries and benefits, and other small expenses.

    Look for these data descriptors in your files:

    • Cost center/accounting unit
    • Cost center/department description
    • GL ACCT
    • CL account description
    • Activity description
    • Status
    • Program/business function/project description
    • Accounting period
    • Transaction amount
    • Vendor/vendor name
    • Product/product name

    Avoid data that's hard to use or problematic as it will slow you down and bring limited benefits

    Spend data that's out of scope:

    • Depreciation/amortization.
    • Gain or loss of asset write-off.
    • Physical security (e.g. key cards, cameras, motion sensors, floodlights).
    • Printer consumables costs.
    • Heating and cooling costs (for data centers).

    Challenging data formats:

    • Large raw data files with limited or no descriptors.
    • Major accounts (hardware and software) combined in the same line item.
    • Line items (especially software) with no vendor reference information.
    • PDF files or screenshots that you can't extract data from readily. Use Excel or CSV files whenever possible.

    Getting at the data you need can be easy or hard – it all depends

    This is where your governance culture and ITFM maturity start to come into play.

    Data source Potential data and information What to expect
    IT Current/past budget, vendor agreements, IT project records, discretionary spend, number of IT employees. The rigor of your ITFM practice and centralization of data and documents will affect how straightforward this is.
    Finance General ledger, cash and income statements, contractor payments and other accounts payable, general revenue. Secure their expertise early. Let them know what you're trying to do and what you need. They may be willing to prepare data for you in the format you need and help you decipher records.
    Purchasing List of vendors/suppliers, vendor agreements, purchase invoices. Purchasing often has more descriptive information about vendors than finance. They can also point you to tech spend in other departments that you didn't know about.
    Human Resources Organizational chart, staff salaries and benefits, number of employees overall and by department. Data about benefits costs is something you're not likely to have, and there's only one place you can reliably get it.
    Other Business Units Non-IT technology spend vendor agreements and purchase invoices, number of department employees. Other departments may be tracking spend in an entirely different way than you. Be prepared to dig and reconcile.

    There may be some data or information you can't get without a Herculean effort. Don't worry about it too much - these items are usually relatively minor and won't significantly affect the overall picture.

    Commit to finding out what you don't know

    Many IT leaders don't have visibility into other departments' technology spend. In some cases, the fact that spend is even happening may be a complete surprise.

    Near-term visibility fix ...

    • Ask your finance department for a report on all technology-related spend categories. "Software" is a broad category that finance departments tend to track. Scan the report for items that don't look familiar and confirm the originating department or approver.
    • Check in with the procurement office. See what technology-related contracts they have on record and which departments "own" them. Get copies of those contracts if possible.
    • Contact individual department heads or technology spend approvers. Devise your contact shortlist based on what you already know or learned from finance and procurement. Position your outreach as a discovery process that supports your transparency effort. Avoid coming across as though you're judging their spend or planning to take over their technologies.

    Long-term visibility fix ...

    • Develop your relationships with other business unit leaders. This will help open the lines of communication permanently.
    • Establish a cross-functional central technology office or group. The main task of this unit is to set and manage technology standards organization-wide, including standards for tracking and documenting technology costs and asset lifecycle factors.
    • Ensure IT is formally involved in all technology spend proposals and plans. This gives IT the opportunity to assess them for security compliance, IT network/system interoperability, manageability, and IT support requirements prior to purchase.
    • Ensure IT is notified of all technology financial transactions. This includes contracts, invoices, and payments for all one-time purchases, subscription fees, and maintenance costs.

    Finally, note any potential anomalies in the IT spend period you're looking at

    No two years have the exact same spend patterns. One-time spend for a big capital project, for example, can dramatically alter your overall spend landscape.

    Look for the following anomalies:

    • New or ongoing capital implementations or projects that span more than one fiscal year.
    • Completed projects that have recently transitioned, or are transitioning, from CapEx (decreasing) to OpEx (increasing).
    • A major internal reorganization or merger, acquisition, or divestiture event.
    • Crises, disasters, or other rare emergencies.
    • Changes in IT funding sources (e.g. new or expiring grants).

    These anomalies often explain why IT spend is unusually high in certain areas. There's often a good business reason.

    In many cases, doing a separate spend transparency exercise for these anomalous projects or events can isolate their costs from other spend so their true nature and impact can be better understood.

    2.1 Gather your input data and information

    Duration: Variable

    1. Develop a complete list of the spending and staffing data and information you need to complete the transparency mapping exercise. For each required item, note the following:
      1. Description of data needed (i.e. type, timeframe, and format).
      2. Ideal timeframe or deadline for receipt.
      3. Probable source(s) and contact(s).
      4. Additional facilitation/support required.
      5. Person on your transparency team responsible for obtaining it.
    2. Set up a data and information repository to store all files as soon as they're received. Ideally, you'll want all data/information files to be in an electronic format so that everything can be stored in one place. Avoid paper documents if possible.
    3. Conduct your outreach to obtain the input data and information on your list. This could include delegating it to a subordinate, sending emails, making phone calls, booking meetings, and so on.
    4. Review the data and information received to confirm that it's the right type of data, at the correct level of granularity, for the right timeframe, in a usable format, and is generally accurate.
    5. Enter documentation about your data and information sources in tab "1. Data & Information Sources" in the IT Spend & Staffing Transparency Workbook to reflect what you needed and where you got it in order to make the discovery process easier in the future.
    6. In the same tab in the IT Spend & Staffing Transparency Workbook, document any significant events that occurred that directly or indirectly impacted the selected year's spend values. These could include mergers/acquisitions/divestitures, major reorganizations or changes in leadership, significant shifts in product offerings or strategic direction, large capital projects, legal/regulatory changes, natural disasters, or changes in the economy.

    Download the IT Spend & Staffing Transparency Workbook

    2.1 Gather your input data and information

    InputOutput
    • Knowledge of potential data and information sources
    • List of data and information required to complete the IT spend and staffing transparency exercise
    MaterialsParticipants
    • Whiteboard/flip charts
    • Head of IT
    • IT financial lead

    Tidy up your data before beginning any spend mapping

    Most organizations aren't immaculate in their tech spend documentation and tracking practices. This creates data rife with gaps that lives in hard-to-use formats.

    The more preparation you do to approach the "good data" intersection point in the diagram below, the easier your mapping effort will be and the more useful and insightful your final findings.

    Venn diagram of good data

    Make your data "un-unique" to reduce the number of line items and make it manageable

    There's a good chance that the IT spend data you've received is in the form of tens of thousands of unique line items. Use the checklist below to help you roll it up.

    Warning: Never overwrite your original data. Insert new columns/rows and put your alternate information in these instead.

    Step 1: Standardize vendor names

    • Start with known large vendors.
    • Select a standard name for the vendor.
    • Brainstorm possible variations on the vendor name, including abbreviations and shortforms.
    • Search for the vendor in your data and document the new standardized vendor name in the appropriate row.
    • Repeat the above for all vendors.
    • Sort the new vendor name column from A-Z. Look for instances where names remain unique or are missing entirely. Reconcile if needed and fill in missing data.

    Step 2: Consolidate vendor spend

    • Sort the new vendor name column from A-Z. Start with vendors that have the most line items.
    • Add together related spend items from a given vendor. Create a new row for the consolidated spend item and flag it as consolidated. Keep the following item types in separate rows:
      • Hardware vs. software spend for the same vendor.
      • Cloud vs. on-premises spend for the same vendor.
    • Repeat the above for all vendors.
    • Consider breaking out separate rows for overly consolidated line items that contain too many different types of IT spend.

    2.2 Clean and organize your data

    Duration: Variable

    1. Check to ensure that you have all data and information required to conduct the IT spend transparency exercise.
    2. Conduct an initial scan to assess the data's current state of hygiene and overall usability. Flag anything of concern and follow up with the data/information provider to fix or reconcile any issues.
    3. Normalize your data to make it easier to work with. This includes selecting data format standards and changing anything that doesn't conform to those standards. This includes items such as date conventions, currencies, and so on.
    4. Standardize product and vendor naming/references throughout to enable searching, sorting, and grouping. For example, Microsoft Office may be variably referred to as "Microsoft", "Office", "Office 365", and "Office365" throughout your data. Pick one descriptor for the product/vendor and replace all related references with that descriptor.
    5. Consolidate and aggregate your data. Ideally, the data you received from your sources has already been simplified; however, you may need to further organize it to reduce the number of individual line items to a more manageable number. The transparency exercise uses relatively high-level categories, so combine data sets and aggregate where feasible without losing appropriate granularity.
    6. Archive any original copies of files that have been modified or replaced with consolidated/aggregated versions for future reference if needed.

    2.2 Clean and organize your data

    InputOutput
    • Data and information files
    • A normalized set of data and information for completing the IT spend and staffing transparency exercise
    MaterialsParticipants
    • Whiteboard/flip charts
    • Head of IT
    • IT financial lead

    Select IT spend "buckets" for the CXO Business View as your final preparatory step

    Every organization has both industry-agnostic and industry-specific lines of business that are the direct beneficiaries of IT spend.

    Common shared business functions:

    • Human resources.
    • Finance and accounting.
    • Sales/customer service.
    • Marketing and advertising.
    • Legal services and regulatory compliance.
    • Information technology.

    It may seem odd to see IT on the business functions list since the purpose of this exercise is to map IT spend. For business view purposes, IT spend refers to what IT spends on itself to support its own internal operations.

    Examples of industry-specific functions:

    • Manufacturing: Product research and development; production operations; supply chain management.
    • Retail banking: Core banking services; loan, mortgage and credit services; investment and wealth management services.
    • Hospitals: Patient intake and admissions; patient diagnosis; patient treatment; patient recovery and ongoing care.
    • Insurance: Actuarial analysis; policy creation; underwriting; claims processing.

    See the Appendix of this blueprint for definitions of shared business functions plus sample industry-specific business view categories.

    Define your CXO Business View categories to set yourself up well for future ITFM analyses

    The CXO Business View buckets you set up today are tools you can and should reuse in your overall approach to ITFM governance. Spend some time to get them right.

    Stay high-level

    Getting too granular invites administrative headaches and overhead. Keep things high-level and general:

    • Limit the number of direct stakeholders represented: This will reduce communication overhead and ensure you're dealing only with people who have real decision-making authority.
    • Look to your org. chart: Note the departments or business units listed across the top of the chart that have one executive or top-ranking senior manager accountable for them. These business units often translate as-is into a tidy CXO Business View category.

    Limit your number of buckets

    Tracking IT spend across more than 8-10 shared and industry-specific business categories is impractical.

    • Simplify your options: Too many buckets gets confusing and invites time-wasting doubt.
    • Reduce future rework: Business structures will change, which means recategorizing spend data. Using a forklift is a lot easier than using tweezers.
    • Stick to major business units: Create separate "Business Other" and "Industry Other" catch-all categories to track IT spend for smaller functions that fall outside of major business unit structures.

    Stay high-level with the CXO Business View

    Be clear on what's in and what's out of your categories to keep everyone on the same page

    Clear lines of demarcation between CXO Business View categories reduce confusion, doubt, and wheel-reinvention when deciding where to allocate IT spend.

    Ensure clear boundaries

    Mutual exclusivity is key when defining categories in any taxonomical structure.

    • Avoid overlaps: Each high-level business function category should have few or no core function or process overlaps with another business function category. Aim for clear vertical separation.
    • Be encompassing: When defining a category, list all the business capabilities and sub-functions included in that category. For example, if defining the finance and accounting function, remember to specify its less obvious accountabilities, like enterprise asset management if appropriate.

    Identify exclusions

    Listing what's out can be just as informative and clarifying as listing what's in.

    • Beware odd bedfellows: Minor business groups are often tucked under a bigger organizational entity even though the two use different processes and technologies. Separate them if appropriate and state this exclusion in the bigger entity's definition.
    • Draw a line: If a process crosses business function categories, state which sub-steps are out of scope.
    • Document your decisions: This helps ensure you allocate IT spend the same way every time.

    Clear lines of demarcation between CXO Business View categories

    2.3 Build your industry-specific business views

    Duration: Two hours

    1. Confirm your list of high-level shared business services (human resources, finance and accounting, etc.) as provided in Info-Tech's IT Spend & Staffing Transparency Workbook. Rename them if needed to match the nomenclature used in your organization.
    2. Set and define your additional list of high-level, industry-specific business categories that are unique to or define your industry. See the slides immediately following this exercise for tips on developing these categories, as well as the appendix of this blueprint for some examples of industry-specific categories and definitions.
    3. Create "Business Other" and "Industry Other" categories to capture minor groups and activities supported by IT that fall beyond the major shared and industry-specific business functions you've shortlisted. Briefly note the business groups/activities that fall under these categories.
    4. Edit/enter your shared and industry-specific business function categories and their definitions on tab "2. Business View Definitions" in the IT Spend & Staffing Transparency Workbook.

    Download the IT Spend & Staffing Transparency Workbook

    2.3 Build your industry-specific business views

    InputOutput
    • Knowledge about your organization's structure and business functions/units
    • A list of major shared business functions and industry-specific business functions/capabilities that are defining of your industry
    MaterialsParticipants
    • Whiteboard/flip charts
    • Head of IT
    • IT financial lead

    Lock in key pieces of baseline data

    Calculating core IT spend metrics relies on a few key numbers. Settle these first based on known data before diving into detailed mapping.

    These baseline data will allow you to calculate high-level metrics like IT spend as a percent of revenue and year-over-year percent change in IT spend, as well as more granular metrics like IT staff spend per employee for a specific IT service.

    Baseline data checklist

    • IT spend analysis period (date range).
    • Currency used.
    • Organizational revenue.
    • Organizational OpEx.
    • Total current year IT spend.
    • Total current year IT CapEx and IT OpEx.
    • Total previous-year IT spend.
    • Total projected next-year IT spend.
    • Number of organizational employees.
    • Number of IT employees.

    You may have discovered some things you didn't know about during the mapping process. Revisit your baseline data when your mapping is complete and make adjustments where needed.

    2.4 Enter your baseline data

    Duration: One hour

    1. Navigate to tab "3. Baseline Data" in the IT Spend & Staffing Transparency Workbook. Using the data you've gathered, enter the following information to set your baseline data for future calculations:
      1. Your IT spend analysis date range. This can be concrete dates, a fiscal year abbreviation, etc.
      2. The currency you will be using throughout the workbook. It's important that all monetary values entered are in the same currency.
      3. Your organization's total revenue and total operating expenditure (OpEx) for the spend analysis data range you've specified. Revenue includes all sources of funding/income.
      4. Your total IT OpEx and total IT capital expenditure (CapEx). The workbook will add your OpEx and CapEx values for you to arrive at a total IT spend value.
      5. Total IT spend for the year prior to the current IT spend analysis date range, as well as anticipated total IT spend for the year following.
      6. Total IT staff spend (salaries, benefits, training, travel, and fees for employees and contractors in a staff augmentation role) for the spend analysis date range.
      7. The total number of organizational employees and total number of IT employees. These are typically full-time equivalent (FTE) values and include contractors in a staff augmentation role.
    2. Make note of any issues that have influenced the values you entered.

    Download the IT Spend & Staffing Transparency Workbook

    2.4 Enter your baseline data

    InputOutput
    • Cleaned and organized spend and staffing data and information
    • Finalized baseline data for deriving spend metrics
    MaterialsParticipants
    • IT Spend & Staffing Transparency Workbook
    • Head of IT
    • IT financial lead

    Phase 2: Gather required data

    Achievement summary

    You've now completed all preparation steps for your IT spend transparency journey. You have:

    • Gathered your IT spend and staffing data and information.
    • Cleaned and organized your data to streamline mapping.
    • Identified your baseline data points.

    "As an IT person, you're not speaking the same language at all as the accounting department. There's almost always a session of education that's required first."
    - Angie Reynolds, Principal Research Director, ITFM Practice, Info-Tech Research Group

    Phase 3

    Map Your IT Staff Spend

    This phase will walk you through the following activities:

    • Mapping your IT staff spend across the four views of the ITFM Cost Model
    • Validating your mapping

    This phase involves the following participants:

    • Head of IT
    • IT financial lead
    • Other members of IT management

    Phase 3: Map your IT staff spend

    Allocate your workforce costs across the four views.

    Now it's time to tackle the first part of your hands-on spend mapping effort, namely IT staff spend. In this phase you will:

    • Allocate your IT staff spend across the four views of the ITFM Cost Model.
    • Validate your mapping to ensure that it's accurate and complete.

    "We're working towards the truth. We know the answer, but it's how to get it. Take Data & BI. For some organizations, four FTEs is too many. Are these people really doing Data & BI? Look at the big picture and see if something's missing."
    - Rex Ding, Research Specialist, ITFM Practice, Info-Tech Research Group

    Staffing costs comprise a significant percent of OpEx

    Staffing is the first thing that comes to mind when it comes to spend. Intentionally bring it out of the shadows to promote constructive conversations.

    • Total staffing costs stand out from other IT spend line items. This is because they're comparatively large, often comprising 30-50% of total IT costs.
    • Standing out comes at a price. Staff costs are where business leadership looks first if they want cuts. If IT leadership doesn't bring forward ways to cut staffing costs as part of a broader cost-cutting mandate, it will be seen as ignorant of business priorities at best and outright insubordinate at worst.
    • Staffing costs as a percentage of total costs vary between IT functions. On the business side, there's a lack of understanding about what functions IT staff serve and support and the real-world costs of obtaining (and keeping) needed IT skills. For example, IT security staffing costs as a percentage of that service's total OpEx will likely be higher than service desk staff given the scarcity and higher market value of the former. Trimming 20% of IT staffing costs from the IT security function has much different implications than cutting 20% of service desk staffing costs.

    Staffing spend transparency can do a lot to change the conversation from one where the business thinks that IT management is just being self-protecting to one where they know that IT management is actually protecting the business.

    Demonstrating the legitimate reasons behind IT staff spend is critical in both rationalizing past and current spend decisions as well as informing future decisions.

    Info-Tech recommends that you map your IT staffing costs before all other IT costs

    Mapping your IT staffing spend first is a good idea because:

    • Staffing costs are usually documented more clearly, simply, and accurately than other IT costs.
    • Gathering all your IT staffing data is usually a one-stop shop (i.e. the HR department).
    • The comparative straightforwardness of mapping staff costs compared to other IT costs gives you the opportunity to:
      • Get familiar with the ITFM Cost Model views and categories.
      • Get the hang of the hands-on mapping process.
      • Determine the kinds of speed bumps and questions you'll encounter down the road when you tackle the more complicated mappings.

    "Some companies will say software developer. Others say application development specialist or engineer. What are these things? You have to have conversations ..."
    - Rex Ding, Research Specialist, ITFM Practice, Info-Tech Research Group

    Understand the CFO Expense View: "Workforce" categories defined

    For the staffing spend mapping exercise, we're defining the Workforce category here and will offer Vendor category definitions in the vendor spend mapping exercise later.

    Workforce: The total costs of employing labor in the IT organization. This includes all salary/wages, benefits, travel/training, dues and memberships, and contractor pay. Managed services expenses associated with an external service provider should be excluded from Workforce and included in Contract Services.

    Employee: A person employed by the IT organization on a permanent full-time or part-time basis. Costs include salary, benefits, training, travel and expenses, and professional dues and memberships. These relationships are managed under human resources and the bulk of spend transactions via payroll processes.

    Contractor: A person serving in a non-permanent staff augmentation role. These relationships are typically managed under procurement or finance and spend transactions handled via invoicing and accounts payable processes. Labor costs associated with an external service provider are excluded.

    CFO Expense View

    Mapping your IT staff across the CFO Expense View is relatively cut-and-dried

    The CFO Expense View is the most straightforward in terms of mapping IT staffing costs as it's made up of only two main categories: Workforce and Vendor.

    In the CFO Expense View, all IT spend on staffing is allocated to the Workforce bucket under either Employee or Contractor.

    What constitutes a Contractor can be confusing given increased use of long-term labor augmentation strategies, so being absolutely clear about this is imperative. For spend mapping purposes:

    • Any staff members under independent contract where individuals are paid directly by your organization as opposed to indirectly via a service provider (e.g. staffing firm) are considered Workforce > Contractor.
    • Any circumstances where you pay a third-party organization for labor is slotted under Vendor > Contract Services.

    CFO Expense View

    Understand the CIO Service View: Categories defined

    We've provided definitions for the major categories that require clarification.

    Applications Development: Purchase/development, testing, and deployment of application projects. Includes internally developed or packaged solutions.

    Applications Maintenance: Software maintenance fees or maintaining current application functionality along with minor enhancements.

    Hosting & Networks: Compute, storage, and network functionality for running/hosting applications and providing communications/connectivity for the organization.

    End User: Procurement, provision, management, and maintenance (break/fix) of end-user devices (desktop, laptops, tablets, peripherals, and phones) as well as purchase/support and use of productivity software on these devices. The IT service desk is included here as well.

    PPM & Projects: People, processes, and technologies dedicated to the management of IT projects and the IT project portfolio as a whole.

    Data & BI: Strategy and oversight of the technology used to support data warehousing, business intelligence, and analytics.

    IT Management: Senior IT leadership, IT finance, IT strategy and governance, enterprise architecture, process management, vendor management, talent management, and program and portfolio management oversight.

    Security: Information security strategy and oversight, practices, procedures, compliance, and risk mitigation to protect and prevent unauthorized access to organizational data and technology assets.

    CIO Service View

    Mapping your IT staff across the CIO Service View is a slightly harder exercise

    The complexity of mapping staff across this view depends on how your IT department is organized and the degree of role specialization vs. generalization.

    The CIO Service View mirrors how many IT departments are organized into teams or work groups. However, some partial percentage-based allocations are probably required, especially for smaller IT units with more generalized, cross-functional roles. For example:

    • A systems administrator's costs may need to be allocated 80% to Hosting & Networks and 20% to Security.
    • An app development team lead may spend about 40% of their time doing hands-on Development work and the other 60% on project management (i.e. PPM & Projects).

    Info-Tech has found that allocating staffing costs for Data & BI raises the most doubts as it can be very entangled with Applications and other spend. Do the best you can.

    Understand the CXO Expense View: Categories defined

    Expand shared services and industry function categories as suits your organization.

    Industry Functions: As listed and defined by you for your specific industry.

    Human Resources: IT staff and specific application functionality in support of organizational human resource management.

    Finance & Accounting: IT staff and specific application functionality in support of corporate finance and accounting.

    Shared Services Other: IT staff and specific application functionality in support of all other shared enterprise functions.

    Information Technology: IT staff and specific application functionality in support of IT performing its own internal IT operations functions.

    Industry Other: IT staff and specific application functionality in support of all other industry-specific functions.

    CXO Expense View

    Mapping your IT staff across the CXO Business View warrants the most time

    This view is probably the most difficult as many IT department roles are set up according to lines of IT service, not lines of business. Prepare to do a little math.

    The CXO Expense View also requires percentage-based splitting of role spend, but to a greater extent.

    • Start by mapping staff cost allocations for those roles that are at, or close to, 100% dedicated to a specific business function (if any).
    • For IT roles that support organization-wide or multi-department functions, knowing the percent of employees that work in each relevant business unit and parceling IT staff spend by those same percentages may be easiest. For example, a general systems administrator's costs could be allocated as 4% to HR, 2% to finance, 25% to sales, 20% to production operations, and so on based on the percentage of employees in each of the supported business units.

    Take a minute to figure out how you plan to map IT's indirect CXO Business View costs

    Direct IT costs are those that are dedicated to a specific business unit or user group, such a marketing campaign management app, specialized devices used by a specific subset of workers in the field, or a business analyst embedded full-time in a sales organization.

    VS

    Indirect IT costs are pretty much everything else that's shared broadly across the organization and can't be tied to just one stakeholder or user group, such as network infrastructure, the service desk, and office productivity apps. These costs must be fairly and evenly distributed.

    No indirect mapping method is perfect, but here's a suggestion:

    • Take the respective headcount of all business functions sharing the IT resource/service in question.
    • Calculate each business function's staff as a percentage of all organizational staff.
    • Use this same percent of staff to calculate and allocate a business function's indirect staff and indirect vendor costs.

    "There is always a conversation about indirect allocations. There's never been an organization I've heard of or worked for which has been able to allocate every technology cost directly to a business consumption or business unit."
    Monica Braun, ITFM Research Director, Info-Tech Research Group

    Example:

    • A company of 560 employees has six HR staff (about 1.1% of total staff).
    • Network admin staffing costs $143,000, so $1,573 (1.1%) would be allocated to HR.
    • Internet services cost $40,000, so $440 (1.1%) would be allocated to HR.

    Some indirect costs are shared by multiple business functions, but not all. In these cases, exclude non-participating business functions from the total number of organizational employees and re-calculate a new percent of staff for each participating business function.

    Know where you're most likely to encounter direct vs. indirect IT staffing costs

    Info-Tech has found that direct vs. indirect staffing spend is more commonly found in some areas than others. Use this insight to focus your work.

    Direct IT staffing spend

    Definition: Individuals or teams whose total time is formally dedicated to the support of one business unit/function.

    • Data & BI (direct to one non-IT unit)
    • IT Management (direct to IT)
      • Service planning & Architecture
      • Strategy & Governance
      • Financial Management
      • People & Resources

    Hybrid IT staffing spend

    Definition: Teams with a percent of time or entire FTEs formally dedicated to one business unit/function while the remainder of the time or team is generalized.

    • Applications
      • Applications Development
      • Applications Maintenance
    • IT Management
      • PPM & Projects

    Indirect IT staffing spend

    Definition: Individuals or teams whose total time is generalized to the support of multiple or all business units or functions.

    • Infrastructure
      • Hosting & Networks
      • End Users
    • Security

    Indirect staff spend only comes into play in the CXO Business View. Thoroughly map the CIO Service View first and leverage its outcomes to inform your allocations to individual business and industry functions.

    Understand the CEO Innovation View: Categories defined

    Be particularly clear on your understanding of the difference between business growth and business innovation.

    Business Innovation: IT spend/ activities focused on the development of new business capability, new products and services, and/or introduction of existing products/ services into new markets. It does not include expansion or update of existing capabilities.

    Business Growth: IT spend/activities focused on the expansion, scaling, or modernization of an existing business capability, product/service, or market. This is specifically related to growth within a current market.

    Keep the Lights On: IT spend/activities focused on keeping the organization running on a day-to-day basis. This includes all activities used to ensure the smooth operation of business functions and overall business continuity.

    CEO Innovation View

    Important Note

    Info-Tech analysts often skip mapping staff for the CEO Innovation View when delivering the IT Spend & Staffing Benchmarking Service.

    This is because, for many organizations, either most IT staff spend is allocated to Keep the Lights On or any IT staff allocation to Business Growth and Business Innovation activities is untracked, undocumented, and difficult to parse out.

    Mapping your IT staff across the CEO Innovation View is largely straightforward

    Clear divisions between CapEx and OpEx can be your friend when it comes to mapping this view. Focus your efforts on parsing growth vs. innovation.

    • The majority of IT staff costs are OpEx: And the majority of OpEx will land in the Keep the Lights On category. This is a comparatively simple mapping exercise. Know in advance that this will be the largest of the three buckets in the CEO Innovation View by a very wide margin, so don't be surprised if over 90% of IT staffing costs end up here.
    • Most of the remaining IT staff costs will be tied to capital projects and investments: This means that they will land in either Business Growth or Business Innovation, with the majority typically sitting under Business Growth. Again, don't be surprised if the Business Innovation category holds less than 3% of total IT staffing spend.

    Take your IT staff spend mapping to the next level with detailed time and headcount data

    Overlay a broader assessment of your IT staff

    Info-Tech's IT Staffing Assessment diagnostic can expand your view of what's really happening on the staffing front.

    • Learn your true distribution of IT staff across the same IT services listed in the ITFM Cost Model's CIO Service View.
    • Get other metrics such as degrees of seniority, manager span of control, and IT staff perception of their effectiveness.

    Take action

    1. Set it up: Contact your Info-Tech Account Manager and sign your team up to take the diagnostic.
    2. Assess the findings: Review the output report, specifically how your staff says they spend their time versus what your organization chart's been telling you.
    3. Apply the percentages: Use the FTE allocation percentages in the output report to guide how you distribute your staff spend across the CIO Service View.
    4. Expand your analysis: Use your staff's feedback around perceived aids and obstacles to effectiveness in order to inform and defend your recommendations and decisions on how IT funds should be spent.

    Consider these final tips for mapping your IT staffing costs before diving in

    Mapping your IT staffing costs definitely requires some work. However, knowing the common stumbling blocks and being systematic will yield the best results.

    Approach: Be efficient to be effective

    Start with what you know best: Map the CFO Expense View first to plug in information you already have. Next, map the CIO Service View since it's most aligned to your organization chart.

    Keep a list of questions: You'll need to seek clarifications. Note your questions, but don't reach out until you've done a first pass at the mapping - don't annoy people with a barrage of questions.

    Delegate: Your managers and leads have a more accurate view of exactly what their staff do. Consider delegating the CIO Service View and CXO Business View to them or turn the mapping exercise into a series of collaborative leadership team activities.

    Biggest challenge: Role/title ambiguity

    • The Business Analyst role is often vague. These staffers are often jacks-of-all-trades in IT. You probably can't rely on a generic job description to figure out exactly which services and business functions BAs are spending their time on. Plan to ask a lot of questions.
    • Other role titles may be completely inaccurate. Is the word "system" referring to apps, infrastructure, or both? Is the user experience specialist actually a programmer? Is a manager really managing anything? Know your organization's tendencies around meaningful job titling and set your workload expectations accordingly.

    Key step - validate! If you see services or functions with low or no allocation, or something just doesn't look right, investigate. Someone's doing that work - take the time to figure out who.

    3.1 Map your IT staffing costs

    Duration: Variable

    1. Navigate to tab "4. Staff Spend Mapping" in the IT Spend & Staffing Transparency Workbook. On one row, enter the name of an individual or group to be mapped, their role/title (if an individual), and their total known cost as per your collected data.
    2. Under the CFO Expense View (columns F-G), enter the number of FTEs represented by the individual or group named and their status (i.e. Employee or Contractor).
    3. Under the CIO Service View (columns L-AF), allocate the individual or group's spend as a percentage across all service categories. If the allocation for a service is 0%, leave the cell blank.
    4. Under the CXO Business View (columns AI-BA), allocate the individual or group's spend as a percentage across all business function and industry-specific function categories. If the allocation for a function is 0%, leave the cell blank.
    5. Under the CEO Innovation View (columns BD-BH), allocate the individual or group's spend as a percentage across Business Innovation, Business Growth, and Keep the Lights On. If the allocation for an investment type is 0%, leave the cell blank.
    6. Repeat steps 2 to 5 for all other IT staff (as individuals or groups).
    7. Follow up on and resolve any additional inquiries you need to make based on questions that arose during the mapping process.
    8. Validate your mapping by:
      1. Identifying spend categories that have zero staff spend allocation. Additional percentage allocation splits for certain roles are probably required.
      2. Investigating spend categories that seem to have very high or very low spend allocations based on a gut check. Again, double-check your percentage allocation splits.
      3. Ensuring your amounts add up to your previously calculated total IT staff spend. A balance tracker is provided on tab "6. Tracker & General Outputs" of the IT Spend & Staffing Transparency Workbook.

    Download the IT Spend & Staffing Transparency Workbook

    3.1 Map your staffing costs

    Input Output
    • Cleaned and organized IT staffing data and information
    • Finalized mapping of IT staff spend across the four views of the ITFM Cost Model
    Materials Participants
    • IT Spend & Staffing Transparency Workbook
    • Head of IT
    • IT financial lead
    • Other IT management as required

    Phase 3: Map your IT staff spend

    Achievement summary

    You've now completed your IT staff spend mapping. You have:

    • Allocated your IT staff spend across the four views of the ITFM Cost Model.
    • Validated your mapping to ensure it's accurate and complete.

    "Some want to allocate everybody to IT, but that's not how we do it. [In one CXO Business View mapping], a client allocated all their sand network people to the IT department. At the end of the process, the IT department itself accounted for 20% of total IT spend. We went back and reallocated those indirect staff costs across the business."
    - Kennedy Confurius, Research Analyst, ITFM Practice, Info-Tech Research Group

    Phase 4

    Map Your IT Vendor Spend

    This phase will walk you through the following activities:

    • Mapping your IT vendor spend across the four views of the ITFM Cost Model
    • Validating your mapping

    This phase involves the following participants:

    • Head of IT
    • IT financial lead
    • Other members of IT management

    Phase 4: Map your IT vendor spend

    Allocate your vendor costs across the four views.

    Now you're ready to take on the second part of your spend mapping, namely IT vendor spend. In this phase you will:

    • Allocate your IT vendor spend across the four views of the ITFM Cost Model.
    • Validate your mapping to ensure it's accurate and complete.

    "[One CIO] said that all technology spend runs through their IT group. But they didn't have hardware in their financial data file - no cellphones or laptops, no network or server expenses. They thought they had everything, but they didn't know what they didn't have. Assume it's out there somewhere."
    - Kennedy Confurius, Research Analyst, ITFM Practice, Info-Tech Research Group

    Tackle the non-staff side of IT spend

    Info-Tech analysts find that mapping the IT vendor spend data is harder because the source data is often scattered and not meaningfully labeled.

    • Be patient and systematic. As with mapping your IT staff spend data, the more organized you are from the outset and the more thoroughly you've prepared your data, the more straightforward the exercise will be.
      • Did you "un-unique" your data? If not, do that now before attempting mapping.
    • Get comfortable with making some assumptions. You need to get through the exercise, so sometimes making a best guess and entering a value is better than diving down a rabbit hole. Your gut is probably right anyway. But only make assumptions around smaller line items that don't have a massive impact on your final numbers. Never assume anything when it comes to big-ticket items.
    • Curb your urge to fix. Some of your buckets will start to get big, while others will barely budge. This is normal ... and interesting! Resist the urge to "balance" staffing spend in a bucket by loading it with apps and hardware for fear that the staffing spend looks too high and will be questioned. This exercise is about how things are, not how they look.

    "A common financial data problem is no vendor names. I've noticed that, even if the vendor name is there, there are no descriptors. You cannot actually tell what type of service it is. Data security? Infrastructure? Networking? Ask yourself 'What did we purchase and what does it do?'"
    - Aman Kumari, Research Specialist, ITFM Practice, Info-Tech Research Group

    Understand the CFO Expense View: Vendor categories defined

    These are the final definitions for this view. See the previous section for CFO Expense View > Workforce definitions used in the IT staffing cost mapping exercise.

    Vendor: Provider of a good or service in exchange for payment.

    Hardware: Costs of procuring, maintaining, and managing all IT hardware, including end-user devices, data center and networking equipment, cabling, and hybrid appliances for both on-premises and cloud-based providers.

    Software: Costs for all software (applications, database, middleware, utilities, tools) used across the organization. This includes purchase, maintenance, and licensing costs.

    Contract Services: Costs for all third-party services including managed service providers, consultants, and advisory services.

    Cloud: Offsite hosting and delivery of an on-demand software or hardware computing function by a third-party provider, often on a subscription-type basis.

    On-Prem: On-site hosting and delivery of a software or hardware computing function, often requiring upfront purchase cost and subsequent maintenance costs.

    Managed Services: Costs for outsourcing the provision and maintenance of a technical process or function.

    Consulting & Advisory: Costs for the third-party provision of professional or technical advice and expertise.

    CFO Expense View

    Know if a technology is cloud-based or on-premises before mapping

    A technology may be one, the other, or both if multiple versions are in play. Financial records rarely indicate which, but on-premises vs. cloud matters in your planning.

    On-Premises

    • Check your CapEx. Any net-new purchases of software or hardware for the IT spend analysis year in question should appear on the CapEx side of the equation. After the first year of implementation/rollout, all ongoing maintenance and management costs should be found under OpEx.
    • Focus on real in-year costs.
      • Don't try to map depreciation or amortization associated with CapEX. Instead, map any upfront purchase costs that occurred in the relevant IT spend analysis year.
      • Map any OpEX costs incurred from maintenance and management. For multi-year maintenance contracts, apply the percentage of fees paid for the relevant year.

    Cloud

    • Check your OpEx. Cloud services are typically fee-based, which means the costs often come in the form of regularly timed bills akin to a subscription.
    • Differentiate new services from older ones. If the cloud service was initiated during the IT spend analysis year in question, there may be some one-time service setup and initiation fees that were legitimately slotted under CapEx. If the cloud service isn't new, then all costs should be OpEx.

    Vendors are increasingly "retiring" on-premises software products. This means an older version may be on-prem, a newer one cloud, and you may have both in play.

    Mapping built-in data, analytics, and security functions can raise doubts

    With so many apps focused on capturing, manipulating, and protecting data, built-in analytics, reporting, and security functions blur CIO Service View bucket boundaries.

    Applications vs. Data & BI

    • In recent years, much more powerful analysis and report-generation features have been added to core enterprise applications. If analytics and reporting functionality is an extended feature of a database-driven application, such as ERP or CRM, then map it to one of the Applications buckets.
    • If the sole purpose of the application is to store, manipulate, query, analyze, and/or visualize data, then log its costs under Data & BI. These would include technologies such as data warehouses, marts, cubes, and lakes; desktop data visualization tools; enterprise business intelligence platforms; and specialized reporting tools.

    Applications vs. Security

    • A similar conundrum exists for Security. So many tools today have built-in security functionality that cannot be unintegrated from the app they support. Don't even try to isolate native security functionality for spend mapping purposes - map it to Applications.
    • If the tool is a special-purpose, standalone security tool or security platform, then map it to Security. These tools usually sit within, and are used/managed by, IT. They include firewalls; antivirus/anti-malware; intrusion prevention, detection and response; access control and authentication; encryption; and penetration testing and vulnerability assessment.

    Putting spend in the right bucket does matter. However, if uncertainty persists, err on the side of consistency. For most organizations Applications Maintenance does end up being the biggest bucket.

    When mapping the CXO Business View, do the biggest vendors first

    Below is a suggested order of operations to clear through the majority of vendor spend as early as possible in the process.

    1 Sort high to low Sort your list of vendor spend from highest to lowest. Your top 20 vendors should constitute most of the spend.
    2 Map multi-department enterprise apps Flag your top apps vendors that have presence in most or all of your business units. Map these first. These tend to be enterprise-level business apps "owned" by core business functions but used broadly across the organization such as enterprise resource planning (ERP), customer relationship management (CRM), and people management systems.
    3 Map end-user spend Identify top vendors of general end-user technologies like office productivity apps, desktop hardware, and IT service desk tools. Allocate percentages according to your selected indirect spend mapping method.
    4 Map core infrastructure spend Map the behind-the-scenes network, telecom, and data center technologies that underpin IT, plus any infrastructure managed services. Again, apply your selected indirect spend mapping method.
    5 Map business-unit specific technologies This is the spend that's often incurred by just one department. This may also be technology spend that's out in the business, not in IT proper. Map it to the right business function or put it in Business Other or Industry Other if the business function doesn't have its own bucket.
    6 Map the miscellaneous Only smaller spend items likely remain at this point. When in doubt, map them to either Business Other or Industry Other.

    After mapping the CXO Business View, your Other buckets might be getting a bit big

    It's common for the Business Other and Industry Other categories to be quite large, and even the largest. This is okay, but plan to dig deeper and understand why.

    Remember "when in doubt, map to either the Business Other or Industry Other category"? Know what large Other buckets might really be telling you. After your first pass at mapping the CXO Business View, review Business Other and Industry Other if either is more than about 10% of your total spend.
    Diversification: Your organization has a wide array of business functions and/or associated staff that exist outside the core business and industry-specific categories selected. Are there minor business functions that can reasonably be included with the core categories identified? If not, don't force it. Better to keep your core buckets clean and uncomplicated.
    Non-core monolith: There's a significant technology installation outside the core that's associated with a comparatively minor business function. Is there a business function incurring substantial technology spend that should probably be broken out on its own and added to the core? If so, do it. Spend is unlikely to get smaller as the organization grows, so best to shine a light on it now.
    Shadow IT: There's significant technology spend in several areas of the organization that is unowned, unmanaged, or serving an unknown purpose as far as IT is concerned. Is a lot of the spend non-IT technology in the business? If yes, flag it and plan to learn more. It's likely that technologies living elsewhere in the organization will become IT concerns eventually. Better to be ready than to be surprised.

    As with staffing, CapEx vs. OpEx helps map the CEO Innovation View

    Mapping to this view was optional for IT staffing. For hard technology vendor spend, mapping this view is key. Use the guidance below to determine what goes where.

    Keep the Lights On
    Spend usually triggered by a service deck ticket or work order, not a formal project. Includes:

    • Daily maintenance and management.
    • Repair or upgrade of existing technology to preserve business function/continuity.
    • Purchase of "commodity" technology, such as standard-issue laptops and licenses for office productivity software.

    Business Growth
    Spend usually in the context of a formal project under a CapEx umbrella. Includes:

    • Technology spend that directly supports business expansion of an existing product or service and/or market.
    • Modernizing existing technology.
    • Extension of, or investment in, existing infrastructure to ensure reliability and availability in response to growth-driven scaling of headcount and utilization.

    Business Innovation
    Spend is always in the context of a formal project and should be 100% CapEx in the first year after purchase. Includes:

    • Technology spend that directly supports development and rollout of new products or service and/or entry into new markets.
    • Use of existing technology or investment in net-new technology in direct support of a new business initiative, direction, or requirement.

    In many organizations, most technology spend will be allocated to Keep the Lights On. This is normal but should generate conversations with the business about redirecting funds to growth and innovation.

    Remember these top tips when mapping your technology vendor spend

    The benefits of having tidy and organized data can't be overstated, as your source data will be in a more varied state for this phase of the mapping than with IT staffing data.

    Approach: Move from macro to micro

    • Start with the big enterprise apps: These will probably be in the top five of your vendor spend list and will likely have good info about how and by whom they're used. Get them out of the way.
    • Clear out shared technologies. This will feature infrastructure and operations plus office productivity and communications spend. Portioning spend by department headcount for the CXO Business View is the hardest part. Get this forklift task out of the way too.
    • Don't sweat the small stuff. Wasting hours chasing the details of a $500 line item isn't worth it when you have five-, six-, or even seven-figure line items to map.

    Biggest challenge: Poor vendor labeling

    • Vendor labels are often an inconsistent mess or missing entirely. Standardize and apply consistent vendor labels throughout your data so that you can aggregate your data into a workable form.
    • Spend transactions with the same vendor can be scattered all over the place in your general ledger. Take the time to "un-unique" your data to save yourself tremendous grief later on.
    • Start new go-forward labeling habits. Talk to finance about your new list of vendor naming standards and tagging spend as on-prem or cloud. Getting their cooperation with these are major wins.

    Key step - validate! If you see services or functions with low or no allocation, or something just doesn't look right, investigate. There's probably a technology out there in the business doing that work.

    4.1 Map your IT vendor spend

    Duration: Variable

    1. Navigate to tab "5. Vendor Spend Mapping" in the IT Spend & Staffing Transparency Workbook. On one row, enter a spend line item (vendor, product, etc.), a brief description, and the known amount of spend.
    2. Under the CFO Expense View (columns F-P), allocate the line item's spend as a percentage across all asset-class categories. If the allocation for a line item is 0%, leave the cell blank.
    3. Under the CIO Service View (columns S-AM), allocate the line item's spend as a percentage across all service categories. If the allocation for a service is 0%, leave the cell blank.
    4. Under the CXO Business View (columns AP-BH), allocate the line item's spend as a percentage across all business function and industry-specific function categories. If the allocation for a function is 0%, leave the cell blank.
    5. Under the CEO Innovation View (columns BK-BO), allocate the line item's spend as a percentage across Business Innovation, Business Growth, and Keep the Lights On. If the allocation for an investment type is 0%, leave the cell blank.
    6. Repeat steps 2-5 for all spend line items.
    7. Follow up on and resolve any additional inquiries you need to make based on questions that arose during the mapping process.
    8. Validate your mapping by:
      1. Ensuring your amounts add up to your previously calculated total IT vendor spend. A balance tracker is provided on tab "6. Tracker & General Outputs" of the IT Spend & Staffing Transparency Workbook.
      2. Identifying spend categories that have zero spend allocation. Additional percentage allocation splits for certain line items are probably required.
      3. Investigating spend categories that seem to have very high or very low spend allocations based on a gut check. Again, double-check your percentage allocation splits.

    Download the IT Spend & Staffing Transparency Workbook

    4.1 Map your IT vendor spend

    InputOutput
    • Cleaned and organized IT vendor spend data and information
    • Finalized mapping of IT vendor spend across the four views of the IT Cost Model
    MaterialsParticipants
    • IT Spend & Staffing Transparency Workbook
    • Head of IT
    • IT financial lead
    • Other IT management as required

    Phase 4: Map your IT vendor spend

    Achievement summary

    You've now completed your IT vendor spend mapping. You have:

    • Allocated your IT vendor spend across the four views of the ITFM Cost Model.
    • Validated your mapping to ensure it's accurate and complete.

    "A lot of organizations log their spending by vendor name with no description of the goods or services they actually purchased from the vendor. It could be hardware, software, consulting services ... anything. Having a clear understanding of what's really in there is an essential aspect of the spend conversation."
    - Rex Ding, Research Specialist, ITFM Practice, Info-Tech Research Group

    Phase 5

    Identify Implications for IT

    This phase will walk you through the following activities:

    • Analyzing the results of your IT staff and vendor spend mapping across the four views of the ITFM Cost Model
    • Preparing an executive presentation of your transparent IT spend

    This phase involves the following participants:

    • Head of IT
    • IT financial lead
    • Other members of IT management

    Phase 5: Identify implications for IT

    Analyze and communicate.

    You're now nearing the end of the first leg in your IT spend transparency journey. In this phase you will:

    • Analyze the results of your IT spend mapping process.
    • Revisit your transparency objectives.
    • Prepare an executive presentation so you can share findings with other leaders in your organization.

    "Don't plug in numbers just to make yourself look good or please someone else. The only way to improve is to look at real life."
    - Monica Braun, Research Director, ITFM Practice, Info-Tech Research Group

    You've mapped your IT spend data. Now what?

    With mapped data in hand, now you can start to tell IT's spend story with stakeholders in the business.

    Mapping your IT spend is a lot of work, but what you've achieved is impressive (applause!) as well as essential for growing your ITFM maturity. Now put your hard work to work.

    • Consider benchmarking. While not covered in-depth here, benchmarking against yourself in a year-over-year approach as well as against external industry peers are very useful exercises in your technology spend analysis.
    • Review your numbers and graphs. Your IT Spend & Staffing Transparency Workbook contains a series of data visualizations that will help you see the big picture as well as relationships between spend categories.
    • Note the very big numbers, the very small numbers, and the things that just look odd. You'll want to investigate and understand these further.
    • Prepare to communicate. Facilitating conversations with stakeholders in the business is the immediate objective of the IT spend and staffing transparency exercise. Decide where and with whom you want to start dialogue.

    The slides that follow show sample data summaries and visualizations generated in the IT Spend & Staffing Transparency Workbook. We'll take a look at the metrics, tables, and graphs you now have available to you post-mapping and how you can potentially use them in conversations with different IT stakeholders.

    Evaluate how you might use benchmarks before diving into your analysis

    Benchmarking can be a useful input for contextualizing and interpreting your IT spend data. It's not essential at this point but should be part of your ITFM toolkit.

    There are two basic types of benchmarking ...

    Internal: Capturing a current-state set of data about an in-house operation to serve as a baseline. Over time, snapshots of the same data are taken and compared to the baseline to track and assess changes. Common uses for internal benchmarking include:

    • Assessing the impact of a project or initiative.
    • Measuring year-over-year performance.

    External: Seeking out aggregated, current-state data about a peer-group operation to assess your own relative status or performance on the same operation. Common uses for external benchmarking include:

    • Understanding common practices in the industry.
    • Strategic and operational visioning, planning, and goal-setting.
    • Putting together a business case for change or investment.

    Both types of benchmarking benefit from some formality and rigor. Info-Tech can help you stand up an ITFM benchmarking approach as well as connect you with actual IT spend peer benchmarks via our IT Spend & Staffing Benchmarking service.

    5.1 Analyze the results of your IT spend mapping

    Duration: Variable

    1. Review the guidance slides that follow the two instruction slides for this exercise to provide yourself with a grounding on how to interpret and analyze your mapped IT staff and vendor spend data.
    2. Systematically review the data tables and graphs on the "Outputs" tabs 6 through 10 in the IT Spend & Staffing Transparency Workbook. There are several approaches you can take - use the one that works best for you. For example:
      1. Review each view in its entirety, one at a time.
      2. Review all workforce spend collectively across all four views, followed by all vendor spend across all four views (or vice versa).
    3. Make note of any spend values that are comparatively high or low or strike you as odd or worth further investigation.
    4. Craft a series of spend-related questions you want to answer for yourself and your stakeholders using the data.
      1. For example, you need to cut costs and apps maintenance is high. Your question could be, "Can we cut costs on applications maintenance staffing?"
      2. Alternatively, you can develop a series of statements (research hypotheses) that you seek to prove true or false with the data. This approach is useful for testing assumptions you've been making. For example, "We can cut spending on applications maintenance staff. True or false?"
    5. Use the template provided on tab "11. Data Analysis" in the IT Spend & Staffing Transparency Workbook to document your findings and conclusions, along with the data that supports them.

    Download the IT Spend & Staffing Transparency Workbook

    5.1 Analyze the results of your IT spend mapping

    InputOutput
    • Tabular and graphical data outputs
    • Conclusions and potential actions about IT staff and vendor spend
    MaterialsParticipants
    • IT Spend & Staffing Transparency Workbook
    • Head of IT
    • IT financial lead
    • Other IT management as required

    High-level findings: Use these IT spend metrics to review and set big picture goals

    Think of these metrics as key anchors in your long-term strategic planning efforts.

    Use IT spend metrics to review and set big goals

    It's common for the business to want a sacrifice in IT OpEx in favor of CapEx

    CapEx and OpEx approval mechanisms are often entirely separate. Different tax treatment for CapEx means that it's usually preferred by the business over OpEx.

    OpEx is often seen as a sunk cost (i.e. an IT problem).

    • Barring a major decision or event, OpEx on an individual item will generally trend upward over time, often by a few percent every year, in lockstep with inflation and growth in organizational headcount.
    • A good portion of OpEx, however, is necessary for basic business continuity.

    CapEx is usually seen as investment (i.e. a business growth opportunity).

    • CapEx behaves quite differently than OpEx. On-the-books capitalized spend on an individual asset tends to trend downward over time due to depreciation or amortization.
    • CapEx only tends to go up when a net-new capital project is initiated, and organizations often have more control over if, when, and how this spend happens.

    Break down the OpEx/CapEx wall. Reference OpEx whenever you talk about CapEx. The best way to do this is via Total Cost of Ownership (TCO).

    • Present data on long-term OpEx projections whenever a new capital project is proposed and ensure ongoing maintenance funds are secured.
    • Educate your CFO about the impact of the cloud on OpEx. See if internal OpEx/CapEx ratio expectations can be adjusted to reflect this reality.

    Spend by asset class offers the CFO a visual illustration of where the money's really gone

    The major spend categories should look very familiar to your CFO. It's the minor sub-categories that sit underneath where you ultimately want to drive the conversation.

    Traditional categories don't reflect IT reality anymore.

    • Most finance departments have "software" accounts that contain apples and oranges, plus other dissimilar fruit.
    • Software isn't just software anymore. Now it's on-premises (CapEx) or cloud (OpEx). The same distinction applies to traditional hardware due to the advent of managed services.
    • The basic categories traditionally used to tag IT spend are out of date. This makes it hard for IT to have meaningful conversations with the CFO since they're not working from the same glossary.

    "Software (on-premises)" and "hardware (cloud)" are more meaningful descriptors than "software" and "hardware." Shift the dialogue.

    Start the migration from major categories to minor categories.

    • Still give the CFO the traditional major categories they're looking for but start including minor category breakdowns into your communications. Most importantly, have a meeting to explain what these minor categories are and why they're important to managing IT effectively.
    • Next, see if the CFO can formally split on-premises vs. cloud software on the books as a first step in making IT spend tracking more meaningful.

    Employees vs. contractors warrants a specific conversation, plus a change in mindset

    IT leaders often find it easier to get approval for contracted labor than to hire a permanent employee. However, the true value proposition for contractors does vary.

    The decision to go with permanent employees or contractors depends on your ultimate goals.

    • Contractors tend to be less expensive and provide more flexibility when adjusting to changing business needs. However, contractors may be less dedicated and take their skills and knowledge with them when they leave.
    • Permanent employees bring additional costs like benefits and training. Plus, letting them go is a lot more complicated. However, they can also bring real value in a way a contractor can't when it comes to sustaining long-term strategic growth. They're assets in themselves.

    Far too often, labor-sourcing decisions are driven by controlling near-term costs instead of generating and sustaining long-term value.

    Introduce the cost-to-value ratio to your workforce spend conversations.

    • Your mapped data will allow you to talk about comparative headcount and spend. This is a financial conversation devoid of context.
    • Go beyond. Show how workforce spend has allowed stated goals to be achieved while controlling for costs. This is the true definition of value.

    CFO Expense View: Shift the ITFM conversation

    Now that you've mapped your IT spend data to the CFO Expense View, there are some questions you're better equipped to answer, namely:

    • How should I classify my IT costs?
    • What information should I include in my plans and reports?
    • How do I justify current spend?
    • How do I justify a budget increase?

    You now have:

    • A starting point for educating the CFO about IT spend realities.
    • A foundation for creating a shared glossary of terms that works for both IT and the finance department and facilitates more meaningful conversations.
    • Proof that there are major areas of IT spend, such as cloud software, that are distinctive and probably warrant their own financial category in the general ledger.
    • A transparent record of IT spend that shows that you understand and care about financial issues, fostering the goodwill and trust that facilitates investment in IT.
    • A starting point to change the ITFM conversation with the CFO from one focused on cost to one focused on value.

    Exactly how is IT spending all that money we give them?

    Exactly like this ...

    Chart of the CFO Expense View

    The CIO Service View aligns with how IT organizes and manages itself – this is your view

    The data mapped here is a critical input for IT's service planning and management program and should be integrated into your IT performance measurement activities.

    Major service categories: These values give a high-level snapshot of your general IT service spend priorities. In most organizations, Applications dominates, making it a focus for cost optimization.

    Minor service categories: The level of granularity for these values prove more practical when measuring performance and making service management decisions - not too big, not too small. While not reflected in this example, application maintenance is usually the largest relative consumer of IT spend in most organizations.

    Data & BI and security: Isolating the exact spend for these services is challenging given that they're often entangled in applications and infrastructure spend respectively, and separate spend tracking for both is a comparatively recent practice.

    Table of CIO Service View

    Check the alignment of individual service spend against known business objectives

    Some IT services are taken for granted by the business, while others are virtually invisible. This lack of visibility often translates into funding misalignments.

    Is the amount of spend on a given service in parallel with the service's overall importance?

    • Though often unstated, ensuring continuity of basic business operations is always the top priority. This means business apps, core infrastructure, end users, and security need to be appropriately funded - these should collectively comprise the majority of IT service spend.
    • Strategy-supporting IT services, like data & BI, see high investment variability between organizations. If its strategic role/importance doesn't align with spend, flag it as an issue you'll need to reconcile with the business by increasing funding (important) or reducing service levels (unimportant).
    • The strategic importance of IT as a whole is often reflected in the spend on IT management services. If spend is low, IT's probably seen as a support function, not a strategic one.

    Identify the hot spots and pick your battles.

    • Spend levels are just approximate gauges of where and how the business is willing to spend its money. Start with this simple gut check.
    • Noting the areas of importance vs. spend misalignment will help you identify where negotiations with the business should probably happen.

    A mature IT cost optimization practice is often approached from the service perspective

    When optimizing IT costs, you have two OpEx levers to pull - vendor spend and staff spend. Isolating these two sources of IT service spend will help shortlist your options.

    It's all about how much room you have to move.

    • Any decision made about how a service is provisioned will push vendor and staff spend in clear, predictable, and often opposite directions (e.g. in-house and people-intensive services tend to see higher staff spend, while outsourced and tech-intensive services higher vendor spend).
    • Service levels required by the business should be the driving factor behind service design and spend decisions. High service spend may reflect priority but may also indicate it's over-built and is ripe for a cost-optimization treatment.
    • Service spend is a useful barometer for tracking the financial impact of any changes made to IT. Add simple unit-cost metrics like "service spend per organizational employee" and "service spend per FTE assigned to the service" to see if and how the dial has moved over time.

    Grow your IT service management practice.

    • The real power of the CIO Service View is laying the groundwork for next-level IT service management initiatives like developing a service catalog, negotiating service-level agreements, rolling out chargeback and showback mechanisms, and calculating IT's value to the business.
    • Use service spend as a common denominator for both your IT service management and IT performance management programs. Better yet, integrate the two programs to ensure a single version of the truth.

    CIO Service View: Optimize your cost-to-value ratio

    Now that you've mapped your IT spend data to the CIO Service View, there are some questions you're better equipped to answer, namely:

    • What's the impact of cloud adoption on speed of delivery?
    • Where can I improve spend efficiency?
    • Is my support model optimized?
    • How does our spend compare to others?

    You now have:

    • Data that shows the financial impact of change decisions on service costs.
    • Insight into the relationship between vendor spend and staff spend within a given IT service.
    • The information you need to start developing service unit costing mechanisms.
    • A tool for setting and right-sizing service-level agreements with the business.
    • A more focused starting point for investigating IT cost-optimization opportunities.
    • A baseline for benchmarking common IT services against your peers.

    Does the amount we spend on each IT service make sense?

    We have some good opportunities for optimization ...

    Chart of CIO Service View

    The CXO Business View will spur conversations that may have never happened before

    This view is a potential game changer as previously unknown technology spend is often revealed, triggering change in IT's relationship with business unit leaders.

    Table of CXO Business View

    The big beneficiaries of IT spend will leap out

    The CXO Business View mapping does have a "shock and awe" quality to it given large spend disparities. They may be totally legitimate, but they're still eye-catching.

    Share information, don't push recommendations.

    • Have a series of one-on-one meetings with business unit leaders to present these numbers.
      • Approach initial meetings as information-sharing sessions only. The data is probably new to them, and they'll need time to reflect and ask questions.
      • Bring a list of the big-ticket spend items for that business unit to focus the conversation.
    • Present these numbers at a broader leadership meeting.
      • It's critical for everyone to hear the same truth and learn about each other's technology needs and uses.
      • This is where recommendations for better aligning IT spend with business goals and cost-optimization strategies should surface. A group approach will bring technology haves and have-nots into the open, as well as provide a forum for collaborative solutioning.

    If possible, slice the numbers by business unit headcount.

    • IT spend per business unit employee is an attention-getting metric that can help gain entry to important conversations.
    • Comparing per-employee spend across different business functions is not necessarily an apples-to-apples comparison, as units like HR may have few employees but serve the entire organization. Bring up these kinds of differences to provide context and avoid misinterpretations.

    Questions will arise in how you calculated and allocated indirect IT spend

    IT spend for things like core infrastructure and end-user services must be distributed fairly across multiple or all business units. Be prepared to explain your methods.

    Be transparent in your transparency.

    • Distributing indirect spend is imprecise by nature. You can't account for every unique circumstance. However, you can devise a logic-driven, general approach that's defensible, fair, and works for most people most of the time.
    • Lay out your assumptions from the start. This is an important part of communicating transparently and can prevent unwanted descent into weedy rabbit holes.
      • List what you classified as indirect spend. Use the CFO Expense View and/or CIO Service View categories to aid your presentation of this information.
      • Point out known circumstances that didn't fit your general allocation method and how you handled them. Opting to ignore minor anomalies is reasonable but be sure to tell business unit leaders you did this and why.

    Use questions about indirect IT staff spend distribution to engage stakeholders.

    • As a percentage, the indirect IT staff spend allocation to a specific business unit may be higher than that for IT vendor spend since IT staff tend to operate more generally than the technologies they support.
    • Leverage any pushback about indirect spend as an opportunity to engage the broader business leadership group. Let them arrive at a consensus of how they want it done and confirm buy-in.

    CXO Business View: Bring the truth to light

    Now that you've mapped your IT spend data to the CXO Business View, there are some questions you're better equipped to answer, namely:

    • Which business units consume the most IT resources?
    • Which business units are underserved by IT?
    • How do I best communicate spend data internally?
    • Where do I need better business sponsorship for IT projects?

    You now have:

    • A reason-based accounting of direct and indirect amounts spent on IT vendors and staff in support of each major business unit.
    • Insight into the technology haves and have-nots in your organization and where opportunities to optimize costs may exist.
    • Attention-getting numbers that will help you engage business-unit leaders in meaningful conversations about their use of IT resources and the value they receive.
    • A mechanism to assess if a business unit's consumption of IT is appropriate and aligned with its purpose and mandate in the organization.
    • A list of previously unknown business-side technologies that IT will investigate further.

    Why doesn't my business unit get more support from IT?

    Let's look at how you compare to the other departments ...

    Chart of the CXO Business View

    From the CEO's high-level perspective, IT spend is a collection of distinct financial islands

    From IT's perspective, these islands are intimately connected, with events on one affecting what happens (or doesn't) on another. Focus on the bridges.

    Table of CEO High-level Perspective

    Focus more on unifying the view of technology spend than on the numbers

    When talking to the CEO, seek to build mutual understanding and encourage a holistic approach to the organization's technology spend.

    Use the numbers to get to the real issues.

    • Clarify with the CEO what business innovation, business growth, and KTLO means to them and the role each plays in the organization's strategic and operational plans.
    • Find out the role they think IT, and technology as a whole, has in realizing business plans. Only then can you look at the relative allocation of IT spend with them to see if the aspiration aligns with reality.
    • Eventually, you'll need to discuss expectations around who pays the bills for operationally supporting capital technology investments over the long-term (i.e. IT or the business units that actually want and use it). You'll have concrete examples of business projects that consumed IT operations resources without a corresponding increase in IT's OpEx budget.

    Focus your KTLO spend conversation on risk and trade-off.

    • Every strategic conversation needs to look at the impact on ongoing operations. Every discussion about CapEx needs to investigate the long-term repercussions for OpEx. Look at the whole tech spend picture.
    • Use risk to get KTLO/OpEx into the conversation. Be straightforward (i.e. "If we do/don't do this, then we can/can't do that"). Simply put, mitigating the risks that get in the way of having it all usually requires spending.

    CEO Innovation View: Learn what's really expected of IT

    Now that you've mapped your IT spend data to the CEO Innovation View, there are some questions you're better equipped to answer, namely:

    • Why is KTLO spend so high?
    • What should our operational spend priorities be?
    • Which projects and investments should we prioritize?
    • Are we spending enough on innovative initiatives?

    You now have:

    • A holistic, organization-wide view of total technology spend in support of different investment types, namely business innovation, business growth, and keeping things up and running.
    • Data-driven examples that prove the impact of near-term capital spend on long-term operational expenses and the intimate relationship between the two types of spend.
    • A way to measure the degree of alignment between the innovation and growth goals the organization has and how money is actually being spent to realize those goals.
    • A platform to discuss how technology investment decision-making and governance can work better to realize organizational mandates and goals.

    I know what IT costs us, but what is it really worth?

    Here's how tech spend directly supports business objectives ...

    Chart of CEO Innovation View

    Revisit your IT spend transparency objectives before crafting your executive presentation

    Go back to exercise 1.1 to remind yourself why you undertook this effort in the first place, clear your head of all that data, and refocus on the big picture.

    Review the real problems and issues you need to address and the key stakeholders.
    This will guide what data you focus on or showcase with other business leaders. For example, if IT OpEx is perceived as high, be prepared to examine the CapEx/OpEx ratio as well as cloud-related spend's impact on OpEx.

    Flag ITFM processes you'll develop as part of your ITFM maturity improvement plan.
    You won't become a TCO math expert overnight, but being able to communicate your awareness of and commitment to developing and applying ITFM capabilities helps build confidence in you and the information you're presenting.

    Use your first big presentation to debut ITFM.
    ITFM as a formal practice and the changes you hope to make may be a novel concept for your business peers. Use your newfound IT spend and staffing transparency to gently wade into the topic instead of going for the deep dive.

    Now it's time to present your transparent IT spend and staffing data to your executive

    Pull out of analysis mode. You're starting to tell the IT spend story, and this is just the first chapter. Introduce your cast of characters and pique your audience's interest.

    The goal of this first presentation is to showcase IT spend in general and make sure that everyone's getting the same information as everyone else.

    Go broad, not deep
    Defer any in-depth examinations until after you're sure you have everyone's attention. Only dive deep when you're ready to talk about specific plans via follow-up sessions.

    Focus on the CXO
    Given your audience, the CXO Business View may be the most interesting for them and will trigger the most questions and discussion. Plan to spend the largest chunk of your time here.

    Avoid judgment
    Let the numbers speak for themselves. Do point out what's high and what's low, but don't offer your opinion about whether it's good or bad. Let your audience draw their own conclusions.

    Ask for impressions
    Education and awareness are primary objectives. What comes up will give a good indication of what's known, what's news, who's interested, and where there's work to do.

    Pick a starting point
    Ask what they see as high-priority areas for both optimizing IT costs as well as improving the organization's approach to making IT spend decisions in general.

    What to include in your presentation ...

    • Purpose: Why you did the IT spend and staffing transparency exercise.
    • Method: The models and processes you used to map the data.
    • Data: Charts from the IT Spend & Staffing Transparency Workbook.
    • Feedback: Space for your audience to voice their thoughts.
    • Next steps: Discussion and summary of actions to come.

    5.2 Develop an executive presentation

    Duration: Two hours

    1. Download the IT Staff & Spend Executive Presentation Template.
    2. Copy and paste the IT spend output tables and graphs into the template. (Note: Pasting as an image will preserve formatting.)
    3. Incorporate observations and insights about your analysis of your IT spend metrics.
    4. Conduct an internal review of the final presentation to ensure it includes all the elements you need and is error free.
    5. Book time to make your presentation to the executive team. Plan time after the presentation to field questions, engage in follow-up information sessions, and act on feedback.

    Note: Refer to your organization's standards and norms for executive-level presentations and either adapt the Info-Tech template accordingly or use your own.

    Input Output
    • Tabular and graphical data outputs in the IT Spend & Staffing Transparency Workbook
    • Executive presentation summarizing your organization's actual IT spend
    Materials Participants
    • IT Spend & Staffing Transparency Workbook
    • IT Staff & Spend Executive Presentation Template
    • CIO/IT directors
    • IT financial lead
    • Other IT management

    Download the IT Spend & Staffing Transparency Executive Presentation TemplateTemplate

    Phase 5: Identify implications for IT

    Achievement summary

    You've done the hard part in starting your IT spend transparency journey. You have:

    • Analyzed the results of your IT spend mapping process.
    • Revisited your transparency objectives.
    • Prepared an executive presentation so you can share findings with other leaders in your organization.

    "Having internal conversations, especially if there is doubt, allows for accuracy and confidence in your model. I was showing someone the cost of a service he managed. He didn't believe the service was so expensive. We went through it: here are the people we allocated, the assets we allocated, and the software we allocated. It was right - that was the total cost. He was like, 'No way. Wow.' The costs were high, and the transparency is what allowed for a conversation on cost optimization."
    - Monica Braun, Research Director, ITFM Practice, Info-Tech Research Group

    Next Steps

    Achieve IT Spend & Staffing Transparency

    This final section will provide you with:

    • An overall summary of accomplishment
    • Recommended next steps
    • A list of contributors to this research
    • Some related Info-Tech resources to help you grow your ITFM practice

    Summary of Accomplishment

    Congratulations! You now have a fully transparent view of your IT spend.

    You've now mapped the entirety of technology spend in your organization. You've:

    1. Learned the key sources of spend data and information in your organization.
    2. Set some standards for data organization and labeling.
    3. Have a methodology for continuing to track and document spend in a transparent way.
    4. Crafted an executive presentation that's a first step in having more meaningful and constructive conversations about IT spend with your key stakeholders.

    What's next?

    With a reliable baseline, you can look forward to more informed and defensible IT budgeting and cost optimization. Use your newly-transparent IT spend as a foundation for improving your financial data hygiene in the near term and evolving your overall ITFM governance maturity in the long-term.

    If you would like additional support, have our analysts guide you through an Info-Tech full-service engagement or Guided Implementation.

    Contact your account representative for more information.

    1-888-670-8889

    Research Contributors and Experts

    Monica Braun, Research Director, ITFM Practice

    Monica Braun
    Research Director, ITFM Practice
    Info-Tech Research Group

    Dave Kish, Practice Lead, ITFM Practice

    Dave Kish
    Practice Lead, ITFM Practice
    Info-Tech Research Group

    Kennedy Confurius, Research Analyst, ITFM Practice

    Kennedy Confurius
    Research Analyst, ITFM Practice
    Info-Tech Research Group

    Aman Kumari, Research Specialist, ITFM Practice

    Aman Kumari
    Research Specialist, ITFM Practice
    Info-Tech Research Group

    Rex Ding, Research Specialist, ITFM Practice

    Rex Ding
    Research Specialist, ITFM Practice
    Info-Tech Research Group

    Angie Reynolds, Principal Research Director, ITFM Practice

    Angie Reynolds
    Principal Research Director, ITFM Practice
    Info-Tech Research Group

    Related Info-Tech Research

    Build Your IT Cost Optimization Roadmap

    • Cost optimization often doesn't go beyond the cutting part, but cutting costs isn't strategic - it's reactive and can easily result in mistakes.
    • True cost optimization is much more than this. Re-focus your efforts on optimizing your cost-to-value ratio and implementing a sustainable cost-optimization practice.

    Build an IT Budget

    • Budgetary approval is difficult because finance executives have a limited understanding of IT and use a different vocabulary.
    • Detailed budgets must be constructed in a way that is transparent but at a level of appropriate detail in order to limit complexity and confusion.

    Manage an IT Budget

    • No one likes to be over budget, but being under budget isn't necessarily good either.
    • Implement a budget management process that documents your planned budget and actual expenditures, tracks variances, and responds to those variances to stay on track.
    • Control for under- or overspending using Info Tech's budget management tool and tactics.

    APPENDIX

    Sample shared business services

    Sample industry-specific business services

    Sample shared business functions

    Business function Definition
    Human Resources The management of the recruitment, training, development, appraisal, compensation/reward, retention, and departure of employees in an organization. Does not include management of subcontractor or outsourced relationships.
    Finance and Accounting The management and analysis of an organization's revenue, funds, spend, investments, financial transactions, accounts, and financial statements. Often includes enterprise asset management.
    Procurement and Supplier Management Acquiring materials, goods, and services from an external party, including identifying potential suppliers/providers, managing tendering or bidding processes, negotiating terms and agreements, and managing the relationship with the vendor/provider.
    Information Technology The development, management, and optimization of information technology resources and systems over their lifecycle in support of an organization's work priorities and goals. Includes computer-based information and communication systems, but typically excludes industrial operational technologies.
    Legal Expertise in interpretation, implication, and application of legislation and regulation that affects the enterprise, including guidance and support in the areas of risk, contracting, compliance, ownership, and litigation.
    Regulatory Affairs and Compliance Management Identification, operationalization, monitoring, reporting, and enforcement of the standards, rules, codes, and laws that apply to an organization's operating environment and the products and services it offers.
    Sales Transactional provision of a product or service to a buyer at an agreed-upon price. Includes identifying and developing prospective buyers, presenting and explaining the product/service, overcoming prospect objections and concerns to purchase, negotiating terms, developing contracts, and billing or invoicing.
    Customer Service and Support A range of activities designed to optimize the customer experience with an organization and its products and services throughout the customer lifecycle with the goals of retaining the customer; encouraging additional spend or consumption; the customer positively influencing other potential customers; and minimizing financial and reputational business risks.
    Marketing and Advertising Understanding customer/prospect needs, developing strategies to meet those needs, and promotion of the organization's products/services to a target market via a range of channels to maximize revenue, membership, donations, and/or develop the organization's brand or reputation. Includes market research and analysis and promotion, campaign, and brand management.

    Sample industry-specific functions

    Supply chain and capital-intensive industries.

    Industry function Definition
    Product Innovation Research, design, development, and launch of new products, including the engineering of their underlying production processes.
    Product and Service Portfolio Management The management of an organization's collection of products and services, including management of the product/service roadmap; product/service portfolio and catalog; product/service quality and performance; and product/service pricing, bundling and markdown.
    Logistics and Supply Chain Management Sourcing raw materials or component parts needed and shipping of a finished product. Includes demand planning; procurement/supplier management; inventory management; yard management; allocation management; fulfillment and replenishment; and product distribution and delivery.
    Production Operations Manufacture, storage, and tracking of a product and ensuring product and production process quality. Includes operations management, materials management, quality/safety control, packaging management, and management of the tools, equipment, and technologies that support it.
    Architecture & Engineering The design and planning of structures or critical infrastructure systems according to scientific, functional, and aesthetic principles.
    Construction New construction, assembly, or alteration of buildings and critical infrastructure (e.g. transportation systems; telecommunications systems; utilities generation/transmission/distribution facilities and systems). Includes management of all construction project plans and the people, materials, and equipment required to execute.
    Real Estate Management Management of any residential, commercial, or industrial real estate holdings (land and buildings), including any financial dealings such as its purchase, sale, transfer, and rental as well as ongoing maintenance and repair of associated infrastructure and capital assets.

    Sample industry-specific functions

    Financial services and insurance industries.

    Industry function Definition
    Core Banking Services Includes ATM management; account management (opening, deposit/withdrawal, interest calculation, overdraft management, closing); payments processing; funds transfers; foreign currency exchange; cash management.
    Loan, Mortgage, and Credit Services Includes application, adjudication, and approval; facility; disbursement/card issuance; authorization management; merchant services; interest calculation; billing/payment; debt/collections management.
    Investment and Wealth Management Processes for the investment of premiums/monies received from policy holders/customers to generate wealth. Often two-pronged: internal investment to fund claim payout in the case of insurance, and customer-facing investment as a financial service (e.g. retirement planning/annuities). Includes product development and management, investment management, safety deposit box services, trust management services.
    Actuarial Analysis & Policy Creation Development of new policy products based on analysis of past losses and patterns, forecasts of financial risks, and assessment of potential profitability (i.e. actuarial science). These processes also include development of rate schedules (pricing) and the reserves that the insurer needs to have available for potential claim payouts.
    Underwriting & Policy Administration Processes for assessing risk of a potential policy holder; determining whether to insure them or not; setting the premiums the policy holder must pay; and administering the policy over the course of its lifecycle (including updates and billing).
    Claims Processing & Claims Management Processes for receiving, investigating, evaluating, approving/denying, and disbursing a claim payout. This process is unique to the insurance industry. In health insurance, ongoing case management processes need to be considered here whereby the insurer monitors and approves patient treatments over a long-term basis to ensure that the treatments are both necessary and beneficial.

    Sample industry-specific functions

    Healthcare industry

    Industry function Definition
    Patient Intake & Admissions Processes whereby key pieces of information about a patient are registered, updated, or confirmed with the healthcare provider in order to access healthcare services. Includes patient triage, intake management, and admissions management. These processes are generally administrative in nature.
    Patient Diagnosis A range of methods for determining the medical condition a patient has in order to provide appropriate care or treatment. Includes examination, consultation, testing, and diagnostic imaging.
    Patient Treatment The range of medical procedures, methods, and interventions to mitigate, relieve, or cure a patient's symptom, injury, disease, or other medical condition. Includes consultation and referral; treatment and care planning; medical procedure management; nursing and personal support; medicine management; trauma management; diet and nutrition management; and patient transportation.
    Patient Recovery & Ongoing Care Processes and methods for tracking the progress of a patient post-treatment; improving their health outcomes; restoring, maintaining, or improving their quality of life; and discharging or transferring them to other providers. Includes remote monitoring of vital parameters, physical therapy, post-trauma care, and a range of restorative and lifestyle modification programs.

    Sample industry-specific functions

    Gaming and hospitality industries

    Industry function Definition
    Accommodation Short-term lodging in hotel facilities. Includes management and maintenance of guest rooms and common spaces, amenities (e.g. swimming pool), and other related services (e.g. valet parking).
    Gaming Includes table wagering games and gambling activities such as slot machines or any other activity that includes on premises mobile casino gaming.
    Food & Beverage Services Food and beverages prepared, served, or available for sale by the hotel on the hotel premises via restaurants and bars and room service. Excludes catering (see Events Management) and management or operation of independent leased food and beverage establishments located on the hotel premises.
    Entertainment & Events Planning, coordination, and on-premises hosting of events including conferences, conventions, trade shows, parties, ceremonies and live entertainment, and other forms of recreation on the hotel premises. Includes all aspects of entertainment operations, facility management and catering for the event.

    Master the Secrets of VMware Licensing to Maximize Your Investment

    • Buy Link or Shortcode: {j2store}138|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Licensing
    • Parent Category Link: /licensing
    • A lack of understanding around VMware’s licensing models, bundles, and negotiation tactics makes it difficult to negotiate from a position of strength.
    • Unfriendly commercial practices combined with hyperlink-ridden agreements have left organizations vulnerable to audits and large shortfall payments.
    • Enterprise license agreements (ELAs) come in several purchasing models and do not contain the EULA or various VMware product guide documentation that governs license usage rules and can change monthly.
    • Without a detailed understanding of VMware’s various purchasing models, shelfware often occurs.

    Our Advice

    Critical Insight

    • Contracts are typically overweighted with a discount at the expense of contractual T&Cs that can restrict license usage and expose you to unpleasant financial surprises and compliance risk.
    • VMware customers almost always have incomplete price information from which to effectively negotiate a “best in class” ELA.
    • VMware has a large lead in being first to market and it realizes that running dual virtualization stacks is complex, unwieldy, and expensive. To further complicate the issues, most skill sets in the industry are skewed towards VMware.

    Impact and Result

    • Negotiate desired terms and conditions at the start of the agreement, and prioritize which use rights may be more important than an additional discount percentage.
    • Gather data points and speak with licensing partners to determine if the deal being offered is in fact as great as VMware says it is.
    • Beware of out-year pricing and ELA optimization reviews that may provide undesirable surprises and more spend than was planned.

    Master the Secrets of VMware Licensing to Maximize Your Investment Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Manage Your VMware Agreements – Use the Info-Tech tools capture your existing licenses and prepare for your renewal bids.

    Use Info-Tech’s licensing best practices to avoid shelfware with VMware licensing and remain compliant in case of an audit.

    • Master the Secrets of VMware Licensing to Maximize Your Investment Storyboard

    2. Manage your VMware agreements

    Use Info-Tech’s licensing best practices to avoid shelfware with VMware licensing and remain compliant in case of an audit.

    • VMware Business as Usual – Install Base SnS Renewal Only Tool
    • VMware ELA RFQ Template

    3. Transition to the VMWare Cloud – Use these tools to evaluate your ELA and vShpere requirements and make an informed choice.

    Manage your renewals and transition to the cloud subscription model.

    • VPP Transactional Purchase Tool
    • VMware ELA Analysis Tool
    • vSphere Edition 7 Features List

    Infographic

    Further reading

    Master the Secrets of VMware Licensing to Maximize Your Investment

    Learn the essential steps to avoid overspending and to maximize negotiation leverage with VMware.

    EXECUTIVE BRIEF

    Analyst Perspective

    Master the Secrets of VMware Licensing to Maximize Your Investment.

    The image contains a picture of Scott Bickley.

    The mechanics of negotiating a deal with VMware may seem simple at first as the vendor is willing to provide a heavy discount on an enterprise license agreement (ELA). However, come renewal time, when a reduction in spend or shelfware is needed, or to exit the ELA altogether, the process can be exceedingly frustrating as VMware holds the balance of power in the negotiation.

    Negotiating a complete agreement with VMware from the start can save you from an immense headache and unforeseen expenditures. Many VMware customers do not realize that the terms and conditions in the Volume Purchasing Program (VPP) and Enterprise Purchasing Program (EPP) agreements limit how and where they are able to use their licenses.

    Furthermore, after the renewal is complete, organizations must still worry about the management of various license types, accurate discovery of what has been deployed, visibility into license key assignments, and over and under use of licenses.

    Preventive and proactive measures enclosed within this blueprint will help VMware clients mitigate this minefield of challenges.

    Scott Bickley
    Practice Lead, Vendor Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    VMware's dominant position in the virtualization space can create uncertainty to your options in the long term as well as the need to understand:

    • The hybrid cloud model.
    • Hybrid VM security and management.
    • New subscription license model and how it affects renewals.

    Make an informed decision with your VMware investments to allow for continued ROI.

    There are several hurdles that are presented when considering a VMware ELA:

    • Evolving licensing and purchasing models
    • Understanding potential ROI in the cloud landscape
    • Evolving door of corporate ownership

    Overcoming these and other obstacles are key to long-term satisfaction with your VMware infrastructure.

    Info-Tech has a two-phase approach:

    • Manage your VMware agreements.
    • Plan a transition to the cloud.

    A tactical roadmap approach to VMware ELA and the cloud will ensure long-term success and savings.

    Info-Tech Insight

    VMware customers almost always have incomplete price information from which to effectively negotiate a “best in class” ELA.

    Your challenge

    VMware's dominant position in the virtualization space can create uncertainty to your options in the long term driven by:

    • VMware’s dominant market position and ownership of the virtualization market, which is forcing customers to focus on managing capacity demand to ensure a positive ROI on every license.
    • The trend toward a hybrid cloud for many organizations, especially those considering using VMware in public clouds, resulting in confusion regarding licensing and compliance scenarios.

    ELAs and EPPs are generally the only way to get a deep discount from VMware.

    The image contains a pie chart to demonstrate that 85% have answered yes to being audited by VMware for software license compliance.

    Common obstacles

    There are several hurdles that are presented when considering a VMware ELA.

    • A lack of understanding around VMware’s licensing models, bundles, and negotiation tactics makes it difficult to negotiate from a position of strength.
    • Unfriendly commercial practices combined with hyperlink-ridden agreements have left organizations vulnerable to audits and large shortfall payments.
    • ELAs come in several purchasing models and do not contain the EULA or various VMware product guide documentation that govern license usage rules and can change monthly.

    Competition is a key driver of price

    The image contains a screenshot of a bar graph to demonstrate virtualization market share % 2022.

    Source: Datanyze

    Master the Secrets of VMware Licensing to Maximize your Investment

    The image contains a screenshot of the Thought model on Master the secrets of VMware Licensing to Maximize your Investment.

    Info-Tech’s methodology for Master the Secrets of VMware Licensing to Maximize Your Investment

    1. Manage Your VMware Agreements

    2. Transition to the VMware Cloud

    Phase Steps

    1.1 Establish licensing requirements

    1.2 Evaluate licensing options

    1.3 Evaluate agreement options

    1.4 Purchase and manage licenses

    1.5 Understand SnS renewal management

    2.1 Understand the VMware subscription model

    2.2 Migrate workloads and licenses

    2.3 Manage SnS and cloud subscriptions

    Phase Outcomes

    Understanding of your licensing requirements and what agreement option best fits your needs for now and the future.

    Knowledge of VMware’s sales model and how to negotiate the best deal.

    Knowledge of the evolving cloud subscription model and how to plan your cloud migration and transition to the new licensing.

    Insight summary

    Overarching insight

    With the introduction of the subscription licensing model, VMware licensing and renewals are becoming more complex and require a deeper understanding of the license program options to best manage renewals and cloud deployments as well as to maximize legacy ROI.

    Phase 1 insight

    Contracts are typically overweighted with a discount at the expense of contractual T&Cs that can restrict license usage and expose you to unpleasant financial surprises and compliance risk.

    Phase 1 insight

    VMware has a large lead in being first to market and it realizes running dual virtualization stacks is complex, unwieldy, and expensive. To further complicate the issues, most skill sets in the industry are skewed toward VMware.

    Phase 2 insight

    VMware has purposefully reduced a focus on the actual license terms and conditions; most customers focus on the transactional purchase or the ELA document, but the rules governing usage are on a website and can be changed by VMware regularly.

    Tactical insight

    Beware of out-year pricing and ELA optimization reviews that may provide undesirable surprises and more spend than was planned.

    Tactical insight

    Negotiate desired terms and conditions at the start of the agreement, and prioritize which use rights may be more important than an additional discount percentage.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    VMware ELA Analysis Tool

    VMware ELA RFQ Template Tool

    VPP Transaction Purchase Tool

    VMware ELA Analysis Tool

    Use this tool as a template for an RFQ with VMware ELA contracts.

    Use this tool to analyze cost breakdown and discount based on your volume purchasing program (VPP) level.

    The image contains screenshots of the VMware ELA Analysis Tool. The image contains a screenshot of the VMware ELA RFQ template tool. The image contains a screenshot of the VPP Transaction Purchase Tool.

    Key deliverable:

    VMware Business as Usual SnS Renewal Only Tool

    Use this tool to analyze discounts from a multi-year agreement vs. prepay. See how you can get the best discount.

    The image contains screenshots of the VMware Business as Usual SnS Renewal Only Tool.

    Blueprint Objectives

    The aim of this blueprint is to provide a foundational understanding of VMware’s licensing agreement and best practices to manage them.

    Why VMware

    What to Know

    The Future

    VMware is the leader in OS virtualization, however, this is a saturated market, which is being pressured by public and hybrid cloud as a competitive force taking market share.

    There are few viable alternatives to VMware for virtualization due to vendor lock-in of existing IT infrastructure footprint. It is too difficult and cost prohibitive to make a shift away from VMware even when alternative solutions are available.

    ELAs are the preferred method of contracting as it sets the stage for a land-and-expand product strategy; once locked into the ELA model, customers must examine VMware alternatives with preference or risk having Support and Subscription Services (SnS) re-priced at retail.

    VMware does not provide a great deal of publicly available information regarding its enterprise license agreement (ELA) options, leaving a knowledge gap that allows the sales team to steer the customer.

    VMware is taking countermeasures against increasing competition.

    Recent contract terms changed to eliminate perpetual caps on SnS renewals; they are now tied to a single year of discounted SnS, then they go to list price.

    Migration of list pricing to a website versus contract, where pricing can now be changed, reducing discount percentage effectiveness.

    Increased audits of customers, especially those electing to not renew an ELA.


    Examining VMware’s vendor profile

    Turbonomics conducted a vendor profile on major vendors, focusing on licensing and compliance. It illustrated the following results:

    The image contains a pie graph to demonstrate that the majority of companies say yes to using license enterprise software from VMware.

    The image contains a bar graph to demonstrate what license products organizations use of VMware products.

    Source: Turbonomics
    N-sample size

    Case Study

    The image contains a logo for ADP.

    INDUSTRY: Finance

    SOURCE: VMware.com

    “We’ll have network engineers, storage engineers, computer engineers, database engineers, and systems engineers all working together as one intact team developing and delivering goals on specific outcomes.” – Vipul Nagrath, CIO, ADP

    Improving developer capital management

    Constant innovation helped ADP keep ahead of customer needs in the human resources space, but it also brought constant changes to the IT environment. Internally, the company found it was spending too long working on delivering the required infrastructure and system updates. IT staff wanted to improve velocity for refreshes to better match the needs of ADP developers and encourage continued development innovation.

    Business needs

    • Improve turnaround time on infrastructure refreshes to better meet developer roadmaps.
    • Establish an IT culture that works at the global scale of ADP and empowers individual team members.
    • Streamline approach toward infrastructure resource delivery to reduce need for manual management.

    Impact

    • Infrastructure resource delivery reduced from 100+ days to minutes, improving ADP developer efficiency.
    • VMware Cloud™ on AWS establishes seamless private and public cloud workflows, fostering agility and innovation.
    • Automating IT management redirects resources to R&D, boosting time to market for new services.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.” “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.” “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.” “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3

    Call #1: Discuss scope requirements, objectives, and your specific challenges.

    Call #2: Assess the current state.

    Determine licensing position.

    Call #3: Complete a deployment count, needs analysis, and internal audit.

    Call #4: Review findings with analyst:

    • Review licensing options.
    • Review licensing rules.
    • Review contract option types.

    Call #5: Select licensing option. Document forecasted costs and benefits.

    Call #6: Review final contract:

    • Discuss negotiation points.
    • Plan a roadmap for SAM.

    Call #7: Negotiate final contract. Evaluate and develop a roadmap for SAM.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 2 to 6 calls over the course of 1 to 2 months.

    Phase # 1

    Manage Your VMware Agreements

    Phase 1

    Phase 2

    1.1 Establish licensing requirements

    1.2 Evaluate licensing options

    1.3 Evaluate agreement options

    1.4 Purchase and manage licenses

    2.1 Understand the VMware subscription model

    2.2 Migrate workloads and licenses

    2.3 Discuss the VMware sales approach

    2.4 Manage SnS and cloud subscriptions

    This phase will walk you through the following activities:

    • Understanding the VMware licensing model
    • Understanding the license agreement options
    • Understanding the VMware sales approach

    This phase will take you thorough:

    • The new VMware subscription movement to the cloud
    • How to prepare and migrate
    • Manage your subscriptions efficiently

    1.1 Establish licensing requirements

    VMware has greatly improved the features of vSphere over time.

    vSphere Main Editions Overview

    • vSphere Standard – Provides the basic features for server consolidation. A support and subscription contract (SnS) is mandatory when purchasing the vSphere Standard.
    • vSphere Enterprise Plus – Provides the full range of vSphere features. A support and subscription contract (SnS) is mandatory when purchasing the Enterprise Plus editions.
    • vSphere Essentials kit – The Essentials kit is an all-in-one solution for small environments with up to three hosts (2 CPUs on each host). Support is optional when purchasing the Essentials kit and is available on a per-incident basis.
    • vSphere Essentials Plus kit – This is similar to the Essentials kit and provides additional features such as vSphere vMotion, vSphere HA, and vSphere replication. A support and subscription contract (SnS) is sold separately, and a minimum of one year of SnS is required.

    Review vSphere Edition Features

    The image contains a screenshot to review the vSphere Edition Features.

    Download the vSphere Edition 7 Features List

    1.2 Evaluate licensing options

    VMware agreement types

    Review purchase options to align with your requirements.

    Transactional VPP EPP ELA

    Transactional

    Entry-level volume license purchasing program

    Mid-level purchasing program

    Highest-level purchasing program

    • Purchasing in this model is not recommended for business purposes unless very infrequent and low quantities.
    • 250 points minimum
    • Four tiers of discounts
    • Rolling eight-quarter points accumulation period
    • Discounts on license only

    Deal size of initial purchase typically is:

    • US$250K MSRP License + SnS (2,500 tokens)
    • Exceptions do exist with purchase volume

    Minimum deal size of top-up purchase:

    • US$50K MSRP License + SnS (500 tokens)
    • Initial purchase determines token level
    • Three-year term

    Minimum deal size of initial purchase:

    • US$150K-$250K
    • Discounted licenses and SnS through term of contract
    • Single volume license key
    • No final true-up
    • Global deployment rights and consolidation of multiple agreements

    1.2.1 The Volume Purchasing Program (VPP)

    This is the entry-level purchasing program aimed at small/mid-sized organizations.

    How the program works

    • The threshold to be able to purchase from the VPP program is 250 points minimum, equivalent to $25,000.
    • Discounts attained can only be applied to license purchases. They do not apply to service and support/renewals. Discounts range from 4% to 12%.
    • For the large majority of products 1 VPP point = ~$100.
      • Point values will be the same globally.
      • Point ratios may vary over time as SKUs are changed.
      • Points are valid for two years.

    Benefits

    • Budget predictability for two years.
    • Simple license purchase process.
    • Receive points on qualifying purchases that accumulate over a rolling eight-quarter period.
    • Online portal for tracking purchases and eligible discounts.
    • Global program where affiliates can purchase from existing contract.

    VPP Point & Discount Table

    Level

    Point Range

    Discount

    1

    250-599

    4%

    2

    600-999

    6%

    3

    1,000-1,749

    9%

    4

    1,750+

    12%

    Source: VMware Volume Purchasing Program

    1.2.2 Activity VPP Transactional Purchase Tool

    1-3 hours

    Instructions:

    1. Use the tool to analyze the cost breakdown and discount based on your Volume Purchasing Program level.
    2. On tab 1, Enter SnS install base renewal units and or new license details.
    3. Review tab 2 for Purchase summary.

    The image contains a screenshot of the VPP Transactional Purchase Tool.

    Input Output
    • SnS renewal details
    • New license requirements and pricing
    • Transaction purchase summary
    • Estimated VPP purchase level
    Materials Participants
    • Current VMware purchase orders
    • Any SnS renewal requirements
    • Transaction Purchase Tool
    • Procurement
    • Vendor Management
    • Licensing Admin

    Download the VPP Transactional Purchase Tool

    1.3 Evaluate agreement options

    Introduction to EPP and ELA

    What to know when using a token/credit-based agreement.

    Token/credit-based agreements carry high risk as customers are purchasing a set number of tokens/credits to be redeemed during the ELA term for licenses.

    • Tokens/credits that are not used during the ELA term expire and become worthless.
    • By default in most agreements (negotiation dependent), tokens/credits are tied to pricing maintained by VMware on its website that is subject to change (increase usually), resulting in a reduced value for the tokens/credits.
      • Therefore, it is necessary to negotiate to have current list prices for all products/versions included in the ELA to prevent price increases while in the current ELA term.
    • Token-based agreements may come with a lower overall discount level as VMware is granting more flexibility in terms of the wider product selection offered, vendor cost of overhead to manage the redemption program, currency exchange risks, and more complex revenue recognition headaches.

    1.3.1 The Enterprise Purchasing Program (EPP)

    This is aimed at mid-tier customers looking for flexibility with deeper discounting.

    How the program works

    • Token-based program in which tokens are redeemed for licenses and/or SnS.
      • Tokens can be added at any time to active fund.
      • Token usage is automatically tracked and reported.
    • Minimum order of 2,500 tokens, equivalent to $250,000 (1 token=$100).
      • Exceptions have been made, allowing for lower minimum spends.
    • Restricted to specific regions, not a global agreement.
    • Self-service portal for access to license keys and support entitlements.
    • Deeper discounting than the VMware Volume Purchase Program.
    • EPP initial purchase gets VPP L4 for four years.

    Benefits

    • Able to mix and match VMware products, manage licenses, and adjust deployment strategy.
    • Prices are protected for term of the EPP agreement.
    • Number of tokens needed to obtain a product or SnS are negotiated at the start of the contract and fixed for the term.
    • SnS is co-termed to the EPP term.
    • Ability to purchase new products that become available at a future date and are listed on the EPP Eligibility Matrix.

    EPP Level & Point Table

    Level

    Point Range

    7

    2,500-3,499

    8

    3,500-4,499

    9

    4,500-5,999

    10

    6,000+

    Source: VMware Volume Purchasing Program

    1.3.2 The ELA is aimed at large global organizations, offering the deepest discounts with operational benefits and flexibility

    What is an ELA?

    • The ELA agreement provides the best vehicle for global enterprises to obtain maximum discounts and price-hold protection for a set period of time. Discounts and price holds are removed once an ELA has expired.
    • The ELA minimum spend previously was $500,000. Purchase volume now generally starts at $250K total spend with exceptions and, depending on VMware, it may be possible to attain for $150K in net-new license spend.

    Key things to know

    • Customers pay up front for license and SnS rights, but depending on the deployment plans, the value of the licenses is not realized and/or recognized for up to two years after point of purchase.
    • License and SnS is paid up front for a three-year period in most ELAs, although a one- or two-year term can be negotiated.
    • Licenses not deployed in year one should be discounted in value and drive a re-evaluation of the ELA ROI, as even heavily discounted licenses that are not used until year three may not be such a great deal in retrospect.
      • Use a time value of money calculation to arrive at a realistic ROI.
      • Partner with Finance and Accounting to ensure the ROI also clears any Internal Hurdle Rate (IHR).
      • Share and strategically position your IHR with VMware and resellers to ensure they understand the minimum value an ELA deal must bring to the table.
    • Organizational changes, such as merger, acquisition, and divestiture (MAD) activities, may result in the customer paying for license rights that can no longer be used and/or require a renegotiated ELA.

    Info-Tech Insight

    If a legacy ELA exists that has “deploy or lose” language, engage VMware to recapture any lost license rights as VMware has changed this language effective with 2016 agreements and there is an “appeals” process for affected customers.

    1.3.3 Select the best ELA variant to match your specific demand profile and financial needs

    The advantages of an ELA are:

    • Maximum discount level + price protection
    • SnS discounted at % of net license fee
    • Sole option for global use territory rights

    General disadvantages are:

    • Term lock-in with SnS for three years
    • Pay up front and if defer usage, ROI drops
    • Territory rights priced at a premium versus domestic use rights

    Type of ELAs

    ELA Type

    Description

    Pros and Cons

    Capped (max quantities)

    Used to purchase a specific quantity and type of license.

    Pro – Clarity on what will be purchased

    Pro – Lower risk of over licensing

    Con – Requires accurate forecasting

    All you can eat or unlimited

    Used to purchase access to specified products that can be deployed in unlimited quantities during the ELA term.

    Pro – Acquire large quantity of licenses

    Pro – Accurate forecasting not critical

    Con – Deployment can easily exceed forecast, leading to high renewal costs

    Burn-down

    A form of capped ELA purchase that uses prepaid tokens that can be used more flexibly to acquire a variety of licenses or services. This can include the hybrid purchasing program (HPP) credits. However, the percentage redeemable for VMware subscription services may be limited to 10% of the MSRP value of the HPP credit.

    Pro – Accurate demand forecast not critical

    Pro – Can be used for products and services

    Con – Unused tokens or credits are forfeited

    True-up

    Allows for additional purchases during the ELA term on a determined schedule based on the established ELA pricing.

    Pro – Consumption payments matched after initial purchase

    Pro – Accurate demand forecast not critical

    Con – Potentially requires transaction throughout term

    1.4 Purchase and manage licenses

    Negotiating ELA terms and conditions

    Editable copies of VMware’s license and governance documentation are a requirement to initiate the dialogue and negotiation process over T&Cs.

    VMware’s licensing is complex and although documentation is publicly available, it is often hidden on VMware’s website.

    Many VMware customers often overlook reviewing the license T&Cs, leaving them open to compliance risks.

    It is imperative for customers to understand:

    • Product definition for licensing of each acquired product
    • Products included by bundle
    • Use restrictions:
      • The VMware Product Guide, which includes information about:
        • ELA Order Forms, Amendments, Exhibits, EULA, Support T&Cs, and other policies that add dozens of pages to a contractual agreement.
        • All of these documents are web based and can change monthly; URL links in the contract do not take the user to the actual document but a landing page from which customers must find the applicable documents.
      • Obtain copies of ALL current documents at the time of your order and keep as a reference in the CLM and SAM systems.

    Build in time to obtain, review, and negotiate these documents (easily weeks to months).

    1.4.1 Negotiating ELA terms and conditions specifics

    License and Deployment

    • Review perpetual use rights for all licenses purchased under the ELA (exception being subscription services).
    • Carefully scrutinize contract language for clearly defined deployment rights.
      • Some agreements contain language that terminates the use rights for licenses not deployed by the end of the ELA term.
    • While older contracts would frequently contain clearly defined token values and product prices for the ELA term, VMware has moved away from this process and now refers to URL links for current MSRP pricing.

    Use Rights

    • The customer’s legal entities and territories listed in the contract are hard limits on the license usage via the VMware Product Guide definitions. Global use rights are not a standard license grant with VMware license agreement by default. Global rights are usually tied to an ELA.
    • VMware audits most aggressively against violations of territory use rights and will use the non-compliance events to resolve the issue via a commercial transaction.
      • Negotiate for assignment rights with no strings attached in terms of fees or multi-party consent by future affiliates or successors to a surviving entity.
    • Extraordinary Corporate Transaction clause: VMware’s standard language prevents customers from using licenses within the ELA for any third party that becomes part of customer’s business by way of acquisition, merger, consolidation, change of control, reorganization, or other similar transaction.
      • Request VMware to drop this language.
    • Include any required language pertaining to MAD events as default language will not allow for transfer or assignment of license rights.

    Checklist of necessary information to negotiate the best deal

    Product details that go beyond the sales pitch

    • Product family
    • Unique product SKU for license renewal
    • Part description
    • Current regional or global price list
    • One and three-year proposal for SnS renewals including new license and SnS detail
    • SnS term dates
    • Discount or offered prices for all line items (global pricing is generally ~20% higher than US pricing)

    Different support levels (e.g. basic, enterprise, per incident)

    • Standard pricing:
      • Basic Support = 21% of current list price (12x5)
      • Production Support = 25% of current list price (24x7 for severity 1 issues) – defined in VMware Support and Subscription Services T&Cs; non-severity 1 issues are 12x5

    Details to ensure the product being purchased matches the business needs

    • Realizing after the fact the product is insufficient with respect to functional requirements or that extra spend is required can be frustrating and extend expected timelines

    SnS renewals pricing is based on the (1) year SnS list price

    • This can be bundled for a multi-year discounted SnS rate (can result in 12%+ under VPP)

    Governing agreements, VPP program details

    • Have a printed copy of documents that are URL links, which VMware can change, allowing for surprises or unexpected changes in rules

    1.4.2 Activity VMware ELA Analysis Tool

    2-4 hours

    Instructions:

    1. As a group, review the various RFQ responses. Identify top three proposals and start to enter proposal details into the VPP Prepay or ELA tabs of the analysis tool.
    2. Review savings in the ELA Offer Analysis tab.

    The image contains screenshots of the VMware ELA Analysis Tool.

    Input Output
    • RFQ requirements data
    • RFQ response data
    • Analysis of ELA proposals
    • ELA savings analysis
    Materials Participants
    • RFQ response documents
    • ELA Analysis Tool
    • IT Leadership
    • Procurement
    • Vendor Management

    Download the VMware ELA Analysis Tool

    1.4.3 Negotiating ELA terms and conditions specifics: pricing, renewal, and exit

    VMware does not offer price protection on future license consumption by default.

    Securing “out years” pricing for SnS or the cost of SnS is critical or it will default to a set percentage (25%) of MSRP, removing the ELA discount.

    Typically, the out year is one year; maximum is two years.

    Negotiate the “go forward” SnS pricing post-ELA term as part of the ELA negotiations when you have some leverage.

    Default after (1) out year is to rise to 25% of current MSRP versus as low as 20% of net license price within the ELA.

    Carefully incorporate the desired installed-base licenses that were acquired pre-ELA into the agreement, but ensure unwanted licenses are removed.

    Ancillary but binding support policies, online terms and conditions, and other hyperlinked documentation should be negotiated and incorporated as part of the agreement whenever possible.

    1.4.4 Find the best reseller partner

    Seek out a qualified VMware partner that will work with you and with your interest as a priority:

    1. Resellers, at minimum, should have achieved an enterprise-level rating, as these partners can offer the deepest discounts and have more clout with VMware.
    2. Select your reseller prior to engaging in any RFX acquisition steps. Verify they are enterprise level or higher AND secure their written commitment to maximum pass-through of the discounting provided to them by VMware.
    3. Document and prioritize key T&Cs for your ELA and submit to your sales team along with a requirement and timeline for their formal response. Essentially, this escalates outside of the VMware process and disrupts the status quo. Ideally this will occur in advance of being presented a contract by VMware and be pre-emptive in nature.
    4. If applicable and of benefit or a high priority, seek out a reseller that is willing to finance the VMware upfront payment cost at a low or no interest rate.
    5. It will be important to have ELA-level deals escalated to higher levels of authority to obtain “best in class” discount levels, above and beyond those prescribed in the VMware sales playbook.
    6. VMware’s standard process is to “route” customers through a pre-defined channel and “deal desk” process. Preferred pricing of up to an additional 10% discount is reserved for the first reseller that registers the deal with VMware, with larger discounts reserved for the Enterprise and Premium partners. Additional discounts can be earned if the deal closes within specified time periods (First Deal Registration).

    1.4.5 Activity VMware ELA RFQ Template

    1-3 hours

    Use this tool for as a template for an RFQ with VMware ELA contracts.

    1. For SnS renewals that contain no new licenses, state that the requirement for award consideration is the provisioning of all details for each itemized SnS renewal product code corresponding to all the licenses of your installed base. The details for the renewals are to be placed in Section 1 of the template.
    2. SnS Renewal Options: Info-Tech recommends that you ask for one- and three-year SnS renewal proposals, assuming these terms are realistic for your business requirements. Then compare your SnS BAU costs for these two options against ELA offers to determine the best choice for your renewal.

    The image contains a screenshot of the VMware ELA RFQ Template.

    Input Output
    • Renewing SnS data
    • Agreement type options
    • Detailed list of required licenses
    • Summary list of SnS requirements
    Materials Participants
    • RFQ Template
    • SnS renewal summary
    • New license/subscription details
    • IT Leadership
    • Vendor Management
    • Procurement

    Download the VMware ELA RFQ Template

    1.4.6 Consider your path forward

    Consider your route forward as contract commitments, license compliance, and terms and conditions differ in structure to perpetual models previously used.

    • Are you able to accurately discover VMware licensing within your environment?
    • Is licensing managed for compliance? Are internal audits conducted so you have accurate results?
    • Have the product use rights been examined for terms and conditions such as geographic rights? Some T&Cs may change over time due to hyperlinked references within commercial documents.
    • How are Oracle and SQL being used within your VMware environment? This may affect license compliance with Oracle and Microsoft in virtualized environments.
    • Prepare for the Subscription model; it’s here now and will be the lead discussion with all VMware reps going forward.

    Shift to Subscription

    1. With the $64bn takeover by Broadcom, there will be a significant shift and pressure to the subscription model.
    2. Broadcom has significant growth targets for its VMware acquisition that can only be achieved through a strong press to a SaaS model.

    Info-Tech Insight

    VMware has a license cost calculator and additional licensing documents that can be used to help determine what spend should be.

    Phase # 2

    Transition to the VMware Cloud

    Phase 1

    Phase 2

    1.1 Establish licensing requirements

    1.2 Evaluate licensing options

    1.3 Evaluate agreement options

    1.4 Purchase and manage licenses

    2.1 Understand the VMware subscription model

    2.2 Migrate workloads and licenses

    2.3 Discuss the VMware sales approach

    2.4 Manage SnS and cloud subscriptions

    This phase will walk you through the following activities:

    • Understand the VMware licensing model
    • Understand the license agreement options
    • Understand the VMware sales approach

    This phase will take you thorough:

    • The new VMware subscription movement to the cloud
    • How to prepare and migrate
    • Manage your subscriptions efficiently

    2.1 Understand the VMware subscription model

    VMware Cloud Universal

    • VMware Cloud Universal unifies compute, network, and storage capabilities across infrastructures, management, and applications.
    • Take advantage of financial and cloud management flexibility by combining on-premises and SaaS capabilities for automation, operations, log analytics, and network visibility across your infrastructure.
    • Capitalize on VMware knowledge by integrating proven migration methods and plans across your transformation journey such as consumption strategies, business outcome workshops, and more.
    • Determine your eligibility to earn a one-time discount with this exclusive benefit designed to offset the value of your current unamortized VMware on-premises license investments and then reallocate toward your multi-cloud initiatives.

    2.2 Migrate workloads and licenses to the cloud

    There are several cloud migration options and solutions to consider.

    • VMware Cloud offers solutions that can provide a low-cost path to the cloud that will help accelerate modernization.
    • There are also many third-party solution providers who can be engaged to migrate workloads and other infrastructure to VMware Cloud and into other public cloud providers.
    • VMware Cloud can be deployed on many IaaS providers such as AWS, Azure, Google, Dell, and IBM.

    VMware Cloud Assist

    1. Leverage all available transition funding opportunities and any IaaS migration incentives from VMware.
    2. Learn and understand the value and capabilities of VMware vRealize Cloud Universal to help you transition and manage hybrid infrastructure.

    2.2.1 Manage your VMware cloud subscriptions

    Use VMware vRealize to manage private, public, and local environments.

    Combine SaaS and on-premises capabilities for automation, operations, log analytics, network visibility, security, and compliance into one license.

    The image contains a screenshot of a diagram to demonstrate VMware cloud subscriptions.

    2.3 The VMware sales approach

    Understand the pitch before entering the discussion

    1. VMware will present a PowerPoint presentation proposal comparing a Business-as-Usual (BAU) scenario versus the ELA model.
    2. Critical factors to consider if considering the proposed ELA are growth rate projections, deployment schedule, cost of non-ELA products/options, shelf-ware, and non-ELA discounts (e.g. VPP, multi-year, or pre-paid).
    3. Involving VMware’s direct account team along with your reseller in the negotiations can be beneficial. Keep in mind that VMware ultimately decides on the final price in terms of the discount that is passed through. Ensure you have a clear line of sight into how pricing is determined.
    4. Explore reseller incentives and promotional programs that may provide for deeper than normal discount opportunities.

    INFO-TECH TIP: Create your own assumptions as inputs into the BAU model and then evaluate the ELA value proposition instead of depending on VMware’s model.

    2.4 Manage SnS and cloud subscriptions

    The new subscription model is making SnS renewal more complex.

    • Start renewal planning four to six months prior to anniversary.
    • Work closely with your reseller on your SnS renewal options.
    • Request “as is” versus subscription renewal proposal from reseller or VMware with a “savings” component.
    • Consider and review multi-year versus annual renewal; savings will differ.
    • For the Subscription transition renewal model, ensure that credits for legacy licensing is provided.
    • Negotiate cloud transition investments and incentives from VMware.

    What information to collect and how to analyze it

    • Negotiating toward preferred terms on SnS is critical, more so than when new license purchases are made, as approximately 75-80% of server virtualization are at x86 workloads, where maintenance revenue is a larger source of revenue for VMware than new license sales.
    • All relevant license and SnS details must be obtained from VMware to include Product Family, Part Description, Product Code (SKU), Regional/Global List Price, SnS Term Dates, and Discount Price for all new licenses.
    • VMware has all costs tied to the US dollar; you must calculate currency conversion into ROI models as VMware does not adjust token values of products across geographies or currency of purchase. The token to dollar value by product SKU is locked for the three-year term. This translates into a variable cost model depending on how local currency fluctuates against the US dollar; time the initial purchase to take this into consideration, if applicable.
    • Products purchased based on MSRP price with each token contains a value of US$100. Under the Hybrid Purchasing Program (HPP) credit values and associated buying power will fluctuate over the term as VMware reserves the right to adjust current list prices. Consider locking in a set product list and pricing versus HPP.
    • Take a structured approach to discover true discounts via the use of a tailored RFQ template and options model to compare and contrast VMware ELA proposals.

    Use Info-Tech Research Group’s customized RFQ template to discover true discount levels and model various purchase options for VMware ELA proposals.

    The image contains a screenshot of the VMware RFQ Template Tool.

    Summary of accomplishment

    Knowledge Gained

    • The key pieces of licensing information that should be gathered about the current state of your own organization.
    • An in-depth understanding of the required licenses across all of your products.
    • Clear methodology for selecting the most effective contract type.
    • Development of measurable, relevant metrics to help track future project success and identify areas of strength and weakness within your licensing program.

    Processes Optimized

    • Senior leaders in IT now have a clear understanding of the importance of licensing in relation to business objectives.
    • Understanding of the various licensing considerations that need to be made.
    • Contract negotiation.

    Related Info-Tech Research

    Prepare for Negotiations More Effectively

    • IT budgets are increasing, but many CIOs feel their budgets are inadequate to accomplish what is being asked of them.
    • Eighty percent of organizations don’t have a mature, repeatable, scalable negotiation process.
    • Training dollars on negotiations are often wasted or ineffective.

    Price Benchmarking & Negotiation

    You need to achieve an objective assessment of vendor pricing in your IT contracts, but you have limited knowledge about:

    • Current price benchmarking on the vendor.
    • Pricing and negotiation intelligence.
    • How to secure a market-competitive price.
    • Vendor pricing tiers, models, and negotiation tactics.

    VMware vRealize Cloud Management

    VMware vCloud Suite is an integrated offering that brings together VMware’s industry-leading vSphere hypervisor and VMware vRealize Suite multi-vendor hybrid cloud management platform. VMware’s new portable licensing units allow vCloud Suite to build and manage both vSphere-based private clouds and multi-vendor hybrid clouds.

    Bibliography

    Barrett, Alex. “vSphere and vCenter licensing and pricing explained -- a VMware license guide.” TechTarget, July 2010. Accessed 7 May 2018.
    Bateman, Kayleigh. “VMware licensing, pricing and features mini guide.” Computer Weekly, May 2011. Accessed 7 May 2018.
    Blaisdell, Rick. “What Are The Common Business Challenges The VMware Sector Faces At This Point In Time?” CIO Review, n.d. Accessed 7 May 2018.
    COMPAREX. “VMware Licensing Program.” COMPAREX, n.d. Accessed 7 May 2018.
    Couesbot, Erwann. “Using VMware? Oracle customers hate this licensing pitfall.” UpperEdge, 17 October 2016. Accessed 7 May 2018.
    Crayon. “VMware Licensing Programs.” Crayon, n.d. Accessed 7 May 2018.
    Datanyze." Virtualization Software Market Share.” Datanyze, n.d. Web.
    Demers, Tom. “Top 18 Tips & Quotes on the Challenges & Future of VMware Licensing.” ProfitBricks, 1 September 2015. Accessed 7 May 2018.
    Fenech, J. “A quick look at VMware vSphere Editions and Licensing.” VMware Hub by Altaro, 17 May 2017. Accessed 7 May 2018.
    Flexera. “Challenges of VMware Licensing.” Flexera, n.d. Accessed 5 February 2018.
    Fraser, Paris. “A Guide for VMware Licensing.” Sovereign, 11 October 2016. Accessed 7 May 2018.
    Haag, Michael. “IDC Data Shows vSAN is the Largest Share of Total HCI Spending.” VMware Blogs, 1 December 2017. Accessed 7 May 2018.
    Kealy, Victoria. “VMware Licensing Quick Guide 2015.” The ITAM Review, 17 December 2015. Accessed 7 May 2018.
    Kirsch, Brian. “A VMware licensing guide to expanding your environment.” TechTarget, August 2017. Accessed 7 May 2018.
    Kirupananthan, Arun. “5 reasons to get VMware licensing right.” Softchoice, 16 April 2018. Accessed 7 May 2018.
    Knorr, Eric. “VMware on AWS: A one-way ticket to the cloud.” InfoWorld, 17 October 2016. Accessed 7 May 2018
    Leipzig. “Help, an audit! License audits by VMware. Are you ready?” COMPAREX Group, 2 May 2016. Accessed 7 May 2018.
    Mackie, Kurt. “VMware Rips Microsoft for Azure “Bare Metal” Migration Solution.” Redmond Magazine, 27 November 2017. Accessed 7 May 2018.
    Micromail. “VMware vSphere Software Licensing.” Micromail, n.d. Accessed 7 May 2018.
    Microsoft Corportation. “Migrating VMware to Microsoft Azure” Microsoft Azure, November 2017. Accessed 7 May 2018.
    Peter. “Server Virtualization and OS Trends.” Spiceworks, 30 August 2016. Accessed 7 May 2018.
    Rich. “VMware running on Azure.” The ITAM Review, 28 November 2017. Accessed 7 May 2018.
    Robb, Drew. “Everything you need to know about VMware’s licensing shake up.” Softchoice, 4 March 2016. Accessed 7 May 2018.
    Rose, Brendan. “How to determine which VMware licensing option is best.” Softchoice, 28 July 2015. Accessed 7 May 2018.
    Scholten, Eric. “New VMware licensing explained.” VMGuru, 12 July 2011. Accessed 7 May 2018.
    Sharwood, Simon. “Microsoft to run VMware on Azure, on bare metal. Repeat. Microsoft to run VMware on Azure.” The Register, 22 November 2017. Accessed 7 May 2018.
    Siebert, Eric. “Top 7 VMware Management Challenges.” Veeam, n.d. Web.
    Smith, Greg. “Will The Real HCI Market Leader Please Stand Up?” Nutanix, 29 September 2017. Accessed 7 May 2018.
    Spithoven, Richard. “Licensing Oracle software in VMware vCenter 6.0.” LinkedIn, 2 May 2016. Accessed 7 May 2018.
    VMTurbo, Inc. “Licensing, Compliance & Audits in the Cloud Era.” Turbonomics, November 2015. Web.
    VMware. “Aug 1st – Dec 31st 2016 Solution Provider Program Requirements & Incentives & Rewards.” VMware, n.d. Web.
    VMware. “Global Support and Subscription Services “SnS” Renewals Policy.” VMware, n.d. Web.
    VMware. “Support Policies.” VMware, n.d. Accessed 7 May 2018.
    VMware. “VMware Cloud Community.” VMware Cloud, n.d. Accessed 7 May 2018.
    VMware. “VMware Cloud on AWS” VMware Cloud, n.d. Accessed 7 May 2018.
    VMware. “VMware Enterprise Purchasing Program.” VMware, 2013. Web.
    VMware. “VMware Product Guide.” VMware, May 2018. Web.
    VMware. “VMware Volume Purchasing Program.” VMware, April 2019. Web.
    VMware. "VMware Case Studies." VMware, n.d. Web.
    Wiens, Rob. “VMware Enterprise Licensing – What You Need To Know. House of Brick, 14 April 2017. Accessed 7 May 2018

    Leverage Agile Goal Setting for Improved Employee Engagement & Performance

    • Buy Link or Shortcode: {j2store}593|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Manage & Coach
    • Parent Category Link: /manage-coach
    • Managers are responsible for driving the best performance out of their staff while still developing individuals professionally.
    • Micromanaging tasks is an ineffective, inefficient way to get things done and keep employees engaged at the same time.
    • Both managers and employees view goal setting as a cumbersome process that never materializes in day-to-day work.
    • Without a consistent and agile goal-setting environment that pervades every day, managers risk low productivity and disengaged employees.

    Our Advice

    Critical Insight

    • Effective performance management occurs throughout the year, on a daily and weekly basis, not just at annual performance review time. Managers must embrace this reality and get into the habit of setting agile short-term goals to drive productivity.
    • Employee empowerment is one of the most significant contributors to employee engagement, which is a proven performance driver. Short-term goal setting, which is ultimately employee-owned, develops and nurtures a strong sense of employee empowerment.
    • Micromanaging employee tasks will get managers nowhere quickly. Putting in the effort to collaboratively define goals that benefit both the organization and the employee will pay off in the long run.
    • Goal setting should not be a cumbersome activity, but an agile, rolling habit that ensures employees are focused, supported, and given appropriate feedback to continue to drive performance.

    Impact and Result

    • Managers who have daily meetings to set goals are 17% more successful in terms of employee performance than managers who set goals annually.
    • Managers must be agile goal-setting role models, or risk over a third of their staff being confused about productivity expectations.
    • Managers that allow tracking of goals to be an inhibitor to goal setting are most likely to have a negative effect on employee performance success. In fact, tracking goals should not be a priority in the short-term.

    Leverage Agile Goal Setting for Improved Employee Engagement & Performance Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Learn the agile, short-term goal-setting process

    Implement agile goal setting with your team right away and drive performance.

    • Storyboard: Leverage Agile Goal Setting for Improved Employee Engagement & Performance
    [infographic]

    Create an Architecture for AI

    • Buy Link or Shortcode: {j2store}344|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $604,999 Average $ Saved
    • member rating average days saved: 49 Average Days Saved
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management

    This research is designed to help organizations who are facing these challenges:

    • Deliver on the AI promise within the organization.
    • Prioritize the demand for AI projects and govern the projects to prevent overloading resources.
    • Have sufficient data management capability.
    • Have clear metrics in place to measure progress and for decision making.

    AI requires a high level of maturity in all data management capabilities, and the greatest challenge the CIO or CDO faces is to mature these capabilities sufficiently to ensure AI success.

    Our Advice

    Critical Insight

    • Build your target state architecture from predefined best-practice building blocks.
    • Not all business use cases require AI to increase business capabilities.
    • Not all organizations are ready to embark on the AI journey.
    • Knowing the AI pattern that you will use will simplify architecture considerations.

    Impact and Result

    • This blueprint will assist organizations with the assessment, planning, building, and rollout of their AI initiatives.
      • Do not embark on an AI project with an immature data management practice. Embark on initiatives to fix problems before they cripple your AI projects.
      • Using architecture building blocks will speed up the architecture decision phase.
    • The success rate of AI initiatives is tightly coupled with data management capabilities and a sound architecture.

    Create an Architecture for AI Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to understand why you need an underlying architecture for AI, review Info-Tech's methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess business use cases for AI readiness

    Define business use cases where AI may bring value. Evaluate each use case to determine the company’s AI maturity in people, tools, and operations for delivering the correct data, model development, model deployment, and the management of models in the operational areas.

    • Create an Architecture for AI – Phase 1: Assess Business Use Cases for AI Readiness
    • AI Architecture Assessment and Project Planning Tool
    • AI Architecture Assessment and Project Planning Tool – Sample

    2. Design your target state

    Develop a target state architecture to allow the organization to effectively deliver in the promise of AI using architecture building blocks.

    • Create an Architecture for AI – Phase 2: Design Your Target State
    • AI Architecture Templates

    3. Define the AI architecture roadmap

    Compare current state with the target state to define architecture plateaus and build a delivery roadmap.

    • Create an Architecture for AI – Phase 3: Define the AI Architecture Roadmap
    [infographic]

    Workshop: Create an Architecture for AI

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Answer “Where To?”

    The Purpose

    Define business use cases where AI may add value and assess use case readiness.

    Key Benefits Achieved

    Know upfront if all required data resources are available in the required velocity, veracity, and variety to service the use case.

    Activities

    1.1 Review the business vision.

    1.2 Identify and classify business use cases.

    1.3 Assess company readiness for each use case.

    1.4 Review architectural principles and download and install Archi.

    Outputs

    List of identified AI use cases

    Assessment of each use case

    Data sources needed for each use case

    Archi installed

    2 Define the Required Architecture Building Blocks

    The Purpose

    Define architecture building blocks that can be used across use cases and data pipeline.

    Key Benefits Achieved

    The architectural building blocks ensure reuse of resources and form the foundation of a stepwise rollout.

    Activities

    2.1 ArchiMate modelling language overview.

    2.2 Architecture building block overview

    2.3 Identify architecture building blocks by use case.

    2.4 Define the target state architecture.

    Outputs

    A set of building blocks created in Archi

    Defined target state architecture using architecture building blocks

    3 Assess the Current State Architecture

    The Purpose

    Assess your current state architecture in the areas identified by the target state.

    Key Benefits Achieved

    Only evaluating the current state architecture that will influence your AI implementation.

    Activities

    3.1 Identify the current state capabilities as required by the target state.

    3.2 Assess your current state architecture.

    3.3 Define a roadmap and design implementation plateaus.

    Outputs

    Current state architecture documented in Archi

    Assessed current state using assessment tool

    A roadmap defined using plateaus as milestones

    4 Bridge the Gap and Create the Roadmap

    The Purpose

    Assess your current state against the target state and create a plan to bridge the gaps.

    Key Benefits Achieved

    Develop a roadmap that will deliver immediate results and ensure long-term durability.

    Activities

    4.1 Assess the gaps between current- and target-state capabilities.

    4.2 Brainstorm initiatives to address the gaps in capabilities

    4.3 Define architecture delivery plateaus.

    4.4 Define a roadmap with milestones.

    4.5 Sponsor check-in.

    Outputs

    Current to target state gap assessment

    Architecture roadmap divided into plateaus

    Applications Priorities 2023

    • Buy Link or Shortcode: {j2store}186|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • Economic, social, and regulatory conditions have changed livelihoods, businesses, and marketplaces. Modern tools and technologies have acted as lifelines by minimizing operating and delivery costs, and in the process, establishing a strong foundation for growth and maturity.
    • These tools and technologies must meet the top business goals of CXOs: ensure service continuity, improve customer experience, and make data-driven decisions.
    • While today’s business applications are good and well received, there is still room for improvement. The average business application satisfaction score among IT leadership was 72% (n=1582, CIO Business Vision).

    Our Advice

    Critical Insight

    • Applications are critical components in any business strategic plan. They can directly influence an organization’s internal and external brand and reputation, such as their uniqueness, competitiveness and innovativeness in the industry
    • Business leaders are continuously looking for innovative ways to better position their application portfolio to satisfy their goals and objectives, i.e., application priorities. Given the scope and costs often involved, these priorities must be carefully crafted to clearly state achievable business outcomes that satisfies the different needs very different customers, stakeholders, and users.
    • Unfortunately, expectations on your applications team have increased while the gap between how stakeholders and applications teams perceive effectiveness remains wide. This points to a need to clarify the requirements to deliver valuable and quality applications and address the pressures challenging your teams.

    Impact and Result

    Learn and explore the technology and practice initiatives in this report to determine which initiatives should be prioritized in your application strategy and align to your business organizational objectives:

    • Optimize the effectiveness of the IT organization.
    • Boost the productivity of the enterprise.
    • Enable business growth through technology.

    Applications Priorities 2023 Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Applications Priorities Report 2023 – A report that introduces and describes five opportunities to prioritize in your 2023 application strategy.

    In this report, we explore five priorities for emerging and leading-edge technologies and practices that can improve on capabilities needed to meet the ambitions of your organization.

    • Applications Priorities 2023 Report

    Infographic

    Further reading

    Applications Priorities 2023

    Applications are the engine of the business: keep them relevant and modern

    What we are facing today is transforming the ways in which we work, live, and relate to one another. Applications teams and portfolios MUST change to meet this reality.

    Economic, social, and regulatory conditions have changed livelihoods, businesses, and marketplaces. Modern tools and technologies have acted as lifelines by minimizing operating and delivery costs, and in the process, establishing a strong foundation for growth and maturity.

    As organizations continue to strengthen business continuity, disaster recovery, and system resilience, activities to simply "keep the lights on" are not enough. Be pragmatic in the prioritization and planning of your applications initiatives, and use your technologies as a foundation for your growth.

    Your applications must meet the top business goals of your CXOs

    • Ensure service continuity
    • Improve customer experience
    • Make data-driven decisions
    • Maximize stakeholder value
    • Manage risk

    Source: CEO-CIO Alignment Diagnostics, August 2021 to July 2022, n=568.

    Select and align your applications priorities to your business goals and objectives

    Applications are critical components in any business strategic plan. They can directly influence an organization's internal and external brand and reputation, such as their:

    • Uniqueness, competitiveness, and innovativeness in the industry.
    • Ability to be dynamic, flexible, and responsive to changing expectations, business conditions, and technologies.

    Therefore, business leaders are continuously looking for innovative ways to better position their application portfolios to satisfy their goals and objectives, i.e. applications priorities. Given the scope and costs often involved, these priorities must be carefully crafted to clearly state achievable business outcomes that satisfy
    the different needs of very different customers, stakeholders, and users.

    Today's business applications are good but leave room for improvement

    72%
    Average business application satisfaction score among IT leadership in 1582 organizations.

    Source: CIO Business Vision, August 2021 to July 2022, N=190.

    Five Applications Priorities for 2023

    In this report, we explore five priorities for emerging and leading-edge technologies and practices that can improve on capabilities needed to meet the Ambitions of your organization.

    this is an image of the Five Applications Priorities for which will be addressed in this blueprint.

    Strengthen your foundations to better support your applications priorities

    These key capabilities are imperative to the success of your applications strategy.

    KPI and Metrics

    Easily attainable and insightful measurements to gauge the progress of meeting strategic objectives and goals (KPIs), and the performance of individual teams, practices and processes (metrics).

    BUSINESS ALIGNMENT

    Gain an accurate understanding and interpretation of stakeholder, end-user, and customer expectations and priorities. These define the success of business products and services considering the priorities of individual business units and teams.

    EFFICIENT DELIVERY & SUPPORT PRACTICE

    Software delivery and support roles, processes, and tools are collaborative, well equipped and resourced, and optimized to meet changing stakeholder expectations.

    Data Management & Governance

    Ensuring data is continuously reliable and trustworthy. Data structure and integrations are defined, governed, and monitored.

    Product & Service Ownership

    Complete inventory and rationalization of the product and service portfolio, prioritized backlogs, roadmaps, and clear product and service ownership with good governance. This helps ensure this portfolio is optimized to meet its goals and objectives.

    Strengthen your foundations to better support your applications priorities (cont'd)

    These key capabilities are imperative to the success of your applications strategy.

    Organizational Change Management

    Manage the adoption of new and modified processes and technologies considering reputational, human, and operational concerns.

    IT Operational Management

    Continuous monitoring and upkeep of products and services to assure business continuity, and system reliability, robustness and disaster recovery.

    Architectural Framework

    A set of principles and standards that guides the consistent, sustainable and scalable growth of enterprise technologies. Changes to the architecture are made in collaboration with affected parties, such as security and infrastructure.

    Application Security

    The measures, controls, and tactics at the application layer that prevent vulnerabilities against external and internal threats and ensure compliance to industry and regulatory security frameworks and standards.

    There are many factors that can stand in your team's way

    Expectations on your applications team have increased, while the gap between how stakeholders and applications teams perceive effectiveness remains wide. This points to a need to clarify the requirements to deliver valuable and quality applications and address the pressures challenging your teams.

    1. Attracting and retaining talent
    2. Maximizing the return on technology
    3. Confidently shifting to digital
    4. Addressing competing priorities
    5. Fostering a collaborative culture
    6. Creating high-throughput teams

    CIOs agree that at least some improvement is needed across key IT activities

    A bar graph is depicted which shows the proportion of CIOs who believe that some, or significant improvement is necessary for the following categories: Measure IT Project Success; Align IT Budget; Align IT Project Approval Process; Measure Stakeholder Satisfaction With IT; Define and Align IT Strategy; Understand Business Goals

    Source: CEO-CIO Alignment Diagnostics, August 2021 to July 2022, n=568.

    Pressure Point 1:
    Attracting and Retaining Talent

    Recent environmental pressures impacted traditional working arrangements and showed more workplace flexibility is often possible. At the same time, many employees' expectations about how, when, and where they choose to work have also evolved. Recruitment and retention are reflections of different sides of the same employee value proposition coin. Organizations that fail to reinvent their approach to attracting and retaining talent by focusing on candidate and employee experience risk turnover, vacancies, and lost opportunities that can negatively impact the bottom line.

    Address the underlying challenges

    • Lack of employee empowerment and few opportunities for learning and development.
    • Poor coworker and manager relationships.
    • Compensation and benefits are inadequate to maintain desired quality of life.
    • Unproductive work environment and conflicting balance of work and life.
    • Unsatisfactory employee experience, including lack of employee recognition
      and transparency of organizational change.

    While workplace flexibility comes with many benefits, longer work hours jeopardize wellbeing.
    62% of organizations reported increased working hours, while 80% reported an increase in flexibility.
    Source: McLean & Company, 2022; n=394.

    Be strategic in how you fill and train key IT skills and capabilities

    • Cybersecurity
    • Big Data/Analytics
    • Technical Architecture
    • DevOps
    • Development
    • Cloud

    Source: Harvey Nash Group, 2021; n=2120.

    Pressure Point 2:
    Maximizing the Return of Technology

    Recent environmental pressures impacted traditional working arrangements and showed more workplace flexibility is often possible. At the same time, many employees' expectations about how, when, and where they choose to work have also evolved. Recruitment and retention are reflections of different sides of the same employee value proposition coin. Organizations that fail to reinvent their approach to attracting and retaining talent by focusing on candidate and employee experience risk turnover, vacancies, and lost opportunities that can negatively impact the bottom line.

    Address the underlying challenges

    • Inability to analyze, propose, justify, and communicate modernization solutions in language the stakeholders understand and in a way that shows they clearly support business priorities and KPIs and mitigate risks.
    • Little interest in documenting and rationalizing products and services through business-IT collaboration.
    • Lack of internal knowledge of the system and loss of vendor support.
    • Undefined, siloed product and service ownership and governance, preventing solutions from working together to collectively deliver more value.
    • Little stakeholder appetite to invest in activities beyond "keeping the lights on."

    Only 64% of applications were identified as effective by end users.
    Effective applications are identified as at least highly important and have high feature and usability satisfaction.
    Source: Application Portfolio Assessment, August 2021 to July 2022; N=315.

    "Regardless of the many definitions of modernization floating around, the one characteristic that we should be striving for is to ensure our applications do an outstanding job of supporting the users and the business in the most effective and efficient manner possible."
    Source: looksoftware.

    Pressure Point 3:
    Confidently Shifting to Digital

    "Going digital" reshapes how the business operates and drives value by optimizing how digital and traditional technologies and tactics work together. This shift often presents significant business and technical risks to business processes, enterprise data, applications, and systems which stakeholders and teams are not aware of or prepared to accommodate.

    Address the underlying challenges

    • Differing perspectives on digital can lead to disjointed transformation initiatives, oversold benefits, and a lack of synergy among digital technologies and processes.
    • Organizations have difficulty adapting to new technologies or rethinking current business models, processes, and ways of working because of the potential human, ethical, and reputational impacts and restrictions from legacy systems.
    • Management lacks a framework to evaluate how their organization manages and governs business value delivery.
    • IT is not equipped or resourced to address these rapidly changing business, customer, and technology needs.
    • The wrong tools and technologies were chosen to support the shift to digital.

    The shift to digital processes is starting, but slowly.
    62% of respondents indicated that 1-20% of their processes were digitized during the past year.
    Source: Tech Trends and Priorities 2023; N=500

    Resistance to change and time/budget constraints are top barriers preventing companies from modernizing their applications.
    Source: Konveyor, 2022; n=600.

    Pressure Point 4:
    Addressing Competing Priorities

    Enterprise products and services are not used, operated, or branded in isolation. The various parties involved may have competing priorities, which often leads to disagreements on when certain business and technology changes should be made and how resources, budget, and other assets should be allocated. Without a broader product vision, portfolio vision, and roadmap, the various dependent or related products and services will not deliver the same level of value as if they were managed collectively.

    Address the underlying challenges

    • Undefined product and service ownership and governance, including escalation procedures when consensus cannot be reached.
    • Lack of a unified and grounded set of value and quality definitions, guiding principles, prioritization standards, and broad visibility across portfolios, business capabilities, and business functions.
    • Distrust between business units and IT teams, which leads to the scaling of unmanaged applications and fragmented changes and projects.
    • Decisions are based on opinions and experiences without supporting data.

    55% of CXOs stated some improvement is necessary in activities to understand business goals.
    Source: CEO-CIO Alignment Diagnostics, August 2021 to July 2022; n=568.

    CXOs are moderately satisfied with IT's performance as a business partner (average score of 69% among all CXOs). This sentiment is similarly felt among CIOs (64%).
    Source: CEO-CIO Alignment Diagnostics, August 2021 to July 2022; n=568.

    Pressure Point 5:
    Fostering a Collaborative Culture

    Culture impacts business results, including bottom-line revenue and productivity metrics. Leaders appreciate the impact culture can have on applications initiatives and wish to leverage this. How culture translates from an abstract concept to something that is measurable and actionable is not straightforward. Executives need to clarify how the desired culture will help achieve their applications strategy and need to focus on the items that will have the most impact.

    Address the underlying challenges

    • Broad changes do not consider the unique subcultures, personalities, and behaviors of the various teams and individuals in the organization.
    • Leaders mandate cultural changes without alleviating critical barriers and do not embody the principles of the target state.
    • Bureaucracy and politics restrict changes and encourage the status quo.
    • Industry standards, technologies, and frameworks do not support or cannot be tailored to fit the desired culture.
    • Some teams are deliberately excluded from the scoping, planning, and execution of key product and service delivery and management activities.

    Agile does not solve team culture challenges.
    43% of organizations cited organizational culture as a significant barrier to adopting and scaling Agile practices.
    Source: Digital.ai, 2021.

    "Providing a great employee experience" as the second priority (after recruiting) highlights the emphasis organizations are placing on helping employees adjust after having been forced to change the way work gets done.
    Source: McLean & Company, 2022; N=826.

    Use your applications priorities to help address your pressure points

    Success can be dependent on your ability to navigate around or alleviate your pressure points. Design and market your applications priorities to bring attention to your pressure points and position them as key risk factors to their success.

    Applications Priorities
    Digital Experience (DX) Intelligent Automation Proactive Application Management Multisource Systems Digital Organization as a Platform
    Attracting and Retaining Talent Enhance the employee experience Be transparent and support role changes Shift focus from maintenance to innovation Enable business-managed applications Promote and showcase achievements and successes
    Maximizing the Return on Technology Modernize or extend the use of existing investments Automate applications across multiple business functions Improve the reliability of mission-critical applications Enhance the functionality of existing applications Increase visibility of underused applications
    Confidently Shifting to Digital Prioritize DX in your shift to digital Select the capabilities that will benefit most from automation Prepare applications to support digital tools and technologies Use best-of-breed tools to meet specific digital needs Bring all applications up to a common digital standard
    Addressing Competing Priorities Ground your digital vision, goals, and objectives Recognize and evaluate the architectural impact Rationalize the health of the applications Agree on a common philosophy on system composition Map to a holistic platform vision, goals, and objectives
    Fostering a Collaborative Culture Involve all perspectives in defining and delivering DX Involve the end user in the delivery and testing of the automated process Include the technical perspective in the viability of future applications plans Discuss how applications can work together better in an ecosystem Ensure the platform is configured to meet the individual needs of the users
    Creating High-Throughput Teams Establish delivery principles centered on DX Remove manual, error-prone, and mundane tasks Simplify applications to ease delivery and maintenance Alleviate delivery bottlenecks and issues Abstract the enterprise system to expedite delivery

    Digital Experience (DX)

    PRIORITY 1

    • Deliver Valuable User, Customer, Employee, and Brand Experiences

    Delivering valuable digital experiences requires the adoption of good management, governance, and operational practices to accommodate stakeholder, employee, customer, and end-user expectations of digital experiences (e.g. product management, automation, and iterative delivery). Technologies are chosen based on what best enables, delivers, and supports these expectations.

    Introduction

    Digital transformation is not just about new tools and technologies. It is also about delivering a valuable digital experience

    What is digital experience (DX)?

    Digital experience (DX) refers to the interaction between a user and an organization through digital products and services. Digital products and services are tools, systems, devices, and resources that gather, store, and process data; are continuously modernized; and embody eight key attributes that are described on the following slide. DX is broken down into four distinct perspectives*:

    • Customer Experience – The immediate perceptions of transactions and interactions experienced through a customer's journey in the use of the organization's digital
      products and services.
    • End-User Experience – Users' emotions, beliefs, and physical and psychological responses
      that occur before, during, or after interacting with a digital product or service.
    • Brand Experience – The broader perceptions, emotions, thoughts, feelings and actions the public associate with the organization's brand and reputation or its products and services. Brand experience evolves over time as customers continuously engage with the brand.
    • Employee Experience – The satisfaction and experience of an employee through their journey with the organization, from recruitment and hiring to their departure. How an employee embodies and promotes the organization brand and culture can affect their performance, trust, respect, and drive to innovate and optimize.
    Digital Products and Services
    Customer Experience Brand Experience Employee Experience End-User Experience

    Digital products and services have a common set of attributes

    Digital transformation is not just about new tools and technologies. It is also about delivering a valuable digital experience

    • Digital products and services must keep pace with changing business and end-user needs as well as tightly supporting your maturing business model with continuous modernization. Focus your continuous modernization on the key characteristics that drive business value.
    • Fit for purpose: Functionalities are designed and implemented for the purpose of satisfying the end user's needs and solving their problems.
    • User-centric: End users see the product as rewarding, engaging, intuitive, and emotionally satisfying. They want to come back to it.
    • Adaptable: The product can be quickly tailored to meet changing end-user and technology needs with reusable and customizable components.
    • Accessible: The product is available on demand and on the end user's preferred interface.
      End users have a seamless experience across all devices.
    • Private and secured: The end user's activity and data are protected from unauthorized access.
    • Informative and insightful: The product delivers consumable, accurate, and trustworthy real-time data that is important to the end user.
    • Seamless application connection: The product facilitates direct interactions with one or more other products through an uninterrupted user experience.
    • Relationship and network building: The product enables and promotes the connection and interaction of people.

    The Business Value cycle of continuous modernization.

    Signals

    DX is critical for business growth and maturity, but the organization may not be ready

    A good DX has become a key differentiator that gives organizations an advantage over their competition and peers. Shifts in working environments; employee, customer, and stakeholder expectations; and the advancements in modern technologies have raised the importance of adopting and transitioning to digital processes and tools to stay relevant and responsive to changing business and technology conditions.

    Applications teams are critical to ensuring the successful delivery and operation of these digital processes and tools. However, they are often under-resourced and challenged to meet their DX goals.

    • 7% of both business and IT respondents think IT has the resources needed to keep up with digital transformation initiatives and meet deadlines (Cyara, 2021).
    • 43% of respondents said that the core barrier to digital transformation is a lack of skilled resources (Creatio, 2021).
    A circle graph is shown with 91% of the circle coloured in dark blue, with the number 91% in the centre.

    of organizations stated that at least 1% of processes were shifted from being manually completed to digitally completed in the last year. 29% of organizations stated at least 21% were shifted.

    Source: Tech Trends and Priorities 2023; N=500.

    A circle graph is shown with 98% of the circle coloured in dark blue, with the number 98% in the centre.

    of organizations recognized digital transformation is important for competitive advantage. 94% stated it is important to enhance customer experience, and 91% stated it will have a positive impact on revenue.

    Source: Cyara, 2021.

    Drivers

    Brand and reputation

    Customers are swayed by the innovations and advancements in digital technologies and expect your applications team to deliver and support them. Your leaders recognize the importance of these expectations and are integrating them into their business strategy and brand (how the organization presents itself to its customers, employees and the public). They hope that their actions will improve and shape the company's reputation (public perception of the company) as effective, customer-focused, and forward-thinking.

    Worker productivity

    As you evolve and adopt more complex tools and technology, your stakeholders will expect more from business units and IT teams. Unfortunately, teams employing manual processes and legacy systems will struggle to meet these expectations. Digital products and services promote the simplification of complex operations and applications and help the business and your teams better align operational practices with strategic goals and deliver valuable DX.

    Organization modernization

    Legacy processes, systems, and ways of working are no longer suitable for meeting the strategic digital objectives and DX needs stakeholders expect. They drive up operational costs without increased benefits, impede business growth and innovation, and consume scarce budgets that could be used for other priorities. Shifting to digital tools and technologies will bring these challenges to light and demonstrate how modernization is an integral part of DX success.

    Benefits & Risks

    Benefits

    • Flexibility & Satisfaction
    • Adoption
    • Reliability

    Employees and customers can choose how they want to access, modify, and consume digital products and services. They can be tailored to meet the specific functional needs, behaviors, and habits of the end user.

    The customer, end user, brand, and employee drive selection, design, and delivery of digital products and services. Even the most advanced technologies will fail if key roles do not see the value in their use.

    Digital products and services are delivered with technical quality built into them, ensuring they meet the industry, regulatory, and company standards throughout their lifespan and in various conditions.

    Risks

    • Legacy & Lore
    • Bureaucracy & Politics
    • Process Inefficiencies
    • No Quality Standards

    Some stakeholders may not be willing to change due to their familiarity and comfort of business practices.

    Competing and conflicting priorities of strategic products and services undermine digital transformation and broader modernization efforts.

    Business processes are often burdened by wasteful activities. Digital products and services are only as valuable as the processes they support.

    The performance and support of your digital products and services are hampered due to unmanageable technical debt because of a deliberate decision to bypass or omit quality good practices.

    Address your pressure points to fully realize the benefits of this priority

    Success can be dependent on your ability to address your pressure points.

    Attracting and Retaining Talent

    Enhance the employee experience.

    Design the digital processes, tools, and technologies to meet the individual needs of the employee.

    Maximizing the Return on Technology

    Modernize or extend the use of existing investments.

    Drive higher adoption of applications and higher user value and productivity by implementing digital capabilities to the applications that will gain the most.

    Confidently Shifting to Digital

    Prioritize DX in your shift to digital. Include DX as part of your definition of success.

    Your products and services are not valuable if users, customers, and employees do not use them.

    Addressing Competing Priorities

    Ground your digital vision, goals, and objectives

    Establish clear ownership of DX and digital products and services with a cross-functional prioritization framework.

    Fostering a Collaborative Culture

    Involve all perspectives in defining and delivering DX.

    Maintain a committee of owners, stakeholders, and delivery teams to ensure consensus and discuss how to address cross-functional opportunities and risks.

    Creating High-Throughput Teams

    Establish delivery principles centered on DX.

    Enforce guiding principles to streamline and simplify DX delivery, such as plug-and-play architecture and quality standards.

    Recommendations

    Build a digital business strategy

    A digital business strategy clearly articulates the goals and ambitions of the business to adopt digital practices, tools, and technologies. This document:

    • Looks for ways to transform the business by identifying what technologies to embrace, what processes to automate, and what new business models to create.
    • Unifies digital possibilities with your customer experiences.
    • Establishes accountability with the executive leadership.
    • States the importance of cross-functional participation from senior management across the organization.

    Related Research:

    Learn, understand, and empathize with your users, employees, and customers

    • To create a better product, solution, or service, understanding those who use it, their needs, and their context is critical.
    • A great experience design practice can help you balance those goals so that they are in harmony with those of your users.
    • IT leaders must find ways to understand the needs of the business and develop empathy on a much deeper level. This empathy is the foundation for a thriving business partnership.

    Related Research:

    Recommendations

    Center product and service delivery decisions and activities on DX and quality

    User, customer, employee, and brand are integral perspectives on the software development lifecycle (SDLC) and the management and governance practices supporting digital products and services. It ensures quality standards and controls are consistently upheld while maintaining alignment with various needs and priorities. The goal is to come to a consensus on a universal definition and approach to embed quality and DX-thinking throughout the delivery process.

    Related Research:

    Instill collaborative delivery practices

    Today's rapidly scaling and increasingly complex digital products and services create mounting pressure on delivery teams to release new features and changes quickly and with sufficient quality. This pressure is further compounded by the competing priorities of individual stakeholders and the nuances among different personas of digital products and services.

    A collaborative delivery practice sets the activities, channels, and relationships needed to deliver a valuable and quality product or service with cross-functional awareness, accountability, and agreement.

    Related Research:

    Recommendations

    Continuously monitor and modernize your digital products and services

    Today's modern digital products and services are tomorrow's shelfware. They gradually lose their value, and the supporting technologies will become obsolete. Modernization is a continuous need.

    Data-driven insights help decision makers decide which products and services to retire, upgrade, retrain on, or maintain to meet the demands of the business.

    Enhancements focusing on critical business capabilities strengthen the case for investment and build trust with all stakeholders.

    Related Research:

    CASE STUDY
    Mastercard in Asia

    Focus on the customer journey

    Chief Marketing Officer M.V. Rajamannar (Raja) wanted to change Mastercard's iconic "Priceless" ad campaign (with the slogan "There are some things money can't buy. For everything else there's Mastercard."). The main reasons were that the campaign relied on one-way communication and targeted end customers, even though Mastercard doesn't issue cards directly to customers; partner banks do. To drive the change in campaign, Raja and his team created a digital engine that leveraged digital and social media. Digital engine is a seven-step process based on insights gleaned from data and real-time optimization.

    1. Emotional spark: Using data to understand customers' passion points, Mastercard builds videos and creatives to ignite an emotional spark and give customers a reason to engage. For example, weeks before New Year's Eve, Mastercard produced a video with Hugh Jackman to encourage customers to submit a story about someone who deeply mattered to them. The authors of the winning story would be flown to reunite with those both distant and dear.
    2. Engagement: Mastercard targets the right audience with a spark video through social media to encourage customers to share their stories.
    3. Offers: To help its partner banks and merchants in driving their business, the company identifies the best offers to match consumers' interests. In the above campaign, Mastercard's Asia-Pacific team found that Singapore was a favorite destination for Indian customers, so they partnered with Singapore's Resorts World Sentosa with an attractive offer.
    4. Real-time optimization: Mastercard optimizes, in real time, a portfolio of several offers through A/B testing and other analysis.
    5. Amplification: Real-time testing provides confidence to Mastercard about the potential success of these offers and encourages its bank and merchant partners to co-market and co-fund these campaigns.
    6. Network effects: A few weeks after consumers submitted their stories about distant loved ones, Mastercard selected winners, produced videos of them surprising their friends and families, and used these videos in social media to encourage sharing.
    7. Incremental transactions: These programs translate into incremental business for banks who issue cards, for merchants where customers spend money, and for Mastercard, which gets a portion of every transaction.

    Source: Harvard Business Review Press

    CASE STUDY
    Mastercard in Asia (cont'd)

    Focus on the customer journey

    1. Emotional Spark
      Drives genuine personal stories
    2. Engagement
      Through Facebook
      and social media
    3. Offers
      From merchants
      and Mastercard assets
    4. Optimization
      Real-time testing of offers and themes
    5. Amplification
      Paid and organic programmatic buying
    6. Network Effects
      Sharing and
      mass engagement
    7. Incremental Transactions
      Win-win for all parties

    CASE STUDY
    Mastercard in Asia (cont'd)

    The Mastercard case highlights important lessons on how to engage customers:

    • Have a broad message. Brands need to connect with consumers over how they live and spend their time. Organizations need to go beyond the brand or product message to become more relevant to consumers' lives. Dove soap was very successful in creating a conversation among consumers with its "Real Beauty" campaign, which focused not on the brand or even the product category, but on how women and society view beauty.
    • Shift from storytelling to story making. To break through the clutter of advertising, companies need to move from storytelling to story making. A broader message that is emotionally engaging allows for a two-way conversation.
    • Be consistent with the brand value. The brand needs to stand for something, and the content should be relevant to and consistent with the image of the brand. Pepsi announced an award of $20 million in grants to individuals, businesses, and nonprofits that promote a new idea to make a positive impact on community. A large number of submissions were about social causes that had nothing to do with Pepsi, and some, like reducing obesity, were in conflict with Pepsi's product.
    • Create engagement that drives business. Too much entertainment in ads may engage customers but detract from both communicating the brand message and increasing sales. Simply measuring the number of video views provides only a partial picture of a program's success.

    Intelligent Automation

    PRIORITY 2

    • Extend Automation Practices with AI and ML

    AI and ML are rapidly growing. Organizations see the value of machines intelligently executing high-performance and dynamic tasks such as driving cars and detecting fraud. Senior leaders see AI and ML as opportunities to extend their business process automation investments.

    Introduction

    Intelligent automation is the next step in your business process automation journey

    What is intelligent automation (IA)?

    Intelligent automation (IA) is the combination of traditional automation technologies, such as business process management (BPM) and robotic process automation (RPA), with AI and ML. The goal is to further streamline and scale decision making across various business processes by:

    • Removing human interactions.
    • Addressing decisions that involve complex variables.
    • Automatically adapting processes to changing conditions.
    • Bridging disparate automation technologies into an integrated end-to-end value delivery pipeline.

    "For IA to succeed, employees must be involved in the transformation journey so they can experience firsthand the benefits of a new way of working and creating business value," (Cognizant).

    What is the difference between IA and hyperautomation?

    "Hyperautomation is the act of automating everything in an organization that can be automated. The intent is to streamline processes across an organization using intelligent automation, which includes AI, RPA and other technologies, to run without human intervention. … Hyperautomation is a business-driven, disciplined approach that organizations use to rapidly identify, vet, and automate as many business and IT processes as possible" (IBM, 2021).

    Note that hyperautomation often enables IA, but teams solely adopting IA do not need to abide to its automation-first principles.

    IA is a combination of various tools and technologies

    What tools and technologies are involved in IA?

    • Artificial intelligence (AI) & Machine Learning (ML) – AI systems perform tasks mimicking human intelligence such as learning from experience and problem solving. AI is making its own decisions without human intervention. Machine learning systems learn from experience and without explicit instructions. They learn patterns from data then analyze and make predictions based on past behavior and the patterns learned. AI is a combination of technologies and can include machine learning.
    • Intelligent Business Process Management System (iBPMS) – Combination of BPM tools with AI and other intelligence capabilities.
    • Robotic Process Automation (RPA) – Robots leveraging an application's UI rather than programmatic access. Automate rules-based, repetitive tasks performed by human workers with AI/ML.
    • Process Mining & Discovery – Process mining involves reading system event logs and application transactions and applying algorithmic analysis to automatically identify and map inferred business processes. Process discovery involves unintrusive virtual agents that sit on a user's desktop and record and monitor how they interact with applications to perform tasks and processes. Algorithms are then used to map and analyze the processes.
    • Intelligent Document Processing – The conversion of physical or unstructured documents into a structured, digital format that can be used in automation solutions. Optical character recognition (OCR) and natural language processing (NPL) are common tools used to enable this capability.
    • Advanced Analytics – The gathering, synthesis, transformation, and delivery of insightful and consumable information that supports data-driven decision making. Data is queried from various disparate sources and can take on a variety of structured and unstructured formats.

    The cycle of IA technologies

    Signals

    Process automation is an executive priority and requires organizational buy-in

    Stakeholders recognize the importance of business process automation and AI and are looking for ways to deliver more value using these technologies.

    • 90% of executives stated automating business workflows post-COVID-19 will ensure business continuity (Kofax, 2022).
    • 88% of executives stated they need to fast-track their end-to-end digital transformation (Kofax, 2022).

    However, the advertised benefits to vendors of enabling these desired automations may not be easily achievable because of:

    • Manual and undocumented business processes.
    • Fragmented and inaccessible systems.
    • Poor data quality, insights, and security.
    • The lack of process governance and management practice.
    A circle graph is shown with 49% of the circle coloured in dark blue, with the number 49% in the centre.

    of CXOs stated staff sufficiency, skill and engagement issues as a minor IT pain point compared to 51% of CIOs stated this issue as a major pain point.

    Source: CEO-CIO Alignment Diagnostics, August 2021 to July 2022; n=568.

    A circle graph is shown with 36% of the circle coloured in dark blue, with the number 36% in the centre.

    of organizations have already invested in AI or machine learning.

    Source: Tech Trends and Priorities 2023; N=662

    Drivers

    Quality & throughput

    Products and services delivered through an undefined and manual process risk the creation of preventable and catchable defects, security flaws and holes, missing information, and other quality issues. IA solutions consistently reinforce quality standards the same way across all products and services while tailoring outputs to meet an individual's specific needs. Success is dependent on the accurate interpretation and application of quality standards and the user's expectations.

    Worker productivity

    IA removes the tedious, routine, and mundane tasks that distract and restrict employees from doing more valuable, impactful, and cognitively focused activities. Practical insights can also be generated through IA tools that help employees make data-driven decisions, evaluate problems from different angles, and improve the usability and value of the products and services they produce.

    Good process management practices

    Automation magnifies existing inefficiencies of a business process management practice, such as unclear and outdated process documentation and incorrect assumptions. IA reinforces the importance of good business process optimization practices, such as removing waste and inefficiencies in a thoughtful way, choosing the most appropriate automation solution, and configuring the process in the right way to maximize the solution's value.

    Benefits & Risks

    Benefits

    • Documentation
    • Hands-Off
    • Reusability

    All business processes must be mapped and documented to be automated, including business rules, data entities, applications, and control points.

    IA can be configured and orchestrated to automatically execute when certain business, process, or technology conditions are met in an unattended or attended manner.

    IA is applicable in use cases beyond traditional business processes, such as automated testing, quality control, audit, website scraping, integration platform, customer service, and data transfer.

    Risks

    • Data Quality & Bias
    • Ethics
    • Recovery & Security
    • Management

    The accuracy and relevance of the decisions IA makes are dependent on the overall quality of the data
    used to train it.

    Some decisions can have significant reputational, moral, and ethical impacts if made incorrectly.
    The question is whether it is appropriate for a non-human to make that decision.

    IA is composed of technologies that can be compromised or fail. Without the proper monitoring, controls,
    and recovery protocols, impacted IA will generate significant business and IT costs and can potentially harm customers, employees, and the organization.

    Low- and no-code capabilities ease and streamline IA development, which makes it susceptible to becoming unmanageable. Discipline is needed to ensure IA owners are aware of the size and health of the IA portfolio.

    Address your pressure points to fully realize the benefits of this priority

    Success can be dependent on your ability to address your pressure points.

    Attracting and Retaining Talent

    Be transparent and support role changes.

    Plan to address the human sentiment with automation (e.g. job security) and the transition of the role to other activities.

    Maximizing the Return on Technology

    Automate applications across multiple business functions.

    Recognize the value opportunities of improving and automating the integration of cross-functional processes.

    Confidently Shifting to Digital

    Maximize the learning of automation fit.

    Select the right capabilities to demonstrate the value of IA while using lessons learned to establish the appropriate support.

    Addressing Competing Priorities

    Recognize automation opportunities with capability maps.

    Use a capability diagram to align strategic IA objectives with tactical and technical IA initiatives.

    Fostering a Collaborative Culture

    Involve the user in the delivery process.

    Maximize automation adoption by ensuring the user finds value in its use before deployment.

    Creating High-Throughput Teams

    Remove manual, error-prone, and mundane tasks.

    Look for ways to improve team throughput by removing wasteful activities, enforcing quality, and automating away tasks driving down productivity.

    Recommendations

    Build your business process automation playbook and practice

    Formalize your business process automation practice with a good toolkit and a repeatable set of tactics and techniques.

    • Clarify the problem being solved with IA.
    • Optimate your processes. Apply good practices to first optimize (opti-) and then automate (-mate) key business processes.
    • Deliver minimum viable automations (MVAs). Maximize the learning of automation solutions and business operational changes through small, strategic automation use cases.

    Related Research:

    Explore the various IA tooling options

    Each IA tool will address a different problem. Which tool to choose is dependent on a variety of factors, such as functional suitability, technology suitability, delivery and support capabilities, alignment to strategic business goals, and the value it is designed to deliver.

    Related Research:

    Recommendations

    Introduce AI and ML thoughtfully and with a plan

    Despite the many promises of AI, organizations are struggling to fully realize its potential. The reasons boil down to a lack of understanding of when these technologies should and shouldn't be used, as well as a fear of the unknown. The plan to adopt AI should include:

    • Understanding of what AI really means in practice.
    • Identifying specific applications of AI in the business.
    • Understanding the type of AI applicable for the situation.

    Related Research:

    Mitigate AI and ML bias

    Biases can be introduced into an IA system at any stage of the development process, from the data you collect, to the way you collect it, to which algorithms are used and what assumptions were made. In most cases, AI and ML bias is a is a social, political, and business problem.

    While bias may not be intentional nor completely prevented or eliminated, early detection, good design, and other proactive preventative steps can be taken to minimize its scope and impact.

    Related Research:

    CASE STUDY
    University Hospitals

    Challenge

    University Hospitals Cleveland (UH) faces the same challenge that every major hospital confronts regarding how to deliver increasingly complex, high-quality healthcare to a diverse population efficiently and economically. In 2017, UH embarked on a value improvement program aiming to improve quality while saving $400 million over a five-year period.

    In emergency department (ED) and inpatient units, leaders found anticipating demand difficult, and consequently units were often over-staffed when demand was low and under-staffed when demand was high. Hospital leaders were uncertain about how to reallocate resources based on capacity needs.

    Solution

    UH turned to Hospital IQ's Census Solution to proactively manage capacity, staff, and flow in the ED and inpatient areas.

    By applying AI, ML, and external data (e.g. weather forecasts) to the hospital's own data (including EMR data and hospital policies), the solution helped UH make two-day census forecasts that managers used to determine whether to open or close in-patient beds and, when necessary, divert low-acuity patients to other hospitals in the system to handle predicted patient volume.

    Source: University Hospitals

    Results

    ED boarding hours have declined by 10% and the hospital has seen a 50% reduction in the number of patients who leave the hospital without
    being seen.

    UH also predicts in advance patients ready for discharge and identifies roadblocks, reducing the average length of stay by 15%. UH is able to better manage staff, reducing overtime and cutting overall labor costs.

    The hospital has also increased staff satisfaction and improved patient safety by closing specific units on weekends and increasing the number of rooms that can be sterilized.

    Proactive Application Management

    PRIORITY 3

    • Strengthen Applications to Prevent and Minimize the Impact of Future Issues

    Application management is often viewed as a support function rather than an enabler of business growth. Focus and investments are only placed on application management when it becomes a problem. The lack of governance and practice accountability leaves this practice in a chaotic state: politics take over, resources are not strategically allocated, and customers are frustrated. As a result, application management is often reactive and brushed aside for new development.

    Introduction

    What is application management?

    Application management ensures valuable software is successfully delivered and is maintained for continuous and sustainable business operations. It contains a repeatable set of activities needed to rationalize and roadmap products and services while balancing priorities of new features and maintenance tasks.

    Unfortunately, application management is commonly perceived as a practice that solely addresses issues, updates, and incidents. However, application management teams are also tasked with new value delivery that was not part of the original release.

    Why is an effective application maintenance (reactive) practice not good enough?

    Application maintenance is the "process of modifying a software system or its components after delivery to correct faults, improve performance or other attributes, or adapt to a changed environment or business process," (IEEE, 1998). While it is critical to quickly fix defects and issues when they occur, reactively addressing them is more expensive than discovering them early and employing the practices to prevent them.

    Even if an application is working well, its framework, architecture, and technology may not be compatible with the possible upcoming changes stakeholders and vendors may want to undertake. Applications may not be problems now, but they soon can be.

    What motivates proactive application changes?

    This image shows the motivations for proactive application changes, sorted by external and internal sources.

    Proactive application management must be disciplined and applied strategically

    Proactive application management practices are critical to maintaining business continuity. They require continuous review and modification so that applications are resilient and can address current and future scenarios. Depending on the value of the application, its criticality to business operations, and its susceptibility to technology change, a more proactive management approach may be warranted. Stakeholders can then better manage resources and budget according to the needs of specific products.

    Reactive Management

    Run-to-Failure

    Fix and enhance the product when it breaks. In most cases, a plan is in place ahead of a failure, so that the problem can be addressed without significant disruption and costs.

    Preventive

    Regularly inspect and optimize the product to reduce the likelihood that it will fail in the future. Schedule inspections based on a specific timeframe or usage threshold.

    Predictive

    Predict failures before they happen using performance and usage data to alert teams when products are at risk of failure according to specified conditions.

    Reliability and Risk Based

    Analyze all possible failure scenarios for each component of the product and create tailored delivery plans to improve the stability, reliability, and value of each product.

    Proactive Management

    Signals

    Applications begin to degrade as soon as they are used

    Today's applications are tomorrow's shelfware. They gradually lose their value, stability, robustness, and compatibility with other enterprise technologies. The longer these applications are left unattended or simply "keeping the lights on," the more risks they will bring to the application portfolio, such as:

    • Discovery and exploitation of security flaws and gaps.
    • Increasing the lock-in to specific vendor technologies.
    • Inconsistent application performance across various workloads.

    These impacts are further compounded by the continuous work done on a system burdened with technical debt. Technical debt describes the result of avoided costs that, over time, cause ongoing business impacts. Left unaddressed, technical debt can become an existential threat that risks your organization's ability to effectively compete and serve its customers. Unfortunately, most organizations have a significant, growing, unmanageable technical debt portfolio.

    A circle graph is shown with 60% of the circle coloured in dark green, with the number 60% in the centre.

    of respondents stated they saw an increase in perceived change in technical debt during the past three years. A quarter of respondents indicated that it stayed the same.

    Source: McKinsey Digital, 2020.

    US
    $4.35
    Million

    is the average cost of a data breach in 2022. This figure represents a 2.6% increase from last year. The average cost has climbed 12.7% since 2020.

    Source: IBM, 2022; N=537.

    Drivers

    Technical debt

    Historical decisions to meet business demands by deferring key quality, architectural, or other software delivery activities often lead to inefficient and incomplete code, fragile legacy systems, broken processes, data quality problems, and the other contributors to technical debt. The impacts for this challenge is further heightened if organizations are not actively refactoring and updating their applications behind the scenes. Proactive application management is intended to raise awareness of application fragility and prioritize comprehensive refactoring activities alongside new feature development.

    Long-term application value

    Applications are designed, developed, and tested against a specific set of parameters which may become less relevant over time as the business matures, technology changes, and user behaviors and interactions shift. Continuous monitoring of the application system, regular stakeholder and user feedback, and active technology trend research and vendor engagement will reveal tasks to prepare an application for future value opportunities or stability and resilience concerns.

    Security and resiliency

    Innovative approaches to infiltrating and compromising applications are becoming prevailing stakeholder concerns. The loopholes and gaps in existing application security protocols, control points, and end-user training are exploited to gain the trust of unsuspecting users and systems. Proactive application management enforces continuous security reviews to determine whether applications are at risk. The goal is to prevent an incident from happening by hardening or complementing measures already in place.

    Benefits & Risks

    Benefits

    • Consistent Performance
    • Robustness
    • Operating Costs

    Users expect the same level of performance and experience from their applications in all scenarios. A proactive approach ensures the configurations meet the current needs of users and dependent technologies.

    Proactively managed applications are resilient to the latest security concerns and upcoming trends.

    Continuous improvements to the underlying architecture, codebase, and interfaces can minimize the cost to maintain and operate the application, such as the transition to a loosely coupled architecture and the standardization of REST APIs.

    Risks

    • Stakeholder Buy-In
    • Delayed Feature Releases
    • Team Capacity
    • Discipline

    Stakeholders may not see the association between the application's value and its technical quality.

    Updates and enhancements are system changes much like any application function. Depending
    on the priority of these changes, new functions may be pushed off to a future release cycle.

    Applications teams require dedicated capacity to proactively manage applications, but they are often occupied meeting other stakeholder demands.

    Overinvesting in certain application management activities (such as refactoring, re-architecture, and redesign) can create more challenges. Knowing how much to do is important.

    Address your pressure points to fully realize the benefits of this priority

    Success can be dependent on your ability to address your pressure points.

    Attracting and Retaining Talent

    Shift focus from maintenance to innovation.

    Work on the most pressing and critical requests first, with a prioritization framework reflecting cross-functional priorities.

    Maximizing the Return on Technology

    Improve the reliability of mission-critical applications.

    Regularly verify and validate applications are up to date with the latest patches and fixes and comply with industry good practices and regulations.

    Confidently Shifting to Digital

    Prepare applications to support digital tools and technologies.

    Focus enhancements on the key components required to support the integration, performance, and security needs of digital.

    Addressing Competing Priorities

    Rationalize the health of the applications.

    Use data-driven, compelling insights to justify the direction and prioritization of applications initiatives.

    Fostering a Collaborative Culture

    Include the technical perspective in the viability of future applications plans.

    Demonstrate how poorly maintained applications impede the team's ability to deliver confidently and quickly.

    Creating High-Throughput Teams

    Simplify applications to ease delivery and maintenance.

    Refactor away application complexities and align the application portfolio to a common quality standard to reduce the effort to deliver and test changes.

    Recommendations

    Reinforce your application maintenance practice

    Maintenance is often viewed as a support function rather than an enabler of business growth. Focus and investments are only placed on maintenance when it becomes a problem.

    • Justify the necessity of streamlined maintenance.
    • Strengthen triaging and prioritization practices.
    • Establish and govern a repeatable process.

    Ensure product issues, incidents, defects, and change requests are promptly handled to minimize business and IT risks.

    Related Research:

    Build an application management practice

    Apply the appropriate management approaches to maintain business continuity and balance priorities and commitments among maintenance and new development requests.

    This practice serves as the foundation for creating exceptional customer experience by emphasizing cross-functional accountability for business value and product and service quality.

    Related Research:

    Recommendations

    Manage your technical debt

    Technical debt is a type of technical risk, which in turn is business risk. It's up to the business to decide whether to accept technical debt or mitigate it. Create a compelling argument to stakeholders as to why technical debt should be a business priority rather than just an IT one.

    • Define and identify your technical debt.
    • Conduct a business impact analysis.
    • Identify opportunities to better manage technical debt.

    Related Research:

    Gauge your application's health

    Application portfolio management is nearly impossible to perform without an honest and thorough understanding of your portfolio's alignment to business capabilities, business value, total cost of ownership, end-user reception and satisfaction, and technical health.

    Develop data-driven insights to help you decide which applications to retire, upgrade, retrain on, or maintain to meet the demands of the business.

    Related Research:

    Recommendations

    Adopt site reliability engineering (SRE) and DevOps practices

    Site reliability engineering (SRE) is an operational model for running online services more reliably by a team of dedicated reliability-focused engineers.

    DevOps, an operational philosophy promoting development and operations collaboration, can bring the critical insights to make application management practices through SRE more valuable.

    Related Research:

    CASE STUDY
    Government Agency

    Goal

    A government agency needed to implement a disciplined, sustainable application delivery, planning, and management process so their product delivery team could deliver features and changes faster with higher quality. The goal was to ensure change requests, fixes, and new features would relieve requester frustrations, reduce regression issues, and allow work to be done on agreeable and achievable priorities organization-wide. The new model needed to increase practice efficiency and visibility in order to better manage technical debt and focus on value-added solutions.

    Solution

    This organization recognized a number of key challenges that were inhibiting its team's ability to meet its goals:

    • The product backlog had become too long and unmanageable.
    • Delivery resources were not properly allocated to meet the skills and capabilities needed to successfully meet commitments.
    • Quality wasn't defined or enforced, which generated mounting technical debt.
    • There was a lack of clear metrics and defined roles and responsibilities.
    • The business had unrealistic and unachievable expectations.

    Source: Info-Tech Workshop

    Key practices implemented

    • Schedule quarterly business satisfaction surveys.
    • Structure and facilitate regular change advisory board meetings.
    • Define and enforce product quality standards.
    • Standardize a streamlined process with defined roles.
    • Configure management tools to better handle requests.

    Multisource Systems

    PRIORITY 4

    • Manage an Ecosystem Composed of In-House and Outsourced Systems

    Various market and company factors are motivating a review on resource and system sourcing strategies. The right sourcing model provides key skills, resources, and capabilities to meet innovation, time to market, financial, and quality goals of the business. However, organizations struggle with how best to support sourcing partners and to allocate the right number of resources to maximize success.

    Introduction

    A multisource system is an ecosystem of integrated internally and externally developed applications, data, and infrastructure. These technologies can be custom developed, heavily configured vendor solutions, or they may be commercial off-the-shelf (COTS) solutions. These systems can also be developed, supported, and managed by internal staff, in partnership with outsourced contractors, or be completely outsourced. Multisource systems should be configured and orchestrated in a way that maximizes the delivery of specific value drivers for the targeted audience.

    Successfully selecting a sourcing approach is not a simple RFP exercise to choose the lowest cost

    Defining and executing a sourcing approach can be a significant investment and risk because of the close interactions third-party services and partners will have with internal staff, enterprise applications and business capabilities. A careful selection and design is necessary.

    The selection of a sourcing partner is not simple. It involves the detailed inspection and examination of different candidates and matching their fit to the broader vision of the multisource system. In cases where control is critical, technology stack and resource sourcing consolidation to a few vendors and partners is preferred. In other cases, where worker productivity and system flexibility are highly prioritized, a plug-and-play best-of-breed approach is preferred.

    Typical factors involved in sourcing decisions.

    Sourcing needs to be driven by your department and system strategies

    How does the department want to be perceived?

    The image that your applications department and teams want to reflect is frequently dependent on the applications they deliver and support, the resources they are composed of, and the capabilities they provide.

    Therefore, choosing the right sourcing approach should be driven by understanding who the teams are and want to be (e.g. internal builder, an integrator, a plug-in player), what they can or want to do (e.g. custom-develop or implement), and what they can deliver or support (e.g. cloud or on-premises) must be established.

    What value is the system delivering?

    Well-integrated systems are the lifeblood of your organization. They provide the capabilities needed to deliver value to customers, employees, and stakeholders. However, underlying system components may not be sourced under a unified strategy, which can lead to duplicate vendor services and high operational costs.

    The right sourcing approach ensures your partners address key capabilities in your system's delivery and support, and that they are positioned to maximize the value of critical and high-impact components.

    Signals

    Business demand may outpace what vendors can support or offer

    Outsourcing and shifting to a buy-over-build applications strategy are common quick fixes to dealing with capacity and skills gaps. However, these quick fixes often become long-term implementations that are not accounted for in the sourcing selection process. Current application and resource sourcing strategies must be reviewed to ensure that vendor arrangements meet the current and upcoming demands and challenges of the business, customers, and enterprise technologies, such as:

    • Pressure from stakeholders to lower operating costs while maintaining or increasing quality and throughput.
    • Technology lock-in that addresses short-term needs but inhibits long-term growth and maturity.
    • Team capacity and talent acquisition not meeting the needs of the business.
    A circle graph is shown with 42% of the circle coloured in dark brown, with the number 42% in the centre.

    of respondents stated they outsourced software development fully or partly in the last 12 months (2021).

    Source: Coding Sans, 2021.

    A circle graph is shown with 65% of the circle coloured in dark brown, with the number 65% in the centre.

    of respondents stated they were at least somewhat satisfied with the result of outsourcing software development.

    Source: Coding Sans, 2021.

    Drivers

    Business-managed applications

    Employees are implementing and building applications without consulting, notifying, or heeding the advice of IT. IT is often ill-equipped and under-resourced to fight against shadow IT. Instead, organizations are shifting the mindset of "fight shadow IT" to "embrace business-managed applications," using good practices in managing multisource systems. A multisource approach strikes the right balance between user empowerment and centralized control with the solutions and architecture that can best enable it.

    Unique problems to solve

    Point solutions offer features to address unique use cases in uncommon technology environments. However, point solutions are often deployed in siloes with limited integration or overlap with other solutions. The right sourcing strategy accommodates the fragmented nature of point solutions into a broader enterprise system strategy, whether that be:

    • Multisource best of breed – integrate various technologies that provide subsets of the features needed for supporting business functions.
    • Multisource custom – integrate systems built in-house with technologies developed by external organizations.
    • Vendor add-ons and integrations – enhance an existing vendor's offering by using their system add-ons as upgrades, new add-ons, or integrations.

    Vendor services

    Some vendor services in a multisource environment may be redundant, conflicting, or incompatible. Given that multisource systems are regularly changing, it is difficult to identify what services are affected, what would be needed to fill the gap of the removed solution, or which redundant services should be removed.

    A multisource approach motivates the continuous rationalization of your vendor services and partners to determine the right mixture of in-house and outsourced resources, capabilities, and technologies.

    Benefits & Risks

    Benefits

    • Business-Focused Solution
    • Flexibility
    • Cost Optimization

    Multisource systems can be designed to support an employee's ability to select the tools they want and need.

    The environment is architected in a loosely coupled approach to allow applications to be easily added, removed, and modified with minimized impact to other integrated applications.

    Rather than investing in large solutions upfront, applications are adopted when they are needed and are removed when little value is gained. Disciplined application portfolio management is necessary to see the full value of this benefit.

    Risks

    • Manageable Sprawl
    • Policy Adherence
    • Integration & Compatibility

    The increased number and diversity of applications in multisource system environments can overwhelm system managers who do not have an effective application portfolio management practice.

    Fragmented application implementations risk inconsistent adherence to security and other quality policies, especially in situations where IT is not involved.

    Application integration can quickly become tangled, untraceable, and unmanageable because of varying team and vendor preferences for specific integration technologies and techniques.

    Address your pressure points to fully realize the benefits of this priority

    Success can be dependent on your ability to address your pressure points.

    Attracting and Retaining Talent

    Enable business-managed applications.

    Create the integrations to enable the easy connection of desired tools to enterprise systems with the appropriate guardrails.

    Maximizing the Return on Technology

    Enhance the functionality of existing applications.

    Complement current application capability gaps with data, features, and services from third-party applications.

    Confidently Shifting to Digital

    Use best-of-breed tools to meet specific digital needs.

    Select the best tools to meet the unique and special functional needs of the digital vision.

    Addressing Competing Priorities

    Agree on a common philosophy on system composition.

    Establish an owner of the multisource system to guide how the system should mature as the organization grows.

    Fostering a Collaborative Culture

    Discuss how applications can work together better in an ecosystem.

    Build committees to discuss how applications can better support each other and drive more value.

    Creating High-Throughput Teams

    Alleviate delivery bottlenecks and issues.

    Leverage third-party sources to fill skills and capacity gaps until a long-term solution can be implemented.

    Recommendations

    Define the goals of your applications department and product vision

    Understanding the applications team's purpose and image is critical in determining how the system they are managing and the skills and capacities they need should be sourced.

    Changing and conflicting definitions of value and goals make it challenging to convey an agreeable strategy of the multisource system. An achievable vision and practical tactics ensure all parties in the multisource system are moving in the same direction.

    Related Research:

    Develop a sourcing partner strategy

    Almost half of all sourcing initiatives do not realize projected savings, and the biggest reason is the choice of partner (Zhang et al., 2018). Making the wrong choice means inferior products, higher costs and the loss of both clients and reputation.

    Choosing the right sourcing partner involves understanding current skills and capacities, finding the right matching partner based on a desired profile, and managing a good working relationship that sees short-term gains and supports long-term goals.

    Related Research:

    Recommendations

    Strengthen enterprise integration practices

    Integration strategies that are focused solely on technology are likely to complicate rather than simplify because little consideration is given on how other systems and processes will be impacted. Enterprise integration needs to bring together business process, applications, and data – in that order.

    Kick-start the process of identifying opportunities for improvement by mapping how applications and data are coordinated to support business activities.

    Related Research:

    Manage your solution architecture and application portfolio

    Haphazardly implementing and integrating applications can generate significant security, performance, and data risks. A well-thought-through solution architecture is essential in laying the architecture quality principles and roadmap on how the multisource system can grow and evolve in a sustainable and maintainable way.

    Good application portfolio management complements the solution architecture as it indicates when low-value and unused applications should be removed to reduce system complexity.

    Related Research:

    Recommendations

    Embrace business-managed applications

    Multisource systems bring a unique opportunity to support the business and end users' desire to implement and develop their own applications. However, traditional models of managing applications may not accommodate the specific IT governance and management practices required to operate business-managed applications:

    • A collaborative and trusting business-IT relationship is key.
    • The role of IT must be reimagined.
    • Business must be accountable for its decisions.

    Related Research:

    CASE STUDY
    Cognizant

    Situation

    • Strives to be primarily an industry-aligned organization that delivers multiple service lines in multiple geographies.
    • Cognizant seeks to carefully consider client culture to create a one-team environment.
    • Value proposition is a consultative approach bringing thought leadership and mutually adding value to the relationship vs. the more traditional order-taker development partner.
    • Wants to share in solution development to facilitate shared successes. Geographic alignment drives knowledge of the client and their challenges, not just about time zone and supportability.
    • Offers one of the largest offshore capabilities in the world, supported by local and nearshore resources to drive local knowledge.
    • Today's clients don't typically want a black box, they are sophisticated and want transparency around the process and solution, to have a partner.
    • Clients do want to know where the work is being delivered from, how it's being done.

    Source: interview with Jay MacIsaac, Cognizant.

    Approach

    • Best relationship comes where teams operate as one.
    • Clients are seeking value, not a development black box.
    • Clients want to have a partner they can engage with, not just an order taker.
    • Want to build a one-team culture with shared goals and deliver business value.
    • Seek a partner that will add to their thinking not echo it.

    Results

    • Cognizant is continuing to deliver double-digit growth and continues to strive for top quartile performance.
    • Growth in the client base has seen the company grow to over 340,000 associates worldwide.

    Digital Organization as a Platform

    PRIORITY 5

    • Create a Common Digital Interface to Access All Products and Services

    A digital platform enables organizations to leverage a flexible, reliable, and scalable foundation to create a valuable DX, ease delivery and management efforts, maximize existing investments, and motivate the broader shift to digital. This approach provides a standard to architect, integrate, configure, and modernize the applications that compose the platform.

    Introduction

    What is digital organization as a platform (DOaaP)?

    Digital organization as a platform (DOaaP) is a collection of integrated digital services, products, applications, and infrastructure that is used as a vehicle to meet and exceed an organization's digital strategies. It often serves as an accessible "place for exchanges of information, goods, or services to occur between producers and consumers as well as the community that interacts
    with said platform" (Watts, 2020).

    DOaaP involves a strategy that paves the way for organizations to be digital. It helps organizations use their assets (e.g. data, processes, products, services) in the most effective ways and become more open to cooperative delivery, usage, and management. This opens opportunities for innovation and cross-department collaborations.

    How is DOaaP described?

    1. Open and Collaborative
      • Open organization: open data, open APIs, transparency, and user participation.
      • Collaboration, co-creation, crowdsourcing, and innovation
    2. Accessible and Connected
      • Digital inclusion
      • Channel ubiquity
      • Integrity and interoperability
      • Digital marketplace
    3. Digital and Programmable
      • Digital identity
      • Policies and processes as code
      • Digital products and services
      • Enabling digital platforms

    Digital organizations follow a common set of principles and practices

    Customer-centricity

    Digital organizations are driven by customer focus, meeting and exceeding customer expectations. It must design its services with a "digital first" principle, providing access through every expected channel and including seamless integration and interoperability with various departments, partners, and third-party services. It also means creating trust in its ability to provide secure services and to keep privacy and ethics as core pillars.

    Leadership, management, and strategies

    Digital leadership brings customer focus to the enterprise and its structures and organizes efficient networks and ecosystems. Accomplishing this means getting rid of silos and a siloed mentality and aligning on a digital vision to design policies and services that are efficient, cost-effective, and provide maximum benefit to the user. Asset sharing, co-creation, and being open and transparent become cornerstones of a digital organization.

    Infrastructure

    Providing digital services across demographics and geographies requires infrastructure, and that in turn requires long-term vision, smart investments, and partnerships with various source partners to create the necessary foundational infrastructure upon which to build digital services.

    Digitization and automation

    Automation and digitization of processes and services, as well as creating digital-first products, lead to increased efficiency and reach of the organization across demographics and geographies. Moreover, by taking a digital-first approach, digital organizations future-proof their services and demonstrate their commitment to stakeholders.

    Enabling platforms

    DOaaP embraces open standards, designing and developing organizational platforms and ecosystems with a cloud-first mindset and sound API strategies. Developer experience must also take center stage, providing the necessary tools and embracing Agile and DevOps practices and culture become prerequisites. Cybersecurity and privacy are central to the digital platform; hence they must be part of the design and development principles and practices.

    Signals

    The business expects support for digital products and services

    Digital transformation continues to be a high-priority initiative for many organizations, and they see DOaaP as an effective way to enable and exploit digital capabilities. However, DOaaP unleashes new strategies, opportunities, and challenges that are elusive or unfamiliar to business leaders. Barriers in current business operating models may limit DOaaP success, such as:

    • Department and functional silos
    • Dispersed, fragmented and poor-quality data
    • Ill-equipped and under-skilled resources to support DOaaP adoption
    • System fragmentation and redundancies
    • Inconsistent integration tactics employed across systems
    • Disjointed user experience leading to low engagement and adoption

    DOaaP is not just about technology, and it is not the sole responsibility of either IT or business. It is the collective responsibility of the organization.

    A circle graph is shown with 47% of the circle coloured in dark blue, with the number 47% in the centre.

    of organizations plan to unlock new value through digital. 50% of organizations are planning major transformation over the next three years.

    Source: Nash Squared, 2022.

    A circle graph is shown with 70% of the circle coloured in dark blue, with the number 70% in the centre.

    of organizations are undertaking digital expansion projects focused on scaling their business with technology. This result is up from 57% in 2021.

    Source: F5 Inc, 2022.

    Drivers

    Unified brand and experience

    Users should have the same experience and perception of a brand no matter what product or service they use. However, fragmented implementation of digital technologies and inconsistent application of design standards makes it difficult to meet this expectation. DOaaP embraces a single design and DX standard for all digital products and services, which creates a consistent perception of your organization's brand and reputation irrespective of what products and services are being used and how they are accessed.

    Accessibility

    Rapid advancement of end-user devices and changes to end-user behaviors and expectations often outpace an organization's ability to meet these requirements. This can make certain organization products and services difficult to find, access and leverage. DOaaP creates an intuitive and searchable interface to all products and services and enables the strategic combination of technologies to collectively deliver more value.

    Justification for modernization

    Many opportunities are left off the table when legacy systems are abstracted away rather than modernized. However, legacy systems may not justify the investment in modernization because their individual value is outweighed by the cost. A DOaaP initiative motivates decision makers to look at the entire system (i.e. modern and legacy) to determine which components need to be brought up to a minimum digital state. The conversation has now changed. Legacy systems should be modernized to increase the collective benefit of the entire DOaaP.

    Benefits & Risks

    Benefits

    • Look & Feel
    • User Adoption
    • Shift to Digital

    A single, modern, customizable interface enables a common look and feel no matter what and how the platform is being accessed.

    Organizations can motivate and encourage the adoption and use of all products and services through the platform and increase the adoption of underused technologies.

    DOaaP motivates and supports the modernization of data, processes, and systems to meet the goals and objectives outlined in the broader digital transformation strategy.

    Risks

    • Data Quality
    • System Stability
    • Ability to Modernize
    • Business Model Change

    Each system may have a different definition of commonly used entities (e.g. customer), which can cause data quality issues when information is shared among these systems.

    DOaaP can stress the performance of underlying systems due to the limitations of some systems to handle increased traffic.

    Some systems cannot be modernized due to cost constraints, business continuity risks, vendor lock-in, legacy and lore, or other blocking factors.

    Limited appetite to make the necessary changes to business operations in order to maximize the value of DOaaP technologies.

    Address your pressure points to fully realize the benefits of this priority

    Success can be dependent on your ability to address your pressure points.

    Attracting and Retaining Talent Promote and showcase achievements and successes. Share the valuable and innovative work of your teams across the organization and with the public.
    Maximizing the Return on Technology Increase visibility of underused applications. Promote the adoption and use of all products and services through the platform and use the lessons learned to justify removal, updates or modernizations.
    Confidently Shifting to Digital Bring all applications up to a common digital standard. Define the baseline digital state all applications, data, and processes must be in to maximize the value of the platform.
    Addressing Competing Priorities Map to a holistic platform vision, goals and objectives. Work with relevant stakeholders, teams and end users to agree on a common directive considering all impacted perspectives.
    Fostering a Collaborative Culture Ensure the platform is configured to meet the individual needs of the users. Tailor the interface and capabilities of the platform to address users' functional and personal concerns.
    Creating High-Throughput Teams Abstract the enterprise system to expedite delivery. Use the platform to standardize application system access to simplify platform changes and quicken development and testing.

    Recommendations

    Define your platform vision

    Organizations realize that a digital model is the way to provide more effective services to their customers and end users in a cost-effective, innovative, and engaging fashion. DOaaP is a way to help support this transition.

    However, various platform stakeholders will have different interpretations of and preferences for what this platform is intended to solve, what benefits it is supposed to deliver, and what capabilities it will deliver. A grounded vision is imperative to steer the roadmap and initiatives.

    Related Research:

    Assess and modernize your applications

    Certain applications may not sufficiently support the compatibility, flexibility, and efficiency requirements of DOaaP. While workaround technologies and tactics can be employed to overcome these application challenges, the full value of the DOaaP may not be realized.

    Reviewing the current state of the application portfolio will indicate the functional and value limitations of what DOaaP can provide and an indication of the scope of investment needed to bring applications up to a minimum state.

    Related Research:

    Recommendations

    Understand and evaluate end-user needs

    Technology has reached a point where it's no longer difficult for teams to build functional and valuable digital platforms. Rather, the difficulty lies in creating an interface and platform that people want to use and use frequently.

    While it is important to increase the access and promotion of all products and services, orchestrating and configuring them in a way to deliver a satisfying experience is even more important. Applications teams must first learn about and empathize with the needs of end users.

    Related Research:

    Architect your platform

    Formalizing and constructing DOaaP just for the sake of doing so often results in an initiative that is lengthy and costly and ends up being considered a failure.

    The build and optimization of the platform must be predicated on a thorough understanding of the DOaaP's goals, objectives, and priorities and the business capabilities and process they are meant to support and enable. The appropriate architecture and delivery practices can then be defined and employed.

    Related Research:

    CASE STUDY
    e-Estonia

    Situation

    The digital strategy of Estonia resulted in e-Estonia, with the vision of "creating a society with more transparency, trust, and efficiency." Estonia has addressed the challenge by creating structures, organizations, and a culture of innovation, and then using the speed and efficiency of digital infrastructure, apps, and services. This strategy can reduce or eliminate bureaucracy through transparency and automation.

    Estonia embarked on its journey to making digital a priority in 1994-1996, focusing on a committed investment in infrastructure and digital literacy. With that infrastructure in place, they started providing digital services like an e-banking service (1996), e-tax and mobile parking (2002), and then went full steam ahead with a digital information interoperability platform in 2001, digital identity in 2002, e-health in 2008, and e-prescription in 2010. The government is now strategizing for AI.

    Results

    This image contains the results of the e-Estonia case study results

    Source: e-Estonia

    Practices employed

    The e-Estonia digital government model serves as a reference for governments across the world; this is acknowledged by the various awards it has received, like #2 in "internet freedom," awarded by Freedom House in 2019; #1 on the "digital health index," awarded by the Bertelsmann Foundation in 2019; and #1 on "start-up friendliness," awarded by Index Venture in 2018.

    References

    "15th State of Agile Report." Digital.ai, 2021. Web.
    "2022 HR Trends Report." McLean & Company, 2022.
    "2022: State of Application Strategy Report." F5 Inc, 2022.
    "Are Executives Wearing Rose-Colored Glasses Around Digital Transformation?" Cyara, 2021. Web.
    "Cost of a Data Breach Report 2022." IBM, 2022. Web.
    Dalal, Vishal, et al. "Tech Debt: Reclaiming Tech Equity." McKinsey Digital, Oct. 2020. Web.
    "Differentiating Between Intelligent Automation and Hyperautomation." IBM, 15 October 2021. Web.
    "Digital Leadership Report 2021." Harvey Nash Group, 2021.
    "Digital Leadership Report 2022: The State of Digital." Nash Squared, 2022. Web.
    Gupta, Sunil. "Driving Digital Strategy: A Guide to Reimagining Your Business." Harvard Business Review Press, 2018. Web.
    Haff, Gordon. "State of Application Modernization Report 2022." Konveyor, 2022. Web.
    "IEEE Standard for Software Maintenance: IEEE Std 1219-1998." IEEE Standard for Software Maintenance, 1998. Accessed Dec. 2015.
    "Intelligent Automation." Cognizant, n.d. Web.
    "Kofax 2022: Intelligent Automation Benchmark Study". Kofax, 2021. Web.
    McCann, Leah. "Barco's Virtual Classroom at UCL: A Case Study for the Future of All University Classrooms?" rAVe, 2 July 2020, Web.
    "Proactive Staffing and Patient Prioritization to Decompress ED and Reduce Length of Stay." University Hospitals, 2018. Web.
    "Secrets of Successful Modernization." looksoftware, 2013. Web.
    "State of Software Development." Coding Sans, 2021. Web.
    "The State of Low-Code/No-Code." Creatio, 2021. Web.
    "We Have Built a Digital Society and We Can Show You How." e-Estonia. n.d. Web.
    Zanna. "The 5 Types of Experience Series (1): Brand Experience Is Your Compass." Accelerate in Experience, 9 February 2020. Web.
    Zhang, Y. et al. "Effects of Risks on the Performance of Business Process Outsourcing Projects: The Moderating Roles of Knowledge Management Capabilities." International Journal of Project Management, 2018, vol. 36 no. 4, 627-639.

    Research Contributors and Experts

    This is a picture of Chris Harrington

    Chris Harrington
    Chief Technology Officer
    Carolinas Telco Federal Credit Union

    Chris Harrington is Chief Technology Officer (CTO) of Carolinas Telco Federal Credit Union. Harrington is a proven leader with over 20 years of experience developing and leading information technology and cybersecurity strategies and teams in the financial industry space.

    This is a picture of Benjamin Palacio

    Benjamin Palacio
    Senior Information Technology Analyst County of Placer

    Benjamin Palacio has been working in the application development space since 2007 with a strong focus on system integrations. He has seamlessly integrated applications data across multiple states into a single reporting solution for management teams to evaluate, and he has codeveloped applications to manage billions in federal funding. He is also a CSAC-credentialed IT Executive (CA, USA).

    This is a picture of Scott Rutherford

    Scott Rutherford
    Executive Vice President, Technology
    LGM Financial Services Inc.

    Scott heads the Technology division of LGM Financial Services Inc., a leading provider of warranty and financing products to automotive OEMs and dealerships in Canada. His responsibilities include strategy and execution of data and analytics, applications, and technology operations.

    This is a picture of Robert Willatts

    Robert Willatts
    IT Manager, Enterprise Business Solutions and Project Services
    Town of Newmarket

    Robert is passionate about technology, innovation, and Smart City Initiatives. He makes customer satisfaction as the top priority in every one of his responsibilities and accountabilities as an IT manager, such as developing business applications, implementing and maintaining enterprise applications, and implementing technical solutions. Robert encourages communication, collaboration, and engagement as he leads and guides IT in the Town of Newmarket.

    This is a picture of Randeep Grewal

    Randeep Grewal
    Vice President, Enterprise Applications
    Red Hat

    Randeep has over 25 years of experience in enterprise applications, advanced analytics, enterprise data management, and consulting services, having worked at numerous blue-chip companies. In his most recent role, he is the Vice President of Enterprise Applications at Red Hat. Reporting to the CIO, he is responsible for Red Hat's core business applications with a focus on enterprise transformation, application architecture, engineering, and operational excellence. He previously led the evolution of Red Hat into a data-led company by maturing the enterprise data and analytics function to include data lake, streaming data, data governance, and operationalization of analytics for decision support.

    Prior to Red Hat, Randeep was the director of global services strategy at Lenovo, where he led the strategy using market data to grow Lenovo's services business by over $400 million in three years. Prior to Lenovo, Randeep was the director of advanced analytics at Alliance One and helped build an enterprise data and analytics function. His earlier work includes seven years at SAS, helping SAS become a leader in business analytics, and at KPMG consulting, where he managed services engagements at Fortune 100 companies.

    Define and Deploy an Enterprise PMO

    • Buy Link or Shortcode: {j2store}189|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $471,249 Average $ Saved
    • member rating average days saved: 53 Average Days Saved
    • Parent Category Name: Project Management Office
    • Parent Category Link: /project-management-office
    • As an enterprise PMO leader, you need to evolve your PMO framework beyond an IT-centric model of project portfolio management (PPM) to optimize communication and coordination on enterprise-wide initiatives.
    • While senior leaders are demanding greater uniformity in strategic project execution, individual departments currently operate—to the detriment of the organization—as sovereign silos.
    • You know that the answer is a more strategically aligned enterprise PMO framework, but you’re unsure of how to start building the case for one, especially when the majority of upper management view PMOs as support entities rather than strategic partners.

    Our Advice

    Critical Insight

    • An EPMO can’t simply be imposed on an organization. If it is not backed by an executive sponsor, then there needs to be an identifiable business value in implementing one, and you need to communicate this value to stakeholders throughout the enterprise.
    • EPMOs add value not by enforcing project or program governance, but by helping organizations achieve strategic goals and manage change.
    • EPMOs enable organizations to succeed on enterprise-wide initiatives by connecting the individual parts to the whole. They should serve as the coordinating mechanism that ensures the flow of information and resources across departments and programs.

    Impact and Result

    • Find the right balance between a command and control approach that dictates governance standards versus an approach that gives business units flexibility to manage projects, programs, and portfolios the way they see fit, as long as they meet certain reporting, process, and record keeping requirements.
    • Effectively define the EPMO’s role, reach, and authority in terms of Portfolio Governance, Project Leadership, and PPM Administration. An organizationally appropriate mix of these three practices will not only ensure stakeholder buy-in, but it will help foster the right conditions for EPMO success.
    • Build strong cross-departmental relationships upon soft or informal grounds by positioning your EPMO as your organization’s portfolio network, i.e. an enterprise hub that facilitates the flow of reliable information and enables timely responsiveness to change.

    Define and Deploy an Enterprise PMO Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how implementing an EPMO could help your organization achieve business goals, review Info-Tech’s methodology, and discover the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Gather requirements

    Evaluate executive stakeholder needs and assess your current capabilities to ensure your implementation strategy sets realistic expectations.

    • Define and Deploy an Enterprise PMO – Phase 1: Gather Requirements
    • EPMO Capabilities Survey

    2. Define the plan

    Define an organizationally appropriate scope and mandate for your EPMO to ensure that your processes serve the needs of the whole.

    • Define and Deploy an Enterprise PMO – Phase 2: Define the Plan
    • EPMO Charter Template
    • EPMO Communication Planning Template

    3. Implement the plan

    Establish clearly defined and easy-to-follow EPMO processes that minimize project complexity and improve enterprise project results.

    • Define and Deploy an Enterprise PMO – Phase 3: Implement the Plan
    • EPMO Process Guide and SOP Template
    • EPMO Communications Template
    [infographic]

    Workshop: Define and Deploy an Enterprise PMO

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Gather Requirements

    The Purpose

    Identify breakdowns in the flow of portfolio data across the enterprise to pinpoint where and how an EPMO can best intervene.

    Assess areas of strength and opportunity in your PPM capabilities to help structure and drive the EPMO.

    Define stakeholder needs and expectations for the EPMO in order to cultivate capabilities and services that help drive informed and engaged project decisions at the executive level.

    Key Benefits Achieved

    A current state picture of the triggers that are driving the need for an EPMO at your organization.

    A current state understanding of the strengths you bring to the table in constructing an EPMO as well as the areas you need to focus on in building up your capabilities.

    A target state set by stakeholder requirements and expectations, which will enable you to build out an implementation strategy that is aligned with the needs of the executive layer.

    Activities

    1.1 Map current enterprise PPM workflows.

    1.2 Conduct a SWOT analysis.

    1.3 Identify resourcing considerations and other implementation factors.

    1.4 Survey stakeholders to establish the right mix of EPMO capabilities.

    Outputs

    An overview of the flow of portfolio data and information across the organization

    An overview of current strengths, weaknesses, opportunities, and threats

    A preliminary assessment of internal and external factors that could impact the success of this implementation

    The ability to construct a project plan that is aligned with stakeholder needs and expectations

    2 Define the Plan

    The Purpose

    Define an appropriate scope for the EPMO and the deployment it services.

    Devise a plan for engaging and including the appropriate stakeholders during the implementation phase.

    Key Benefits Achieved

    A clear purview for the EPMO in relation to the wider enterprise in order to establish appropriate expectations for the EPMO’s services throughout the organization.

    Engaged stakeholders who understand that they have a stake in the successful implementation of the EPMO.

    Activities

    2.1 Prepare your EPMO value proposition.

    2.2 Define the role and organizational reach of your EPPM capabilities.

    2.3 Establish a communication plan to create stakeholder awareness.

    Outputs

    A clear statement of purpose and benefit that can be used to help build the case for an EPMO with stakeholders

    A functional charter defining the scope of the EPMO and providing a statement of the services the EPMO will provide once established

    An engaged executive layer that understands the value of the EPMO and helps drive its success

    3 Implement the Plan

    The Purpose

    Establish clearly defined and easy-to-follow EPMO processes that minimize project complexity.

    Develop portfolio and project governance structures that feed the EPMO with the data decision makers require without overloading enterprise project teams with processes they can’t support.

    Devise a communications strategy that helps achieve organizational buy-in.

    Key Benefits Achieved

    The reduction of project chaos and confusion throughout the organization.

    Processes and governance requirements that work for both decision makers and project teams.

    Organizational understanding of the universal benefit of the EPMO’s processes to stakeholders throughout the enterprise. 

    Activities

    3.1 Establish EPMO roles and responsibilities.

    3.2 Document standard procedures around enterprise portfolio reporting, PPM administration, and project leadership.

    3.3 Review enterprise PPM solutions.

    3.4 Develop a stakeholder engagement and resistance plan.

    Outputs

    Clear lines of portfolio accountability

    A fully actionable EPMO Standard Operating Procedure document that will enable process clarity

    An informed understanding of the right PPM solution for your enterprise processes

    A communications strategy document to help communicate the organizational benefits of the EPMO

    Effectively Manage CxO Relations

    • Buy Link or Shortcode: {j2store}384|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Manage Business Relationships
    • Parent Category Link: /manage-business-relationships

    With the exponential pace of technological change, an organization's success will depend largely on how well CIOs can evolve from technology evangelists to strategic business partners. This will require CIOs to effectively broker relationships to improve IT's effectiveness and create business value. A confidential journal can help you stay committed to fostering productive relationships while building trust to expand your sphere of influence.

    Our Advice

    Critical Insight

    Highly effective executives have in common the ability to successfully balance three things: time, personal capabilities, and relationships. Whether you are a new CIO or an experienced leader, the relentless demands on your time and unpredictable shifts in the organization’s strategy require a personal game plan to deliver business value. Rather than managing stakeholders one IT project at a time, you need an action plan that is tailored for unique work styles.

    Impact and Result

    A personal relationship journal will help you:

    • Understand the context in which key stakeholders operate.
    • Identify the best communication approach to engage with different workstyles.
    • Stay committed to fostering relationships through difficult periods.

    Effectively Manage CxO Relations Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Effectively Manage CxO Relations Storyboard – A guide to creating a personal action plan to help effectively manage relationships across key stakeholders.

    Use this research to create a personal relationship journal in four steps:

    • Effectively Manage CxO Relations Storyboard

    2. Personal Relationship Management Journal Template – An exemplar to help you build your personal relationship journal.

    Use this exemplar to build a journal that is readily accessible, flexible, and easy to maintain.

    • Personal Relationship Management Journal Template

    Infographic

    Further reading

    Effectively Manage CxO Relations

    Make relationship management a daily habit with a personalized action plan.

    Analyst Perspective

    "Technology does not run an enterprise, relationships do." – Patricia Fripp

    As technology becomes increasingly important, an organization's success depends on the evolution of the modern CIO from a technology evangelist to a strategic business leader. The modern CIO will need to leverage their expansive partnerships to demonstrate the value of technology to the business while safeguarding their time and effort on activities that support their strategic priorities. CIOs struggling to transition risk obsolescence with the emergence of new C-suite roles like the Digital Transformation Officer, Chief Digital Officer, Chief Data Officer, and so on.

    CIOs will need to flex new social skills to accommodate diverse styles of work and better predict dynamic situations. This means expanding beyond their comfort level to acquire new social skills. Having a clear understanding of one's own work style (preferences, natural tendencies, motivations, and blind spots) is critical to identify effective communication and engagement tactics.

    Building trust is an art. Striking a balance between fulfilling your own goals and supporting others will require a carefully curated approach to navigate the myriad of personalities and work styles. A personal relationship journal will help you stay committed through these peaks and troughs to foster productive partnerships and expand your sphere of influence over the long term.

    Photo of Joanne Lee
    Joanne Lee
    Principal, Research Director, CIO Advisory
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    In today's unpredictable markets and rapid pace of technological disruptions, CIOs need to create business value by effectively brokering relationships to improve IT's performance. Challenges they face:

    • Operate in silos to run the IT factory.
    • Lack insights into their stakeholders and the context in which they operate.
    • Competing priorities and limited time to spend on fostering relationships.
    • Relationship management programs are narrowly focused on associated change management in IT project delivery.

    Common Obstacles

    Limited span of influence.

    Mistaking formal roles in organizations for influence.

    Understanding what key individuals want and, more importantly, what they don't want.

    Lack of situational awareness to adapt communication styles to individual preferences and context.

    Leveraging different work styles to create a tangible action plan.

    Perceiving relationships as "one and done."

    Info-Tech's Approach

    A personal relationship journal will help you stay committed to fostering productive relationships while building trust to expand your sphere of influence.

    • Identify your key stakeholders.
    • Understand the context in which they operate to define a profile of their mandate, priorities, commitments, and situation.
    • Choose the most effective engagement and communication strategies for different work styles.
    • Create an action plan to monitor and measure your progress.

    Info-Tech Insight

    Highly effective executives have in common the ability to balance three things: time, personal capabilities, and relationships. Whether you are a new CIO or an experienced leader, the relentless demand on your time and unpredictable shifts in the organization's strategy will require a personal game plan to deliver business value. This will require more than managing stakeholders one IT project at a time: It requires an action plan that fosters relationships over the long term.

    Key Concepts

    Stakeholder Management
    A common term used in project management to describe the successful delivery of any project, program, or activity that is associated with organizational change management. The goal of stakeholder management is intricately tied to the goals of the project or activity with a finite end. Not the focus of this advisory research.

    Relationship Management
    A broad term used to describe the relationship between two parties (individuals and/or stakeholder groups) that exists to create connection, inclusion, and influence. The goals are typically associated with the individual's personal objectives and the nature of the interaction is seen as ongoing and long-term.

    Continuum of Commitment
    Info-Tech's framework that illustrates the different levels of commitment in a relationship. It spans from active resistance to those who are committed to actively supporting your personal priorities and objectives. This can be used to baseline where you are today and where you want the relationship to be in the future.

    Work Style
    A reference to an individual's natural tendencies and expectations that manifest itself in their communication, motivations, and leadership skills. This is not a behavior assessment nor a commentary on different personalities but observable behaviors that can indicate different ways people communicate, interact, and lead.

    Glossary
    CDxO: Chief Digital Officer
    CDO: Chief Data Officer
    CxO: C-Suite Executives

    The C-suite is getting crowded, and CIOs need to foster relationships to remain relevant

    The span of influence and authority for CIOs is diminishing with the emergence of Chief Digital Officers and Chief Data Officers.

    63% of CDxOs report directly to the CEO ("Rise of the Chief Digital Officer," CIO.com)

    44% of organizations with a dedicated CDxO in place have a clear digital strategy versus 22% of those without a CDxO (KPMG/Harvey Nash CIO Survey)

    The "good news": CIOs tend to have a longer tenure than CDxOs.

    A diagram that shows the average tenure of C-Suites in years.
    Source: "Age and Tenure of C-Suites," Korn Ferry

    The "bad news": The c-suite is getting overcrowded with other roles like Chief Data Officer.

    A diagram that shows the number of CDOs hired from 2017 to 2021.
    Source: "Chief Data Officer Study," PwC, 2022

    An image of 7 lies technology executives tell ourselves.

    Info-Tech Insight

    The digital evolution has created the emergence of new roles like the Chief Digital Officer and Chief Data Officer. They are a response to bridge the skill gap that exists between the business and technology. CIOs need to focus on building effective partnerships to better communicate the business value generated by technology or they risk becoming obsolete.

    Create a relationship journal to effectively manage your stakeholders

    A diagram of relationship journal

    Info-Tech's approach

    From managing relationships with friends to key business partners, your success will come from having the right game plan. Productive relationships are more than managing stakeholders to support IT initiatives. You need to effectively influence those who have the potential to champion or derail your strategic priorities. Understanding differences in work styles is fundamental to adapting your communication approach to various personalities and situations.

    A diagram that shows from 1.1 to 4.1

    A diagram of business archetypes

    Summary of Insights

    Insight 1: Expand your sphere of influence
    It's not just about gaining a volume of acquaintances. Figure out where you want to spend your limited time, energy, and effort to develop a network of professional allies who will support and help you achieve your strategic priorities.

    Insight 2: Know thyself first and foremost
    Healthy relationships start with understanding your own working style, preferences, and underlying motivations that drive your behavior and ultimately your expectations of others. A win/win scenario emerges when both parties' needs for inclusion, influence, and connection are met or mutually conceded.

    Insight 3: Walk a mile in their shoes
    If you want to build successful partnerships, you need to understand the context in which your stakeholder operates: their motivations, desires, priorities, commitments, and challenges. This will help you adapt as their needs shift and, moreover, leverage empathy to identify the best tactics for different working styles.

    Insight 4: Nurturing relationships is a daily commitment
    Building, fostering, and maintaining professional relationships requires a daily commitment to a plan to get through tough times, competing priorities, and conflicts to build trust, respect, and a shared sense of purpose.

    Related Info-Tech Research

    Supplement your CIO journey with these related blueprints.

    Photo of First 100 Days as CIO

    First 100 Days as CIO

    Photo of Become a Strategic CIO

    Become a Strategic CIO

    Photo of Improve IT Team Effectiveness

    Improve IT Team Effectiveness

    Photo of Become a Transformational CIO

    Become a Transformational CIO

    Executive Brief Case Study

    Logo of Multicap Limited

    • Industry: Community Services
    • Source: Scott Lawry, Head of Digital

    Conversation From Down Under

    What are the hallmarks of a healthy relationship with your key stakeholders?
    "In my view, I work with partners like they are an extension of my team, as we rely on each other to achieve mutual success. Partnerships involve a deeper, more intimate relationship, where both parties are invested in the long-term success of the business."

    Why is it important to understand your stakeholder's situation?
    "It's crucial to remember that every IT project is a business project, and vice versa. As technology leaders, our role is to demystify technology by focusing on its business value. Empathy is a critical trait in this endeavor, as it allows us to see a stakeholder's situation from a business perspective, align better with the business vision and goals, and ultimately connect with people, rather than just technology."

    How do you stay committed during tough times?
    "I strive to leave emotions at the door and avoid taking a defensive stance. It's important to remain neutral and not personalize the issue. Instead, stay focused on the bigger picture and goals, and try to find a common purpose. To build credibility, it's also essential to fact-check assumptions regularly. By following these principles, I approach situations with a clear mind and better perspective, which ultimately helps achieve success."

    Photo of Scott Lawry, Head Of Digital at Multicap Limited

    Key Takeaways

    In a recent conversation with a business executive about the evolving role of CIOs, she expressed: "It's the worst time to be perceived as a technology evangelist and even worse to be perceived as an average CIO who can't communicate the business value of technology."

    This highlights the immense pressure many CIOs face when evolving beyond just managing the IT factory.

    The modern CIO is a business leader who can forge relationships and expand their influence to transform IT into a core driver of business value.

    Stakeholder Sentiment

    Identify key stakeholders and their perception of IT's effectiveness

    1.1 Identify Key Stakeholders

    A diagram of Identify Key Stakeholders

    Identify and prioritize your key stakeholders. Be diligent with stakeholder identification. Use a broad view to identify stakeholders who are known versus those who are "hidden." If stakeholders are missed, then so are opportunities to expand your sphere of influence.

    1.2 Understand Stakeholder's Perception of IT

    A diagram that shows Info-Tech's Diagnostic Reports and Hospital Authority XYZ

    Assess stakeholder sentiments from Info-Tech's diagnostic reports and/or your organization's satisfaction surveys to help identify individuals who may have the greatest influence to support or detract IT's performance and those who are passive observers that can become your greatest allies. Determine where best to focus your limited time amid competing priorities by focusing on the long-term goals that support the organization's vision.

    Info-Tech Insight

    Understand which individuals can directly or indirectly influence your ability to achieve your priorities. Look inside and out, as you may find influencers beyond the obvious peers or executives in an organization. Influence can result from expansive connections, power of persuasion, and trust to get things done.

    Visit Info-Tech's Diagnostic Programs

    Activity: Identify and Prioritize Stakeholders

    30-60 minutes

    1.1 Identify Key Stakeholders

    Start with the key stakeholders that are known to you. Take a 360-degree view of both internal and external connections. Leverage external professional & network platforms (e.g. LinkedIn), alumni connections, professional associations, forums, and others that can help flush out hidden stakeholders.

    1.2 Prioritize Key Stakeholders

    Use stakeholder satisfaction surveys like Info-Tech's Business Vision diagnostic as a starting point to identify those who are your allies and those who have the potential to derail IT's success, your professional brand, and your strategic priorities. Review the results of the diagnostic reports to flush out those who are:

    • Resisters: Vocal about their dissatisfaction with IT's performance and actively sabotage or disrupt
    • Skeptics: Disengaged, passive observers
    • Ambassadors: Aligned but don't proactively support
    • Champions: Actively engaged and will proactively support your success

    Consider the following:

    • Influencers may not have formal authority within an organization but have relationships with your stakeholders.
    • Influencers may be hiding in many places, like the coach of your daughter's soccer team who rows with your CEO.
    • Prioritize, i.e. three degrees of separation due to potential diverse reach of influence.

    Key Output: Create a tab for your most critical stakeholders.

    A diagram that shows profile tabs

    Download the Personal Relationship Management Journal Template.

    Understand stakeholders' business

    Create a stakeholder profile to understand the context in which stakeholders operate.

    2.1 Create individual profile for each stakeholder

    A diagram that shows different stakeholder questions

    Collect and analyze key information to understand the context in which your stakeholders operate. Use the information to derive insights about their mandate, accountabilities, strategic goals, investment priorities, and performance metrics and challenges they may be facing.

    Stakeholder profiles can be used to help design the best approach for personal interactions with individuals as their business context changes.

    If you are short on time, use this checklist to gather information:

    • Stakeholder's business unit (BU) strategy goals
    • High-level organizational chart
    • BU operational model or capability map
    • Key performance metrics
    • Projects underway and planned
    • Financial budget (if available)
    • Milestone dates for key commitments and events
    • External platforms like LinkedIn, Facebook, Twitter, Slack, Instagram, Meetup, blogs

    Info-Tech Insight

    Understanding what stakeholders want (and more importantly, what they don't) requires knowing their business and the personal and social circumstances underlying their priorities and behaviors.

    Activity: Create a stakeholder profile

    30-60 minutes

    2.1.0 Understand stakeholder's business context

    Create a profile for each of your priority stakeholders to document their business context. Review all the information collected to understand their mandate, core accountability, and business capabilities. The context in which individuals operate is a window into the motivations, pressures, and vested interests that will influence the intersectionality between their expectations and yours.

    2.1.1 Document Observable Challenges as Private Notes

    Crushing demands and competing priorities can lead to tension and stress as people jockey to safeguard their time. Identify some observable challenges to create greater situational awareness. Possible underlying factors:

    • Sudden shifts/changes in mandate
    • Performance (operations, projects)
    • Finance
    • Resource and talent gaps
    • Politics
    • Personal circumstances
    • Capability gaps/limitations
    • Capacity challenges

    A diagram that shows considerations of this activity.

    Analyze Stakeholder's Work Style

    Adapt communication styles to the situational context in which your stakeholders operate

    2.2 Determine the ideal approach for engaging each stakeholder

    Each stakeholder has a preferred modality of working which is further influenced by dynamic situations. Some prefer to meet frequently to collaborate on solutions while others prefer to analyze data in solitude before presenting information to substantiate recommendations. However, fostering trust requires:

    1. Understanding your preferred default when engaging others.
    2. Knowing where you need to expand your skills.
    3. Identifying which skills to activate for different professional scenarios.

    Adapting your communication style to create productive interactions will require a diverse arsenal of interpersonal skills that you can draw upon as situations shift. The ability to adapt your work style to dial any specific trait up or down will help to increase your powers of persuasion and influence.

    "There are only two ways to influence human behavior: you can manipulate it, or you can inspire it." – Simon Sinek

    Activity: Identify Engagement Strategies

    30 minutes

    2.2.0 Establish work styles

    Every individual has a preferred style of working. Determine work styles starting with self-awareness:

    • Express myself - How you communicate and interact with others
    • Expression by others - How you want others to communicate and interact with you

    Through observation and situational awareness, we can make inferences about people's work style.

    • Observations - Observable traits of other people's work style
    • Situations - Personal and professional circumstances that influence how we communicate and interact with one another

    Where appropriate and when opportunities arise, ask individuals directly about their preferred work styles and method for communication. What is their preferred method of communication? During a normal course of interaction vs. for urgent priorities?

    2.2.1 Brainstorm possible engagement strategies

    Consider the following when brainstorming engagement strategies for different work styles.

    A table of involvement, influence, and connection.

    Think engagement strategies in different professional scenarios:

    • Meetings - Where and how you connect
    • Communicating - How and what you communicate to create connection
    • Collaborating - What degree of involved in shared activities
    • Persuading - How you influence or direct others to get things done

    Expand New Interpersonal Skills

    Use the Business Archetypes to brainstorm possible approaches for engaging with different work styles. Additional communication and engagement tactics may need to be considered based on circumstances and changing situations.

    A diagram that shows business archetypes and engagement strategies.

    Communicate Effectively

    Productive communication is a dialogue that requires active listening, tailoring messages to fluid situations, and seeking feedback to adapt.

    A diagram of elements that contributes to better align intention and impact

    Be Relevant

    • Understand why you need to communicate
    • Determine what you need to convey
    • Tailor your message to what matters to the audience and their context
    • Identify the most appropriate medium based on the situation

    Be Consistent and Accurate

    • Say what you mean and mean what you say to avoid duplicity
    • Information should be accurate and complete
    • Communicate truthfully; do not make false promises or hide bad news
    • Don't gossip

    Be Clear and Concise

    • Keep it simple and avoid excessive jargon
    • State asks upfront to set intention and transparency
    • Avoid ambiguity and focus on outcomes over details
    • Be brief and to the point or risk losing stakeholder's attention

    Be Attentive and Authentic

    • Stay engaged and listen actively
    • Be curious and inquire for clarification or explanation
    • Be flexible to adapt to both verbal and non-verbal cues
    • Be authentic in your approach to sharing yourself
    • Avoid "canned" approaches

    A diagram of listen, observe, reflect.


    "Good communication is the bridge between confusion and clarity."– Nat Turner (LinkedIn, 2020)

    Exemplar: Engaging With Jane

    A diagram that shows Exemplar: Engaging With Jane

    Exemplar: Engaging With Ali

    A diagram that shows Exemplar: Engaging With Ali

    Develop an Action Plan

    Moving from intent to action requires a plan to ensure you stay committed through the peaks and troughs.

    Create Your 120-Day Plan

    An action plan example

    Key elements of the action plan:

    • Strategic priorities – Your top focus
    • Objective – Your goals
    • 30-60-90-120 Day Topics – Key agenda items
    • Meeting Progress Notes – Key takeaways from meetings
    • Private Notes – Confidential observations

    Investing in relationships is a long-term process. You need to accumulate enough trust to trade or establish coalitions to expand your sphere of influence. Even the strongest of professional ties will have their bouts of discord. To remain committed to building the relationship during difficult periods, use an action plan that helps you stay grounded around:

    • Shared purpose
    • Removing emotion from the situation
    • Continuously learning from every interaction

    Photo of Angela Diop
    "Make intentional actions to set intentionality. Plans are good to keep you grounded and focused especially when relationship go through ups and down and there are changes: to new people and new relationships."
    – Angela Diop, Senior Director, Executive Services, Info-Tech & former VP of Information Services with Unity Health Care

    Activity: Design a Tailored Action Plan

    30-60 minutes

    3.1.0 Determine your personal expectations

    Establish your personal goals and expectations around what you are seeking from the relationship. Determine the strength of your current connection and identify where you want to move the relationship across the continuum of commitment.

    Use insights from your stakeholder's profile to explore their span of influence and degree of interest in supporting your strategic priorities.

    3.1.1 Determine what you want from the relationship

    Based on your personal goals, identify where you want to move the relationship across the continuum of commitment: What are you hoping to achieve from the relationship? How will this help create a win/win situation for both you and the key stakeholder?

    A diagram of Continuum of Commitment.

    3.1.2 Identify your metrics for progress

    Fostering relationships take time and commitment. Utilizing metrics or personal success criteria for each of your focus areas will help you stay on track and find opportunities to make each engagement valuable instead of being transactional.

    A graph that shows influence vs interest.

    Make your action plan impactful

    Level of Connection

    The strength of the relationship will help inform the level of time and effort needed to achieve your goals.

    • Is this a new or existing relationship?
    • How often do you connect with this individual?
    • Are the connections driven by a shared purpose or transactional as needs arise?

    Focus on Relational Value

    Cultivate your network and relationship with the goal of building emotional connection, understanding, and trust around your shared purpose and organization's vision through regular dialogue. Be mindful of transactional exchanges ("quid pro quo") to be strategic about its use. Treat every interaction as equally important regardless of agenda, duration, or channel of communication.

    Plan and Prepare

    Everyone's time is valuable, and you need to come prepared with a clear understanding of why you are engaging. Think about the intentionality of the conversation:

    • Gain buy-in
    • Create transparency
    • Specific ask
    • Build trust and respect
    • Provide information to clarify, clear, or contain a situation

    Non-Verbal Communication Matters

    Communication is built on both overt expressions and subtext. While verbal communication is the most recognizable form, non-lexical components of verbal communication (i.e. paralanguage) can alter stated vs. intended meaning. Engage with the following in mind:

    • Tone, pitch, speed, and hesitation
    • Facial expressions and gestures
    • Choice of channel for engagement

    Exemplar: Action Plan for VP, Digital

    A diagram that shows Exemplar: Action Plan for VP, Digital

    Make Relationship Management a Daily Habit

    Management plans are living documents and need to be flexible to adapt to changes in stakeholder context.

    Monitor and Adjust to Communicate Strategically

    A diagram that shows Principles for Effective Communication and Key Measures

    Building trust takes time and commitment. Treat every conversation with your key stakeholders as an investment in building the social capital to expand your span of influence when and where you need it to go. This requires making relationship management a daily habit. Action plans need to be a living document that is your personal journal to document your observations, feelings, and actions. Such a plan enables you to make constant adjustments along the relationship journey.

    "Without involvement, there is no commitment. Mark it down, asterisk it, circle it, underline it."– Stephen Convey (LinkedIn, 2016)

    Capture some simple metrics

    If you can't measure your actions, you can't manage the relationship.

    An example of measures: what, why, how - metrics, and intended outcome.

    While a personal relationship journal is not a formal performance management tool, identifying some tangible measures will improve the likelihood of aligning your intent with outcomes. Good measures will help you focus your efforts, time, and resources appropriately.

    Keep the following in mind:

    1. WHAT are you trying to measure?
      Specific to the situation or scenario
    2. WHY is this important?
      Relevant to your personal goals
    3. HOW will you measure?
      Achievable and quantifiable
    4. WHAT will the results tell you?
      Intended outcome that is directional

    Summary of accomplishments

    Knowledge Gained

    • Relationship management is critical to a CIO's success
    • A personal relationship journal will help build:
      • Customized approach to engaging stakeholders
      • New communication skills to adapt to different work styles

    New Concepts

    • Work style assessment framework and engagement strategies
    • Effective communication strategies
    • Continuum of commitment to establish personal goals

    Approach to Creating a Personal Journal

    • Step-by-step approach to create a personal journal
    • Key elements for inclusion in a journal
    • Exemplar and recommendations

    Related Info-Tech Research

    Photo of Tech Trends and Priorities Research Centre

    Tech Trends and Priorities Research Centre

    Access Info-Tech's Tech Trend reports and research center to learn about current industry trends, shifts in markets, and disruptions that are impacting your industry and sector. This is a great starting place to gain insights into how the ecosystem is changing your business and the role of IT within it.

    Photo of Embed Business Relationship Management in IT

    Embed Business Relationship Management in IT

    Create a business relationship management (BRM) function in your program to foster a more effective partnership with the business and drive IT's value to the organization.

    Photo of Become a Transformational CIO

    Become a Transformational CIO

    Collaborate with the business to lead transformation and leave behind a legacy of growth.

    Appendix: Framework

    Content:

    • Adaptation of DiSC profile assessment
    • DiSC Profile Assessment
    • FIRO-B Framework
    • Experience Cube

    Info-Tech's Adaption of DiSC Assessment

    A diagram of business archetypes

    Info-Tech's Business Archetypes was created based on our analysis of the DiSC Profile and Myers-Briggs FIRO-B personality assessment tools that are focused on assessing interpersonal traits to better understand personalities.

    The adaptation is due in part to Info-Tech's focus on not designing a personality assessment tool as this is neither the intent nor the expertise of our services. Instead, the primary purpose of this adaptation is to create a simple framework for our members to base their observations of behavioral cues to identify appropriate communication styles to better interact with key stakeholders.

    Cautionary note:
    Business archetypes are personas and should not be used to label, make assumptions and/or any other biased judgements about individual personalities. Every individual has all elements and aspects of traits across various spectrums. This must always remain at the forefront when utilizing any type of personality assessments or frameworks.

    Click here to learn about DiSC Profile
    Click here learn about FIRO-B
    Click here learn about Experience Cube

    DiSC Profile Assessment

    A photo of DiSC Profile Assessment

    What is DiSC?

    DisC® is a personal assessment tool that was originally developed in 1928 by psychologist William Moulton Marston, who designed it to predict job performance. The tool has evolved and is now widely used by thousands of organizations around the world, from large government agencies and Fortune 500 companies to nonprofit and small businesses, to help improve teamwork, communication, and productivity in the workplace. The tool provides a common language people can use to better understand themselves and those they interact with - and use this knowledge to reduce conflict and improve working relationships.

    What does DiSC mean?

    DiSC is an acronym that stands for the four main personality profiles described in the Everything DiSC model: (D)ominance, (i)nfluence, (S)teadiness, (C)onscientiousness

    People with (D) personalities tend to be confident and emphasize accomplishing bottom-line results.
    People with (i) personalities tend to be more open and emphasize relationships and influencing or persuading others.
    People with (S) personalities tend to be dependable and emphasize cooperation and sincerity.
    People with (C) personalities tend to emphasize quality, accuracy, expertise, and competency.

    Go to this link to explore the DiSC styles

    FIRO-B® – Interpersonal Assessment

    A diagram of FIRO framework

    What is FIRO workplace relations?

    The Fundamental Interpersonal Relations Orientation Behavior (FIRO-B®) tool has been around for forty years. The tool assesses your interpersonal needs and the impact of your behavior in the workplace. The framework reveals how individuals can shape and adapt their individual behaviors, influence others effectively, and build trust among colleagues. It has been an excellent resource for coaching individuals and teams about the underlying drivers behind their interactions with others to effectively build successful working relationships.

    What does the FIRO framework measure?

    The FIRO framework addresses five key questions that revolve around three interpersonal needs. Fundamentally, the framework focuses on how you want to express yourself toward others and how you want others to behave toward you. This interaction will ultimately result in the universal needs for (a) inclusion, (b) control, and (c) affection. The insights from the results are intended to help individuals adjust their behavior in relationships to get what they need while also building trust with others. This will allow you to better predict and adapt to different situations in the workplace.

    How can FIRO influence individual and team performance in the workplace?

    FIRO helps people recognize where they may be giving out mixed messages and prompts them to adapt their exhibited behaviors to build trust in their relationships. It also reveals ways of improving relationships by showing individuals how they are seen by others, and how this external view may differ from how they see themselves. Using this lens empowers people to adjust their behavior, enabling them to effectively influence others to achieve high performance.

    In team settings, it is a rich source of information to explore motivations, underlying tensions, inconsistent behaviors, and the mixed messages that can lead to mistrust and derailment. It demonstrates how people may approach teamwork differently and explains the potential for inefficiencies and delays in delivery. Through the concept of behavioral flexibility, it helps defuse cultural stereotypes and streamline cross-cultural teams within organizations.

    Go to this link to explore FIRO-B for Business

    Experience Cube

    A diagram of experience cube model.

    What is an experience cube?

    The Experience Cube model was developed by Gervase Bushe, a professor of Leadership and Organization at the Simon Fraser University's school of Business and a thought leader in the field of organizational behavior. The experience cube is intended as a tool to plan and manage conversations to communicate more effectively in the moment. It does this by promoting self-awareness to better reduce anxiety and adapt to evolving and uncertain situations.

    How does the experience cube work?

    Using the four elements of the experience cube (Observations, Thoughts, Feelings, and Wants) helps you to separate your experience with the situation from your potential judgements about the situation. This approach removes blame and minimizes defensiveness, facilitating a positive discussion. The goal is to engage in a continuous internal feedback loop that allows you to walk through all four quadrants in the moment to help promote self-awareness. With heightened self-awareness, you may (1) remain curious and ask questions, (2) check-in for understanding and clarification, and (3) build consensus through agreement on shared purpose and next steps.

    Observations: Sensory data (information you take in through your senses), primarily what you see and hear. What a video camera would record.

    Thoughts: The meaning you add to your observations (i.e. the way you make sense of them, including your beliefs, expectations, assumptions, judgments, values, and principles). We call this the "story you make up."

    Feelings: Your emotional or physiological response to the thoughts and observations. Feelings words such as sad, mad, glad, scared, or a description of what is happening in your body.

    Wants: Clear description of the outcome you seek. Wants go deeper than a simple request for action. Once you clearly state what you want, there may be different ways to achieve it.

    Go to this link to explore more: Experience Cube

    Research Contributors and Experts

    Photo of Joanne Lee
    Joanne Lee
    Principal, Research Director, CIO Advisory
    Info-Tech Research Group

    Joanne is a professional executive with over twenty-five years of experience in digital technology and management consulting spanning healthcare, government, municipal, and commercial sectors across Canada and globally. She has successfully led several large, complex digital and business transformation programs. A consummate strategist, her expertise spans digital and technology strategy, organizational redesign, large complex digital and business transformation, governance, process redesign, and PPM. Prior to joining Info-Tech Research Group, Joanne was a Director with KPMG's CIO Advisory management consulting services and the Digital Health practice lead for Western Canada. She brings a practical and evidence-based approach to complex problems enabled by technology.

    Joanne holds a Master's degree in Business and Health Policy from the University of Toronto and a Bachelor of Science (Nursing) from the University of British Columbia.



    Photo of Gord Harrison
    Gord Harrison
    Senior Vice President, Research and Advisory
    Info-Tech Research Group

    Gord Harrison, SVP, Research and Consulting, has been with Info-Tech Research Group since 2002. In that time, Gord leveraged his experience as the company's CIO, VP Research Operations, and SVP Research to bring the consulting and research teams together under his current role, and to further develop Info-Tech's practical, tactical, and value-oriented research product to the benefit of both organizations.

    Prior to Info-Tech, Gord was an IT consultant for many years with a focus on business analysis, software development, technical architecture, and project management. His background of educational game software development, and later, insurance industry application development gave him a well-rounded foundation in many IT topics. Gord prides himself on bringing order out of chaos and his customer-first, early value agile philosophy keeps him focused on delivering exceptional experiences to our customers.



    Photo of Angela Diop
    Angela Diop
    Senior Director, Executive Services
    Info-Tech Research Group

    Angela has over twenty-five years of experience in healthcare, as both a healthcare provider and IT professional. She has spent over fifteen years leading technology departments and implementing, integrating, managing, and optimizing patient-facing and clinical information systems. She believes that a key to a healthcare organization's ability to optimize health information systems and infrastructure is to break the silos that exist in healthcare organizations.

    Prior to joining Info-Tech, Angela was the Vice President of Information Services with Unity Health Care. She has demonstrated leadership and success in this area by fostering environments where business and IT collaborate to create systems and governance that are critical to providing patient care and sustaining organizational health.

    Angela has a Bachelor of Science in Systems Engineering and Design from the University of Illinois and a Doctorate of Naturopathic Medicine from Bastyr University. She is a Certified CIO with the College of Healthcare Information Management Executives. She is a two-time Health Information Systems Society (HIMSS) Davies winner.



    Photo of Edison Barreto
    Edison Barreto
    Senior Director, Executive Services
    Info-Tech Research Group

    Edison is a dynamic technology leader with experience growing different enterprises and changing IT through creating fast-paced organizations with cultural, modernization, and digital transformation initiatives. He is well versed in creating IT and business cross-functional leadership teams to align business goals with IT modernization and revenue growth. Over twenty-five years of Gaming, Hospitality, Retail, and F&B experience has given him a unique perspective on guiding and coaching the creation of IT department roadmaps to focus on business needs and execute successful changes.

    Edison has broad business sector experience, including:
    Hospitality, Gaming, Sports and Entertainment, IT policy and oversight, IT modernization, Cloud first programs, R&D, PCI, GRDP, Regulatory oversight, Mergers acquisitions and divestitures.



    Photo of Mike Tweedie
    Mike Tweedie
    Practice Lead, CIO Strategy
    Info-Tech Research Group

    Michael Tweedie is the Practice Lead, CIO – IT Strategy at Info-Tech Research Group, specializing in creating and delivering client-driven, project-based, practical research, and advisory. He brings more than twenty-five years of experience in technology and IT services as well as success in large enterprise digital transformations.

    Prior to joining Info-Tech, Mike was responsible for technology at ADP Canada. In that role, Mike led several large transformation projects that covered core infrastructure, applications, and services and worked closely with and aligned vendors and partners. The results were seamless and transparent migrations to current services, like public cloud, and a completely revamped end-user landscape that allowed for and supported a fully remote workforce.

    Prior to ADP, Mike was the North American Head of Engineering and Service Offerings for a large French IT services firm, with a focus on cloud adoption and complex ERP deployment and management; he managed large, diverse global teams and had responsibilities for end-to-end P&L management.

    Mike holds a Bachelor's degree in Architecture from Ryerson University.



    Photo of Carlene McCubbin
    Carlene McCubbin
    Practice Lead, People and Leadership
    Info-Tech Research Group

    Carlene McCubbin is a Research Lead for the CIO Advisory Practice at Info-Tech Research Group covering key topics in operating models & design, governance, and human capital development.

    During her tenure at Info-Tech, Carlene has led the development of Info-Tech's Organization and Leadership practice and worked with multiple clients to leverage the methodologies by creating custom programs to fit each organization's needs.

    Before joining Info-Tech, Carlene received her Master of Communications Management from McGill University, where she studied development of internal and external communications, government relations, and change management. Her education honed her abilities in rigorous research, data analysis, writing, and understanding the organization holistically, which has served her well in the business IT world.



    Photo of Anubhav Sharma
    Anubhav Sharma
    Research Director, CIO Strategy
    Info-Tech Research Group

    Anubhav is a digital strategy and execution professional with extensive experience in leading large-scale transformation mandates for organizations both in North America and globally, including defining digital strategies for leading banks and spearheading a large-scale transformation project for a global logistics pioneer across ten countries. Prior to joining Info-Tech Research Group, he held several industry and consulting positions in Fortune 500 companies driving their business and technology strategies. In 2023, he was recognized as a "Top 50 Digital Innovator in Banking" by industry peers.

    Anubhav holds an MBA in Strategy from HEC Paris, a Master's degree in Finance from IIT-Delhi, and a Bachelor's degree in Engineering.



    Photo of Kim Osborne-Rodriguez
    Kim Osborne-Rodriguez
    Research Director, CIO Strategy
    Info-Tech Research Group

    Kim is a professional engineer and Registered Communications Distribution Designer (RCDD) with over a decade of experience in management and engineering consulting spanning healthcare, higher education, and commercial sectors. She has worked on some of the largest hospital construction projects in Canada, from early visioning and IT strategy through to design, specifications, and construction administration. She brings a practical and evidence-based approach to digital transformation, with a track record of supporting successful implementations.

    Kim holds a Bachelor's degree in Mechatronics Engineering from University of Waterloo.



    Photo of Amanda Mathieson
    Amanda Mathieson
    Research Director, People and Leadership
    Info-Tech Research Group

    Amanda joined Info-Tech Research Group in 2019 and brings twenty years of expertise working in Canada, the US, and globally. Her expertise in leadership development, organizational change management, and performance and talent management comes from her experience in various industries spanning pharmaceutical, retail insurance, and financial services. She takes a practical, experiential approach to people and leadership development that is grounded in adult learning methodologies and leadership theory. She is passionate about identifying and developing potential talent, as well as ensuring the success of leaders as they transition into more senior roles.

    Amanda has a Bachelor of Commerce degree and Master of Arts in Organization and Leadership Development from Fielding Graduate University, as well as a post-graduate diploma in Adult Learning Methodologies from St. Francis Xavier University. She also has certifications in Emotional Intelligence – EQ-i 2.0 & 360, Prosci ADKAR® Change Management, and Myers-Briggs Type Indicator Step I and II.

    Bibliography

    Bacey, Christopher. "KPMG/Harvey Nash CIO Survey finds most organizations lack enterprise-wide digital strategy." Harvey Nash/KPMG CIO Survey. Accessed Jan. 6, 2023. KPMG News Perspective - KPMG.us.com

    Calvert, Wu-Pong Susanna. "The Importance of Rapport. Five tips for creating conversational reciprocity." Psychology Today Magazine. June 30, 2022. Accessed Feb. 10, 2023. psychologytoday.com/blog

    Coaches Council. "14 Ways to Build More Meaningful Professional Relationships." Forbes Magazine. September 16, 2020. Accessed Feb. 20, 2023. forbes.com/forbescoachescouncil

    Council members. "How to Build Authentic Business Relationships." Forbes Magazine. June 15, 2021. Accessed Jan. 15, 2023. Forbes.com/business council

    Deloitte. "Chief Information Officer (CIO) Labs. Transform and advance the role of the CIO." The CIO program. Accessed Feb. 5, 2021.

    Dharsarathy, Anusha et al. "The CIO challenge: Modern business needs a new kind of tech leader." McKinsey and Company. January 27, 2020. Accessed Feb 2023. Mckinsey.com

    DiSC profile. "What is DiSC?" DiSC Profile Website. Accessed Feb. 5, 2023. discprofile.com

    FIRO Assessment. "Better working relationships". Myers Brigg Website. Resource document downloaded Feb. 10, 2023. myersbriggs.com/article

    Fripp, Patricia. "Frippicisms." Website. Accessed Feb. 25, 2023. fripp.com

    Grossman, Rhys. "The Rise of the Chief Digital Officer." Russell Reynolds Insights, January 1, 2012. Accessed Jan. 5, 2023. Rise of the Chief Digital Officer - russellreynolds.com

    Kambil, Ajit. "Influencing stakeholders: Persuade, trade, or compel." Deloitte Article. August 9, 2017. Accessed Feb. 19, 2023. www2.deloitte.com/insights

    Kambil, Ajit. "Navigating the C-suite: Managing Stakeholder Relationships." Deloitte Article. March 8, 2017. Accessed Feb. 19, 2023. www2.deloitte.com/insights

    Korn Ferry. "Age and tenure in the C-suite." Kornferry.com. Accessed Jan. 6, 2023. Korn Ferry Study Reveals Trends by Title and Industry

    Kumthekar, Uday. "Communication Channels in Project". Linkedin.com, 3 March 2020. Accessed April 27, 2023. Linkedin.com/Pulse/Communication Channels

    McWilliams, Allison. "Why You Need Effective Relationships at Work." Psychology Today Magazine. May 5, 2022. Accessed Feb. 11, 2023. psychologytoday.com/blog

    McKinsey & Company. "Why do most transformations fail? A conversation with Harry Robinson." Transformation Practice. July 2019. Accessed Jan. 10, 2023. Mckinsey.com

    Mind Tools Content Team. "Building Good Work Relationships." MindTools Article. Accessed Feb. 11, 2023. mindtools.com/building good work relationships

    Pratt, Mary. "Why the CIO-CFO relationship is key to digital success." TechTarget Magazine. November 11, 2021. Accessed Feb. 2023. Techtarget.com

    LaMountain, Dennis. "Quote of the Week: No Involvement, No Commitment". Linkedin.com, 3 April 2016. Accessed April 27, 2023. Linkedin.com/pulse/quote-week-involvement

    PwC Pulse Survey. "Managing Business Risks". PwC Library. 2022. Accessed Jan. 30, 2023. pwc.com/pulse-survey

    Rowell, Darin. "3 Traits of a Strong Professional Relationship." Harvard Business Review. August 8, 2019. Accessed Feb. 20, 2023. hbr.org/2019/Traits of a strong professional relationship

    Sinek, Simon. "The Optimism Company from Simon Sinek." Website. Image Source. Accessed, Feb. 21, 2023. simonsinek.com

    Sinek, Simon. "There are only two ways to influence human behavior: you can manipulate it or you can inspire it." Twitter. Dec 9, 2022. Accessed Feb. 20, 2023. twitter.com/simonsinek

    Whitbourne, Susan Krauss. "10 Ways to Measure the Health of Relationship." Psychology Today Magazine. Aug. 7, 2021. Accessed Jan. 30, 2023. psychologytoday.com/blog

    Build a Security Metrics Program to Drive Maturity

    • Buy Link or Shortcode: {j2store}266|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $22,947 Average $ Saved
    • member rating average days saved: 8 Average Days Saved
    • Parent Category Name: Security Processes & Operations
    • Parent Category Link: /security-processes-and-operations
    • Many security leaders put off adding metrics to their program because they don't know where to start or how to assess what is worth measuring.
    • Sometimes, this uncertainty causes the belief that their security programs are not mature enough for metrics to be worthwhile.
    • Because metrics can become very technical and precise,it's easy to think that they're inherently complicated (not true).

    Our Advice

    Critical Insight

    • The best metrics are tied to goals.
    • Tying your metrics to goals ensures that you are collecting metrics for a specific purpose rather than just to watch the numbers change.

    Impact and Result

    • A metric, really, is just a measure of success against a given goal. Gradually, programs will achieve their goals and set new more specific goals, and with them come more-specific metrics.
    • It is not necessary to jump into highly technical metrics right away. A lot can be gained from metrics that track behaviors.
    • A metrics program can be very simple and still effectively demonstrate the value of security to the organization. The key is to link your metrics to the goals or objectives the security team is pursuing, even if they are simple implementation plans (e.g. percentage of departments that have received security training course).

    Build a Security Metrics Program to Drive Maturity Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build a security metrics program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Link security metrics to goals to boost maturity

    Develop goals and KPIs to measure your progress.

    • Build a Security Metrics Program to Drive Maturity – Phase 1: Link Security Metrics to Goals to Boost Maturity
    • Security Metrics Determination and Tracking Tool
    • KPI Development Worksheets

    2. Adapt your reporting strategy for various metric types

    Learn how to present different types of metrics.

    • Build a Security Metrics Program to Drive Maturity – Phase 2: Adapt Your Reporting Strategy for Various Metric Types
    • Security Metrics KPX Dashboard
    • Board-Level Security Metrics Presentation Template
    [infographic]

    Workshop: Build a Security Metrics Program to Drive Maturity

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Current State, Initiatives, and Goals

    The Purpose

    Create a prioritized list of goals to improve the security program’s current state.

    Key Benefits Achieved

    Insight into the current program and the direct it needs to head in.

    Activities

    1.1 Discuss current state and existing approach to metrics.

    1.2 Review contract metrics already in place (or available).

    1.3 Determine security areas that should be measured.

    1.4 Determine what stakeholders are involved.

    1.5 Review current initiatives to address those risks (security strategy, if in place).

    1.6 Begin developing SMART goals for your initiative roadmap.

    Outputs

    Gap analysis results

    SMART goals

    2 KPI Development

    The Purpose

    Develop unique KPIs to measure progress against your security goals.

    Key Benefits Achieved

    Learn how to develop KPIs

    Prioritized list of security goals

    Activities

    2.1 Continue SMART goal development.

    2.2 Sort goals into types.

    2.3 Rephrase goals as KPIs and list associated metric(s).

    2.4 Continue KPI development.

    Outputs

    KPI Evolution Worksheet

    3 Metrics Prioritization

    The Purpose

    Determine which metrics will be included in the initial program launch.

    Key Benefits Achieved

    A set of realistic and manageable goals-based metrics.

    Activities

    3.1 Lay out prioritization criteria.

    3.2 Determine priority metrics (implementation).

    3.3 Determine priority metrics (improvement & organizational trend).

    Outputs

    Prioritized metrics

    Tool for tracking and presentation

    4 Metrics Reporting

    The Purpose

    Strategize presentation based around metric type to indicate organization’s risk posture.

    Key Benefits Achieved

    Develop versatile reporting techniques

    Activities

    4.1 Review metric types and discuss reporting strategies for each.

    4.2 Develop a story about risk.

    4.3 Discuss the use of KPXs and how to scale for less mature programs.

    Outputs

    Key Performance Index Tool and presentation materials

    Further reading

    Build a Security Metrics Program to Drive Maturity

    Good metrics come from good goals.

    ANALYST PERSPECTIVE

    Metrics are a maturity driver.

    "Metrics programs tend to fall into two groups: non-existent and unhelpful.

    The reason so many security professionals struggle to develop a meaningful metrics program is because they are unsure of what to measure or why.

    The truth is, for metrics to be useful, they need to be tied to something you care about – a state you are trying to achieve. In other words, some kind of goal. Used this way, metrics act as the scoreboard, letting you know if you’re making progress towards your goals, and thus, boosting your overall maturity."

    Logan Rohde, Research Analyst, Security Practice Info-Tech Research Group

    Executive summary

    Situation

    • Many security leaders put off adding metrics to their program because they don't know where to start or how to assess what is worth measuring.

    Complication

    • Sometimes, this uncertainty causes the belief that their security programs are not mature enough for metrics to be worthwhile.
    • Because metrics can become very technical and precise, it's easy to think they're inherently complicated (not true).

    Resolution

    • A metric, really, is just a measure of success against a given goal. Gradually, programs will achieve their goals and set new, more specific goals, and with them comes more specific metrics.
    • It is not necessary to jump into highly technical metrics right away. A lot can be gained from metrics that track behaviors.
    • A metrics program can be very simple and still effectively demonstrate the value of security to the organization. The key is to link your metrics to the goals or objectives the security team is pursuing, even if they are simple implementation plans (e.g. percentage of departments that have received security training).

    Info-Tech Insight

    1. Metrics lead to maturity, not vice versa
      • Tracking metrics helps you assess progress and regress in your security program. This helps you quantify the maturity gains you’ve made and continue to make informed strategic decisions.
    2. The best metrics are tied to goals
      • Tying your metrics to goals ensures that you are collecting metrics for a specific purpose rather than just to watch the numbers change.

    Our understanding of the problem

    This Research is Designed For:

    • CISO

    This Research Will Help You:

    • Understand the value of metrics.
    • Right-size a metrics program based on your organization’s maturity and risk profile.
    • Tie metrics to goals to create meaningful KPIs.
    • Develop strategies to effectively communicate the right metrics to stakeholders.

    This Research Will Also Assist:

    • CIO
    • Security Manager
    • Business Professionals

    This Research Will Help Them:

    • Become informed on the metrics that matter to them.
    • Understand that investment in security is an investment in the business.
    • Feel confident in the progress of the organization’s security strategy.

    Info-Tech’s framework integrates several best practices to create a best-of-breed security framework

    Information Security Framework

    Governance

    • Context and Leadership
      • Information Security Charter
      • Information Security Organizational Structure
      • Culture and Awareness
    • Evaluation and Direction
      • Security Risk Management
      • Security Policies
      • Security Strategy and Communication
    • Compliance, Audit, and Review
      • Security Compliance Management
      • External Security Audit
      • Internal Security Audit
      • Management Review of Security

    Management

    • Prevention
      • Identity Security
        • Identity and Access Management
      • Data Security
        • Hardware Asset Management
        • Data Security & Privacy
      • Infrastructure Security
        • Network Security
        • Endpoint Security
        • Malicious Code
        • Application Security
        • Vulnerability Management
        • Cryptography Management
        • Physical Security
        • Cloud Security
      • HR Security
        • HR Security
      • Change and Support
        • Configuration and Change Management
        • Vendor Management
    • Detection
      • Security Threat Detection
      • Log and Event Management
    • Response and Recovery
      • Security Incident Management
      • Information Security in BCM
      • Security eDiscovery and Forensics
      • Backup and Recovery
    • Measurement
      • Metrics Program
      • Continuous Improvement

    Metrics help to improve security-business alignment

    While business leaders are now taking a greater interest in cybersecurity, alignment between the two groups still has room for improvement.

    Key statistics show that just...

    5% of public companies feel very confident that they are properly secured against a cyberattack.

    41% of boards take on cybersecurity directly rather than allocating it to another body (e.g. audit committee).

    19% of private companies do not discuss cybersecurity with the board.

    (ISACA, 2018)

    Info-Tech Insight

    Metrics help to level the playing field

    Poor alignment between security and the business often stems from difficulties with explaining how security objectives support business goals, which is ultimately a communication problem.

    However, metrics help to facilitate these conversations, as long as the metrics are expressed in practical, relatable terms.

    Security metrics benefit the business

    Executives get just as much out of management metrics as the people running them.

    1. Metrics assuage executives’ fears
      • Metrics help executives (and security leaders) feel more at ease with where the company is security-wise. Metrics help identify areas for improvement and gaps in the organization’s security posture that can be filled. A good metrics program will help identify deficiencies in most areas, even outside the security program, helping to identify what work needs to be done to reduce risk and increase the security posture of the organization.
    2. Metrics answer executives’ questions
      • Numbers either help ease confusion or signify other areas for improvement. Offering quantifiable evidence, in a language that the business can understand, offers better understanding and insight into the information security program. Metrics also help educate on types of threats, staff needed for security, and budget needs to decrease risk based on management’s threat tolerance. Metrics help make an organization more transparent, prepared, and knowledgeable.
    3. Metrics help to continually prove security’s worth
      • Traditionally, the security team has had to fight for a seat at the executive table, with little to no way to communicate with the business. However, the new trend is that the security team is now being invited before they have even asked to join. This trend allows the security team to better communicate on the organization’s security posture, describe threats and vulnerabilities, present a “plan of action,” and get a pulse on the organization’s risk tolerance.

    Common myths make security metrics seem challenging

    Security professionals have the perception that metrics programs are difficult to create. However, this attitude usually stems from one of the following myths. In reality, security metrics are much simpler than they seem at first, and they usually help resolve existing challenges rather than create new ones.

    Myth Truth
    1 There are certain metrics that are important to all organizations, based on maturity, industry, etc. Metrics are indications of change; for a metric to be useful it needs to be tied to a goal, which helps you understand the change you're seeing as either a positive or a negative. Industry and maturity have little bearing here.
    2 Metrics are only worthwhile once a certain maturity level is reached Metrics are a tool to help an organization along the maturity scale. Metrics help organizations measure progress of their goals by helping them see which tactics are and are not working.
    3 Security metrics should focus on specific, technical details (e.g. of systems) Metrics are usually a means of demonstrating, objectively, the state of a security program. That is, they are a means of communicating something. For this reason, it is better that metrics be phrased in easily digestible, non-technical terms (even if they are informed by technical security statistics).

    Tie your metrics to goals to make them worthwhile

    SMART metrics are really SMART goals.

    Specific

    Measurable

    Achievable

    Realistic

    Timebound

    Achievable: What is an achievable metric?

    When we say that a metric is “achievable,” we imply that it is tied to a goal of some kind – the thing we want to achieve.

    How do we set a goal?

    1. Determine what outcome you are trying to achieve.
      • This can be small or large (e.g. I want to determine what existing systems can provide metrics, or I want a 90% pass rate on our monthly phishing tests).
    2. Decide what indicates that you’ve achieved your goal.
      • At what point would you be satisfied with the progress made on the initiative(s) you’re working on? What conditions would indicate victory for you and allow you to move on to another goal?
    3. Develop a key performance indicator (KPI) to measure progress towards that goal.
      • Now that you’ve defined what you’re trying to achieve, find a way to indicate progress in relative or relational terms (e.g. percentage change from last quarter, percentage of implementation completed, ratio of programs in place to those still needing implementation).

    Info-Tech’s security metrics methodology is repeatable and iterative to help boost maturity

    Security Metric Lifecycle

    Start:

    Review current state and decide on priorities.

    Set a SMART goal for improvement.

    Develop an appropriate KPI.

    Use KPI to monitor program improvement.

    Present metrics to the board.

    Revise metrics if necessary.

    Metrics go hand in hand with your security strategy

    A security strategy is ultimately a large goal-setting exercise. You begin by determining your current maturity and how mature you need to be across all areas of information security, i.e. completing a gap analysis.

    As such, linking your metrics program to your security strategy is a great way to get your metrics program up and running – but it’s not the only way.

    Check out the following Info-Tech resource to get started today:

    Build an Information Security Strategy

    The value of security metrics goes beyond simply increasing security

    This blueprint applies to you whether you need to develop a metrics program from scratch or optimize and update your current strategy.

    Value of engaging in security metrics:

    • Increased visibility into your operations.
    • Improved accountability.
    • Better communication with executives as a result of having hard evidence of security performance.
    • Improved security posture through better understanding of what is working and what isn’t within the security program.

    Value of Info-Tech’s security metrics blueprint:

    • Doesn’t overwhelm you and allows you to focus on determining the metrics you need to worry about now without pressuring you to do it all at once.
    • Helps you develop a growth plan as your organization and metrics program mature, so you continue to optimize.
    • Creates effective communication. Prepares you to present the metrics that truly matter to executives rather than confusing them with unnecessary data. Pay attention to metric accuracy and reproducibility. No management wants inconsistent reporting.

    Impact

    Short term: Streamline your program. Based on your organization’s specific requirements and risk profile, figure out which metrics are best for now while also planning for future metrics as your organization matures.

    Long term: Once the program is in place, improvements will come with increased visibility into operations. Investments in security will be encouraged when more evidence is available to executives, contributing to overall improved security posture. Potential opportunities for eventual cost savings also exist as there is more informed security spending and fewer incidents.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked-off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Link Security Metrics to Goals to Boost Maturity – Project Overview

    1. Link Security Metrics to Goals to Boost Maturity 2. Adapt Your Reporting Strategy for Various Metric Types
    Best-Practice Toolkit

    1.1 Review current state and set your goals

    1.2 Develop KPIs and prioritize your goals

    1.3 Implement and monitor the KPI to track goal progress

    2.1 Review best practices for presenting metrics

    2.2 Strategize your presentation based on metric type

    2.3 Tailor presentation to your audience

    2.4 Use your metrics to create a story about risk

    2.5 Revise your metrics

    Guided Implementations
    • Call 1: Setting Goals
    • Call 2: KPI Development
    • Call 1: Best Practices and Reporting Strategy
    • Call 2: Build a Dashboard and Presentation Deck
    Onsite Workshop Module 1: Current State, Initiatives, Goals, and KPIs Module 2: Metrics Reporting

    Phase 1 Outcome:

    • KPI development and populated metrics tracking tool.

    Phase 2 Outcome:

    • Reporting strategy with dashboard and presentation deck.

    Workshop overview

    Contact your account representative or email Workshops@InfoTech.com for more information.

    Workshop Day 1 Workshop Day 2 Workshop Day 3 Workshop Day 4 Workshop Day 5
    Activities

    Current State, Initiatives, and Goals

    • Discuss current state and existing approach to metrics.
    • Review contract metrics already in place (or available).
    • Determine security areas that should be measured.
    • Determine which stakeholders are involved.
    • Review current initiatives to address those risks (security strategy, if in place).
    • Begin developing SMART goals for your initiative roadmap.

    KPI Development

    • Continue SMART goal development.
    • Sort goals into types.
    • Rephrase goals as KPIs and list associated metric(s).
    • Continue KPI development.

    Metrics Prioritization

    • Lay out prioritization criteria.
    • Determine priority metrics (implementation).
    • Determine priority metrics (improvement & organizational trend).

    Metrics Reporting

    • Review metric types and discuss reporting strategies for each.
    • Develop a story about risk.
    • Discuss the use of KPXs and how to scale for less mature programs.

    Offsite Finalization

    • Review and finalization of documents drafted during workshop.
    Deliverables
    1. Gap analysis results
    1. Completed KPI development templates
    1. Prioritized metrics and tool for tracking and presentation.
    1. Key Performance Index tool and presentation materials.
    1. Finalization of completed deliverables

    Phase 1

    Link Security Metrics to Goals to Boost Maturity


    Phase 1

    1.1 Review current state and set your goals

    1.2 Develop KPIs and prioritize your goals

    1.3 Implement and monitor KPIs

    This phase will walk you through the following activities:

    • Current state assessment
    • Setting SMART goals
    • KPI development
    • Goals prioritization
    • KPI implementation

    This phase involves the following participants:

    • Security Team

    Outcomes of this phase

    • Goals-based KPIs
    • Security Metrics Determination and Tracking Tool

    Phase 1 outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own or call us to complete a guided implementation. A guided implementation is a series of two to three advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 1: Link Security Metrics to Goals to Boost Maturity

    Proposed Time to Completion: 2-4 weeks

    Step 1.1: Setting Goals

    Start with an analyst kick-off call:

    • Determine current and target maturity for various security programs.
    • Develop SMART Goals.

    Then complete these activities…

    • CMMI Assessment

    Step 1.2 – 1.3: KPI Development

    Review findings with analyst:

    • Prioritize goals
    • Develop KPIs to track progress on goals
    • Track associated metrics

    Then complete these activities…

    • KPI Development

    With these tools & templates:

    • KPI Development Worksheet
    • Security Metrics Determination and Tracking Tool

    Phase 1 Results & Insights:

    • Basic Metrics program

    1.1 Review current state and set your goals

    120 minutes

    Let’s put the security program under the microscope.

    Before program improvement can take place, it is necessary to look at where things are at presently (in terms of maturity) and where we need to get them to.

    In other words, we need to perform a security program gap analysis.

    Info-Tech Best Practice

    The most thorough way of performing this gap analysis is by completing Info-Tech’s Build an Information Security Strategy blueprint, as it will provide you with a prioritized list of initiatives to boost your security program maturity.

    Completing an abbreviated gap analysis...

    • Security Areas
    • Network Security
    • Endpoint Security
    • Vulnerability Management
    • Identity Access Management
    • Incident Management
    • Training & Awareness
    • Compliance, Audit, & Review
    • Risk Management
    • Business Alignment & Governance
    • Data Security
    1. Using the CMMI scale on the next slide, assess your maturity level across the security areas to the left, giving your program a score from 1-5. Record your assessment on a whiteboard.
    2. Zone in on your areas of greatest concern and choose 3 to 5 areas to prioritize for improvement.
    3. Set a SMART goal for improvement, using the criteria on goals slides.

    Use the CMMI scale to contextualize your current maturity

    Use the Capability Maturity Model Integration (CMMI) scale below to help you understand your current level of maturity across the various areas of your security program.

    1. Initial
      • Incident can be managed. Outcomes are unpredictable due to lack of a standard operating procedure.
    2. Repeatable
      • Process in place, but not formally implemented or consistently applied. Outcomes improve but still lack predictability.
    3. Defined
      • Process is formalized and consistently applied. Outcomes become more predictable, due to consistent handling procedure.
    4. Managed
      • Process shows signs of maturity and can be tracked via metrics. Moving towards a predictive approach to incident management.
    5. Optimizing
      • Process reaches a fully reliable level, though improvements still possible. Regularity allows for process to be automated.

    (Adapted from the “CMMI Institute Maturity Model”)

    Base your goals around the five types of metrics

    Choose goals that make sense – even if they seem simple.

    The most effective metrics programs are personalized to reflect the goals of the security team and the business they work for. Using goals-based metrics allows you to make incremental improvements that can be measured and reported on, which makes program maturation a natural process.

    Info-Tech Best Practice

    Before setting a SMART goal, take a moment to consider your maturity for each security area, and which metric type you need to collect first, before moving to more ambitious goals.

    Security Areas

    • Network Security
    • Endpoint Security
    • Vulnerability Management
    • Identity Access Management
    • Incident Management
    • Training & Awareness
    • Compliance, Audit & Review
    • Risk Management
    • Business Alignment & Governance
    • Data Security
    Metric Type Description
    Initial Probe Determines what can be known (i.e. what sources for metrics exist?).
    Baseline Testing Establishes organization’s normal state based on current metrics.
    Implementation Focuses on setting up a series of related processes to increase organizational security (i.e. roll out MFA).
    Improvement Sets a target to be met and then maintained based on organizational risk tolerance.
    Organizational Trends Culls together several metrics to track (sometimes predict) how various trends affect the organization’s overall security. Usually focuses on large-scale issues (e.g. likelihood of a data breach).

    Set SMART goals for your security program

    Specific

    Measurable

    Achievable

    Realistic

    Timebound

    Now that you have determined which security areas you’d like to improve, decide on a goal that meets the SMART criteria.

    Examples of possible goals for various maturity levels:

    1. Perform initial probe to determine number of systems capable of providing metrics by the end of the week.
    2. Take baseline measurements each month for three months to determine organization’s baseline state.
    3. Implement a vulnerability management program to improve baseline state by the end of the quarter.
    4. Improve deployment of critical patches by applying 90% of them within the set window by the end of the year.
    5. Demonstrate how vulnerability management affects broad organizational trends at quarterly report to senior leadership.

    Compare the bolded text in these examples with the metric types on the previous slide

    Record and assess your goals in the Security Metrics Determination and Tracking Tool

    1.1 Security Metrics Determination and Tracking Tool

    Use tab “2. Identify Security Goals” to document and assess your goals.

    To increase visibility into the cost, effort, and value of any given goal, assess them using the following criteria:

    • Initial Cost
    • Ongoing Cost
    • Initial Staffing
    • Ongoing Staffing
    • Alignment w/Business
    • Benefit

    Use the calculated Cost/Effort Rating, Benefit Rating, and Difference Score later in this project to help with goal prioritization.

    Info-Tech Best Practice

    If you have already completed a security strategy with Info-Tech resources, this work may likely have already been done. Consult your Information Security Program Gap Analysis Tool from the Build an Information Security Strategy research.

    1.2 Develop KPIs and prioritize your goals

    There are two paths to success.

    At this time, it is necessary to evaluate the priorities of your security program.

    Option 1: Progress to KPI Development

    • If you would like practice developing KPIs for multiple goals to get used to the process, move to KPI development and then assess which goals you can pursue now based on resources available, saving the rest for later.

    Option 2: Progress to Prioritization of Goals

    • If you are already comfortable with KPI development and do not wish to create extras for later use, then prioritize your goals first and then develop KPIs for them.

    Phase 1 Schematic

    • Gap Analysis
    • Set SMART Goals (You are here.)
      • Develop KPIs
    • Prioritize Goals
    • Implement KPI & Monitor
    • Phase 2

    Develop a key performance indicator (KPI)

    Find out if you’re meeting your goals.

    Terms like “key performance indicator” may make this development practice seem more complicated than it really is. A KPI is just a single metric used to measure success towards a goal. In relational terms (i.e. as a percentage, ratio, etc.) to give it context (e.g. % of improvement over last quarter).

    KPI development is about answering the question: what would indicate that I have achieved my goal?

    To develop a KPI follow these steps:

    1. Review the case study on the following slides to get a sense of how KPIs can start simple and general and get more specific and complex over time.
    2. Using the example to the right, sort your SMART goals from step 1.1 into the various metric types, then determine what success would look like for you. What outcome are you trying to achieve? How will you know when you’ve achieved it?
    3. Fill out the KPI Development Worksheets to create sample KPIs for each of the SMART goals you have created. Ensure that you complete the accompanying KPI Checklist.

    KPIs differ from goal to goal, but their forms follow certain trends

    Metric Type KPI Form
    Initial Probe Progress of probe (e.g. % of systems checked to see if they can supply metrics).
    Baseline Testing What current data shows (e.g. % of systems needing attention).
    Implementation Progress of the implementation (e.g. % of complete vulnerability management program implementation).
    Improvement The threshold or target to be achieved and maintained (e.g. % of incidents responded to within target window).
    Organizational Trends The interplay of several KPIs and how they affect the organization’s risk posture (e.g. assessing the likelihood for a data breach).

    Explore the five metric types

    1. Initial Probe

    Focused on determining how many sources for metrics exist.

    • Question: What am I capable of knowing?
    • Goal: To determine what level of insight we have into our security processes.
    • Possible KPI: % of systems for which metrics are available.
    • Decision: Do we have sufficient resources available to collect metrics?

    2. Baseline Testing

    Focused on gaining initial insights about the state of your security program (what are the measurements?).

    • Question: Does this data suggest areas for improvement?
    • Goal: To create a roadmap for improvement.
    • Possible KPI: % of systems that provide useful metrics to measure improvement.
    • Decision: Is it necessary to acquire tools to increase, enhance, or streamline the metrics-gathering process?

    Info-Tech Insight

    Don't lose hope if you lack resources to move beyond these initial steps. Even if you are struggling to pull data, you can still draw meaningful metrics. The percent or ratio of processes or systems you lack insight into can be very valuable, as it provides a basis to initiate a risk-based discussion with management about the organization's security blind spots.

    Explore the five metric types (cont’d)

    3. Program Implementation

    Focused on developing a basic program to establish basic maturity (e.g. implement an awareness and training program).

    • Question: What needs to be implemented to establish basic maturity?
    • Goal: To begin closing the gap between current and desired maturity.
    • Possible KPI: % of implementation completed.
    • Decision: Have we achieved a formalized and repeatable process?

    4. Improvement

    Focused on attaining operational targets to lower organizational risk.

    • Question: What other related activities could help to support this goal (e.g. regular training sessions)?
    • Goal: To have metrics operate above or below a certain threshold (e.g. lower phishing-test click rate to an average of 10% across the organization)
    • Possible KPI: Phishing click rate %
    • Decision: What other metrics should be tracked to provide insight into KPI fluctuations?

    Info-Tech Insight

    Don't overthink your KPI. In many cases it will simply be your goal rephrased to express a percentage or ratio. In others, like the example above, it makes sense for them to be identical.

    5. Organizational Impact

    Focused on studying several related KPIs (Key Performance Index, or KPX) in an attempt to predict risks.

    • Question: What risks does the organization need to address?
    • Goal: To provide high-level summaries of several metrics that suggest emerging or declining risks.
    • Possible KPI: Likelihood of a given risk (based on the trends of the KPX).
    • Decision: Accept the risk, transfer the risk, mitigate the risk?

    Case study: Healthcare example

    Let’s take a look at KPI development in action.

    Meet Maria, the new CISO at a large hospital that desperately needs security program improvements. Maria’s first move was to learn the true state of the organization’s security. She quickly learned that there was no metrics program in place and that her staff were unaware what, if any, sources were available to pull security metrics from.

    After completing her initial probe into available metrics and then investigating the baseline readings, she determined that her areas of greatest concern were around vulnerability and access management. But she also decided it was time to get a security training and awareness program up and running to help mitigate risks in other areas she can’t deal with right away.

    See examples of Maria’s KPI development on the next four slides...

    Info-Tech Insight

    There is very little variation in the kinds of goals people have around initial probes and baseline testing. Metrics in these areas are virtually always about determining what data sources are available to you and what that data actually shows. The real decisions start in determining what you want to do based on the measures you’re seeing.

    Metric development example: Vulnerability Management

    See examples of Maria’s KPI development on the next four slides...

    Implementation

    Goal: Implement vulnerability management program

    KPI: % increase of insight into existing vulnerabilities

    Associated Metric: # of vulnerability detection methods

    Improvement

    Goal: Improve deployment time for patches

    KPI: % of critical patches fully deployed within target window

    • Associated Metric 1: # of critical vulnerabilities not patched
    • Associated Metric 2: # of patches delayed due to lack of staff
    • Associated Metric X

    Metric development example: Identity Access Management

    Implementation

    Goal: Implement MFA for privileged accounts

    KPI: % of privileged accounts with MFA applied

    Associated Metric: # of privileged accounts

    Improvement

    Goal: Remove all unnecessary privileged accounts

    KPI: % of accounts with unnecessary privileges

    • Associated Metric 1: # of privileged accounts
    • Associated Metric 2: # of necessary privileged accounts
    • Associated Metric X

    Metric development example: Training and Awareness

    Implementation

    Goal: Implement training and awareness program

    KPI: % of organization trained

    Associated Metric: # of departments trained

    Improvement

    Goal: Improve time to report phishing

    KPI: % of phishing cases reported within target window

    • Associated Metric 1: # of phishing tests
    • Associated Metric 2: # of training sessions
    • Associated Metric X

    Metric development example: Key Performance Index

    Organizational Trends

    Goal: Predict Data Breach Likelihood

    • KPX 1: Insider Threat Potential
      • % of phishing cases reported within target window
        • Associated Metrics:
          • # of phishing tests
          • # of training sessions
      • % of critical patches fully deployed within target window
        • Associated Metrics:
          • # of critical vulnerabilities not patched
          • # of patches delayed due to lack of staff
      • % of accounts with unnecessary privileges
        • Associated Metrics:
          • # of privileged accounts
          • # of necessary privileged accounts
    • KPX 2: Data Leakage Issues
      • % of incidents related to unsecured databases
        • Associated Metrics:
          • # of unsecured databases
          • # of business-critical databases
      • % of misclassified data
        • Associated Metrics:
          • # of misclassified data reports
          • # of DLP false positives
      • % of incidents involving data-handling procedure violations.
        • Associated Metrics:
          • # of data processes with SOP
          • # of data processes without SOP
    • KPX 3: Endpoint Vulnerability Issues
      • % of unpatched critical systems
        • Associated Metrics:
          • # of unpatched systems
          • # of missed patches
      • % of incidents related to IoT
        • Associated Metrics:
          • # of IoT devices
          • # of IoT unsecure devices
      • % of incidents related to BYOD
        • Associated Metrics:
          • # of end users doing BYOD
          • # of BYOD incidents

    Develop Goals-Based KPIs

    1.2 120 minutes

    Materials

    • Info-Tech KPI Development Worksheets

    Participants

    • Security Team

    Output

    • List of KPIs for immediate and future use (can be used to populate Info-Tech’s KPI Development Tool).

    It’s your turn.

    Follow the example of the CISO in the previous slides and try developing KPIs for the SMART goals set in step 1.1.

    • To begin, decide if you are starting with implementation or improvement metrics.
    • Enter your goal in the space provided on the left-hand side and work towards the right, assigning a KPI to track progress towards your goal.
    • Use the associated metrics boxes to record what raw data will inform or influence your KPI.
      • Associated metrics are connected to the KPI box with a segmented line. This is because these associated metrics are not absolutely necessary to track progress towards your goal.
      • However, if a KPI starts trending in the wrong direction, these associated metrics would be used to determine where the problem has occurred.
    • If desired, bundle together several related KPIs to create a key performance index (KPX), which is used to forecast the likelihood of certain risks that would have a major business impact (e.g. potential for insider threat, or risk for a data breach).

    Record KPIs and assign them to goals in the Security Metrics Determination and Tracking Tool

    1.2 Security Metrics Determination and Tracking Tool

    Document KPI metadata in the tool and optionally assign them to a goal.

    Tab “3. Identify Goal KPIs” allows you to record each KPI and its accompanying metadata:

    • Source
    • Owner
    • Audience
    • KPI Target
    • Effort to Collect
    • Frequency of Collection
    • Comments

    Optionally, each KPI can be mapped to goals defined on tab “2. Identify Security Goals.”

    Info-Tech Best Practice

    Ensure your metadata is comprehensive, complete, and realistic. A different employee should be able to use only the information outlined in the metadata to continue collecting measurements for the program.

    Complete Info-Tech’s KPI Development Worksheets

    1.2 KPI Development Worksheet

    Use these worksheets to model the maturation of your metrics program.

    Follow the examples contained in this slide deck and practice creating KPIs for:

    • Implementation metrics
    • Improvement metrics
    • Organizational trends metrics

    As well as drafting associated metrics to inform the KPIs you create.

    Info-Tech Best Practice

    Keep your metrics program manageable. This exercise may produce more goals, metrics, and KPIs than you deal with all at once. But that doesn’t mean you can’t save some for future use.

    Build an effort map to prioritize your SMART goals

    1.2 120 minutes

    Materials

    • Whiteboard
    • Sticky notes
    • Laptop

    Participants

    • Security team
    • Other stakeholders

    Output

    • Prioritized list of SMART goals

    An effort map visualizes a cost and benefit analysis. It is a quadrant output that visually shows how your SMART goals were assessed. Use the calculated Cost/Effort Rating and Benefit Rating values from tab “2. Identify Security Goals” of the Security Metrics Determination and Tracking Tool to aid this exercise.

    Steps:

    1. Establish the axes and colors for your effort map:
      1. X-axis (horizontal) - Security benefit
      2. Y-axis (vertical) - Overall cost/effort
      3. Sticky color - Business alignment
    2. Create sticky notes for each SMART goal and place them onto the effort map based on your determined axes.
      • Goal # Example Security Goal - Benefit (1-12) - Cost (1-12)

    The image shows a matric with four quadrants. The X-axis is labelled Low Benefit on the left side and High benefit on the right side. The Y-axis is labelled Low cost at the top and High cost at the bottom. The top left quadrant is labelled Could Dos, the top right quadrant is labelled Must Dos, the lower left quadrant is labelled May Not Dos, and the lower right quadrant is Should Dos. On the right, there are three post-it style notes, the blue one labelled High Alignment, the yellow labelled Medium Alignment, and the pink labelled Low Alignment.

    1.3 Implement and monitor the KPI to track goal progress

    Let’s put your KPI into action!

    Now that you’ve developed KPIs to monitor progress on your goals, it’s time to use them to drive security program maturation by following these steps:

    1. Review the KPI Development Worksheets (completed in step 1.2) for your prioritized list of goals. Be sure that you are able to track all of the associated metrics you have identified.
    2. Track the KPI and associated metrics using Info-Tech’s KPI Development Tool (see following slide).
    3. Update the data as necessary according to your SMART criteria of your goal.

    A Word on Key Risk Indicators...

    The term key risk indicator (KRI) gets used in a few different ways. However, in most cases, KRIs are closely associated with KPIs.

    1. KPIs and KRIs are the same thing
      • A KPI, at its core, is really a measure of risk. Sometimes it is more effective to emphasize that risk rather than performance (i.e. the data shows you’re not meeting your goal).
    2. KRI is KPI going the wrong way
      • After achieving the desired threshold for an improvement goal, our new goal is usually to maintain such a state. When this balance is upset, it indicates that settled risk has once again become active.
    3. KRI as a predictor of emerging risks
      • When organizations reach a highly mature state, they often start assessing how events external to the organization can affect the optimal performance of the organization. They monitor such events or trends and try to predict when the organization is likely to face additional risks.

    Track KPIs in the Security Metrics Determination and Tracking Tool

    1.3 Security Metrics Determination and Tracking Tool

    Once a metric has been measured, you have the option of entering that data into tab “4. Track Metrics” of the Tool.

    Tracking metric data in Info-Tech's tool provides the following data visualizations:

    • Sparklines at the end of each row (on tab “4. Track Metrics”) for a quick sense of metric performance.
    • A metrics dashboard (on tab “5. Graphs”) with three graph options in two color variations for each metric tracked in the tool, and an overall metric program health gauge.

    Info-Tech Best Practice

    Be diligent about measuring and tracking your metrics. Record any potential measurement biases or comments on measurement values to ensure you have a comprehensive record for future use. In the tool, this can be done by adding a comment to a cell with a metric measurement.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    Workshops offer an easy way to accelerate your project. While onsite, our analysts will work with you and your team to facilitate the activities outlined in the blueprint.

    Getting key stakeholders together to formalize the program, while getting started on data discovery and classification, allows you to kickstart the overall program.

    In addition, leverage over-the-phone support through Guided Implementations included in advisory memberships to ensure the continuous improvement of the classification program even after the workshop.

    Logan Rohde

    Research Analyst – Security, Risk & Compliance Info-Tech Research Group

    Ian Mulholland

    Senior Research Analyst – Security, Risk & Compliance Info-Tech Research Group

    Call 1-888-670-8889 for more information.

    Phase 2

    Adapt Your Reporting Strategy for Various Metric Types


    Phase 2

    2.1 Review best practices for presenting metrics

    2.2 Strategize your presentation based on metric type

    2.3 Tailor your presentation to your audience

    2.4 Use your metrics to create a story about risk

    2.5 Revise Metrics

    This phase will walk you through the following activities:

    • Develop reporting strategy
    • Use metrics to create a story about risk
    • Metrics revision

    This phase involves the following participants:

    • Security Team

    Outcomes of this phase

    • Metrics Dashboard
    • Metrics Presentation Deck

    Phase 2 outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own or call us to complete a guided implementation. A guided implementation is a series of two to three advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 2: Adapt Your Reporting Strategy for Various Metric Types

    Proposed Time to Completion: 2-4 weeks

    Step 2.1 – 2.3: Best Practices and Reporting Strategy

    Start with an analyst kick-off call:

    • Do’s and Don’ts of reporting metrics.
    • Strategize presentation based on metric type.

    Then complete these activities…

    • Strategy development for 3-5 metrics

    Step 2.4 – 2.5: Build a Dashboard and Presentation Deck

    Review findings with analyst:

    • Review strategies for reporting.
    • Compile a Key Performance Index.
    • Revise metrics.

    Then complete these activities…

    • Dashboard creation
    • Presentation development

    With these tools & templates:

    • Security Metrics Determination and Tracking Tool Template
    • Security Metrics KPX Dashboard Tool

    Phase 2 Results & Insights:

    • Completed reporting strategy with presentable dashboard

    2.1 Review best practices for presenting metrics

    Avoid technical details (i.e. raw data) by focusing on the KPI.

    • KPIs add context to understand the behavior and associated risks.

    Put things in terms of risk; it's the language you both understand.

    • This usually means explaining what will happen if not addressed and what you recommend.
    • There are always three options:
      • Address it completely
      • Address it partially
      • Do not address it (i.e. accept the risk)

    Explain why you’re monitoring metrics in terms of the goals you’re hoping to achieve.

    • This sets you up well to explain what you've been doing and why it's important for you to meet your goals.

    Choose between KPI or KRI as the presentation format.

    • Base your decision on whether you are trying to emphasize current success or risk.

    Match presentation with the audience.

    • Board presentations will be short; middle-management ones may be a bit longer.
    • Maximize your results by focusing on the minimum possible information to make sure you sufficiently get your point across.
    • With the board, plan on showing no more than three slides.

    Read between the lines.

    • It can be difficult to get time with the board, so you may find yourself in a trial and error position, so pay attention to cues or suggestions that indicate the board is interested in something.
    • If you can, make an ally to get the inside scoop on what the board cares about.

    Read the news if you’re stuck for content.

    • Board members are likely to have awareness (and interest) in large-scale risks like data breaches and ransomware.

    Present your metrics as a story.

    • Summarize how the security program looks to you and why the metrics lead you to see it this way.

    2.2 Strategize your presentation based on metric type (1 of 5)

    Metric Type: Initial Probe

    Scenario: Implementing your first metrics program.

    • All metrics programs start with determining what measurements you are capable of taking.

    Decisions: Do you have sufficient insight into the program? (i.e. do you need to acquire additional tools to collect metrics?)

    Strategy: If there are no barriers to this (e.g. budget), then focus your presentation on the fact that you are addressing the risk of not knowing what your organization's baseline state is and what potential issues exist but are unknown. This is likely the first phase of an improvement plan, so sketching the overall plan is a good idea too.

    • If budget is an issue, explain the risks associated with not knowing and what you would need to make it happen.

    Possible KPIs:

    • % of project complete.
    • % of systems that provide worthwhile metrics.

    Strategize your presentation based on metric type (2 of 5)

    Metric Type: Baseline Testing

    Scenario: You've taken the metrics to determine what your organization’s normal state is and you're now looking towards addressing your gaps or problem areas.

    Decisions: What needs to be prioritized first and why? Are additional resources required to make this happen?

    Strategy: Explain your impression of the organization's normal state and what you plan to do about it. In other words, what goals are you prioritizing and why? Be sure to note any challenges that may occur along the way (e.g. staffing).

    • If the board doesn't like to open their pocketbook, your best play is to explain what stands to happen (or is happening) if risks are not addressed.

    Possible KPIs:

    • % of goals complete.
    • % of metrics indicating urgent attention needed.

    Strategize your presentation based on metric type (3 of 5)

    Metric Type: Implementation

    Scenario: You are now implementing solutions to address your security priorities.

    Decisions: What, to you, would establish the basis of a program?

    Strategy: Focus on what you're doing to implement a certain security need, why, and what still needs to be done when you’re finished.

    • Example: To establish a training and awareness program, a good first step is to actually hold training sessions with each department. A single lecture is simple but something to build from. A good next step would be to hold regular training sessions or implement monthly phishing tests.

    Possible KPIs:

    • % of implementation complete (e.g. % of departments trained).

    Strategize your presentation based on metric type (4 of 5)

    Metric Type: Improvement

    Scenario: Now that a basic program has been established, you are looking to develop its maturity to boost overall performance (i.e. setting a new development goal).

    Decisions: What is a reasonable target, given the organization's risk tolerance and current state?

    Strategy: Explain that you're now working to tighten up the security program. Note that although things are improving, risk will always remain, so we need to keep it within a threshold that’s proportionate with our risk tolerance.

    • Example: Lower phishing-test click rate to 10% or less. Phishing will always be a risk, and just one slip up can have a huge effect on business (i.e. lost money).

    Possible KPIs:

    • % of staff passing the phishing test.
    • % of employees reporting phishing attempts within time window.

    Strategize your presentation based on metric type (5 of 5)

    Metric Type: Organizational Trends

    Scenario: You've reached a mature state and now how several KPIs being tracked. You begin to look at several KPIs together (i.e. a KPX) to assess the organization's exposure for certain broad risk trends.

    Decisions: Which KPIs can be used together to look at broader risks?

    Strategy: Focus on the overall likelihood of a certain risk and why you've chosen to assess it with your chosen KPIs. Spend some time discussing what factors affect the movement of these KPIs, demonstrating how smaller behaviors create a ripple effect that affects the organization’s exposure to large-scale risks.

    Possible KPX: Insider Threat Risk

    • % of phishing test failures.
    • % of critical patches missed.
    • % of accounts with unnecessary privileges.

    Change your strategy to address security challenges

    Even challenges can elicit useful metrics.

    Not every security program is capable of progressing smoothly through the various metric types. In some cases, it is impossible to move towards goals and metrics for implementation, improvement, or organizational trends because the security program lacks resources.

    Info-Tech Insight

    When your business is suffering from a lack of resources, acquiring these resources automatically becomes the goal that your metrics should be addressing. To do this, focus on what risks are being created because something is missing.

    When your security program is lacking a critical resource, such as staff or technology, your metrics should focus on what security processes are suffering due to this lack. In other words, what critical activities are not getting done?

    KPI Examples:

    • % of critical patches not deployed due to lack of staff.
    • % of budget shortfall to acquire vulnerability scanner.
    • % of systems with unknown risk due to lack of vulnerability scanner.

    2.3 Tailor presentation to your audience

    Metrics come in three forms...

    1. Raw Data

    • Taken from logs or reports, provides values but not context.
    • Useful for those with technical understanding of the organization’s security program.

    2. Management-Level

    • Raw data that has been contextualized and indicates performance of something (i.e. a KPI).
    • Useful for those with familiarity with the overall state of the security program but do not have a hands-on role.

    3. Board-Level

    • KPI with additional context indicating overall effect on the organization.
    • Useful for those removed from the security program but who need to understand the relationship between security, business goals, and cyber risk.

    For a metric to be useful it must...

    1. Be understood by the audience it’s being presented to.
      • Using the criteria on the left, choose which metric form is most appropriate.
    2. Indicate whether or not a certain target or goal is being met.
      • Don’t expect metrics to speak for themselves; explain what the indications and implications are.
    3. Drive some kind of behavioral or strategic change if that target or goal is not being met.
      • Metrics should either affirm that things are where you want them to be or compel you to take action to make an improvement. If not, it is not a worthwhile metric.

    As a general rule, security metrics should become decreasingly technical and increasingly behavior-based as they are presented up the organizational hierarchy.

    "The higher you travel up the corporate chain, the more challenging it becomes to create meaningful security metrics. Security metrics are intimately tied to their underlying technologies, but the last thing the CEO cares about is technical details." – Ben Rothke, Senior Information Security Specialist, Tapad.

    Plan for reporting success

    The future of your security program may depend on this presentation; make it count.

    Reporting metrics is not just another presentation. Rather, it is an opportunity to demonstrate and explain the value of security.

    It is also a chance to correct any misconceptions about what security does or how it works.

    Use the tips on the right to help make your presentation as relatable as possible.

    Info-Tech Insight

    There is a difference between data manipulation and strategic presentation: the goal is not to bend the truth, but to present it in a way that allows you to show the board what they need to see and to explain it in terms familiar to them.

    General Tips for a Successful Presentation

    Avoid jargon; speak in practical terms

    • The board won’t receive your message if they can’t understand you.
    • Explain things as simply as you can; they only need to know enough to make decisions about addressing cyber risk.

    Address compliance

    • Boards are often interested in compliance, so be prepared to talk about it, but clarify that it doesn't equal security.
    • Instead, use compliance as a bridge to discussing areas of the security program that need attention.

    Have solid answers

    • Try to avoid answering questions with the answer, “It depends.”
      • Depends on what?
      • Why?
      • What do you recommend?
    • The board is relying on you for guidance, so be prepared to clarify what the board is asking (you may have to read between the lines to do this).
    • Also address the pain points of board members and have answers to their questions about how to resolve them.

    2.4 Use your metrics to create a story about risk

    Become the narrator of your organization’s security program.

    Security is about managing risk. This is also its primary value to the organization. As such, risk should be the theme of the story you tell.

    "Build a cohesive story that people can understand . . . Raw metrics are valuable from an operations standpoint, but at the executive level, it's about a cohesive story that helps executives understand the value of the security program and keeps the company moving forward. "– Adam Ely, CSO and Co-Founder, Bluebox Security, qtd. by Tenable, 2016

    How to Develop Your Own Story...

    1. Review your security program goals and the metrics you’re using to track progress towards them. Then, decide which metrics best tell this story (i.e. what you’re doing and why).
      • Less is more when presenting metrics, so be realistic about how much your audience can digest in one sitting.
      • Three metrics is usually a safe number; choose the ones that are most representative of your goals.
    2. Explain why you chose the goals you did (i.e. what risks were you addressing?). Then, make an honest assessment of how the security program is doing as far as meeting those goals:
      • What’s going well?
      • What still needs improvement?
      • What about your metrics suggests this?
    3. Address how risks have changed and explain your new recommended course of action.
      • What risks were present when you started?
      • What risks remain despite your progress?
      • How do these risks affect the business operation and what can security do to help?

    Story arc for security metrics

    The following model encapsulates the basic trajectory of all story development.

    Use this model to help you put together your story about risk.

    Introduction: Overall assessment of security program.

    Initial Incident: Determination of the problems and associated risks.

    Rising Action: Creation of goals and metrics to measure progress.

    Climax: Major development indicated by metrics.

    Falling Action: New insights gained about organization’s risks.

    Resolution: Recommendations based on observations.

    Info-Tech Best Practice

    Follow this model to ensure that your metrics presentation follows a coherent storyline that explains how you assessed the problem, why you chose to address it the way you did, what you learned in doing so, and finally what should be done next to boost the security program’s maturity.

    Use a nesting-doll approach when presenting metrics

    Move from high-level to low-level to support your claims

    1. Avoid the temptation to emphasize technical details when presenting metrics. The importance of a metric should be clear from just its name.
    2. This does not mean that technical details should be disregarded entirely. Your digestible, high-level metrics should be a snapshot of what’s taking place on the security ground floor.
    3. With this in mind, we should think of our metrics like a nesting doll, with each metrics level being supported by the one beneath it.

    ...How do you know that?

    Board-Level KPI

    Mgmt.-Level KPI

    Raw Data

    Think of your lower-level metrics as evidence to back up the story you are telling.

    When you’re asked how you arrived at a given conclusion, you know it’s time to go down a level and to explain those results.

    Think of this like showing your work.

    Info-Tech Insight

    This approach is built into the KPX reporting format, but can be used for all metric types by drawing from your associated metrics and goals already achieved.

    Use one of Info-Tech’s dashboards to present your metrics

    2.4 Security Metrics Determination and Tracking Tool

    Choose the dashboard tool that makes the most sense for you.

    Info-Tech provides two options for metric dashboards to meet the varying needs of our members.

    If you’re just starting out, you’ll likely be inclined towards the dashboard within the Security Metrics Determination and Tracking Tool (seen here).

    The image shows a screenshot of the Security Metrics Determination and Tracking Tool.

    But if you’ve already got several KPIs to report on, you may prefer the Security Metrics KPX Dashboard Tool, featured on the following slides.

    Info-Tech Best Practice

    Not all graphs will be needed in all cases. When presenting, consider taking screenshots of the most relevant data and displaying them in Info-Tech’s Board-Level Security Metrics Presentation Template.

    Use one of Info-Tech’s dashboards to present your metrics

    2.4 Security Metrics KPX Dashboard

    Use Info-Tech’s Security Metrics KPX Dashboard to track and show your work.

    The image shows a screenshot of the Definitions section of the Security Metrics KPX Dashboard

    1. Start by customizing the definitions on tab 1 to match your organization’s understanding of high, medium, and low risk across the three impact areas (functional, informational, and recoverability).
    2. Next, enter up to 5 business goals that your security program supports.

    Use one of Info-Tech’s dashboards to present your metrics

    2.4 Security Metrics KPX Dashboard

    Use Info-Tech’s Security Metrics KPX Dashboard to track and show your work.

    The image shows a screenshot of tab 2 of the Security Metrics KPX Dashboard.

    1. On tab 2, enter the large-scale risk you are tracking
    2. Proceed by naming each of your KPXs after three broad risks that – to you – contribute to the large-scale risk.

    Use one of Info-Tech’s dashboards to present your metrics

    2.4 Security Metrics KPX Dashboard

    Use Info-Tech’s Security Metrics KPX Dashboard to track and show your work.

    The image is the same screenshot from the previous section, of tab 2 of the Security Metrics KPX Dashboard.

    1. Then, add up to five KPIs aimed at managing more granular risks that contribute to the broad risk.
    2. Assess the frequency and impact associated with these more granular risks to determine how likely it is to contribute to the broad risk the KPX is tracking.

    Use one of Info-Tech’s dashboards to present your metrics

    2.4 Security Metrics KPX Dashboard

    Use Info-Tech’s Security Metrics KPX Dashboard to track and show your work.

    The image is the same screenshot of tab 2 of the Security Metrics KPX Dashboard.

    1. Repeat as necessary for the other KPXs on tab 2.
    2. Repeat steps 3-7 for up to two more large-scale risks and associated KPXs on tabs 3 and 4.

    Use one of Info-Tech’s dashboards to present your metrics

    2.4 Security Metrics KPX Dashboard

    Use Info-Tech’s Security Metrics KPX Dashboard to track and show your work.

    The image shows a chart titled Business Alignment, with sample Business Goals and KPXs filled in.

    1. If desired, complete the Business Alignment evaluation (located to the right of KPX 2 on tabs 2-4) to demonstrate how well security is supporting business goals.

    "An important key to remember is to be consistent and stick to one framework once you've chosen it. As you meet with the same audiences repeatedly, having the same framework for reference will ensure that your communications become smoother over time." – Caroline Wong, Chief Strategy Officer, Cobalt.io

    Use one of Info-Tech’s dashboards to present your metrics

    2.4 Security Metrics KPX Dashboard

    Use Info-Tech’s Security Metrics KPX Dashboard to track and show your work.

    The image shows a screenshot of the dashboard on tab 5 of the Security Metrics KPX Dashboard.

    1. Use the dashboard on tab 5 to help you present your security metrics to senior leadership.

    Use one of Info-Tech’s dashboards to present your metrics

    2.4 Security Metrics KPX Dashboard

    Use Info-Tech’s Security Metrics KPX Dashboard to track and show your work.

    The image shows the same screenshot of Tab 2 of the Security Metrics KPX Dashboard that was shown in previous sections.

    Best Practice:

    This tool helps you convert your KPIs into the language of risk by assessing frequency and severity, which helps to make the risk relatable for senior leadership. However, it is still useful to track fluctuations in terms of percentage. To do this, track changes in the frequency, severity, and trend scores from quarter to quarter.

    Customize Info-Tech’s Security Metrics Presentation Template

    2.4 Board-Level Security Metrics Presentation Template

    Use the Board-Level Security Metrics Presentation Template deck to help structure and deliver your metrics presentation to the board.

    To make the dashboard slide, simply copy and paste the charts from the dashboard tool and arrange the images as needed.

    Adapt the status report and business alignment slides to reflect the story about risk that you are telling.

    2.5 Revise your metrics

    What's next?

    Now that you’ve made it through your metrics presentation, it’s important to reassess your goals with feedback from your audience in mind. Use the following workflow.

    The image shows a flowchart titled Metrics-Revision Workflow. The flowchart begins with the question Have you completed your goal? and then works through multiple potential answers.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    Workshops offer an easy way to accelerate your project. While onsite, our analysts will work with you and your team to facilitate the activities outlined in the blueprint.

    Getting key stakeholders together to formalize the program, while getting started on data discovery and classification, allows you to kickstart the overall program.

    In addition, leverage over-the-phone support through Guided Implementations included in advisory memberships to ensure the continuous improvement of the classification program even after the workshop.

    Logan Rohde

    Research Analyst – Security, Risk & Compliance Info-Tech Research Group

    Ian Mulholland

    Senior Research Analyst – Security, Risk & Compliance Info-Tech Research Group

    Call 1-888-670-8889 for more information.

    Insight breakdown

    Metrics lead to maturity, not vice versa.

    • Tracking metrics helps you assess progress and regress in your security program, which helps you quantify the maturity gains you’ve made.

    Don't lose hope if you lack resources to move beyond baseline testing.

    • Even if you are struggling to pull data, you can still draw meaningful metrics. The percent or ratio of processes or systems you lack insight into can be very valuable, as it provides a basis to initiate a risk-based discussion with management about the organization's security blind spots.

    The best metrics are tied to goals.

    • Tying your metrics to goals ensures that you are collecting metrics for a specific purpose rather than just to watch the numbers change.

    Summary of accomplishment

    Knowledge Gained

    • Current maturity assessment of security areas
    • Setting SMART goals
    • Metric types
    • KPI development
    • Goals prioritization
    • Reporting and revision strategies

    Processes Optimized

    • Metrics development
    • Metrics collection
    • Metrics reporting

    Deliverables Completed

    • KPI Development Worksheet
    • Security Metrics Determination and Tracking Tool
    • Security Metrics KPX Dashboard Tool
    • Board-Level Security Metrics Presentation Template

    Research contributors and experts

    Mike Creaney, Senior Security Engineer at Federal Home Loan Bank of Chicago

    Peter Chestna, Director, Enterprise Head of Application Security at BMO Financial Group

    Zane Lackey, Co-Founder / Chief Security Officer at Signal Sciences

    Ben Rothke, Senior Information Security Specialist at Tapad

    Caroline Wong, Chief Strategy Officer at Cobalt.io

    2 anonymous contributors

    Related Info-Tech research

    Build an Information Security Strategy

    Tailor best practices to effectively manage information security.

    Implement a Security Governance and Management Program

    Align security and business objectives to get the greatest benefit from both.

    Bibliography

    Capability Maturity Model Integration (CMMI). ISACA. Carnegie Mellon University.

    Ely, Adam. “Choose Security Metrics That Tell a Story.” Using Security Metrics to Drive Action: 33 Experts Share How to Communicate Security Program Effectiveness to Business Executives and the Board Eds. 2016. Web.

    https://www.ciosummits.com/Online_Assets_Tenable_eBook-_Using_Security_Metrics_to_Drive_Action.pdf

    ISACA. “Board Director Concerns about Cyber and Technology Risk.” CSX. 11 Sep. 2018. Web.

    Rothke, Ben. “CEOs Require Security Metrics with a High-Level Focus.” Using Security Metrics to Drive Action: 33 Experts Share How to Communicate Security Program Effectiveness to Business Executives and the Board Eds. 2016. Web.

    https://www.ciosummits.com/Online_Assets_Tenable_eBook-_Using_Security_Metrics_to_Drive_Action.pdf

    Wong, Caroline. Security Metrics: A Beginner’s Guide. McGraw Hill: New York, 2012.

    Jump Start Your Vendor Management Initiative

    • Buy Link or Shortcode: {j2store}211|cart{/j2store}
    • member rating overall impact (scale of 10): 9.4/10 Overall Impact
    • member rating average dollars saved: $137,332 Average $ Saved
    • member rating average days saved: 31 Average Days Saved
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management
    • Each year, IT organizations spend more money “outsourcing” tasks, activities, applications, functions, and other items.
    • The increased spend and associated outsourcing leads to less control, and more risk for IT organizations. Managing this becomes a higher priority for IT, but many IT organizations are ill-equipped to do this proactively.

    Our Advice

    Critical Insight

    • Vendor management is not “plug and play” – each organization’s vendor management initiative (VMI) needs to fit its culture, environment, and goals. There are commonalites among vendor management initiatives, but the key is to adapt vendor management principles to fit your needs, not the other way around.
    • All vendors are not of equal importance to an organization. Internal resources are a scarce commodity and should be deployed so that they provide the best return on the organization’s investment. Classifying or segmenting your vendors allows you to focus your efforts on the most important vendors first, allowing your VMI to have the greatest impact possible.
    • Having a solid foundation is critical to the VMI’s ongoing success. Whether you will be creating a formal vendor management office or using vendor management techniques, tools, and templates “informally,” starting with the basics is essential. Make sure you understand why the VMI exists and what it hopes to achieve, what is in and out of scope for the VMI, what strengths the VMI can leverage and the obstacles it will have to address, and how it will work with other areas within your organization.

    Impact and Result

    • Build and implement a vendor management initiative tailored to your environment.
    • Create a solid foundation to sustain your vendor management initiative as it evolves and matures.
    • Leverage vendor management-specific tools and templates to manage vendors more proactively and improve communication.
    • Concentrate your vendor management resources on the right vendors.
    • Build a roadmap and project plan for your vendor management journey to ensure you reach your destination.
    • Build collaborative relationships with critical vendors.

    Jump Start Your Vendor Management Initiative Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should jump start a vendor management initiative, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Plan

    Organize your VMI and document internal processes, relationships, roles, and responsibilities. The main outcomes from this phase are organizational documents, a baseline VMI maturity level, and a desired future state for the VMI.

    • Jump Start Your Vendor Management Initiative – Phase 1: Plan
    • Jump – Phase 1 Tools and Templates Compendium

    2. Build

    Configure and create the tools and templates that will help you run the VMI. The main outcomes from this phase are a clear understanding of which vendors are important to you, the tools to manage the vendor relationships, and an implementation plan.

    • Jump Start Your Vendor Management Initiative – Phase 2: Build
    • Jump – Phase 2 Tools and Templates Compendium
    • Jump – Phase 2 Vendor Classification Tool
    • Jump – Phase 2 Vendor Risk Assessment Tool

    3. Run

    Begin operating the VMI. The main outcomes from this phase are guidance and the steps required to implement your VMI.

    • Jump Start Your Vendor Management Initiative – Phase 3: Run

    4. Review

    Identify what the VMI should stop doing, start doing, and continue doing as it improves and matures. The main outcomes from this phase are ways to advance the VMI and maintain internal alignment.

    • Jump Start Your Vendor Management Initiative – Phase 4: Review

    Infographic

    Workshop: Jump Start Your Vendor Management Initiative

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Plan

    The Purpose

    Getting Organized

    Key Benefits Achieved

    Defined Roles and Goals for the VMI

    Activities

    1.1 Mission Statement and Goals

    1.2 Scope

    1.3 Strengths and Obstacles

    1.4 Roles and Responsibilities – OIC Chart

    1.5 Process Mapping

    1.6 Vendor Inventory Tool (Overview)

    Outputs

    Completed Mission Statement and Goals

    List of Items In Scope and Out of Scope for the VMI

    List of Strengths and Obstacles for the VMI

    Completed OIC Chart

    Sample Process Map for One Process

    Begun Using Vendor Inventory Tool

    2 Plan/Build/Run

    The Purpose

    Build VMI Tools and Templates

    Key Benefits Achieved

    Configured Tools and Templates for the VMI Based on Its Roles and Goals

    Activities

    2.1 Maturity Assessment

    2.2 Structure and Job Descriptions

    2.3 Attributes of a Valuable Vendor

    2.4 Classification Model

    2.5 Risk Assessment Tool

    2.6 Scorecards and Feedback

    2.7 Business Alignment Meeting Agenda

    Outputs

    Completed Maturity Assessment.

    Sample Job Descriptions and Phrases.

    List of Attributes of a Valuable Vendor.

    Configured Classification Model.

    Configured Risk Assessment Tool.

    Configured Scorecard and Feedback Questions.

    Configured Business Alignment Meeting Agenda.

    3 Build/Run

    The Purpose

    Continue Building VMI Tools and Templates

    Key Benefits Achieved

    Configured Tools and Templates for the VMI Based on Its Roles and Goals

    Activities

    3.1 Relationship Alignment Document

    3.2 Vendor Orientation

    3.3 Policies and Procedures

    3.4 3-Year Roadmap

    3.5 90-Day Plan

    3.6 Quick Wins

    3.7 Reports

    3.8 Kickoff Meeting

    Outputs

    Relationship Alignment Document Sample and Checklist

    Vendor Orientation Checklist

    Policies and Procedures Checklist

    Completed 3-Year Roadmap

    Completed 90-Day Plan

    List of Quick Wins

    List of Reports

    4 Review

    The Purpose

    Review the Past 12 Months of VMI Operations and Improve

    Key Benefits Achieved

    Keeping the VMI Aligned With the Organization’s Goals and Ensuring the VMI Is Leveraging Leading Practices

    Activities

    4.1 Develop/Improve Vendor Relationships.

    4.2 Assess Compliance.

    4.3 Incorporate Leading Practices.

    4.4 Leverage Lessons Learned.

    4.5 Maintain Internal Alignment.

    4.6 Update Governances.

    Outputs

    Further reading

    Jump Start Your Vendor Management Initiative

    Create and implement a vendor management framework to begin obtaining measurable results in 90 days.

    EXECUTIVE BRIEF

    Analyst Perspective

    What is vendor management?

    When you read the phrase “vendor management,” what comes to mind? This isn’t a rhetorical question. Take your time … I’ll wait.

    Unfortunately, those words conjure up a lot of different meanings, and much of that depends on whom you ask. Those who work in the vendor management field will provide a variety of answers. To complicate matters, those who are vendor management “outsiders” will have a totally different view of what vendor management is. Why is this important? Because we need a common definition to communicate more effectively, even if the definition is broad.

    Let’s start creating a working definition that is not circular. Vendor management is not simply managing vendors. That expression basically reorders the words and does nothing to advance our cause; it only adds to the existing confusion surrounding the concept.

    Vendor management is best thought of as a spectrum or continuum with many points rather than a specific discipline like accounting or finance. There are many functions and activities that fall under the umbrella term of vendor management: some of them will be part of your vendor management initiative (VMI), some will not, and some will exist in your organization but be outside the VMI. This is the unique part of vendor management – the part that makes it fun, but also the part that leads to the confusion. For example, accounts payable sits within the accounting department almost exclusively, but contract management can sit within or outside the VMI. The beauty of vendor management is its flexibility; your VMI can be created to meet your specific needs and goals while leveraging common vendor management principles.

    Every conversation around vendor management needs to begin with “What do you mean by that?” Only then can we home in on the scope and nature of what people are discussing. “Managing vendors” is too narrow because it often ignores many of the reasons organizations create VMIs in the first place: to reduce costs, to improve performance, to improve processes, to improve relationships, to improve communication, and to manage risk better.

    Vendor management is a strategic initiative that takes the big picture into account … navigating the cradle to grave lifecycle to get the most out of your interactions and relationships with your vendors. It is flexible and customizable; it is not plug and play or overly prescriptive. Tools, principles, templates, and concepts are adapted rather than adopted as is. Ultimately, you define what vendor management is for your organization.

    We look forward to helping you on your vendor management journey no matter what it looks like. But first, let’s have a conversation about how you want to define vendor management in your environment.

    This is a picture of Phil Bode, Principal  Research Director, Vendor Management at Info-Tech Research Group.

    Phil Bode
    Principal Research Director, Vendor Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Each year, IT organizations “outsource” tasks, activities, functions, and other items. During 2021:

    • Spend on as-a-service providers increased 38% over 2020.*
    • Spend on managed service providers increased 16% over 2020.*
    • IT service providers increased their merger and acquisition numbers by 47% over 2020.*

    *Source: Information Services Group, Inc., 2022.

    This leads to more spend, less control, and more risk for IT organizations. Managing this becomes a higher priority for IT, but many IT organizations are ill-equipped to do this proactively.

    Common Obstacles

    As new contracts are negotiated and existing contracts are renegotiated or renewed, there is a perception that the contracts will yield certain results, output, performance, solutions, or outcomes. The hope is that these will provide a measurable expected value to IT and the organization. Oftentimes, much of the expected value is never realized. Many organizations don’t have a VMI to help:

    • Ensure at least the expected value is achieved.
    • Improve on the expected value through performance management.
    • Significantly increase the expected value through a proactive VMI.

    Info-Tech’s Approach

    Vendor management is a proactive, cross-functional lifecycle. It can be broken down into four phases:

    • Plan
    • Build
    • Run
    • Review

    The Info-Tech process addresses all four phases and provides a step-by-step approach to configure and operate your VMI. The content in this blueprint helps you quickly establish your VMI and set a solid foundation for its growth and maturity.

    Info-Tech Insight

    Vendor management is not a one-size-fits-all initiative. It must be configured:

    • For your environment, culture, and goals.
    • To leverage the strengths of your organization and personnel.
    • To focus your energy and resources on your critical vendors.

    Executive Summary

    Your Challenge

    Spend on managed service providers and as-a-service providers continues to increase. In addition, IT services vendors continue to be active in the mergers and acquisitions arena. This increases the need for a VMI to help with the changing IT vendor landscape. In 2021, there was increases of:

    38%

    Spend on As-a-Service Providers

    16%

    Spend on Managed Services Providers

    47%

    IT Services Merger & Acquisition Growth (Transactions)

    Source: Information Services Group, Inc., 2022.

    Executive Summary

    Common Obstacles

    When organizations execute, renew, or renegotiate a contract, there is an “expected value” associated with that contract. Without a robust VMI, most of the expected value will never be realized. With a robust VMI, the realized value significantly exceeds the expected value during the contract term.

    A contract’s realized value with and without a vendor management initiative

    Two bars are depicted, showing that vendor collaboration and vendor performance management exceed expected value with a VMI, but without VMI, 75% of a contract's expected value can disappear within 18 months.

    Source: Based on findings from Geller & Company, 2003.

    Executive Summary

    Info-Tech’s Approach

    A sound, cyclical approach to vendor management will help you create a VMI that meets your needs and stays in alignment with your organization as they both change (i.e. mature and grow).

    This is an image of Info-Tech's approach to VMI.  It includes the following four steps: 01 - Plan; 02 - Build; 03 - Run; 04 - Review

    Info-Tech’s Methodology for Creating and Operating Your VMI

    Phase 1: Plan Phase 2: Build Phase 3: Run Phase 4: Review

    Phase Steps

    1.1 Mission Statement and Goals
    1.2 Scope
    1.3 Strengths and Obstacles
    1.4 Roles and Responsibilities
    1.5 Process Mapping
    1.6 Charter
    1.7 Vendor Inventory
    1.8 Maturity Assessment
    1.9 Structure

    2.1 Classification Model
    2.2 Risk Assessment Tool
    2.3 Scorecards and Feedback
    2.4 Business Alignment Meeting Agenda
    2.5 Relationship Alignment Document
    2.6 Vendor Orientation
    2.7 Job Descriptions
    2.8 Policies and Procedures
    2.9 3-Year Roadmap
    2.10 90-Day Plan
    2.11 Quick Wins
    2.12 Reports

    3.1 Classify Vendors
    3.2 Conduct Internal “Kickoff” Meeting
    3.3 Conduct Vendor Orientation
    3.4 Compile Scorecards
    3.5 Conduct Business Alignment Meetings
    3.6 Work the 90-Day Plan
    3.7 Manage the 3-Year Roadmap
    3.8 Measure and Monitor Risk
    3.9 Issue Reports
    3.10 Develop/Improve Vendor Relationships
    3.11 Contribute to Other Processes

    4.1 Assess Compliance
    4.2 Incorporate Leading Practices
    4.3 Leverage Lessons Learned
    4.4 Maintain Internal Alignment
    4.5 Update Governances

    Phase Outcomes

    This phase helps you organize your VMI and document internal processes, relationships, roles, and responsibilities. The main outcomes from this phase are organizational documents, a baseline VMI maturity level, and a desired future state for the VMI. This phase helps you configure and create the tools and templates that will help you run the VMI. The main outcomes from this phase are a clear understanding of which vendors are important to you, the tools to manage the vendor relationships, and an implementation plan. This phase helps you begin operating the VMI. The main outcomes from this phase are guidance and the steps required to implement your VMI. This phase helps the VMI identify what it should stop doing, start doing, and continue doing as it improves and matures. The main outcomes from this phase are ways to advance the VMI and maintain internal alignment.

    Insight Summary

    Insight 1

    Vendor management is not “plug and play” – each organization’s vendor management initiative (VMI) needs to fit its culture, environment, and goals. While there are commonalities and leading practices associated with vendor management, your initiative won’t look exactly like another organization’s. The key is to adapt vendor management principles to fit your needs.

    Insight 2

    All vendors are not of equal importance to your organization. Internal resources are a scarce commodity and should be deployed so that they provide the best return on the organization’s investment. Classifying or segmenting your vendors allows you to focus your efforts on the most important vendors first, allowing your VMI to have the greatest impact possible.

    Insight 3

    Having a solid foundation is critical to the VMI’s ongoing success. Whether you will be creating a formal vendor management office or using vendor management techniques, tools, and templates “informally,” starting with the basics is essential. Make sure you understand why the VMI exists and what it hopes to achieve, what is in and out of scope for the VMI, what strengths the VMI can leverage and the obstacles it will have to address, and how it will work with other areas within your organization.

    Blueprint Deliverables

    The four phases of creating and running a vendor management initiative are supported with configurable tools, templates, and checklists to help you stay aligned internally and achieve your goals.

    VMI Tools and Templates

    This image contains two screenshots of Info-Tech's VMI Tools and Templates

    Build a solid foundation for your VMI and configure tools and templates to help you manage your vendor relationships.

    Key Deliverables:

    1. Jump – Phase 1 Tools and Templates Compendium
    2. Jump – Phase 2 Tools and Templates Compendium
    3. Jump – Phase 2 Vendor Classification Tool
    4. Jump – Phase 2 Vendor Risk Assessment Tool

    A suite of tools and templates to help you create and implement your vendor management initiative.

    Blueprint benefits

    IT Benefits

    • Identify and manage risk proactively.
    • Reduce costs and maximize value.
    • Increase visibility with your critical vendors.
    • Improve vendor performance.
    • Create a collaborative environment with key vendors.
    • Segment vendors to allocate resources more effectively and more efficiently.

    Business Benefits

    • Improve vendor accountability.
    • Increase collaboration between departments.
    • Improve working relationships with your vendors.
    • Create a feedback loop to address vendor or customer issues before they get out of hand or are more costly to resolve.
    • Increase access to meaningful data and information regarding important vendors.

    Establish Baseline Metrics

    Baseline metrics will be improved through:

    Using the Maturity Assessment and 90-Day Plan tools, track how well you are able to achieve your goals and objectives:

    • Did you meet the targeted maturity level for each maturity category as determined by the point system?
    • Did you finish each activity in the 90-Day Plan completely and on time?
    1-Year Maturity Roadmap(by Category) Target Maturity (Total Points) Actual Maturity (Total Points)
    Contracts 12 12
    Risk 8 7
    Vendor Selection 9 9
    Vendor Relationships 21 21
    VMI Operations 24 16
    90-Day Plan (by Activity) Activity Completed
    Finalize mission and goals; gain executive approval Yes
    Finalize OIC chart; gain buy-in from other departments Yes
    Classify top 40 vendors by spend Yes
    Create initial scorecard Yes
    Develop the business alignment meeting agenda Yes
    Conduct two business alignment meetings No
    Update job descriptions Yes
    Map two VMI processes No

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phases 2 & 3 Phase 4

    Call #1: Mission statement and goals, scope, and strengths and obstacles.

    Call #5: Classification model.

    Call #9: Policies and procedures and reports.

    Call #12: Assess compliance, incorporate leading practices, leverage lessons learned, maintain internal alignment, and update governances.

    Call #2: Roles and responsibilities and process mapping.

    Call #6: Risk assessment.

    Call #10: 3-year roadmap.

    Call #3: Charter and vendor inventory.

    Call #7: Scorecards and feedback and business alignment meetings.

    Call #11: 90-day plan and quick wins.

    Call #4: Maturity assessment and VMI structure.

    Call #8: Relationship alignment document, vendor orientation, and job descriptions.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4
    Plan Plan/Build/Run Build/Run Review

    Activities

    1.1 Mission Statement and Goals
    1.2 Scope
    1.3 Strengths and Obstacles
    1.4 Roles and Responsibilities
    1.5 Process Mapping
    1.6 Charter
    1.7 Vendor Inventory
    1.8 Maturity Assessment
    1.9 Structure

    2.1 Classification Model
    2.2 Risk Assessment Tool
    2.3 Scorecards and Feedback
    2.4 Business Alignment Meeting Agenda
    2.5 Relationship Alignment Document
    2.6 Vendor Orientation
    2.7 Job Descriptions
    2.8 Policies and Procedures
    2.9 3-Year Roadmap
    2.10 90-Day Plan
    2.11 Quick Wins
    2.12 Reports

    3.1 Classify Vendors
    3.2 Conduct Internal “Kickoff” Meeting
    3.3 Conduct Vendor Orientation
    3.4 Compile Scorecards
    3.5 Conduct Business Alignment Meetings
    3.6 Work the 90-Day Plan
    3.7 Manage the 3-Year Roadmap
    3.8 Measure and Monitor Risk
    3.9 Issue Reports
    3.10 Develop/Improve Vendor Relationships
    3.11 Contribute to Other Processes

    4.1 Assess Compliance
    4.2 Incorporate Leading Practices
    4.3 Leverage Lessons Learned
    4.4 Maintain Internal Alignment
    4.5 Update Governances

    Deliverables

    1. Completed Mission Statement and Goals
    2. List of Items In Scope and Out of Scope for the VMI
    3. List of Strengths and Obstacles for the VMI
    4. Completed OIC Chart
    5. Sample Process Map for One Process
    6. Vendor Inventory tab
    1. Completed Maturity Assessment
    2. Sample Job Descriptions and Phrases
    3. List of Attributes of a Valuable Vendor
    4. Configured Classification Model
    5. Configured Risk Assessment Tool
    6. Configured Scorecard and Feedback Questions
    7. Configured Business Alignment Meeting Agenda
    1. Relationship Alignment Document Sample and Checklist
    2. Vendor Orientation Checklist
    3. Policies and Procedures Checklist
    4. Completed 3-Year Roadmap
    5. Completed 90-Day Plan
    6. List of Quick Wins
    7. List of Reports

    Phase 1: Plan

    Get Organized

    1.1 Mission Statement and Goals
    1.2 Scope
    1.3 Strengths and Obstacles
    1.4 Roles and Responsibilities
    1.5 Process Mapping
    1.6 Charter
    1.7 Vendor Inventory
    1.8 Maturity Assessment
    1.9 Structure

    Phase 1 Phase 2 Phase 3 Phase 4
    1.1 Mission Statement and Goals
    1.2 Scope
    1.3 Strengths and Obstacles
    1.4 Roles and Responsibilities
    1.5 Process Mapping
    1.6 Charter
    1.7 Vendor Inventory
    1.8 Maturity Assessment
    1.9 Structure

    2.1 Classification Model
    2.2 Risk Assessment Tool
    2.3 Scorecards and Feedback
    2.4 Business Alignment Meeting Agenda
    2.5 Relationship Alignment Document
    2.6 Vendor Orientation
    2.7 Job Descriptions
    2.8 Policies and Procedures
    2.9 3-Year Roadmap
    2.10 90-Day Plan
    2.11 Quick Wins
    2.12 Reports

    3.1 Classify Vendors
    3.2 Conduct Internal “Kickoff” Meeting
    3.3 Conduct Vendor Orientation
    3.4 Compile Scorecards
    3.5 Conduct Business Alignment Meetings
    3.6 Work the 90-Day Plan
    3.7 Manage the 3-Year Roadmap
    3.8 Measure and Monitor Risk
    3.9 Issue Reports
    3.10 Develop/Improve Vendor Relationships
    3.11 Contribute to Other Processes

    4.1 Assess Compliance
    4.2 Incorporate Leading Practices
    4.3 Leverage Lessons Learned
    4.4 Maintain Internal Alignment
    4.5 Update Governances

    This phase will walk you through the following activities:

    Organize your VMI and document internal processes, relationships, roles, and responsibilities. The main outcomes from this phase are organizational documents, a baseline VMI maturity level, and a desired future state for the VMI.

    This phase involves the following participants:

    • VMI team
    • Applicable stakeholders and executives
    • Procurement/Sourcing
    • IT
    • Others as needed

    Jump Start Your Vendor Management Initiative

    Phase 1: Plan

    Get organized.

    Phase 1: Plan focuses on getting organized. Foundational elements (mission statement, goals, scope, strengths and obstacles, roles and responsibilities, and process mapping) will help you define your VMI. These and the other elements of this Phase will follow you throughout the process of standing up your VMI and running it.

    Spending time up front to ensure that everyone is on the same page will help avoid headaches down the road. The tendency is to skimp (or even skip) on these steps to get to “the good stuff.” To a certain extent, the process provided here is like building a house. You wouldn’t start building your dream home without having a solid blueprint. The same is true with vendor management. Leveraging vendor management tools and techniques without the proper foundation may provide some benefit in the short term, but in the long term it will ultimately be a house of cards waiting to collapse.

    Step 1.1: Mission statement and goals

    Identify why the VMI exists and what it will achieve.

    Whether you are starting your vendor management journey or are already down the path, it is important to know why the vendor management initiative exists and what it hopes to achieve. The easiest way to document this is with a written declaration in the form of a mission statement and goals. Although this is the easiest way to proceed, it is far from easy.

    The mission statement should identify at a high level the nature of the services provided by the VMI, who it will serve, and some of the expected outcomes or achievements. The mission statement should be no longer than one or two sentences.

    The complement to the mission statement is the list of goals for the VMI. Your goals should not be a reassertion of your mission statement in bullet format. At this stage it may not be possible to make them SMART (Specific, Measurable, Achievable/Attainable, Relevant, Time-Bound/Time-Based), but consider making them as SMART as possible. Without some of the SMART parameters attached, your goals are more like dreams and wishes. At a minimum, you should be able to determine the level of success achieved for each of the VMI goals.

    Although the VMI’s mission statement will stay static over time (other than for significant changes to the VMI or organization as a whole), the goals should be re-evaluated periodically using a SMART filter and adjusted as needed.

    1.1.1: Mission statement and goals

    20-40 minutes

    1. Meet with the participants and use a brainstorming activity to list on a whiteboard or flip chart the reasons why the VMI will exist.
    2. Review external mission statements for inspiration.
    3. Review internal mission statements from other areas to ensure consistency.
    4. Draft and document your mission statement in the Phase 1 Tools and Templates Compendium, Tab 1.1 Mission Statement and Goals.
    5. Continue brainstorming and identify the high-level goals for the VMI.
    6. Review the list of goals and make them as SMART (Specific, Measurable, Achievable/Attainable, Relevant, Time-Bound/Time-Based) as possible.
    7. Document your goals in the Phase 1 Tools and Templates Compendium, Tab 1.1 Mission Statement and Goals.
    8. Obtain sign-off on the mission statement and goals from stakeholders and executives as required.

    Input

    • Brainstorming results
    • Mission statements from other internal and external sources

    Output

    • Completed mission statement and goals

    Materials

    • Whiteboard/Flip Charts
    • Jump – Phase 1 Tools and Templates Compendium, Tab 1.1 Mission Statement and Goals

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Step 1.2: Scope

    Determine what is in scope and out of scope for the VMI

    Regardless of where your VMI resides or how it operates, it will be working with other areas within your organization. Some of the activities performed by the VMI will be new and not currently handled by other groups or individuals internally; at the same time, some of the activities performed by the VMI may be currently handled by other groups or individuals internally. In addition, executives, stakeholders, and other internal personnel may have expectations or make assumptions about the VMI. As a result, there can be a lot of confusion about what the VMI does and doesn’t do, and the answers cannot always be found in the VMI’s mission statement and goals.

    One component of helping others understand the VMI landscape is formalizing the VMI scope. The scope will define boundaries for the VMI. The intent is not to fence itself off and keep others out but provide guidance on where the VMI’s territory begins and ends. Ultimately, this will help clarify the VMI’s roles and responsibilities, improve workflow, and reduce errant assumptions.

    When drafting your VMI scoping document, make sure you look at both sides of the equation (similar to what you would do when following best practices for a statement of work): Identify what is in scope and what is out of scope. Be specific when describing the individual components of the VMI scope, and make sure executives and stakeholders are on board with the final version.

    1.2.1: Scope

    20-40 minutes

    1. Meet with the participants and use a brainstorming activity to list on a whiteboard or flip chart the activities and functions in scope and out of scope for the VMI.
      1. Be specific to avoid ambiguity and improve clarity.
      2. Go back and forth between in scope and out of scope as needed; it is not necessary to list all of the in-scope items and then turn your attention to the out-of-scope items.
    2. Review the lists to make sure there is enough specificity. An item may be in scope or out of scope but not both.
    3. Use the Phase 1 Tools and Templates Compendium, Tab 1.2 Scope, to document the results.
    4. Obtain sign-off on the scope from stakeholders and executives as required.

    Input

    • Brainstorming
    • Mission statement and goals

    Output

    • Completed list of items in and out of scope for the VMI

    Materials

    • Whiteboard/Flip Charts
    • Jump – Phase 1 Tools and Templates Compendium, Tab 1.2 Scope

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Step 1.3: Strengths and obstacles

    Pinpoint the VMI’s strengths and obstacles.

    A SWOT analysis (strengths, weaknesses, opportunities, and threats) is a valuable tool, but it is overkill for your VMI at this point. However, using a modified and simplified form of this tool (strengths and obstacles) will yield significant results and benefit the VMI as it grows and matures.

    Your output will be two lists: the strengths associated with the VMI and the obstacles facing the VMI. For example, strengths could include items such as smart people working within the VMI and executive support. Obstacles could include items such as limited headcount and training required for VMI staff.

    The goals are 1) to harness the strengths to help the VMI be successful and 2) to understand the impact of the obstacles and plan accordingly. The output can also be used to enlighten executives and stakeholders about the challenges associated with their directives or requests (e.g. human bandwidth may not be sufficient to accomplish some of the vendor management activities and there is a moratorium on hiring until the next budget year).

    For each strength identified, determine how you will or can leverage it when things are going well or when the VMI is in a bind. For each obstacle, list the potential impact on the VMI (e.g. scope, growth rate, and number of vendors that can actively be part of the VMI).

    As you do your brainstorming, be as specific as possible and validate your lists with stakeholders and executives as needed.

    1.3.1: Strengths and obstacles

    20-40 minutes

    1. Meet with the participants and use a brainstorming activity to list on a whiteboard or flip chart the VMI’s strengths and obstacles.
      1. Be specific to avoid ambiguity and improve clarity.
      2. Go back and forth between strengths and obstacles as needed; it is not necessary to list all of the strengths and then turn your attention to the obstacles.
      3. It is possible for an item to be a strength and an obstacle; when this happens, add details to distinguish the situations.
    2. Review the lists to make sure there is enough specificity.
    3. Determine how you will leverage each strength and how you will manage each obstacle.
    4. Use the Phase 1 Tools and Templates Compendium, Tab 1.3 Strengths and Obstacles, to document the results.
    5. Obtain sign-off on the strengths and obstacles from stakeholders and executives as required.

    Download the Info-Tech Jump – Phase 1 Tools and Templates Compendium

    Input

    • Brainstorming
    • Mission statement and goals
    • Scope

    Output

    • Completed list of items impacting the VMI’s ability to be successful: strengths the VMI can leverage and obstacles the VMI must manage

    Materials

    • Whiteboard/Flip Charts
    • Jump – Phase 1 Tools and Templates Compendium, Tab 1.3 Strengths and Obstacles

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Step 1.4: Roles and responsibilities

    Obtain consensus on who is responsible for what.

    One crucial success factor for VMIs is gaining and maintaining internal alignment. There are many moving parts to an organization, and a VMI must be clear on the various roles and responsibilities related to the relevant processes. Some of this information can be found in the VMI’s scope, referenced in Step 1.2, but additional information is required to avoid stepping on each other’s toes since many of the processes require internal departments to work together. (For example, obtaining requirements for a request for proposal takes more than one person or one department to complete this process.) While it is not necessary to get too granular, it is imperative that you have a clear understanding of how the VMI activities will fit within the larger vendor management lifecycle (which is comprised of many sub processes) and who will be doing what.

    As we have learned through our workshops and guided implementations, a traditional RACI* or RASCI* chart does not work well for this purpose. These charts are not intuitive, and they lack the specificity required to be effective. For vendor management purposes, a higher-level view and a slightly different approach provide much better results.

    This step will lead your through the creation of an OIC* chart to determine vendor management lifecycle roles and responsibilities. Afterward, you’ll be able to say, “Oh, I see clearly who is involved in each part of the process and what their role is.”

    *RACI – Responsible, Accountable, Consulted, Informed
    *RASCI – Responsible, Accountable, Support, Consulted, Informed
    *OIC – Owner, Informed, Contributor

    This is an image of a table which shows an example of which role would be responsible for which step

    Step 1.4: Roles and responsibilities (cont.)

    Obtain consensus on who is responsible for what.

    To start, define the vendor management lifecycle steps or process applicable to your VMI. Next, determine who participates in the vendor management lifecycle. There is no need to get too granular – think along the lines of departments, subdepartments, divisions, agencies, or however you categorize internal operational units. Avoid naming individuals other than by title; this typically happens when a person oversees a large group (e.g. the CIO [chief information officer] or the CPO [chief procurement officer]). Be thorough, but the chart can get out of hand quickly. For each role and step of the lifecycle, ask whether the entry is necessary – does it add value to the clarity of understanding the responsibilities associated with the vendor management lifecycle? Consider two examples, one for roles and one for lifecycle steps: 1) Is IT sufficient or do you need IT Operations and IT Development? 2) Is “negotiate contract documents” sufficient or do you need “negotiate the contract” and “negotiate the renewal”? The answer will always depend on your culture and environment, but be wary of creating a spreadsheet that requires an 85-inch monitor to view it in its entirety.

    After defining the roles (departments, divisions, agencies) and the vendor management lifecycle steps or process, assign one of three letters to each box in your chart:

    • O – Owner – who owns the process; they may also contribute to it.
    • I – Informed – who is informed about the progress or results of the process.
    • C – Contributor – who contributes or works on the process; it can be tangible or intangible contributions.

    This activity can be started by the VMI or done as a group with representatives from each of the named roles. If the VMI starts the activity, the resulting chart should be validated by the each of the named roles.

    1.4.1: Roles and responsibilities

    1-6 hours

    1. Meet with the participants and configure the OIC Chart in the Jump – Phase 1 Tools and Templates Compendium, Tab 1.4 OIC Chart.
      1. Review the steps or activities across the top of the chart and modify as needed.
      2. Review the roles listed along the left side of the chart and modify as needed.
    2. For each activity or step across the top of the chart, assign each role a letter – O for owner of that activity or step; I for informed; or C for contributor. Use only one letter per cell.
    3. Work your way across the chart. Every cell should have an entry or be left blank if it is not applicable.
    4. Review the results and validate that every activity or step has an O assigned to it; there must be an owner for every activity or step.
    5. Obtain sign-off on the OIC chart from stakeholders and executives as required.

    Download the Info-Tech Jump – Phase 1 Tools and Templates Compendium

    Input

    • A list of activities or steps to complete a project, starting with requirements gathering and ending with ongoing risk management
    • A list of internal areas (departments, divisions, agencies, etc.) and stakeholders that contribute to completing a project

    Output

    • Completed OCI chart indicating roles and responsibilities for the VMI and other internal areas

    Materials

    • Jump – Phase 1 Tools and Templates Compendium, Tab 1.4 OIC Chart

    Participants

    • VMI team
    • Procurement/Sourcing
    • IT
    • Representatives from other areas as needed
    • Applicable stakeholders and executives as needed

    Step 1.5: Process mapping

    Diagram the workflow.

    Although policies and procedures are important, their nature can make it difficult to grasp how things work at a high level (or even at the detail level). To help bridge the gap, map the applicable processes (determined by how deep and wide you want to go) involving the VMI. To start, look at the OIC chart from Step 1.4. You can expand the breadth and depth of your mapping to include the VMI scope, the 3-year roadmap (see Step 2.9), and the processes driven by the day-to-day work within the VMI.

    Various mapping tools can be used. Three common approaches that can be mixed and matched are:

    • Traditional flowcharts.
    • Swimlane diagrams.
    • Work breakdown structures.
    This is an example of a Workflow Process Map

    Step 1.5: Process mapping (cont.)

    Diagram the workflow.

    Your goal is not to create an in-depth diagram for every step of the vendor management lifecycle. However, for steps owned by the VMI, the process map should include sufficient details for the owner and the contributors (see Step 1.4) to understand what is required of them to support that step in the lifecycle.

    For VMI processes that don’t interact with other departments, follow the same pattern as outlined above for steps owned by the VMI.

    Whatever methodology you use to create your process map, make sure it includes enough details so that readers and users can identify the following elements:

    • Input:
      • What are the inputs?
      • Where do the inputs originate or come from?
    • Process:
      • Who is involved/required for this step?
      • What happens to the inputs in this step?
      • What additional materials, tools, or resources are used or required during this step?
    • Output:
      • What are the outputs?
      • Where do the outputs go next?

    1.5.1: Process Mapping

    1-8 hours (or more)

    1. Meet with the participants and determine which processes you want to map.
      1. For processes owned by the VMI, map the entire process.
      2. For processes contributed to by the VMI, map the entire process at a high level and map the VMI portion of the process in greater detail.
    2. Select the right charts/diagrams for your output.
      1. Flowchart
      2. Swimlane diagram
      3. Modified SIPOC (Supplier, Input, Process, Output, Customer)
      4. WBS (work breakdown structure)
    3. Begin mapping the processes either in a tool or using sticky notes. You want to be able to move the steps and associated information easily; most people don’t map the entire process accurately or with sufficient detail the first time through. An iterative approach works best.
    4. Obtain signoff on the process maps from stakeholders and executives as required. A copy of the final output can be kept in the Jump – Phase 1 Tools and Templates Compendium, Tab 1.5 Process Mapping, if desired.

    Download the Info-Tech Jump – Phase 1 Tools and Templates Compendium

    Input

    • Existing processes (formal, informal, documented, and undocumented)
    • OIC chart

    Output

    • Process maps for processes contributed to or owned by the VMI

    Materials

    • Sticky Notes
    • Flowchart/process mapping software or something similar
    • (Optional) Jump – Phase 1 Tools and Templates Compendium, Tab 1.5 Process Mapping

    Participants

    • VMI team
    • Procurement/Sourcing
    • IT
    • Representatives from other areas as needed
    • Applicable stakeholders and executives (as needed)

    Step 1.6: Charter

    Document how the VMI will operate.

    As you continue getting organized by working through steps 1.1-1.5, you may want to document your progress in a charter and add some elements. Basically, a charter is a written document laying out how the VMI will operate within the organization. It clearly states the VMI’s mission, goals, scope, roles and responsibilities, and vendor governance model. In addition, it can include a list of team members and sponsors.

    Whether you create a VMI charter will largely depend on:

    • Your organization’s culture.
    • Your organization’s formality.
    • The perceived value of creating a charter.

    If you decide to create a VMI charter, this is a good place in the process to create an initial draft. As you continue working through the blueprint and your VMI matures, update the VMI charter as needed.

    VMI Charter:

    • Purpose
    • Sponsors
    • Roles
    • Responsibilities
    • Governance

    1.6.1: Charter

    1-4 hours

    1. Meet with the participants and review the template in Jump – Phase 1 Tools and Templates Compendium, Tab 1.6 Charter.
    2. Determine whether the participants will use this template or add materials to your standard charter template.
    3. Complete as much of the charter as possible, knowing that some information may not be available until later.
    4. Return to the charter as needed until it is completed.
    5. Obtain sign-off on the charter from stakeholders and executives as required.

    Download the Info-Tech Jump – Phase 1 Tools and Templates Compendium

    Input

    • Mission statement and goals
    • Scope
    • Strengths and obstacles
    • OIC chart
    • List of stakeholders and executives and their VMI roles and responsibilities

    Output

    • Completed VMI charter

    Materials

    • Jump – Phase 1 Tools and Templates Compendium, Tab 1.6 Charter
    • Your organization’s standard charter document

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Step 1.7: Vendor inventory

    Compile a list of vendors and relevant vendor information.

    As you prepare your VMI for being operational, it’s critical to identify all of your current vendors providing IT products or services to the organization. This can be tricky and may depend on how you view things internally. For example, you may have traditional IT vendors that are managed by IT, and you may have IT vendors that are managed by other internal departments (shadow IT or out-in-the-open IT). If it wasn’t determined with the help of stakeholders and executives before now, make sure you establish the purview of the VMI at this point. What types of vendors are included and excluded from the VMI?

    You may find that a vendor can be included and excluded based on the product or service they provide. A vendor may provide a service that is managed by IT and a service that is managed/controlled by another department. In this instance, a good working relationship and clearly defined roles and responsibilities between the VMI and the other department will be required. But, it all starts with compiling a list of vendors and validating the VMI’s purview (and any limitations) for the vendors with stakeholders and executives.

    Step 1.7: Vendor inventory (cont.)

    Compile a list of vendors and relevant vendor information.

    At a minimum, the VMI should be able to quickly retrieve key information about each of “its” vendors:

    • Vendor Name
    • Classification (see Steps 2.1 and 3.1)
    • Categories of Service
    • Names of Products and Services Provided
    • Brief Descriptions of Products and Services Provided
    • Annualized Vendor Spend
    • Vendor Contacts
    • Internal Vendor Relationship Owner

    Not all of this information will be available at this point, but you can begin designing or configuring your tool to meet your needs. As your VMI enters Phase 3: Run and continues to mature, you will return to this tool and update the information. For example, the vendor classification category won’t be known until Phase 3, and it can change over time.

    1.7.1: Vendor inventory

    1-10 hours

    Meet with the participants and review the Jump – Phase 1 Tools and Templates Compendium, Tab 1.7 Vendor Inventory. Determine whether the VMI wants to collect and/or monitor additional information and make any necessary modifications to the tool.

    Enter the “Annual IT Vendor Spend” amount in the appropriate cell toward the top of the spreadsheet. This is for IT spend for vendor-related activities within the VMI’s scope; include shadow IT spend and “non-shadow” IT spend if those vendors will be included in the VMI’s scope.

    Populate the data fields for your top 50 vendors by annual spend; you may need multiple entries for the same vendor depending on the nature of the products and services they provide.

    Ignore the “Classification” column for now; you will return to this later when classification information is available.

    Ignore the “Percentage of IT Budget” column as well; it uses a formula to calculate this information.

    Input

    • Data from various internal and external sources such as accounts payable, contracts, and vendor websites

    Output

    • List of vendors with critical information required to manage relationships with key vendors

    Materials

    • Jump – Phase 1 Tools and Templates Compendium, Tab 1.7 Vendor Inventory

    Participants

    • VMI team (directly)
    • Other internal and external personnel (indirectly)

    Download the Info-Tech Jump – Phase 1 Tools and Templates Compendium

    Step 1.8: Maturity assessment

    Establish a VMI maturity baseline and set an ideal future state.

    Knowing where you are and where you want to go are essential elements for any journey in the physical world, and the same holds true for your VMI journey. Start by assessing your current-state VMI maturity. This will provide you with a baseline to measure progress against. Next, using the same criteria, determine the level of VMI maturity you would like to achieve one year in the future. This will be your future-state VMI maturity. Lastly, identify the gaps and plot your course.

    The maturity assessment provides three main benefits:

    1. Focus – you’ll know what is important to you moving forward.
    2. 3-Year Roadmap (discussed more fully in Step 2.9) – you’ll have additional input for your short-term and long-term roadmap (1, 2, and 3 years out).
    3. Quantifiable Improvement – you’ll be able to measure your progress and make midcourse corrections when necessary.

    Step 1.8: Maturity assessment (cont.)

    Establish a VMI maturity baseline and set an ideal future state.

    The Info-Tech VMI Maturity Assessment tool evaluates your maturity across several criteria across multiple categories. Once completed, the assessment will specify:

    • A current-state score by category and overall.
    • A target-state score by category and overall.
    • A quantifiable gap for each criterion.
    • A priority assignment for each criterion.
    • A level of effort required by criterion to get from the current state to the target state.
    • A target due date by criterion for achieving the target state.
    • A rank order for each criterion (note: limit your ranking to your top 7 or 9).

    Many organizations will be tempted to mature too quickly. Resource constraints and other items from Step 1.3 (Strengths and Obstacles) will impact how quickly you can mature. Being aggressive is fine, but it must be tempered with a dose of reality. Otherwise, morale, perception, and results can suffer.

    1.8.1: Maturity assessment

    45-90 minutes

    1. Meet with the participants and use Jump – Phase 1 Tools and Templates Compendium, Tab 1.8 Maturity Assessment Input, to complete the first part of this activity. Provide the required information indicated below.
      1. Review each statement in column B and enter a value in the “Current” column using the drop-down menus based on how much you disagree or agree (0-4) with the statement. This establishes a baseline maturity.
      2. Repeat this process for the “Future” column using a target date of one year from now to achieve this level. This is your desired maturity.
      3. Enter information regarding priority, level of effort, and target due date in the applicable columns using the drop-down menus. (Priority levels are critical, high, medium, low, and maintain; Levels of Effort are high, medium, and low; Target Due Dates are broken into timelines: 1-3 months, 4-6 months, 7-9 months, and 10-12 months.)
    2. Review the information on Jump – Phase 1 Tools and Templates Compendium, Tab 1.8 Maturity Assessment Output; use the Distribution Tables to help you rank your top priorities. Enter a unique number into the Priority (Rank) column. Limit your ranking to the top 7 to 9 activities to provide focus.

    Input

    • Knowledge of current VMI practices and desired future states

    Output

    • VMI maturity baseline
    • Desired VMI target maturity state (in one year)
    • Prioritized areas to improve and due dates
    • Graphs and tables to identify maturity deltas and track progress

    Materials

    • Jump – Phase 1 Tools and Templates Compendium, Tab 1.8 Maturity Assessment Input
    • Jump – Phase 1 Tools and Templates Compendium, Tab 1.8 Maturity Assessment Output

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Step 1.9: Structure

    Determine the VMI’s organizational and reporting structure.

    There are two parts to the VMI structure:

    1. Organization Structure. Who owns the VMI – where does it fit on the organization chart?
    2. Reporting Structure. What is the reporting structure within the VMI – what are the job functions, titles, and solid and dotted lines of accountability?

    VMI Organization Structure

    The decision regarding who owns the VMI can follow one of two paths:

    1. The decision has already been made by the board of directors, executives, senior leadership, or stakeholders; OR
    2. The decision has not been made, and options will be reviewed and evaluated before it is implemented.

    Many organizations overlook the importance of this decision. The VMI’s position on the organization chart can aid or hinder its success. Whether the decision has already been made or not, this is the perfect time to evaluate the decision or options based on the following question: Why is the VMI being created and how will it operate? Review the documents you created during Steps 1.1-1.8 and other factors to answer this question.

    Step 1.9: Structure (cont.)

    Determine the VMI’s organizational and reporting structure.

    Based on your work product from Steps 1.1-1.8 and other factors, select where the VMI will be best located from the following areas/offices or their equivalent:

    • Chief Compliance Officer (CCO)
    • Chief Information Officer (CIO)
    • Chief Financial Officer (CFO)
    • Chief Procurement Officer (CPO)
    • Chief Operating Officer (COO)
    • Other area

    Without the proper support and placement in the organization chart, the VMI can fail. It is important for the VMI to find a suitable home with a direct connection to one of the sponsors identified above and for the VMI lead to have significant stature (aka title) within the organization. For example, if the VMI lead is a “manager” level who is four reporting layers away from the chief officer/sponsor, the VMI will have an image issue within and outside of the sponsor’s organization (as well as within the vendor community). While this is not to say that the VMI lead should be a vice president* or senior director, our experience and research indicate that the VMI and the VMI lead will be taken more seriously when the VMI lead is at least a director level reporting directly to a CXO.

    *For purposes of the example above, the reporting structure hierarchy used is manager, senior manager, director, senior director, vice president, CXO.

    Step 1.9: Structure (cont.)

    Determine the VMI’s organizational and reporting structure.

    VMI Reporting Structure

    As previously mentioned, the VMI reporting structure describes and identifies the job functions, titles, and lines of accountability. Whether you have a formal vendor management office or you are leveraging the principles of vendor management informally, your VMI reporting structure design will involve some solid lines and some dotted lines. In this instance, the dotted lines represent part-time participation or people/areas that will assist the VMI in some capacity. For example, if the VMI sits within IT, a dotted line to Procurement will show that a good working relationship is required for both parties to succeed; or a dotted line to Christina in Legal will indicate that Christina will be helping the VMI with legal issues.

    There is no one-size-fits-all reporting structure for VMIs, and your approach must leverage the materials from Steps 1.1-1.8, your culture, and your needs. By way of example, your VMI may include some or all of the following functions:

    • Contract Management
    • Relationship Management
    • Financial Management
    • Asset Management
    • Performance Management
    • Sourcing/Procurement
    • Risk Management

    Step 1.9: Structure (cont.)

    Determine the VMI’s organizational and reporting structure.

    Once you’ve identified the functional groups, you can assign titles, responsibilities, and reporting relationships. A good diagram goes a long way to helping others understand your organization. Traditional organization charts work well with VMIs, but a target diagram allows for rapid absorption of the dotted-line relationships. Review the two examples below and determine an approach that works best for you.

    An organizational Chart is depicted.  At the top of the chart is: Office of the CIO.  Below that is: VMI: Legal; Accounting & Finance; Corporate Procurement; below that are the following: Vendor Risk Management; Vendor Reporting and Analysis; Asset Management; Performance Management; Contract Management; IT Procurement Three concentric circles are depicted.  In the inner circle is the term: VMI.  In the middle circle are the terms: Reporting & Analysis; Asset Mgmt; Contract Mgmt; Performance Mgmt; It Proc; Vendor Risk.  In the outer circle are the following terms: Compliance; Finance; HR; Accounting; Procurement; Business Units; Legal; IT

    1.9.1: Structure

    15-60 minutes

    1. Meet with the participants and review decisions that have been made or options that are available regarding the VMI’s placement in the organization chart.
      1. Common options include the Chief Information Officer (CIO), Chief Financial Officer (CFO), or Chief Procurement Officer (CPO).
      2. Less common but viable options include the Chief Compliance Officer (CCO), Chief Operating Officer (COO), or another area.
    2. Brainstorm and determine the job functions and titles
    3. Define the reporting structure within the VMI.
    4. Identify the “dotted line” relationships between the VMI and other internal areas.
    5. Using flowchart, org. chart, or other similar software, reduce your results to a graphic representation that indicates where the VMI resides, its reporting structure, and its dotted-line relationships.
    6. Obtain sign-off on the structure from stakeholders and executives as required. A copy of the final output can be kept in the Jump – Phase 1 Tools and Templates Compendium, Tab 1.9 Structure, if desired.

    Input

    • Mission statement and goals
    • Scope
    • Maturity assessment results (current and target state)
    • Existing org. charts
    • Brainstorming

    Output

    • Completed org. chart with job titles and reporting structure

    Materials

    • Whiteboard/flip chart
    • Sticky notes
    • Flowchart/org. chart software or something similar
    • (Optional) Jump – Phase 1 Tools and Templates Compendium, Tab 1.9 Structure

    Participants

    • VMI team
    • VMI sponsor
    • Stakeholders and executives

    Phase 2: Build

    Create and Configure Tools, Templates, and Processes

    Phase 1Phase 2Phase 3Phase 4
    1.1 Mission Statement and Goals


    1.2 Scope

    1.3 Strengths and Obstacles

    1.4 Roles and Responsibilities

    1.5 Process Mapping

    1.6 Charter

    1.7 Vendor Inventory

    1.8 Maturity Assessment

    1.9 Structure

    2.1 Classification Model
    2.2 Risk Assessment Tool
    2.3 Scorecards and Feedback
    2.4 Business Alignment Meeting Agenda
    2.5 Relationship Alignment Document
    2.6 Vendor Orientation
    2.7 Job Descriptions
    2.8 Policies and Procedures
    2.9 3-Year Roadmap
    2.10 90-Day Plan
    2.11 Quick Wins
    2.12 Reports

    3.1 Classify Vendors
    3.2 Conduct Internal “Kickoff” Meeting
    3.3 Conduct Vendor Orientation
    3.4 Compile Scorecards
    3.5 Conduct Business Alignment Meetings
    3.6 Work the 90-Day Plan
    3.7 Manage the 3-Year Roadmap
    3.8 Measure and Monitor Risk
    3.9 Issue Reports
    3.10 Develop/Improve Vendor Relationships
    3.11 Contribute to Other Processes

    4.1 Assess Compliance
    4.2 Incorporate Leading Practices
    4.3 Leverage Lessons Learned
    4.4 Maintain Internal Alignment
    4.5 Update Governances

    This phase will walk you through the following activities:

    Configure and create the tools and templates that will help you run the VMI. The main outcomes from this phase are a clear understanding of which vendors are important to you, the tools to manage the vendor relationships, and an implementation plan.

    This phase involves the following participants:

    • VMI team
    • Applicable stakeholders and executives
    • Human Resources
    • Legal
    • Others as needed

    Jump Start Your Vendor Management Initiative

    Phase 2: Build

    Create and configure tools, templates, and processes.

    Phase 2: Build focuses on creating and configuring the tools and templates that will help you run your VMI. Vendor management is not a plug-and-play environment, and unless noted otherwise, the tools and templates included with this blueprint require your input and thought. The tools and templates must work in concert with your culture, values, and goals. That will require teamwork, insights, contemplation, and deliberation.

    During this Phase, you’ll leverage the various templates and tools included with this blueprint and adapt them for your specific needs and use. In some instances, you’ll be starting with mostly a blank slate; while in others, only a small modification may be required to make it fit your circumstances. However, it is possible that a document or spreadsheet may need heavy customization to fit your situation. As you create your VMI, use the included materials for inspiration and guidance purposes rather than as absolute dictates.

    Step 2.1: Classification model

    Configure the COST Vendor Classification Tool.

    One of the functions of a VMI is to allocate the appropriate level of vendor management resources to each vendor since not all vendors are of equal importance to your organization. While some people may be able intuitively to sort their vendors into vendor management categories, a more objective, consistent, and reliable model works best. Info-Tech’s COST model helps you assign your vendors to the appropriate vendor management category so that you can focus your vendor management resources where they will do the most good.

    COST is an acronym for Commodity, Operational, Strategic, and Tactical. Your vendors will occupy one of these vendor management categories, and each category helps you determine the nature of the resources allocated to that vendor, the characteristics of the relationship desired by the VMI, and the governance level used.

    The easiest way to think of the COST model is as a 2x2 matrix or graph. The model should be configured for your environment so that the criteria used for determining a vendor’s classification align with what is important to you and your organization. However, at this point in your VMI’s maturation, a simple approach works best. The Classification Model included with this blueprint requires minimal configuration to get you started and that is discussed on the activity slide associated with this Step 2.1.


    Speed
    Operational Strategic
    Commodity Tactical
    →→→
    Criticality and Risk to the Organization

    Step 2.1: Classification model (cont.)

    Configure the COST Vendor Classification Tool.

    Common Characteristics by Vendor Management Category

    Operational Strategic
    • Low to moderate risk and criticality; moderate to high spend and switching costs
    • Product or service used by more than one area
    • Price is a key negotiation point
    • Product or service is valued by the organization
    • Quality or the perception of quality is a differentiator (i.e. brand awareness)
    • Moderate to high risk and criticality; moderate to high spend and switching costs
    • Few competitors and differentiated products and services
    • Product or service significantly advances the organization’s vision, mission, and success
    • Well-established in their core industry
    Commodity Tactical
    • Low risk and criticality; low spend and switching costs
    • Product or service is readily available from many sources
    • Market has many competitors and options
    • Relationship is transactional
    • Price is the main differentiator
    • Moderate to high risk and criticality; low to moderate spend and switching costs
    • Vendor offerings align with or support one or more strategic objectives
    • Often IT vendors “outside” of IT (i.e. controlled and paid for by other areas)
    • Often niche or new vendors

    Source: Compiled in part from Stephen Guth, “Vendor Relationship Management Getting What You Paid for (And More)”

    2.1.1: Classification Model

    15-30 minutes

    1. Meet with the participants to configure the spend ranges in Jump – Phase 2 Vendor Classification Tool, Tab 1. Configuration, for your environment.
    2. Sort the data from Jump – Phase 1 Tools and Templates Compendium, Tab 1.7 Vendor Inventory, by spend; if you used multiple line items for a vendor in the Vendor Inventory tab, you will have to aggregate the spend data for this activity.
    3. Update cells F14-J14 in the Classification Model based on your actual data.
      1. Cell F14 – set the boundary at a point between the spend for your 10th and 11th ranked vendors. For example, if the 10th vendor by spend is $1,009,850 and the 11th vendor by spend is $980,763, the range for F14 would be $1,000,00+.
      2. Cell G14 – set the bottom of the range at a point between the spend for your 30th and 31st ranked vendors; the top of the range will be $1 less than the bottom of the range specified in F14.
      3. Cell H14 – set the bottom of the range slightly below the spend for your 50th ranked vendor; the top of the range will be $1 less than the bottom of the range specified in G14.
      4. Cells I14 and J14 – divide the remaining range in half and split it between the two cells; for J14 the range will be $0 to $1 less than the bottom range in I14.
    4. Ignore the other variables at this time.

    Download the Info-Tech Jump – Phase 2 Vendor Risk Assessment Tool

    Input

    • Jump – Phase 1 Tools and Templates Compendium, Tab 1.7 Vendor Inventory

    Output

    • Configured Vendor Classification Tool

    Materials

    • Jump – Phase 2 Vendor Classification Tool, Tab 1. Configuration

    Participants

    • VMI team

    Step 2.2: Risk assessment tool

    Identify risks to measure, monitor, and report on.

    One of the typical drivers of a VMI is risk management. Organizations want to get a better handle on the various risks their vendors pose. Vendor risks originate from many areas: financial, performance, security, legal, and many others. However, security risk is the high-profile risk and the one organizations often focus on almost exclusively, which leaves the organization vulnerable in other areas.

    Risk management is a program, not a project – there is no completion date. A proactive approach works best and requires continual monitoring, identification, and assessment. Reacting to risks after they occur can be costly and can have other detrimental effects on the organization. Any risk that adversely affects IT will adversely affect the entire organization.

    While the VMI won’t necessarily be quantifying or calculating the risk directly, it generally is the aggregator of risk information across the risk categories, which it then includes in its reporting function. (See Steps 2.12 and 3.8.)

    At a minimum, your risk management strategy should involve:

    • Identifying the risks you want to measure and monitor.
    • Identifying your risk appetite (the amount of risk you are willing to live with).
    • Measuring, monitoring, and reporting on the applicable risks.
    • Developing and deploying a risk management plan to minimize potential risk impact.

    Vendor risk is a fact of life, but you do have options for how you handle it. Be proactive and thoughtful in your approach, and focus your resources on what is important.

    2.2.1: Risk assessment tool

    30-90 minutes

    1. Meet with the participants to configure the risk indicators in Jump – Phase 2 Vendor Risk Assessment Tool, Tab 1. Set Parameters, for your environment.
    2. Review the risk categories and determine which ones you will be measuring and monitoring.
    3. Review the risk indicators under each risk category and determine whether the indicator is acceptable as written, is acceptable with modifications, should be replaced, or should be deleted.
    4. Make the necessary changes to the risk indicators; these changes will cascade to each of the vendor tabs. Limit the number of risk indicators to no more than seven per risk category.
    5. Gain input and approval as needed from sponsors, stakeholders, and executives as required.

    Download the Info-Tech Jump – Phase 2 Vendor Risk Assessment Tool

    Input

    • Scope
    • OIC Chart
    • Process Maps
    • Brainstorming

    Output

    • Configured Vendor Classification Tool

    Materials

    • Jump – Phase 2 Vendor Classification Tool, Tab 1. Configuration

    Participants

    • VMI team

    Step 2.3: Scorecards and feedback

    Design a two-way feedback loop with your vendors.

    A vendor management scorecard is a great tool for measuring, monitoring, and improving relationship alignment. In addition, it is perfect for improving communication between you and the vendor.

    Conceptually, a scorecard is similar to a report card you received when you were in school. At the end of a learning cycle, you received feedback on how well you did in each of your classes. For vendor management, the scorecard is also used to provide periodic feedback, but there are some different nuances and some additional benefits and objectives when compared to a report card.

    Although scorecards can be used in a variety of ways, the main focus here will be on vendor management scorecards – contract management, project management, and other types of scorecards will not be included in the materials covered in this Step 2.3 or in Step 3.4.

    Category 1 Score
    Vendor Objective A 4
    Objective B 3
    Objective C 5
    Objective D 4 !

    Step 2.3: Scorecards and feedback (cont.)

    Design a two-way feedback loop with your vendors.

    Anatomy

    The Info-Tech Scorecard includes five areas:

    • Measurement Categories. Measurement categories help organize the scorecard. Limit the number of measurement categories to three to five; this allows the parties to stay focused on what’s important. Too many measurement categories make it difficult for the vendor to understand the expectations.
    • Criteria. The criteria describe what is being measured. Create criteria with sufficient detail to allow the reviewers to fully understand what is being measured and to evaluate it. Criteria can be objective or subjective. Use three to five criteria per measurement category.
    • Measurement Category Weights. Not all of your measurement categories may be of equal importance to you; this area allows you to give greater weight to a measurement category when compiling the overall score.
    • Rating. Reviewers will be asked to assign a score to each criteria using a 1 to 5 scale.
    • Comments. A good scorecard will include a place for reviewers to provide additional information regarding the rating or other items that are relevant to the scorecard.

    An overall score is calculated based on the rating for each criteria and the measurement category weights.

    Step 2.3: Scorecards and feedback (cont.)

    Design a two-way feedback loop with your vendors.

    Goals and Objectives

    Scorecards can be used for a variety of reasons. Some of the common ones are listed below:

    • Improve vendor performance.
    • Convey expectations to the vendor.
    • Identify and recognize top vendors.
    • Increase alignment between the parties.
    • Improve communication with the vendor.
    • Compare vendors across the same criteria.
    • Measure items not included in contract metrics.
    • Identify vendors for “strategic alliance” consideration.
    • Help the organization achieve specific goals and objectives.
    • Identify and resolve issues before they impact performance or the relationship.

    Identifying your scorecard drivers first will help you craft a suitable scorecard.

    Step 2.3: Scorecards and feedback (cont.)

    Design a two-way feedback loop with your vendors.

    Info-Tech recommends starting with simple scorecards to allow you and the vendors to acclimate to the new process and information. As you build your scorecards, keep in mind that internal personnel will be scoring the vendors and the vendors will be reviewing the scorecard. Make your scorecard easy for your personnel to fill out and composed of meaningful content to drive the vendor in the right direction. You can always make the scorecard more complex in the future.

    Our recommendation of five categories is provided below. Choose three to five categories to help you accomplish your scorecard goals and objectives:

    1. Timeliness – responses, resolutions, fixes, submissions, completions, milestones, deliverables, invoices, etc.
    2. Cost – total cost of ownership, value, price stability, price increases/decreases, pricing models, etc.
    3. Quality – accuracy, completeness, mean time to failure, bugs, number of failures, etc.
    4. Personnel – skilled, experienced, knowledgeable, certified, friendly, trustworthy, flexible, accommodating, etc.
    5. Risk – adequate contractual protections, security breaches, lawsuits, finances, audit findings, etc.

    Some criteria may be applicable in more than one category. The categories above should cover at least 80% of the items that are important to your organization. The general criteria listed for each category is not an exhaustive list, but most things break down into time, money, quality, people, and risk issues.

    Step 2.3: Scorecards and feedback (cont.)

    Design a two-way feedback loop with your vendors.

    Additional Considerations

    • Even a good rating system can be confusing. Make sure you provide some examples or a way for reviewers to discern the differences between 1, 2, 3, 4, and 5. Don’t assume your “Rating Key” will be intuitive.
    • When assigning weights, don’t go lower than 10% for any measurement category. If the weight is too low, it won’t be relevant enough to have an impact on the total score. If it doesn’t “move the needle,” don’t include it.
    • Final sign-off on the scorecard template should occur outside of the VMI. The heavy lifting can be done by the VMI to create it, but the scorecard is for the benefit of the organization overall and those impacted by the vendors specifically. You may end up playing arbiter or referee, but the scorecard is not the exclusive property of the VMI. Try to reach consensus on your final template whenever possible.
    • You should notice improved ratings and total scores over time for your vendors. One explanation for this is the Pygmalion Effect: “The Pygmalion [E]ffect describes situations where someone’s high expectations improves our behavior and therefore our performance in a given area. It suggests that we do better when more is expected of us.”* Convey your expectations and let the vendors’ competitive juices take over.
    • While you’re creating your scorecard and materials to explain the process to internal personnel, identify those pieces that will help you explain it to your vendors as part of your vendor orientation (see steps 2.6 and 3.4). Leveraging pre-existing materials is a great shortcut.

    *Source: The Decision Lab, 2020

    Step 2.3: Scorecards and feedback (cont.)

    Design a two-way feedback loop with your vendors.

    Vendor Feedback

    After you’ve built your scorecard, turn your attention to the second half of the equation – feedback from the vendor. A communication loop cannot be successful without the dialogue flowing both ways. While this can happen with just a scorecard, a mechanism specifically geared toward the vendor providing you with feedback improves communication, alignment, and satisfaction.

    You may be tempted to create a formal scorecard for the vendor to use. Our recommendation is to avoid that temptation until later in your maturity or development of the VMI. You’ll be implementing a lot of new processes, deploying new tools and templates, and getting people to work together in new ways. Work on those things first.

    For now, implement an informal process for obtaining information from the vendor. Start by identifying information that you will find useful, information that will allow you to improve overall, to reduce waste or time, to improve processes, to identify gaps in skills. Incorporate these items into your business alignment meetings (see Steps 2.4 and 3.5). Create three to five good questions to ask the vendor and include these in the business alignment meeting agenda. The goal is to get meaningful feedback, and that starts with asking good questions.

    Keep it simple at first. When the time is right, you can build a more formal feedback form or scorecard. Don’t be in a rush though. So long as the informal method works, keep using it.

    2.3.1: Scorecards and feedback

    30-60 minutes

    1. Meet with the participants and brainstorm ideas for your scorecard measurement categories:
      1. What makes a vendor valuable to your organization?
      2. What differentiates a “good” vendor from a “bad” vendor?
      3. What items would you like to measure and provide feedback to the vendor to improve performance, the relationship, risk, and other areas?
    2. Select three, but no more than five, of the following measure categories: timeliness, cost, quality, personnel, and risk.
    3. Within each measurement category, list two or three criteria that you want to measure and track for your vendors; choose items that are as universal as possible rather than being applicable to one vendor or one vendor type.
    4. Assign a weight to each measurement category, ensuring that the total weight is 100% for all measurement categories.
    5. Document your results as you go in Jump – Phase 2 Tools and Templates Compendium, Tab 2.3 Scorecard.

    Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

    Input

    • Brainstorming

    Output

    • Configured scorecard template

    Materials

    • Jump – Phase 2 Tools and Templates Compendium, Tab 2.3 Scorecard

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    2.3.2: Scorecards and feedback

    15-30 minutes

    1. Meet with the participants and brainstorm ideas for feedback to seek from your vendors during your business alignment meetings. During the brainstorming, identify questions to ask the vendor about your organization that will:
      1. Help you improve the relationship.
      2. Help you improve your processes or performance.
      3. Help you improve ongoing communication.
      4. Help you evaluate your personnel.
    2. Identify the top five questions you want to include in your business alignment meeting agenda. (Note: you may need to refine the actual questions from the brainstorming activity before they are ready to include in your business alignment meeting agenda.)
    3. Document both your brainstorming activity and your final results in Jump – Phase 2 Tools and Templates Compendium, Tab 2.3 Feedback. The brainstorming questions can be used in the future as your VMI matures and your feedback transforms from informal to formal. The final results will be used in Steps 2.4 and 3.5.

    Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

    Input

    • Brainstorming

    Output

    • Feedback questions to include with the business alignment meeting agenda

    Materials

    • Jump – Phase 2 Tools and Templates Compendium, Tab 2.3 Feedback

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Step 2.4: Business alignment meeting agenda

    Craft an agenda that meets the needs of the VMI.

    A business alignment meeting (BAM) is a great, multi-faceted tool to ensure the customer and the vendor stay focused on what is important to the customer at a high level. BAMs are not traditional “operational” meetings where the parties get into the details of the contracts, deal with installation problems, address project management issues, or discuss specific cost overruns. The main focus of the BAM is the scorecard (see Step 2.3), but other topics are discussed and other purposes are served. For example, you can use the BAM to develop the relationship with the vendor’s leadership team so that if escalation is ever needed, your organization is more than just a name on a spreadsheet or customer list; you can learn about innovations the vendor is working on (without the meeting turning into a sales call); you can address high-level performance trends and request corrective action as needed; you can clarify your expectations; you can educate the vendor about your industry, culture, and organization; and you can learn more about the vendor.

    As you build your BAM agenda, someone in your organization may say, “Oh, that’s just a quarterly business review (QBR) or top-to-top meeting.” However, in most instances, an existing QBR or top-to-top meeting is not the same as a BAM. Using the term QBR or top-to-top meeting instead of BAM can lead to confusion internally. The VMI may say to the business unit, Procurement, or another department, “We’re going to start running some QBRs for our strategic vendors.” The typical response is, “There’s no need to do that. We already run QBRs/top-to-top meetings with our important vendors.” This may be accompanied by an invitation to join their meeting, where you may be an afterthought, have no influence, and get five minutes at the end to talk about your agenda items. Keep your BAM separate so that it meets your needs.

    Step 2.4: Business alignment meeting agenda (cont.)

    Craft an agenda that meets the needs of the VMI.

    As previously noted, using the term BAM more accurately depicts the nature of the VMI meeting and prevents confusion internally with other meetings already occurring. In addition, hosting the BAM yourself rather than piggybacking onto another meeting ensures that the VMI’s needs are met. The VMI will set and control the BAM agenda and determine the invite list for internal personnel and vendor personnel. As you may have figured out by now, having the right customer and vendor personnel attend will be essential.

    BAMs are conducted at the vendor level … not the contract level. As a result, the frequency of the BAMs will depend on the vendor’s classification category (see Steps 2.1 and 3.1). General frequency guidelines are provided below, but they can be modified to meet your goals:

    • Commodity Vendors – Not applicable
    • Operational Vendors – Biannually or annually
    • Strategic Vendors – Quarterly
    • Tactical Vendors – Quarterly or biannually

    BAMs can help you achieve some additional benefits not previously mentioned:

    • Foster a collaborative relationship with the vendor.
    • Avoid erroneous assumptions by the parties.
    • Capture and provide a record of the relationship (and other items) over time.

    Step 2.4: Business alignment meeting agenda (cont.)

    Craft an agenda that meets the needs of the VMI.

    As with any meeting, building the proper agenda will be one of the keys to an effective and efficient meeting. A high-level BAM agenda with sample topics is set out below:

    BAM Agenda

    • Opening Remarks
      • Welcome and introductions
      • Review of previous minutes
    • Active Discussion
      • Review of open issues
      • Scorecard and feedback
      • Current status of projects to ensure situational awareness by the vendor
      • Roadmap/strategy/future projects
      • Accomplishments
    • Closing Remarks
      • Reinforce positives (good behavior, results, and performance, value added, and expectations exceeded)
      • Recap
    • Adjourn

    2.4.1: Business alignment meeting agenda

    20-45 minutes

    1. Meet with the participants and review the sample agenda in Jump – Phase 2 Tools and Templates Compendium, Tab 2.4 BAM Agenda.
    2. Using the sample agenda as inspiration and brainstorming activities as needed, create a BAM agenda tailored to your needs.
      1. Select the items from the sample agenda applicable to your situation.
      2. Add any items required based on your brainstorming.
      3. Add the feedback questions identified during Activity 2.3.2 and documented in Jump – Phase 2 Tools and Templates Compendium, Tab 2.3 Feedback.
    3. Gain input and approval from sponsors, stakeholders, and executives as required or appropriate.
    4. Document the final BAM agenda in Jump – Phase 2 Tools and Templates Compendium, Tab 2.4 BAM Agenda.

    Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

    Input

    • Brainstorming
    • Jump – Phase 2 Tools and Templates Compendium, Tab 2.3 Feedback

    Output

    • Configured BAM agenda

    Materials

    • Jump – Phase 2 Tools and Templates Compendium, Tab 2.4 BAM Agenda

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Step 2.5: Relationship alignment document

    Draft a document to convey important VMI information to your vendors.

    Throughout this blueprint, alignment is mentioned directly (e.g. business alignment meetings [Steps 2.4 and 3.5]) or indirectly implied. Ensuring you and your vendors are on the same page, have clear and transparent communication, and understand each other’s expectations is critical to fostering strong relationships. One component of gaining and maintaining alignment with your vendors is the relationship alignment document (RAD). Depending upon the scope of your VMI and what your organization already has in place, your RAD will fill in the gaps on various topics.

    Early in the VMI’s maturation, the easiest approach is to develop a short document (i.e. 1 page) or a pamphlet (i.e. the classic trifold) describing the rules of engagement when doing business with your organization. The RAD can convey expectations, policies, guidelines, and other items. The scope of the document will depend on 1) what you believe is important for the vendors to understand, and 2) any other similar information already provided to the vendors.

    The first step to drafting a RAD is to identify what information vendors need to know to stay on your good side. For example, you may want vendors to know about your gift policy (e.g. employees may not accept gifts from vendors above a nominal value such as a pen or mousepad). Next, compare your list of what vendors need to know and determine if the content is covered in other vendor-facing documents such as a vendor code of conduct or your website’s vendor portal. Lastly, create your RAD to bridge the gap between what you want and what is already in place. In some instances, you may want to include items from other documents to reemphasize them with the vendor community.

    Info-Tech Insight

    The RAD can be used with all vendors regardless of classification category. It can be sent directly to the vendors or given to them during vendor orientation (see Step 3.3)

    2.5.1: Relationship alignment document

    1-4 hours

    1. Meet with the participants and review the RAD sample and checklist in Jump – Phase 2 Tools and Templates Compendium, Tab 2.5 Relationship Alignment Doc.
    2. Determine:
      1. Whether you will create one RAD for all vendors or one RAD for strategic vendors and another RAD for tactical and operational vendors; whether you will create a RAD for commodity vendors.
      2. The concepts you want to include in your RAD(s).
      3. The format for your RAD(s) – traditional, pamphlet, or other.
      4. Whether signoff or acknowledgement will be required by the vendors.
    3. Draft your RAD(s) and work with other internal areas such as Marketing to create a consistent brand for the RADS and Legal to ensure consistent use and preservation of trademarks or other intellectual property rights and other legal issues.
    4. Review other vendor-facing documents (e.g. supplier code of conduct, onsite safety and security protocols) for consistencies between them and the RAD(s).
    5. Obtain signoff on the RAD(s) from stakeholders, sponsors, executives, Legal, Marketing, and others as needed.

    Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

    Input

    • Brainstorming
    • Vendor-facing documents, policies, and procedures

    Output

    • Completed relationship alignment document(s)

    Materials

    • Jump – Phase 2 Tools and Templates Compendium, Tab 2.5 Relationship Alignment Doc

    Participants

    • VMI team
    • Marketing, as needed
    • Legal, as needed

    Step 2.6: Vendor orientation

    Create a VMI awareness process to build bridges with your vendors.

    Vendor Orientation: 01 - Orientation; 02 - Reorientation; 03 - Debrief

    Your organization is unique. It may have many similarities with other organizations, but your culture, risk tolerance, mission, vision, and goals, finances, employees, and “customers” (those that depend on you) make it different. The same is true of your VMI. It may have similar principles, objectives, and processes to other organizations’ VMIs, but yours is still unique. As a result, your vendors may not fully understand your organization and what vendor management means to you.

    Vendor orientation is another means to helping you gain and maintain alignment with your important vendors, educate them on what is important to you, and provide closure when/if the relationship with the vendor ends. Vendor orientation is comprised of three components, each with a different function:

    • Orientation
    • Reorientation
    • Debrief

    Vendor orientation focuses on the vendor management pieces of the puzzle (e.g. the scorecard process) rather than the operational pieces (e.g. setting up a new vendor in the system to ensure invoices are processed smoothly).

    Step 2.6: Vendor orientation (cont.)

    Create a VMI awareness process to build bridges with your vendors.

    Vendor Orientation: 01 - Orientation

    Orientation

    Orientation is conceptually similar to new hire orientation for employees at your organization. Generally conducted as a meeting, orientation provides your vendors with the information they need to be successful when working with your organization. Sadly, this is often overlooked by customers; it can take months or years for vendors to figure it out by themselves. By controlling the narrative and condensing the timeline, vendor relationships and performance improve more rapidly.

    A partial list of topics for orientation is set out below:

    • Your organization’s structure
    • Your organization’s culture
    • Your relationship expectations
    • Your governances (VMI and other)
    • Their vendor classification designation (commodity, operational, strategic, or tactical)
    • The scorecard process
    • Business alignment meetings
    • Relationship alignment documents

    In short, this is the first step toward building (or continuing to build) a robust, collaborative, mutually beneficial relationship with your important vendors.

    Step 2.6: Vendor orientation (cont.)

    Create a VMI awareness process to build bridges with your vendors.

    Vendor Orientation: 02 - Reorientation

    Reorientation

    Reorientation is either identical or similar to orientation, depending upon the circumstances. Reorientation occurs for a number of reasons, and each reason will impact the nature and detail of the reorientation content. Reorientation occurs whenever:

    • There is a significant change in the vendor’s products or services.
    • The vendor has been through a merger, acquisition, or divestiture.
    • A significant contract renewal/renegotiation has recently occurred.
    • Sufficient time has passed from orientation; commonly 2 to 3 years.
    • The vendor has been placed in a “performance improvement plan” or “relationship improvement plan” protocol.
    • Significant turnover has occurred within your organization (executives, key stakeholders, and/or VMI personnel).
    • Substantial turnover has occurred at the vendor at the executive or account management level.
    • The vendor has changed vendor classification categories after the most current classification.

    As the name implies, the goal is to refamiliarize the vendor with your current VMI situation, governances, protocols, and expectations. The drivers for reorientation will help you determine its scope, scale, and frequency.

    Step 2.6: Vendor orientation (cont.)

    Create a VMI awareness process to build bridges with your vendors.

    Vendor Orientation: 03 - Debrief

    Debrief

    To continue the analogy from orientation, debrief is similar to an exit interview for an employee when their employment is terminated. In this case, debrief occurs when the vendor is no longer an active vendor with your organization – all contracts have terminated or expired, and no new business with the vendor is anticipated within the next three months.

    Similar to orientation and reorientation, debrief activities will be based on the vendor’s classification category within the COST model. Strategic vendors don’t go away very often; usually, they transition to operational or tactical vendors first. However, if a strategic vendor is no longer providing products or services to you, dig a little deeper into their experiences and allocate extra time for the debrief meeting.

    The debrief should provide you with feedback on the vendor’s experience with your organization and their participation in your VMI. In addition, it can provide closure for both parties since the relationship is ending. Be careful that the debrief does not turn into a finger-pointing meeting or therapy session for the vendor. It should be professional and productive; if it is going off the rails, terminate the meeting before more damage can occur.

    End the debrief on a high note if possible. Thank the vendor, highlight its key contributions, and single out any personnel who went above and beyond. You never know when you will be doing business with this vendor again – don’t burn bridges!

    Step 2.6: Vendor orientation (cont.)

    Create a VMI awareness process to build bridges with your vendors.

    • As you create your vendor orientation materials, focus on the message you want to convey.
    • For orientation and reorientation:
      • What is important to you that vendors need to know?
      • What will help the vendors understand more about your organization … your VMI?
      • What and how are you different from other organizations overall … in your “industry”?
      • What will help them understand your expectations?
      • What will help them be more successful?
      • What will help you build the relationship?
    • For debrief:
      • What information or feedback do you want to obtain?
      • What information or feedback to you want to give?
    • The level of detail you provide strategic vendors during orientation and reorientation may be different from the information you provide tactical and operational vendors. Commodity vendors are not typically involved in the vendor orientation process. The orientation meetings can be conducted on a one-to-one basis for strategic vendors and a one-to-many basis for operational and tactical vendors; reorientation and debrief are best conducted on a one-to-one basis. Lastly, face-to-face or video meetings work best for vendor orientation; voice-only meetings, recorded videos, or distributing only written materials seldom hit their mark or achieve the desired results.

    2.6.1: Vendor orientation

    1 to several hours

    1. Meet with the participants and review the Phase Tools and Templates Compendium, Tab 2.6 Vendor Orientation.
      1. Use the orientation checklist to identify the materials you want to create for your orientation meetings.
      2. Use the reorientation checklist to identify the materials you want to create for your reorientation meetings.
    2. The selections can be made by classification category (i.e. different items can apply to strategic, operational, and tactical vendors).
    3. Create the materials and seek input and/or approval from sponsors, stakeholders, and executives as needed.
    4. Use the debrief section of the tool to create an agenda, list the questions you want to ask vendors, and list information you want to provide to vendors. The agenda, questions, and information can be segregated by classification category.

    Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

    Input

    • Brainstorming

    Output

    • Agendas and materials for orientation, reorientation, and debrief

    Materials

    • Phase Tools and Templates Compendium, Tab 2.6 Vendor Orientation

    Participants

    • VMI team

    Step 2.7: Job descriptions

    Ensure new and existing job descriptions are up to date.

    Based on your work product from Steps 1.1-1.9, it’s time to start drafting new or modifying existing job descriptions applicable to the VMI team members. Some of the VMI personnel may be dedicated full-time to the VMI, while others may be supporting the VMI on a part-time basis. At a minimum, create or modify your job descriptions based on the categories set out below. Remember to get the internal experts involved so that you stay true to your environment and culture.

    01 Title

    This should align overall with what the person will be doing and what the person will be responsible for. Your hands may be tied with respect to titles, but try to make them intuitively descriptive if possible.

    02 Duties

    This is the main portion of the job description. List the duties, responsibilities, tasks, activities, and results expected. Again, there may be some limitations imposed by your organization, but be as thorough as possible.

    03 Qualifications

    This tends to be a gray area for many organizations, with the qualifications, certifications, and experience desired expressed in “ranges” so that good candidates are not eliminated from consideration unnecessarily.

    2.7.1: Job descriptions

    1 to several hours

    1. Meet with the participants and review the VMI structure from Step 1.9.
      1. List the positions that require new job descriptions.
      2. List the positions that require updated job descriptions.
    2. Review the other Phase 1 work product and list the responsibilities, tasks, and functions that need to be incorporated into the new and updated job descriptions.
    3. Review the sample VMI job descriptions and sample VMI job description language in Jump – Phase 2 Tools and Templates Compendium, Tab 2.7 Job Descriptions, and identify language and concepts you want to include in the new and revised job descriptions.
    4. Using your template, draft the new job descriptions and modify the existing job descriptions to synchronize with the VMI structure. Work with other internal areas such as Human Resources to ensure cultural fit and compliance.
    5. Obtain input and signoff on the job descriptions from stakeholders, sponsors, executives, Human Resources, and others as needed.
    6. Document your final job descriptions in Jump – Phase 2 Tools and Templates Compendium, Tab 2.7 Job Descriptions.

    Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

    Input

    • Brainstorming
    • Existing job descriptions
    • Work product from Phase 1

    Output

    • Job descriptions for new positions
    • Updated job descriptions for existing positions

    Materials

    • Jump – Phase 2 Tools and Templates Compendium, Tab 2.7 Job Descriptions

    Participants

    • VMI team
    • Human Resources (as needed)
    • Applicable stakeholders and executives (as needed)

    Step 2.8: Policies and procedures

    Prepare policies and procedures for VMI functions.

    Policies and procedures are often thought of as boring documents that are 1) tedious to create, 2) seldom read after creation, and 3) only used to punish people when they do something “wrong.” However, when done well, these documents:

    • Communicate expectations.
    • Capture institutional knowledge.
    • Provide guidance for decision making.
    • Help workers avoid errors and minimize risk.
    • Ensure regulatory and organizational compliance.
    • List the steps required to achieve consistent results.

    Definitions of Policies and Procedures

    Policies and procedures are essential, but they are often confused with each other. A policy is a rule, guideline, or framework for making decisions. For example, in the vendor management space, you may want a policy indicating your organization’s view on gifts from vendors. A procedure is a set of instructions for completing a task or activity. For example, staying in the vendor management space, you may want a procedure to outline the process for classifying vendors.

    Step 2.8: Policies and procedures (cont.)

    Prepare policies and procedures for VMI functions.

    Start With Your Policy/Procedure Template or Create One for Consistency

    When creating policies and procedures, follow your template. If you don’t have one (or want to see if anything is missing from your template) the following list of potential components for your governance documents is provided.* Not every concept is required. Use your judgment and err on the side of caution when drafting; balance readability and helpfulness against over documenting and over complicating.

    • Descriptive Title
    • Policy Number
    • Brief Overview
    • Purpose
    • Scope
    • The Policy or Procedure
    • Definitions
    • Revision Date
    • History
    • Related Documents
    • Keywords

    Step 2.8: Policies and procedures (cont.)

    Prepare policies and procedures for VMI functions.

    Although they are not ever going to be compared to page-turning novels, policies and procedures can be improved by following a few basic principles. By following the guidelines set out below, your VMI policies and procedures will contribute to the effectiveness of your initiative.*

    • Use short sentences.
    • Organize topics logically.
    • Use white space liberally.
    • Use mandatory language.
    • Use gender-neutral terms.
    • Write with an active voice.
    • Avoid jargon when possible.
    • Use a consistent “voice” and tone.
    • Use pictures or diagrams when they will help.
    • Write in the same tense throughout the document.
    • Use icons and colors to designate specific elements.
    • Make sure links to other policies and procedures work.
    • Define all acronyms and jargon (when it must be used).
    • Avoid a numbering scheme with more than three levels.

    *Adapted in part from smartsheet.com

    Info-Tech Insight

    Drafting policies and procedures is an iterative process that requires feedback from the organization’s leadership team.

    2.8.1: Policies and procedures

    Several hours

    1. Meet with the participants and review the sample policies and procedures topics in Jump – Phase 2 Tools and Templates Compendium, Tab 2.8 Policies and Procedures.
    2. Determine:
      1. The concepts you want to include in your policies and procedures; brainstorm for any additional concepts you want to include.
      2. The format/template for your policies and procedures.
    3. Draft your policies and procedures based on the sample topics and your brainstorming activity. Work with other internal areas such as Legal and Human Resources to ensure cultural and environmental fit within your organization.
    4. Obtain input and signoff on the policies and procedures from stakeholders, sponsors, executives, Legal, Human Resources, and others as needed.
    5. Document your final policies and procedures in Jump – Phase 2 Tools and Templates Compendium, Tab 2.8 Policies and Procedures.
    6. Publish your policies and procedures and conduct training sessions or awareness sessions as needed.

    Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

    Input

    • Existing policies and procedures (if any)
    • Existing policies and procedures template (if any)
    • Scope
    • OIC chart
    • Process maps
    • Brainstorming

    Output

    • VMI policies and procedures

    Materials

    • Jump – Phase 2 Tools and Templates Compendium, Tab 2.8 Policies and Procedures

    Participants

    • VMI team
    • Legal and Human Resources (as needed)
    • Applicable stakeholders and executives (as needed)

    Step 2.9: 3-year roadmap

    Plot your path at a high level.

    The VMI exists in many planes concurrently: 1) it operates both tactically and strategically, and 2) it focuses on different timelines or horizons (e.g. the past, the present, and the future). Creating a 3-year roadmap facilitates the VMI’s ability to function effectively across these multiple landscapes.

    The VMI roadmap will be influenced by many factors. The work product from Phase 1: Plan, input from executives, stakeholders, and internal clients, and the direction of the organization as a whole are great sources of information as you begin to build your roadmap.

    To start, identify what you would like to accomplish in Year 1. This is arguably the easiest year to complete: budgets are set (or you have a good idea what the budget will look like), personnel decisions have been made, resources have been allocated, and other issues impacting the VMI are known with a higher degree of certainty than any other year. This does not mean things won’t change during the first year of the VMI, but expectations are usually lower and the short event horizon makes things more predictable during the Year-1 ramp-up period.

    Years 2 and 3 are more tenuous, but the process is the same: identify what you would like to accomplish or roll out in each year. Typically, the VMI maintains the Year 1 plan into subsequent years and adds to the scope or maturity. For example, you may start Year 1 with BAMs and scorecards for three of your strategic vendors; during Year 2, you may increase that to five vendors; and during Year 3, you may increase that to nine vendors. Or, you may not conduct any market research during Year 1, waiting to add it to your roadmap in Year 2 or 3 as you mature.

    Breaking things down by year helps you identify what is important and the timing associated with your priorities. A conservative approach is recommended. It is easy to overcommit, but the results can be disastrous and painful.

    2.9.1: 3-year roadmap

    45-90 minutes

    1. Meet with the participants and decide how to coordinate Year 1 of your 3-year roadmap with your existing fiscal year or reporting year. Year 1 may be shorter or longer than a calendar year.
    2. Review the VMI activities listed in Jump – Phase 2 Tools and Templates Compendium, Tab 2.9 3-Year Roadmap. Use brainstorming and your prior work product from Phase 1 and Phase 2 to identify additional items for the roadmap and add them at the bottom of the spreadsheet.
    3. Starting with the first activity, determine when that activity will begin and put an X in the corresponding column; if the activity is not applicable, leave it blank or insert N/A.
    4. Go back to the top of the list and add information as needed.
      1. For any Year-1 or Year-2 activities, add an X in the corresponding columns if the activity will be expanded/continued in subsequent periods (e.g. if a Year 2 activity will continue in Year 3, put an X in Year 3 as well).
      2. Use the comments column to provide clarifying remarks or additional insights related to your plans or “X’s.” For example, “Scorecards begin in Year 1 with three vendors and will roll out to five vendors in Year 2 and nine vendors in Year 3.”
    5. Obtain signoff from stakeholders, sponsors, and executives as needed.

    Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

    Input

    • Phase 1 work product
    • Steps 2.1-2.8 work product
    • Brainstorming

    Output

    • High level 3-year roadmap for the VMI

    Materials

    • Jump – Phase 2 Tools and Templates Compendium, Tab 2.9 3-Year Roadmap

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Step 2.10: 90-day plan

    Pave your short-term path with a series of detailed quarterly plans.

    Now that you have prepared a 3-year roadmap, it’s time to take the most significant elements from the first year and create action plans for each three-month period. Your first 90-day plan may be longer or shorter if you want to sync to your fiscal or calendar quarters. Aligning with your fiscal year can make it easier for tracking and reporting purposes; however, the more critical item is to make sure you have a rolling series of four 90-day plans to keep you focused on the important activities and tasks throughout the year.

    The 90-day plan is a simple project plan that will help you measure, monitor, and report your progress. Use the Info-Tech tool to help you track:

    • Activities
    • Tasks comprising each activity
    • Who will be performing the tasks
    • An estimate of the time required per person per task
    • An estimate of the total time to achieve the activity
    • A due date for the activity
    • A priority of the activity

    The first 90-day plan will have the greatest level of detail and should be as thorough as possible; the remaining three 90-day plans will each have less detail for now. As you approach the middle of the first 90-day plan, start adding details to the next 90-day plan; toward the end of the first quarter add a high-level 90-day plan to the end of the chain. Continue repeating this cycle each quarter and consult the 3-year roadmap and the leadership team as necessary.

    90 Days

    2.10.1: 90-day plan

    45-90 minutes

    1. Meet with the participants and decide how to coordinate the first 90-day plan with your existing fiscal year or reporting cycles. Your first plan may be shorter or longer than 90 days.
    2. Looking at the Year 1 section of the 3-year roadmap, identify the activities that will be started during the next 90 days.
    3. Using the Jump – Phase 2 Tools and Templates Compendium, Tab 2.10 90-Day Plan, enter the following information into the spreadsheet for each activity to be accomplished during the next 90 days:
      1. Activity description
      2. Tasks required to complete the activity (be specific and descriptive)
      3. The people who will be performing each task
      4. The estimated number of hours required to complete each task
      5. The start date and due date for each task or the activity
    4. Validate the tasks are a complete list for each activity and the people performing the tasks have adequate time to complete the tasks by the due date(s).
    5. Assign a priority to each activity.

    Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

    Input

    • 3-year roadmap
    • Phase 1 work product
    • Steps 2.1-2.9 work product
    • Brainstorming

    Output

    • Detailed plan for the VMI for the next quarter or 90 days

    Materials

    • Jump – Phase 2 Tools and Templates Compendium, Tab 2.10 90-Day Plan

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Step 2.11: Quick wins

    Identify potential short-term successes to gain momentum and show value immediately.

    As the final step in the timeline trilogy, you are ready to identify some quick wins for the VMI. Using the first 90-day plan and a brainstorming activity, create a list of things you can do in 15 to 30 days that add value to your initiative and build momentum.

    As you evaluate your list of potential candidates, look for things that:

    • Are achievable within the stated timeline.
    • Don’t require a lot of effort.
    • Involve stopping a certain process, activity, or task; this is sometimes known as a “stop doing stupid stuff” approach.
    • Will reduce or eliminate inefficiencies; this is sometimes known as the war on waste.
    • Have a moderate to high impact or bolster the VMI’s reputation.

    As you look for quick wins, you may find that everything you identify does not meet the criteria. That’s ok … don’t force the issue. Return your focus to the 90-day plan and 3-year roadmap, and update those documents if the brainstorming activity associated with this Step 2.11 identified anything new.

    2.11.1: Quick wins

    15-30 minutes

    1. Meet with the participants and review the 3-year roadmap and 90-day plan. Determine if any item on either document can be completed:
      1. Quickly (30 days or less)
      2. With minimal effort
      3. To provide or show moderate to high levels of value or provide the VMI with momentum
    2. Brainstorm to identify any other items that meet the criteria in step 1 above.
    3. Compile a comprehensive list of these items and select up to five to pursue.
    4. Document the list in the Jump – Phase 2 Tools and Templates Compendium, Tab 2.11 Quick Wins.
    5. Manage the quick wins list and share the results with the VMI team and applicable stakeholders and executives.

    Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

    Input

    • 3-year roadmap
    • 90-day plan
    • Brainstorming

    Output

    • A list of activities that require low levels of effort to achieve moderate to high levels of value in a short period

    Materials

    • Jump – Phase 2 Tools and Templates Compendium, Tab 2.11 Quick Wins

    Participants

    • VMI team

    Step 2.12: Reports

    Construct your reports to resonate with your audience.

    Issuing reports is a critical piece of the VMI since the VMI is a conduit of information for the organization. It may be aggregating risk data from internal areas, conducting vendor research, compiling performance data, reviewing market intelligence, or obtaining relevant statistics, feedback, comments, facts, and figures from other sources. Holding onto this information minimizes the impact a VMI can have on the organization; however, the VMI’s internal clients, stakeholders, and executives can drown in raw data and ignore it completely if it is not transformed into meaningful, easily-digested information.

    Before building a report, think about your intended audience:

    • What information are they looking for … what will help them understand the big picture?
    • What level of detail is appropriate, keeping in mind the audience may not be like-minded?
    • What items are universal to all of the readers and what items are of interest to one or two readers?
    • How easy or hard will it be to collect the data … who will be providing it, how time consuming will it be?
    • How accurate, valid, and timely will the data be?
    • How frequently will each report need to be issued?

    Step 2.12: Reports (cont.)

    Construct your reports to resonate with your audience.

    Use the following guidelines to create reports that will resonate with your audience:

    • Value information over data, but sometimes data does have a place in your report.
    • Use pictures, graphics, and other representations more than words, but words are often necessary in small, concise doses.
    • Segregate your report by user; for example, general information up top, CIO information below that on the right, CFO information to the left of CIO information, etc.
    • Send a draft report to the internal audience and seek feedback, keeping in mind you won’t be able to cater to or please everyone.

    Step 2.12: Reports (cont.)

    Construct your reports to resonate with your audience.

    The report’s formatting and content display can make or break your reports.*

    • Make the report look inviting and easy to read. Use:
      • Short paragraphs and bullet points.
      • A simple layout and uncluttered, wide margins.
      • Minimal boldface, underline, or italics to attract the readers’ attention.
      • High contrast between text and background.
    • Charts, graphs, and infographics should be intuitive and tell the story on their own.
    • Make it easy to peruse the report for topics of interest.
      • Maintain consistent design features.
      • Use impactful, meaningful headings and subheadings.
      • Include callouts to draw attention to important high-level information.
    • Demonstrate the impact of the accomplishments or success stories when appropriate.
    • Finish with a simple concise summary when appropriate. Consider adding:
      • Key points for the reader to takeaway.
      • Action items or requests.
      • Plans for next reporting period.

    *Sources: Adapted and compiled in part from: designeclectic.com, ahrq.gov, and 60secondmarketer.com.

    2.12.1: Reports

    15-45 minutes

    1. Meet with the participants and review the applicable work product from Phases 1 and 2; identify qualitative and quantitative items the VMI measures, monitors, tracks, or aggregates.
    2. Determine which items will be reported and to whom (by category):
      1. Internally to personnel within the VMI
      2. Internally to personnel outside the VMI
      3. Externally to vendors
    3. Within each category above, determine your intended audiences/recipients. For example, you may have a different list of recipients for a risk report than you do a scorecard summary report. This will help you identify the number of reports required.
    4. Create a draft structure for each report based on the audience and the information being conveyed. Determine the frequency of each report and person responsible for creating for each report.
    5. Document your final choices in Jump – Phase 2 Tools and Templates Compendium, Tab 2.12 Reports.

    Download the Info-Tech Jump – Phase 2 Tools and Templates Compendium

    Input

    • Brainstorming
    • Phase 1 work product
    • Steps 2.1-2.11 work product

    Output

    • A list of reports used by the VMI
    • For each report:
    • The conceptual content
    • A list of who will receive or have access
    • A creation/distribution frequency

    Materials

    • Jump – Phase 2 Tools and Templates Compendium, Tab 2.12 Reports

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Phase 3: Run

    Implement Your Processes and Leverage Your Tools and Templates

    Phase 1 Phase 2 Phase 3 Phase 4
    1.1 Mission Statement and Goals
    1.2 Scope
    1.3 Strengths and Obstacles
    1.4 Roles and Responsibilities
    1.5 Process Mapping
    1.6 Charter
    1.7 Vendor Inventory
    1.8 Maturity Assessment
    1.9 Structure

    2.1 Classification Model
    2.2 Risk Assessment Tool
    2.3 Scorecards and Feedback
    2.4 Business Alignment Meeting Agenda
    2.5 Relationship Alignment Document
    2.6 Vendor Orientation
    2.7 Job Descriptions
    2.8 Policies and Procedures
    2.9 3-Year Roadmap
    2.10 90-Day Plan
    2.11 Quick Wins
    2.12 Reports

    3.1 Classify Vendors
    3.2 Conduct Internal “Kickoff” Meeting
    3.3 Conduct Vendor Orientation
    3.4 Compile Scorecards
    3.5 Conduct Business Alignment Meetings
    3.6 Work the 90-Day Plan
    3.7 Manage the 3-Year Roadmap
    3.8 Measure and Monitor Risk
    3.9 Issue Reports
    3.10 Develop/Improve Vendor Relationships
    3.11 Contribute to Other Processes

    4.1 Assess Compliance
    4.2 Incorporate Leading Practices
    4.3 Leverage Lessons Learned
    4.4 Maintain Internal Alignment
    4.5 Update Governances

    This phase will walk you through the following activities:

    Begin operating the VMI. The main outcomes from this phase are guidance and the steps required to implement your VMI.

    This phase involves the following participants:

    • VMI team
    • Applicable stakeholders and executives
    • Others as needed

    Jump Start Your Vendor Management Initiative

    Phase 3: Run

    Implement your processes and leverage your tools and templates.

    All of the hard work invested in Phase 1: Plan and Phase 2: Build begins to pay off in Phase 3: Run. It’s time to stand up your VMI and ensure that the proper level of resources is devoted to your vendors and the VMI itself. There’s more hard work ahead, but the foundational elements are in place. This doesn’t mean there won’t be adjustments and modifications along the way, but you are ready to use the tools and templates in the real world; you are ready to begin reaping the fruits of your labor.

    Phase 3: Run guides you through the process of collecting data, monitoring trends, issuing reports, and conducting effective meetings to:

    • Manage risk better.
    • Improve vendor performance.
    • Improve vendor relationships.
    • Identify areas where the parties can improve.
    • Improve communication between the parties.
    • Increase the value proposition with your vendors.

    Step 3.1: Classify vendors

    Begin classifying your top 25 vendors by spend.

    Step 3.1 sets the table for many of the subsequent steps in Phase 3: Run. The results of your classification process will determine: which vendors go through the scorecarding process (Step 3.4); which vendors participate in BAMs (Step 3.5); the nature and content of the vendor orientation activities (Step 3.3); which vendors will be part of the risk measurement and monitoring process (Step 3.8); which vendors will be included in the reports issued by the VMI (Step 3.9); and which vendors you will devote relationship-building resources to (Step 3.10).

    As you begin classifying your vendors, Info-Tech recommends using an iterative approach initially to validate the results from the classification model you configured in Step 2.1.

    1. Using the information from the Vendor Inventory tab (Step 1.7), identify your top 25 vendors by spend.
    2. Run your top 10 vendors by spend through the classification model and review the results.
      1. If the results are what you expected and do not contain any significant surprises, go to next page.
      2. If the results are not what you expected or contain significant surprises, look at the configuration page of the tool (Tab 1) and adjust the weights or the spend categories slightly. Be cautious in your evaluation of the results before modifying the configuration page – some legitimate results are unexpected or surprising based on bias. If you modify the weighting, review the new results and repeat your evaluation. If you modify the spend categories, review the answers on the vendor tabs to ensure that the answers are still accurate; review the new results and repeat your evaluation.

    Step 3.1: Classify vendors (cont.)

    Review your results and adjust the classification tool as needed.

    1. Run your top 11 through 25 vendors by spend through the classification model and review the results. Identify any unexpected results or surprises. Determine if further configuration makes sense and repeat the process outlined in 2.b, previous page, as necessary. If no further modifications are required, continue to 4, below.
    2. Share the preliminary results with the leadership team, executives, and stakeholders to obtain their approval or adjustments to the results.
      1. They may have questions and want to understand the process before approving the results.
      2. They may request that you move a vendor from one quadrant to another based on your organization’s roadmap, the vendor’s roadmap, or other information not available to you.
    3. Identify the vendors that will be part of the VMI at this stage – how many and which ones. Based on this number and the VMI’s scope (Step 1.2), make sure you have the resources necessary to accommodate the number of vendors participating in the VMI. Proceed cautiously and gradually increase the number of vendors participating in the VMI.

    Step 3.1: Classify vendors (cont.)

    Finalize the results and update VMI tools and templates.

    1. Update the Vendor Inventory tab (Step 1.7) to indicate the current classification status for the top 25 vendors by spend. Once your vendors have been classified, you can sort the Vendor Inventory tab by classification status to see all the vendors in that category at once.
    2. Review your 3-year roadmap (Step 2.9) and 90-day plans (Step 2.10) to determine if any modifications are needed to the activities and timelines.

    Additional classification considerations:

    • You should only have a few vendors that fit in the strategic category. As a rough guideline, no more than 5% to 10% of your IT vendors should end up in the strategic category. If you have a large number of vendors, even 5% may be too many. The classification model is an objective start to the classification process, but common sense must prevail over the “math” at the end of the day.
    • At this point, there is no need to go beyond the top 25 by spend. Most VMIs starting out can’t handle more than three to five strategic vendors initially. Allow the VMI to run a pilot program with a small sample size, work out any bugs, make adjustments, and then ramp up the VMI’s rollout in waves. Vendors can be added quarterly, biannually, or annually, depending upon the desired goals and available resources.

    Step 3.1: Classify vendors (cont.)

    Align your vendor strategy to your classification results.

    As your VMI matures, additional vendors will be part of the VMI. Review the table below and incorporate the applicable strategies into your deployment of vendor management principles over time. Stay true to your mission, goals, and scope, and remember that not all of your vendors are of equal importance.

    Operational Strategic
    • Focus on spend containment
    • Concentrate on lowering total cost of ownership
    • Invest moderately in cultivating the relationship
    • Conduct BAMs biannually or annually
    • Compile scorecards quarterly or biannually
    • Identify areas for performance and cost improvement
    • Focus on value, collaboration, and alignment
    • Review market intelligence for the vendor’s industry
    • Invest significantly in cultivating the relationship
    • Initiate executive-to-executive relationships
    • Conduct BAMs quarterly
    • Compile scorecards quarterly
    • Understand how the vendors view your organization

    Commodity

    Tactical

    • Investigate vendor rationalization and consolidation
    • Negotiate for the best-possible price
    • Leverage competition during negotiations
    • Streamline the purchasing and payment process
    • Allocate minimal VMI resources
    • Assign the lowest priority for vendor management metrics
    • Conduct risk assessments biannually or annually
    • Cultivate a collaborative relationship based on future growth plans or potential with the vendor
    • Conduct BAMs quarterly or biannually
    • Compile scorecards quarterly
    • Identify areas of performance improvement
    • Leverage innovation and creative problem solving

    Step 3.1: Classify vendors (cont.)

    Be careful when using the word “partner” with your strategic and other vendors.

    For decades, vendors have used the term “partner” to refer to the relationship they have with their clients and customers. In many regards, this is often an emotional ploy used by the vendors to get the upper hand. To fully understand the terms “partner” and “partnership” let’s evaluate them through two more-objective, less-cynical lenses.

    If you were to talk to your in-house or outside legal counsel, you may be told that partners share in profits and losses, and they have a fiduciary obligation to each other. Unless there is a joint venture between the parties, you are unlikely to have a partnership with a vendor from this perspective.

    What about a “business” partnership … one that doesn’t involve sharing profits and losses? What would that look like? Here are some indicators of a business partnership (or preferably a strategic alliance):

    • Trust and transparent communication exist.
    • You have input into the vendor’s roadmap for products and services.
    • The vendor is aligned with your desired outcomes and helps you achieve success.
    • You and the vendor are accountable for actions and inactions, with both parties being at risk.
    • There is parity in the peer-to-peer relationships between the organizations (e.g. C-Level to C-Level).
    • The vendor provides transparency in pricing models and proactively suggests ways for you to reduce costs.
    • You and the vendor work together to make each party better, providing constructive feedback on a regular basis.
    • The vendor provides innovative suggestions for you to improve your processes, performance, the bottom line, etc.
    • Negotiations are not one-sided; they are meaningful and productive, resulting in an equitable distribution of money and risk.

    Step 3.1: Classify vendors (cont.)

    Understand the implications and how to leverage the words “partner” and “partnership.”

    By now you might be thinking, “What’s all the fuss? Why does it matter?” At Info-Tech, we’ve seen firsthand how referring to the vendor as a partner can have the following impact:

    • Confidences are disclosed unnecessarily.
    • Negotiation opportunities and leverage are lost.
    • Vendors no longer have to earn the customer’s business.
    • Vendor accountability is missing due to shared responsibilities.
    • Competent skilled vendor resources are assigned to other accounts.
    • Value erodes over time since contracts are renewed without being competitively sourced.
    • One-sided relationships are established, and false assurances are provided at the highest levels within the customer organization.

    Proceed with caution when using partner or partnership with your vendors. Understand how your organization benefits from using these terms and mitigate the negatives outlined above by raising awareness internally to ensure people understand the psychology behind the terms. Finally, use the term to your advantage when warranted by referring to the vendor as a partner when you want or need something that the vendor is reluctant to provide. Bottom line: Be strategic in how you refer to vendors and know the risks.

    Step 3.2: Conduct internal “kickoff” meeting

    Raise awareness about the VMI and its mission, vision, and goals.

    To be effective, your VMI needs executive support, a clear vision, appropriate governances and tools, personnel with the right skills, and other items discussed in this blueprint. However, the VMI doesn’t exist in a vacuum … it can’t sit back and be reactive. As part of being proactive, the VMI must be aware of its brand and “market” its services. An effective way to market the VMI is to conduct an internal kickoff meeting. There are at least a couple of ways to do this:

    • Host a meeting for stakeholders, executives, and others who will be contributing to the VMI processes (but are not part of the VMI). The meeting can be part of a townhall or standalone meeting; it can be done live or via a recorded video.
    • Attend appropriate staff meetings and make your presentation.

    With either approach above or one of your choosing, keep in mind the following objectives for your kickoff meeting:

    • Make sure you provide a way for those in attendance to ask questions at that time and later. You want to create and foster a communication loop with the people who will be impacted by the VMI or participating with it.
    • Raise awareness of your existence and personnel. Tell the VMI’s story by sharing your mission statement, goals, and scope; this will help dispel (or confirm) rumors about the VMI that often lead to confusion and faulty assumptions.
    • As you share the VMI’s vision, connect the story to how the VMI will impact the organization and individuals and to how they can help. The VMI tends to be the least autonomous area within an organization; it needs the assistance of others to be successful. Convey an atmosphere of collaboration and appreciation for their help.

    Host a kickoff meeting annually to kickoff the new year. Remind people of your story, announce successes from the past year, and indicate what the future year holds. Keep it brief, make it personal for the audience, and help them connect the names of VMI personnel to faces.

    Step 3.3: Conduct vendor orientation

    Introduce your VMI to your top vendors.

    Based on the results from your vendor classification (Step 3.1) and your VMI deployment timeline, identify the vendors who will participate in the initial orientation meetings. Treat the orientation as a formal, required meeting for the vendors to attend. Determine the attendee list for your organization and the vendors, and send out invites. Ideally, you will want the account manager, a sales director or vice president, the “delivery” director or vice president, and an executive from the vendor in the meeting. From the customer side, you may need more than one or two people from the VMI to entice the vendor’s leadership team to attend; you may need attendance from your own leadership team to add weight or credibility to the meeting (unfortunately).

    Before going into the meeting, make sure everyone on your side knows their roles and responsibilities, and review the agenda. Control the agenda or the meeting is likely to get out of hand and turn into a sales call.

    Conduct orientation meetings even if the participating vendors have been doing business with you for several years. Don’t assume they know all about your organization and your VMI (even if their other clients have a VMI).

    Run two or three orientation meetings and then review the “results.” What needs to be modified? What lessons have you learned? Make any necessary adjustments and continue rolling out the orientation meetings.

    Early in the VMI’s deployment, reorientation and debrief may not be in play. As time passes, it is important to remember them! Use them when warranted to help with vendor alignment.

    Step 3.4: Compile scorecards

    Begin scoring your top vendors.

    The scorecard process typically is owned and operated by the VMI, but the actual rating of the criteria within the measurement categories is conducted by those with day-to-day interactions with the vendors, those using or impacted by the services and products provided by the vendors, and those with the skills to research other information on the scorecard (e.g. risk). Chances are one person will not be able to complete an entire scorecard by themselves. As a result, the scorecard process is a team sport comprising sub-teams where necessary.

    The VMI will compile the scores, calculate the final results, and aggregate all of the comments into one scorecard. There are two common ways to approach this task:

    1. Send out the scorecard template to those who will be scoring the vendor and ask them to return it when completed, providing them with a due date a few days before you actually need it; you’ll need time to compile, calculate, and aggregate.
    2. Invite those who will be scoring the vendor to a meeting and let the contributors use that time to score the vendors; make VMI team members available to answer questions and facilitate the process.

    Step 3.4: Compile scorecards (cont.)

    Gather input from stakeholders and others impacted by the vendors.

    Since multiple people will be involved in the scorecarding process or have information to contribute, the VMI will have to work with the reviewers to ensure that the right mix of data is provided. For example:

    • If you are tracking lawsuits filed by or against the vendor, one person from Legal may be able to provide that, but they may not be able to evaluate any other criteria on the scorecard.
    • If you are tracking salesperson competencies, multiple people from multiple areas may have valuable insights.
    • If you are tracking deliverable timeliness, several project managers may want to contribute across several projects.

    Where one person is contributing exclusively to limited criteria, make it easy for the person to identify the criteria they are to evaluate. When multiple people from the same functional area will provide insights, they can contribute individually (and the VMI will average their responses) or they can respond collectively after reaching consensus among themselves.

    After the VMI has compiled, calculated, and aggregated, share the results with executives, impacted stakeholders, and others who will be attending the BAM for that vendor. Depending upon the comments provided by internal personnel, you may need to create a sanitized version of the scorecard for the vendor.

    Make sure your process timeline has a buffer built in. You’ll be sending the final scorecard to the vendor three to five days before the BAM, and you’ll need some time to assemble the results. The scorecarding process can be perceived as a low-priority activity for people outside of the VMI, and other “priorities” will arise for them. Without a timeline buffer, the VMI may find itself behind schedule and unprepared due to things beyond its control.

    Step 3.5: Conduct business alignment meetings

    Determine which vendors will participate and how long the meetings will last.

    At their core, BAMs aren’t that different from any other meeting. The basics of running a meeting still apply, but there are a few nuances that apply to BAMs Set out below are leading practices for conducing your BAMs; adapt them to meet your needs and suit your environment.

    Who

    Initially, BAMs are conducted with the strategic vendors in your pilot program. Over time, you’ll add vendors until all of your strategic vendors are meeting with you quarterly. After that, roll out the BAMs to those tactical and operational vendors located close to the strategic quadrant in the classification model (Steps 2.1 and 3.1) and as VMI resources allow. It may take several years before you are holding regular BAMs with all of your strategic, tactical, and operational vendors.

    Duration

    Keep the length of your meetings reasonable. The first few with a vendor may need to be 60 to 90 minutes long. After that, you should be able to trim them to 45 to 60 minutes. The BAM does not have to fill the entire time. When you are done, you are done.

    Step 3.5: Conduct business alignment meetings (cont.)

    Identify who will be invited and send out invitations.

    Invitations

    Set up a recurring meeting whenever possible. Changes will be inevitable, but keeping the timeline regular works to your advantage. Also, the vendors included in your initial BAMs won’t change for twelve months. For the first BAM with a vendor, provide adequate notice; four weeks is sufficient in most instances, but calendars will fill up quickly for the main attendees from the vendor. Treat the meeting as significant and make sure your invitation reflects this. A simple meeting request will often be rejected, treated as optional, or ignored completely by the vendor’s leadership team (and maybe yours as well!).

    Invitees

    Internal invitees should include those with a vested interest in the vendor’s performance and the relationship. In addition, other functional areas may be invited based on need or interest. Be careful the attendee list doesn’t get too big. Based on this, internal BAM attendees often include representatives from IT, Sourcing/Procurement, and the applicable business units. At times, Finance and Legal are included.

    From the vendor’s side, strive to have decision makers and key leaders attend. The salesperson/account manager is often included for continuity, but a director or vice president of sales will have more insights and influence. The project manager is not needed at this meeting due to the nature of the meeting and its agenda; however, a director or vice president from the “product or service delivery” area is a good choice. Bottom line: get as high into the vendor’s organization as possible whenever possible; look at the types of contracts you have with that vendor to provide guidance on the type of people to invite.

    Step 3.5: Conduct business alignment meetings (cont.)

    Prepare for the meetings and maintain control.

    Preparation

    Send the scorecard and agenda to the vendor five days prior to the BAM. The vendor should provide you with any information you require for the meeting five days prior as well.

    Decide who will run the meeting. Some customers like to lead and others let the vendor present. How you craft the agenda and your preferences will dictate who runs the show.

    Make sure the vendor knows what materials it should bring to the meeting or have access to. This will relate to the agenda and any specific requests listed under the discussion points. You don’t want the vendor to be caught off guard and unable to discuss a matter of importance to you.

    Running the BAM

    Regardless of which party leads, make sure you manage the agenda to stay on topic. This is your meeting – not the vendor’s, not IT’s, not Procurement’s or Sourcing’s. Don’t let anyone hijack it.

    Make sure someone is taking notes. If you are running this virtually, consider recording the meeting. Check with your legal department first for any concerns, notices, or prohibitions that may impact your recording the session.

    As a reminder, this is not a sales call, and this is not a social activity. Innovation discussions are allowed and encouraged, but that can quickly devolve into a sales presentation. People can be friendly toward one another, but the relationship building should not overwhelm the other purposes.

    Step 3.5: Conduct business alignment meetings (cont.)

    Follow these additional guidelines to maximize your meetings.

    More Leading Practices

    • Remind everyone that the conversation may include items covered by various confidentiality provisions or agreements.
    • Publish the meeting minutes on a timely basis (within 48 hours).
    • Focus on the bigger picture by looking at trends over time; get into the details only when warranted.
    • Meet internally immediately beforehand to prepare – don’t go in cold; review the agenda and the roles and responsibilities for the attendees.
    • Physical meetings are better than virtual meetings, but travel constraints, budgets, and pandemics may not allow for physical meetings.

    Final Thoughts

    • When performance or the relationship is suffering, be constructive in your feedback and conversations rather than trying to assign blame; lead with the carrot rather than the stick.
    • Look for collaborative solutions whenever possible and avoid referencing the contract if possible. Communicate your willingness to help resolve outstanding issues.
    • Use inclusive language and avoid language that puts the vendor on the defensive.
    • Make sure that your meetings are not focused exclusively on the negative, but don’t paint a rosy picture where one doesn’t exist.
    • A vendor that is doing well should be commended. This is an important part of relationship building.

    Step 3.6: Work the 90-day plan

    Monitor your progress and share your results.

    Having a 90-day plan is a good start, but assuming the tasks on the plan will be accomplished magically or without any oversight can lead to failure. While it won’t take a lot of time to work the plan, following a few basic guidelines will help ensure the 90-day plan gets results and wasn’t created in vain.

    90-Day Plan: Activity 1; Activity 2; Activity 3; Activity 4; Activity 5
    1. Measure and track your progress against the initial/current 90-day plan at least weekly; with a short timeline, any delay can have a huge impact.
    2. If adjustments are needed to any elements of the plan, understand the cause and the impact of those adjustments before making them.
    3. Make adjustments ONLY when warranted. The temptation will be to push activities and tasks further out on the timeline (or to the next 90-day plan!) when there is any sort of “hiccup” along the way, especially when personnel outside the VMI are involved. Hold true to the timeline whenever possible; once you start slipping, it often becomes a habit.
    4. Report on progress every week and hold people accountable for their assignments and contributions.
    5. Take the 90-day plan seriously and treat it as you would any significant project – this is part of the VMI’s branding and image.

    Step 3.7: Manage the 3-year roadmap

    Keep an eye on the future since it will feed the present.

    The 3-year roadmap is a great planning tool, but it is not 100% reliable. There are inherent flaws and challenges. Essentially, the roadmap is a set of three “crystal balls” attempting to tell you what the future holds. The vision for Year 1 may be fairly clear, but for each subsequent year, the crystal ball becomes foggier. In addition, the timeline is constantly changing; before you know it, tomorrow becomes today and Year 2 becomes Year 1.

    To help navigate through the roadmap and maximize its potential, follow these principles:

    • Manage each year of the roadmap differently.
      • Review the Year 1 map each quarter to update your 90-day plans (See steps 2.10 and 3.6).
      • Review the Year 2 map every six months to determine if any changes are necessary. As you cycle through this, your vantage point of Year 2 will be 6 months or 12 months away from the beginning of Year 2, and time moves quickly.
      • Review the Year 3 map annually, and determine what needs to be added, changed, or deleted. Each time you review Year 3, it will be a “new” Year 3 that needs to be built.
    • Analyze the impact on the proposed modifications from two perspectives: 1) What is the impact if a requested modification is made? 2) What is the impact if a requested modification is not made?
    • Validate all modifications with leadership and stakeholders before updating the 3-year roadmap to ensure internal alignment.

    Step 3.8: Measure and monitor risk

    Understand and manage risk levels.

    Using the configured Vendor Risk Assessment Tool (Step 2.2), confirm which risks you will be measuring and monitoring and identify the vendors that will be part of the initial risk management process. Generally, organizations start measuring and monitoring risk in two to five risk categories for two or three strategic vendors. Over time, additional risk categories and/or vendors can be added in waves. Resist the temptation to add risk categories or vendors into the mix too quickly. Expanding requires resources inside and outside of the VMI.

    The VMI will rely heavily on other areas to provide input or the risk data, and the VMI needs to establish good working relationships with those areas. For example, if legal risk is something being measured and monitored, the VMI will need data from Legal on the number and nature of any lawsuits filed by or against the applicable vendors; the VMI will need data from Legal, Contract Management, or Procurement/Sourcing on the number and nature of any agreed upon deviations from your organization’s preferred contract terms that increase legal risk.

    With respect to risk, the VMI’s main role is threefold: 1) take the data obtained from others (or in some instances the VMI may have the data) and turn it into useful information, 2) monitor the risk categories over time and periodically issue reports, and 3) work with other areas to manage the risk.

    Step 3.9: Issue reports

    Inform internal personnel and vendors about trends, issues, progress, and results.

    Issuing the reports created in Step 2.12 is one of the main ways the VMI 1) will communicate with internal and external personnel and 2) track trends and information over time. Even with input from the potential reviewers of the reports, you’ll still want to seek their feedback and input periodically. It may take a few iterations until the reports are hitting their mark. You may find that a metric is no longer required, that a metric is missing completely or it is missing a component, or a formatting change would improve the report’s readability. Once a report has been “finalized,” try not to change it until you are engaged in Phase 4: Review activities. It can be unsettling for the reviewers when reports change constantly.

    Whenever possible, find ways to automate the reports. While issuing reports is critical, the function should not consume more time than necessary. Automation can remove some of the manual and repetitive tasks.

    Internal reports may need to be kept confidential. An automated dashboard or reporting tool can help lock down who has access to the information. At a minimum, the internal reports should contain a “Confidential” stamp, header, watermark, or other indicator that the materials are sensitive and should not be disclosed outside of your organization without approval.

    Reports for vendors may not need to be sent as often as reports are generated or prepared for internal personnel. Establish a cadence by classification model category and stick to it. Letting each vendor choose the frequency will make it more difficult for you to manage. The vendors can choose to ignore the report if they so choose.

    This is an image of an example of a bar graph showing ROI and Benchmark for Categories 1-6

    Step 3.10: Develop/improve vendor relationships

    Drive better performance through better relationships.

    One of the key components of a VMI is relationship management. Good relationships with your vendors provide many benefits for both parties, but they don’t happen by accident. Do not assume the relationship will be good or is good merely because your organization is buying products and services from a vendor.

    In many respects, the VMI should mirror a vendor’s sales organization by establishing relationships at multiple levels within the vendor organizations – not just with the salesperson or account manager. Building and maintaining relationships is hard work, but the return on investment makes it worthwhile.

    Business relationships are comprised of many components, not all of which have to be present to have a great relationship. However, there are some essential components. Whether you are trying to develop, improve, or maintain a relationship with a vendor, make sure you are conscious of the following:*

    • Focus your energies on strategic vendors first and then tactical and operational vendors.
    • Be transparent and honest in your communications.
    • Continue building trust by being responsive and honoring commitments (timely).
    • Create a collaborative environment and build upon common ground.
    • Thank the vendor when appropriate.
    • Resolve disputes early, avoid the “blame game,” and be objective when there are disagreements.

    Step 3.11: Contribute to other processes

    Continue assisting others and managing roles and responsibilities outside of the VMI.

    The VMI has processes that it owns and processes that it contributes to. Based on the VMI scope (Step 1.2), the OIC chart (Step 1.4), and the process mapping activities (Step 1.5), ensure that the VMI is honoring its contribution commitments. This is often easier said than done though. A number of factors can make it difficult to achieve the balance required to handle VMI processes and contribute to other processes associated with the VMI’s mission and vision. Understanding the issues is half the battle. If you see signs of these common “vampires,” take action quickly to address the situation.

    • The VMI’s first focus is often internal, and the tendency is to operate in a bubble. Classifying vendors, running BAMs, coordinating the risk process, and other inward-facing processes can consume all of the VMI’s energy. As a result, there is little time, effort, or let’s be honest, desire to participate in other processes outside of the VMI.
    • It is easy for VMI personnel to get dragged into processes and situations that are outside of its scope. This often happens when personnel join the VMI from other internal areas or departments and have good relationships with their former teammates. The relationships make it hard to say “No” when out-of-scope assistance is being requested.
    • The VMI may have “part-time” personnel who have responsibilities across internal departments, divisions, agencies, or teams. When the going gets tough and time is at a premium, people gravitate toward the easiest or most comfortable work. That work may not be VMI work.

    Phase 4: Review

    Keep Your VMI Up to Date and Running Smoothly

    Phase 1Phase 2Phase 3Phase 4
    1.1 Mission Statement and Goals


    1.2 Scope

    1.3 Strengths and Obstacles

    1.4 Roles and Responsibilities

    1.5 Process Mapping

    1.6 Charter

    1.7 Vendor Inventory

    1.8 Maturity Assessment

    1.9 Structure

    2.1 Classification Model
    2.2 Risk Assessment Tool
    2.3 Scorecards and Feedback
    2.4 Business Alignment Meeting Agenda
    2.5 Relationship Alignment Document
    2.6 Vendor Orientation
    2.7 Job Descriptions
    2.8 Policies and Procedures
    2.9 3-Year Roadmap
    2.10 90-Day Plan
    2.11 Quick Wins
    2.12 Reports

    3.1 Classify Vendors
    3.2 Conduct Internal “Kickoff” Meeting
    3.3 Conduct Vendor Orientation
    3.4 Compile Scorecards
    3.5 Conduct Business Alignment Meetings
    3.6 Work the 90-Day Plan
    3.7 Manage the 3-Year Roadmap
    3.8 Measure and Monitor Risk
    3.9 Issue Reports
    3.10 Develop/Improve Vendor Relationships
    3.11 Contribute to Other Processes

    4.1 Assess Compliance
    4.2 Incorporate Leading Practices
    4.3 Leverage Lessons Learned
    4.4 Maintain Internal Alignment
    4.5 Update Governances

    This phase will walk you through the following activities:

    Identify what the VMI should stop doing, start doing, and continue doing as it improves and matures. The main outcomes from this phase are ways to advance the VMI and maintain internal alignment.

    This phase involves the following participants:

    • VMI team
    • Applicable stakeholders and executives
    • Others as needed

    Jump Start Your Vendor Management Initiative

    Phase 4: Review

    Keep your VMI up to date and running smoothly.

    As the old adage says, “The only thing constant in life is change.” This is particularly true for your VMI. It will continue to mature; people inside and outside of the VMI will change; resources will expand or contract from year to year; your vendor base will change. As a result, your VMI needs the equivalent of a physical every year. In place of bloodwork, x-rays, and the other paces your physician may put you through, you’ll assess compliance with your policies and procedures, incorporate leading practices, leverage lessons learned, maintain internal alignment, and update governances.

    Be thorough in your actions during this Phase to get the most out of it. It requires more than the equivalent of gauging a person’s health by taking their temperature, measuring their blood pressure, and determining their body mass index. Keeping your VMI up to date and running smoothly takes hard work.

    Some of the items presented in this Phase require an annual review; others may require quarterly review or timely review (i.e. when things are top of mind and current). For example, collecting lessons learned should happen on a timely basis rather than annually, and classifying your vendors should occur annually rather than every time a new vendor enters the fold.

    Ultimately, the goal is to improve over time and stay aligned with other areas internally. This won’t happen by accident. Being proactive in the review of your VMI further reinforces the nature of the VMI itself – proactive vendor management, NOT reactive!

    Step 4.1: Assess compliance

    Determine what is functionally going well and not going well.

    Whether you have a robust set of vendor management-related policies and procedures or they are the bare minimum, gathering data each quarter and conducting an assessment each year will provide valuable feedback. The scope of your assessment should focus on two concepts: 1) are the policies and procedures being followed and 2) are the policies and procedures accurate and relevant. This approach requires parallel thinking, but it will help you understand the complete picture and minimize the amount of time required.

    Use the steps listed below (or modify them for your culture) to conduct your assessment:

    • Determine the type of assessment – formal or informal.
    • Determine the scale of the assessment – which policies and procedures will be reviewed and how many people will be interviewed.
    • Determine the compliance levels, and seek feedback on the policies and procedures – what is going well and what can be improved?
    • Review the compliance deviations.
    • Conduct a root cause analysis for the deviations.
    • Create a list of improvements and gain approval.
    • Create a plan for minimizing noncompliance in the future.
      • Improve/increase education and awareness.
      • Clarify/modify policies and procedures.
      • Add resources, tools, and people (as necessary and as allowed).

    Step 4.2: Incorporate leading practices

    Identify and evaluate what external VMIs are doing.

    The VMI’s world is constantly shifting and evolving. Some changes will take place slowly, while others will occur quickly. Think about how quickly the cloud environment has changed over the past five years versus the 15 years before that; or think about issues that have popped up and instantly altered the landscape (we’re looking at you COVID-19 and ransomware). As a result, the VMI needs to keep pace, and one of the best ways to do that is to incorporate leading practices.

    At a high level, a leading practice is a way of doing something that is better at producing a particular outcome or result or performing a task or activity than other ways of proceeding. The leading practice can be based on methodologies, tools, processes, procedures, and other items. Leading practices change periodically due to innovation, new ways of thinking, research, and other factors. Consequently, a leading practice is to identify and evaluate leading practices each year.

    Step 4.2: Incorporate leading practices (cont.)

    Update your VMI based on your research.

    • A simple approach for incorporating leading practices into your regular review process is set out below:
    • Research:
      • What other VMIs in your industry are doing.
      • What other VMIs outside your industry are doing.
      • Vendor management in general.
    • Based on your results, list specific leading practices others are doing that would improve your VMI (be specific – e.g. other VMIs are incorporating risk into their classification process).
    • Evaluate your list to determine which of these potential changes fit or could be modified to fit your culture and environment.
    • Recommend the proposed changes to leadership (with a short business case or explanation/justification, as needed) and gain approval.

    Remember: Leading practices or best practices may not be what is best for you. In some instances, you will have to modify them to fit your culture and environment; in other instances, you will elect not to implement them at all (in any form).

    Step 4.3: Leverage lessons learned

    Tap into the collective wisdom and experience of your team members.

    There are many ways to keep your VMI running smoothly, and creating a lessons learned library is a great complement to the other ways covered in this Phase 4: Review. By tapping into the collective wisdom of the team and creating a safe feedback loop, the VMI gains the following benefits:

    • Documented institutional wisdom and knowledge normally found only in the team members’ brains.
    • The ability for one team member to gain insights and avoid mistakes without having to duplicate the events leading to the insights or mistakes.
    • Improved methodologies, tools, processes, procedures, skills, and relationships.

    Many of the processes raised in this Phase can be performed annually, but a lessons learned library works best when the information is “deposited” in a timely manner. How you choose to set up your lessons learned process will depend on the tools you select and your culture. You may want to have regular “input” meetings to share the lessons as they are being deposited, or you may require team members to deposit lessons learned on a regular basis (within a week after they happen, monthly, or quarterly). Waiting too long can lead to vague or lost memories and specifics – timeliness of the deposits is a crucial element.

    Step 4.3: Leverage lessons learned (cont.)

    Create a library to share valuable information across the team.

    Lessons learned are not confined to identifying mistakes or dissecting bad outcomes. You want to reinforce good outcomes as well. When an opportunity for a lessons-learned deposit arises, identify the following basic elements:

    • A brief description of the situation and outcome.
    • What went well (if anything) and why did it go well?
    • What didn't go well (if anything) and why didn't it go well?
    • What would/could you do differently next time?
    • A synopsis of the lesson(s) learned.

    Info-Tech Insights

    The lessons learned library needs to be maintained. Irrelevant material needs to be culled periodically, and older or duplicate material may need to be archived.

    The lessons learned process should be blameless. The goal is to share insightful information … not to reward or punish people based on outcomes or results.

    Step 4.4: Maintain internal alignment

    Review the plans of other internal areas to stay in sync.

    Maintaining internal alignment is essential for the ongoing success of the VMI. Over time, it is easy to lose sight of the fact that the VMI does not operate in a vacuum; it is an integral component of a larger organization whose parts must work well together to function optimally. Focusing annually on the VMI’s alignment within the enterprise helps reduce any breakdowns that could derail the organization.

    To ensure internal alignment:

    • Review the key components of the applicable materials from Phase 1: Plan and Phase 2: Build with the appropriate members of the leadership team (e.g. executives, sponsors, and stakeholders). Not every item from those Phases and Steps needs to be reviewed, but err on the side of caution for the first set of alignment discussions, and be prepared to review each item. You can gauge the audience’s interest on each topic and move quickly when necessary or dive deeper when needed. Identify potential changes required to maintain alignment.
    • Review the strategic plans (e.g. 1-, 3-, and 5- year plans) for various portions of the organization if you have access to them or gather insights if you don’t have access.
      • If the VMI is under the IT umbrella, review the strategic plans for IT and its departments.
      • Review the strategic plans for the areas the VMI works with (e.g. Procurement, Business Units).
      • The organization itself.
    • Create and vet a list of modifications to the VMI and obtain approval.
    • Develop a plan for making the necessary changes.

    Step 4.5: Update governances

    Revise your protocols and return to the beginning of cyclical processes.

    You’re at the final Step and ready to update governances. This is comprised of two sequential paths.

    • First, use the information from Steps 4.1-4.4 to make any required modifications to the items in Phase 1: Plan, Phase 2: Build, and Phase 3: Run. For example, you may need to update your policies and procedures (Step 2.8) based on your findings in Step 4.1; or you may need to update the VMI’s scope (Step 1.2) to ensure internal alignment issues identified in Step 4.4. are accounted for.
    • Second, return to Phase 3: Run to perform the activities below; they tend to be performed annually, but use your discretion and perform them on an as-needed basis:
      • Reclassify vendors.
      • Complete a new maturity assessment.
      • Run reorientation sessions for vendors.
      • Conduct a kickoff meeting to update internal personnel.

    Other activities and tasks (e.g. scorecards and BAMs) may be impacted by the modifications made above, but the nature of their performance follows a shorter cadence. As a result, they are not specifically called out here in this Step 4.5 since they are performed on an ongoing basis. However, don’t overlook them as part of your update.

    Summary of Accomplishment

    Problem Solved

    Vendor management is a broad, often overwhelming, comprehensive spectrum that encompasses many disciplines. By now, you should have a great idea of what vendor management can or will look like in your organization. Focus on the basics first: Why does the VMI exist and what does it hope to achieve? What is its scope? What are the strengths you can leverage, and what obstacles must you manage? How will the VMI work with others? From there, the spectrum of vendor management will begin to clarify and narrow.

    Leverage the tools and templates from this blueprint and adapt them to your needs. They will help you concentrate your energies in the right areas and on the right vendors to maximize the return on your organization’s investment in the VMI of time, money, personnel, and other resources. You may have to lead by example internally and with your vendors at first, but they will eventually join you on your path if you stay true to your course.

    At the heart of a good VMI is the relationship component. Don’t overlook its value in helping you achieve your vendor management goals. The VMI does not operate in a vacuum, and relationships (internal and external) will be critical.

    Lastly, seek continual improvement from the VMI and from your vendors. Both parties should be held accountable, and both parties should work together to get better. Be proactive in your efforts, and you, the VMI, and the organization will be rewarded.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information

    workshops@infotech.com

    1-888-670-8889

    Related Info-Tech Research

    Prepare for Negotiations More Effectively

    Don't leave negotiation preparations and outcomes to chance. Learn how to prepare for negotiations more effectively and improve your results.

    Understand Common IT Contract Provisions to Negotiate More Effectively

    Info-Tech’s guidance and insights will help you navigate the complex process of contract review and identify the key details necessary to maximize the protections for your organization.

    Capture and Market the ROI of Your VMO

    Calculating the impact or value of a vendor management office (VMO) can be difficult without the right framework and tools. Let Info-Tech’s tools and templates help you account for the contributions made by your VMO.

    Bibliography

    “Best Practices for Writing Corporate Policies and Procedures.” PowerDMS, 29 Dec. 2020. Accessed 11 January 2022.

    Duncan. “Top 10 Tips for Creating Compelling Reports.” Design Eclectic, 11 October 2019. Accessed 29 March 2022.

    Eby, Kate. “Master Writing Policies, Procedures, Processes, and Work Instructions.” 1 June 2018, updated 19 July 2021. Accessed 11 January 2022.

    “Enterprise Risk Management.” Protiviti, n.d. Accessed 16 Feb. 2017.

    Geller & Company. “World-Class Procurement — Increasing Profitability and Quality.” Spend Matters, 2003. Accessed 4 March 2019.

    Guth, Stephen. “Vendor Relationship Management Getting What You Paid for (And More).” Citizens, 26 Feb. 2015. Web.

    Guth, Stephen. The Vendor Management Office: Unleashing the Power of Strategic Sourcing. Lulu.com, 2007. Print.

    “ISG Index 4Q 2021.” Information Services Group, Inc., 2022. Web.

    “Six Tips for Making a Quality Report Appealing and Easy To Skim.” AHRQ, Oct. 2019. Accessed 29 March 2022.

    Tucker, Davis. “Marketing Reporting: Tips to Create Compelling Reports.” 60 Second Marketer, 28 March 2020. Accessed 29 March 2022.

    “Why Do We Perform Better When Someone Has High Expectations of Us?” The Decision Lab, 9 Sept. 2020. Accessed 31 January 2022.

    Develop a COVID-19 Pandemic Response Plan

    • Buy Link or Shortcode: {j2store}420|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: DR and Business Continuity
    • Parent Category Link: /business-continuity
    • IT departments are being asked to rapidly ramp up work-from-home capabilities and other business process workarounds.
    • Crisis managers are experiencing a pandemic more severe than what they’ve managed in the past.
    • Organizations are scrambling to determine how they can keep their businesses running through this pandemic.

    Our Advice

    Critical Insight

    • Obstacles to working from home go beyond internet speed and needing a laptop. Business input is critical to uncover unexpected obstacles.
    • IT needs to address a range of issues from security risk to increased service desk demand from users who don’t normally work from home.
    • Resist the temptation to bypass IT processes – your future-self will thank you for tracking all those assets about to go out the door.

    Impact and Result

    • Start with crisis management fundamentals – identify crisis management roles and exercise appropriate crisis communication.
    • Prioritize business processes and work-from-home requirements. Not everyone can be set up on day one.
    • Don’t over-complicate your work-from-home deployment plan. A simple spreadsheet (see the Work-from-Home Requirements Tool) to track requirements can be very effective.

    Develop a COVID-19 Pandemic Response Plan Research & Tools

    Start here

    Stay up to date on COVID-19 and the resources available to you.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Develop a COVID-19 Pandemic Response Plan Storyboard

    1. Manage the pandemic crisis

    Identify key roles and immediate steps to manage this crisis.

    • Pandemic Response Plan Example

    2. Create IT’s plan to support the pandemic response plan

    Plan the deployment of a work-from-home initiative.

    • Work-From-Home Requirements Tool
    [infographic]

    Establish a Sustainable ESG Reporting Program

    • Buy Link or Shortcode: {j2store}194|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: IT Governance, Risk & Compliance
    • Parent Category Link: /it-governance-risk-and-compliance

    Consistent, high-quality disclosure of ESG practices is the means by which organizations can demonstrate they are acting responsibly and in the best interest of their customers and society. Organizations may struggle with these challenges when implementing an ESG reporting program:

    • Narrowing down ESG efforts to material ESG issues
    • Building a sustainable reporting framework
    • Assessing and solving for data gaps and data quality issues
    • Being aware of the tools and best practices available to support regulatory and performance reporting

    Our Advice

    Critical Insight

    • A tactical approach to ESG reporting will backfire. The reality of climate change and investor emphasis is not going away. For long-term success, organizations need to design an ESG reporting program that is flexible, interoperable, and digital.
    • Implementing a robust reporting program takes time. Start early, remain focused, and make plans to continually improve data quality and collection and performance metrics.
    • The “G” in ESG may not be capturing the limelight under ESG legislation yet, but there are key factors within the governance component that are under the regulatory microscope, including data, cybersecurity, fraud, and diversity and inclusion. Be sure you stay on top of these issues and include performance metrics in your internal and external reporting frameworks.

    Impact and Result

    • Successful organizations recognize that transparent ESG disclosure is necessary for long-term corporate performance.
    • Taking the time up front to design a robust and proactive ESG reporting program will pay off in the long run.
    • Future-proof your ESG reporting program by leveraging new tools, technologies, and software applications.

    Establish a Sustainable ESG Reporting Program Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Establish a Sustainable ESG Reporting Program Storyboard – A comprehensive framework to define an ESG reporting program that supports your ESG goals and reporting requirements.

    This storyboard provides a three-phased approach to establishing a comprehensive ESG reporting framework to drive sustainable corporate performance. It will help you identify what to report, understand how to implement your reporting program, and review in-house and external software and tooling options.

    • Establish a Sustainable ESG Reporting Program Storyboard

    2. ESG Reporting Workbook – A tool to document decisions, rationale, and implications of key activities to support your ESG reporting program.

    The workbook allows IT and business leaders to document decisions as they work through the steps to establish a comprehensive ESG reporting framework.

    • ESG Reporting Workbook

    3. ESG Reporting Implementation Plan – A tool to document tasks required to deliver and address gaps in your ESG reporting program.

    This planning tool guides IT and business leaders in planning, prioritizing, and addressing gaps to build an ESG reporting program.

    • ESG Reporting Implementation Plan Template

    4. ESG Reporting Presentation Template – A guide to communicate your ESG reporting approach to internal stakeholders.

    Use this template to create a presentation that explains the drivers behind the strategy, communicates metrics, demonstrates gaps and costs, and lays out the timeline for the implementation plan.

    • ESG Reporting Presentation Template

    Infographic

    Workshop: Establish a Sustainable ESG Reporting Program

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Determine Material ESG Factors

    The Purpose

    Determine material ESG factors.

    Key Benefits Achieved

    Learn how to identify your key stakeholders and material ESG risks.

    Activities

    1.1 Create a list of stakeholders and applicable ESG factors.

    1.2 Create a materiality map.

    Outputs

    List of stakeholders and applicable ESG factors

    Materiality map

    2 Define Performance and Reporting Metrics

    The Purpose

    Define performance and reporting metrics.

    Key Benefits Achieved

    Align your ESG strategy with key performance metrics.

    Activities

    2.1 Create a list of SMART metrics.

    2.2 Create a list of reporting obligations.

    Outputs

    SMART metrics

    List of reporting obligations

    3 Assess Data and Implementation Gaps

    The Purpose

    Assess data and implementation gaps.

    Key Benefits Achieved

    Surface data and technology gaps.

    Activities

    3.1 Create a list of high-priority data gaps.

    3.2 Summarize high-level implementation considerations.

    Outputs

    List of high-priority data gaps

    Summary of high-level implementation considerations

    4 Consider Software and Tooling Options

    The Purpose

    Select software and tooling options and develop implementation plan.

    Key Benefits Achieved

    Complete your roadmap and internal communication document.

    Activities

    4.1 Review tooling and technology options.

    4.2 Prepare ESG reporting implementation plan.

    4.3 Prepare the ESG reporting program presentation.

    Outputs

    Selected tooling and technology

    ESG reporting implementation plan

    ESG reporting strategy presentation

    Further reading

    Establish a Sustainable ESG Reporting Program

    Strengthen corporate performance by implementing a holistic and proactive reporting approach.

    Analyst Perspective

    The shift toward stakeholder capitalism cannot be pinned on one thing; rather, it is a convergence of forces that has reshaped attitudes toward the corporation. Investor attention on responsible investing has pushed corporations to give greater weight to the achievement of corporate goals beyond financial performance.

    Reacting to the new investor paradigm and to the wider systemic risk to the financial system of climate change, global regulators have rapidly mobilized toward mandatory climate-related disclosure.

    IT will be instrumental in meeting the immediate regulatory mandate, but their role is much more far-reaching. IT has a role to play at the leadership table shaping strategy and assisting the organization to deliver on purpose-driven goals.

    Delivering high-quality, relevant, and consistent disclosure is the key to unlocking and driving sustainable corporate performance. IT leaders should not underestimate the influence they have in selecting the right technology and data model to support ESG reporting and ultimately support top-line growth.

    Photo of Yaz Palanichamy

    Yaz Palanichamy
    Senior Research Analyst
    Info-Tech Research Group

    Photo of Donna Bales

    Donna Bales
    Principal Research Director
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Your organization needs to define a ESG reporting strategy that is driven by corporate purpose.

    Climate-related disclosure mandates are imminent; you need to prepare for them by building a sustainable reporting program now.

    There are many technologies available to support your ESG program plans. How do you choose the one that is right for your organization?

    Common Obstacles

    Knowing how to narrow down ESG efforts to material ESG issues for your organization.

    Understanding the key steps to build a sustainable ESG reporting program.

    Assessing and solving for data gaps and data quality issues.

    Being aware of the tools and best practices available to support regulatory and performance reporting.

    Info-Tech’s Approach

    Learn best-practice approaches to develop and adopt an ESG reporting program approach to suit your organization’s unique needs.

    Understand the key features, tooling options, and vendors in the ESG software market.

    Learn through analyst insights, case studies, and software reviews on best-practice approaches and tool options.

    Info-Tech Insight

    Implementing a robust reporting program takes time. Start early, remain focused, and plan to continually improve data quality and collection and performance metrics

    Putting “E,” “S,” and “G” in context

    Corporate sustainability depends on managing ESG factors well

    Environmental, social, and governance are the components of a sustainability framework that is used to understand and measure how an organization impacts or is affected by society as a whole.

    Human activities, particularly fossil fuel burning since the middle of the twentieth century, have increased greenhouse gas concentration, resulting in observable changes to the atmosphere, ocean, cryosphere, and biosphere. The “E” in ESG relates to the positive and negative impacts an organization may have on the environment, such as the energy it takes in and the waste it discharges.

    The “S” in ESG is the most ambiguous component in the framework, as social impact relates not only to risks but also to prosocial behavior. It’s the most difficult to measure but can have significant financial and reputational impact on corporations if material and poorly managed.

    The “G” in ESG is foundational to the realization of “S” and “E.” It encompasses how well an organization integrates these considerations into the business and how well the organization engages with key stakeholders, receives feedback, and is transparent with its intentions.

    A diagram that shows common examples of ESG issues.

    The impact of ESG factors on investment decisions

    Alleviate Investment Risk

    Organizational Reputation: Seventy-four percent of those surveyed were concerned that failing to improve their corporate ESG performance would negatively impact their organization’s branding and overall reputation in the market (Intelex, 2022).

    Ethical Business Compliance: Adherence to well-defined codes of business conduct and implementation of anti-corruption and anti-bribery practices is a great way to distinguish between organizations with good/poor governance intentions.

    Shifting Consumer Preferences: ESG metrics can also largely influence consumer preferences in buying behavior intentions. Research from McKinsey shows that “upward of 70 percent” of consumers surveyed on purchases in multiple industries said they would pay an additional 5 percent for a green product if it met the same performance standards as a nongreen alternative (McKinsey, 2019).

    Responsible Supply Chain Management: The successful alignment of ESG criteria with supply chain operations can lead to several benefits (e.g. producing more sustainable product offerings, maintaining constructive relationships with more sustainability-focused suppliers).

    Environmental Stewardship: The growing climate crisis has forced companies of all sizes to rethink how they plan their corporate environmental sustainability practices.

    Compliance With Regulatory Guidelines: An increasing emphasis on regulations surrounding ESG disclosure rates may result in some institutional investors taking a more proactive stance toward ESG-related initiatives.

    Sustaining Competitive Advantage: Given today’s globalized economy, many businesses are constantly confronted with environmental issues (e.g. water scarcity, air pollution) as well as social problems (e.g. workplace wellness issues). Thus, investment in ESG factors is simply a part of maintaining competitive advantage.

    Leaders increasingly see ESG as a competitive differentiator

    The perceived importance of ESG has dramatically increased from 2020 to 2023

    A diagram that shows the perceived importance of ESG in 2020 and 2023.

    In a survey commissioned by Schneider Electric, researchers categorized the relative importance of ESG planning initiatives for global IT business leaders. ESG was largely identified as a critical factor in sustaining competitive advantage against competitors and maintaining positive investor/public relations.
    Source: S&P Market Intelligence, 2020; N=825 IT decision makers

    “74% of finance leaders say investors increasingly use nonfinancial information in their decision-making.”
    Source: EY, 2020

    Regulatory pressure to report on carbon emission is building globally

    The Evolving Regulatory Landscape

    Canada

    • Canadian Securities Administrators (CSA) NI 51-107 Disclosure of Climate-related Matters

    United States

    • Securities and Exchange Commission (SEC) 33-11042 – The Enhancement and Standardization of Climate-Related Disclosures for Investors
    • SEC 33-11038 Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure
    • Nasdaq Board Diversity Rule (5605(f))

    Europe

    • European Commission Sustainable Finance Disclosure Regulation (SFDR)
    • European Commission EU Supply Chain Act
    • The German Supply Chain Act (GSCA)
    • Financial Conduct Authority UK Proposal (DP 21/4) Sustainability Disclosure Requirements and investment labels
    • UK Modern Slavery Act, 2015

    New Zealand

    • The Financial Sector (Climate-related Disclosures and Other Matters) Amendment Act 2021

    Accurate ESG reporting will be critical to meet regulatory requirements

    ESG reporting is the disclosure of environmental, social, and governance (ESG) data via qualitative and quantitative reports.

    It is how organizations make their sustainability commitments and strategies transparent to stakeholders.

    For investors it provides visibility into a company's ESG activities, enabling them to align investments to their values and avoid companies that cause damage to the environment or are offside on social and governance issues.

    Despite the growing practice of ESG reporting, reporting standards and frameworks are still evolving and the regulatory approach for climate-related disclosure is inconsistent across jurisdictions, making it challenging for organizations to develop a robust reporting program.

    “Environmental, social and governance (ESG) commitments are at the core a data problem.”

    Source: EY, 2022

    However, organizations will struggle to meet reporting requirements

    An image that shows 2 charts: How accurately can your organization report on the impact of its ESG Initiatives; and More specifically, if it was required to do so, how accurately could your organization report on its carbon footprint.

    Despite the commitment to support an ESG Initiative, less than a quarter of IT professionals say their organization can accurately report on the impact of its ESG initiatives, and 44% say their reporting on impacts is not accurate.

    Reporting accuracy was even worse for reporting on carbon footprint with 46% saying their organization could not report on its carbon footprint accurately. This despite most IT professionals saying they are working to support environmental mandates.

    Global sustainability rankings based on ESG dimensions

    Global Country Sustainability Ranking Map

    An image of Global Country Sustainability Ranking Map, with a score of 0 to 10.

    Country Sustainability Scores (CSR) as of October 2021
    Scores range from 1 (poor) to 10 (best)
    Source: Robeco, 2021

    ESG Performance Rankings From Select Countries

    Top ESG and sustainability performer

    Finland has ranked consistently as a leading sustainability performer in recent years. Finland's strongest ESG pillar is the environment, and its environmental ranking of 9.63/10 is the highest out of all 150 countries.

    Significant score deteriorations

    Brazil, France, and India are among the countries whose ESG score rankings have deteriorated significantly in the past three years.

    Increasing political tensions and risks as well as aftershock effects of the COVID-19 pandemic (e.g. high inequality and insufficient access to healthcare and education) have severely impacted Brazil’s performance across the governance and social pillars of the ESG framework, ultimately causing its overall ESG score to drop to a CSR value of 5.31.

    Largest gains and losses in ESG scores

    Canada has received worse scores for corruption, political risk, income inequality, and poverty over the past three years.

    Taiwan has seen its rankings improve in terms of overall ESG scores. Government effectiveness, innovation, a strong semiconductor manufacturing market presence, and stronger governance initiatives have been sufficient to compensate for a setback in income and economic inequality.

    Source: Robeco, 2021

    Establish a Sustainable Environmental, Social, and Governance (ESG) Reporting Program

    A diagram of establishing a sustainable ESG reporting program.

    Blueprint benefits

    Business Benefits

    • Clarity on technical and organizational gaps in the organization’s ability to deliver ESG reporting strategy.
    • Transparency on the breadth of the change program, internal capabilities needed, and accountable owners.
    • Reduced likelihood of liability.
    • Improved corporate performance and top-line growth.
    • Confidence that the organization is delivering high-quality, comprehensive ESG disclosure.

    IT Benefits

    • Understanding of IT’s role as strategic enabler for delivering high-quality ESG disclosure and sustainable corporate performance.
    • Transparency on primary data gaps and technology and tools needed to support the ESG reporting strategy.
    • Clear direction of material ESG risks and how to prioritize implementation efforts.
    • Awareness of tool selection options.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Photo of Executive Presentation.

    Key deliverable: Executive Presentation

    Leverage this presentation deck to improve corporate performance by implementing a holistic and proactive ESG reporting program.

    Photo of Workbook

    Workbook

    As you work through the activities, use this workbook to document decisions and rationale and to sketch your materiality map.

    Photo of Implementation Plan

    Implementation Plan

    Use this implementation plan to address organizational, technology, and tooling gaps.

    Photo of RFP Template

    RFP Template

    Leverage Info-Tech’s RFP Template to source vendors to fill technology gaps.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit
    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation
    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop
    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting
    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 8 to 12 calls over the course of 4 to 6 months.

    What does a typical GI on this topic look like?

    A diagram that shows Guided Implementation in 3 phases.

    Workshop Overview

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    Activities

    Determine Material ESG Factors

    1.1 Review ESG drivers.
    1.2 Identify key stakeholders and what drives their behavior.
    1.3 Discuss materiality frameworks options and select baseline model.
    1.4 Identify material risks and combine and categorize risks.
    1.5 Map material risks on materiality assessment map.

    Define Performance and Reporting Metrics

    2.1 Understand common program metrics for each ESG component.
    2.2 Consider and select program metrics.
    2.3 Discuss ESG risk metrics.
    2.4 Develop SMART metrics.
    2.5 Surface regulatory reporting obligations.

    Assess Data and Implementation Gaps

    3.1 Assess magnitude and prioritize data gaps.
    3.2 Discuss high-level implementation considerations and organizational gaps.

    Software and Tooling Options

    4.1 Review technology options.
    4.2 Brainstorm technology and tooling options and the feasibility of implementing.
    4.3 Prepare implementation plan.
    4.4 Draft ESG reporting program communication.
    4.5 Optional – Review software selection options.

    Next Steps and Wrap-Up (offsite)

    5.1 Complete in-progress deliverables from previous four days.
    5.2 Set up review time for workshop deliverables and to discuss next steps.

    Deliverables

    1. Customized list of key stakeholders and material ESG risks
    2. Materiality assessment map

    1. SMART metrics
    2. List of regulatory reporting obligations

    1. High-priority data gaps
    2. High-level implementation considerations

    1. Technology and tooling opportunities
    2. Implementation Plan
    3. ESG Reporting Communication

    1. ESG Reporting Workbook
    2. Implementation Plan

    Contact your account representative for more information.
    workshops@infotech.com
    1-888-670-8889

    Phase 1

    Explore ESG Reporting

    A diagram that shows phase 1 to 3 of establishing ESG reporting program.

    This phase will walk you through the following:

    • Define key stakeholders and material ESG factors.
    • Identify material ESG issues.
    • Develop SMART program metrics.
    • List reporting obligations.
    • Surface high-level data gaps.
    • Record high-level implementation considerations.

    This phase involves the following participants: CIO, CCO, CSO, business leaders, legal, marketing and communications, head of ESG reporting, and any dedicated ESG team members

    Practical steps for ESG disclosure

    Measuring and tracking incremental change among dimensions such as carbon emissions reporting, governance, and diversity, equity, and inclusion (DEI) requires organizations to acquire, analyze, and synthesize data from beyond their internal organizational ecosystems

    A diagram that shows 5 steps of identify, assess, implement, report & communicate, and monitor & improve.

    1.1 Ensure your reporting requirements are comprehensive

    A diagram of reporting lifecycle.

    This section will walk you through some key considerations for establishing your ESG reporting strategy. The first step in this process is to identify the scope of your reporting program.

    Defining the scope of your reporting program

    1. Stakeholder requirements: When developing a reporting program consider all your stakeholder needs as well as how they want to consume the information.
    2. Materiality assessment: Conduct a materiality assessment to identify the material ESG issues most critical to your organization. Organizations will need to report material risks to internal and external stakeholders.
    3. Purpose-driven goals: Your ESG reporting must include metrics to measure performance against your purpose-driven strategy.
    4. Regulatory requirements & industry: Work with your compliance and legal teams to understand which reporting requirements apply. Don’t forget requirements under the “S” and “G” components. Some jurisdictions require DEI reporting, and the Securities and Exchange Commission (SEC) in the US recently announced cybersecurity disclosure of board expertise and management oversight practices.

    Factor 1: Stakeholder requirements

    Work with key stakeholders to determine what to report

    A diagram that shows internal and external stakeholders.

    Evaluate your stakeholder landscape

    Consider each of these areas of the ESG Stakeholder Wheel and identify your stakeholders. Once stakeholders are identified, consider how the ESG factors might be perceived by delving into the ESG factors that matter to each stakeholder and what drives their behavior.

    A diagram of ESG impact, including materiality assessment, interviews, benchmark verses competitors, metrics and trend analysis.

    Determine ESG impact on stakeholders

    Review materiality assessment frameworks for your industry to surface ESG factors for your segment and stakeholder group(s).

    Perform research and analysis of the competition and stakeholder trends, patterns, and behavior

    Support your findings with stakeholder interviews.

    Stakeholders will prioritize ESG differently. Understanding their commitment is a critical success factor.

    Many of your stakeholders care about ESG commitments…

    27%: Support for social and environmental proposals at shareholder meetings of US companies rose to 27% in 2020 (up from 21% in 2017).
    Source: Sustainable Investments Institute, 2020.

    79%: of investors consider ESG risks and opportunities an important factor in investment decision making.
    Source: “Global Investor Survey,” PwC, 2021.

    ...Yet

    33%: of survey respondents cited that a lack of attention or support from senior leadership was one of the major barriers preventing their companies from making any progress on ESG issues.
    Source: “Consumer Intelligence Survey,” PwC, 2021.

    Info-Tech Insight

    To succeed with ESG reporting it is essential to understand who we hold ourselves accountable to and to focus ESG efforts in areas with the optimal balance between people, the planet, and profits

    Activity 1: Define stakeholders

    Input: Internal documentation (e.g. strategy, annual reports), ESG Stakeholder Wheel
    Output: List of key stakeholders and applicable ESG factors
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Chief Compliance Officer, Head of ESG Reporting, Business leaders

    2 hours

    1. Using the ESG Stakeholder Wheel as a baseline, consider the breadth of your organization’s value chain and write down all your stakeholders.
    2. Discuss what drives their behavior. Be as detailed as you can be. For example, if it’s a consumer, delve into their age group and the factors that may drive their behavior.
    3. List the ESG factors that may be important to each stakeholder.
    4. Write down the communication channels you expect to use to communicate ESG information to this stakeholder group.
    5. Rate the priority of this stakeholder to your organization.
    6. Record this information in ESG Reporting Workbook.
    7. Optional – consider testing the results with a targeted survey.

    Download the ESG Reporting Workbook

    Activity 1: Example

    An example of activity 1 (defining stakeholders)

    Factor 2: Materiality assessments

    Conduct a materiality assessment to inform company strategy and establish targets and metrics for risk and performance reporting

    The concept of materiality as it relates to ESG is the process of gaining different perspectives on ESG issues and risks that may have significant impact (both positive and negative) on or relevance to company performance.

    The objective of a materiality assessment is to identify material ESG issues most critical to your organization by looking at a broad range of social and environmental factors. Its purpose is to narrow strategic focus and enable an organization to assess the impact of financial and non-financial risks aggregately.

    It helps to make the case for ESG action and strategy, assess financial impact, get ahead of long-term risks, and inform communication strategies.

    Organizations can use assessment tools from Sustainalytics or GRI, SASB Standards, or guidance and benchmarking information from industry associations to help assess ESG risks .

    An image of materiality matrix to understand ESG exposure

    Info-Tech Insight

    The materiality assessment informs your risk management approach. Material ESG risks identified should be integrated into your organization’s risk reporting framework.

    Supplement your materiality assessment with stakeholder interviews

    A diagram that shows steps of stakeholder interviews.

    How you communicate the results of your ESG assessment may vary depending on whether you’re communicating to internal or external stakeholders and their communication delivery preferences.

    Using the results from your materiality assessment, narrow down your key stakeholders list. Enhance your strategy for disclosure and performance measurement through direct and indirect stakeholder engagement.

    Decide on the most suitable format to reach out to these stakeholders. Smaller groups lend themselves to interviews and forums, while surveys and questionnaires work well for larger groups.

    Develop relevant questions tailored to your company and the industry and geography you are in.

    Once you receive the results, decide how and when you will communicate them.

    Determine how they will be used to inform your strategy.

    Steps to determine material ESG factors

    Step 1

    Select framework

    A diagram of framework

    Review reporting frameworks and any industry guidance and select a baseline reporting framework to begin your materiality assessment.

    Step 2

    Begin to narrow down

    A diagram of narrowing down stakeholders

    Work with stakeholders to narrow down your list to a shortlist of high-priority material ESG issues.

    Step 3

    Consolidate and group

    A diagram of ESG grouping

    Group ESG issues under ESG components, your company’s strategic goals, or the UN’s Sustainable Development Goals.

    Step 4

    Rate the risks of ESG factors

    A diagram of rating the risks of ESG factors

    Assign an impact and likelihood scale for each risk and assign your risk threshold.

    Step 5

    Map

    A diagram of material map

    Use a material map framework such as GRI or SASB or Info-Tech’s materiality map to visualize your material ESG risks.

    Materiality assessment

    The materiality assessment is a strategic tool used to help identify, refine, and assess the numerous ESG issues in the context of your organization.

    There is no universally accepted approach to materiality assessments. Although the concept of materiality is often embedded within a reporting standard, your approach to conducting the materiality assessment does not need to link to a specific reporting standard. Rather, it can be used as a baseline to develop your own.

    To arrive at the appropriate outcome for your organization, careful consideration is needed to tailor the materiality assessment to meet your organization’s objectives.

    When defining the scope of your materiality assessment consider:

    • Your corporate ESG purpose and sustainability strategy
    • Your audience and what drives their behavior
    • The relevance of the ESG issues to your organization. Do they impact strategy? Increase risk?
    • The boundaries of your materiality assessment (e.g. regions or business departments, supply chains it will cover)
    • Whether you want to assess from a double materiality perspective

    A diagram of framework

    Consider your stakeholders and your industry when selecting your materiality assessment tool – this will ensure you provide relevant disclosure information to the stakeholders that need it.

    Double materiality is an extension of the financial concept of materiality and considers the broader impact of an organization on the world at large – particularly to people and climate.

    Prioritize and categorize

    A diagram of narrowing down stakeholders

    Using internal information (e.g. strategy, surveys) and external information (e.g. competitors, industry best practices), create a longlist of ESG issues.

    Discuss and narrow down the list. Be sure to consider opportunities – not just material risks!

    A diagram of ESG grouping

    Group the issues under ESG components or defined strategic goals for your organization. Another option is to use the UN’s Sustainable Development Goals to categorize.

    Differentiate ESG factors that you already measure and report.

    The benefit of clustering is that it shows related topics and how they may positively or negatively influence one another.

    Internal risk disclosure should not be overlooked

    Bank of America estimates ESG disputes have cost S&P companies more than $600 billion in market capitalization in the last seven years alone.

    ESG risks are good predictors of future risks and are therefore key inputs to ensure long-term corporate success.

    Regardless of the size of your organization, it’s important to build resilience against ESG risks.

    To protect an organization against an ESG incident and potential liability risk, ESG risks should be treated like any other risk type and incorporated into risk management and internal reporting practices, including climate scenario analysis.

    Some regulated entities will be required to meet climate-related financial disclosure expectations, and sound risk management practices will be prescribed through regulatory guidance. However, all organizations should instill sound risk practices.

    ESG risk management done right will help protect against ESG mishaps that can be expensive and damaging while demonstrating commitment to stakeholders that have influence over all corporate performance.

    Source: GreenBiz, 2022.

    A diagram of risk landscape.

    IT has a role to play to provide the underlying data and technology to support good risk decisions.

    Visualize your material risks

    Leverage industry frameworks or use Info-Tech’s materiality map to visualize your material ESG risks.

    GRI’s Materiality Matrix

    A photo of GRI’s Materiality Matrix

    SASB’s Materiality Map

    A photo of SASB’s Materiality Map

    Info-Tech’s Materiality Map

    A diagram of material map

    Activity 2: Materiality assessment

    Input: ESG corporate purpose or any current ESG metrics; Customer satisfaction or employee engagement surveys; Materiality assessment tools from SASB, Sustainalytics, GRI, or industry frameworks; Outputs from stakeholder outreach/surveys
    Output: Materiality map, a list of material ESG issues
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Chief Compliance Officer, Head of ESG Reporting, Business leaders, Participants from marketing and communications

    2-3 hour

    1. Begin by reviewing various materiality assessment frameworks to agree on a baseline framework. This will help to narrow down a list of topics that are relevant to your company and industry.
    2. As a group, discuss the potential impact and start listing material issues. At first the list will be long, but the group will work collectively to prioritize and consolidate the list.
    3. Begin to combine and categorize the results by aligning them to your ESG purpose and strategic pillars.
    4. Treat each ESG issue as a risk and map against the likelihood and impact of the risk.
    5. Map the topics on your materiality map. Most of the materiality assessment tools have materiality maps – you may choose to use their map.
    6. Record this information in the ESG Reporting Workbook.

    Download the ESG Reporting Workbook

    Case Study: Novartis

    Logo of Novartis

    • INDUSTRY: Pharmaceuticals
    • SOURCE: Novartis, 2022

    Novartis, a leading global healthcare company based in Switzerland, stands out as a leader in providing medical consultancy services to address the evolving needs of patients worldwide. As such, its purpose is to use science and technologically innovative solutions to address some of society’s most debilitating, challenging, and ethically significant healthcare issues.

    The application of Novartis’ materiality assessment process in understanding critical ESG topics important to their shareholders, stakeholder groups, and society at large enables the company to better quantify references to its ESG sustainability metrics.

    Novartis applies its materiality assessment process to better understand relevant issues affecting its underlying business operations across its entire value chain. Overall, employing Novartis’s materiality assessment process helps the company to better manage its societal, environmental, and economic impacts, thus engaging in more socially responsible governance practices.

    Novartis’ materiality assessment is a multitiered process that includes three major elements:

    1. Identifying key stakeholders, which involves a holistic analysis of internal colleagues and external stakeholders.
    2. Collecting quantitative feedback and asking relevant stakeholders to rank a set of issues (e.g. climate change governance, workplace culture, occupational health and safety) and rate how well Novartis performs across each of those identified issues.
    3. Eliciting qualitative insights by coordinating interviews and workshops with survey participants to better understand why the issues brought up during survey sessions were perceived as important.

    Results

    In 2021, Novartis had completed its most recent materiality assessment. From this engagement, both internal and external stakeholders had ranked as important eight clusters that Novartis is impacting on from an economic, societal, and environmental standpoint. The top four clusters were patient health and safety, access to healthcare, innovation, and ethical business practices.

    Factor 3: ESG program goals

    Incorporate ESG performance metrics that support your ESG strategy

    Another benefit of the materiality assessment is that it helps to make the case for ESG action and provides key information for developing a purpose-led strategy.

    An internal ESG strategy should drive toward company-specific goals such as green-house gas emission targets, use of carbon neutral technologies, focus on reusable products, or investment in DEI programs.

    Most organizations focus on incremental goals of reducing negative impacts to existing operations or improving the value to existing stakeholders rather than transformative goals.

    Yet, a strategy that is authentic and aligned with key stakeholders and long-term goals will bring sustainable value.

    The strategy must be supported by an accountability and performance measurement framework such as SMART metrics.

    A fulsome reporting strategy should include performance metrics

    A photo of SMART metrics: Specific, Measurable, Actionable, Realistic, Time-bound.

    Activity 3: SMART metrics

    Input: ESG corporate purpose or any current ESG metrics, Outputs from activities 1 and 2, Internally defined metrics (i.e. risk metrics or internal reporting requirements)
    Output: SMART metrics
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Chief Compliance Officer, Chief Risk officer/Risk leaders, Head of ESG Reporting, Business leaders, Participants from marketing and communications

    1-2 hours

    1. Document a list of appropriate metrics to assess the success of your ESG program.
    2. Use the sample metrics listed in the table on the next slide as a starting point.
    3. Fill in the chart to indicate the:
      1. Name of the success metric
      2. Method for measuring success
      3. Baseline measurement
      4. Target measurement
      5. Actual measurements at various points throughout the process of improving the risk management program
      6. A deadline for each metric to meet the target measurement
    4. Record this information in the ESG Reporting Workbook.

    Download the ESG Reporting Workbook

    Sample ESG metrics

    Leverage industry resources to help define applicable metrics

    Environmental

    • Greenhouse gas emissions – total corporate
    • Carbon footprint – percent emitted and trend
    • Percentage of air and water pollution
    • Renewable energy share per facility
    • Percentage of recycled material in a product
    • Ratio of energy saved to actual use
    • Waste creation by weight
    • Circular transition indicators

    Social

    • Rates of injury
    • Lost time incident rate
    • Proportion of spend on local suppliers
    • Entry-level wage vs. local minimum wage
    • Percentage of management who identify with specific identity groups (i.e. gender and ethnic diversity)
    • Percentage of suppliers screened for accordance to ESG vs. total number of suppliers
    • Consumer responsiveness

    Governance

    • Annual CEO compensation compared to median
    • Percentage of employees trained in conflict-of-interest policy
    • Number of data breaches using personally identifiable information (PII)
    • Number of incidents relating to management corruption
    • Percentage of risks with mitigation plans in place

    Activity 3: Develop SMART project metrics

    1-3 hours

    Attach metrics to your goals to gauge the success of the ESG program.

    Sample Metrics

    An image of sample metrics

    Factor 4: Regulatory reporting obligations

    Identify your reporting obligations

    High-level overview of reporting requirements:

    An image of high-level reporting requirements in Canada, the United Kingdom, Europe, and the US.

    Refer to your legal and compliance team for the most up-to-date and comprehensive requirements.

    The focus of regulators is to move to mandatory reporting of material climate-related financial information.

    There is some alignment to the TCFD* framework, but there is a lack of standardization in terms of scope across jurisdictions.
    *TCFD is the Task Force on Climate-Related Financial Disclosures.

    Activity 4: Regulatory obligations

    Input: Corporate strategy documents; Compliance registry or internal governance, risk, and compliance (GRC) tool
    Output: A list of regulatory obligations
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Chief Compliance Officer, Chief Legal Officer, Head of ESG Reporting, Business leaders

    1-2 hours

    1. Begin by listing the jurisdictions in which you operate or plan to operate.
    2. For each jurisdiction, list any known current or future regulatory requirements. Consider all ESG components.
    3. Log whether the requirements are mandatory or voluntary and the deadline to report.
    4. Write any details about reporting framework; for example, if a reporting framework such as TCFD is prescribed.
    5. Record this information in the ESG Reporting Workbook.

    Download the ESG Reporting Workbook

    1.2 Assess impact and weigh options

    A diagram of reporting lifecycle.

    Once the scope of your ESG reporting framework has been identified, further assessment is needed to determine program direction and to understand and respond to organizational impact.

    Key factors for further assessment and decisions include

    1. Reporting framework options. Consider mandated reporting frameworks and any industry standards when deciding your baseline reporting framework. Strive to have a common reporting methodology that serves all your reporting needs: regulatory, corporate, shareholders, risk reporting, etc.
    2. Perform gap analysis. The gap analysis will reveal areas where data may need to be sourced or where tools or external assistance may be needed to help deliver your reporting strategy.
    3. Organizational impact and readiness. The gap analysis will help to determine whether your current operating model can support the reporting program or whether additional resources, tools, or infrastructure will be needed.

    1.2.1 Decide on baseline reporting framework

    1. Determine the appropriate reporting framework for your organization

    Reporting standards are available to enable relevant, high-quality, and comparable information. It’s the job of the reporting entity to decide on the most suitable framework for their organization.

    The most established standard for sustainability reporting is the Global Reporting Initiative (GRI), which has supported sustainability reporting for over 20 years.

    The Task Force on Climate-Related Financial Disclosures (TCFD) was created by the Financial Stability Board to align ESG disclosure with financial reporting. Many global regulators support this framework.

    The International Sustainability Standards Board (ISSB) is developing high-quality, understandable, and enforceable global standards using the Sustainability Accounting Standards Board (SASB) as a baseline. It is good practice to use SASB Standards until the ISSB standards are available.

    2. Decide which rating agencies you will use and why they are important

    ESG ratings are provided by third-party agencies and are increasingly being used for financing and transparency to investors. ESG ratings provide both qualitative and quantitative information.

    However, there are multiple providers, so organizations need to consider which ones are the most important and how many they want to use.

    Some of the most popular rating agencies include Sustainalytics, MSCI, Bloomberg, Moody's, S&P Global, and CDP.

    Reference Appendix Below

    1.2.2 Determine data gaps

    The ESG reporting mandate is built on the assumption of consistent, good-quality data

    To meet ESG objectives, corporations are challenged with collecting non-financial data from across functional business and geographical locations and from their supplier base and supply chains.

    One of the biggest impediments to ESG implementation is the lack of high-quality data and of mature processes and tools to support data collection.

    An important step for delivering reporting requirements is to perform a gap analysis early on to surface gaps in the primary data needed to deliver your reporting strategy.

    The output of this exercise will also inform and help prioritize implementation, as it may show that new data sets need to be sourced or tools purchased to collect and aggregate data.

    Conduct a gap analysis to determine gaps in primary data

    A diagram of gap analysis to determine gaps in primary data.

    Activity 5: Gap analysis

    Input: Business (ESG) strategy, Data inventory (if exists), Output from Activity 1: Key stakeholders, Output from Activity 2: Materiality map, Output of Activity 3: SMART metrics, Output of Activity 4: Regulatory obligations
    Output: List of high-priority data gaps
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Chief Compliance Officer, Chief Legal Officer, Head of ESG Reporting, Business leaders, Data analysts

    1-3 hours

    1. Using the outputs from activities 1-4, list your organization’s ESG issues in order of priority. You may choose to develop your priority list by stakeholder group or by material risks.
    2. List any defined SMART metric from Activity 3.
    3. Evaluate data availability and quality of the data (if existing) as well as any impediments to sourcing the data.
    4. Make note if this is a common datapoint, i.e. would you disclose this data in more than one report?
    5. Record this information in the ESG Reporting Workbook.

    Download the ESG Reporting Workbook

    1.3 Take a holistic implementation approach

    Currently, 84 percent of businesses don’t integrate their ESG performance with financial and risk management reporting.

    Source: “2023 Canadian ESG Reporting Insights,” PwC.

    A diagram of reporting lifecycle.

    When implementing an ESG reporting framework, it is important not to implement in silos but to take a strategic approach that considers the evolving nature of ESG and the link to value creation and sound decision making.

    Key implementation considerations include

    1. Setting clear metrics and targets. Key performance indicators (KPIs) and key risk indicators (KRIs) are used to measure ESG factor performance. It’s essential that they are relevant and are constructed using high-quality data. Your performance metrics should be continually assessed and adapted as your ESG program evolves.
    2. Data challenges. Without good-quality data it is impossible to accurately measure ESG performance, generate actionable insights on ESG performance and risk, and provide informative metrics to investors and other stakeholders. Design your data model to be flexible and digital where possible to enable data interoperability.
    3. Architectural approach. IT will play a key role in the design of your reporting framework, including the decision on whether to build, buy, or deliver a hybrid solution. Every organization will build their reporting program to suit their unique needs; however, taking a holistic and proactive approach will support and sustain your strategy long term.

    1.3.1 Metrics and targets for climate-related disclosure

    “The future of sustainability reporting is digital – and tagged.”
    Source: “XBRL Is Coming,” Novisto, 2022.

    In the last few years, global regulators have proposed or effected legislation requiring public companies to disclose climate-related information.

    Yet according to Info-Tech’s 2023 Trends and Priorities survey, most IT professionals expect to support environmental mandates but are not prepared to accurately report on their organization’s carbon footprint.

    IT groups have a critical role to play in helping organizations develop strategic plans to meet ESG goals, measure performance, monitor risks, and deliver on disclosure requirements.

    To future-proof your reporting structure, your data should be readable by humans and machines.

    eXtensible Business Reporting Language (XBRL) tagging is mandated in several jurisdictions for financial reporting, and several reporting frameworks are adopting XBRL for sustainability reporting so that non-financial and financial disclosure frameworks are aligned.

    Example environmental metrics

    • Amount of scope 1, 2, or 3 GHG emissions
    • Total energy consumption
    • Total water consumption
    • Progress toward net zero emission
    • Percentage of recycled material in a product

    1.3.1 Metrics and targets for social disclosure

    “59% of businesses only talk about their positive performance, missing opportunities to build trust with stakeholders through balanced and verifiable ESG reporting.”
    Source: “2023 Canadian ESG Reporting Insights,” PwC.

    To date, regulatory focus has been on climate-related disclosure, although we are beginning to see signals in Europe and the UK that they are turning their attention to social issues.

    Social reporting focuses on the socioeconomic impacts of an organization’s initiatives or activities on society (indirect or direct).

    The “social” component of ESG can be the most difficult to quantify, but if left unmonitored it can leave your organization open to litigation from consumers, employees, and activists.

    Although organizations have been disclosing mandated metrics such as occupational health and safety and non-mandated activities such as community involvement for years, the scope of reporting is typically narrow and hard to measure in financial terms.

    This is now changing with the recognition by companies of the value of social reporting to brand image, traceability, and overall corporate performance.

    Example social metrics

    • Rate of injury
    • Lost time incident rate
    • Proportion of spend on local suppliers
    • Entry-level wage versus local minimum wage
    • Percentage of management within specific identity groups (i.e. gender and ethnic diversity)
    • Number of workers impacted by discrimination

    Case Study: McDonald’s Corporation (MCD)

    Logo of McDonald’s

    • INDUSTRY: Food service retailer
    • SOURCE: RBC Capital Markets, 2021; McDonald’s, 2019

    McDonald’s Corporation is the leading global food service retailer. Its purpose is not only providing burgers to dinner tables around the world but also serving its communities, customers, crew, farmers, franchisees, and suppliers alike. As such, not only is the company committed to having a positive impact on communities and in maintaining the growth and success of the McDonald's system, but it is also committed to conducting its business operations in a way that is mindful of its ESG commitments.

    An image of McDonald’s Better Together

    McDonald’s Better Together: Gender Balance & Diversity strategy and Women in Tech initiative

    In 2019, MCD launched its Better Together: Gender Balance & Diversity strategy as part of a commitment to improving the representation and visibility of women at all levels of the corporate structure by 2023.

    In conjunction with the Better Together strategy, MCD piloted a “Women in Tech” initiative through its education and tuition assistance program, Archways to Opportunity. The initiative enabled women from company-owned restaurants and participating franchisee restaurants to learn skills in areas such as data science, cybersecurity, artificial intelligence. MCD partnered with Microsoft and Colorado Technical University to carry out the initiative (McDonald’s, 2019).

    Both initiatives directly correlate to the “S” of the ESG framework, as the benefits of gender-diverse leadership continue to be paramount in assessing the core strengths of a company’s overreaching ESG portfolio. Hence, public companies will continue to face pressure from investors to act in accordance with these social initiatives.

    Results

    MCD’s Better Together and Women in Tech programs ultimately helped improve recruitment and retention rates among its female employee base. After the initialization of the gender balance and diversification strategy, McDonald’s signed on to the UN Women’s Empowerment Principles to help accelerate global efforts in addressing the gender disparity problem.

    1.3.1 Metrics and targets for governance disclosure

    Do not lose sight of regulatory requirements

    Strong governance is foundational element of a ESG program, yet governance reporting is nascent and is often embedded in umbrella legislation pertaining to a particular risk factor.

    A good example of this is the recent proposal by the Securities and Exchange Commission in the US (CFR Parts 229, 232, 239, 240, and 249, Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure), which will require public companies to:

    • Disclosure of board oversight of cyber risk.
    • Disclose management’s role in managing and accessing cybersecurity-related risks.

    The "G” component includes more than traditional governance factors and acts as a catch-all for other important ESG factors such as fraud, cybersecurity, and data hygiene. Make sure you understand how risk may manifest in your organization and put safeguards in place.

    Example governance metrics

    • Annual CEO compensation compared to median
    • Percentage of employees trained in conflict-of-interest policy
    • Completed number of supplier assessments
    • Number of data breaches using PII
    • Number of material cybersecurity breaches

    Info-Tech Insight

    The "G" in ESG may not be capturing the limelight under ESG legislation yet, but there are key governance factors that are that are under regulatory radar, including data, cybersecurity, fraud, and DEI. Be sure you stay on top of these issues and include performance metrics into your internal and external reporting frameworks.

    1.3.2 Conquering data management challenges

    48% of investment decision makers, including 58% of institutional investors, say companies’ self-reported ESG performance data is “much more important” than companies’ conventional financial data when informing their investment decisions (Benchmark ESG, 2021).

    Due to the nascent nature of climate-related reporting, data challenges such as the availability, usability, comparability, and workflow integration surface early in the ESG program journey when sourcing and organizing data:

    • It is challenging to collect non-financial data across functional business and geographical locations and from supplier base and supply chains.
    • The lack of common standards leads to comparability challenges, hindering confidence in the outputs.

    In addition to good, reliable inputs, organizations need to have the infrastructure to access new data sets and convert raw data into actionable insights.

    The establishment of data model and workflow processes to track data lineage is essential to support an ESG program. To be successful, it is critical that flexibility, scalability, and transparency exist in the architectural design. Data architecture must scale to capture rapidly growing volumes of unstructured raw data with the associated file formats.

    A photo of conceptual model for data lineage.

    Download Info-Tech’s Create and Manage Enterprise Data Models blueprint

    1.3.3 Reporting architecture

    CIOs play an important part in formulating the agenda and discourse surrounding baseline ESG reporting initiatives

    Building and operating an ESG program requires the execution of a large number of complex tasks.

    IT leaders have an important role to play in selecting the right technology approach to support a long-term strategy that will sustain and grow corporate performance.

    The decision to buy a vendor solution or build capabilities in-house will largely depend on your organization’s ESG ambitions and the maturity of in-house business and IT capabilities.

    For large, heavily regulated entities an integrated platform for ESG reporting can provide organizations with improved risk management and internal controls.

    Example considerations when deciding to meet ESG reporting obligations in-house

    • Size and type of organization
    • Extent of regulatory requirements and scrutiny
    • The amount of data you want to report
    • Current maturity of data architecture, particularly your ability to scale
    • Current maturity of your risk and control program – how easy is it to enhance current processes?
    • The availability and quality of primary data
    • Data set gaps
    • In-house expertise in data, model risk, and change management
    • Current operating model – is it siloed or integrated?
    • Implementation time
    • Program cost
    • The availability of vendor solutions that may address gaps

    Info-Tech Insight

    Executive leadership should take a more holistic and proactive stance to not only accurately reporting upon baseline corporate financial metrics but also capturing and disclosing relevant ESG performance metrics to drive alternative streams of valuation across their respective organizational environments.

    Activity 6: High-level implementation considerations

    Input: Business (ESG) strategy, Data inventory (if exists), Asset inventory (if exists), Output from Activity 5
    Output: Summary of high-level implementation considerations
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Head of ESG Reporting, Business leaders, Data analysts, Data and IT architect/leaders,

    2-3 hours

    1. Review the implementation considerations on the previous slide to help determine the appropriate technology approach.
    2. For each implementation consideration, describe the current state.
    3. Discuss and draft the implications of reaching the desired future state by listing implications and organizational gaps.
    4. Discuss as a group if there is an obvious implementation approach.
    5. At this point, further analysis may be needed. Form a subcommittee or assign a leader to conduct further analysis.
    6. Record this information in the ESG Reporting Workbook.

    Download the ESG Reporting Workbook

    1.3.4 Ensure your implementation team has a high degree of trust and communication

    If external partners are needed, dedicate an internal resource to managing the vendor and partner relationships.

    Communication: Teams must have some type of communication strategy. This can be broken into:

    • Regularity: Having a set time each day to communicate progress and a set day to conduct retrospectives.
    • Ceremonies: Injecting awards and continually emphasizing delivery of value to encourage relationship building and constructive motivation.
    • Escalation: Voicing any concerns and having someone responsible for addressing those concerns.

    Proximity: Distributed teams create complexity as communication can break down. This can be mitigated by:

    • Location: Placing teams in proximity to close the barrier of geographical distance and time zone differences.
    • Inclusion: Making a deliberate attempt to pull remote team members into discussions and ceremonies.
    • Communication tools: Having the right technology (e.g. videoconference) to help bring teams closer together virtually.

    Trust: Members should trust other members are contributing to the project and completing their required tasks on time. Trust can be developed and maintained by:

    • Accountability: Having frequent quality reviews and feedback sessions. As work becomes more transparent, people become more accountable.
    • Role clarity: Having a clear definition of what everyone’s role is.

    1.4 Clear effective communication

    Improving investor transparency is one of the key drivers behind disclosure, so making the data easy to find and consumable is essential

    A diagram of reporting lifecycle.

    Your communication of ESG performance is intricately linked to corporate value creation. When designing your communications strategy, consider:

    • Your message – make it authentic and tell a consistent story.
    • How data will be used to support the narrative.
    • How your ESG program may impact internal and external programs and build a communication strategy that is fit for purpose. Example programs are:
      • Employee recruitment
      • New product rollout
      • New customer campaign
    • The design of the communication and how well it suits the audience. Communications may take the form of campaigns, thought leadership, infographics, etc.
    • The appropriateness of communication channels to your various audiences and the messages you want to convey. For example, social media, direct outreach, shareholder circular, etc.

    1.5 Continually evaluate

    A diagram of reporting lifecycle.

    A recent BDC survey of 121 large companies and public-sector buyers found that 82% require some disclosure from their suppliers on ESG, and that's expected to grow to 92% by 2024.
    Source: BDC, 2023

    ESG's link to corporate performance means that organizations must stay on top of ESG issues that may impact the long-term sustainability of their business.

    ESG components will continue to evolve, and as they do so will stakeholder views. It is important to continually survey your stakeholders to ensure you are optimally managing ESG risks and opportunities.

    To keep ESG on the strategy agenda, we recommend that organizations:

    • Appoint a chief sustainability officer (CSO) with a seat on executive leadership committees.
    • Embed ESG into existing governance and form a tactical ESG working group committee.
    • Ensure ESG risks are integrated into the enterprise risk management program.
    • Continually challenge your ESG strategy.
    • Regularly review risks and opportunities through proactive outreach to stakeholders.

    Download The ESG Imperative and Its Impact on Organizations

    Phase 2

    Streamline Requirements and Tool Selection

    A diagram that shows phase 1 to 3 of establishing ESG reporting program.

    This phase will walk you through the following activities:

    • Assess technology and tooling opportunities.
    • Prepare ESG reporting implementation plan.
    • Write ESG reporting presentation document.

    This phase involves the following participants: CIO, CCO, CSO, EA, IT application and data leaders, procurement, business leaders, marketing and communications, head of ESG reporting, and any dedicated ESG team members

    2.1 Streamline your requirements and tool section

    Spend the time up front to enable success and meet expectations

    Before sourcing any technology, it’s important to have a good understanding of your requirements.

    Key elements to consider:

    1. ESG reporting scope. Large enterprises will have more complex workflow requirements, but they also will have larger teams to potentially manage in-house. Smaller organizations will need easy-to-use, low-cost solutions.
    2. Industry and value chain. Look for industry-specific solutions, as they will be more tailored to your needs and will enable you to be up and running quicker.
    3. Coverage. Ensure the tool has adequate regulatory coverage to meet your current and future needs.
    4. Gap in functionality. Be clear on the problem you are trying to solve and/or the gap in workflow. Refer to the reporting lifecycle and be clear on your needs before sourcing technology.
    5. Resourcing. Factor in capacity during and after implementation and negotiate the appropriate support.

    Industry perspective

    The importance of ESG is something that will need to be considered for most, if not every decision in the future, and having reliable and available information is essential. While the industry will continue to see investment and innovation that drives operational efficiency and productivity, we will also see strong ESG themes in these emerging technologies to ensure they support both sustainable and socially responsible operations.

    With the breadth of technology Datamine already has addressing the ESG needs for the mining industry combined with our new technology, our customers can make effective and timely decisions through incorporating ESG data into their planning and scheduling activities to meet customer demands, while staying within the confines of their chosen ESG targets.

    Photo of Chris Parry

    Chris Parry
    VP of ESG, Datamine

    Photo of Datamine Photo of isystain

    Activity 7: Brainstorm tooling options

    Use the technology feature list below to identify areas along the ESG workflow where automated tools or third-party solutions may create efficiencies

    Technological Solutions Feature Bucket

    Basic Feature Description

    Advanced Feature Description

    Natural language processing (NLP) tools

    Ability to use NLP tools to track and monitor sentiment data from news and social media outlets.

    Leveraging NLP toolsets can provide organizations granular insights into workplace sentiment levels, which is a core component of any ESG strategy. A recent study by MarketPsych, a company that uses NLP technologies to analyze sentiment data from news and social media feeds, linked stock price performance to workplace sentiment levels.

    Distributed ledger technologies (DLTs)

    DLTs can help ensure greater reporting transparency, in line with stringent regulatory reporting requirements.

    DLT as an ESG enabler, with advanced capabilities such as an option to provide demand response services linked to electricity usage and supply forecasting.

    Cloud-based data management and reporting systems

    Cloud-based data management and reporting can support ESG initiatives by providing increased reporting transparency and a better understanding of diverse social and environmental risks.

    Leverage newfound toolsets such as Microsoft Cloud for Sustainability – a SaaS offering that enables organizations to seamlessly record, report, and reduce their emissions on a path toward net zero.

    IoT technologies

    Integration of IoT devices can help enhance the integrity of ESG reporting through the collection of descriptive and accurate ESG metrics (e.g. energy efficiency, indoor air quality, water quality and usage).

    Advanced management of real-time occupancy monitoring: for example, the ability to reduce energy consumption rates by ensuring energy is only used when spaces and individual cubicles are occupied.

    2.2 Vendors tools and technologies to support ESG reporting

    In a recent survey of over 1,000 global public- and private-sector leaders, 87% said they see AI as a helpful tool to fight climate change.
    Source: Boston Consulting Group

    Technology providers are part of the solution and can be leveraged to collect, analyze, disclose, track, and report on the vast amount of data.

    Increasingly organizations are using artificial intelligence to build climate resiliency:

    • AI is useful for the predictive modelling of potential climate events due to its ability to gather and analyze and synthesize large complete data sets.

    And protect organizations from vulnerabilities:

    • AI can be used to identify and assess vulnerabilities that may lead to business disruption or risks in production or the supply chain.

    A diagram of tooling, including DLT, natural language processing, cloud-based data management and IoT.

    2.3 ESG reporting software selection

    What Is ESG Reporting Software?

    Our definition: ESG reporting software helps organizations improve the transparency and accountability of their ESG program and track, measure, and report their sustainability efforts.

    Key considerations for reporting software selection:

    • While there are boutique ESG vendors in the market, organizations with existing GRC tools may first want to discuss ESG coverage with their existing vendor as it will enable better integration.
    • Ensure that the vendors you are evaluating support the requirements and regulations in your region, industry, and geography. Regulation is moving quickly – functionality needs to be available now and not just on the roadmap.
    • Determine the level of software integration support you need before meeting with vendors and ensure they will be able to provide it – when you need it!

    Adoption of ESG reporting software has historically been low, but these tools will become critical as organizations strive to meet increasing ESG reporting requirements.

    In a recent ESG planning and performance survey conducted by ESG SaaS company Diligent Corporation, it was found that over half of all organizations surveyed do not publish ESG metrics of any kind, and only 9% of participants are actively using software that supports ESG data collection, analysis, and reporting.

    Source: Diligent, 2021.

    2.3.1 Elicit and prioritize granular requirements for your ESG reporting software

    Understanding business needs through requirements gathering is the key to defining everything about what is being purchased. However, it is an area where people often make critical mistakes.

    Poorly scoped requirements

    Fail to be comprehensive and miss certain areas of scope.

    Focus on how the solution should work instead of what it must accomplish.

    Have multiple levels of detail within the requirements that are inconsistent and confusing.

    Drill all the way down into system-level detail.

    Add unnecessary constraints based on what is done today rather than focusing on what is needed for tomorrow.

    Omit constraints or preferences that buyers think are obvious.

    Best practices

    Get a clear understanding of what the system needs to do and what it is expected to produce.

    Test against the principle of MECE – requirements should be “mutually exclusive and collectively exhaustive.”

    Explicitly state the obvious and assume nothing.

    Investigate what is sold on the market and how it is sold. Use language that is consistent with that of the market and focus on key differentiators – not table stakes.

    Contain the appropriate level of detail – the level should be suitable for procurement and sufficient for differentiating vendors.

    Download Info-Tech's Improve Requirements Gathering blueprint

    2.3.1 Identify critical and nice-to-have features

    Central Data Repository: Collection of stored data from existing databases merged into one location that can then be shared, analyzed, or updated.

    Automatic Data Collection: Ability to automate data flows, collect responses from multiple sources at specified intervals, and check them against acceptance criteria.

    Automatic KPI Calculations, Conversions, and Updates: Company-specific metrics can be automatically calculated, converted, and tracked.

    Built-In Indicator Catalogs and Benchmarking: Provides common recognized frameworks or can integrate a catalog of ESG indicators.

    Custom Reporting: Ability to create reports on company emissions, energy, and asset data in company-branded templates.

    User-Based Access and Permissions: Ability to control access to specific content or data sets based on the end user’s roles.

    Real-Time Capabilities: Ability to analyze and visualize data as soon as it becomes available in underlying systems.

    Version Control: Tracking of document versions with each iteration of document changes.

    Intelligent Alerts and Notifications: Ability to create, manage, send, and receive notifications, enhancing efficiency and productivity.

    Audit Trail: View all previous activity including any recent edits and user access.

    Encrypted File Storage and Transfer: Ability to encrypt a file before transmitting it over the network to hide content from being viewed or extracted.

    Activity 7: Technology and tooling options

    Input: Business (ESG) strategy, Data inventory (if exists), Asset inventory (if exists), Output from Activity 5, Output from Activity 6,
    Output: List of tooling options
    Materials: Whiteboard/flip charts, ESG Reporting Workbook
    Participants: Chief Sustainability Officer, Head of ESG Reporting, Business leaders, Data analysts, Data and IT architect/leaders

    1-2 hours

    1. Begin by listing key requirements and features for your ESG reporting program.
    2. Use the outputs from activities 5 and 6 and the technology feature list on the previous slide to help brainstorm technology and tooling options.
    3. Discuss the availability and readiness of each option. Note that regulatory requirements will have an effective date that will impact the time to market for introducing new tooling.
    4. Discuss and assign a priority.
    5. At this point, further analysis may be needed. Form a subcommittee or assign a leader to conduct further analysis.
    6. Record this information in the ESG Reporting Workbook.

    Download the ESG Reporting Workbook

    Activity 8: Implementation plan

    Input: Business (ESG) strategy, Output from Activity 5, Output from Activity 6, Output from Activity 7
    Output: ESG Reporting Implementation Plan
    Materials: Whiteboard/flip charts, ESG Reporting Implementation Plan Template
    Participants: Chief Sustainability Officer, Head of ESG Reporting, Business leaders, Data analysts, PMO, Data and IT architect/leaders

    1-2 hours

    1. Use the outputs from activities 5 to 7 and list required implementation tasks. Set a priority for each task.
    2. Assign the accountable owner as well as the group responsible. Larger organizations and large, complex change programs will have a group of owners.
    3. Track any dependencies and ensure the project timeline aligns.
    4. Add status as well as start and end dates.
    5. Complete in the ESG Reporting Implementation Plan Template.

    Download the ESG Reporting Implementation Plan Template

    Activity 9: Internal communication

    Input: Business (ESG) strategy, ESG Reporting Workbook, ESG reporting implementation plan
    Output: ESG Reporting Presentation Template
    Materials: Whiteboard/flip charts, ESG Reporting Presentation Template, Internal communication templates
    Participants: Chief Sustainability Officer, Head of Marketing/ Communications, Business leaders, PMO

    1-2 hours

    Since a purpose-driven ESG program presents a significant change in how organizations operate, the goals and intentions need to be understood throughout the organization. Once you have developed your ESG reporting strategy it is important that it is communicated, understood, and accepted. Use the ESG Reporting Presentation Template as a guide to deliver your story.

    1. Consider your audience and discuss and agree on the key elements you want to convey.
    2. Prepare the presentation.
    3. Test the presentation with smaller group before communicating to senior leadership/board

    Download the ESG Reporting Presentation Template

    Phase 3

    Select ESG Reporting Software

    A diagram that shows phase 1 to 3 of establishing ESG reporting program.

    This phase will provide additional material on Info-Tech’s expertise in the following areas:

    • Info-Tech’s approach to RFPs
    • Info-Tech tools for software selection
    • Example ESG software assessments

    3.1 Leverage Info-Tech’s expertise

    Develop an inclusive and thorough approach to the RFP process

    An image that a process of 7 steps.

    The Info-Tech difference:

    1. The secret to managing an RFP is to make it as manageable and as thorough as possible. The RFP process should be like any other aspect of business – with a standard process in place, you are better able to handle whatever comes your way, because you know the steps you need to follow to produce a top-notch RFP.
    2. The business then identifies the need for more information about a product/service or determines that a purchase is required.
    3. A team of stakeholders from each area impacted gather all business, technical, legal, and risk requirements. What are the expectations of the vendor relationship post-RFP? How will the vendors be evaluated?
    4. Based on predetermined requirements, either an RFI or an RFP is issued to vendors with a due date.

    Info-Tech Insight

    Review Info-Tech’s process and understand how you can prevent your organization from leaking negotiation leverage while preventing vendors from taking control of your RFP.

    Software Selection Engagement

    5 Advisory Calls Over a 5-Week Period to Accelerate Your Selection Process

    Expert Analyst Guidance over5 weeks on average to select and negotiate software.

    Save Money, Align Stakeholders, Speed Up the Process & make better decisions.

    Use a Repeatable, Formal Methodology to improve your application selection process.

    Better, Faster Results, guaranteed, included in membership.

    A diagram of selection engagement over a 5-week period.

    CLICK HERE to Book Your Selection Engagement

    Leverage the Contract Review Service to level the playing field with your shortlisted vendors

    You may be faced with multiple products, services, master service agreements, licensing models, service agreements, and more.

    Use the Contract Review Service to gain insights on your agreements.

    Consider the aspects of a contract review:

    1. Are all key terms included?
    2. Are they applicable to your business?
    3. Can you trust that results will be delivered?
    4. What questions should you be asking from an IT perspective?

    Validate that a contract meets IT’s and the business’ needs by looking beyond the legal terminology. Use a practical set of questions, rules, and guidance to improve your value for dollar spent.

    A photo of Contract Review Service.

    Click here to book The Contract Review Service

    Download blueprint Master Contract Review and Negotiation for Software Agreements

    3.2 Vendor spotlight assessments

    See above for a vendor landscape overview of key ESG reporting software providers

    The purpose of this section is to showcase various vendors and companies that provide software solutions to help users manage and prioritize their ESG reporting initiatives.

    This section showcases the core capabilities of each software platform to provide Info-Tech members with industry insights regarding some of the key service providers that operate within the ESG vendor market landscape.

    Info-Tech members who are concerned with risks stemming from the inability to sort and disseminate unstructured ESG data reporting metrics or interested in learning more about software offerings that can help automate the data collection, processing, and management of ESG metrics will find high-level insights into the ESG vendor market space.

    Vendor spotlight

    A photo of Datamine Isystain

    The establishment of the Datamine ESG unit comes at the same time the mining sector is showing an increased interest in managing ESG and its component systems as part of a single scope.

    With miners collecting and dealing with ever-increasing quantities of data and looking for ways to leverage it to make data-driven decisions that enhance risk management and increase profitability, integrated software solutions are – now more than ever – essential in supporting continuous improvement and maintaining data fidelity and data integrity across the entire mining value chain.

    An example of Datamine Isystain An example of Datamine Isystain An example of Datamine Isystain

    Key Features:

    • Discover GIS for geochemical, water, erosion, and vegetation modelling and management.
    • Qmed for workforce health management, COVID testing, and vaccine administration.
    • MineMarket and Reconcilor for traceability and auditing, giving visibility to chain of custody and governance across the value chain, from resource modelling to shipping and sales.
    • Centric Mining Systems – intelligence software for real-time transparency and governance across multiple sites and systems, including key ESG performance indicator reporting.
    • Zyght – a leading health, safety, and environment solution for high-impact industries that specializes in environment, injury, risk management, safe work plans, document management, compliance, and reporting.
    • Isystain – a cloud-based platform uniquely designed to support health, safety & environment, sustainability reporting, compliance and governance, and social investment reporting. Designed for seamless integration within an organization’s existing software ecosystems providing powerful analytics and reporting capabilities to streamline the production of sustainability and performance reporting.

    Vendor spotlight

    A logo of Benchmark ESG

    Benchmark ESG provides industry-leading ESG data management and reporting software that can assist organizations in managing operational risk and compliance, sustainability, product stewardship, and ensuring responsible sourcing across complex global operations.

    An example of Benchmark ESG An example of Benchmark ESG

    Key Features:

    Vendor spotlight

    A logo of PWC

    PwC’s ESG Management Solution provides quick insights into ways to improve reporting transparency surrounding your organization’s ESG commitments.

    According to PwC’s most recent CEO survey, the number one motivator for CEOs in mitigating climate change risks is their own desire to help solve this global problem and drive transparency with stakeholders.
    Source: “Annual Global CEO Survey,” PwC, 2022.

    An example of PWC An example of PWC

    Key Features:

    • Streamlined data mining capabilities. PwC’s ESG solution provides the means to streamline, automate, and standardize the input of sustainability data based on non-financial reporting directive (NFRD) and corporate sustainability reporting directive (CSRD) regulations.
    • Company and product carbon footprint calculation and verification modules.
    • Robust dashboarding capabilities. Option to create custom-tailored sustainability monitoring dashboards or integrate existing ESG data from an application to existing dashboards.
    • Team management functionalities that allow for more accessible cross-departmental communication and collaboration. Ability to check progress on tasks, assign tasks, set automatic notifications/deadlines, etc.

    Vendor spotlight

    A logo of ServiceNow

    ServiceNow ESG Management (ESGM) and reporting platform helps organizations transform the way they manage, visualize, and report on issues across the ESG spectrum.

    The platform automates the data collection process and the organization and storage of information in an easy-to-use system. ServiceNow’s ESGM solution also develops dashboards and reports for internal user groups and ensures that external disclosure reports are aligned with mainstream ESG standards and frameworks.

    We know that doing well as a business is about more than profits. One workflow at a time, we believe we can change the world – to be more sustainable, equitable, and ethical.
    Source: ServiceNow, 2021.

    An example of ServiceNow

    Key Features:

    1. An executive dashboard to help coherently outline the status of various ESG indicators, including material topics, goals, and disclosure policies all in one centralized hub
    2. Status review modules. Ensure that your organization has built-in modules to help them better document and monitor their ESG goals and targets using a single source of truth.
    3. Automated disclosure modules. ESGM helps organizations create more descriptive ESG disclosure reports that align with industry accountability standards (e.g. SASB, GRI, CDP).

    Other key vendors to consider

    An image of other 12 key vendors

    Related Info-Tech Research

    Photo of The ESG Imperative and Its Impact on Organizations

    The ESG Imperative and Its Impact on Organizations

    Use this blueprint to educate yourself on ESG factors and the broader concept of sustainability.

    Identify changes that may be needed in your organizational operating model, strategy, governance, and risk management approach.

    Learn about Info-Tech’s ESG program approach and use it as a framework to begin your ESG program journey.

    Photo of Private Equity and Venture Capital Growing Impact of ESG Report

    Private Equity and Venture Capital Growing Impact of ESG Report

    Increasingly, new capital has a social mandate attached to it due to the rise of ESG investment principles.

    Learn about how the growing impact of ESG affects both your organization and IT specifically, including challenges and opportunities, with expert assistance.

    Definitions

    Terms

    Definition

    Corporate Social Responsibility

    Management concept whereby organizations integrate social and environmental concerns in their operations and interactions with their stakeholders.

    Chief Sustainability Officer

    Steers sustainability commitments, helps with compliance, and helps ensure internal commitments are met. Responsibilities may extend to acting as a liaison with government and public affairs, fostering an internal culture, acting as a change agent, and leading delivery.

    ESG

    An acronym that stands for environment, social, and governance. These are the three components of a sustainability program.

    ESG Standard

    Contains detailed disclosure criteria including performance measures or metrics. Standards provide clear, consistent criteria and specifications for reporting. Typically created through consultation process.

    ESG Framework

    A broad contextual model for information that provides guidance and shapes the understanding of a certain topic. It sets direction but does not typically delve into the methodology. Frameworks are often used in conjunction with standards.

    ESG Factors

    The factors or issues that fall under the three ESG components. Measures the sustainability performance of an organization.

    ESG Rating

    An aggregated score based on the magnitude of an organization’s unmanaged ESG risk. Ratings are provided by third-party rating agencies and are increasingly being used for financing, transparency to investors, etc.

    ESG Questionnaire

    ESG surveys or questionnaires are administered by third parties and used to assess an organization’s sustainability performance. Participation is voluntary.

    Key Risk Indicator (KRI)

    A measure to indicate the potential presence, level, or trend of a risk.

    Key Performance Indicator (KPI)

    A measure of deviation from expected outcomes to help a firm see how it is performing.

    Materiality

    Material topics are topics that have a direct or indirect impact on an organization's ability to create, preserve, or erode economic, environmental, and social impact for itself and its stakeholder and society as a whole.

    Materiality Assessment

    A tool to identify and prioritize the ESG issues most critical to the organization.

    Risk Sensing

    The range of activities carried out to identify and understand evolving sources of risk that could have a significant impact on the organization (e.g. social listening).

    Sustainability

    The ability of an organization and broader society to endure and survive over the long term by managing adverse impacts well and promoting positive opportunities.

    Sustainalytics

    Now part of Morningstar. Sustainalytics provides ESG research, ratings, and data to institutional investors and companies.

    UN Guiding Principles on Business and Human Rights (UNGPs)

    An essential methodological foundation for how impacts across all dimensions should be assessed.

    Reporting and standard frameworks

    Standard

    Definition and focus

    CDP
    (Formally Carbon Disclosure Project)

    CDP has created standards and metrics for comparing sustainability impact. Focuses on environmental data (e.g. carbon, water, and forests) and on data disclosure and benchmarking.

    Audience: All stakeholders

    Dow Jones Sustainability Indices (DJSI)

    Heavy on corporate governance and company performance. Equal balance of economic, environmental, and social.

    Audience: All stakeholders

    Global Reporting Initiative (GRI)

    International standards organization that has a set of standards to help organizations understand and communicate their impacts on climate change and social responsibility. The standard has a strong emphasis on transparency and materiality, especially on social issues.

    Audience: All stakeholders

    International Sustainability Standards Board (ISSB)

    Standard-setting board that sits within the International Financial Reporting Standards (IFRS) Foundation. The IFRS Foundation is a not-for-profit, public-interest organization established to develop high-quality, understandable, enforceable, and globally accepted accounting and sustainability disclosure standards.

    Audience: Investor-focused

    United Nations Sustainable Development Goals (SDGs)

    Global partnership across sectors and industries that sets out 17 goals to achieve sustainable development for all.

    Audience: All stakeholders

    Sustainability Accounting Standards Board (SASB)
    Now part of IFSR foundation

    Industry-specific standards to help corporations select topics that may impact their financial performance. Focus on material impacts on financial condition or operating performance.

    Audience: Investor-focused

    Task Force on Climate-Related Financial Disclosures (TCFD; created by the Financial Stability Board)

    Standards framework focused on the impact of climate risk on financial and operating performance. More broadly the disclosures inform investors of positive and negative measures taken to build climate resilience and make transparent the exposure to climate-related risk.

    Audience: Investors, financial stakeholders

    Bibliography

    "2021 Global Investor Survey: The Economic Realities of ESG." PwC, Dec. 2021. Accessed May 2022.

    "2023 Canadian ESG Reporting Insights." PwC, Nov. 2022. Accessed Dec. 2022.

    Althoff, Judson. "Microsoft Cloud for Sustainability: Empowering Organizations On Their Path To Net Zero." Microsoft Blog, 14 July 2021. Accessed May 2022.

    "Balancing Sustainability and Profitability." IBM, Feb. 2022. Accessed June. 2022.

    "Beyond Compliance: Consumers and Employees Want Business to Do More on ESG." PwC, Nov. 2021. Accessed July 2022.

    Bizo, Daniel. "Multi-Tenant Datacenters and Sustainability: Ambitions and Reality." S&P Market Intelligence, Sept. 2020. Web.

    Bolden, Kyle. "Aligning nonfinancial reporting with your ESG strategy to communicate long-term value." EY, 18 Dec. 2020. Web.

    Carril, Christopher, et al. "Looking at Restaurants Through an ESG Lens: ESG Stratify – Equity Research Report." RBC Capital Markets, 5 Jan. 2021. Accessed Jun. 2022.

    "Celebrating and Advancing Women." McDonald’s, 8 March 2019. Web.

    Clark, Anna. "Get your ESG story straight: A sustainability communication starter kit." GreenBiz, 20 Dec. 2022, Accessed Dec. 2022.

    Courtnell, Jane. “ESG Reporting Framework, Standards, and Requirements.” Corporate Compliance Insights, Sept. 2022. Accessed Dec. 2022.

    “Country Sustainability Ranking. Country Sustainability: Visibly Harmed by Covid-19.” Robeco, Oct. 2021. Accessed June 2022.

    “Defining the “G” in ESG Governance Factors at the Heart of Sustainable Business.” World Economic Forum, June 2022. Web.

    “Digital Assets: Laying ESG Foundations.” Global Digital Finance, Nov. 2021. Accessed April 2022.

    “Dow Jones Sustainability Indices (DJCI) Index Family.” S&P Global Intelligence, n.d. Accessed June 2022.

    "ESG in Your Business: The Edge You Need to Land Large Contracts." BDC, March 2023, Accessed April 2023.

    “ESG Performance and Its Impact on Corporate Reputation.” Intelex Technologies, May 2022. Accessed July 2022.

    “ESG Use Cases. IoT – Real-Time Occupancy Monitoring.” Metrikus, March 2021. Accessed April 2022.

    Fanter, Tom, et al. “The History & Evolution of ESG.” RMB Capital, Dec. 2021. Accessed May 2022.

    Flynn, Hillary, et al. “A guide to ESG materiality assessments.” Wellington Management, June 2022, Accessed September 2022

    “From ‘Disclose’ to ‘Disclose What Matters.’” Global Reporting Initiative, Dec. 2018. Accessed July 2022.

    “Getting Started with ESG.” Sustainalytics, 2022. Web.

    “Global Impact ESG Fact Sheet.” ServiceNow, Dec. 2021. Accessed June 2022.

    Gorley, Adam. “What is ESG and Why It’s Important for Risk Management.” Sustainalytics, March 2022. Accessed May 2022.

    Hall, Lindsey. “You Need Near-Term Accountability to Meet Long-Term Climate Goals.” S&P Global Sustainable1, Oct. 2021. Accessed April 2022.

    Henisz, Witold, et al. “Five Ways That ESG Creates Value.” McKinsey, Nov. 2019. Accessed July 2022.

    “Integrating ESG Factors in the Investment Decision-Making Process of Institutional Investors.” OECD iLibrary, n.d. Accessed July 2022.

    “Investor Survey.” Benchmark ESG, Nov. 2021. Accessed July 2022.

    Jackson, Brian. Tech Trends 2023, Info-Tech Research Group, Dec. 2022, Accessed Dec. 2022.

    Keet, Lior. “What Is the CIO’s Role in the ESG Equation?” EY, 2 Feb. 2022. Accessed May 2022.

    Lev, Helee, “Understanding ESG risks and why they matter” GreenBiz, June 2022. Accessed Dec 2022.

    Marsh, Chris, and Simon Robinson. “ESG and Technology: Impacts and Implications.” S&P Global Market Intelligence, March 2021. Accessed April 2022.

    Martini, A. “Socially Responsible Investing: From the Ethical Origins to the Sustainable Development Framework of the European Union.” Environment, Development and Sustainability, vol. 23, Nov. 2021. Web.

    Maher, Hamid, et al. “AI Is Essential for Solving the Climate Crisis.” Boston Consulting Group, 7 July 2022. Web.

    “Materiality Assessment. Identifying and Taking Action on What Matters Most.” Novartis, n.d. Accessed June. 2022.

    Morrow, Doug, et al. “Understanding ESG Incidents: Key Lessons for Investors.” Sustainalytics, July 2017. Accessed May 2022.

    “Navigating Climate Data Disclosure.” Novisto, July 2022. Accessed Nov. 2022.

    Nuttall, Robin, et al. “Why ESG Scores Are Here to Stay.” McKinsey & Company, May 2020. Accessed July 2022.

    “Opportunities in Sustainability – 451 Research’s Analysis of Sustainability Perspectives in the Data Center Industry.” Schneider Electric, Sept. 2020. Accessed May 2022.

    Peterson, Richard. “How Can NLP Be Used to Quantify ESG Analytics?” Refinitiv, Feb. 2021. Accessed June 2022.

    “PwC’s 25th Annual Global CEO Survey: Reimagining the Outcomes That Matter.” PwC, Jan. 2022. Accessed June 2022.

    “SEC Proposes Rules on Cybersecurity, Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies.” Securities and Exchange Commission, 9 May 2022. Press release.

    Serafeim, George. “Social-Impact Efforts That Create Real Value.” Harvard Business Review, Sept. 2020. Accessed May 2022.

    Sherrie, Gonzalez. “ESG Planning and Performance Survey.” Diligent, 24 Sept. 2021. Accessed July 2022.

    “Special Reports Showcase, Special Report: Mid-Year Report on Proposed SEC Rule 14-8 Change.” Sustainable Investments Institute, July 2020. Accessed April 2022.

    “State of European Tech. Executive Summary Report.” Atomico, Nov. 2021. Accessed June 2022.

    “Top Challenges in ESG Reporting, and How ESG Management Solution Can Help.” Novisto, Sept. 2022. Accessed Nov. 2022.

    Vaughan-Smith, Gary. “Navigating ESG data sets and ‘scores’.” Silverstreet Capital, 23 March 2022. Accessed Dec. 2022.

    Waters, Lorraine. “ESG is not an environmental issue, it’s a data one.” The Stack, 20 May 2021. Web.

    Wells, Todd. “Why ESG, and Why Now? New Data Reveals How Companies Can Meet ESG Demands – And Innovate Supply Chain Management.” Diginomica, April 2022. Accessed July 2022.

    “XBRL is coming to corporate sustainability Reporting.” Novisto, Aug. 2022. Accessed Dec. 2022.

    Research Contributors and Experts

    Photo of Chris Parry

    Chris Parry
    VP of ESG, Datamine

    Chris Parry has recently been appointed as the VP of ESG at Datamine Software. Datamine’s dedicated ESG division provides specialized ESG technology for sustainability management by supporting key business processes necessary to drive sustainable outcomes.

    Chris has 15 years of experience building and developing business for enterprise applications and solutions in both domestic and international markets.

    Chris has a true passion for business-led sustainable development and is focused on helping organizations achieve their sustainable business outcomes through business transformation and digital software solutions.

    Datamine’s comprehensive ESG capability supports ESG issues such as the environment, occupational health and safety, and medical health and wellbeing. The tool assists with risk management, stakeholder management and business intelligence.

    Effective IT Communications

    • Buy Link or Shortcode: {j2store}429|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Lead
    • Parent Category Link: /lead

    IT communications are often considered ineffective. This is demonstrated by:

    • A lack of inclusion or time to present in board meetings.
    • Confusion around IT priorities and how they align to organizational objectives.
    • Segregating IT from the rest of the organization.
    • The inability to secure the necessary funding for IT-led initiatives.
    • IT employees not feeling supported or engaged.

    Our Advice

    Critical Insight

    • No one is born a good communicator. Every IT employee needs to spend the time and effort to grow their communication skills; with constant change and worsening IT crises, IT cannot afford to communicate poorly anymore.
    • The skills needed to communicate effectively as a front=line employee or CIO are the same. It is important to begin the development of these skills from the beginning of one's career.
    • Time is a non-renewable resource. Any communication needs to be considered valuable and engaging by the audience or they will be unforgiving.

    Impact and Result

    Communications is a responsibility of all members of IT. This is demonstrated through:

    • Engaging in two-way communications that are continuous and evolving.
    • Establishing a communications strategy – and following the plan.
    • Increasing the skills of all IT employees when it comes to communications.
    • Identifying audiences and their preferred means of communication.

    Effective IT Communications Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Effective IT Communications Capstone Deck – A resource center to ensure you never start communications from a blank page again.

    This capstone blueprint highlights the components, best practices, and importance of good communication for all IT employees.

    • Effective IT Communications Storyboard

    2. IT Townhall Template – A ready-to-use template to help you engage with IT employees and ensure consistent access to information.

    IT town halls must deliver value to employees, or they will withdraw and miss key messages. To engage employees, use well-crafted communications in an event that includes crowd-sourced contents, peer involvement, recognition, significant Q&A time allotment, organizational discussions, and goal alignment.

    • IT Townhall Template

    3. IT Year in Review Template – A ready-to-use template to help communicate IT successes and future objectives.

    This template provides a framework to build your own IT Year In Review presentation. An IT Year In Review presentation typically covers the major accomplishments, challenges, and initiatives of an organization's information technology (IT) department over the past year.

    • IT Year in Review Template

    Infographic

    Further reading

    Effective IT Communications

    Empower IT employees to communicate well with any stakeholder across the organization.

    Analyst perspective

    There has never been an expectation for IT to communicate well.

    Brittany Lutes

    Brittany Lutes
    Research Director
    Info-Tech Research Group

    Diana MacPherson

    Diana MacPherson
    Senior Research Analyst
    Info-Tech Research Group

    IT rarely engages in proper communications. We speak at, inform, or tell our audience what we believe to be important. But true communications seldom take place.

    Communications only occur when channels are created to ensure the continuous opportunity to obtain two-way feedback. It is a skill that is developed over time, with no individual having an innate ability to be better at communications. Each person in IT needs to work toward developing their personal communications style. The problem is we rarely invest in development or training related to communications. Information and technology fields spend time and money developing hard skills within IT, not soft ones.

    The benefits associated with communications are immense: higher business satisfaction, funding for IT initiatives, increased employee engagement, better IT to business alignment, and the general ability to form ongoing partnerships with stakeholders. So, for IT departments looking to obtain these benefits through true communications, develop the necessary skills.

    Executive summary

    Your Challenge Common Obstacles Info-Tech’s Approach
    IT communications are often considered ineffective. This is demonstrated by:
    • A lack of inclusion or time to present in board meetings.
    • Confusion around IT priorities and how they align to organizational objectives.
    • Segregating IT from the rest of the organization.
    • An inability to secure the necessary funding for IT-led initiatives.
    • IT employees not feeling supported or engaged.
    Frequently, these barriers have prevented IT communications from being effective:
    • Using technical jargon when a universal language is needed.
    • Speaking at organization stakeholders rather than engaging through dialogue.
    • Understanding the needs of the audience.
    Overall, IT has not been expected to engage in good communications or taken a proactive approach to communicate effectively.
    Communications is a responsibility of all members of IT. This is demonstrated through:
    • Engaging in two-way communications that are continuous and evolving.
    • Establishing a communications strategy – and following the plan.
    • Increasing the skills of all IT employees when it comes to communications.
    • Identifying audiences and their preferred means of communication.

    Info-Tech Insight
    No one is born a good communicator. Every IT employee needs to spend the time and effort to grow their communication skills as constant change and worsening IT crises mean that IT cannot afford to communicate poorly anymore.

    Your challenge

    Overall satisfaction with IT is correlated to satisfaction with IT communications

    Chart showing satisfaction with it and communications

    The bottom line? For every 10% increase in communications there 8.6% increase in overall IT satisfaction. Therefore, when IT communicates with the organization, stakeholders are more likely to be satisfied with IT overall.

    Info-Tech Diagnostic Programs, N=330 organizations

    IT struggles to communicate effectively with the organization:

    • CIOs are given minimal time to present to the board or executive leaders about IT’s value and alignment to business goals.
    • IT initiatives are considered complicated and confusing.
    • The frequency and impact of IT crises are under planned for, making communications more difficult during a major incident.
    • IT managers do not have the skills to communicate effectively with their team.
    • IT employees do not have the skills to communicate effectively with one another and end users.

    Common obstacles

    IT is prevented from communicating effectively due to these barriers:

    • Difficulty assessing the needs of the audience to inform the language and means of communication that should be used.
    • Using technical jargon rather than translating the communication into commonly understood terms.
    • Not receiving the training required to develop communication skills across IT employees.
    • Frequently speak at organization stakeholders rather than engaging through dialogue.
    • Beginning many communications from a blank page, especially crisis communications.
    • Difficulty presenting complex concepts in a short time to an audience in a digestible and concise manner without diluting the point.

    Effective IT communications are rare:

    53% of CXOs believe poor communication between business and IT is a barrier to innovation.
    Source: Info-Tech CEO-CIO Alignment Survey, 2022

    69% of those in management positions don’t feel comfortable even communicating with their staff.”
    Source: TeamStage, 2022

    Info-Tech’s approach

    Effective communications is not a broadcast but a dialogue between communicator and audience in a continuous feedback loop.

    Continuous loop of dialogue

    The Info-Tech difference:

    1. Always treat every communication as a dialogue, enabling the receiver of the message to raise questions, concerns, or ideas.
    2. Different audiences will require different communications. Be sure to cater the communication to the needs of the receiver(s).
    3. Never assume the communication was effective. Create measures and adjust the communications to get the desired outcome.

    Common IT communications

    And the less common but still important communications

    Communicating Up to Board or Executives

    • Board Presentations
    • Executive Leadership Committee Meetings
    • Technology Updates
    • Budget Updates
    • Risk Updates
    • Year in Review

    Communicating Across the Organization

    • Townhalls – external to IT
    • Year in Review
    • Crisis Email
    • Intranet Communication
    • Customer/Constituent Requests for Information
    • Product Launches
    • Email
    • Watercooler Chat

    Communicating Within IT

    • Townhalls – internal to IT
    • Employee 1:1s
    • Team Meetings
    • Project Updates
    • Project Collaboration Sessions
    • Year in Review
    • All-Hands Meeting
    • Employee Interview
    • Onboarding Documentation
    • Vendor Negotiation Meetings
    • Vendor Product Meetings
    • Email
    • Watercooler Chat

    Insight Summary

    Overarching insight
    IT cannot afford to communicate poorly given the overwhelming impact and frequency of change related to technology. Learn to communicate well or get out of the way of someone who can.

    Insight 1: The skills needed to communicate effectively as a frontline employee or a CIO are the same. It’s important to begin the development of these skills from the beginning of one’s career.
    Insight 2: Time is a non-renewable resource. Any communication needs to be considered valuable and engaging by the audience or they will be unforgiving.
    Insight 3: Don’t make data your star. It is a supporting character. People can argue about the collection methods or interpretation of the data, but they cannot argue the story you share.
    Insight 4: Measure if the communication is being received and resulting in the desired outcome. If not, modify what and how the message is being expressed.
    Insight 5: Messages are also non-verbal. Practice using your voice and body to set the right tone and impact your audience.

    Communication principles

    Follow these principles to support all IT communications.

    Two-Way

    Incorporate feedback loops into your communication efforts. Providing stakeholders with the opportunity to voice their opinions and ideas will help gain their commitment and buy-in.

    Timely

    Frequent communications mitigate rumors and the spread of misinformation. Provide warning before the implementation of any changes whenever possible. Communicate as soon as possible after decisions have been made.

    Consistent

    Make sure the messaging is consistent across departments, mediums, and presenters. Provide managers with key phrases to support the consistency of messages.

    Open & Honest

    Transparency is a critical component of communication. Always tell employees that you will share information as soon as you can. This may not be as soon as you receive the information but as soon as sharing it is acceptable.

    Authentic

    Write messages in a way that embodies the personality of the organization. Don’t spin information; position it within the wider organizational context.

    Targeted

    Use your target audience profiles to determine which audiences need to consume which messages and what mediums should be employed.

    Importance of IT being a good communicator

    Don’t pay the price for poor communication.

    IT needs to communicate well because:

    • IT risk mitigation and technology initiative funding are dependent on critical stakeholders comprehending the risk impact and initiative benefit in easy-to-understand terms.
    • IT employees need clear and direct information to feel empowered and accountable to do their jobs well.
    • End users who have a good experience engaging in communications with IT employees have an overall increase in satisfaction with IT.
    • Continuously demonstrating IT’s value to the organization comes when those initiatives are clearly aligned to overall objectives.
    • Communication prevents assumptions and further miscommunication from happening among IT employees who are usually impacted and fear change the most.

    “Poor communication results in employee misunderstanding and errors that cost approximately $37 billion.”
    – Intranet Connections, 2019

    Effective communication enables organizational strategy and facilitates a two-way exchange

    Effective communication facilitates a two-way exchange

    What makes internal communications effective?

    To be effective, internal communications must be strategic. They should directly support organizational objectives, reinforce key messages to make sure they drive action, and facilitate two-way dialogue, not just one-way messaging.

    Measure the value of the communication

    Communication effectiveness can be measured through a variety of metrics:

    • Increase in Productivity
    • “When employees are offered better communication technology and skills, productivity can increase by up to 30%” (Expert Market, 2022).
    • Increase in Understanding Decision Rationale
    • Employees who report understanding the rationale behind the business decisions made by the executive leadership team (ELT) are 3.6x more likely to be engaged, compared to those who were not (McLean & Company Engagement Survey Database, 2022; N=133,167 responses, 187 organizations).
    • Increase in Revenue
    • Collaboration amongst C-suite executives led to a 27% increase in revenue compared to low collaborating C-suites (IBM, 2021).
    • Increase in End-User Satisfaction
    • 80.9% of end users are satisfied with IT’s ability to communicate with them regarding the information they need to perform their job (Info-Tech’s End-User Satisfaction Survey Database, N=20,617 end users from 126 organizations).

    Methods to determine effectiveness:

    • CIO Business Vision Survey
    • Engagement surveys
    • Focus groups
    • Suggestion boxes
    • Team meetings
    • Random sampling
    • Informal feedback
    • Direct feedback
    • Audience body language
    • Repeating the message back

    How to navigate the research center

    This research center is intended to ensure that IT never starts their communications from a blank page again:

    Tools to help IT be better communicators

    “‘Effectiveness’ can mean different things, and effectiveness for your project is going to look different than it would for any other project.”
    – Gale McCreary in WikiHow, 2022

    Audience: Organizational leadership

    Speaking with Board and executive leaders about strategy, risk, and value

    Keep in mind:

    1 2 3
    Priorities Differ Words Matter The Power of Three
    What’s important to you as CIO is very different from what is important to a board or executive leadership team or even the individual members of these groups. Share only what is important or relevant to the stakeholder(s). Simplify the message into common language whenever possible. A good test is to ensure that someone without any technical background could understand the message. Keep every slide to three points with no more than three words. You are the one to translate this information into a worth-while story to share.

    “Today’s CIOs have a story to tell. They must change the old narrative and describe the art of the (newly) possible. A great leader rises to the occasion and shares a vision that inspires the entire organization.”
    – Dan Roberts, CIO, 2019

    Communications for board presentations

    Secure funding and demonstrate IT as a value add to business objectives.

    DEFINING INSIGHT

    Stop presenting what is important to you as the CIO and present to the board what is important to them.

    Why does IT need to communicate with the board?

    • To get their buy-in and funding for critical IT initiatives.
    • To ensure that IT risks are understood and receive the funding necessary to mitigate.
    • To change the narrative of IT as a service provider to a business enabler.

    FRAMEWORK

    Framework for board presentations

    CHECKLIST

    Do’s & Don’ts of Communicating Board Presentations:

    Do: Ensure you know all the members of the board and their strengths/areas of focus.

    Do: Ensure the IT objectives and initiatives align to the business objectives.

    Do: Avoid using any technical jargon.

    Do: Limit the amount of data you are using to present information. If it can’t stand alone, it isn’t a strong enough data point.

    Do: Avoid providing IT service metrics or other operational statistics.

    Do: Demonstrate how the organization’s revenue is impacted by IT activities.

    Do: Tell a story that is compelling and excited.

    OUTCOME

    Organization Alignment

    • Approved organization objectives and IT objectives are aligned and supporting one another.

    Stakeholder Buy-In

    • Board members all understand what the future state of IT will look like – and are excited for it!

    Awareness on Technology Trends

    • It is the responsibility of the CIO to ensure the board is aware of critical technology trends that can impact the future of the organization/industry.

    Risks

    • Risks are understood, the impact they could have on the organization is clear, and the necessary controls required to mitigate the risk are funded.

    Communications for business updates

    Continuously build strong relationships with all members of business leadership.

    DEFINING INSIGHT

    Business leaders care about themselves and their goals – present ideas and initiatives that lean into this self-interest.

    Why does IT need to communicate business updates?

    • The key element here is to highlight how IT is impacting the organization’s overall ability to meet goals and targets.
    • Ensure all executive leaders know about and understand IT’s upcoming initiatives – and how they will be involved.

    FRAMEWORK

    Framework for business updates

    CHECKLIST

    Do’s & Don’ts of Communicating Business Updates:

    Do: Ensure IT is given sufficient time to present with the rest of the business leaders.

    Do: Ensure the goals of IT are clear and can be depicted visually.

    Do: Tie every IT goal to the objectives of different business leaders.

    Do: Avoid using any technical jargon.

    Do: Reinforce the positive benefits business leaders can expect.

    Do: Avoid providing IT service metrics or other operational statistics.

    Do: Demonstrate how IT is driving the digital transformation of the organization.

    OUTCOME

    Better Reputation

    • Get other business leaders to see IT as a value add to any initiative, making IT an enabler not an order taker.

    Executive Buy-In

    • Executives are concerned about their own budgets; they want to embrace all the innovation but within reason and minimal impact to their own finances.

    Digital Transformation

    • Indicate and commit to how IT can help the different leaders deliver on their digital transformation activities.

    Relationship Building

    • Establish trust with the different leaders so they want to engage with you on a regular basis.

    Audience: Organization wide

    Speaking with all members of the organization about the future of technology – and unexpected crises.

    1 2 3
    Competing to Be Heard Measure Impact Enhance the IT Brand
    IT messages are often competing with a variety of other communications simultaneously taking place in the organization. Avoid the information-overload paradox by communicating necessary, timely, and relevant information. Don’t underestimate the benefit of qualitative feedback that comes from talking to people within the organization. Ensure they read/heard and absorbed the communication. IT might be a business enabler, but if it is never communicated as such to the organization, it will only be seen as a support function. Use purposeful communications to change the IT narrative.

    Less than 50% of internal communications lean on a proper framework to support their communication activities.
    – Philip Nunn, iabc, 2020

    Communications for strategic IT initiatives

    Communicate IT’s strategic objectives with all business stakeholders and users.

    DEFINING INSIGHT

    IT leaders struggle to communicate how the IT strategy is aligned to the overall business objectives using a common language understood by all.

    Why does IT need to communicate its strategic objectives?

    • To ensure a clear and consistent view of IT strategic objectives can be understood by all stakeholders within the organization.
    • To demonstrate that IT strategic objectives are aligned with the overall mission and vision of the organization.

    FRAMEWORK

    Framework for IT strategic initiatives

    CHECKLIST

    Do’s & Don’ts of Communicating IT Strategic Objectives:

    Do: Ensure all IT leaders are aware of and understand the objectives in the IT strategy.

    Do: Ensure there is a visual representation of IT’s goals.

    Do: Ensure the IT objectives and initiatives align to the business objectives.

    Do: Avoid using any technical jargon.

    Do: Provide metrics if they are relevant, timely, and immediately understandable.

    Do: Avoid providing IT service metrics or other operational statistics.

    Do: Demonstrate how the future of the organization will benefit from IT initiatives.

    OUTCOME

    Organization Alignment

    • All employees recognize the IT strategy as being aligned, even embedded, into the overall organization strategy.

    Stakeholder Buy-In

    • Business and IT stakeholders alike understand what the future state of IT will look like – and are excited for it!

    Role Clarity

    • Employees within IT are clear on how their day-to-day activities impact the overall objectives of the organization.

    Demonstrate Growth

    • Focus on where IT is going to be maturing in the coming one to two years and how this will benefit all employees.

    Communications for crisis management

    Minimize the fear and chaos with transparent communications.

    DEFINING INSIGHT

    A crisis communication should fit onto a sticky note. If it’s not clear, concise, and reassuring, it won’t be effectively understood by the audience.

    Why does IT need to communicate when a crisis occurs?

    • To ensure all members of the organization have an understanding of what the crisis is, how impactful that crisis is, and when they can expect more information.
    • “Half of US companies don’t have a crisis communication plan” (CIO, 2017).

    FRAMEWORK

    Framework for crisis management

    CHECKLIST

    Do’s & Don’ts of Communicating During a Crisis:

    Do: Provide timely and regular updates about the crisis to all stakeholders.

    Do: Involve the Board or ELT immediately for transparency.

    Do: Avoid providing too much information in a crisis communication.

    Do: Have crisis communication statements ready to be shared at any time for possible or common IT crises.

    Do: Highlight that employee safety and wellbeing is top priority.

    Do: Work with members of the public relations team to prepare any external communications that might be required.

    OUTCOME

    Ready to Act

    • Holding statements for possible crises will eliminate the time and effort required when the crisis does occur.

    Reduce Fears

    • Prevent employees from spreading concerns and not feeling included in the crisis.

    Maintain Trust

    • Ensure Board and ELT members trust IT to respond in an appropriate manner to any crisis or major incident.

    Eliminate Negative Reactions

    • Any crisis communication should be clear and concise enough when done via email.

    Audience: IT employees

    IT employees need to receive and obtain regular transparent communications to better deliver on their expectations.

    Keep in mind:

    1 2 3
    Training for All Listening Is Critical Reinforce Collaboration
    From the service desk technician to CIO, every person within IT needs to have a basic ability to communicate. Invest in the training necessary to develop this skill set. It seems simple, but as humans we do an innately poor job at listening to others. It’s important you hear employee concerns, feedback, and recommendations, enabling the two-way aspect of communication. IT employees will reflect the types of communications they see. If IT leaders and managers cannot collaborate together, then teams will also struggle, leading to productivity and quality losses.

    “IT professionals who […] enroll in communications training have a chance to both upgrade their professional capabilities and set themselves apart in a crowded field of technology specialists.”
    – Mark Schlesinger, Forbes, 2021

    Communications for IT activities and tactics

    Get IT employees aligned and clear on their daily objectives.

    DEFINING INSIGHT

    Depending on IT goals, the structure might need to change to support better communication among IT employees.

    Why does IT need to communicate IT activities?

    • To ensure all members of the project team are aligned with their tasks and responsibilities related to the project.
    • To be able to identify, track, and mitigate any problems that are preventing the successful delivery of the project.

    FRAMEWORK

    Framework for IT activities & tactics

    CHECKLIST

    Do’s & Don’ts of Communicating IT Activities:

    Do: Provide metrics that define how success of the project will be measured.

    Do: Demonstrate how each project aligns to the overarching objectives of the organization.

    Do: Avoid having large meetings that include stakeholders from two or more projects.

    Do: Consistently create a safe space for employees to communicate risks related to the project(s).

    Do: Ensure the right tools are being leveraged for in-office, hybrid, and virtual environments to support project collaboration.

    Do: Leverage a project management software to reduce unnecessary communications.

    OUTCOME

    Stakeholder Adoption

    • Create a standard communication template so stakeholders can easily find and apply communications.

    Resource Allocation

    • Understand what the various asks of IT are so employees can be adequately assigned to tasks.

    Meet Responsibly

    • Project status meetings are rarely valuable or insightful. Use meetings for collaboration, troubleshooting, and knowledge sharing.

    Encourage Engagement

    • Recognize employees and their work against critical milestones, especially for projects that have a long timeline.

    Communications for everyday IT

    Engage employees and drive results with clear and consistent communications.

    DEFINING INSIGHT

    Employees are looking for empathy to be demonstrated by those they are interacting with, from their peers to managers. Yet, we rarely provide it.

    Why does IT need to communicate on regularly with itself?

    • Regular communication ensures employees are valued, empowered, and clear about their expectations.
    • 97% of employees believe that their ability to perform their tasks efficiently is impacted by communication (Expert Market, 2022).

    FRAMEWORK

    Framework for everyday IT

    CHECKLIST

    Do’s & Don’ts of Communicating within IT:

    Do: Have responses for likely questions prepared and ready to go.

    Do: Ensure that all leaders are sharing the same messages with their teams.

    Do: Avoid providing irrelevant or confusing information.

    Do: Speak with your team on a regular basis.

    Do: Reinforce the messages of the organization every chance possible.

    Do: Ensure employees feel empowered to do their jobs effectively.

    Do: Engage employees in dialogue. The worst employee experience is when they are only spoken at, not engaged with.

    OUTCOME

    Increased Collaboration

    • Operating in a vacuum or silo is no longer an option. Enable employees to successfully collaborate and deliver holistic results.

    Role Clarity

    • Clear expectations and responsibilities eliminate confusion and blame game. Engage employees and create a positive work culture with role clarity.

    Prevent Rumors

    • Inconsistent communication often leads to information sharing and employees spreading an (in)accurate narrative.

    Organizational Insight

    • Employees trust the organization’s direction because they are aware of the different activities taking place and provided with a rationale about decisions.

    Case Study

    Amazon

    INDUSTRY
    E-Commerce

    SOURCE
    Harvard Business Review

    Jeff Bezos has definitely taken on unorthodox approaches to business and leadership, but one that many might not know about is his approach to communication. Some of the key elements that he focused on in the early 2000s when Amazon was becoming a multi-billion-dollar empire included:

    • Banning PowerPoint for all members of the leadership team. They had to learn to communicate without the crutch of the most commonly used presentation tool.
    • Leveraging memos that included specific action steps and clear nouns
    • Reducing all communication to an eighth-grade reading level, including pitches for new products (e.g. Kindle).

    Results

    While he was creating the Amazon empire, 85% of Jeff Bezos’ communication was written in a way that an eighth grader could read. Communicating in a way that was easy to understand and encouraging his leadership team to do so as well is one of the many reasons this business has grown to an estimated value of over $800B.

    “If you cannot simplify a message and communicate it compellingly, believe me, you cannot get the masses to follow you.”
    – Indra Nooyi, in Harvard Business Review, 2022

    Communication competency expectations

    Communication is a business skill; not a technical skill.

    Demonstrated Communication Behavior
    Level 1: Follow Has sufficient communication skills for effective dialogue with others.
    Level 2: Assist Has sufficient communication skills for effective dialogue with customers, suppliers, and partners.
    Level 3: Apply Demonstrates effective communication skills.
    Level 4: Enable Communicates fluently, orally, and in writing and can present complex information to both technical and non-technical audiences.
    Level 5: Ensure, Advise Communicates effectively both formally and informally.
    Level 6: Initiate, Influence Communicates effectively at all levels to both technical and non-technical audiences.
    Level 7: Set Strategy, Inspire, Mobilize Understands, explains, and presents complex ideas to audiences at all levels in a persuasive and convincing manner.

    Source: Skills Framework for the Information Age, 2021

    Key KPIs for communication with any stakeholder

    Measuring communication is hard; use these to determine effectiveness.

    Goal Key Performance Indicator (KPI) Related Resource
    Obtain board buy-in for IT strategic initiatives X% of IT initiatives that were approved to be funded. Number of times technical initiatives were asked to be explained further. Using our Board Presentation Review service
    Establish stronger relationships with executive leaders X% of business leadership satisfied with the statement “IT communicates with your group effectively.” Using the CIO Business Vision Diagnostic
    Organizationally, people know what products and services IT provides X% of end users who are satisfied with communications around changing services or applications. Using the End-User Satisfaction Survey
    Organizational reach and understanding of the crisis. Number of follow-up tickets or requests related to the crisis after the initial crisis communication was sent. Using templates and tools for crisis communications
    Project stakeholders receive sufficient communication throughout the initiative. X% overall satisfaction with the quality of the project communications. Using the PPM Customer Satisfaction Diagnostic
    Employee feedback is provided, heard, and acted on X% of satisfaction employees have with managers or IT leadership to act on employee feedback. Using the Employee Engagement Diagnostic Program

    Standard workshop communication activities

    Introduction
    Communications overview.

    Plan
    Plan your communications using a strategic tool.

    Compose
    Create your own message.

    Deliver
    Practice delivering your own message.

    Contact your account representative for more information. workshops@infotech.com 1-888-670-8889

    Research contributors and experts

    Anuja Agrawal, National Communications Director, PwC

    Anuja Agrawal
    National Communications Director
    PwC

    Anuja is an accomplished global communications professional, with extensive experience in the insurance, banking, financial, and professional services industries in Asia, the US, and Canada. She is currently the National Communications Director at PwC Canada. Her prior work experience includes communication leadership roles at Deutsche Bank, GE, Aviva, and Veritas. Anuja works closely with senior business leaders and key stakeholders to deliver measurable results and effective change and culture building programs. Anuja has experience in both internal and external communications, including strategic leadership communication, employee engagement, PR and media management, digital and social media, and M&A/change and crisis management. Anuja believes in leveraging digital tools and technology-enabled solutions, combined with in-person engagement, to help improve the quality of dialogue and increase interactive communication within the organization to help build an inclusive culture of belonging.

    Nastaran Bisheban, Chief Technology Officer, KFC Canada

    Nastaran Bisheban
    Chief Technology Officer
    KFC Canada

    A passionate technologist, and seasoned transformational leader. A software engineer and computer scientist by education, a certified Project Manager that holds an MBA in Leadership with Honors and Distinction from University of Liverpool. A public speaker on various disciplines of technology and data strategy with a Harvard Business School executive leadership program training to round it all. Challenges status quo and conventional practices; is an advocate for taking calculated risk and following the principle of continuous improvement. With multiple computer software and project management publications she is a strategic mentor and board member on various non-profit organizations. Nastaran sees the world as a better place only when everyone has a seat at the table and is an active advocate for diversity and inclusion.

    Heidi Davidson, Co-Founder & CEO, Galvanize Worldwide and Galvanize On Demand

    Heidi Davidson
    Co-Founder & CEO
    Galvanize Worldwide and Galvanize On Demand

    Dr. Heidi Davidson is the co-founder and CEO of Galvanize Worldwide, the largest distributed network of marketing and communications experts in the world. She also is the co-founder and CEO of Galvanize On Demand, a tech platform that matches marketing and communications freelancers with client projects. Now with 167 active experts, the Galvanize team delivers startup advisory work, outsourced marketing, training, and crisis communications to organizations of all sizes. Before Galvanize, Heidi spent four years as part of the turnaround team at BlackBerry as the Chief Communications Officer and SVP of Corporate Marketing, where she helped the company move from a device manufacturer to a security software provider.

    Eli Gladstone, Co-Founder, Speaker Labs

    Eli Gladstone
    Co-Founder
    Speaker Labs

    Eli is a co-founder of Speaker Labs. He has spent over six years helping countless individuals overcome their public speaking fears and communicate with clarity and confidence. When he’s not coaching others on how to build and deliver the perfect presentation, you’ll probably find him reading some weird books, teaching his kids how to ski or play tennis, or trying to develop a good-enough jumpshot to avoid being a liability on the basketball court.

    Francisco Mahfuz, Keynote Speaker & Storytelling Coach

    Francisco Mahfuz
    Keynote Speaker & Storytelling Coach

    Francisco Mahfuz has been telling stories in front of audiences for a decade and even became a National Champion of public speaking. Today, Francisco is a keynote speaker and storytelling coach and offers communication training to individuals and international organizations and has worked with organizations like Pepsi, HP, the United Nations, Santander, and Cornell University. He’s the author of Bare: A Guide to Brutally Honest Public Speaking and the host of The Storypowers Podcast, and he’s been part of the IESE MBA communications course since 2020. He’s received a BA in English Literature from Birkbeck University in London.

    Sarah Shortreed, EVP & CTO, ATCO Ltd.

    Sarah Shortreed
    EVP & CTO
    ATCO Ltd.

    Sarah Shortreed is ATCO’s Executive Vice President and Chief Technology Officer. Her responsibilities include leading ATCO’s Information Technology (IT) function as it continues to drive agility and collaboration throughout ATCO’s global businesses and expanding and enhancing its enterprise IT strategy, including establishing ATCO’s technology roadmap for the future. Ms. Shortreed’s skill and expertise are drawn from her more than 30-year career that spans many industries and includes executive roles in business consulting, complex multi-stakeholder programs, operations, sales, customer relationship management, and product management. She was recently the Chief Information Officer at Bruce Power and has previously worked at BlackBerry, IBM, and Union Gas. She sits on the Board of Governors for the University of Western Ontario and is the current Chair of the Chief Information Officer (CIO) Committee at the Conference Board of Canada.

    Eric Silverberg, Co-Founder, Speaker Labs

    Eric Silverberg
    Co-Founder
    Speaker Labs

    Eric is a co-founder of Speaker Labs and has helped thousands of people build their public speaking confidence and become more dynamic and engaging communicators. When he’s not running workshops to help people grow in their careers, there’s a good chance you’ll find him with his wife and dog, drinking Diet Coke, and rewatching iconic episodes of the reality TV show Survivor! He’s such a die-hard fan, that you’ll probably see him playing the game one day.

    Stephanie Stewart, Communications Officer & DR Coordinator, Info Security Services Simon Fraser University

    Stephanie Stewart
    Communications Officer & DR Coordinator
    Info Security Services Simon Fraser University

    Steve Strout, President, Miovision Technologies

    Steve Strout
    President
    Miovision Technologies

    Mr. Strout is a recognized and experienced technology leader with extensive experience in delivering value. He has successfully led business and technology transformations by leveraging many dozens of complex global SFDC, Oracle, and SAP projects. He is especially adept at leading what some call “Project Rescues” – saving people’s careers where projects have gone awry; always driving “on-time and on-budget.” Mr. Strout is the current President of Miovision Technologies and the former CEO and board member of the Americas’ SAP Users” Group (ASUG). His wealth of practical knowledge comes from 30 years of extensive experience in many CxO and executive roles at some prestigious organizations such as Vonage, Sabre, BlackBerry, Shred-it, The Thomson Corporation (now Thomson Reuters), and Morris Communications. He has served on boards including Customer Advisory Boards of Apple, AgriSource Data, Dell, Edgewise, EMC, LogiSense, Socrates.ai, Spiro Carbon Group, and Unifi.

    Info-Tech Research Group Contributors:

    Sanchia Benedict, Research Lead
    Antony Chan Executive Counsellor
    Janice Clatterbuck, Executive Counsellor
    Ahmed Jowar, Research Specialist
    Dave Kish, Practice Lead
    Nick Kozlo, Senior Research Analyst
    Heather Leier Murray, Senior Research Analyst
    Amanda Mathieson, Research Director
    Carlene McCubbin, Practice Lead
    Joe Meier, Executive Counsellor
    Andy Neill, AVP Research
    Thomas Randall, Research Director

    Plus an additional two contributors who wish to remain anonymous.

    Related Info-Tech Research

    Boardroom Presentation Review

    • You will come away with a clear, concise, and compelling board presentation that IT leaders can feel confident presenting in front of their board of directors.
    • Add improvements to your current board presentation in terms of visual appeal and logical flow to ensure it resonates with your board of directors.
    • Leverage a best-of-breed presentation template.

    Build a Better Manager

    • Management skills training is needed, but organizations are struggling to provide training that makes a long-term difference in the skills managers actually use in their day to day.
    • Many training programs are ineffective because they offer the wrong content, deliver it in a way that is not memorable, and are not aligned with the IT department’s business objectives.

    Crisis Communication Guides

    During a crisis it is important to communicate to employees through messages that convey calm and are transparent and tailored to your audience. Use the Crisis Communication Guides to:

    • Draft a communication strategy.
    • Tailor messages to your audience.
    • Draft employee crisis communications.
    Use this guide to equip leadership to communicate in times of crisis.

    Bibliography

    “Communication in the Workplace Statistics: Importance and Effectiveness in 2022.” TeamStage, 2022.

    Gallo, Carmine. “How Great Leaders Communicate.” Harvard Business Review, 23 November 2022

    Guthrie, Georgina. “Why Good Internal Communications Matter Now More than Ever.” Nulab, 15 December 2021.

    Lambden, Duncan. “The Importance of Effective Workplace Communication – Statistics for 2022.” Expert Market, 13 June 2022.

    “Mapping SFIA Levels of Responsibilities to Behavioural Factors.” Skills Framework for the Information Age, 2021.

    McCreary, Gale. “How to Measure the Effectiveness of Communication: 14 Steps.” WikiHow, 31 March 2023.

    Nowak, Marcin. “Top 7 Communication Problems in the Workplace.” MIT Enterprise Forum CEE, 2021.

    Nunn, Philip. “Messaging That Works: A Unique Framework to Maximize Communication Success.” iabc, 26 October 2020.

    Picincu, Andra. “How to Measure Effective Communications.” Small Business Chron. 12 January 2021.

    Price. David A. “Pixar Story Rules.” Stories From the Frontiers of Knowledge, 2011.

    Roberts, Dan. “How CIOs Become Visionary Communicators.” CIO, 2019.

    Schlesinger, Mark. “Why building effective communication skill in IT is incredibly important.” Forbes, 2021.

    Stanten, Andrew. “Planning for the Worst: Crisis Communications 101.” CIO, 25 May 2017.

    State of the American Workplace Report. Gallup, 6 February 2020.

    “The CIO Revolution.” IBM, 2021.

    “The State of High Performing Teams in Tech 2022.” Hypercontex, 2022.

    Walters, Katlin. “Top 5 Ways to Measure Internal Communication.” Intranet Connections, 30 May 2019.

    Modernize Your Microsoft Licensing for the Cloud Era

    • Buy Link or Shortcode: {j2store}304|cart{/j2store}
    • member rating overall impact (scale of 10): 9.1/10 Overall Impact
    • member rating average dollars saved: $102,414 Average $ Saved
    • member rating average days saved: 10 Average Days Saved
    • Parent Category Name: Licensing
    • Parent Category Link: /licensing
    • Microsoft licensing is complicated. Often, the same software can be licensed a number of ways. It’s difficult to know which edition and licensing model is best.
    • Licensing and features often change with the release of new software versions, compounding the problem by making it difficult to stay current.
    • In tough economic times, IT is asked to reduce capital and operating expenses wherever possible. As one of the top five expense items in most enterprise software budgets, Microsoft licensing is a primary target for cost reduction.

    Our Advice

    Critical Insight

    • Focus on needs first. Conduct a thorough needs assessment and document the results. Well-documented needs will be your best asset in navigating Microsoft licensing and negotiating your agreement.
    • Beware the bundle. Be aware when purchasing the M365 suite that there is no way out. Negotiating a low price is critical, as all leverage swings to Microsoft once it is on your agreement.
    • If the cloud doesn’t fit, be ready to pay up or start making room. Microsoft has drastically reduced discounting for on-premises products, support has been reduced, and product rights have been limited. If you are planning to remain on premises, be prepared to pay up.

    Impact and Result

    • Understand what your organization needs and what your business requirements are. It’s always easier to purchase more later than try to reduce your spend.
    • Complete cost calculations carefully, as the cloud might end up costing significantly more for the desired feature set. However, in some scenarios, it may be more cost efficient for organizations to license in the cloud.
    • If there are significant barriers to cloud adoption, discuss and document them. You’ll need this documentation in three years when it’s time to renew your agreement.

    Modernize Your Microsoft Licensing for the Cloud Era Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Modernize Your Microsoft Licensing Deck – A deck to help you build a strategy for your Microsoft licensing renewal.

    This storyboard will help you build a strategy for your Microsoft licensing renewal from conducting a thorough needs assessment to examining your licensing position, evaluating Microsoft's licensing options, and negotiations.

    • Modernize Your Microsoft Licensing for the Cloud Era – Phases 1-4

    2. Microsoft Cloud Products Cost Modeler – A tool to model estimated costs for Microsoft's cloud products.

    The Microsoft Cloud Products Cost Modeler will provide a rough estimate of what you can expect to pay for Office 365 or Dynamics CRM licensing, before you enter into negotiations. This is not your final cost, but it will give you an idea.

    • Microsoft Cloud Products Cost Modeler

    3. Microsoft Licensing Purchase Reference Guide - A template to capture licensing stakeholder information, proposed changes to licensing, and negotiation items.

    The Microsoft Licensing Purchase Reference Guide can be used throughout the process of licensing review: from initial meetings to discuss compliance state and planned purchases, to negotiation meetings with resellers. Use it in conjunction with Info-Tech's Microsoft Licensing Effective License Position Template.

    • Microsoft Licensing Purchase Reference Guide

    4. Negotiation Timeline for Microsoft – A template to navigate your negotiations with Microsoft.

    This tool will help you plot out your negotiation timeline, depending on where you are in your contract negotiation process.

  • 6-12 months
  • Less than 3 months
    • Negotiation Timeline for Microsoft – Visio
    • Negotiation Timeline for Microsoft – PDF

    5. Effective Licensing Position Tool – A template to help you create an effective licensing position and determine your compliance position.

    This template helps organizations to determine the difference between the number of software licenses they own and the number of software copies deployed. This is known as the organization’s effective license position (ELP).

    • Effective Licensing Position Tool
    [infographic]

    Demystify the New PMBOK Guide and PMI Certifications

    • Buy Link or Shortcode: {j2store}446|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Portfolio Management
    • Parent Category Link: /portfolio-management
    • There is lots of confusion with the latest edition of A Guide to The Project Management Body of Knowledge (PMBOK Guide).
    • The Project Management Professional (PMP) certification is not satisfying the needs of PMOs.
    • There is still a divide on whether the focus should be on the PMP or an Agile-related certification.
    • The PMP certification has lost its sizzle while other emerging certifications have started to penetrate the market. It’s hard to distinguish which certifications still hold weight.

    Our Advice

    Critical Insight

    • The PMP certification is still valuable and worth your time in 2023.
    • There are still over a million active PMP-certified individuals worldwide.
    • PMP can make you more money.

    Impact and Result

    • Study the market trends for certification options as they emerge and evolve.
    • Go with longstanding, reputable certifications, but be ready to pivot if they are not adding value.
    • Look at the job market as an indicator of certification demands.
    • There are a lot of certification options out there, and every day there seems to be a new one that pops up. Wait and see how the market reacts before investing your time and money in a new certification.

    Demystify the New PMBOK Guide and PMI Certifications Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Demystify the New PMBOK and PMI Certifications Storyboard – A guide to validate if the PMP is still valuable. It will also provide clarity related to the updated PMBOK 7th edition.

    This publication will validate if the PMP certification is still valuable and worth your time. In addition, you will gain different perspectives related to other PMI and non-PMI certifications. You will gain a better understanding of the evolution of the PMBOK Guide, and the significant changes made from PMBOK 6th edition to the 7th edition.

    • Demystify the New PMBOK and PMI Certifications Storyboard
    [infographic]

    Further reading

    Demystify the New PMBOK Guide and the PMI Certifications

    The PMP certification is still valuable and worth your time in 2023.

    Analyst Perspective

    The PMP (Project Management Professional) certification is still worth your time.

    Long Dam

    I often get asked, “Is the PMP worth it?” I then proceed with a question of my own: “If it gets you an interview or a foot in the door or bolsters your salary, would it be worth it?” Typically, the answer is a resounding “YES!”

    CIO magazine ranked the PMP as the top project management certification in North America because it demonstrates that you have the specific skills employers seek, dedication to excellence, and the capacity to perform at the highest levels.

    Given its popularity and the demand in the marketplace, I strongly believe it is still worth your time and investment. The PMP is a globally recognized certification that has dominated for decades. It is hard to overlook the fact that the Project Management Institute (PMI) has more than 1.2 million PMP certification holders worldwide and is still considered the gold standard for project management.

    Yes, it’s worth it. It gets you interviews, a foot in the door, and bolsters your salary. Oh, and it makes you a more complete project manager.

    Long Dam, PMP, PMI-ACP, PgMP, PfMP

    Principal Research Director, Project Portfolio Management Practice
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • There is lots of confusion with the latest A Guide to The Project Management Body of Knowledge (aka PMBOK Guide).
    • The Project Management Professional (PMP) certification is not satisfying the needs of PMOs.
    • There is still a divide on whether the focus should be on the PMP or an Agile-related certification.

    The PMP certification has lost its sizzle while other emerging certifications have started to penetrate the market. It’s hard to distinguish which certification still holds weight.

    Common Obstacles

    • Poor understanding and lack of awareness of other PMI certifications outside of the PMP.
    • There are too many competing certifications out there, and it’s hard to decipher which ones to choose.
    • PMI certifications typically take a lot of effort to obtain and maintain.

    There are other, less intensive certifications available. It’s unclear what will be popular in the future.

    Info-Tech's Approach

    • Study the market trends for certification options as they emerge and evolve.
    • Go with longstanding reputable certifications, but be ready to pivot if they are not adding value.
    • Look at the job market as an indicator for certification demands.

    There are a lot of certification options out there, and every day there seems to be a new one that pops up. Wait and see how the market reacts before investing your time and money in a new certification.

    Info-Tech Insight

    The PMP certification is still valuable and worthy of your time in 2023.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guide Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or knowledge to take this project on. We need assistance through the entirety of the this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    The PMP dominated the market for decades and got over 1 million people certified

    Total active project management professional holders from December 2021 versus July 2022

    Info-Tech Insight

    The PMI’s flagship PMP certification numbers have not significantly increased from 2021 to 2022. However, PMP substantially outpaces all competitors with over 1.2 million certified PMPs.

    Source: projectmanagement.com

    The PMP penetrated over 200 countries

    PMP is the global project management gold standard.

    • CIO magazine ranked the PMP as the top project management certification because it demonstrates you have the specific skills employers seek, dedication to excellence, and the capacity to perform at the highest levels.
    • It delivers real value in the form of professional credibility, deep knowledge, and increased earning potential. Those benefits have staying power.
    • The PMP now includes predictive, Agile, and hybrid approaches.
    • The PMP demonstrates expertise across the wide array of planning and work management styles.

    Source: PMI, “PMP Certification.” PMI, “Why You Should Get the PMP.”

    The PMP was valuable in the past specifically because it was the standard

    79% of project managers surveyed have the PMP certification out of 30,000 respondents in 40 countries.

    The PMP became table stakes for jobs in project management and PMO’s.

    Work desk with project management written in middle. Arrows point to: Goals, planning, risks, control, teamwork, cost, communication, and problem solving.

    Source: PMI’s Earning Power: Project Management Salary Survey—Twelfth Edition (2021)

    The PMP put itself on a collision course with Agile

    • The Agile Certified Practitioner (PMI-ACP) was introduced in 2012 which initially clashed with the PMP for project management supremacy from the PMI.
    • Then the Disciplined Agile (DA) was introduced in 2019, which further compounded the issue and caused even more confusion with both the PMP and the PMI-ACP certification.
    • Instead of complementing the PMP, these certifications began to inadvertently compete with it head-to-head.

    There is a new PMBOK Guide Seventh Edition in town

    The PMI made its most significant changes between 2017 and 2021.

    Chart showing editions of the PMBOK guide from 1996 to 2021.

    Timeline adapted from Wikipedia, “Project Management Body of Knowledge.”

    Roughly every 3-5 years, the PMI has released a new PMBOK version. It’s unclear if there will be an eighth edition.

    The market got confused by PMBOK Guide – Seventh Edition

    PMBOK guide version 5 considered the gold standard, version 6 first included Agile and version 7 was the most radical change.

    • Die-hard traditional project managers have a hard time grasping why the PMI messed around with the PMBOK Guide. There is sentiment that the PMBOK Guide V7 got diluted.
    • Naysayers do not think that the PMBOK Guide V7 hit the mark and found it to be a concession to Agilists.
    • The PMBOK Guide V7 was significantly trimmed down by almost two-thirds to 274 pages whereas the PMBOK V6 ballooned to 756 pages!
    • Some Agile practitioners found this to be a refreshing, bold move from the PMI. Most, however, ignored or resisted it.
    PMBOK Guide: A guide to the Project Management Body of Knowledge Seventh Edition.  AND The Standard for Project Management.

    PMBOK Guide – Seventh edition released in 2021

    • The PMBOK Guide – Seventh Edition was released in late 2021. It was the most radical change since 1987. For the first time, the PMI went from a process-based standard to a principles-based standard, and the guide went from knowledge areas to project performance domains. This may have diluted the traditional predictive project management practices. However, it was offset by incorporating more iterative, Agile, and hybrid approaches.
    • The market is confused and is clearly shifting toward Agile and away from the rigor that is typically associated with the PMI.
    • The PMI transitioned most of the process-based standards & ITTO to their new digital PMIStandards+ online platform, which can be found here (access for PMI members only).
    • The PMBOK Guide is not the sole basis of the certification exam; however, it can be used as one of several reference resources. Using the exam content outline (ECO) is the way forward, which can be found here.

    The Agile certification seems to be the focus for the PMI in the coming years

    • The PMI started to get into the Agile game with the introduction of Agile certifications, which is where all the confusion started. Although the PMI-ACP & the DASM have seen a steady uptake recently, it appears to be at the expense of the PMP certification.
    • The PMI acquired the Discipline Agile (DA) in late 2019, which expanded their offerings and capabilities for project managers and teams to choose their “way of working.”
    • This was an important milestone for the PMI to address the new way of working for Agile practitioners with this offering to provide more options and to better support enterprise agility.
    PMI-ACP & the DASM have seen a steady uptake recently.

    Source: projectmanagement.com as of July 2022

    The PMI has lost more certified PMPs than they have gained so far in 2022

    The PMI has lost more certified PMPs than they have gained so far in 2022.

    PMP

    PMP – Project Management Professional

    It is a concerning trend that their bread and butter, the PMP flagship certification, has largely stalled in 2022. We are unsure if this was attributed to them being displaced by competitors such as the Agile Alliance, their own Agile offerings, or the market’s lackluster reaction to PMBOK Guide – Seventh Edition.

    Source: projectmanagement.com as of July 2022

    The PMI’s total memberships have stalled since September 2021

    The PMIs total memberships have stalled since September 2021.

    PMI: Project Management Insitute

    The PMI’s membership appears to have a direct correlation to the PMP numbers. As the PMP number stalls, so do the PMI’s memberships.

    Source: projectmanagement.com as of July 2022

    The PMP and the PMBOK Guide are more focused on project management

    The knowledge and skills were not all that helpful for running programs, portfolios, and PMOs.
    • It became evident that other certifications were more tightly aligned to program and portfolio management for the PMOs. The PMI provides the following:
      • Program Management Professional (PgMP)
      • Portfolio Management Professional (PfMP)
    • Axelos also has certifications for program management and portfolio management, such as:
      • Managing Successful Programmes (MSP)
      • Management of Portfolios (MoP)
      • Portfolio, Programme, and Project Offices (P3O)

    The market didn’t know what to do with the PgMP or the PfMP

    These were relatively unknown certifications for Program and Portfolio Management.

    • The PMI’s story was that you would start as a project manager with the PMP certification and then the natural progression would be toward either Program Management (PgMP) or Portfolio Management (PfMP).
    • The uptake for the PgMP and the PfMP certification has been insignificant and underwhelming. The appetite and the demand for PMO-aligned certifications has been lackluster since their inception.
    PgMP - Program Management Professional and PfMP - Portfolio Management Professioanal Certifications are relatively unkown. PgMP only has 3780 members since 2007, and PfMP has 1266 since 2014.

    Source: projectmanagement.com as of July 2022

    There are other non-PMI certifications to consider

    Depending on your experience level

    List of non-PMI certifications based on specialization. List of non-PMI certifications based on years of experience.  Divided into 3 categories: 0-3 years, 3+ years, and 8+ years of experience.

    Other non-PMI project management certifications

    Non-PMI project management certifications

    PRINCE2 and CSM appear to be the more popular ones in the market.

    In April 2022, CIO.com outlined other popular project management certifications outside of the PMI.

    Source: CIO.com

    Project managers have an image problem among senior leaders

    There is a perception that PMs are just box-checkers and note-takers.

    • Project managers are seen as tactical troubleshooters rather than strategic partners. This suggests a widespread lack of understanding of the value and impact of project management at the C-suite level.
    • Very few C-suite executives associate project managers with "realizing visions," being "essential," or being "changemakers."
    • Strong strategic alignment between the PMO and the C-suite helps to reinforce the value of project management capabilities in achieving wider strategic aims.

    Source: PMI, Narrowing The Talent Gap, 2021

    Hiring practices have yet to change in response to the PMI’s moves

    The PMP is still the standard, even for organizations transitioning to Agile and PMO/portfolio jobs.

    • Savvy business leaders are still unsure about how Agile will impact them in the long term.
    • According to the Narrowing the Talent Gap report, PMI and PwC’s latest global research indicates that talent strategies haven’t changed much. There’s a widespread lack of focus on developing and retaining existing project managers, and a lack of variety and innovation in attracting and recruiting new talent. The core problem is that there isn’t a business case for investment in talent.

    Noteworthy Agile certifications to consider

    AGILE Certified Practioner(PMI-ACP) and Certified ScrumMaster(CSM) certification details.

    Source: PMI, “Agile Certifications,” and ScrumAlliance, “Become a Certified ScrumMaster.”

    Info-Tech Insight

    There is a lot of chatter about which Agile certification is better, and the jury is still out with no consensus. There are pros and cons to both certifications. We believe the PMI-ACP will give you more mileage and flexibility because of its breath of coverage in the Agile practice compared to the CSM.

    The talent shortage is a considerable risk to organizations

    • According to the PMI’s 2021 Talent Gap report1, the talent gap is likely to impact every region. By 2030, at least 13 million project managers are expected to have retired, creating additional challenges for recruitment. To close the gap, 25 million new project professionals are needed by 2030.
    • Young project managers will change the profession. Millennials and Generation Z are bringing fresh perspectives to projects. Learning to work alongside these younger generations isn't optional, as they increasingly dominate the labor force and extend their influence.
    • Millennials have already arrived: According to Pew Research2, this group surpassed Gen X in 2016 and is now the largest generation in the US labor force.

    1. PMI, Talent Gap, 2021.
    2. PM Network, 2019.

    Money talks – the PMP is still your best payoff

    It is a financially rewarding profession!

    The median salary for PMP holders in the US is 25% higher than those without PMP certification.

    On a global level, the Project Management Professional (PMP) certification has been shown to bolster salary levels. Holders of the PMP certification report higher median salaries than those without a PMP certification – 16% higher on average across the 40 countries surveyed.

    Source: PMI, Earning Power, 2021

    Determine which skills and capabilities are needed in the coming years

    • A scan of 2022 PM and PMO postings still shows continued dominance of the PMP certification requirement.
    • People and relationships have become more important than predicting budgets and timelines.
    • The PMI and PwC Global Survey on Transformation and Project Management 2021 identified the top five skills/capabilities for project managers (in order of priority):
      1. Relationship building
      2. Collaborative leadership
      3. Strategic thinking
      4. Creative problem solving
      5. Commercial awareness

    Source: PMI, Narrowing The Talent Gap, 2021.

    Prepare for product delivery by focusing on top digital-age skills

    According to the PMI Megatrends 2022 report, they have identified six areas as the top digital-age skills for product delivery:

    1. Innovative mindset
    2. Legal and regulatory compliance knowledge
    3. Security and privacy knowledge
    4. Data science skills
    5. Ability to make data-driven decisions
    6. Collaborative leadership skills

    Many organizations aren’t considering candidates who don’t have project-related qualifications. Indeed, many more are increasing the requirements for their qualifications than those who are reducing it.

    Source: PMI, Narrowing The Talent Gap, 2021

    Prioritize training and development at the C-suite level

    Currently, there is an imbalance with more emphasis of training on tools, processes, techniques, and methodologies rather than business acumen skills, collaboration, and management skills. With the explosion of remote work, training needs to be revamped and, in some cases, redesigned altogether to accommodate remote employees.

    Train of gears Labeled: Training. Gears from left to right are labeled: Knowledge, coaching, skills, developement, and experience.

    Lack of strategic prioritization is evident in how training and development is being done, with organizations largely not embracing a diversity of learning preferences and opportunities.

    Source: PMI, Narrowing The Talent Gap, 2021

    PM is evolving into a more strategic role

    • Ensure program and portfolio management roles are supported by the most appropriate certifications.
    • For project managers that have evolved beyond the iron triangle of managing projects, there is applicability to the PgMP and the PfMP for program managers, portfolio managers, and those in charge of PMOs.
    • Although these certifications have not been widely adopted due to lack of awareness and engagement at the decision-maker level, they still hold merit and prestige within the project management community.

    Project managers are evolving. No longer creatures of scope, schedule, and budget alone, they are now – enabled by new technology – focusing on influencing outcomes, building relationships, and achieving the strategic goals of their organizations.

    Source: PMI, Narrowing the Talent Gap, 2021

    Overhaul your recruitment practices to align with skills/capabilities

    World map with cartoon profile images, linked in a network.

    Talent managers will need to retool their toolbox to fill the capability gap and to look beyond where the role is geographically based by embracing flexible staffing models.

    They will need to evolve their talent strategies in line with changing business priorities.

    Organizations should be actively working to increase the diversity of candidates and upskilling young people in underrepresented communities as a priority.

    Most organizations are still relying on traditional approaches to recruit talent. Although we are prioritizing power skills and business acumen, we are still searching in the same, shrinking pool of talent.

    Source: PMI, Narrowing the Talent Gap, 2021.

    Bibliography

    “Agile Certifications for Every Step in Your Career.” PMI. Web.

    “Become a Certified ScrumMaster and Help Your Team Thrive.” ScrumAlliance. Web.

    “Become a Project Manager.” PMI. Accessed 14 Sept. 2022.

    Bucero, A. “The Next Evolution: Young Project Managers Will Change the Profession: Here's What Organizations Need to Know.” PM Network, 2019, 33(6), 26–27.

    “Certification Framework.” PMI. Accessed 14 Sept. 2022.

    “Certifications.” PMI. Accessed 14 Sept. 2022.

    DePrisco, Mike. Global Megatrends 2022. “Foreword.” PMI, 2022. Accessed 14 Sept. 2022.

    Earning Power: Project Management Salary Survey. 12th ed. PMI, 2021. Accessed 14 Sept. 2022.

    “Global Research From PMI and PwC Reveals Attributes and Strategies of the World’s Leading Project Management Offices.” PMI, 1 Mar. 2022. Press Release. Accessed 14 Sept. 2022.

    Narrowing the Talent Gap. PMI, 2021. Accessed 14 Sept. 2022.

    “PMP Certification.” PMI. Accessed 4 Aug. 2022.

    “Project Management Body of Knowledge.” Wikipedia, Wikimedia Foundation, 29 Aug. 2022.

    “Project Portfolio Management Pulse Survey 2021.” PwC. Accessed 30 Aug. 2022.

    Talent Gap: Ten-Year Employment Trends, Costs, and Global Implications. PMI. Accessed 14 Sept. 2022.

    “The Critical Path.” ProjectManagement.com. Accessed 14 Sept. 2022.

    “True Business Agility Starts Here.” PMI. Accessed 14 Sept. 2022.

    White, Sarah K. and Sharon Florentine. “Top 15 Project Management Certifications.” CIO.com, 22 Apr. 2022. Web.

    “Why You Should Get the PMP.” PMI. Accessed 14 Sept. 2022.

    Build a Strategic IT Workforce Plan

    • Buy Link or Shortcode: {j2store}390|cart{/j2store}
    • member rating overall impact (scale of 10): 9.6/10 Overall Impact
    • member rating average dollars saved: $180,171 Average $ Saved
    • member rating average days saved: 19 Average Days Saved
    • Parent Category Name: Organizational Design
    • Parent Category Link: /organizational-design
    • Talent has become a competitive differentiator. To 46% of business leaders, workforce planning is a top priority – yet only 13% do it effectively.
    • CIOs aren’t sure what they need to give the organization a competitive edge or how current staffing line-ups fall short.

    Our Advice

    Critical Insight

    • A well defined strategic workforce plan (SWP) isn’t just a nice-to-have, it’s a must-have.
    • Integrate as much data as possible into your workforce plan to best prepare you for the future. Without knowledge of your future initiatives, you are filling hypothetical holes.
    • To be successful, you need to understand your strategic initiatives, workforce landscape, and external and internal trends.

    Impact and Result

    The workforce planning process does not need to be onerous, especially with help from Info-Tech’s solid planning tools. With the right people involved and enough time invested, developing an SWP will be easier than first thought and time well spent. Leverage Info-Tech’s client-tested 5-step process to build a strategic workforce plan:

    1. Build a project charter
    2. Assess workforce competency needs
    3. Identify impact of internal and external trends
    4. Identify the impact of strategic initiatives on roles
    5. Build and monitor the workforce plan

    Build a Strategic IT Workforce Plan Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build a strategic workforce plan for IT, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Initiate the project

    Assess the value of a strategic workforce plan and the IT department’s fit for developing one, and then structure the workforce planning project.

    • Build a Strategic Workforce Plan – Phase 1: Initiate the Project
    • IT Strategic Workforce Planning Project Charter Template
    • IT Strategic Workforce Planning Project Plan Template

    2. Analyze workforce needs

    Gather and analyze workforce needs based on an understanding of the relevant internal and external trends, and then produce a prioritized plan of action.

    • Build a Strategic Workforce Plan – Phase 2: Analyze Workforce Needs
    • Workforce Planning Workbook

    3. Build the workforce plan

    Evaluate workforce priorities, plan specific projects to address them, and formalize and integrate strategic workforce planning into regular planning processes.

    • Build a Strategic Workforce Plan – Phase 3: Build and Monitor the SWP
    [infographic]

    Workshop: Build a Strategic IT Workforce Plan

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify Project Goals, Metrics, and Current State

    The Purpose

    Develop a shared understanding of the challenges your organization is facing with regards to talent and workforce planning.

    Key Benefits Achieved

    An informed understanding of whether or not you need to develop a strategic workforce plan for IT.

    Activities

    1.1 Identify goals, metrics, and opportunities

    1.2 Segment current roles

    1.3 Identify organizational culture

    1.4 Assign job competencies

    1.5 Assess current talent

    Outputs

    Identified goals, metrics, and opportunities

    Documented organizational culture

    Aligned competencies to roles

    Identified current talent competency levels

    2 Assess Workforce and Analyze Trends

    The Purpose

    Perform an in-depth analysis of how internal and external trends are impacting the workforce.

    Key Benefits Achieved

    An enhanced understanding of the current talent occupying the workforce.

    Activities

    2.1 Assess environmental trends

    2.2 Identify impact on workforce requirements

    2.3 Identify how trends are impacting critical roles

    2.4 Explore viable options

    Outputs

    Complete internal trends analysis

    Complete external trends analysis

    Identified internal and external trends on specific IT roles

    3 Perform Gap Analysis

    The Purpose

    Identify the changing competencies and workforce needs of the future IT organization, including shortages and surpluses.

    Key Benefits Achieved

    Determined impact of strategic initiatives on workforce needs.

    Identification of roles required in the future organization, including surpluses and shortages.

    Identified projects to fill workforce gaps.

    Activities

    3.1 Identify strategic initiatives

    3.2 Identify impact of strategic initiatives on roles

    3.3 Determine workforce estimates

    3.4 Determine projects to address gaps

    Outputs

    Identified workforce estimates for the future

    List of potential projects to address workforce gaps

    4 Prioritize and Plan

    The Purpose

    Prepare an action plan to address the critical gaps identified.

    Key Benefits Achieved

    A prioritized plan of action that will fill gaps and secure better workforce outcomes for the organization.

    Activities

    4.1 Determine and prioritize action items

    4.2 Determine a schedule for review of initiatives

    4.3 Integrate workforce planning into regular planning processes

    Outputs

    Prioritized list of projects

    Completed workforce plan

    Identified opportunities for integration

    Essentials of Vendor Management for Small Business

    • Buy Link or Shortcode: {j2store}229|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management
    • Each year, SMB IT organizations spend more money “outsourcing” tasks, activities, applications, functions, and other items.
    • Many SMBs lack the affordability of implementing a sophisticated vendor management initiative or office.
    • The increased spend and associated outsourcing leads to less control, and more risk for IT organizations. Managing this becomes a higher priority for IT, but many IT organizations are ill-equipped to do this proactively.

    Our Advice

    Critical Insight

    • Vendor management is not “plug and play” – each organization’s vendor management initiative (VMI) needs to fit its culture, environment, and goals. There are commonalities among vendor management initiatives, but the key is to adapt vendor management principles to fit your needs, not the other way around.
    • All vendors are not of equal importance to an organization. Internal resources are a scarce commodity and should be deployed so that they provide the best return on the organization’s investment. Classifying or segmenting your vendors allows you to focus your efforts on the most important vendors first, allowing your VMI to have the greatest impact possible.
    • Having a solid foundation is critical to the VMI’s ongoing success. Whether you will be creating a formal vendor management office or using vendor management techniques, tools, and templates “informally”, starting with the basics is essential. Make sure you understand why the VMI exists and what it hopes to achieve, what is in and out of scope for the VMI, what strengths the VMI can leverage and the obstacles it will have to address, and how it will work with other areas within your organization.

    Impact and Result

    • Build and implement a vendor management initiative tailored to your environment.
    • Create a solid foundation to sustain your vendor management initiative as it evolves and matures.
    • Leverage vendor management-specific tools and templates to manage vendors more proactively and improve communication.
    • Concentrate your vendor management resources on the right vendors.
    • Build a roadmap and project plan for your vendor management journey to ensure you reach your destination.
    • Build collaborative relationships with critical vendors.

    Essentials of Vendor Management for Small Business Research & Tools

    Start here – read the Executive Brief

    Read this Executive Brief to understand how changes in the vendor landscape and customer reliance on vendors have made a vendor management initiative indispensible.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Plan

    This phase helps you organize your VMI and document internal processes, relationships, roles, and responsibilities. The main outcomes from this phase are organizational documents, a baseline VMI maturity level, and a desired future state for the VMI.

    • Essentials of Vendor Management for Small Business – Phase 1: Plan
    • Phase 1 Small Business Tools and Templates Compendium

    2. Build

    This phase helps you configure and create the tools and templates that will help you run the VMI. The main outcomes from this phase are a clear understanding of which vendors are important to you, the tools to manage the vendor relationships, and an implementation plan.

    • Essentials of Vendor Management for Small Business – Phase 2: Build
    • Phase 2 Small Business Vendor Classification Tool
    • Phase 2 Small Business Risk Assessment Tool
    • Phase 2 Small Business Tools and Templates Compendium

    3. Run

    This phase helps you begin operating the VMI. The main outcomes from this phase are guidance and the steps required to implement your VMI.

    • Essentials of Vendor Management for Small Business – Phase 3: Run

    4. Review

    This phase helps the VMI identify what it should stop doing, start doing, and continue doing as it improves and matures. The main outcomes from this phase are ways to advance the VMI and maintain internal alignment.

    • Essentials of Vendor Management for Small Business – Phase 4: Review
    [infographic]

    Further reading

    Essentials of Vendor Management for Small Business

    Create and implement a vendor management framework to begin obtaining measurable results in 90 days.


    EXECUTIVE BRIEF

    Analyst Perspective

    Vendor Management Challenge

    Small businesses are often challenged by the growth and complexity of their vendor ecosystem, including the degree to which the vendors control them. Vendors are increasing, obtaining more and more budget dollars, while funding for staff or headcount is decreasing as a result of cloud-based applications and an increase in our reliance on Managed Service Providers. Initiating a vendor management initiative (VMI) vs. creating a fully staffed vendor management office will get you started on the path of proactively controlling your vendors instead of consistently operating in a reactionary mode. This blueprint is designed with that very thought: to assist small businesses in creating the essentials of a vendor management initiative.

    This is a picture of Steve Jeffery

    Steve Jeffery
    Principal Research Director, Vendor Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Each year, IT organizations "outsource" tasks, activities, functions, and other items. During 2021:

    • Spend on as-a-service providers increased 38% over 2020.*
    • Spend on managed service providers increased 16% over 2020.*
    • IT service providers increased their merger and acquisition numbers by 47% over 2020.*

    This leads to more spend, less control, and more risk for IT organizations. Managing this becomes a higher priority for IT, but many IT organizations are ill-equipped to do this proactively.

    Common Obstacles

    As new contracts are negotiated and existing contracts are renegotiated or renewed, there is a perception that the contracts will yield certain results, output, performance, solutions, or outcomes. The hope is that these will provide a measurable expected value to IT and the organization. Oftentimes, much of the expected value is never realized. Many organizations don't have a VMI to help:

    • Ensure at least the expected value is achieved.
    • Improve on the expected value through performance management.
    • Significantly increase the expected value through a proactive VMI.

    Info-Tech's Approach

    Vendor Management is a proactive, cross-functional lifecycle. It can be broken down into four phases:

    • Plan
    • Build
    • Run
    • Review

    The Info-Tech process addresses all four phases and provides a step-by-step approach to configure and operate your VMI. The content in this blueprint helps you quickly establish your VMI and sets a solid foundation for its growth and maturity.

    Info-Tech Insight

    Vendor management is not a one-size-fits-all initiative. It must be configured:

    • For your environment, culture, and goals.
    • To leverage the strengths of your organization and personnel.
    • To focus your energy and resources on your critical vendors.

    Executive Summary

    Your challenge

    Spend on managed service providers and as-a-service providers continues to increase. In addition, IT services vendors continue to be active in the mergers and acquisitions arena. This increases the need for a VMI to help with the changing IT vendor landscape.

    38%

    2021

    16%

    2021

    47%

    2021

    Spend on as-a-service providers

    Spend on managed services providers

    IT services merger & acquisition growth (transactions)

    Source: Information Services Group, Inc., 2022.

    Executive Summary

    Common obstacles

    When organizations execute, renew, or renegotiate a contract, there is an "expected value" associated with that contract. Without a robust VMI, most of the expected value will never be realized. With a robust VMI, the realized value significantly exceeds the expected value during the contract term.

    A contract's realized value with and without a vendor management initiative

    This is an image of a bar graph showing the difference in value between those with and without a VMI, with and for those with a VMI, with Vendor Collaboration and with Vendor Performance Management. The data for those with a VMI have substantially more value.

    Source: Based on findings from Geller & Company, 2003.

    Executive Summary

    Info-Tech's approach

    A sound, cyclical approach to vendor management will help you create a VMI that meets your needs and stays in alignment with your organization as they both change (i.e. mature and grow).

    This is an image of the 4 Step Vendor Management Process. The four steps are: 1. Plan; 2. Build; 3. Run; 4. Review.

    Info-Tech's methodology for creating and operating your vmi

    Phase 1 - Plan Phase 2 - Build Phase 3 - Run Phase 4 - Review
    Phase Steps

    1.1 Mission Statement and Goals

    1.2 Scope

    1.3 Strengths and Obstacles

    1.4 Roles and Responsibilities

    2.1 Classification Model

    2.2 Risk Assessment Tool

    2.3 Scorecards and Feedback

    2.4 Business Alignment Meeting Agenda

    2.5 Relationship Alignment Document

    2.6 Vendor Orientation

    2.7 3-Year Roadmap

    2.8 90-Day Plan

    2.9 Quick Wins2.10 Reports

    3.1 Classify Vendors

    3.2 Compile Scorecards

    3.3 Conduct Business Alignment Meetings

    3.4 Work the 90-Day Plan

    3.5 Manage the 3-Year Roadmap

    3.6 Develop/Improve Vendor Relationships

    4.1 Incorporate Leading Practices

    4.2 Leverage Lessons Learned

    4.3 Maintain Internal Alignment

    Phase Outcomes This phase helps you organize your VMI and document internal processes, relationships, roles, and responsibilities. The main outcomes from this phase are organizational documents, a baseline VMI maturity level, and a desired future state for the VMI. This phase helps you configure and create the tools and templates that will help you run the VMI. The main outcomes from this phase are a clear understanding of which vendors are important to you, the tools to manage the vendor relationships, and an implementation plan. This phase helps you begin operating the VMI. The main outcomes from this phase are guidance and the steps required to implement your VMI. This phase helps the VMI identify what it should stop doing, start doing, and continue doing as it improves and matures. The main outcomes from this phase are ways to advance the VMI and maintain internal alignment.

    Insight Summary

    Insight 1

    Vendor management is not "plug and play" – each organization's vendor management initiative (VMI) needs to fit its culture, environment, and goals. While there are commonalities and leading practices associated with vendor management, your initiative won't look exactly like another organization's. The key is to adapt vendor management principles to fit your needs.

    Insight 2

    All vendors are not of equal importance to your organization. Internal resources are a scarce commodity and should be deployed so that they provide the best return on the organization's investment. Classifying or segmenting your vendors allows you to focus your efforts on the most important vendors first, allowing your VMI to have the greatest impact possible.

    Insight 3

    Having a solid foundation is critical to the VMI's ongoing success. Whether you will be creating a formal vendor management office or using vendor management techniques, tools, and templates "informally", starting with the basics is essential. Make sure you understand why the VMI exists and what it hopes to achieve, what is in and out of scope for the VMI, what strengths the VMI can leverage and the obstacles it will have to address, and how it will work with other areas within your organization.

    Blueprint benefits

    IT benefits

    • Identify and manage risk proactively.
    • Reduce costs and maximize value.
    • Increase visibility with your critical vendors.
    • Improve vendor performance.
    • Create a collaborative environment with key vendors.
    • Segment vendors to allocate resources more effectively and more efficiently.

    Business benefits

    • Improve vendor accountability.
    • Increase collaboration between departments.
    • Improve working relationships with your vendors.
    • Create a feedback loop to address vendor/customer issues before they get out of hand or are more costly to resolve.
    • Increase access to meaningful data and information regarding important vendors.

    Phase 1 - Plan

    Phase 1

    Phase 2 Phase 3 Phase 4

    1.1 Mission Statement and Goals

    1.2 Scope

    1.3 Strengths and Obstacles

    1.4 Roles and Responsibilities

    2.1 Classification Model

    2.2 Risk Assessment Tool

    2.3 Scorecards and Feedback

    2.4 Business Alignment Meeting Agenda

    2.5 Relationship Alignment Document

    2.6 Vendor Orientation

    2.7 3-Year Roadmap

    2.8 90-Day Plan

    2.9 Quick Wins

    2.10 Reports

    3.1 Classify Vendors

    3.2 Compile Scorecards

    3.3 Conduct Business Alignment Meetings

    3.4 Work the 90-Day Plan

    3.5 Manage the 3-Year Roadmap

    3.6 Develop/Improve Vendor Relationships

    4.1 Incorporate Leading Practices

    4.2 Leverage Lessons Learned

    4.3 Maintain Internal Alignment

    This phase will walk you through the following activity:

    • Organizing your VMI and document internal processes, relationships, roles, and responsibilities. The main outcomes from this phase are organizational documents, and a desired future state for the VMI.

    This phase involves the following participants:

    • VMI team
    • Applicable stakeholders and executives
    • Procurement/Sourcing
    • IT
    • Others as needed

    Vendor Management Initiative Basics for the Small/Medium Businesses

    Phase 1 – Plan

    Get Organized

    Phase 1 – Plan focuses on getting organized. Foundational elements (Mission Statement, Goals, Scope, Strengths and Obstacles, Roles and Responsibilities, and Process Mapping) will help you define your VMI. These and the other elements of this Phase will follow you throughout the process of starting up your VMI and running it.

    Spending time up front to ensure that everyone is on the same page will help avoid headaches down the road. The tendency is to skimp (or even skip) on these steps to get to "the good stuff." To a certain extent, the process provided here is like building a house. You wouldn't start building your dream home without having a solid blueprint. The same is true with vendor management. Leveraging vendor management tools and techniques without the proper foundation may provide some benefit in the short term, but in the long term it will ultimately be a house of cards waiting to collapse.

    Step 1.1 – Mission statement and goals

    Identify why the VMI exists and what it will achieve

    Whether you are starting your vendor management journey or are already down the path, it is important to know why the vendor management initiative exists and what it hopes to achieve. The easiest way to document this is with a written declaration in the form of a Mission Statement and Goals. Although this is the easiest way to proceed, it is far from easy.

    The Mission Statement should identify at a high level the nature of the services provided by the VMI, who it will serve, and some of the expected outcomes or achievements. The Mission Statement should be no longer than one or two sentences.

    The complement to the Mission Statement is the list of goals for the VMI. Your goals should not be a reassertion of your Mission Statement in bullet format. At this stage it may not be possible to make them SMART (Specific, Measurable, Achievable/Attainable, Relevant, Time-Bound/Time-Based), but consider making them as SMART as possible. Without some of the SMART parameters attached, your goals are more like dreams and wishes. At a minimum, you should be able to determine the level of success achieved for each of the VMI goals.

    Although the VMI's Mission Statement will stay static over time (other than for significant changes to the VMI or organization as a whole), the goals should be reevaluated periodically using a SMART filter, and adjusted as needed.

    1.1.1 – Mission statement and goals

    20 – 40 Minutes

    1. Meet with the participants and use a brainstorming activity to list, on a whiteboard or flip chart, the reasons why the VMI will exist.
    2. Review external mission statements for inspiration.
    3. Review internal mission statements from other areas to ensure consistency.
    4. Draft and document your Mission Statement in the Phase 1 Tools and Templates Compendium – Tab 1.1 Mission Statement and Goals.
    5. Continue brainstorming and identify the high-level goals for the VMI.
    6. Review the list of goals and make them as SMART (Specific, Measurable, Achievable/Attainable, Relevant, Time-Bound/Time-Based) as possible.
    7. Document your goals in the Phase 1 Tools and Templates Compendium– Tab 1.1 Mission Statement and Goals.
    8. Obtain signoff on the Mission Statement and goals from stakeholders and executives as required.

    Input

    • Brainstorming results
    • Mission statements from other internal and external sources

    Output

    • Completed Mission Statement and Goals

    Materials

    • Whiteboard/Flip Charts
    • Phase 1 Tools and Templates Compendium – Tab 1.1 Mission Statement and Goals

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 1 Tools and Templates Compendium

    Step 1.2 – Scope

    Determine what is in scope and out of scope for the VMI

    Regardless of where your VMI resides or how it operates, it will be working with other areas within your organization. Some of the activities performed by the VMI will be new and not currently handled by other groups or individuals internally; at the same time, some of the activities performed by the VMI may be currently handled by other groups or individuals internally. In addition, executives, stakeholders, and other internal personnel may have expectations or make assumptions about the VMI. As a result, there can be a lot of confusion about what the VMI does and doesn't do, and the answers cannot always be found in the VMI's Mission Statement and Goals.

    One component of helping others understand the VMI landscape is formalizing the VMI Scope. The Scope will define boundaries for the VMI. The intent is not to fence itself off and keep others out but provide guidance on where the VMI's territory begins and ends. Ultimately, this will help clarify the VMI's roles and responsibilities, improve workflow, and reduce errant assumptions.

    When drafting your VMI scoping document, make sure you look at both sides of the equation (similar to what you would do when following best practices for a statement of work). Identify what is in scope and what is out of scope. Be specific when describing the individual components of the VMI Scope, and make sure executives and stakeholders are onboard with the final version.

    1.2.1 – Scope

    20 - 40 Minutes

    1. Meet with the participants and use a brainstorming activity to list, on a whiteboard or flip chart, the activities and functions in scope and out of scope for the VMI.
      1. Be specific to avoid ambiguity and improve clarity.
      2. Go back and forth between in scope and out of scope as needed; it is not necessary to list all the in-scope items and then turn your attention to the out-of-scope items.
    2. Review the lists to make sure there is enough specificity. An item may be in scope or out of scope, but not both.
    3. Use the Phase 1 Tools and Templates Compendium – Tab 1.2 Scope to document the results.
    4. Obtain signoff on the Scope from stakeholders and executives as required.

    Input

    • Brainstorming results
    • Mission Statement and Goals

    Output

    • Completed list of items in and out of scope for the VMI

    Materials

    • Whiteboard/Flip Charts
    • Phase 1 Tools and Templates Compendium – Tab 1.2 Scope

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 1 Tools and Templates Compendium

    Step 1.3 – Strengths and obstacles

    Pinpoint the VMI's strengths and obstacles

    A SWOT analysis (strengths, weaknesses, opportunities, and threats) is a valuable tool, but it is overkill for your VMI at this point. However, using a modified and simplified form of this tool (strengths and obstacles) will yield significant results and benefit the VMI as it grows and matures.

    Your output will be two lists: the strengths associated with the VMI and the obstacles the VMI is facing. For example, strengths could include items such as smart people working within the VMI and executive support. Obstacles could include items such as limited headcount and training required for VMI staff.

    The goals are 1) to harness the strengths to help the VMI be successful and 2) to understand the impact of the obstacles and plan accordingly. The output can also be used to enlighten executives and stakeholders about the challenges associated with their directives or requests (e.g. human bandwidth may not be sufficient to accomplish some of the vendor management activities and there is a moratorium on hiring until the next budget year).

    For each strength identified, determine how you will or can leverage it when things are going well or when the VMI is in a bind. For each obstacle, list the potential impact on the VMI (e.g. scope, growth rate, and number of vendors that can actively be part of the VMI).

    As you do your brainstorming, be as specific as possible and validate your lists with stakeholders and executives as needed.

    1.3.1 – Strengths and obstacles

    20 - 40 Minutes

    Meet with the participants and use a brainstorming activity to list, on a whiteboard or flip chart, the VMI's strengths and obstacles.

    Be specific to avoid ambiguity and improve clarity.

    Go back and forth between strengths and obstacles as needed; it is not necessary to list all the strengths first and then all the obstacles.

    It is possible for an item to be a strength and an obstacle; when this happens, add details to distinguish the situations.

    Review the lists to make sure there is enough specificity.

    Determine how you will leverage each strength and how you will manage each obstacle.

    Use the Phase 1 Tools and Templates Compendium – Tab 1.3 Strengths and Obstacles to document the results.

    Obtain signoff on the strengths and obstacles from stakeholders and executives as required.

    Input

    • Brainstorming
    • Mission Statement and Goals
    • Scope

    Output

    • Completed list of items impacting the VMI's ability to be successful: strengths the VMI can leverage and obstacles the VMI must manage

    Materials

    • Whiteboard/Flip Charts
    • Phase 1 Tools and Templates Compendium – Tab 1.3 Strengths and Obstacles

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 1 Tools and Templates Compendium

    Step 1.4 – Roles and responsibilities

    Obtain consensus on who is responsible for what

    One crucial success factor for VMIs is gaining and maintaining internal alignment. There are many moving parts to an organization, and a VMI must be clear on the various roles and responsibilities related to the relevant processes. Some of this information can be found in the VMI's Scope referenced in Step 1.2, but additional information is required to avoid stepping on each other's toes; many of the processes require internal departments to work together. (For example, obtaining requirements for a request for proposal takes more than one person or department). While it is not necessary to get too granular, it is imperative that you have a clear understanding of how the VMI activities will fit within the larger vendor management lifecycle (which is comprised of many sub processes) and who will be doing what.

    As we have learned through our workshops and guided implementations, a traditional RACI* or RASCI* Chart does not work well for this purpose. These charts are not intuitive, and they lack the specificity required to be effective. For vendor management purposes, a higher-level view and a slightly different approach provide much better results.

    This step will lead your through the creation of an OIC* Chart to determine vendor management lifecycle roles and responsibilities. Afterward, you'll be able to say, "Oh, I see clearly who is involved in each part of the process and what their role is."

    *RACI – Responsible, Accountable, Consulted, Informed

    *RASCI – Responsible, Accountable, Support, Consulted, Informed

    *OIC – Owner, Informed, Contributor

    This is an image of a table, where the row headings are: Role 1-5, and the Column Headings are: Step 1-5.

    Step 1.4 – Roles and responsibilities (cont'd)

    Obtain consensus on who is responsible for what

    To start, define the vendor management lifecycle steps or process applicable to your VMI. Next, determine who participates in the vendor management lifecycle. There is no need to get too granular – think along the lines of departments, subdepartments, divisions, agencies, or however you categorize internal operational units. Avoid naming individuals other than by title; this typically happens when a person oversees a large group (e.g. the CIO [chief information officer] or the CPO [chief procurement officer]). Be thorough, but don't let the chart get out of hand. For each role and step of the lifecycle, ask whether the entry is necessary; does it add value to the clarity of understanding the responsibilities associated with the vendor management lifecycle? Consider two examples, one for roles and one for lifecycle steps. 1) Is IT sufficient or do you need IT Operations and IT Development? 2) Is "negotiate contract documents" sufficient or do you need negotiate the contract and negotiate the renewal? The answer will depend on your culture and environment but be wary of creating a spreadsheet that requires an 85-inch monitor to view it.

    After defining the roles (departments, divisions, agencies) and the vendor management lifecycle steps or process, assign one of three letters to each box in your chart:

    • O – Owner – who owns the process; they may also contribute to it.
    • I – Informed – who is informed about the progress or results of the process.
    • C – Contributor – who contributes or works on the process; it can be tangible or intangible contributions.

    This activity can be started by the VMI or done as a group with representatives from each of the named roles. If the VMI starts the activity, the resulting chart should be validated by the each of the named roles.

    1.4.1 – Roles and responsibilities

    1 – 6 hours

    1. Meet with the participants and configure the OIC Chart in the Phase 1 Tools and Templates Compendium – Tab 1.4 OIC Chart.
      1. Review the steps or activities across the top of the chart and modify as needed.
      2. Review the roles listed along the left side of the chart and modify as needed.
    2. For each activity or step across the top of the chart, assign each role a letter – O for owner of that activity or step, I for informed, or C for contributor. Use only one letter per cell.
    3. Work your way across the chart. Every cell should have an entry or be left blank if it is not applicable.
    4. Review the results and validate that every activity or step has an O assigned to it; there must be an owner for every activity or step.
    5. Obtain signoff on the OIC Chart from stakeholders and executives as required.

    Input

    • A list of activities or steps to complete a project starting with requirements gathering and ending with ongoing risk management.
    • A list of internal areas (departments, divisions, agencies, etc.) and stakeholders that contribute to completing a project.

    Output

    • Completed OCI chart indicating roles and responsibilities for the VMI and other internal areas.

    Materials

    • Phase 1 Tools and Templates Compendium – Tab 1.4 OIC Chart

    Participants

    • VMI team
    • Procurement/Sourcing
    • IT
    • Representatives from other areas as needed
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 1 Tools and Templates Compendium

    Phase 2 - Build

    Create and configure tools, templates, and processes

    Phase 1

    Phase 2Phase 3Phase 4

    1.1 Mission Statement and Goals

    1.2 Scope

    1.3 Strengths and Obstacles

    1.4 Roles and Responsibilities

    2.1 Classification Model

    2.2 Risk Assessment Tool

    2.3 Scorecards and Feedback

    2.4 Business Alignment Meeting Agenda

    2.5 Relationship Alignment Document

    2.6 Vendor Orientation

    2.7 3-Year Roadmap

    2.8 90-Day Plan

    2.9 Quick Wins

    2.10 Reports

    3.1 Classify Vendors

    3.2 Compile Scorecards

    3.3 Conduct Business Alignment Meetings

    3.4 Work the 90-Day Plan

    3.5 Manage the 3-Year Roadmap

    3.6 Develop/Improve Vendor Relationships

    4.1 Incorporate Leading Practices

    4.2 Leverage Lessons Learned

    4.3 Maintain Internal Alignment

    This phase will walk you through the following activities:

    • Configuring and creating the tools and templates that will help you run the VMI. The main outcomes from this phase are a clear understanding of which vendors are important to you, the tools to manage the vendor relationships, and an implementation plan.

    This phase involves the following participants:

    • VMI team
    • Applicable stakeholders and executives
    • Human Resources
    • Legal
    • Others as needed

    Vendor Management Initiative Basics for the Small/Medium Businesses

    Phase 2 – Build

    Create and configure tools, templates, and processes

    Phase 2 – Build focuses on creating and configuring the tools and templates that will help you run your VMI. Vendor management is not a plug and play environment, and unless noted otherwise, the tools and templates included with this blueprint require your input and thought. The tools and templates must work in concert with your culture, values, and goals. That will require teamwork, insights, contemplation, and deliberation.

    During this Phase you'll leverage the various templates and tools included with this blueprint and adapt them for your specific needs and use. In some instances, you'll be starting with mostly a blank slate; while in others, only a small modification may be required to make it fit your circumstances. However, it is possible that a document or spreadsheet may need heavy customization to fit your situation. As you create your VMI, use the included materials for inspiration and guidance purposes rather than as absolute dictates.

    Step 2.1 – Classification model

    Configure the COST vendor classification tool

    One of the functions of a VMI is to allocate the appropriate level of vendor management resources to each vendor since not all vendors are of equal importance to your organization. While some people may be able intuitively to sort their vendors into vendor management categories, a more objective, consistent, and reliable model works best. Info-Tech's COST model helps you assign your vendors to the appropriate vendor management category so that you can focus your vendor management resources where they will do the most good.

    COST is an acronym for Commodity, Operational, Strategic, and Tactical. Your vendors will occupy one of these vendor management categories, and each category helps you determine the nature of the resources allocated to that vendor, the characteristics of the relationship desired by the VMI, and the governance level used.

    The easiest way to think of the COST model is as a 2 x 2 matrix or graph. The model should be configured for your environment so that the criteria used for determining a vendor's classification align with what is important to you and your organization. However, at this point in your VMI's maturation, a simple approach works best. The Classification Model included with this blueprint requires minimal configuration to get your started, and that is discussed on the activity slide associated with this Step 2.1.

    This is an image of the COST Vendor Classification Tool.

    Step 2.1 – Classification model (cont'd)

    Configure the COST vendor classification tool

    Common characteristics by vendor management category

    Operational

    Strategic
    • Low to moderate risk and criticality; moderate to high spend and switching costs
    • Product or service used by more than one area
    • Price is a key negotiation point
    • Product or service is valued by the organization
    • Quality or the perception of quality is a differentiator (i.e. brand awareness)
    • Moderate to high risk and criticality; moderate to high spend and switching costs
    • Few competitors and differentiated products and services
    • Product or service significantly advances the organization's vision, mission, and success
    • Well-established in their core industry

    Commodity

    Tactical
    • Low risk and criticality; low spend and switching costs
    • Product or service is readily available from many sources
    • Market has many competitors and options
    • Relationship is transactional
    • Price is the main differentiator
    • Moderate to high risk and criticality; low to moderate spend and switching costs
    • Vendor offerings align with or support one or more strategic objectives
    • Often IT vendors "outside" of IT (i.e. controlled and paid for by other areas)
    • Often niche or new vendors

    Source: Compiled in part from Guth, Stephen. "Vendor Relationship Management Getting What You Paid for (And More)." 2015.

    2.1.1 – Classification model

    15 – 30 Minutes

    1. Meet with the participants to configure the spend ranges in Phase 2 Vendor Classification Tool – Tab 1. Configuration for your environment.
    2. Collect your vendors and their annual spend to sort by largest to lowest.
    3. Update cells F14-J14 in the Classification Model based on your actual data.
      1. Cell F14 – Set the boundary at a point between the spend for your 10th and 11th ranked vendors. For example, if the 10th vendor by spend is $1,009, 850 and the 11th vendor by spend is $980,763, the range for F14 would be $1,000,00+.
      2. Cell G14 – Set the bottom of the range at a point between the spend for your 30th and 31st ranked vendors; the top of the range will be $1 less than the bottom of the range specified in F14.
      3. Cell H14 – Set the bottom of the range slightly below the spend for your 50th ranked vendor; the top of the range will be $1 less than the bottom of the range specified in G14.
      4. Cells I14 and J14 – Divide the remaining range in half and split it between the two cells; for J14 the range will be $0 to $1 less than the bottom range in I14.
    4. Ignore the other variables at this time.

    Input

    • Phase 1 List of Vendors by Annual Spend

    Output

    • Configured Vendor Classification Tool

    Materials

    • Phase 2 Vendor Classification Tool – Tab 1. Configuration

    Participants

    • VMI team

    Download the Info-Tech Phase 2 Vendor Classification Tool

    Step 2.2 – Risk assessment tool

    Identify risks to measure, monitor, and report on

    One of the typical drivers of a VMI is risk management. Organizations want to get a better handle on the various risks their vendors pose. Vendor risks originate from many areas: financial, performance, security, legal, and others. However, security risk is the high-profile risk, and the one organizations often focus on almost exclusively, which leaves the organization vulnerable in other areas.

    Risk management is a program, not a project; there is no completion date. A proactive approach works best and requires continual monitoring, identification, and assessment. Reacting to risks after they occur can be costly and have other detrimental effects on the organization. Any risk that adversely affects IT will adversely affect the entire organization.

    While the VMI won't necessarily be quantifying or calculating the risk directly, it generally is the aggregator of risk information across the risk categories, which it then includes in its reporting function (see Steps 2.12 and 3.8).

    At a minimum, your risk management strategy should involve:

    • Identifying the risks you want to measure and monitor.
    • Identifying your risk appetite (the amount of risk you are willing to live with).
    • Measuring, monitoring, and reporting on the applicable risks.
    • Developing and deploying a risk management plan to minimize potential risk impact.

    Vendor risk is a fact of life, but you do have options for how to handle it. Be proactive and thoughtful in your approach, and focus your resources on what is important.

    2.2.1 – Risk assessment tool

    30 - 90 Minutes

    1. Meet with the participants to configure the risk indicators in Phase 2 Vendor Risk Assessment Tool – Tab 1. Set parameters for your environment.
    2. Review the risk categories and determine which ones you will be measuring and monitoring.
    3. Review the risk indicators under each risk category and determine whether the indicator is acceptable as written, is acceptable with modifications, should be replaced, or should be deleted.
    4. Make the necessary changes to the risk indicators; these changes will cascade to each of the vendor tabs. Limit the number of risk indicators to no more than seven per risk category.
    5. Gain input and approval as needed from sponsors, stakeholders, and executives as required.

    Input

    • Scope
    • OIC Chart
    • Process Maps
    • Brainstorming

    Output

    • Configured Vendor Risk Assessment Tool

    Materials

    • Phase 2 Vendor Risk Assessment Tool – Tab 1. Set Parameters

    Participants

    • VMI team

    Download the Info-Tech Phase 2 Vendor Classification Tool

    Step 2.3 – Scorecards and feedback

    Design a two-way feedback loop with your vendors

    A vendor management scorecard is a great tool for measuring, monitoring, and improving relationship alignment. In addition, it is perfect for improving communication between you and the vendor.

    Conceptually, a scorecard is similar to a school report card. At the end of a learning cycle, you receive feedback on how well you do in each of your classes. For vendor management, the scorecard is also used to provide periodic feedback, but there are some nuances and additional benefits and objectives when compared to a report card.

    Although scorecards can be used in a variety of ways, the focus here will be on vendor management scorecards – contract management, project management, and other types of scorecards will not be included in the materials covered in this Step 2.3 or in Step 3.4.

    This image contains a table with the score for objectives A-D. The scores are: A4, B3, C5, D4.

    Step 2.3 – Scorecards and feedback (cont'd)

    Design a two-way feedback loop with your vendors

    Anatomy

    The Info-Tech scorecard includes five areas:

    • Measurement categories. Measurement categories help organize the scorecard. Limit the number of measurement categories to three to five; this allows the parties to stay focused on what's important. Too many measurement categories make it difficult for the vendor to understand the expectations.
    • Criteria. The criteria describe what is being measured. Create criteria with sufficient detail to allow the reviewers to fully understand what is being measured and to evaluate it. Criteria can be objective or subjective. Use three to five criteria per measurement category.
    • Measurement category weights. Not all your measurement categories may be of equal importance to you; this area allows you to give greater weight to a measurement category when compiling the overall score.
    • Rating. Reviewers will be asked to assign a score to each criteria using a 1 to 5 scale.
    • Comments. A good scorecard will include a place for reviewers to provide additional information regarding the rating, or other items that are relevant to the scorecard.

    An overall score is calculated based on the rating for each criteria and the measurement category weights.

    Step 2.3 – Scorecards and feedback (cont'd)

    Design a two-way feedback loop with your vendors

    Goals and objectives

    Scorecards can be used for a variety of reasons. Some of the common ones are:

    • Improving vendor performance.
    • Conveying expectations to the vendor.
    • Identifying and recognizing top vendors.
    • Increasing alignment between the parties.
    • Improving communication with the vendor.
    • Comparing vendors across the same criteria.
    • Measuring items not included in contract metrics.
    • Identifying vendors for "strategic alliance" consideration.
    • Helping the organization achieve specific goals and objectives.

    Identifying and resolving issues before they impact performance or the relationship.

    Identifying your scorecard drivers first will help you craft a suitable scorecard.

    Step 2.3 – Scorecards and feedback (cont'd)

    Design a two-way feedback loop with your vendors

    Info-Tech recommends starting with simple scorecards to allow you and the vendors to acclimate to the new process and information. As you build your scorecards, keep in mind that internal personnel will be scoring the vendors and the vendors will be reviewing the scorecard. Make your scorecard easy for your personnel to fill out, and containing meaningful content to drive the vendor in the right direction. You can always make the scorecard more complex in the future.

    Our recommendation of five categories is provided below. Choose three to five of the categories that help you accomplish your scorecard goals and objectives:

    1. Timeliness – Responses, resolutions, fixes, submissions, completions, milestones, deliverables, invoices, etc.
    2. Cost – Total cost of ownership, value, price stability, price increases/decreases, pricing models, etc.
    3. Quality – Accuracy, completeness, mean time to failure, bugs, number of failures, etc.
    4. Personnel – Skilled, experienced, knowledgeable, certified, friendly, trustworthy, flexible, accommodating, etc.
    5. Risk – Adequate contractual protections, security breaches, lawsuits, finances, audit findings, etc.

    Some criteria may be applicable in more than one category. The categories above should cover at least 80% of the items that are important to your organization. The general criteria listed for each category is not an exhaustive list, but most things break down into time, money, quality, people, and risk issues.

    Step 2.3 – Scorecards and feedback (cont'd)

    Design a two-way feedback loop with your vendors

    Additional Considerations

    • Even a good rating system can be confusing. Make sure you provide some examples or a way for reviewers to discern the differences between a 1, 2, 3, 4, and 5. Don't assume your "rating key" will be intuitive.
    • When assigning weights, don't go lower than 10% for any measurement category. If the weight is too low, it won't be relevant enough to have an impact on the total score. If it doesn't "move the needle", don't include it.
    • Final sign-off on the scorecard template should occur outside the VMI. The heavy lifting can be done by the VMI to create it, but the scorecard is for the benefit of the organization overall, and those impacted by the vendors specifically. You may end up playing arbiter or referee, but the scorecard is not the exclusive property of the VMI. Try to reach consensus on your final template whenever possible.
    • You should notice improved ratings and total scores over time for your vendors. One explanation for this is the Pygmalion Effect: "The Pygmalion [E]ffect describes situations where someone's high expectations improves our behavior and therefore our performance in a given area. It suggests that we do better when more is expected of us."* Convey your expectations and let the vendors' competitive juices take over.
    • While creating your scorecard and materials to explain the process to internal personnel, identify those pieces that will help you explain it to your vendors during vendor orientation (see Steps 2.6 and 3.4). Leveraging pre-existing materials is a great shortcut.

    *Source: The Decision Lab, n.d.

    Step 2.3 – Scorecards and feedback (cont'd)

    Design a two-way feedback loop with your vendors

    Vendor Feedback

    After you've built your scorecard, turn your attention to the second half of the equation – feedback from the vendor. A communication loop cannot be successful without dialogue flowing both ways. While this can happen with just a scorecard, a mechanism specifically geared toward the vendor providing you with feedback improves communication, alignment, and satisfaction.

    You may be tempted to create a formal scorecard for the vendor to use; avoid that temptation until later in your maturity or development of the VMI. You'll be implementing a lot of new processes, deploying new tools and templates, and getting people to work together in new ways. Work on those things first.

    For now, implement an informal process for obtaining information from the vendor. Start by identifying information that you will find useful – information that will allow you to improve overall, to reduce waste or time, to improve processes, to identify gaps in skills. Incorporate these items into your business alignment meetings (see Steps 2.4 and 3.5). Create three to five good questions to ask the vendor and include these in the business alignment meeting agenda. The goal is to get meaningful feedback, and that starts with asking good questions.

    Keep it simple at first. When the time is right, you can build a more formal feedback form or scorecard. Don't be in a rush; as long as the informal method works, keep using it.

    2.3.1 – Scorecards and feedback

    30 – 60 Minutes

    1. Meet with the participants and brainstorm ideas for your scorecard measurement categories:
      1. What makes a vendor valuable to your organization?
      2. What differentiates a "good" vendor from a "bad" vendor?
      3. What items would you like to measure and provide feedback on to the vendor to improve performance, the relationship, risk, and other areas?
    2. Select three, but no more than five, of the following measure categories: timeliness, cost, quality, personnel, and risk.
    3. Within each measurement category, list two or three criteria that you want to measure and track for your vendors. Choose items that are as universal as possible rather than being applicable to one vendor or one vendor type.
    4. Assign a weight to each measurement category, ensuring that the total weight is 100% for all measurement categories.
    5. Document your results as you go in Phase 2 Tools and Templates Compendium – Tab 2.3 Scorecard.

    Input

    • Brainstorming

    Output

    • Configured Scorecard template

    Materials

    • Phase 2 Tools and Templates Compendium – Tab 2.3 Scorecard

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 2 Tools and Templates Compendium

    2.3.2 – Scorecards and feedback

    15 to 30 Minutes

    1. Meet with the participants and brainstorm ideas for feedback to seek from your vendors during your business alignment meetings. During the brainstorming, identify questions to ask the vendor about your organization that will:
      1. Help you improve the relationship.
      2. Help you improve your processes or performance.
      3. Help you improve ongoing communication.
      4. Help you evaluate your personnel.
    2. Identify the top five questions you want to include in your business alignment meeting agenda. (Note: you may need to refine the actual questions from the brainstorming activity before they are ready to include in your business alignment meeting agenda.)
    3. Document both your brainstorming activity and your final results in Phase 2 Tools and Templates Compendium – Tab 2.3 Feedback. The brainstorming questions can be used in the future as your VMI matures and your feedback transforms from informal to formal. The results will be used in Steps 2.4 and 3.5.

    Input

    • Brainstorming

    Output

    • Feedback questions to include with the business alignment meeting agenda

    Materials

    • Phase 2 Tools and Templates Compendium – Tab 2.3 Feedback

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 2 Tools and Templates Compendium

    Step 2.4 – Business alignment meeting agenda

    Craft an agenda that meets the needs of the VMI

    A business alignment meeting (BAM) is a multi-faceted tool to ensure the customer and the vendor stay focused on what is important to the customer at a high level. BAMs are not traditional operational meetings where the parties get into the details of the contracts, deal with installation problems, address project management issues, or discuss specific cost overruns. The focus of the BAM is the scorecard (see Step 2.3), but other topics are discussed, and other purposes are served. For example:

    • You can use the BAM to develop the relationship with the vendor's leadership team so that if escalation is ever needed, your organization is more than just a name on a spreadsheet or customer list.
    • You can learn about innovations the vendor is working on (without the meeting turning into a sales call).
    • You can address high-level performance trends and request corrective action as needed.
    • You can clarify your expectations.
    • You can educate the vendor about your industry, culture, and organization.
    • You can learn more about the vendor.

    As you build your BAM Agenda, someone in your organization may say, "Oh, that's just a quarterly business review (QBR) or top-to-top meeting." In most instances, an existing QBRs or top-to-top meeting is not the same as a BAM. Using the term QBR or top-to-top meeting instead of BAM can lead to confusion internally. The VMI may say to the business unit, procurement, or another department, "We're going to start running some QBRs for our strategic vendors." The typical response is, "There's no need; we already run QBRs/top-to-top meetings with our important vendors." This may be accompanied by an invitation to join their meeting, where you may be an afterthought, have no influence, and get five minutes at the end to talk about your agenda items. Keep your BAM separate so that it meets your needs.

    Step 2.4 – Business alignment meeting agenda (cont'd)

    Craft an agenda that meets the needs of the VMI

    As previously noted, using the term BAM more accurately depicts the nature of the VMI meeting and prevents confusion internally with other meetings already occurring. In addition, hosting the BAM yourself rather than piggybacking onto another meeting ensures that the VMI's needs are met. The VMI will set and control the BAM agenda and determine the invite list for internal personnel and vendor personnel. As you may have figured out by now, having the right customer and vendor personnel attend will be essential.

    BAMs are conducted at the vendor level, not the contract level. As a result, the frequency of the BAMs will depend on the vendor's classification category (see Steps 2.1 and 3.1). General frequency guidelines are provided below, but they can be modified to meet your goals:

    • Commodity vendors – Not applicable
    • Operational vendors – Biannually or annually
    • Strategic vendors – Quarterly
    • Tactical vendors – Quarterly or biannually

    BAMs can help you achieve some additional benefits not previously mentioned:

    • Foster a collaborative relationship with the vendor.
    • Avoid erroneous assumptions by the parties.
    • Capture and provide a record of the relationship (and other items) over time.

    Step 2.4 – Business alignment meeting agenda (cont'd)

    Craft an agenda that meets the needs of the VMI

    As with any meeting, building the proper agenda will be one of the keys to an effective and efficient meeting. A high-level BAM agenda with sample topics is set out below:

    BAM Agenda

    • Opening remarks
      • Welcome and introductions
      • Review of previous minutes
    • Active discussion
      • Review of open issues
      • Scorecard and feedback
      • Current status of projects to ensure situational awareness by the vendor
      • Roadmap/strategy/future projects
      • Accomplishments
    • Closing remarks
      • Reinforce positives (good behavior, results, and performance, value added, and expectations exceeded)
      • Recap
    • Adjourn

    2.4.1 – Business alignment meeting agenda

    20 – 45 Minutes

    1. Meet with the participants and review the sample agenda in Phase 2 Tools and Templates Compendium – Tab 2.4 BAM Agenda.
    2. Using the sample agenda as inspiration and brainstorming activities as needed, create a BAM agenda tailored to your needs.
      1. Select the items from the sample agenda applicable to your situation.
      2. Add any items required based on your brainstorming.
      3. Add the feedback questions identified during Activity 2.3.2 and documented in Phase 2 Tools and Templates Compendium – Tab 2.3 Feedback.
    3. Gain input and approval from sponsors, stakeholders, and executives as required or appropriate.
    4. Document the final BAM agenda in Phase 2 Tools and Templates Compendium –Tab 2.4 BAM Agenda.

    Input

    • Brainstorming
    • Phase 2 Tools and Templates Compendium – Tab 2.3 Feedback

    Output

    • Configured BAM agenda

    Materials

    • Phase 2 Tools and Templates Compendium – Tab2 .4 BAM Agenda

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 2 Tools and Templates Compendium

    Step 2.5 – Relationship alignment document

    Draft a document to convey important VMI information to your vendors

    Throughout this blueprint, alignment is mentioned directly (e.g. business alignment meetings [Steps 2.4 and 3.3]) or indirectly implied. Ensuring you and your vendors are on the same page, have clear and transparent communication, and understand each other's expectations is critical to fostering strong relationships. One component of gaining and maintaining alignment with your vendors is the Relationship Alignment Document (RAD). Depending upon the Scope of your VMI and what your organization already has in place, your RAD will fill in the gaps on various topics.

    Early in the VMI's maturation, the easiest approach is to develop a short document (1 one page) or a pamphlet (i.e. the classic trifold) describing the rules of engagement when doing business with your organization. The RAD can convey expectations, policies, guidelines, and other items. The scope of the document will depend on:

    1. What you believe is important for the vendors to understand.
    2. Any other similar information already provided to the vendors.

    The first step to drafting a RAD is to identify what information vendors need to know to stay on your good side. You may want vendors to know about your gift policy (e.g. employees may not accept vendor gifts above a nominal value, such as a pen or mousepad). Next, compare your list of what vendors need to know and determine if the content is covered in other vendor-facing documents such as a vendor code of conduct or your website's vendor portal. Lastly, create your RAD to bridge the gap between what you want and what is already in place. In some instances, you may want to include items from other documents to reemphasize them with the vendor community.

    Info-Tech Insight

    The RAD can be used with all vendors regardless of classification category. It can be sent directly to the vendors or given to them during vendor orientation (see Step 3.3)

    2.5.1 – Relationship alignment document

    1 to 4 Hours

    1. Meet with the participants and review the RAD sample and checklist in Phase 2 Tools and Templates Compendium – Tab 2.5 Relationship Alignment Doc.
    2. Determine:
      1. Whether you will create one RAD for all vendors or one RAD for strategic vendors and another RAD for tactical and operational vendors; whether you will create a RAD for commodity vendors.
      2. The concepts you want to include in your RAD(s).
      3. The format for your RAD(s) – traditional, pamphlet, or other.
      4. Whether signoff or acknowledgement will be required by the vendors.
    3. Draft your RAD(s) and work with other internal areas, such as Marketing to create a consistent brand for the RADS, and Legal to ensure consistent use and preservation of trademarks or other intellectual property rights and other legal issues.
    4. Review other vendor-facing documents (e.g. supplier code of conduct, onsite safety and security protocols) for consistencies between them and the RAD(s).
    5. Obtain signoff on the RAD(s) from stakeholders, sponsors, executives, Legal, Marketing, and others as needed.

    Input

    • Brainstorming
    • Vendor-facing documents, policies, and procedures

    Output

    • Completed Relationship Alignment Document(s)

    Materials

    • Phase 2 Tools and Templates Compendium – Tab 2.5 Relationship Alignment Doc

    Participants

    • VMI team
    • Marketing, as needed
    • Legal, as needed

    Download the Info-Tech Phase 2 Tools and Templates Compendium

    Step 2.6 – Vendor orientation

    Create a VMI awareness process to build bridges with your vendors

    Your organization is unique. It may have many similarities with other organizations, but your culture, risk tolerance, mission, vision, and goals, finances, employees, and "customers" (those that depend on you) make it different. The same is true of your VMI. It may have similar principles, objectives, and processes to other organizations' VMIs, but yours is still unique. As a result, your vendors may not fully understand your organization and what vendor management means to you.

    Vendor orientation is another means to helping you gain and maintain alignment with your important vendors, educate them on what is important to you, and provide closure when/if the relationship with the vendor ends. Vendor orientation is comprised of three components, each with a different function:

    • Orientation
    • Reorientation
    • Debrief

    Vendor orientation focuses on the vendor management pieces of the puzzle (e.g. the scorecard process) rather than the operational pieces (e.g. setting up a new vendor in the system to ensure invoices are processed smoothly).

    Step 2.6 – Vendor orientation (cont'd)

    Create a VMI awareness process to build bridges with your vendors

    Reorientation

    • Reorientation is either identical or similar to orientation, depending upon the circumstances. Reorientation occurs for several reasons, and each reason will impact the nature and detail of the reorientation content. Reorientation occurs whenever:
    • There is a significant change in the vendor's products or services.
    • The vendor has been through a merger, acquisition, or divestiture.
    • A significant contract renewal/renegotiation has recently occurred.
    • Sufficient time has passed from orientation; commonly 2 to 3 years.
    • The vendor has been placed in a "performance improvement plan" or "relationship improvement plan" protocol.
    • Significant turnover has occurred within your organization (executives, key stakeholders, and/or VMI personnel).
    • Substantial turnover has occurred at the vendor at the executive or account management level.
    • The vendor has changed vendor classification categories after the most current classification.
    • As the name implies, the goal is to refamiliarize the vendor with your current VMI situation, governances, protocols, and expectations. The drivers for reorientation will help you determine the reorientation's scope, scale, and frequency.

    Step 2.6 – Vendor orientation (cont'd)

    Create a VMI awareness process to build bridges with your vendors

    Debrief

    To continue the analogy from orientation, debrief is like an exit interview for an employee when their employment is terminated. In this case, debrief occurs when the vendor is no longer an active vendor with your organization - all contracts have terminated or expired, and no new business with the vendor is anticipated within the next three months.

    Similar to orientation and reorientation, debrief activities will be based on the vendor's classification category within the COST model. Strategic vendors don't go away very often; usually, they transition to operational or tactical vendors first. However, if a strategic vendor is no longer providing products or services to you, dig a little deeper into their experiences and allocate extra time for the debrief meeting.

    The debrief should provide you with feedback on the vendor's experience with your organization and their participation in your VMI. Additionally, it can provide closure for both parties since the relationship is ending. Be careful that the debrief does not turn into a finger-pointing meeting or therapy session for the vendor. It should be professional and productive; if it is going off the rails, terminate the meeting before more damage can occur.

    End the debrief on a high note if possible. Thank the vendor, highlight its key contributions, and single out any personnel who went above and beyond. You never know when you will be doing business with this vendor again – don't burn bridges!

    Step 2.6 – Vendor orientation (cont'd)

    Create a VMI awareness process to build bridges with your vendors

    As you create your vendor orientation materials, focus on the message you want to convey.

    • For orientation and reorientation:
      • What is important to you that vendors need to know?
      • What will help the vendors understand more about your organization and your VMI?
      • What and how are you different from other organizations overall, and in your "industry"?
      • What will help them understand your expectations?
      • What will help them be more successful?
      • What will help you build the relationship?
    • For debrief:
      • What information or feedback do you want to obtain?
      • What information or feedback to you want to give?

    The level of detail you provide strategic vendors during orientation and reorientation may be different from the information you provide tactical and operational vendors. Commodity vendors are not typically involved in the vendor orientation process. The orientation meetings can be conducted on a one-to-one basis for strategic vendors and a one-to-many basis for operational and tactical vendors; reorientation and debrief are best conducted on a one-to-one basis. Lastly, face-to-face or video meetings work best for vendor orientation; voice-only meetings, recorded videos, or distributing only written materials seldom hit their mark or achieve the desired results.

    Step 2.7 – Three-year roadmap

    Plot your path at a high level

    1. The VMI exists in many planes concurrently:
    2. It operates both tactically and strategically.

    It focuses on different timelines or horizons (e.g., the past, the present, and the future). Creating a three-year roadmap facilitates the VMI's ability to function effectively across these multiple landscapes.

    The VMI roadmap will be influenced by many factors. The work product from Phase 1 – Plan, input from executives, stakeholders, and internal clients, and the direction of the organization are great sources of information as you begin to build your roadmap.

    To start, identify what you would like to accomplish in year 1. This is arguably the easiest year to complete: budgets are set (or you have a good idea what the budget will look like), personnel decisions have been made, resources have been allocated, and other issues impacting the VMI are known with a higher degree of certainty than any other year. This does not mean things won't change during the first year of the VMI, but expectations are usually lower, and the short event horizon makes things more predictable during the year-1 ramp-up period.

    Years 2 and 3 are more tenuous, but the process is the same: identify what you would like to accomplish or roll out in each year. Typically, the VMI maintains the year-1 plan into subsequent years and adds to the scope or maturity. For example, you may start year 1 with BAMs and scorecards for three of your strategic vendors; during year 2, you may increase that to five vendors; and during year 3, you may increase that to nine vendors. Or, you may not conduct any market research during year 1, waiting to add it to your roadmap in year 2 or 3 as you mature.

    Breaking things down by year helps you identify what is important and the timing associated with your priorities. A conservative approach is recommended. It is easy to overcommit, but the results can be disastrous and painful.

    2.7.1 – Three-year roadmap

    45 – 90 Minutes

    1. Meet with the participants and decide how to coordinate year 1 of your three-year roadmap with your existing fiscal year or reporting year. Year 1 may be shorter or longer than a calendar year.
    2. Review the VMI activities listed in Phase 2 Tools and Templates Compendium – Tab 2.7 Three-year roadmap. Use brainstorming and your prior work product from Phase 1 and Phase 2 to identify additional items for the roadmap and add them at the bottom of the spreadsheet.
    3. Starting with the first activity, determine when that activity will begin and put an X in the corresponding column; if the activity is not applicable, leave it blank or insert N/A.
    4. Go back to the top of the list and add information as needed.
      1. For any year-1 or year-2 activities, add an X in the corresponding columns if the activity will be expanded/continued in subsequent periods (e.g., if a Year 2 activity will continue in year 3, put an X in year 3 as well).
      2. Use the comments column to provide clarifying remarks or additional insights related to your plans or "X's". For example, "Scorecards begin in year 1 with three vendors and will roll out to five vendors in year 2 and nine vendors in year 3."
    5. Obtain signoff from stakeholders, sponsors, and executives as needed.

    Input

    • Phase 1 work product
    • Steps 2.1 – 2.6 work product
    • Brainstorming

    Output

    • High level three-year roadmap for the VMI

    Materials

    • Phase 2 Tools and Templates Compendium – Tab 2.7 Three-Year Roadmap

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 2 Tools and Templates Compendium

    Step 2.8 – 90-day plan

    Pave your short-term path with a series of detailed quarterly plans

    Now that you have prepared a three-year roadmap, it's time to take the most significant elements from the first year and create action plans for each three-month period. Your first 90-day plan may be longer or shorter if you want to sync to your fiscal or calendar quarters. Aligning with your fiscal year can make it easier for tracking and reporting purposes; however, the more critical item is to make sure you have a rolling series of four 90-day plans to keep you focused on the important activities and tasks throughout the year.

    The 90-day plan is a simple project plan that will help you measure, monitor, and report your progress. Use the Info-Tech tool to help you track:

    Activities.

    • Tasks comprising each activity.
    • Who will be performing the tasks.
    • An estimate of the time required per person per task.
    • An estimate of the total time to achieve the activity.
    • A due date for the activity.
    • A priority of the activity.

    The first 90-day plan will have the greatest level of detail and should be as thorough as possible; the remaining three 90-day plans will each have less detail for now. As you approach the middle of the first 90-day plan, start adding details to the next 90-day plan; toward the end of the first quarter add a high-level 90-day plan to the end of the chain. Continue repeating this cycle each quarter and consult the three-year roadmap and the leadership team, as necessary.

    2.8.1 – 90-day plan

    45 – 90 Minutes

    1. Meet with the participants and decide how to coordinate the first "90-day" plan with your existing fiscal year or reporting cycles. Your first plan may be shorter or longer than 90 days.
    2. Looking at the year-1 section of the three-year roadmap, identify the activities that will be started during the next 90 days.
    3. Using the Phase 2 Tools and Templates Compendium – Tab 2.8 90-Day Plan, enter the following information into the spreadsheet for each activity to be accomplished during the next 90 days:
      1. Activity description.
      2. Tasks required to complete the activity (be specific and descriptive).
      3. The people who will be performing each task.
      4. The estimated number of hours required to complete each task.
      5. The start date and due date for each task or the activity.
    4. Validate the tasks are a complete list for each activity and the people performing the tasks have adequate time to complete the tasks by the due date(s).
    5. Assign a priority to each Activity.

    Input

    • Three-Year Roadmap
    • Phase 1 work product
    • Steps 2.1 – 2.7 work product
    • Brainstorming

    Output

    • Detailed plan for the VMI for the next quarter or "90" days

    Materials

    • Phase 2 Tools and Templates Compendium – Tab 2.8 90-Day Plan

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 2 Tools and Templates Compendium

    Step 2.9 – Quick wins

    Identify potential short-term successes to gain momentum and show value immediately

    As the final step in the timeline trilogy, you are ready to identify some quick wins for the VMI. Using the first 90-day plan and a brainstorming activity, create a list of things you can do in 15 to 30 days that add value to your initiative and build momentum.

    As you evaluate your list of potential candidates, look for things that:

    • Are achievable within the stated timeline.
    • Don't require a lot of effort.
    • Involve stopping a certain process, activity, or task; this is sometimes known as a "stop doing stupid stuff" approach.
    • Will reduce or eliminate inefficiencies; this is sometimes known as the war on waste.
    • Have a moderate to high impact or bolster the VMI's reputation.

    As you look for quick wins, you may find that everything you identify does not meet the criteria. That's okay; don't force the issue. Return your focus to the 90-day plan and three-year roadmap and update those documents if the brainstorming activity associated with Step 2.9 identified anything new.

    2.9.1 – Quick wins

    15 - 30 Minutes

    1. Meet with the participants and review the three-year roadmap and 90-day plan. Determine if any item on either document can be completed:
      1. Quickly (30 days or less).
      2. With minimal effort.
      3. To provide or show moderate to high levels of value or provide the VMI with momentum.
    2. Brainstorm to identify any other items that meet the criteria in step 1 above.
    3. Compile a comprehensive list of these items and select up to five to pursue.
    4. Document the list in the Phase 2 Tools and Templates Compendium – Tab 2.9 Quick Wins.
    5. Manage the quick wins list and share the results with the VMI team and applicable stakeholders and executives.

    Input

    • Three-Year Roadmap
    • 90-Day Plan
    • Brainstorming

    Output

    • A list of activities that require low levels of effort to achieve moderate to high levels of value in a short period

    Materials

    • Phase 2 Tools and Templates Compendium – Tab 2.9 Quick Wins

    Participants

    • VMI team

    Download the Info-Tech Phase 2 Tools and Templates Compendium

    Step 2.10 – Reports

    Construct your reports to resonate with your audience

    Issuing reports is a critical piece of the VMI since the VMI is a conduit of information for the organization. It may be aggregating risk data from internal areas, conducting vendor research, compiling performance data, reviewing market intelligence, or obtaining relevant statistics, feedback, comments, facts, and figures from other sources. Holding onto this information minimizes the impact a VMI can have on the organization; however, the VMI's internal clients, stakeholders, and executives can drown in raw data and ignore it completely if it is not transformed into meaningful, easily-digested information.

    Before building a report, think about your intended audience:

    • What information are they looking for? What will help them understand the big picture?
    • What level of detail is appropriate, keeping in mind the audience may not be like-minded?
    • What items are universal to all the readers and what items are of interest to one or two readers?
    • How easy or hard will it be to collect the data? Who will be providing it, and how time consuming will it be?
    • How accurate, valid, and timely will the data be?
    • How frequently will each report need to be issued?

    Step 2.10 – Reports (cont'd)

    Construct your reports to resonate with your audience

    Use the following guidelines to create reports that will resonate with your audience:

    • Value information over data, but sometimes data does have a place in your report.
    • Use pictures, graphics, and other representations more than words, but words are often necessary in small, concise doses.
    • Segregate your report by user; for example, general information up top, CIO information below that on the right, CFO information to the left of CIO information, etc.
    • Send a draft report to the internal audience and seek feedback, keeping in mind you won't be able to cater to or please everyone.

    2.10.1 – Reports

    15 – 45 Minutes

    1. Meet with the participants and review the applicable work product from Phase 1 and Phase 2; identify qualitative and quantitative items the VMI measures, monitors, tracks, or aggregates.
    2. Determine which items will be reported and to whom (by category):
      1. Internally to personnel within the VMI.
      2. Internally to personnel outside the VMI.
      3. Externally to vendors.
    3. Within each category above, determine your intended audiences/recipients. For example, you may have a different list of recipients for a risk report than you do a scorecard summary report. This will help you identify the number of reports required.
    4. Create a draft structure for each report based on the audience and the information being conveyed. Determine the frequency of each report and person responsible for creating for each report.
    5. Document your final choices in Phase 2 Tools and Templates Compendium – Tab 2.10 Reports.

    Input

    • Brainstorming
    • Phase 1 work product
    • Steps 2.1 – 2.11 work product

    Output

    • A list of reports used by the VMI
    • For each report
      • The conceptual content
      • A list of who will receive or have access
      • A creation/distribution frequency

    Materials

    • Phase 2 Tools and Templates Compendium – Tab 2.10 Reports

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 2 Tools and Templates Compendium

    Phase 3 - Run

    Implement your processes and leverage your tools and templates

    Phase 1

    Phase 2Phase 3Phase 4

    1.1 Mission Statement and Goals

    1.2 Scope

    1.3 Strengths and Obstacles

    1.4 Roles and Responsibilities

    2.1 Classification Model

    2.2 Risk Assessment Tool

    2.3 Scorecards and Feedback

    2.4 Business Alignment Meeting Agenda

    2.5 Relationship Alignment Document

    2.6 Vendor Orientation

    2.7 3-Year Roadmap

    2.8 90-Day Plan

    2.9 Quick Wins

    2.10 Reports

    3.1 Classify Vendors

    3.2 Compile Scorecards

    3.3 Conduct Business Alignment Meetings

    3.4 Work the 90-Day Plan

    3.5 Manage the 3-Year Roadmap

    3.6 Develop/Improve Vendor Relationships

    4.1 Incorporate Leading Practices

    4.2 Leverage Lessons Learned

    4.3 Maintain Internal Alignment

    This phase will walk you through the following activity:

    • Beginning to operate the VMI. The main outcomes from this phase are guidance and the steps required to initiate your VMI.

    This phase involves the following participants:

    • VMI team
    • Applicable stakeholders and executives
    • Others as needed

    Vendor Management Initiative Basics for the Small/Medium Businesses

    Phase 3 – Run

    Implement your processes and leverage your tools and templates

    All the hard work invested in Phase 1 – Plan and Phase 2 – Build begins to pay off in Phase 3 – Run. It's time to stand up your VMI and ensure that the proper level of resources is devoted to your vendors and the VMI itself. There's more hard work ahead, but the foundational elements are in place. This doesn't mean there won't be adjustments and modifications along the way, but you are ready to use the tools and templates in the real world; you are ready to begin reaping the fruits of your labor.

    Phase 3 – Run guides you through the process of collecting data, monitoring trends, issuing reports, and conducting effective meetings to:

    • Manage risk better.
    • Improve vendor performance.
    • Improve vendor relationships.
    • Identify areas where the parties can improve.
    • Improve communication between the parties.
    • Increase the value proposition with your vendors.

    Step 3.1 – Classify vendors

    Begin classifying your top 25 vendors by spend

    Step 3.1 sets the table for many of the subsequent steps in Phase 3 – Run. The results of your classification process will determine which vendors go through the scorecarding process (Step 3.2); which vendors participate in BAMs (Step 3.3), and which vendors you will devote relationship-building resources to (Step 3.6).

    As you begin classifying your vendors, Info-Tech recommends using an iterative approach initially to validate the results from the classification model you configured in Step 2.1.

    1. Identify your top 25 vendors by spend.
    2. Run your top 10 vendors by spend through the classification model and review the results.
      1. If the results are what you expected and do not contain any significant surprises, go to 3. on the next page.
      2. If the results are not what you expected or do contain significant surprises, look at the configuration page of the tool (Tab 1) and adjust the weights or the spend categories slightly. Be cautious in your evaluation of the results before modifying the configuration page - some legitimate results are unexpected, or are surprises based on bias. If you modify the weighting, review the new results and repeat your evaluation. If you modify the spend categories, review the answers on the vendor tabs to ensure that the answers are still accurate; review the new results and repeat your evaluation.

    Step 3.1 – Classify vendors (cont'd)

    Review your results and adjust the classification tool as needed

    1. Run your top 11-through-25 vendors by spend through the classification model and review the results. Identify any unexpected results. Determine if further configuration makes sense and repeat the process outlined in 2.b., previous page, as necessary. If no further modifications are required, continue to 4., below.
    2. Share the preliminary results with the leadership team, executives, and stakeholders to obtain their approval or adjustments to the results.
      1. They may have questions and want to understand the process before approving the results.
      2. They may request that you move a vendor from one quadrant to another based on your organization's roadmap, the vendor's roadmap, or other information not available to you.
    3. Identify the vendors that will be part of the VMI at this stage – how many and which ones. Based on this number and the VMI's scope (Step 1.2), make sure you have the resources necessary to accommodate the number of vendors participating in the VMI. Proceed cautiously and gradually increase the number of vendors participating in the VMI.

    Step 3.1 – Classify vendors (cont'd)

    Finalize the results and update VMI tools and templates

    1. Update the vendor inventory tool (Step 1.7) to indicate the current classification status for the top 25 vendors by spend. Once your vendors have been classified, you can sort the vendor inventory tool by classification status to see all the vendors in that category at once.
    2. Review your three-year roadmap (Step 2.9) and 90-day plans (Step 2.6) to determine if any modifications are needed to the activities and timelines.

    Additional classification considerations:

    • You should only have a few vendors that fit in the strategic category. As a rough guideline, no more than 5% to 10% of your IT vendors should end up in the strategic category. If you have many vendors, even 5% may be too many. the classification model is an objective start to the classification process, but common sense must prevail over the "math" at the end of the day.
    • At this point, there is no need to go beyond the top 25 by spend. Most VMIs starting out can't handle more than three to five strategic vendors initially. Allow the VMI to run a pilot program with a small sample size, work out any bugs, make adjustments, and then ramp up the VMI's rollout in waves. Vendors can be added quarterly, biannually, or annually, depending upon the desired goals and available resources.

    Step 3.1 – Classify vendors (cont'd)

    Align your vendor strategy to your classification results

    As your VMI matures, additional vendors will be part of the VMI. Review the table below and incorporate the applicable strategies into your deployment of vendor management principles over time. Stay true to your mission, goals, and scope, and remember that not all your vendors are of equal importance.

    Operational

    Strategic
    • Focus on spend containment
    • Concentrate on lowering total cost of ownership
    • Invest moderately in cultivating the relationship
    • Conduct BAMs biannually or annually
    • Compile scorecards quarterly or biannually
    • Identify areas for performance and cost improvement
    • Focus on value, collaboration, and alignment
    • Review market intelligence for the vendor's industry
    • Invest significantly in cultivating the relationship
    • Initiate executive-to-executive relationships
    • Conduct BAMs quarterly
    • Compile scorecards quarterly
    • Understand how the vendors view your organization

    Commodity

    Tactical
    • Investigate vendor rationalization and consolidation
    • Negotiate for the best-possible price
    • Leverage competition during negotiations
    • Streamline the purchasing and payment process
    • Allocate minimal VMI resources
    • Assign the lowest priority for vendor management metrics
    • Conduct risk assessments biannually or annually
    • Cultivate a collaborative relationship based on future growth plans or potential with the vendor
    • Conduct BAMs quarterly or biannually
    • Compile scorecards quarterly
    • Identify areas of performance improvement
    • Leverage innovation and creative problem solving

    Step 3.1 – Classify vendors (cont'd)

    Be careful when using the word "partner" with your strategic and other vendors

    For decades, vendors have used the term "partner" to refer to the relationship they have with their clients and customers. This is often an emotional ploy used by the vendors to get the upper hand. To fully understand the terms "partner" and "partnership", let's evaluate them through two more objective, less cynical lenses.

    If you were to talk to your in-house or outside legal counsel, you may be told that partners share in profits and losses, and they have a fiduciary obligation to each other. Unless there is a joint venture between the parties, you are unlikely to have a partnership with a vendor from this perspective.

    What about a "business" partnership — one that doesn't involve sharing profits and losses? What would that look like? Here are some indicators of a business partnership (or preferably a strategic alliance):

    • Trust and transparent communication exist.
    • You have input into the vendor's roadmap for products and services.
    • The vendor is aligned with your desired outcomes and helps you achieve success.
    • You and the vendor are accountable for actions and inactions, with both parties being at risk.
    • There is parity in the peer-to-peer relationships between the organizations (e.g. C-Level to C-Level).
    • The vendor provides transparency in pricing models and proactively suggests ways for you to reduce costs.
    • You and the vendor work together to make each party better, providing constructive feedback on a regular basis.
    • The vendor provides innovative suggestions for you to improve your processes, performance, the bottom line, etc.
    • Negotiations are not one-sided; they are meaningful and productive, resulting in an equitable distribution of money and risk.

    Step 3.1 – Classify vendors (cont'd)

    Understand the implications and how to leverage the words "partner" and "partnership"

    By now you might be thinking, "What's all the fuss? Why does it matter?" At Info-Tech, we've seen firsthand how referring to the vendor as a partner can have the following impact:

    • Confidences are disclosed unnecessarily.
    • Negotiation opportunities and leverage are lost.
    • Vendors no longer have to earn the customer's business.
    • Vendor accountability is missing due to shared responsibilities.
    • Competent skilled vendor resources are assigned to other accounts.
    • Value erodes over time since contracts are renewed without being competitively sourced.
    • One-sided relationships are established, and false assurances are provided at the highest levels within the customer organization.

    Proceed with caution when using partner or partnership with your vendors. Understand how your organization benefits from using these terms and mitigate the negatives outlined above by raising awareness internally to ensure people understand the psychology behind the terms. Finally, use the term to your advantage when warranted by referring to the vendor as a partner when you want or need something that the vendor is reluctant to provide. Bottom line: be strategic in how you refer to vendors and know the risks.

    Step 3.2 – Compile scorecards

    Begin scoring your top vendors

    The scorecard process typically is owned and operated by the VMI, but the actual rating of the criteria within the measurement categories is conducted by those with day-to-day interactions with the vendors, those using or impacted by the services and products provided by the vendors, and those with the skills to research other information on the scorecard (e.g. risk). Chances are one person will not be able to complete an entire scorecard by themselves. As a result, the scorecard process is a team sport comprised of sub-teams where necessary.

    The VMI will compile the scores, calculate the final results, and aggregate all the comments into one scorecard. There are two common ways to approach this task:

    1. Send out the scorecard template to those who will be scoring the vendor and ask them to return it when completed, providing them with a due date a few days before you need it; you'll need time to compile, calculate, and aggregate.
    2. Invite those who will be scoring the vendor to a meeting and let the contributors use that time to score the vendors; make VMI team members available to answer questions and facilitate the process.

    Step 3.2 – Compile scorecards (cont'd)

    Gather input from stakeholders and others impacted by the vendors

    Since multiple people will be involved in the scorecarding process or have information to contribute, the VMI will have to work with the reviewers to ensure he right mix of data is provided. For example:

    • If you are tracking lawsuits filed by or against the vendor, one person from Legal may be able to provide that, but they may not be able to evaluate any other criteria on the scorecard.
    • If you are tracking salesperson competencies, multiple people from multiple areas may have valuable insights.
    • If you are tracking deliverable timeliness, several project managers may want to contribute across several projects.

    Where one person is contributing exclusively to limited criteria, make it easy for them to identify the criteria they are to evaluate. When multiple people from the same functional area will provide insights, they can contribute individually (and the VMI will average their responses) or they can respond collectively after reaching consensus as a group.

    After the VMI has compiled, calculated, and aggregated, share the results with executives, impacted stakeholders, and others who will be attending the BAM for that vendor. Depending upon the comments provided by internal personnel, you may need to create a sanitized version of the scorecard for the vendor.

    Make sure your process timeline has a buffer built in. You'll be sending the final scorecard to the vendor three to five days before the BAM, and you'll need some time to assemble the results. The scorecarding process can be perceived as a low-priority activity for people outside of the VMI, and other "priorities" will arise for them. Without a timeline buffer, the VMI may find itself behind schedule and unprepared, due to things beyond its control.

    Step 3.3 – Conduct business alignment meetings

    Determine which vendors will participate and how long the meetings will last

    At their core, BAMs aren't that different from any other meeting. The basics of running a meeting still apply, but there are a few nuances that apply to BAMs. Set out below are leading practices for conducing your BAMs; adapt them to meet your needs and suit your environment.

    Who

    Initially, BAMs are conducted with the strategic vendors in your pilot program. Over time you'll add vendors until all your strategic vendors are meeting with you quarterly. After that, roll out the BAMs to those tactical and operational vendors located close to the strategic quadrant in the classification model (Steps 2.1 and 3.1) and as VMI resources allow. It may take several years before you are holding regular BAMs with all your strategic, tactical, and operational vendors.

    Duration

    Keep the length of your meetings reasonable. The first few with a vendor may need to be 60 to 90 minutes long. After that, you should be able to trim them to 45 minutes to 60 minutes. The BAM does not have to fill the entire time. When you are done, you are done.

    Step 3.3 – Conduct business alignment meetings (cont'd)

    Identify who will be invited and send out invitations

    Invitations

    Set up a recurring meeting whenever possible. Changes will be inevitable but keeping the timeline regular works to your advantage. Also, the vendors included in your initial BAMs won't change for twelve months. For the first BAM with a vendor, provide adequate notice; four weeks is usually sufficient, but calendars will fill up quickly for the main attendees from the vendor. Treat the meeting as significant and make sure your invitation reflects this. A simple meeting request will often be rejected, treated as optional, or ignored completely by the vendor's leadership team (and maybe yours as well!).

    Invitees

    Internal invitees should include those with a vested interest in the vendor's performance and the relationship. Other functional areas may be invited based on need or interest. Be careful the attendee list doesn't get too big. Based on this, internal BAM attendees often include representatives from IT, Sourcing/Procurement, and the applicable business units. At times, Finance and Legal are included.

    From the vendor's side, strive to have decision makers and key leaders attend. The salesperson/account manager is often included for continuity, but a director or vice president of sales will have more insights and influence. The project manager is not needed at this meeting due to the nature of the meeting and its agenda; however, a director or vice president from the product or service delivery area is a good choice. Bottom line: get as high into the vendor's organization as possible whenever possible; look at the types of contracts you have with that vendor to provide guidance on the type of people to invite.

    Step 3.3 – Conduct business alignment meetings (cont'd)

    Prepare for the Meetings and Maintain Control

    Preparation

    Send the scorecard and agenda to the vendor five days prior to the BAM. The vendor should provide you with any information you require for the meeting five days prior, as well.

    Decide who will run the meeting. Some customers like to lead, and others let the vendor present. How you craft the agenda and your preferences will dictate who runs the show.

    Make sure the vendor knows what materials they should bring to the meeting or have access to. This will relate to the agenda and any specific requests listed under the discussion points. You don't want the vendor to be caught off guard and unable to discuss a matter of importance to you.

    Running the BAM

    Regardless of which party leads, make sure you manage the agenda to stay on topic. This is your meeting – not the vendor's, not IT's, not Procurement's or Sourcing's. Don't let anyone hijack it.

    Make sure someone is taking notes. If you are running this virtually, consider recording the meeting. Check with your legal department first for any concerns, notices, or prohibitions that may impact your recording the session.

    Remember, this is not a sales call, and it is not a social activity. Innovation discussions are allowed and encouraged, but that can quickly devolve into a sales presentation. People can be friendly toward one another, but the relationship building should not overwhelm the other purposes.

    Step 3.3 – Conduct business alignment meetings (cont'd)

    Follow these additional guidelines to maximize your meetings

    More leading practices

    • Remind everyone that the conversation may include items covered by various confidentiality provisions or agreements.
    • Publish the meeting minutes on a timely basis (within 48 hours).
    • Focus on the bigger picture by looking at trends over time; get into the details only when warranted.
    • Meet internally immediately beforehand to prepare – don't go in cold. Review the agenda and the roles and responsibilities for the attendees.
    • Physical meetings are better than virtual meetings, but travel constraints, budgets, and pandemics may not allow for physical meetings.

    Final thoughts

    • When performance or the relationship is suffering, be constructive in your feedback and conversations rather than trying to assign blame; lead with the carrot rather than the stick.
    • Look for collaborative solutions whenever possible and avoid referencing the contract if possible. Communicate your willingness to help resolve outstanding issues.
    • Use inclusive language and avoid language that puts the vendor on the defensive.
    • Make sure that your meetings are not focused exclusively on the negative, but don't paint a rosy picture where one doesn't exist.
    • A vendor that is doing well should be commended. This is an important part of relationship building.

    Step 3.4 – Work the 90-day plan

    Monitor your progress and share your results

    Having a 90-day plan is a good start, but assuming the tasks on the plan will be accomplished magically or without any oversight can lead to failure. While it won't take a lot of time to work the plan, following a few basic guidelines will help ensure the 90-day plan gets results and wasn't created in vain.

    1. Measure and track your progress against the initial/current 90-day plan at least weekly; with a short timeline, any delay can have a huge impact.
    2. If adjustments are needed to any elements of the plan, understand the cause and the impact of those adjustments before making them.
    3. Make adjustments ONLY when warranted. The temptation will be to push activities and tasks further out on the timeline (or to the next 90-day plan!) when there is any sort of hiccup along the way, especially when personnel outside the VMI are involved. Hold true to the timeline whenever possible; once you start slipping, it often becomes a habit.
    4. Report on progress every week and hold people accountable for their assignments and contributions.
    5. Take the 90-day plan seriously and treat it as you would any significant project. This is part of the VMI's branding and image.

    Step 3.5 – Manage the three-year roadmap

    Keep an eye on the future since it will feed the present

    The three-year roadmap is a great planning tool, but it is not 100% reliable. There are inherent flaws and challenges. Essentially, the roadmap is a set of three "crystal balls" attempting to tell you what the future holds. The vision for year 1 may be clear, but for each subsequent year, the crystal ball becomes foggier. In addition, the timeline is constantly changing; before you know it, tomorrow becomes today and year 2 becomes year 1.

    To help navigate through the roadmap and maximize its potential, follow these principles:

    • Manage each year of the roadmap differently.
      • Review the year-1 map each quarter to update your 90-day plans (See steps 2.10 and 3.4).
      • Review the year-2 map every six months to determine if any changes are necessary. As you cycle through this, your vantage point of year 2 will be 6 months or 12 months away from the beginning of year 2, and time moves quickly.
      • Review the year-3 map annually, and determine what needs to be added, changed, or deleted. Each time you review year 3, it will be a "new" year 3 that needs to be built.
    • Analyze the impact on the proposed modifications from two perspectives: 1) What is the impact if a requested modification is made? 2) What is the impact if a requested modification is not made?
    • Validate all modifications with leadership and stakeholders before updating the three-year roadmap to ensure internal alignment.

    Step 3.6 – Develop/improve vendor relationships

    Drive better performance through better relationships

    One of the key components of a VMI is relationship management. Good relationships with your vendors provide many benefits for both parties, but they don't happen by accident. Do not assume the relationship will be good or is good merely because your organization is buying products and services from a vendor.

    In many respects, the VMI should mirror a vendor's sales organization by establishing relationships at multiple levels within the vendor organizations, not just with the salesperson or account manager. Building and maintaining relationships is hard work, but the return on investment makes it worthwhile.

    Business relationships are comprised of many components, not all of which must be present to have a great relationship. However, there are some essential components. Whether you are trying to develop, improve, or maintain a relationship with a vendor, make sure you are conscious of the following:

    • Focusing your energies on strategic vendors first and then tactical and operational vendors.
    • Being transparent and honest in your communications.
    • Continuously building trust by being responsive and honoring commitments (timely).
    • Creating a collaborative environment and build upon common ground.
    • Thanking the vendor when appropriate.
    • Resolving disputes early, avoiding the "blame game", and being objective when there are disagreements.

    Phase 4 - Review

    Keep your VMI up to date and running smoothly

    Phase 1

    Phase 2Phase 3Phase 4

    1.1 Mission Statement and Goals

    1.2 Scope

    1.3 Strengths and Obstacles

    1.4 Roles and Responsibilities

    2.1 Classification Model

    2.2 Risk Assessment Tool

    2.3 Scorecards and Feedback

    2.4 Business Alignment Meeting Agenda

    2.5 Relationship Alignment Document

    2.6 Vendor Orientation

    2.7 3-Year Roadmap

    2.8 90-Day Plan

    2.9 Quick Wins

    2.10 Reports

    3.1 Classify Vendors

    3.2 Compile Scorecards

    3.3 Conduct Business Alignment Meetings

    3.4 Work the 90-Day Plan

    3.5 Manage the 3-Year Roadmap

    3.6 Develop/Improve Vendor Relationships

    4.1 Incorporate Leading Practices

    4.2 Leverage Lessons Learned

    4.3 Maintain Internal Alignment

    This phase will walk you through the following activity:

    • Helping the VMI identify what it should stop doing, start doing, and continue doing as it improves and matures. The main outcomes from this phase are ways to advance the VMI and maintain internal alignment.

    This phase involves the following participants:

    • VMI team
    • Applicable stakeholders and executives
    • Others as needed

    Vendor Management Initiative Basics for the Small/Medium Businesses

    Phase 4 – Review

    Keep your VMI up to date and running smoothly

    As the adage says, "The only thing constant in life is change." This is particularly true for your VMI. It will continue to mature, people inside and outside of the VMI will change, resources will expand or contract from year to year, your vendor base will change. As a result, your VMI needs the equivalent of a physical every year. In place of bloodwork, x-rays, and the other paces your physician may put you through, you'll assess compliance with your policies and procedures, incorporate leading practices, leverage lessons learned, maintain internal alignment, and update governances.

    Be thorough in your actions during this Phase to get the most out of it. It requires more than the equivalent of gauging a person's health by taking their temperature, measuring their blood pressure, and determining their body mass index. Keeping your VMI up-to-date and running smoothly takes hard work.

    Some of the items presented in this Phase require an annual review; others may require quarterly review or timely review (i.e. when things are top of mind and current). For example, collecting lessons learned should happen on a timely basis rather than annually, and classifying your vendors should occur annually rather than every time a new vendor enters the fold.

    Ultimately, the goal is to improve over time and stay aligned with other areas internally. This won't happen by accident. Being proactive in the review of your VMI further reinforces the nature of the VMI itself – proactive vendor management, not reactive!

    Step 4.1 – Incorporate leading practices

    Identify and evaluate what external VMIs are doing

    The VMI's world is constantly shifting and evolving. Some changes will take place slowly, while others will occur quickly. Think about how quickly the cloud environment has changed over the past five years versus the 15 years before that; or think about issues that have popped up and instantly altered the landscape (we're looking at you COVID and ransomware). As a result, the VMI needs to keep pace, and one of the best ways to do that is to incorporate leading practices.

    At a high level, a leading practice is a way of doing something that is better at producing a particular outcome or result or performing a task or activity than other ways of proceeding. The leading practice can be based on methodologies, tools, processes, procedures, and other items. Leading practices change periodically due to innovation, new ways of thinking, research, and other factors. Consequently, a leading practice is to identify and evaluate leading practices each year.

    Step 4.1 – Incorporate leading practices (cont'd)

    Update your VMI based on your research

    • A simple approach for incorporating leading practices into your regular review process is set out below:
    • Research:
      • What other VMIs in your industry are doing.
      • What other VMIs outside your industry are doing.
      • Vendor management in general.
    • Based on your results, list specific leading practices others are doing that would improve your VMI (be specific – e.g. other VMIs are incorporating risk into their classification process).
    • Evaluate your list to determine which of these potential changes fit or could be modified to fit your culture and environment.
    • Recommend the proposed changes to leadership (with a short business case or explanation/justification, as needed) and gain approval.

    Remember: Leading practices or best practices may not be what is best for you. In some instances, you will have to modify them to fit in your culture and environment; in other instances, you will elect not to implement them at all (in any form).

    Step 4.2 – Leverage lessons learned

    Tap into the collective wisdom and experience of your team members

    There are many ways to keep your VMI running smoothly, and creating a lessons learned library is a great complement to the other ways covered in this Phase 4 - Review. By tapping into the collective wisdom of the team and creating a safe feedback loop, the VMI gains the following benefits:

    • Documented institutional wisdom and knowledge normally found only in the team members' brains.
    • The ability for one team member to gain insights and avoid mistakes without having to duplicate the events leading to the insights or mistakes.
    • Improved methodologies, tools, processes, procedures, skills, and relationships.

    Many of the processes raised in this Phase can be performed annually, but a lessons learned library works best when the information is deposited in a timely manner. How you choose to set up your lessons learned process will depend on the tools you select and your culture. You may want to have regular input meetings to share the lessons as they are being deposited, or you may require team members to deposit lessons learned on a regular basis (within a week after they happen, monthly, or quarterly). Waiting too long can lead to vague or lost memories and specifics; timeliness of the deposits is a crucial element.

    Step 4.2 – Leverage lessons learned (cont'd)

    Create a library to share valuable information across the team

    Lessons learned are not confined to identifying mistakes or dissecting bad outcomes. You want to reinforce good outcomes, as well. When an opportunity for a lessons-learned deposit arises, identify the following basic elements:

    • A brief description of the situation and outcome.
    • What went well (if anything) and why did it go well?
    • What didn't go well (if anything) and why didn't it go well?
    • What would/could you do differently next time?
    • A synopsis of the lesson(s) learned.

    Info-Tech Insights

    The lessons learned library needs to be maintained. Irrelevant material needs to be culled periodically, and older or duplicate material may need to be archived.

    the lessons learned process should be blameless. The goal is to share insightful information, not to reward or punish people based on outcomes or results.

    Step 4.3 – Maintain internal alignment

    Review the plans of other internal areas to stay in sync

    Maintaining internal alignment is essential for the ongoing success of the VMI. Over time, it is easy to lose sight of the fact that the VMI does not operate in a vacuum; it is an integral component of a larger organization whose parts must work well together to function optimally. Focusing annually on the VMI's alignment within the enterprise helps reduce any breakdowns that could derail the organization.

    To ensure internal alignment:

    • Review the key components of the applicable materials from Phase 1 - Plan and Phase 2 - Build with the appropriate members of the leadership team (e.g. executives, sponsors, and stakeholders). Not every item from those Phases and Steps needs to be reviewed but err on the side of caution for the first set of alignment discussions, and be prepared to review each item. You can gauge the audience's interest on each topic and move quickly when necessary or dive deeper when needed. Identify potential changes required to maintain alignment.
    • Review the strategic plans (e.g. 1-, 3-, and 5- year plans) for various portions of the organization if you have access to them or gather insights if you don't have access.
      • If the VMI is under the IT umbrella, review the strategic plans for IT and its departments.
      • Review the strategic plans for the areas the VMI works with (e.g. Procurement, Business Units).
      • The organization itself.
    • Create and vet a list of modifications to the VMI and obtain approval.
    • Develop a plan for making the necessary changes.

    Summary of Accomplishment

    Problem solved

    Vendor management is a broad, often overwhelming, comprehensive spectrum that encompasses many disciplines. By now, you should have a great idea of what vendor management can or will look like in your organization. Focus on the basics first: Why does the VMI exist and what does it hope to achieve? What is it's scope? What are the strengths you can leverage, and what obstacles must you manage? How will the VMI work with others? From there, the spectrum of vendor management will begin to clarify and narrow.

    Leverage the tools and templates from this blueprint and adapt them to your needs. They will help you concentrate your energies in the right areas and on the right vendors to maximize the return on your organization's investment in the VMI of time, money, personnel, and other resources. You may have to lead by example internally and with your vendors at first, but they will eventually join you on your path if you stay true to your course.

    At the heart of a good VMI is the relationship component. Don't overlook its value in helping you achieve your vendor management goals. The VMI does not operate in a vacuum, and relationships (internal and external) will be critical.

    Lastly, seek continual improvement from the VMI and from your vendors. Both parties should be held accountable, and both parties should work together to get better. Be proactive in your efforts, and you, the VMI, and the organization will be rewarded.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop

    Contact your account representative for more information

    workshops@infotech.com
    1-888-670-8889

    Related Info-Tech Research

    Prepare for Negotiations More Effectively
    Don't leave negotiation preparations and outcomes to chance. Learn how to prepare for negotiations more effectively and improve your results.

    Understand Common IT Contract Provisions to Negotiate More Effectively
    Info-Tech's guidance and insights will help you navigate the complex process of contract review and identify the key details necessary to maximize the protections for your organization.

    Capture and Market the ROI of Your VMO
    Calculating the impact or value of a vendor management office (VMO) can be difficult without the right framework and tools. Let Info-Tech's tools and templates help you account for the contributions made by your VMO.

    Bibliography

    Slide 5 – ISG Index 4Q 2021, Information Services Group, Inc., 2022.

    Slide 6 – ISG Index 4Q 2021, Information Services Group, Inc., 2022.

    Slide 7 – Geller & Company. "World-Class Procurement — Increasing Profitability and Quality." Spend Matters. 2003. Web. Accessed 4 Mar. 2019.

    Slide 26 – Guth, Stephen. The Vendor Management Office: Unleashing the Power of Strategic Sourcing. Lulu.com, 2007. Print. Protiviti. Enterprise Risk Management. Web. 16 Feb. 2017.

    Slide 34 – "Why Do We Perform Better When Someone Has High Expectations of Us?" The Decision Lab. Accessed January 31, 2022.

    Slide 56 - Top 10 Tips for Creating Compelling Reports," October 11, 2019, Design Eclectic. Accessed March 29, 2022.

    Slide 56 – "Six Tips for Making a Quality Report Appealing and Easy To Skim," Agency for Health Research and Quality. Accessed March 29, 2022.

    Slide 56 –Tucker, Davis. Marketing Reporting: Tips to Create Compelling Reports, March 28, 2020, 60 Second Marketer. Accessed March 29, 2022.

    Take Control of Infrastructure and Operations Metrics

    • Buy Link or Shortcode: {j2store}460|cart{/j2store}
    • member rating overall impact (scale of 10): 8.5/10 Overall Impact
    • member rating average dollars saved: $7,199 Average $ Saved
    • member rating average days saved: 11 Average Days Saved
    • Parent Category Name: Operations Management
    • Parent Category Link: /i-and-o-process-management
    • Measuring the business value provided by IT is very challenging.
    • You have a number of metrics, but they may not be truly meaningful, contextual, or actionable.
    • You know you need more than a single metric to tell the whole story. You also suspect that metrics from different systems combined will tell an even fuller story.
    • You are being asked to provide information from different levels of management, for different audiences, conveying different information.

    Our Advice

    Critical Insight

    • Many organizations collect metrics to validate they are keeping the lights on. But the Infrastructure and Operations managers who are benefitting the most are taking steps to ensure they are getting the right metrics to help them make decisions, manage costs, and plan for change.
    • Complaints about metrics are often rooted in managers wading through too many individual metrics, wrong metrics, or data that they simply can’t trust.
    • Info-Tech surveyed and interviewed a number of Infrastructure managers, CIOs, and IT leaders to understand how they are leveraging metrics. Successful organizations are using metrics for everything from capacity planning to solving customer service issues to troubleshooting system failures.

    Impact and Result

    • Manage metrics so they don’t become time wasters and instead provide real value.
    • Identify the types of metrics you need to focus on.
    • Build a metrics process to ensure you are collecting the right metrics and getting data you can use to save time and make better decisions.

    Take Control of Infrastructure and Operations Metrics Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should implement a metrics program in your Infrastructure and Operations practice, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Gap analysis

    This phase will help you identify challenges that you want to avoid by implementing a metrics program, discover the main IT goals, and determine your core metrics.

    • Take Control of Infrastructure and Operations Metrics – Phase 1: Gap Analysis
    • Infra & Ops Metrics Executive Presentation

    2. Build strategy

    This phase will help you make an actionable plan to implement your metrics program, define roles and responsibilities, and communicate your metrics project across your organization and with the business division.

    • Take Control of Infrastructure and Operations Metrics – Phase 2: Build Strategy
    • Infra & Ops Metrics Definition Template
    • Infra & Ops Metrics Tracking and Reporting Tool
    • Infra & Ops Metrics Program Roles & Responsibilities Guide
    • Weekly Metrics Review With Your Staff
    • Quarterly Metrics Review With the CIO
    [infographic]

    Optimize Your SQA Practice Using a Full Lifecycle Approach

    • Buy Link or Shortcode: {j2store}405|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Testing, Deployment & QA
    • Parent Category Link: /testing-deployment-and-qa
    • Your software quality assurance (SQA) program is using the wrong set of metrics to measure how process improvements influence product quality improvements.
    • Roles & responsibilities and quality assurance initiatives are not well defined and need to be allocated to individuals that can be held responsible for quality-related issues.
    • You are finding it hard to determine a causation between SQA process improvements and an improvement in product quality.

    Our Advice

    Critical Insight

    • Your product is only as good as your process. A robust development and SQA process creates artifacts that are highly testable, easily maintained, and strongly traceable across the development lifecycle, ensuring that the product delivered meets expectations set out by the business.
    • A small issue within your development process can have a ripple effect on the level of product quality. Discover what you don’t know and identify areas within your SQA practice that require attention.

    Impact and Result

    • SQA must be viewed as more than defect analysis and testing. Instead, place greater emphasis on preventative measures to ensure application quality across the entire development lifecycle.
    • IT must create a comprehensive SQA plan that delineates roles and responsibilities as they relate to quality assurance. Ensure tasks and procedures improve process efficiency and quality, and formalize metrics that help to implement a continuous improvement cycle for SQA.
    • Our methodology provides simple-to-follow steps to develop an SQA plan that provides clear insight into your current quality assurance practices.
    • Establish a synchronous relationship between the business and IT to help stakeholders understand the importance and relative value of quality assurance tasks to current costs.

    Optimize Your SQA Practice Using a Full Lifecycle Approach Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should optimize your SQA practice using a full lifecycle approach, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess your current SQA capabilities

    Evaluate and understand your current SQA capabilities, as well as the degree to which metric objectives are being met.

    • Optimize Your SQA Practice Using a Full Lifecycle Approach – Phase 1: Assess Your Current SQA Capabilities
    • Software Quality Assurance Current State Assessment Tool
    • Software Quality Assurance Assessment Workbook

    2. Define SQA target state processes

    Identify and define SQA processes and metrics needed to meet quality objectives set by development teams and the business.

    • Optimize Your SQA Practice Using a Full Lifecycle Approach – Phase 2: Define SQA Target State Processes

    3. Determine optimization initiatives for improving your SQA practice

    Build your SQA plan and optimization roadmap.

    • Optimize Your SQA Practice Using a Full Lifecycle Approach – Phase 3: Determine Optimization Initiatives
    • Software Quality Assurance Plan Template
    • Software Quality Assurance Optimization Roadmap Tool
    • Software Quality Assurance Communication Template
    [infographic]

    Workshop: Optimize Your SQA Practice Using a Full Lifecycle Approach

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess Your Current SQA Capabilities

    The Purpose

    To help you assess and understand your current SQA capabilities as well as the degree to which metric objectives are being met.

    Key Benefits Achieved

    An analysis of current SQA practices to provide insight into potential inefficiencies, opportunities, and to provide the business with sufficient rationale for improving current quality assurance initiatives.

    Activities

    1.1 Conduct a high-level assessment of where to focus your current state analysis.

    1.2 Document your high-level development process.

    1.3 Create a RACI chart to understand roles and responsibilities.

    1.4 Perform a SIPOC-MC analysis for problem areas identified in your SDLC.

    1.5 Identify the individual control points involved with passing software artifacts through SDLC stages being assessed.

    1.6 Identify problem areas within your SDLC as they relate to SQA.

    Outputs

    Understanding of current overall development process and where it is most weak in the context of quality assurance

    Understanding of assigned roles and responsibilities across development teams, including individuals who are involved with making quality-related decisions for artifact hand-off

    Identification of problem areas within SQA process for further analysis

    2 Define SQA Target State Processes

    The Purpose

    To help you identify and define SQA processes and metrics needed to meet quality objectives set out by development teams and the business.

    Key Benefits Achieved

    A revised list of key SQA tasks along with metrics and associated tolerance limits used universally for all development projects.

    Activities

    2.1 Establish SQA metrics and tolerance limits across your SDLC.

    2.2 Determine your target state for SQA processes within the define/design stage of the SDLC.

    2.3 Determine your target state for SQA processes within the development stage of the SDLC.

    2.4 Determine your target state for SQA processes within the testing stage of the SDLC.

    2.5 Determine your target state for SQA processes within the deploy/release stage of the SDLC.

    Outputs

    Identification of the appropriate metrics and their associated tolerance limits to provide insights into meeting quality goals and objectives during process execution

    Identification of target state SQA processes that are required for ensuring quality across all development projects

    3 Prioritize SQA Optimization Initiatives and Develop Optimization Roadmap

    The Purpose

    Based on discovered inefficiencies, define optimization initiatives required to improve your SQA practice.

    Key Benefits Achieved

    Optimization initiatives and associated tasks required to address gaps and improve SQA capabilities.

    Activities

    3.1 Determine optimization initiatives for improving your SQA process.

    3.2 Gain the full scope of effort required to implement your SQA optimization initiatives.

    3.3 Identify the enablers and blockers of your SQA optimization.

    3.4 Define your SQA optimization roadmap.

    Outputs

    Prioritized list of optimization initiatives for SQA

    Assessment of level of effort for each SQA optimization initiative

    Identification of enablers and blockers for optimization initiatives

    Identification of roadmap timeline for implementing optimization initiatives

    Project Management

    • Buy Link or Shortcode: {j2store}48|cart{/j2store}
    • Related Products: {j2store}48|crosssells{/j2store}
    • member rating overall impact (scale of 10): 9.7/10
    • member rating average dollars saved: $303,499
    • member rating average days saved: 42
    • Parent Category Name: Project Portfolio Management and Projects
    • Parent Category Link: /ppm-and-projects

    The challenge

    • Ill-defined or even lack of upfront project planning will increase the perception that your IT department cannot deliver value because most projects will go over time and budget.
    • The perception is those traditional ways of delivering projects via the PMBOK only increase overhead and do not have value. This is less due to the methodology and more to do with organizations trying to implement best-practices that far exceed their current capabilities.
    • Typical best-practices are too clinical in their approach and place unrealistic burdens on IT departments. They fail to address the daily difficulties faces by staff and are not sized to fit your organization.
    • Take a flexible approach and ensure that your management process is a cultural and capacity fit for your organization. Take what fits from these frameworks and embed them tailored into your company.

    Our advice

    Insight

    • The feather-touch is often the right touch. Ensure that you have a lightweight approach for most of your projects while applying more rigor to the more complex and high-risk developments.
    • Pick the right tools. Your new project management processes need the right tooling to be successful. Pick a tool that is flexible enough o accommodate projects of all sizes without imposing undue governance onto smaller projects.
    • Yes, take what fits within your company from frameworks, but there is no cherry-picking. Ensure your processes stay in context: If you do not inform for effective decision-making, all will be in vain. Develop your methods such that guide the way to big-picture decision taking and support effective portfolio management.

    Impact and results 

    • The right amount of upfront planning is a function of the type of projects you have and your company. The proper levels enable better scope statements, better requirements gathering, and increased business satisfaction.
    • An investment in a formal methodology is critical to projects of all sizes. An effective process results in more successful projects with excellent business value delivery.
    • When you have a repeatable and consistent approach to project planning and execution, you can better communicate between the IT project managers and decision-makers.
    • Better communication improves the visibility of the overall project activity within your company.

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Get started.

    Read our executive brief to understand why you should tailor project management practices to the type of projects you do and your company and review our methodology. We show you how we can support you.

    Lay the groundwork for project management success

    Assess your current capabilities to set the right level of governance.

    • Tailor Project Management Processes to Fit Your Projects – Phase 1: Lay the Groundwork for PM Success (ppt)
    • Project Management Triage Tool (xls)
    • COBIT BAI01 (Manage Programs and Projects) Alignment Workbook (xls)
    • Project Level Definition Matrix (xls)
    • Project Level Selection Tool (xls)
    • Project Level Assessment Tool (xls)
    • Project Management SOP Template (doc)

    Small project require a lightweight framework

    Increase small project's throughput.

    • Tailor Project Management Processes to Fit Your Projects – Phase 2: Build a Lightweight PM Process for Small Initiatives (ppt)
    • Level 1 Project Charter Template (doc)
    • Level 1 Project Status Report Template (doc)
    • Level 1 Project Closure Checklist Template (doc)

    Build the standard process medium and large-scale projects

    The standard process contains fully featured initiation and planning.

    • Tailor Project Management Processes to Fit Your Projects – Phase 3: Establish Initiation and Planning Protocols for Medium-to-Large Projects (ppt)
    • Project Stakeholder and Impact Assessment Tool (xls)
    • Level 2 Project Charter Template (doc)
    • Level 3 Project Charter Template (doc)
    • Kick-Off Meeting Agenda Template (doc)
    • Scope Statement Template (doc)
    • Project Staffing Plan(xls)
    • Communications Management Plan Template (doc)
    • Customer/Sponsor Project Status Meeting Template (doc)
    • Level 2 Project Status Report Template (doc)
    • Level 3 Project Status Report Template (doc)
    • Quality Management Workbook (xls)
    • Benefits Management Plan Template (xls)
    • Risk Management Workbook (xls)

    Build a standard process for the execution and closure of medium to large scale projects

    • Tailor Project Management Processes to Fit Your Projects – Phase 4: Develop Execution and Closing Procedures for Medium-to-Large Projects (ppt)
    • Project Team Meeting Agenda Template (doc)
    • Light Project Change Request Form Template (doc)
    • Detailed Project Change Request Form Template (doc)
    • Light Recommendation and Decision Tracking Log Template (xls)
    • Detailed Recommendation and Decision Tracking Log Template (xls)
    • Deliverable Acceptance Form Template (doc)
    • Handover to Operations Template (doc)
    • Post-Mortem Review Template (doc)
    • Final Sign-Off and Acceptance Form Template (doc)

    Implement your project management standard operating procedures (SOP)

    Develop roll-out and training plans, implement your new process and track metrics.

    • Tailor Project Management Processes to Fit Your Projects – Phase 5: Implement Your PM SOP (ppt)
    • Level 2 Project Management Plan Template (doc)
    • Project Management Process Costing Tool (xls)
    • Project Management Process Training Plan Template (doc)
    • Project Management Training Monitoring Tool (xls)
    • Project Management Process Implementation Timeline Tool (MS Project)
    • Project Management Process Implementation Timeline Tool (xls)

     

     

    Improve Email Security

    • Buy Link or Shortcode: {j2store}272|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Secure Cloud & Network Architecture
    • Parent Category Link: /secure-cloud-network-architecture

    As the sophistication of malicious attacks increases, it has become more difficult to ensure applications such as email software are properly protected and secured. The increase in usage and traffic of email exacerbates the security risks to the organization.

    Our Advice

    Critical Insight

    Email has changed. Your email security needs to evolve as well to ensure you are protecting your organization’s communication.

    Impact and Result

    • Gain an understanding of the importance of email security and steps to secure your corporate email.
    • Develop holistic guidelines on implementing best practices to modernize your organization’s email security.

    Improve Email Security Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Improve Email Security Storyboard – A guide to best practices for improving an organization’s email security.

    This research provides guidelines to assist organizations in identifying controls to secure their emails along with recommendations on the most common and effective controls to secure and protect corporate emails.

    • Improve Email Security Storyboard

    2. Email Security Checklist – A checklist tool that enables organizations to monitor their progress in implementing controls to improve their email security.

    This checklist of common email security categories and their associated controls helps ensure organizations are following best practices.

    • Email Security Checklist
    [infographic]

    Further reading

    Improve Email Security

    Follow the latest best practices for email security to mitigate evolving threats.

    Analyst Perspective

    Protecting your organization’s digital assets begins with securing your email communication.

    As organizations increasingly rely on email communication for day-to-day business operations, threat actors are exploiting the increased traction to develop and implement more sophisticated email-based attacks. Furthermore, the lack of investment in measures, tools, and technologies for an organization’s email security exacerbates the vulnerabilities at hand.

    Effective use of security procedures and techniques can mitigate and minimize email-based threats have been shown to reduce the ability of these attacks to infiltrate the email inbox. These guidelines and best practices will help your organization conduct due diligence to protect the contents of the email, its transit, and its arrival to the authorized recipient.

    Ahmad Jowhar, Research Specialist, Security & Privacy

    Ahmad Jowhar
    Research Specialist, Security & Privacy
    Info-Tech Research Group

    Executive Summary

    Your Challenge Common Obstacles Info-Tech’s Approach
    • As malicious attacks get increasingly sophisticated, it has become more difficult to ensure applications such as email software are properly protected and secured.
    • The increased usage and traffic of emails, as well as their contents, exacerbates security risks to the organization.
    • Given the variety of email security controls, it can be complicated to identify the most important techniques for improving your organization’s email security.
    • Understand the importance of implementing email security for your organization.
    • Develop a holistic guideline for implementing best practices to secure your organization’s emails.

    Info-Tech Insight
    Email has changed. Your email security must evolve to ensure the safety of your organization’s communication.

    Your Challenge

    As a security leader, you need to modernize your email security services so you can protect business communications and prevent security incidents.

    • Various factors must be considered when deciding how best to safeguard your organization’s communication chain. This includes the frequency of email traffic and the contents of emails.
    • The increased number of email-based cyberattacks reveals the sophistication of threat actors in leveraging an organization’s lack of email security to infiltrate their business.
    • As organizations continue to rely heavily on email communication, email-based threats will become increasingly prevalent.

    75% of organizations have experienced an increase in email-based threats.

    97% of security breaches are due to phishing attacks.

    82% of companies reported a higher volume of email in 2022.

    Source: Mimecast, 2023.

    Modern email security controls framework for security leaders

    Email has changed. Your email security must evolve to ensure the safety of your organization’s communication.

    Modern email security controls framework for security leaders

    Understand the best practices in securing your organization’s emails

    Enhance your security posture by modernizing your email security
    Email has changed. Your email security must evolve to ensure the safety of your organization’s communication.

    Deploy an added layer of defense by preventing the contents of your email from being intercepted.

    Encrypting your email communication will provide an additional layer of protection which only allows authorized users to read the email.

    Leverage triple-threat authentication controls to strengthen your email security.

    Leveraging SPF, DKIM, and DMARC enables you to have the proper authentication controls in place, ensuring that only legitimate users are part of the email communication.

    Protect the contents of your email through data classification and data loss prevention.

    Having tools and technologies in place to ensure that data is classified and backed up will enable better storage, analysis, and processing of the email.

    Implement email policies for a holistic email security protection.

    Policies ensure acceptable standards are in place to protect the organization’s assets, including the creation, attachment, sending, and receiving of emails.

    User awareness and training
    Training employees on protecting their corporate emails adds an extra layer of defense by ensuring end users are aware of various email-based threats and can confidently safeguard their organizations from attacks.

    Email encryption

    Deploy an added layer of defense by preventing the contents of your email from being intercepted.

    • Protecting your organization’s emails begins by ensuring only the appropriate recipients can receive and read the email’s contents.
    • This process includes encrypting the email’s contents to protect sensitive information from being read by unauthorized recipients.
    • This protects the contents even if the email is intercepted by anyone besides the intended recipient.
    • Other benefits of email encryption include:
      • Reducing any risks associated with regulatory violations.
      • Enabling business to confidently communicate sensitive information via email.
      • Ensuring protective measures taken to prevent data loss and corporate policy violations.

    Along with the increased use of emails, organizations are seeing an increase in the number of attacks orchestrating from emails. This has resulted in 74% of organizations seeing an increase in email-based threats.

    Source: Mimecast, 2023.

    Info-Tech Insight
    Encrypting your email communication will provide an additional layer of protection which only allows authorized users to read the email.

    Implementing email encryption

    Leverage these protocols and tools to help encrypt your email.

    • The most common email encryption protocols and tools include:
      • Transport Layer Security (TLS): A cryptographic protocol designed to securely deliver data via the internet, which prevents third parties from intercepting and accessing the data.
      • Secure/Multipurpose Internet Mail Extension (S/MIME): A protocol for sending digitally signed and encrypted messages by leveraging public key encryption to provide at-rest and in-transit data protection.
      • Secure Email Gateway: An email security solution that inspects emails for malicious content prior to it reaching the corporate system. The solution is positioned between the public internet and corporate email servers. An email gateway solution would be provided by a third-party vendor and can be implemented on-premises, through the cloud, or hybrid.
    • Email encryption policies can also be implemented to ensure processes are in place when sending sensitive information through emails.
    • Email encryption ensures end-to-end privacy for your email and is especially important when the email requires strict content privacy.

    Email authentication

    Three authentication controls your organization should leverage to stay secure.

    • Along with content encryption, it’s important to authenticate both the sender and recipient of an email to ensure that only legitimate users are able to send and receive it.
    • Implementing email authentication techniques prevents unsolicited email (e.g. spam) from entering your mailbox.
    • This also prevents unauthorized users from sending email on your organization’s behalf.
    • Having these standards in place would safeguard your organization from spam, spoofing, and phishing attacks.
    • The three authentication controls include:
      • Sender Policy Framework (SPF): Email validation control that verifies that the incoming email is from an authorized list of IP addresses provided by the sender’s domain administrator.
      • DomainKeys Identified Mail (DKIM): Enables recipients to verify that an email from a specific domain was authorized by the domain’s owner. This is conducted through cryptographic authentication by adding a digital signature to the message headers of outbound emails.
      • Domain Message Authentication Reporting & Conformance (DMARC): Provides domain-level protection of email channel by publishing DMARC records in the organization’s domain name system (DNS) and creates policies which prompts actions to take if an email fails authentication.

    Although these authentication controls are available for organizations to leverage, the adoption rate remains low. 73% of survey respondents indicated they didn’t deploy email authentication controls within their organization.

    Source: Mimecast, 2023.

    Email authentication controls

    All three authentication controls should be implemented to effectively secure your organization’s email. They ensure the emails you send and receive are securely authorized and legitimate.

    SPF DKIM DMARC

    Creating an SPF record identifies which IP addresses are allowed to send emails from your domain. Steps to implement SPF include the following:

    1. Create an SPF record by identifying the IP addresses that are authorized to send emails.
    2. Publish your SPF record into your DNS by creating a TXT record on your domain.

    Implementing DKIM helps prevent attackers from sending emails that pretend to come from your domain. Steps to implement DKIM include the following:

    1. Identify and enable domains you wish to configure DKIM to create DKIM keys.
    2. Copy the canonical names (CNAMEs) that are provided.
    3. Publish the CNAME records to your DNS service provider.

    Setting up DMARC ensures emails are validated and defines actions to take if an email fails authentication. These include:

    • None: Message is delivered to recipient and a DMARC report is sent to domain owner.
    • Quarantine: Message moved to quarantine folder and recipient is notified.
    • Reject: Message is not delivered to the recipient.
    • Steps to implement DMARC include:
    1. Create a DMARC record by including your organization’s email domain and IP addresses.
    2. Form a DMARC TXT record for your domain to include policies and publish it to your DNS.

    For more information:

    Data classification

    Ensure sensitive data is securely processed, analyzed, and stored.

    • Besides authenticating the legitimacy of an email and its traffic to the recipient, it’s important to have procedures in place to protect the contents of an email.
    • Data classification is found not only in databases and spreadsheets, but also in the email messages being communicated. Examples of data most commonly included in emails:
      • Personal identifiable information (PII): social security number, financial account number, passcodes/passwords
    • Applying data classification to your email can help identify the sensitivity of the information it contains. This ensures any critical data within an email message is securely processed and protected against unauthorized use, theft, and loss.
    • Emails can be classified based on various sensitivity levels. such as:
      • Top secret, public, confidential, internal

    Discover and Classify Your Data

    Leverage this Info-Tech blueprint for guidelines on implementing a data classification program for your organization.

    Info-Tech Insight
    Having tools and technologies in place to ensure that data is classified and backed up will enable better storage, analysis, and processing of the email.

    Data loss prevention (DLP)

    Protect your data from being lost/stolen.

    • Protecting an email’s contents through data classification is only one approach for improving email security. Having a data loss prevention solution would further increase security by minimizing the threat of sensitive information leaving your organization’s email network.
    • Examples of tools embedded in DLP solutions that help monitor an organization's email communication:
      • Monitoring data sent and received from emails: This ensures the data within an email communication is protected with the necessary encryption based on its sensitivity.
      • Detecting suspicious email activity: This includes analyzing users’ email behavior regarding email attachments and identifying irregular behaviors.
      • Flagging or blocking email activities which may lead to data loss: This prevents highly sensitive data from being communicated via email and reduces the risk of information being intercepted.
    • The types of DLP technologies that can be leveraged include:
      • Rule-based: Data that has been tagged by admins as sensitive can be blocklisted, which would flag and/or block data from being sent via email.
      • Machine learning: Data on users’ email behavior is collected, processed, and trained to understand the employee’s normal email behavior and detect/flag suspicious activities.
    • Implementing DLP solutions would complement your data classification techniques by ensuring proper measures are in place to secure your organization’s assets through policies, technology, and tools.

    48% of employees have accidently attached the wrong file to an email.

    39% of respondents have accidently sent emails that contained security information such as passwords and passcodes.

    Source: Tessian, 2021.

    User awareness & training

    A strong security awareness & training program is an important element of strengthening your email security.

    • Having all these tools and techniques in place to improve your email security will not be effective unless you also improve your employees’ awareness.
    • Employees should participate in email security training, especially since the majority utilize this channel of communication for day-to-day operations.
    • User awareness and training should go beyond phishing campaigns and should highlight the various types of email-based threats, the characteristics of these threats, and what procedures they can follow to minimize these threats.
    • 95% of data breaches are caused by human error. It can take nine months to discover and contain them, and they are expected to cost $8 trillion this year (Mimecast, 2023).
    • Investments in employee awareness and training would mitigate these risks by ensuring employees recognize and report suspicious emails, remain mindful of what type of data to share via email, and improve their overall understanding of the importance of email security.

    Develop a Security Awareness and Training Program That Empowers End Users

    Leverage this Info-Tech blueprint for assistance on creating various user training materials and empower your employees to become a main line of defense for your organization.

    64% of organizations conduct formal training sessions (in-person or computer-based).

    74% of organizations only focus on providing phishing-based training.

    Source: Proofpoint, 2021.

    Examples of email-based threats

    Phishing
    Email sent by threat actors designed to manipulate end user into providing sensitive information by posing as a trustworthy source

    Business Email Compromise
    Attackers trick a user into sending money or providing confidential information

    Spam
    Users receive unsolicited email, usually in bulk, some of which contains malware

    Spear Phishing
    A type of phishing attack where the email is sent to specific and targeted emails within the organization

    Whaling
    A type of phishing attack similar to spear phishing, but targeting senior executives within the organization

    Password/Email Exposure
    Employees use organizational email accounts and passwords to sign up for social media, leaving them susceptible to email and/or password exposure in a social media breach

    Email policies

    Having policies in place will enable these controls to be implemented.

    Developing security policies that are reasonable, auditable, enforceable, and measurable ensures proper procedures are followed and necessary measures are implemented to protect the organization. Policies relating to email security can be categorized into two groups:

    • User policy: Policies employees must adhere to when using their corporate email. Examples:
      • User acceptance of technology: Acknowledgment of legitimate and restrictive actions when using corporate email
      • Security awareness and training: Acknowledging completion of email security training
    • Administrator-set policy: Policies that are implemented by IT and/or security admins. Examples:
      • Email backup: Policy on how long emails should be archived and processes for disposing of them
      • Log retention: Policy on how to retain, process, and analyze logs created from email servers
      • Throttling: Policies that limit the number of emails sent by a sender and the number of recipients per email and per day depending on the employee’s grouping

    Develop and Deploy Security Policies

    Leverage this Info-Tech blueprint for assistance on developing and deploying actionable policies and creating an overall policy management lifecycle to keep your policies current, effective, and compliant.

    Info-Tech Insight
    Policies ensure acceptable standards are in place to protect the organization’s assets, including the creation, attachment, sending, and receiving of emails.

    Email security technologies & tools (SoftwareReviews)

    SoftwareReviews, a division of Info-Tech Research Group, provides enterprise software reviews to help organizations make more efficient decisions during the software selection process. Reviews are provided by authenticated IT professionals who have leveraged the software and provide unbiased insights on different vendors and their products.

    Learn from the collective knowledge of real IT professionals.

    • Know the products and features available.
    • Explore modules and detailed feature-level data.
    • Quickly understand the market.

    Evaluate market leaders through vendor rankings and awards.

    • Convince stakeholders with professional reports.
    • Avoid pitfalls with unfiltered data from real users.
    • Choose software with confidence.

    Cut through misleading marketing material.

    • Negotiate contracts based on data.
    • Know what to expect before you sign.
    • Effectively manage the vendor.

    Email security technologies & tools

    Leverage these tools for an enhanced email security solution.

    Email Security Checklist

    Follow these guidelines to ensure you are implementing best practices for securing your organization’s emails.

    • The Email Security Checklist is a tool to assess the current and future state of your organization’s email security and provides a holistic understanding on monitoring your progress within each category and associated controls.
    • The status column allows you to select the feature’s current implementation status, which includes the following options:
      • Enabled: The feature is deployed within the organization’s network.
      • Implemented: The feature is implemented within the organization’s network, but not yet deployed.
      • Not implemented: The feature has not been enabled or implemented.
    • Comments can be added for each feature to provide details such as indicating the progress on enabling/implementing a feature and why certain features are not yet implemented.

    Email Security Checklist

    Download the Email Security Checklist tool

    Related Info-Tech Research

    Discover and Classify Your Data
    Leverage this Info-Tech blueprint for guidelines on implementing a data classification program for your organization.

    Develop a Security Awareness and Training Program That Empowers End Users
    Leverage this Info-Tech blueprint for assistance on creating various user training materials and empower your employees to become a main line of defense for your organization.

    Develop and Deploy Security Policies
    Leverage this Info-Tech blueprint for assistance on developing and deploying actionable policies and creating an overall policy management lifecycle to keep your policies current, effective, and compliant.

    Bibliography

    “10 Best Practices for Email Security in 2022.” TitanFile, 22 Sept. 2022. Web.

    “2021 State of the Phish.” Proofpoint, 2021. Web.

    Ahmad, Summra. “11 Email Security Best Practices You Shouldn't Miss (2023).” Mailmunch, 9 Mar. 2023. Web.

    “Blumira's State of Detection and Response.” Blumira, 18 Jan. 2023. Web.

    Clay, Jon. “Email Security Best Practices for Phishing Prevention.” Trend Micro, 17 Nov. 2022. Web.

    Crane, Casey. “6 Email Security Best Practices to Keep Your Business Safe in 2019.” Hashed Out by The SSL Store™, 7 Aug. 2019. Web.

    Hateb, Seif. “Basic Email Security Guide.” Twilio Blog, Twilio, 5 Dec. 2022. Web.

    “How DMARC Advances Email Security.” CIS, 9 July 2021. Web.

    Pal, Suryanarayan. “10 Email Security Best Practices You Should Know in 2023.” Mailmodo, 9 Feb. 2023. Web.

    Pitchkites, Max. “Email Security: A Guide to Keeping Your Inbox Safe in 2023.” Cloudwards, 9 Dec. 2022. Web.

    Rudra, Ahona. “Corporate Email Security Checklist.” PowerDMARC, 4 July 2022. Web.

    “Sender Policy Framework.” Mimecast, n.d. Web.

    Shea, Sharon, and Peter Loshin. “Top 15 Email Security Best Practices for 2023: TechTarget.” TechTarget, 14 Dec. 2022. Web.

    “The Email Security Checklist: Upguard.” UpGuard, 16 Feb. 2022. Web.

    “The State of Email Security 2023.” Mimecast, 2023. Web.

    Wetherald, Harry. “New Product - Stop Employees Emailing the Wrong Attachments.” Tessian, 16 Sept. 2021. Web.

    “What Is DMARC? - Record, Verification & More: Proofpoint Us.” Proofpoint, 9 Mar. 2023. Web.

    “What Is Email Security? - Defining Security of Email: Proofpoint Us.” Proofpoint, 3 Mar.2023. Web.

    Wilton, Laird. “How to Secure Email in Your Business with an Email Security Policy.” Carbide, 31 Jan. 2022. Web.

    Application Portfolio Management

    • Buy Link or Shortcode: {j2store}28|cart{/j2store}
    • Related Products: {j2store}28|crosssells{/j2store}
    • member rating overall impact (scale of 10): 9.1/10
    • member rating average dollars saved: $81,275
    • member rating average days saved: 20
    • Parent Category Name: Applications
    • Parent Category Link: /applications

    The challenge

    • The chances are that you, too, have too many or far too many applications in your organization. You will not be alone. Almost 60% of companies report the same issue. 
    • That is due to poorly managed portfolios.
    • Your application managers now need to support too many non-critical applications, and they spend insufficient time on the vital applications.
    • You can rarely find the required pieces to rationalize your portfolio in one place. You will need to find the resources and build a team.
    • The lack of standard practices to define the value that each application in a portfolio provides to the company causes misalignments.

    Our advice

    Insight

    • There is no silver bullet solution. Going too rigid in your approach causes delays in value realization through application portfolio management. It may even prevent this altogether. Define flexible inputs to your portfolio and align closely with your business goals.

    Impact and results 

    • Define the outputs of your application rationalization effort, with clear roles and responsibilities.
    • Tailor the application rationalization framework (ARF) to your company's motivations, goals, and limitations.
    • Apply various application assessments to build a clear picture of your portfolio.
    • Build an application portfolio roadmap that shows your target state based on your rationalization decisions.

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Get started

    Our concise executive brief shows you why you should rationalize your application portfolio using a tailored framework for your company. We'll show you our methodology and the ways we can help you in handling this.

    Lay the foundations

    Define why you want to rationalize your application portfolio. Define the end state and scope. Build your action plan.

    • Build an Application Rationalization Framework – Phase 1: Lay Your Foundations (ppt)
    • Application Rationalization Tool (xls)

    Plan the application rationalization framework

    Understand what the core assessments are that you perform in these rationalizations. Define your framework and how rigorous you want to apply the reviews based on your business context.

    • Build an Application Rationalization Framework – Phase 2: Plan Your Application Rationalization Framework (ppt)

    Test and adapt your application rationalization framework (ARF)

    Our tool allows you to test the elements of your ARF. Then do a retrospective and adapt based on your experience and desired outcomes. 

    • Build an Application Rationalization Framework – Phase 3: Test and Adapt Your Application Rationalization Framework (ppt)
    • Application TCO Calculator (xls)
    • Value Calculator (xls)

    Initiate your roadmap

    Review your dispositions to ensure they align with your goals. 

    • Build an Application Rationalization Framework – Phase 4: Initiate Your Roadmap (ppt)
    • Disposition Prioritization Tool (xls)

     

    Govern Office 365

    • Buy Link or Shortcode: {j2store}52|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $21,473 Average $ Saved
    • member rating average days saved: 21 Average Days Saved
    • Parent Category Name: End-User Computing Applications
    • Parent Category Link: /end-user-computing-applications

    Exploring the enterprise collaboration marketspace is difficult. The difficulty in finding a suitable collaboration tool is that there are many ways to collaborate, with just as many tools to match.

    Our Advice

    Critical Insight

    Map your organizational goals to the administration features available in the Office 365 console. Your governance should reflect your requirements.

    Impact and Result

    The result is a defined plan for controlling Office 365 by leveraging hard controls to align Microsoft’s toolset with your needs and creating acceptable use policies and communication plans to highlight the impact of the transition to Office 365 on the end-user population.

    Govern Office 365 Research & Tools

    Start here – read the Executive Brief

    Understand the challenges posed by governing Office 365 and the necessity of deploying proper governance.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define your organizational goals

    Develop a list of organizational goals that will enable you to leverage the Office 365 toolset to its fullest extent while also implementing sensible governance.

    • Govern Office 365 – Phase 1: Define Your Organizational Goals

    2. Control your Office 365 environment

    Use Info-Tech's toolset to build out controls for OneDrive, SharePoint, and Teams that align with your organizational goals as they relate to governance.

    • Govern Office 365 – Phase 2: Control Your Office 365 Environment
    • Office 365 Control Map
    • Microsoft Teams Acceptable Use Policy
    • Microsoft SharePoint Online Acceptable Use Policy
    • Microsoft OneDrive Acceptable Use Policy

    3. Communicate your results

    Communicate the results of your Office 365 governance program using Info-Tech's toolset.

    • Govern Office 365 – Phase 3: Communicate Your Results
    • Office 365 Communication Plan Template

    Infographic

    Workshop: Govern Office 365

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Goals

    The Purpose

    Develop a plan to assess the capabilities of the Office 365 solution and select licensing for the product.

    Key Benefits Achieved

    Office 365 capability assessment (right-size licensing)

    Acceptable Use Policies

    Mapped Office 365 controls

    Activities

    1.1 Review organizational goals.

    1.2 Evaluate Office 365 capabilities.

    1.3 Conduct the Office 365 capability assessment.

    1.4 Define user groups.

    1.5 Finalize licensing.

    Outputs

    List of organizational goals

    Targeted licensing decision

    2 Build Refined Governance Priorities

    The Purpose

    Leverage the Office 365 governance framework to develop and refined governance priorities.

    Build a SharePoint acceptable use policy and define SharePoint controls.

    Key Benefits Achieved

    Refined governance priorities

    List of SharePoint controls

    SharePoint acceptable use policy

    Activities

    2.1 Explore the Office 365 Framework.

    2.2 Conduct governance priorities refinement exercise.

    2.3 Populate the Office 365 control map (SharePoint).

    2.4 Build acceptable use policy (SharePoint).

    Outputs

    Refined governance priorities

    SharePoint control map

    Sharepoint acceptable use policy

    3 Control Office 365

    The Purpose

    Implement governance priorities for OneDrive and Teams.

    Key Benefits Achieved

    Clearly defined acceptable use policies for OneDrive and Teams

    List of OneDrive and Teams controls

    Activities

    3.1 Populate the Office 365 Control Map (OneDrive).

    3.2 Build acceptable use policy (OneDrive).

    3.3 Populate the Office 365 Control Map (Teams).

    3.4 Build acceptable use policy (Teams).

    Outputs

    OneDrive controls

    OneDrive acceptable use policy

    Teams controls

    Teams acceptable use policy

    4 SOW Walkthrough

    The Purpose

    Build a plan to communicate coming changes to the productivity environment.

    Key Benefits Achieved

    Communication plan covering SharePoint, Teams, and OneDrive

    Activities

    4.1 Build SharePoint one pager.

    4.2 Build OneDrive one pager.

    4.3 Build Teams one pager.

    4.4 Finalize communication plan.

    Outputs

    SharePoint one pager

    OneDrive one pager

    Teams one pager

    Overall finalized communication plan

    5 Communicate and Implement

    The Purpose

    Finalize deliverables and plan post-workshop communications.

    Key Benefits Achieved

    Completed Office 365 governance plan

    Finalized deliverables

    Activities

    5.1 Completed in-progress deliverables from previous four days.

    5.2 Set up review time for workshop deliverables and to discuss next steps.

    5.3 Validate governance with stakeholders.

    Outputs

    Completed acceptable use policies

    Completed control map

    Completed communication plan

    Completed licensing decision

    IT Risk Management · IT Leadership & Strategy implementation · Operational Management · Service Delivery · Organizational Management · Process Improvements · ITIL, CORM, Agile · Cost Control · Business Process Analysis · Technology Development · Project Implementation · International Coordination · In & Outsourcing · Customer Care · Multilingual: Dutch, English, French, German, Japanese · Entrepreneur
    Tymans Group is a brand by Gert Taeymans BV
    Gert Taeymans bv
    Europe: Koning Albertstraat 136, 2070 Burcht, Belgium — VAT No: BE0685.974.694 — phone: +32 (0) 468.142.754
    USA: 4023 KENNETT PIKE, SUITE 751, GREENVILLE, DE 19807 — Phone: 1-917-473-8669

    Copyright 2017-2022 Gert Taeymans BV